| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2026-01-25 | Avoid double checking if function is hooked | Jakub Onderka | |
| 2024-06-06 | Free allocated memory in early exit | Christian Göttsche | |
| 2023-06-25 | Remove ZEND_HOT | jvoisin | |
| 2023-04-12 | Make readonly_exec play nice on readonly filesystems | jvoisin | |
| 2022-12-10 | Even more changes to accomodate PHP8.2 | jvoisin | |
| 2022-12-09 | Portability improvements for PHP8.2 | jvoisin | |
| 2022-08-21 | Fix sloppy comparison | jvoisin | |
| 2022-07-20 | Merge branch 'master' into pr1 | BeF | |
| 2022-07-14 | Minor refactoring | jvoisin | |
| 2022-07-12 | Refactoring of the previous commit | jvoisin | |
| 2022-07-12 | extended checks for readonly_exec, enabled by default | Ben Fuhrmannek | |
| introduced config options: readonly_exec.extended_checks() or xchecks() readonly_exec.no_extended_checks() or noxchecks() | |||
| 2022-07-12 | allow file:// prefix in include() wich readonly_exec mode | Ben Fuhrmannek | |
| 2022-07-12 | Log `eval` content when matching on its parameter | jvoisin | |
| 2022-06-27 | Dump the eval'ed code | jvoisin | |
| 2022-06-27 | Move compile_file and compile_string to sp_execute.c | jvoisin | |
| 2022-04-19 | extended checks for readonly_exec, enabled by default | Ben Fuhrmannek | |
| introduced config options: readonly_exec.extended_checks() or xchecks() readonly_exec.no_extended_checks() or noxchecks() | |||
| 2022-04-19 | allow file:// prefix in include() wich readonly_exec mode | Ben Fuhrmannek | |
| 2022-01-07 | fixed invalid return value | Ben Fuhrmannek | |
| 2022-01-06 | prevent double checks and fixed segfault on return value access | Ben Fuhrmannek | |
| 2021-12-14 | fix: apply checks to internal function calls, too, so we can match internal ↵ | Ben Fuhrmannek | |
| class methods that are not hooked | |||
| 2021-12-14 | fix: include class name in eval whitelist matching | Ben Fuhrmannek | |
| 2021-11-30 | PHP 8.1 compatibility with streams/includes + fix for ticks | Ben Fuhrmannek | |
| 2021-09-23 | config is stack allocated now + some code improvements (see details) | Ben Fuhrmannek | |
| * for easier memory manegement, the entire sp_config struct was merged into snuffleupagus_globals and allocated on stack where possible * SNUFFLEUPAGUS_G() can be written as SPG(), which is faster to type and easier to read * execution_depth is re-initialized to 0 for each request * function calls with inline string and length parameters consistently use ZEND_STRL instead of sizeof()-1 * execution is actually hooked if recursion protection is enabled * some line breaks were removed to make the code more readable | |||
| 2021-09-15 | implemented execution depth limit | Ben Fuhrmannek | |
| 2021-08-16 | fincy new scanner/parser for config rules + fixed a few bugs along the way + ↵ | Ben Fuhrmannek | |
| fixed related unittests | |||
| 2021-05-09 | Add some guard to prevent hooking recursion | jvoisin | |
| This shouldn't be necessary, but better safe than sorry. | |||
| 2020-11-12 | Simplify a bit a function | jvoisin | |
| 2020-08-16 | Remove a useless line of code | jvoisin | |
| 2020-08-12 | Allow empty configuration (#342) | jvoisin | |
| This commit allows php to run (with a warning) if there is no specified snuffleupagus configuration, instead of refusing to start. | |||
| 2020-07-22 | refactoring sp_log_* (#340) | Giovanni | |
| Co-authored-by: Giovanni Dante Grazioli <giovanni.dantegrazioli@nbs-system.com> | |||
| 2019-06-20 | Fix snufflepagus_globals linking issues and one mac compatibility issue | bef | |
| 2019-02-23 | Try to unify the includes | jvoisin | |
| 2018-10-09 | Don't check the return values of functions that might not return (#255) | jvoisin | |
| This is due to our modifications to the logging system | |||
| 2018-10-06 | Add a missing opcode in sp_execute_ex | jvoisin | |
| 2018-10-06 | Coverage++ | jvoisin | |
| 2018-10-06 | Bump coverage again | jvoisin | |
| 2018-10-06 | Bump coverage again | jvoisin | |
| 2018-10-06 | Bump a bit the coverage | jvoisin | |
| * `setcookie` doesn't always return `true` anymore * clang-format * Cookies with invalid decryption are dropped, but the request isn't anymore * faulty unserialize are now dumpable | |||
| 2018-10-06 | Remove sp_terminate and bump a bit the coverage | jvoisin | |
| 2018-08-30 | Minor code cleanup | xXx-caillou-xXx | |
| 2018-08-30 | Match on ret improvements | xXx-caillou-xXx | |
| This commit does two things: - Implement matching on calltraces for ret - Implement matching on ret of user functions if the return value is not used. | |||
| 2018-08-28 | Fix a SIGSEGV on user-created function's return value | xXx-caillou-xXx | |
| 2018-08-09 | Fix yet an other hang/crash | jvoisin | |
| There are valid reasons for `orig_zend_execute_internal` to be `NULL`, we we're not checking if it is, well, `NULL`. | |||
| 2018-08-09 | Fix a typo in the previous commits | jvoisin | |
| 2018-08-09 | Fix a crash/hang when using fpm's pools | jvoisin | |
| We might have ended up in infinite loops when using php-fpm, if several different process hooked some functions twice. Thanks to @sriccio for reporting the issue | |||
| 2018-07-13 | Yet an other pass of clang-format | jvoisin | |
| 2018-07-13 | Reduce call to get_complete_function_path | xXx-caillou-xXx | |
| 2018-07-13 | Massively optimize how rules are handled | xXx-caillou-xXx | |
| This commit does a lot of things: - Use hashtables instead of lists to store the rules - Rules that can be applied at launch time won't be tried at runtime - Improve feedback when writing nonsensical rules - Make intensive use of `zend_string` instead of `char*` | |||
| 2018-07-09 | Trying to fix sloppy comparison (#186) | jvoisin | |
| * Trying to fix sloppy comparison https://github.com/nbs-system/snuffleupagus/issues/10 by modifying php's opcode | |||
| 2018-03-12 | Bump the changelogv0.2.2 | jvoisin | |
 |
index : snuffleupagus | |
| Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest! |
| summaryrefslogtreecommitdiff |