From 9f5e8d12f05fb24c915a5266a1e908a75c8aed08 Mon Sep 17 00:00:00 2001 From: Thibault "bui" Koechlin Date: Thu, 28 Dec 2017 17:04:06 +0100 Subject: Clang-format pass - `clang-format --style="{BasedOnStyle: google, SortIncludes: false}" -i snuffleu*.c sp_*.c sp_*.h` - Update the documentation accordingly--- CONTRIBUTING.md | 2 +- src/snuffleupagus.c | 91 +++++++++++++++--------------- src/sp_config.c | 61 +++++++++++--------- src/sp_config.h | 13 +++-- src/sp_config_keywords.c | 66 +++++++++++----------- src/sp_config_keywords.h | 8 +-- src/sp_config_utils.c | 14 +++-- src/sp_cookie_encryption.c | 79 ++++++++++++++------------ src/sp_cookie_encryption.h | 3 +- src/sp_disabled_functions.c | 95 +++++++++++++++---------------- src/sp_disabled_functions.h | 5 +- src/sp_execute.c | 68 +++++++++++++---------- src/sp_list.c | 17 +++--- src/sp_list.h | 3 +- src/sp_network_utils.c | 6 +- src/sp_unserialize.c | 33 ++++++----- src/sp_upload_validation.c | 5 +- src/sp_upload_validation.h | 3 +- src/sp_utils.c | 132 +++++++++++++++++++++++--------------------- src/sp_utils.h | 25 +++++---- src/sp_var_parser.c | 102 ++++++++++++++++++---------------- src/sp_var_value.c | 102 +++++++++++++++++----------------- 22 files changed, 496 insertions(+), 437 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 34cfd02..f8e8f37 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -58,7 +58,7 @@ launching it, in order to run the failing test inside GDB. Your patch should follow the same conventions & pass the same code quality checks as the rest of the project. We're using [clang-format](http://clang.llvm.org/docs/ClangFormat.html) to -ensure a consistent code-style. Please run it with `clang-format -style=google` +ensure a consistent code-style. Please run it with `clang-format --style="{BasedOnStyle: google, SortIncludes: false}"` before committing, or even better, use a [pre-commit hook](https://github.com/andrewseidl/githook-clang-format). ### 6. Make a Pull Request diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index b823a87..dd2d941 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c @@ -30,7 +30,7 @@ ZEND_DECLARE_MODULE_GLOBALS(snuffleupagus) PHP_INI_BEGIN() PHP_INI_ENTRY("sp.configuration_file", "", PHP_INI_SYSTEM, - OnUpdateConfiguration) + OnUpdateConfiguration) PHP_INI_END() ZEND_DLEXPORT zend_extension zend_extension_entry = { @@ -41,22 +41,22 @@ ZEND_DLEXPORT zend_extension zend_extension_entry = { PHP_SNUFFLEUPAGUS_COPYRIGHT, sp_zend_startup, NULL, - NULL, /* activate_func_t */ - NULL, /* deactivate_func_t */ - NULL, /* message_handler_func_t */ - sp_op_array_handler,//zend_global_strict, /* op_array_handler_func_t */ - NULL, /* statement_handler_func_t */ - NULL, /* fcall_begin_handler_func_t */ - NULL, /* fcall_end_handler_func_t */ - NULL, /* op_array_ctor_func_t */ - NULL, /* op_array_dtor_func_t */ + NULL, /* activate_func_t */ + NULL, /* deactivate_func_t */ + NULL, /* message_handler_func_t */ + sp_op_array_handler, // zend_global_strict, /* op_array_handler_func_t */ + NULL, /* statement_handler_func_t */ + NULL, /* fcall_begin_handler_func_t */ + NULL, /* fcall_end_handler_func_t */ + NULL, /* op_array_ctor_func_t */ + NULL, /* op_array_dtor_func_t */ STANDARD_ZEND_EXTENSION_PROPERTIES}; PHP_GINIT_FUNCTION(snuffleupagus) { #define SP_INIT(F) F = pecalloc(sizeof(*F), 1, 1); -#define SP_INIT_HT(F) \ - F = pemalloc(sizeof(*F), 1); \ - zend_hash_init(F, 10, NULL, NULL, 1); +#define SP_INIT_HT(F) \ + F = pemalloc(sizeof(*F), 1); \ + zend_hash_init(F, 10, NULL, NULL, 1); SP_INIT_HT(snuffleupagus_globals->disabled_functions_hook); SP_INIT_HT(snuffleupagus_globals->sp_internal_functions_hook); @@ -74,10 +74,14 @@ PHP_GINIT_FUNCTION(snuffleupagus) { SP_INIT(snuffleupagus_globals->config.config_cookie); SP_INIT(snuffleupagus_globals->config.config_disabled_constructs); - snuffleupagus_globals->config.config_disabled_constructs->construct_include = sp_list_new(); - snuffleupagus_globals->config.config_disabled_constructs->construct_eval = sp_list_new(); - snuffleupagus_globals->config.config_disabled_functions->disabled_functions = sp_list_new(); - snuffleupagus_globals->config.config_disabled_functions_ret->disabled_functions = sp_list_new(); + snuffleupagus_globals->config.config_disabled_constructs->construct_include = + sp_list_new(); + snuffleupagus_globals->config.config_disabled_constructs->construct_eval = + sp_list_new(); + snuffleupagus_globals->config.config_disabled_functions->disabled_functions = + sp_list_new(); + snuffleupagus_globals->config.config_disabled_functions_ret + ->disabled_functions = sp_list_new(); snuffleupagus_globals->config.config_cookie->cookies = sp_list_new(); #undef SP_INIT @@ -91,7 +95,7 @@ PHP_MINIT_FUNCTION(snuffleupagus) { } PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { -#define FREE_HT(F) \ +#define FREE_HT(F) \ zend_hash_destroy(SNUFFLEUPAGUS_G(F)); \ pefree(SNUFFLEUPAGUS_G(F), 1); @@ -108,12 +112,12 @@ PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { pefree(SNUFFLEUPAGUS_G(config.config_disable_xxe), 1); pefree(SNUFFLEUPAGUS_G(config.config_upload_validation), 1); -#define FREE_LST_DISABLE(L) \ - do { \ - sp_list_node* _n = SNUFFLEUPAGUS_G(L); \ - sp_disabled_function_list_free(_n); \ - sp_list_free(_n); \ - } while(0) +#define FREE_LST_DISABLE(L) \ + do { \ + sp_list_node *_n = SNUFFLEUPAGUS_G(L); \ + sp_disabled_function_list_free(_n); \ + sp_list_free(_n); \ + } while (0) FREE_LST_DISABLE(config.config_disabled_functions->disabled_functions); FREE_LST_DISABLE(config.config_disabled_functions_ret->disabled_functions); @@ -140,7 +144,7 @@ PHP_RINIT_FUNCTION(snuffleupagus) { if (NULL != SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key) { if (NULL != SNUFFLEUPAGUS_G(config).config_cookie->cookies) { zend_hash_apply_with_arguments( - Z_ARRVAL(PG(http_globals)[TRACK_VARS_COOKIE]), decrypt_cookie, 0); + Z_ARRVAL(PG(http_globals)[TRACK_VARS_COOKIE]), decrypt_cookie, 0); } } return SUCCESS; @@ -152,8 +156,9 @@ PHP_MINFO_FUNCTION(snuffleupagus) { php_info_print_table_start(); php_info_print_table_row(2, "snuffleupagus support", "enabled"); php_info_print_table_row(2, "Version", PHP_SNUFFLEUPAGUS_VERSION); - php_info_print_table_row(2, "Valid config", - (SNUFFLEUPAGUS_G(is_config_valid) == true)?"yes":"no"); + php_info_print_table_row( + 2, "Valid config", + (SNUFFLEUPAGUS_G(is_config_valid) == true) ? "yes" : "no"); php_info_print_table_end(); DISPLAY_INI_ENTRIES(); } @@ -169,7 +174,7 @@ static PHP_INI_MH(OnUpdateConfiguration) { config_file = strtok(new_value->val, ","); if (sp_parse_config(config_file) != SUCCESS) { - SNUFFLEUPAGUS_G(is_config_valid) = false; + SNUFFLEUPAGUS_G(is_config_valid) = false; return FAILURE; } while ((config_file = strtok(NULL, ","))) { @@ -214,21 +219,21 @@ static PHP_INI_MH(OnUpdateConfiguration) { const zend_function_entry snuffleupagus_functions[] = {PHP_FE_END}; -zend_module_entry snuffleupagus_module_entry = - {STANDARD_MODULE_HEADER, - PHP_SNUFFLEUPAGUS_EXTNAME, - snuffleupagus_functions, - PHP_MINIT(snuffleupagus), - PHP_MSHUTDOWN(snuffleupagus), - PHP_RINIT(snuffleupagus), - PHP_RSHUTDOWN(snuffleupagus), - PHP_MINFO(snuffleupagus), - PHP_SNUFFLEUPAGUS_VERSION, - PHP_MODULE_GLOBALS(snuffleupagus), - PHP_GINIT(snuffleupagus), - NULL, - NULL, - STANDARD_MODULE_PROPERTIES_EX}; +zend_module_entry snuffleupagus_module_entry = { + STANDARD_MODULE_HEADER, + PHP_SNUFFLEUPAGUS_EXTNAME, + snuffleupagus_functions, + PHP_MINIT(snuffleupagus), + PHP_MSHUTDOWN(snuffleupagus), + PHP_RINIT(snuffleupagus), + PHP_RSHUTDOWN(snuffleupagus), + PHP_MINFO(snuffleupagus), + PHP_SNUFFLEUPAGUS_VERSION, + PHP_MODULE_GLOBALS(snuffleupagus), + PHP_GINIT(snuffleupagus), + NULL, + NULL, + STANDARD_MODULE_PROPERTIES_EX}; #ifdef COMPILE_DL_SNUFFLEUPAGUS #ifdef ZTS diff --git a/src/sp_config.c b/src/sp_config.c index f1c7b65..aeadd9d 100644 --- a/src/sp_config.c +++ b/src/sp_config.c @@ -35,7 +35,8 @@ static int parse_line(char *line) { } if (strncmp(ptr, SP_TOKEN_BASE, strlen(SP_TOKEN_BASE))) { - sp_log_err("config", "Invalid configuration prefix for '%s' on line %zu.", line, sp_line_no); + sp_log_err("config", "Invalid configuration prefix for '%s' on line %zu.", + line, sp_line_no); return -1; } ptr += strlen(SP_TOKEN_BASE); @@ -45,7 +46,8 @@ static int parse_line(char *line) { return sp_func[i].func(ptr + strlen(sp_func[i].token)); } } - sp_log_err("config", "Invalid configuration section '%s' on line %zu.", line, sp_line_no); + sp_log_err("config", "Invalid configuration section '%s' on line %zu.", line, + sp_line_no); return -1; } @@ -60,32 +62,35 @@ int parse_php_type(char *restrict line, char *restrict keyword, void *retval) { char *value = get_param(&consumed, line, SP_TYPE_STR, keyword); if (value) { if (0 == strcasecmp("undef", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_UNDEF; + *(sp_php_type *)retval = SP_PHP_TYPE_UNDEF; } else if (0 == strcasecmp("null", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_NULL; + *(sp_php_type *)retval = SP_PHP_TYPE_NULL; } else if (0 == strcasecmp("true", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_TRUE; + *(sp_php_type *)retval = SP_PHP_TYPE_TRUE; } else if (0 == strcasecmp("false", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_FALSE; + *(sp_php_type *)retval = SP_PHP_TYPE_FALSE; } else if (0 == strcasecmp("long", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_LONG; + *(sp_php_type *)retval = SP_PHP_TYPE_LONG; } else if (0 == strcasecmp("double", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_DOUBLE; + *(sp_php_type *)retval = SP_PHP_TYPE_DOUBLE; } else if (0 == strcasecmp("string", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_STRING; + *(sp_php_type *)retval = SP_PHP_TYPE_STRING; } else if (0 == strcasecmp("array", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_ARRAY; - } else if (0 == strcasecmp("object", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_OBJECT; + *(sp_php_type *)retval = SP_PHP_TYPE_ARRAY; + } else if (0 == strcasecmp("object", value)) { + *(sp_php_type *)retval = SP_PHP_TYPE_OBJECT; } else if (0 == strcasecmp("resource", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_RESOURCE; + *(sp_php_type *)retval = SP_PHP_TYPE_RESOURCE; } else if (0 == strcasecmp("reference", value)) { - *(sp_php_type*)retval = SP_PHP_TYPE_REFERENCE; + *(sp_php_type *)retval = SP_PHP_TYPE_REFERENCE; } else { pefree(value, 1); - sp_log_err("error", "%s) is expecting a valid php type ('false', 'true'," - " 'array'. 'object', 'long', 'double', 'null', 'resource', 'reference'," - " 'undef') on line %zu.", keyword, sp_line_no); + sp_log_err("error", + "%s) is expecting a valid php type ('false', 'true'," + " 'array'. 'object', 'long', 'double', 'null', 'resource', " + "'reference'," + " 'undef') on line %zu.", + keyword, sp_line_no); return -1; } pefree(value, 1); @@ -119,7 +124,8 @@ int parse_cidr(char *restrict line, char *restrict keyword, void *retval) { *(sp_cidr **)retval = cidr; return consumed; } else { - sp_log_err("config", "%s doesn't contain a valid cidr on line %zu.", line, sp_line_no); + sp_log_err("config", "%s doesn't contain a valid cidr on line %zu.", line, + sp_line_no); return -1; } } @@ -135,9 +141,10 @@ int parse_regexp(char *restrict line, char *restrict keyword, void *retval) { const char *pcre_error; int pcre_error_offset; pcre *compiled_re = sp_pcre_compile(value, PCRE_CASELESS, &pcre_error, - &pcre_error_offset, NULL); + &pcre_error_offset, NULL); if (NULL == compiled_re) { - sp_log_err("config", "Failed to compile '%s': %s on line %zu.", value, pcre_error, sp_line_no); + sp_log_err("config", "Failed to compile '%s': %s on line %zu.", value, + pcre_error, sp_line_no); } else { *(pcre **)retval = compiled_re; return consumed; @@ -147,7 +154,8 @@ int parse_regexp(char *restrict line, char *restrict keyword, void *retval) { if (NULL != closing_paren) { closing_paren[0] = '\0'; } - sp_log_err("config", "'%s)' is expecting a valid regexp, and not '%s' on line %zu.", + sp_log_err("config", + "'%s)' is expecting a valid regexp, and not '%s' on line %zu.", keyword, line, sp_line_no); return -1; } @@ -183,12 +191,11 @@ int sp_parse_config(const char *conf_file) { return SUCCESS; } -void sp_disabled_function_list_free(sp_list_node* list) { - sp_list_node* cursor = list; - while(cursor) { - sp_disabled_function* df = cursor->data; - if (df && df->functions_list) - sp_list_free(df->functions_list); +void sp_disabled_function_list_free(sp_list_node *list) { + sp_list_node *cursor = list; + while (cursor) { + sp_disabled_function *df = cursor->data; + if (df && df->functions_list) sp_list_free(df->functions_list); if (df) { sp_tree_free(df->param); sp_tree_free(df->var); diff --git a/src/sp_config.h b/src/sp_config.h index aca9ff6..2417cf9 100644 --- a/src/sp_config.h +++ b/src/sp_config.h @@ -43,8 +43,8 @@ typedef struct { } sp_config_global; typedef struct { - bool enable; - bool simulation; + bool enable; + bool simulation; } sp_config_readonly_exec; typedef struct { bool enable; } sp_config_global_strict; @@ -56,7 +56,7 @@ typedef struct { bool enable; } sp_config_auto_cookie_secure; typedef struct { bool enable; } sp_config_disable_xxe; typedef struct { - enum samesite_type {strict=1, lax=2} samesite; + enum samesite_type { strict = 1, lax = 2 } samesite; bool encrypt; char *name; pcre *name_r; @@ -116,11 +116,12 @@ typedef struct { } sp_config_disabled_functions; typedef struct { - sp_list_node *cookies; //list of sp_cookie for regexp/names + sp_list_node *cookies; // list of sp_cookie for regexp/names } sp_config_cookie; typedef struct { - sp_list_node *construct_include; // list of rules for `(include|require)_(once)?` + sp_list_node + *construct_include; // list of rules for `(include|require)_(once)?` sp_list_node *construct_eval; sp_list_node *construct_echo; } sp_config_disabled_constructs; @@ -231,6 +232,6 @@ int parse_cidr(char *restrict, char *restrict, void *); int parse_php_type(char *restrict, char *restrict, void *); // cleanup -void sp_disabled_function_list_free(sp_list_node*); +void sp_disabled_function_list_free(sp_list_node *); #endif /* SP_CONFIG_H */ diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c index b3e71fe..998b692 100644 --- a/src/sp_config_keywords.c +++ b/src/sp_config_keywords.c @@ -108,12 +108,12 @@ int parse_cookie(char *line) { sp_cookie *cookie = pecalloc(sizeof(sp_cookie), 1, 1); sp_config_functions sp_config_funcs_cookie_encryption[] = { - {parse_str, SP_TOKEN_NAME, &(cookie->name)}, - {parse_regexp, SP_TOKEN_NAME_REGEXP, &(cookie->name_r)}, - {parse_str, SP_TOKEN_SAMESITE, &samesite}, - {parse_empty, SP_TOKEN_ENCRYPT, &cookie->encrypt}, - {parse_empty, SP_TOKEN_SIMULATION, &cookie->simulation}, - {0}}; + {parse_str, SP_TOKEN_NAME, &(cookie->name)}, + {parse_regexp, SP_TOKEN_NAME_REGEXP, &(cookie->name_r)}, + {parse_str, SP_TOKEN_SAMESITE, &samesite}, + {parse_empty, SP_TOKEN_ENCRYPT, &cookie->encrypt}, + {parse_empty, SP_TOKEN_SIMULATION, &cookie->simulation}, + {0}}; ret = parse_keywords(sp_config_funcs_cookie_encryption, line); if (0 != ret) { @@ -122,18 +122,21 @@ int parse_cookie(char *line) { if (cookie->encrypt) { if (0 == (SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var)) { - sp_log_err("config", - "You're trying to use the cookie encryption feature" - "on line %zu without having set the `.cookie_env_var` option in" - "`sp.global`: please set it first.", + sp_log_err( + "config", + "You're trying to use the cookie encryption feature" + "on line %zu without having set the `.cookie_env_var` option in" + "`sp.global`: please set it first.", sp_line_no); return -1; - } else if (0 == (SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key)) { - sp_log_err("config", - "You're trying to use the cookie encryption feature" - "on line %zu without having set the `.encryption_key` option in" - "`sp.global`: please set it first.", - sp_line_no); + } else if (0 == + (SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key)) { + sp_log_err( + "config", + "You're trying to use the cookie encryption feature" + "on line %zu without having set the `.encryption_key` option in" + "`sp.global`: please set it first.", + sp_line_no); return -1; } } else if (!samesite) { @@ -163,16 +166,16 @@ int parse_cookie(char *line) { } else if (0 == strcasecmp(samesite, SP_TOKEN_SAMESITE_STRICT)) { cookie->samesite = strict; } else { - sp_log_err("config", - "%s is an invalid value to samesite (expected %s or %s) on line " - "%zu.", - samesite, SP_TOKEN_SAMESITE_LAX, SP_TOKEN_SAMESITE_STRICT, - sp_line_no); + sp_log_err( + "config", + "%s is an invalid value to samesite (expected %s or %s) on line " + "%zu.", + samesite, SP_TOKEN_SAMESITE_LAX, SP_TOKEN_SAMESITE_STRICT, + sp_line_no); return -1; } } - sp_list_insert(SNUFFLEUPAGUS_G(config).config_cookie->cookies, - cookie); + sp_list_insert(SNUFFLEUPAGUS_G(config).config_cookie->cookies, cookie); return SUCCESS; } @@ -235,8 +238,8 @@ int parse_disabled_functions(char *line) { MUTUALLY_EXCLUSIVE(df->key, df->r_key, "r_key", "key"); #undef MUTUALLY_EXCLUSIVE - if (1 < ((df->r_param ? 1 : 0) + (param ? 1 : 0) + - ((-1 != df->pos) ? 1 : 0))) { + if (1 < + ((df->r_param ? 1 : 0) + (param ? 1 : 0) + ((-1 != df->pos) ? 1 : 0))) { sp_log_err( "config", "Invalid configuration line: 'sp.disabled_functions%s':" @@ -306,8 +309,8 @@ int parse_disabled_functions(char *line) { if (param) { df->param = parse_var(param); if (!df->param) { - sp_log_err("config", "Invalid value '%s' for `param` on line %zu.", - param, sp_line_no); + sp_log_err("config", "Invalid value '%s' for `param` on line %zu.", param, + sp_line_no); return -1; } } @@ -316,13 +319,12 @@ int parse_disabled_functions(char *line) { if (*var) { df->var = parse_var(var); if (!df->var) { - sp_log_err("config", "Invalid value '%s' for `var` on line %zu.", - var, sp_line_no); - return -1; + sp_log_err("config", "Invalid value '%s' for `var` on line %zu.", var, + sp_line_no); + return -1; } } else { - sp_log_err("config", "Empty value in `var` on line %zu.", - sp_line_no); + sp_log_err("config", "Empty value in `var` on line %zu.", sp_line_no); return -1; } } diff --git a/src/sp_config_keywords.h b/src/sp_config_keywords.h index fdea1c5..8286997 100644 --- a/src/sp_config_keywords.h +++ b/src/sp_config_keywords.h @@ -6,11 +6,11 @@ int parse_random(char *line); int parse_disable_xxe(char *line); int parse_auto_cookie_secure(char *line); int parse_global_strict(char *line); -int parse_global(char *line) ; +int parse_global(char *line); int parse_cookie(char *line); -int parse_unserialize(char *line) ; +int parse_unserialize(char *line); int parse_readonly_exec(char *line); -int parse_disabled_functions(char *line) ; +int parse_disabled_functions(char *line); int parse_upload_validation(char *line); -#endif // __SP_CONFIG_KEYWORDS_H +#endif // __SP_CONFIG_KEYWORDS_H diff --git a/src/sp_config_utils.c b/src/sp_config_utils.c index bf558d4..20d4d79 100644 --- a/src/sp_config_utils.c +++ b/src/sp_config_utils.c @@ -26,14 +26,14 @@ int parse_keywords(sp_config_functions *funcs, char *line) { if (*line) { sp_log_err("config", "Trailing chars '%s' at the end of '%s' on line %zu.", - line, original_line, sp_line_no); + line, original_line, sp_line_no); return -1; } return 0; } char *get_param(size_t *consumed, char *restrict line, sp_type type, - const char *restrict keyword) { + const char *restrict keyword) { enum { IN_ESCAPE, NONE } state = NONE; char *original_line = line; size_t j = 0; @@ -86,10 +86,12 @@ char *get_param(size_t *consumed, char *restrict line, sp_type type, } err: if (0 == j) { - sp_log_err("error", "A valid string as parameter is expected on line %zu.", sp_line_no); + sp_log_err("error", "A valid string as parameter is expected on line %zu.", + sp_line_no); } else { sp_log_err("error", - "There is an issue with the parsing of '%s': it doesn't look like a valid string on line %zu.", + "There is an issue with the parsing of '%s': it doesn't look " + "like a valid string on line %zu.", original_line ? original_line : "NULL", sp_line_no); } line = NULL; @@ -104,8 +106,8 @@ zend_always_inline sp_list_node *parse_functions_list(char *value) { } sp_list_node *list = sp_list_new(); - char* tmp = strdup(value); - char* function_name; + char *tmp = strdup(value); + char *function_name; char *next_token = tmp; while ((function_name = strtok_r(NULL, sep, &next_token))) { sp_list_prepend(list, strdup(function_name)); diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c index 4e9818f..6abc20a 100644 --- a/src/sp_cookie_encryption.c +++ b/src/sp_cookie_encryption.c @@ -10,12 +10,12 @@ static inline void generate_key(unsigned char *key) { PHP_SHA256_CTX ctx; const char *user_agent = getenv("HTTP_USER_AGENT"); const char *env_var = - getenv(SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var); + getenv(SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var); const char *encryption_key = SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key; - assert(32 == crypto_secretbox_KEYBYTES); // 32 is the size of a SHA256. - assert(encryption_key); // Encryption key can't be NULL + assert(32 == crypto_secretbox_KEYBYTES); // 32 is the size of a SHA256. + assert(encryption_key); // Encryption key can't be NULL PHP_SHA256Init(&ctx); @@ -24,11 +24,12 @@ static inline void generate_key(unsigned char *key) { } if (env_var) { - PHP_SHA256Update(&ctx, (unsigned char*)env_var, strlen(env_var)); + PHP_SHA256Update(&ctx, (unsigned char *)env_var, strlen(env_var)); } else { - sp_log_err("cookie_encryption", "The environment variable '%s'" - "is empty, cookies are weakly encrypted.", - SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var); + sp_log_err("cookie_encryption", + "The environment variable '%s'" + "is empty, cookies are weakly encrypted.", + SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var); } if (encryption_key) { @@ -41,9 +42,9 @@ static inline void generate_key(unsigned char *key) { static inline const sp_cookie *sp_lookup_cookie_config(const char *key) { sp_list_node *it = SNUFFLEUPAGUS_G(config).config_cookie->cookies; - + while (it) { - const sp_cookie *config = it->data; + const sp_cookie *config = it->data; if (config && sp_match_value(key, config->name, config->name_r)) { return config; } @@ -60,7 +61,7 @@ int decrypt_cookie(zval *pDest, int num_args, va_list args, unsigned char *decrypted; const sp_cookie *cookie = sp_lookup_cookie_config(ZSTR_VAL(hash_key->key)); int ret = 0; - + /* If the cookie isn't in the conf, it shouldn't be encrypted. */ if (!cookie || !cookie->encrypt) { return ZEND_HASH_APPLY_KEEP; @@ -72,18 +73,20 @@ int decrypt_cookie(zval *pDest, int num_args, va_list args, } debase64 = php_base64_decode((unsigned char *)(Z_STRVAL_P(pDest)), - Z_STRLEN_P(pDest)); + Z_STRLEN_P(pDest)); if (ZSTR_LEN(debase64) < crypto_secretbox_NONCEBYTES + crypto_secretbox_ZEROBYTES) { if (true == cookie->simulation) { - sp_log_msg("cookie_encryption", SP_LOG_SIMULATION, + sp_log_msg( + "cookie_encryption", SP_LOG_SIMULATION, "Buffer underflow tentative detected in cookie encryption handling " - "for %s. Using the cookie 'as it' instead of decrypting it.", - ZSTR_VAL(hash_key->key)); + "for %s. Using the cookie 'as it' instead of decrypting it.", + ZSTR_VAL(hash_key->key)); return ZEND_HASH_APPLY_KEEP; } else { - sp_log_msg("cookie_encryption", SP_LOG_DROP, + sp_log_msg( + "cookie_encryption", SP_LOG_DROP, "Buffer underflow tentative detected in cookie encryption handling."); return ZEND_HASH_APPLY_REMOVE; } @@ -101,14 +104,16 @@ int decrypt_cookie(zval *pDest, int num_args, va_list args, if (-1 == ret) { if (true == cookie->simulation) { - sp_log_msg("cookie_encryption", SP_LOG_SIMULATION, - "Something went wrong with the decryption of %s. Using the cookie " - "'as it' instead of decrypting it", ZSTR_VAL(hash_key->key)); + sp_log_msg( + "cookie_encryption", SP_LOG_SIMULATION, + "Something went wrong with the decryption of %s. Using the cookie " + "'as it' instead of decrypting it", + ZSTR_VAL(hash_key->key)); return ZEND_HASH_APPLY_KEEP; } else { sp_log_msg("cookie_encryption", SP_LOG_DROP, - "Something went wrong with the decryption of %s.", - ZSTR_VAL(hash_key->key)); + "Something went wrong with the decryption of %s.", + ZSTR_VAL(hash_key->key)); return ZEND_HASH_APPLY_REMOVE; } } @@ -127,7 +132,8 @@ int decrypt_cookie(zval *pDest, int num_args, va_list args, */ static zend_string *encrypt_data(char *data, unsigned long long data_len) { const size_t encrypted_msg_len = crypto_secretbox_ZEROBYTES + data_len + 1; - const size_t emsg_and_nonce_len = encrypted_msg_len + crypto_secretbox_NONCEBYTES; + const size_t emsg_and_nonce_len = + encrypted_msg_len + crypto_secretbox_NONCEBYTES; unsigned char key[crypto_secretbox_KEYBYTES] = {0}; unsigned char nonce[crypto_secretbox_NONCEBYTES] = {0}; @@ -149,7 +155,7 @@ static zend_string *encrypt_data(char *data, unsigned long long data_len) { } } nonce_d++; - sscanf((char*)nonce, "%ld", &nonce_d); + sscanf((char *)nonce, "%ld", &nonce_d); memcpy(encrypted_data, nonce, crypto_secretbox_NONCEBYTES); crypto_secretbox(encrypted_data + crypto_secretbox_NONCEBYTES, @@ -161,15 +167,15 @@ static zend_string *encrypt_data(char *data, unsigned long long data_len) { } PHP_FUNCTION(sp_setcookie) { - zval params[7] = { 0 }; - zend_string *name = NULL, *value = NULL, *path = NULL, *domain = NULL, *samesite = NULL; + zval params[7] = {0}; + zend_string *name = NULL, *value = NULL, *path = NULL, *domain = NULL, + *samesite = NULL; zend_long expires = 0; zend_bool secure = 0, httponly = 0; const sp_cookie *cookie_node = NULL; zval func_name; char *cookie_samesite; - // LCOV_EXCL_BR_START ZEND_PARSE_PARAMETERS_START(1, 7) Z_PARAM_STR(name) @@ -197,7 +203,7 @@ PHP_FUNCTION(sp_setcookie) { /* lookup existing configuration for said cookie */ cookie_node = sp_lookup_cookie_config(ZSTR_VAL(name)); - + /* If the cookie's value is encrypted, it won't be usable by * javascript anyway. */ @@ -233,12 +239,15 @@ PHP_FUNCTION(sp_setcookie) { if (!path) { path = zend_string_init("", 0, 0); } - cookie_samesite = (cookie_node->samesite == lax) ? SAMESITE_COOKIE_FORMAT SP_TOKEN_SAMESITE_LAX - : SAMESITE_COOKIE_FORMAT SP_TOKEN_SAMESITE_STRICT; + cookie_samesite = (cookie_node->samesite == lax) + ? SAMESITE_COOKIE_FORMAT SP_TOKEN_SAMESITE_LAX + : SAMESITE_COOKIE_FORMAT SP_TOKEN_SAMESITE_STRICT; /* Concatenating everything, as is in PHP internals */ samesite = zend_string_init(ZSTR_VAL(path), ZSTR_LEN(path), 0); - samesite = zend_string_extend(samesite, ZSTR_LEN(path) + strlen(cookie_samesite) + 1, 0); - memcpy(ZSTR_VAL(samesite) + ZSTR_LEN(path), cookie_samesite, strlen(cookie_samesite) + 1); + samesite = zend_string_extend( + samesite, ZSTR_LEN(path) + strlen(cookie_samesite) + 1, 0); + memcpy(ZSTR_VAL(samesite) + ZSTR_LEN(path), cookie_samesite, + strlen(cookie_samesite) + 1); ZVAL_STR_COPY(¶ms[3], samesite); } else if (path) { ZVAL_STR_COPY(¶ms[3], path); @@ -250,20 +259,22 @@ PHP_FUNCTION(sp_setcookie) { This is why were replacing our hook with the original function, calling the function, and then re-hooking it. */ void (*handler)(INTERNAL_FUNCTION_PARAMETERS); - handler = zend_hash_str_find_ptr(SNUFFLEUPAGUS_G(sp_internal_functions_hook), "setcookie", - strlen("setcookie")); + handler = zend_hash_str_find_ptr(SNUFFLEUPAGUS_G(sp_internal_functions_hook), + "setcookie", strlen("setcookie")); zend_internal_function *func = zend_hash_str_find_ptr( CG(function_table), "setcookie", strlen("setcookie")); func->handler = handler; - call_user_function(CG(function_table), NULL, &func_name, return_value, 7, params); + call_user_function(CG(function_table), NULL, &func_name, return_value, 7, + params); func->handler = PHP_FN(sp_setcookie); RETURN_TRUE; } int hook_cookies() { - HOOK_FUNCTION("setcookie", sp_internal_functions_hook, PHP_FN(sp_setcookie), false); + HOOK_FUNCTION("setcookie", sp_internal_functions_hook, PHP_FN(sp_setcookie), + false); return SUCCESS; } diff --git a/src/sp_cookie_encryption.h b/src/sp_cookie_encryption.h index 889a89c..6d204bb 100644 --- a/src/sp_cookie_encryption.h +++ b/src/sp_cookie_encryption.h @@ -14,6 +14,7 @@ #define SAMESITE_COOKIE_FORMAT "; samesite=" int hook_cookies(); -int decrypt_cookie(zval *pDest, int num_args, va_list args, zend_hash_key *hash_key); +int decrypt_cookie(zval *pDest, int num_args, va_list args, + zend_hash_key *hash_key); #endif /* __SP_COOKIE_ENCRYPTION */ diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c index 9736d2b..9382b09 100644 --- a/src/sp_disabled_functions.c +++ b/src/sp_disabled_functions.c @@ -64,25 +64,25 @@ end: static bool is_local_var_matching( zend_execute_data* execute_data, const sp_disabled_function* const config_node) { - zval *var_value; + zval* var_value; var_value = get_value(execute_data, config_node->var, false); if (var_value) { - char *var_value_str = sp_convert_to_string(var_value); + char* var_value_str = sp_convert_to_string(var_value); if (Z_TYPE_P(var_value) == IS_ARRAY) { if (config_node->key || config_node->r_key) { - if (sp_match_array_key(var_value, config_node->key, - config_node->r_key)) { - efree(var_value_str); - return true; - } + if (sp_match_array_key(var_value, config_node->key, + config_node->r_key)) { + efree(var_value_str); + return true; + } } else if (sp_match_array_value(var_value, config_node->value, - config_node->value_r)) { - efree(var_value_str); - return true; + config_node->value_r)) { + efree(var_value_str); + return true; } } else if (sp_match_value(var_value_str, config_node->value, - config_node->value_r)) { + config_node->value_r)) { efree(var_value_str); return true; } @@ -115,7 +115,7 @@ static bool is_param_matching(zend_execute_data* execute_data, const char** arg_value_str) { int nb_param = execute_data->func->common.num_args; int i = 0; - zval *arg_value; + zval* arg_value; if (config_node->pos != -1) { if (config_node->pos <= nb_param) { @@ -150,8 +150,9 @@ static bool is_param_matching(zend_execute_data* execute_data, } else { *arg_name = execute_data->func->internal_function.arg_info[i].name; } - const bool pcre_matching = config_node->r_param - && (true == is_regexp_matching(config_node->r_param, *arg_name)); + const bool pcre_matching = + config_node->r_param && + (true == is_regexp_matching(config_node->r_param, *arg_name)); /* This is the parameter name we're looking for. */ if (true == pcre_matching || config_node->pos != -1) { @@ -159,23 +160,23 @@ static bool is_param_matching(zend_execute_data* execute_data, if (config_node->param_type) { // Are we matching on the `type`? if (config_node->param_type == Z_TYPE_P(arg_value)) { - return true; - } - } else if (Z_TYPE_P(arg_value) == IS_ARRAY) { - *arg_value_str = sp_convert_to_string(arg_value); - if (config_node->key || config_node->r_key) { - if (sp_match_array_key(arg_value, config_node->key, - config_node->r_key)) { - return true; - } - } else if (sp_match_array_value(arg_value, config_node->value, - config_node->value_r)) { - return true; - } - } else { - *arg_value_str = sp_convert_to_string(arg_value); - if (sp_match_value(*arg_value_str, config_node->value, - config_node->value_r)) { + return true; + } + } else if (Z_TYPE_P(arg_value) == IS_ARRAY) { + *arg_value_str = sp_convert_to_string(arg_value); + if (config_node->key || config_node->r_key) { + if (sp_match_array_key(arg_value, config_node->key, + config_node->r_key)) { + return true; + } + } else if (sp_match_array_value(arg_value, config_node->value, + config_node->value_r)) { + return true; + } + } else { + *arg_value_str = sp_convert_to_string(arg_value); + if (sp_match_value(*arg_value_str, config_node->value, + config_node->value_r)) { return true; } } @@ -188,23 +189,23 @@ static bool is_param_matching(zend_execute_data* execute_data, if (arg_value) { *arg_value_str = sp_convert_to_string(arg_value); if (config_node->param_type) { // Are we matching on the `type`? - if (config_node->param_type - && config_node->param_type == Z_TYPE_P(arg_value)) { - return true; - } + if (config_node->param_type && + config_node->param_type == Z_TYPE_P(arg_value)) { + return true; + } } else if (Z_TYPE_P(arg_value) == IS_ARRAY) { - if (config_node->key || config_node->r_key) { - if (sp_match_array_key(arg_value, config_node->key, - config_node->r_key)) { - return true; - } - } else if (sp_match_array_value(arg_value, config_node->value, - config_node->value_r)) { - return true; - } + if (config_node->key || config_node->r_key) { + if (sp_match_array_key(arg_value, config_node->key, + config_node->r_key)) { + return true; + } + } else if (sp_match_array_value(arg_value, config_node->value, + config_node->value_r)) { + return true; + } } else if (sp_match_value(*arg_value_str, config_node->value, - config_node->value_r)) { - return true; + config_node->value_r)) { + return true; } } } @@ -340,7 +341,7 @@ allow: } bool should_drop_on_ret(zval* return_value, - const zend_execute_data* const execute_data) { + const zend_execute_data* const execute_data) { const sp_list_node* config = SNUFFLEUPAGUS_G(config).config_disabled_functions_ret->disabled_functions; char* complete_path_function = get_complete_function_path(execute_data); diff --git a/src/sp_disabled_functions.h b/src/sp_disabled_functions.h index e43afe8..f80c9c2 100644 --- a/src/sp_disabled_functions.h +++ b/src/sp_disabled_functions.h @@ -2,7 +2,8 @@ #define __SP_DISABLE_FUNCTIONS_H int hook_disabled_functions(); -bool should_disable(zend_execute_data*, const char *, const char *, const char *); -bool should_drop_on_ret(zval*, const zend_execute_data* const); +bool should_disable(zend_execute_data *, const char *, const char *, + const char *); +bool should_drop_on_ret(zval *, const zend_execute_data *const); #endif /* __SP_DISABLE_FUNCTIONS_H */ diff --git a/src/sp_execute.c b/src/sp_execute.c index a541bfb..7dd0798 100644 --- a/src/sp_execute.c +++ b/src/sp_execute.c @@ -7,34 +7,37 @@ ZEND_DECLARE_MODULE_GLOBALS(snuffleupagus) static void (*orig_execute_ex)(zend_execute_data *execute_data); static int (*orig_zend_stream_open)(const char *filename, - zend_file_handle *handle); + zend_file_handle *handle); // FIXME handle symlink ZEND_COLD static inline void terminate_if_writable(const char *filename) { if (0 == access(filename, W_OK)) { if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->simulation) { sp_log_msg("readonly_exec", SP_LOG_SIMULATION, - "Attempted execution of a writable file (%s).", filename); + "Attempted execution of a writable file (%s).", filename); } else { sp_log_msg("readonly_exec", SP_LOG_DROP, - "Attempted execution of a writable file (%s).", filename); + "Attempted execution of a writable file (%s).", filename); sp_terminate(); } } else { if (EACCES != errno) { sp_log_err("Writable execution", "Error while accessing %s: %s", filename, - strerror(errno)); + strerror(errno)); } } } -static void is_builtin_matching(const char * restrict const filename, - char* restrict function_name, char* restrict param_name, sp_list_node *config) { +static void is_builtin_matching(const char *restrict const filename, + char *restrict function_name, + char *restrict param_name, + sp_list_node *config) { if (!config || !config->data) { return; } - if (true == should_disable(EG(current_execute_data), function_name, filename, param_name)) { + if (true == should_disable(EG(current_execute_data), function_name, filename, + param_name)) { sp_terminate(); } } @@ -63,9 +66,10 @@ static void sp_execute_ex(zend_execute_data *execute_data) { if (true == should_disable(execute_data, NULL, NULL, NULL)) { sp_terminate(); } - + if (execute_data->func->op_array.type == ZEND_EVAL_CODE) { - sp_list_node* config = SNUFFLEUPAGUS_G(config).config_disabled_constructs->construct_eval; + sp_list_node *config = + SNUFFLEUPAGUS_G(config).config_disabled_constructs->construct_eval; char *filename = get_eval_filename((char *)zend_get_executed_filename()); is_builtin_matching(filename, "eval", NULL, config); efree(filename); @@ -85,36 +89,40 @@ static void sp_execute_ex(zend_execute_data *execute_data) { } static int sp_stream_open(const char *filename, zend_file_handle *handle) { - zend_execute_data const * const data = EG(current_execute_data); + zend_execute_data const *const data = EG(current_execute_data); - if ((NULL == data) || (NULL == data->opline) || (data->func->type != ZEND_USER_FUNCTION)) { + if ((NULL == data) || (NULL == data->opline) || + (data->func->type != ZEND_USER_FUNCTION)) { goto end; } - switch(data->opline->opcode) { + switch (data->opline->opcode) { case ZEND_INCLUDE_OR_EVAL: if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) { terminate_if_writable(filename); } - sp_list_node* config = SNUFFLEUPAGUS_G(config).config_disabled_constructs->construct_include; + sp_list_node *config = + SNUFFLEUPAGUS_G(config).config_disabled_constructs->construct_include; switch (data->opline->extended_value) { - case ZEND_INCLUDE: - is_builtin_matching(filename, "include", "inclusion path", config); - break; - case ZEND_REQUIRE: - is_builtin_matching(filename, "require", "inclusion path", config); - break; - case ZEND_REQUIRE_ONCE: - is_builtin_matching(filename, "require_once", "inclusion path", config); - break; - case ZEND_INCLUDE_ONCE: - is_builtin_matching(filename, "include_once", "inclusion path", config); - break; - case ZEND_EVAL: - is_builtin_matching(filename, "eval", NULL, config); - break; - default: - break; + case ZEND_INCLUDE: + is_builtin_matching(filename, "include", "inclusion path", config); + break; + case ZEND_REQUIRE: + is_builtin_matching(filename, "require", "inclusion path", config); + break; + case ZEND_REQUIRE_ONCE: + is_builtin_matching(filename, "require_once", "inclusion path", + config); + break; + case ZEND_INCLUDE_ONCE: + is_builtin_matching(filename, "include_once", "inclusion path", + config); + break; + case ZEND_EVAL: + is_builtin_matching(filename, "eval", NULL, config); + break; + default: + break; } } diff --git a/src/sp_list.c b/src/sp_list.c index 2a9d680..447f479 100644 --- a/src/sp_list.c +++ b/src/sp_list.c @@ -4,7 +4,7 @@ #include "php_snuffleupagus.h" void sp_list_free(sp_list_node *node) { - while(node) { + while (node) { sp_list_node *tmp = node->next; pefree(node, 1); node = tmp; @@ -18,7 +18,8 @@ sp_list_node *sp_list_new() { } // Thanks to https://en.wikipedia.org/wiki/Insertion_sort :> -sp_list_node *sp_list_sort(sp_list_node *pList, int (*cmp_func)(sp_list_node *, sp_list_node *)) { +sp_list_node *sp_list_sort(sp_list_node *pList, + int (*cmp_func)(sp_list_node *, sp_list_node *)) { sp_list_node *head = NULL; if (pList == NULL || pList->next == NULL) { @@ -33,12 +34,12 @@ sp_list_node *sp_list_sort(sp_list_node *pList, int (*cmp_func)(sp_list_node *, } else { sp_list_node *p = head; while (p != NULL) { - if (p->next == NULL || 0 > cmp_func(current, p->next)) { - current->next = p->next; - p->next = current; - break; - } - p = p->next; + if (p->next == NULL || 0 > cmp_func(current, p->next)) { + current->next = p->next; + p->next = current; + break; + } + p = p->next; } } } diff --git a/src/sp_list.h b/src/sp_list.h index b6760ef..8477463 100644 --- a/src/sp_list.h +++ b/src/sp_list.h @@ -9,7 +9,8 @@ typedef struct sp_node_s { } sp_list_node; sp_list_node *sp_list_new(); -sp_list_node *sp_list_sort(sp_list_node *, int (*)(sp_list_node *, sp_list_node *)); +sp_list_node *sp_list_sort(sp_list_node *, + int (*)(sp_list_node *, sp_list_node *)); void sp_list_insert(sp_list_node *, void *); void sp_list_free(sp_list_node *); void sp_list_prepend(sp_list_node *, void *); diff --git a/src/sp_network_utils.c b/src/sp_network_utils.c index 6fc0b1f..51911a8 100644 --- a/src/sp_network_utils.c +++ b/src/sp_network_utils.c @@ -91,9 +91,9 @@ int get_ip_and_cidr(char *ip, sp_cidr *cidr) { char *mask = strchr(ip, '/'); if (NULL == mask) { - sp_log_err("config", - "'%s' isn't a valid network mask, it seems that you forgot a '/'.", - ip); + sp_log_err( + "config", + "'%s' isn't a valid network mask, it seems that you forgot a '/'.", ip); return -1; } diff --git a/src/sp_unserialize.c b/src/sp_unserialize.c index 7f3add0..312ba2e 100644 --- a/src/sp_unserialize.c +++ b/src/sp_unserialize.c @@ -6,11 +6,12 @@ PHP_FUNCTION(sp_serialize) { void (*orig_handler)(INTERNAL_FUNCTION_PARAMETERS); /* Call the original `serialize` function. */ - if ((orig_handler = zend_hash_str_find_ptr(SNUFFLEUPAGUS_G(sp_internal_functions_hook), - "serialize", 9))) { + if ((orig_handler = zend_hash_str_find_ptr( + SNUFFLEUPAGUS_G(sp_internal_functions_hook), "serialize", 9))) { orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); } else { - sp_log_err("disabled_functions", + sp_log_err( + "disabled_functions", "Unable to find the pointer to the original function 'serialize' in " "the hashtable.\n"); return; @@ -57,7 +58,8 @@ PHP_FUNCTION(sp_unserialize) { /* 64 is the length of HMAC-256 */ if (buf_len < 64) { - sp_log_msg("unserialize", SP_LOG_DROP, "The serialized object is too small."); + sp_log_msg("unserialize", SP_LOG_DROP, + "The serialized object is too small."); RETURN_FALSE; } @@ -82,19 +84,22 @@ PHP_FUNCTION(sp_unserialize) { } if (0 == status) { - if ((orig_handler = zend_hash_str_find_ptr(SNUFFLEUPAGUS_G(sp_internal_functions_hook), - "unserialize", 11))) { + if ((orig_handler = zend_hash_str_find_ptr( + SNUFFLEUPAGUS_G(sp_internal_functions_hook), "unserialize", 11))) { orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); } } else { - if ( true == SNUFFLEUPAGUS_G(config).config_unserialize->simulation) { - sp_log_msg("unserialize", SP_LOG_SIMULATION, "Invalid HMAC for %s", serialized_str); - if ((orig_handler = zend_hash_str_find_ptr(SNUFFLEUPAGUS_G(sp_internal_functions_hook), - "unserialize", 11))) { + if (true == SNUFFLEUPAGUS_G(config).config_unserialize->simulation) { + sp_log_msg("unserialize", SP_LOG_SIMULATION, "Invalid HMAC for %s", + serialized_str); + if ((orig_handler = zend_hash_str_find_ptr( + SNUFFLEUPAGUS_G(sp_internal_functions_hook), "unserialize", + 11))) { orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); } } else { - sp_log_msg("unserialize", SP_LOG_DROP, "Invalid HMAC for %s", serialized_str); + sp_log_msg("unserialize", SP_LOG_DROP, "Invalid HMAC for %s", + serialized_str); } } efree(serialized_str); @@ -104,8 +109,10 @@ PHP_FUNCTION(sp_unserialize) { int hook_serialize(void) { TSRMLS_FETCH(); - HOOK_FUNCTION("serialize", sp_internal_functions_hook, PHP_FN(sp_serialize), false); - HOOK_FUNCTION("unserialize", sp_internal_functions_hook, PHP_FN(sp_unserialize), false); + HOOK_FUNCTION("serialize", sp_internal_functions_hook, PHP_FN(sp_serialize), + false); + HOOK_FUNCTION("unserialize", sp_internal_functions_hook, + PHP_FN(sp_unserialize), false); return SUCCESS; } diff --git a/src/sp_upload_validation.c b/src/sp_upload_validation.c index 0010984..4d52266 100644 --- a/src/sp_upload_validation.c +++ b/src/sp_upload_validation.c @@ -79,8 +79,9 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) { if (WEXITSTATUS(waitstatus) != 0) { // Nope char *uri = getenv("REQUEST_URI"); int sim = SNUFFLEUPAGUS_G(config).config_upload_validation->simulation; - sp_log_msg("upload_validation", sim?SP_LOG_SIMULATION:SP_LOG_DROP, - "The upload of %s on %s was rejected.", filename, uri?uri:"?"); + sp_log_msg("upload_validation", sim ? SP_LOG_SIMULATION : SP_LOG_DROP, + "The upload of %s on %s was rejected.", filename, + uri ? uri : "?"); if (!SNUFFLEUPAGUS_G(config).config_upload_validation->simulation) { zend_bailout(); } diff --git a/src/sp_upload_validation.h b/src/sp_upload_validation.h index 3d59527..ae3871b 100644 --- a/src/sp_upload_validation.h +++ b/src/sp_upload_validation.h @@ -3,7 +3,8 @@ void hook_upload(); -int (*sp_rfc1867_orig_callback)(unsigned int event, void *event_data, void **extra); +int (*sp_rfc1867_orig_callback)(unsigned int event, void *event_data, + void **extra); int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra); #endif diff --git a/src/sp_utils.c b/src/sp_utils.c index 3fe2e44..8a1ed87 100644 --- a/src/sp_utils.c +++ b/src/sp_utils.c @@ -17,7 +17,7 @@ static inline void _sp_log_err(const char* fmt, ...) { php_log_err(msg); } -void sp_log_msg(char const *feature, char const *level, const char* fmt, ...) { +void sp_log_msg(char const* feature, char const* level, const char* fmt, ...) { char* msg; va_list args; @@ -25,9 +25,9 @@ void sp_log_msg(char const *feature, char const *level, const char* fmt, ...) { vspprintf(&msg, 0, fmt, args); va_end(args); - char const * const client_ip = getenv("REMOTE_ADDR"); - _sp_log_err("[snuffleupagus][%s][%s][%s] %s", client_ip?client_ip:"0.0.0.0", - feature, level, msg); + char const* const client_ip = getenv("REMOTE_ADDR"); + _sp_log_err("[snuffleupagus][%s][%s][%s] %s", + client_ip ? client_ip : "0.0.0.0", feature, level, msg); } zend_always_inline int is_regexp_matching(const pcre* regexp, const char* str) { @@ -38,7 +38,7 @@ zend_always_inline int is_regexp_matching(const pcre* regexp, const char* str) { assert(NULL != str); ret = sp_pcre_exec(regexp, NULL, str, strlen(str), 0, 0, vec, - sizeof(vec)/sizeof(int)); + sizeof(vec) / sizeof(int)); if (ret < 0) { if (ret != PCRE_ERROR_NOMATCH) { @@ -58,7 +58,8 @@ int compute_hash(const char* const filename, char* file_hash) { php_stream* stream = php_stream_open_wrapper(filename, "rb", REPORT_ERRORS, NULL); if (!stream) { - sp_log_err("hash_computation", "Can not open the file %s to compute its hash.\n", filename); + sp_log_err("hash_computation", + "Can not open the file %s to compute its hash.\n", filename); return FAILURE; } @@ -73,14 +74,13 @@ int compute_hash(const char* const filename, char* file_hash) { } static int construct_filename(char* filename, const char* folder, - const char* textual) { + const char* textual) { PHP_SHA256_CTX context; unsigned char digest[SHA256_SIZE] = {0}; char strhash[65] = {0}; if (-1 == mkdir(folder, 0700) && errno != EEXIST) { - sp_log_err("request_logging", "Unable to create the folder '%s'.", - folder); + sp_log_err("request_logging", "Unable to create the folder '%s'.", folder); return -1; } @@ -88,10 +88,10 @@ static int construct_filename(char* filename, const char* folder, * as filename, in order to only have one dump per rule, to migitate * DoS attacks. */ PHP_SHA256Init(&context); - PHP_SHA256Update(&context, (const unsigned char *) textual, strlen(textual)); + PHP_SHA256Update(&context, (const unsigned char*)textual, strlen(textual)); PHP_SHA256Final(digest, &context); make_digest_ex(strhash, digest, SHA256_SIZE); - snprintf(filename, MAX_FOLDER_LEN-1, "%s/sp_dump.%s", folder, strhash); + snprintf(filename, MAX_FOLDER_LEN - 1, "%s/sp_dump.%s", folder, strhash); return 0; } @@ -106,14 +106,14 @@ int sp_log_request(const char* folder, const char* text_repr) { const int key; } zones[] = {{"GET", TRACK_VARS_GET}, {"POST", TRACK_VARS_POST}, {"COOKIE", TRACK_VARS_COOKIE}, {"SERVER", TRACK_VARS_SERVER}, - {"ENV", TRACK_VARS_ENV}, {NULL, 0}}; + {"ENV", TRACK_VARS_ENV}, {NULL, 0}}; if (0 != construct_filename(filename, folder, text_repr)) { return -1; } if (NULL == (file = fopen(filename, "w+"))) { sp_log_err("request_logging", "Unable to open %s: %s", filename, - strerror(errno)); + strerror(errno)); return -1; } @@ -147,7 +147,7 @@ int sp_log_request(const char* folder, const char* text_repr) { return 0; } -static char *zv_str_to_char(zval *zv) { +static char* zv_str_to_char(zval* zv) { zval copy; ZVAL_ZVAL(©, zv, 1, 0); @@ -159,7 +159,6 @@ static char *zv_str_to_char(zval *zv) { return estrdup(Z_STRVAL(copy)); } - char* sp_convert_to_string(zval* zv) { switch (Z_TYPE_P(zv)) { case IS_FALSE: @@ -169,18 +168,18 @@ char* sp_convert_to_string(zval* zv) { case IS_NULL: return estrdup("NULL"); case IS_LONG: { - char *msg; - spprintf(&msg, 0, ZEND_LONG_FMT, Z_LVAL_P(zv)); - return msg; - } + char* msg; + spprintf(&msg, 0, ZEND_LONG_FMT, Z_LVAL_P(zv)); + return msg; + } case IS_DOUBLE: { - char *msg; - spprintf(&msg, 0, "%f", Z_DVAL_P(zv)); - return msg; - } - case IS_STRING:{ + char* msg; + spprintf(&msg, 0, "%f", Z_DVAL_P(zv)); + return msg; + } + case IS_STRING: { return zv_str_to_char(zv); - } + } case IS_OBJECT: return estrdup("OBJECT"); case IS_ARRAY: @@ -212,31 +211,32 @@ void sp_log_disable(const char* restrict path, const char* restrict arg_name, const int sim = config_node->simulation; if (arg_name) { if (alias) { - sp_log_msg("disabled_function", sim?SP_LOG_SIMULATION:SP_LOG_DROP, + sp_log_msg( + "disabled_function", sim ? SP_LOG_SIMULATION : SP_LOG_DROP, "The call to the function '%s' in %s:%d has been disabled, " "because its argument '%s' content (%s) matched the rule '%s'.", path, zend_get_executed_filename(TSRMLS_C), - zend_get_executed_lineno(TSRMLS_C), arg_name, arg_value?arg_value:"?", - alias); - } else { - sp_log_msg("disabled_function", sim?SP_LOG_SIMULATION:SP_LOG_DROP, - "The call to the function '%s' in %s:%d has been disabled, " - "because its argument '%s' content (%s) matched a rule.", - path, zend_get_executed_filename(TSRMLS_C), zend_get_executed_lineno(TSRMLS_C), arg_name, - arg_value?arg_value:"?"); + arg_value ? arg_value : "?", alias); + } else { + sp_log_msg("disabled_function", sim ? SP_LOG_SIMULATION : SP_LOG_DROP, + "The call to the function '%s' in %s:%d has been disabled, " + "because its argument '%s' content (%s) matched a rule.", + path, zend_get_executed_filename(TSRMLS_C), + zend_get_executed_lineno(TSRMLS_C), arg_name, + arg_value ? arg_value : "?"); } } else { if (alias) { - sp_log_msg("disabled_function", sim?SP_LOG_SIMULATION:SP_LOG_DROP, - "The call to the function '%s' in %s:%d has been disabled, " - "because of the the rule '%s'.",path, - zend_get_executed_filename(TSRMLS_C), - zend_get_executed_lineno(TSRMLS_C), alias); + sp_log_msg("disabled_function", sim ? SP_LOG_SIMULATION : SP_LOG_DROP, + "The call to the function '%s' in %s:%d has been disabled, " + "because of the the rule '%s'.", + path, zend_get_executed_filename(TSRMLS_C), + zend_get_executed_lineno(TSRMLS_C), alias); } else { - sp_log_msg("disabled_function", sim?SP_LOG_SIMULATION:SP_LOG_DROP, + sp_log_msg("disabled_function", sim ? SP_LOG_SIMULATION : SP_LOG_DROP, "The call to the function '%s' in %s:%d has been disabled.", - path, zend_get_executed_filename(TSRMLS_C), + path, zend_get_executed_filename(TSRMLS_C), zend_get_executed_lineno(TSRMLS_C)); } } @@ -252,17 +252,20 @@ void sp_log_disable_ret(const char* restrict path, const char* alias = config_node->alias; const int sim = config_node->simulation; if (alias) { - sp_log_msg("disabled_function", sim?SP_LOG_SIMULATION:SP_LOG_DROP, + sp_log_msg( + "disabled_function", sim ? SP_LOG_SIMULATION : SP_LOG_DROP, "The execution has been aborted in %s:%d, " "because the function '%s' returned '%s', which matched the rule '%s'.", zend_get_executed_filename(TSRMLS_C), - zend_get_executed_lineno(TSRMLS_C), path, ret_value?ret_value:"?", alias); + zend_get_executed_lineno(TSRMLS_C), path, ret_value ? ret_value : "?", + alias); } else { - sp_log_msg("disabled_function", sim?SP_LOG_SIMULATION:SP_LOG_DROP, + sp_log_msg( + "disabled_function", sim ? SP_LOG_SIMULATION : SP_LOG_DROP, "The execution has been aborted in %s:%d, " "because the return value (%s) of the function '%s' matched a rule.", zend_get_executed_filename(TSRMLS_C), - zend_get_executed_lineno(TSRMLS_C), ret_value?ret_value:"?", path); + zend_get_executed_lineno(TSRMLS_C), ret_value ? ret_value : "?", path); } if (dump) { sp_log_request(dump, config_node->textual_representation); @@ -276,17 +279,17 @@ bool sp_match_array_key(const zval* zv, const char* to_match, const pcre* rx) { ZEND_HASH_FOREACH_KEY(Z_ARRVAL_P(zv), idx, key) { if (key) { if (sp_match_value(ZSTR_VAL(key), to_match, rx)) { - return true; + return true; } } else { - char *idx_str = NULL; + char* idx_str = NULL; // Could use a log. idx_str = emalloc(snprintf(NULL, 0, "%lu", idx)); sprintf(idx_str, "%lu", idx); if (sp_match_value(idx_str, to_match, rx)) { - efree(idx_str); - return true; + efree(idx_str); + return true; } efree(idx_str); } @@ -295,17 +298,18 @@ bool sp_match_array_key(const zval* zv, const char* to_match, const pcre* rx) { return false; } -bool sp_match_array_value(const zval* arr, const char* to_match, const pcre* rx) { +bool sp_match_array_value(const zval* arr, const char* to_match, + const pcre* rx) { zval* value; ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(arr), value) { if (Z_TYPE_P(value) != IS_ARRAY) { - char *value_str = sp_convert_to_string(value); + char* value_str = sp_convert_to_string(value); if (sp_match_value(value_str, to_match, rx)) { - efree(value_str); - return true; + efree(value_str); + return true; } else { - efree (value_str); + efree(value_str); } } else if (sp_match_array_value(value, to_match, rx)) { return true; @@ -315,18 +319,17 @@ bool sp_match_array_value(const zval* arr, const char* to_match, const pcre* rx) return false; } - int hook_function(const char* original_name, HashTable* hook_table, void (*new_function)(INTERNAL_FUNCTION_PARAMETERS), bool hook_execution_table) { zend_internal_function* func; - HashTable *ht = hook_execution_table==true?EG(function_table):CG(function_table); + HashTable* ht = + hook_execution_table == true ? EG(function_table) : CG(function_table); /* The `mb` module likes to hook functions, like strlen->mb_strlen, * so we have to hook both of them. */ - if ((func = zend_hash_str_find_ptr(ht, - VAR_AND_LEN(original_name)))) { + if ((func = zend_hash_str_find_ptr(ht, VAR_AND_LEN(original_name)))) { if (func->handler == new_function) { return SUCCESS; } @@ -340,7 +343,7 @@ int hook_function(const char* original_name, HashTable* hook_table, VAR_AND_LEN(original_name), func->handler) == NULL) { sp_log_err("function_pointer_saving", - "Could not save function pointer for %s", original_name); + "Could not save function pointer for %s", original_name); return FAILURE; } else { func->handler = new_function; @@ -349,9 +352,9 @@ int hook_function(const char* original_name, HashTable* hook_table, if (0 == strncmp(original_name, "mb_", 3)) { CG(compiler_options) |= ZEND_COMPILE_NO_BUILTIN_STRLEN; - if (zend_hash_str_find(ht, - VAR_AND_LEN(original_name + 3))) { - hook_function(original_name + 3, hook_table, new_function, hook_execution_table); + if (zend_hash_str_find(ht, VAR_AND_LEN(original_name + 3))) { + hook_function(original_name + 3, hook_table, new_function, + hook_execution_table); } } else { // TODO this can be moved somewhere else to gain some marginal perfs CG(compiler_options) |= ZEND_COMPILE_NO_BUILTIN_STRLEN; @@ -370,13 +373,14 @@ int hook_regexp(const pcre* regexp, HashTable* hook_table, void (*new_function)(INTERNAL_FUNCTION_PARAMETERS), bool hook_execution_table) { zend_string* key; - HashTable *ht = hook_execution_table==true?EG(function_table):CG(function_table); + HashTable* ht = + hook_execution_table == true ? EG(function_table) : CG(function_table); ZEND_HASH_FOREACH_STR_KEY(ht, key) { if (key) { int vec[30]; int ret = sp_pcre_exec(regexp, NULL, key->val, key->len, 0, 0, vec, - sizeof(vec)/sizeof(int)); + sizeof(vec) / sizeof(int)); if (ret < 0) { /* Error or no match*/ if (PCRE_ERROR_NOMATCH != ret) { sp_log_err("pcre", "Runtime error with pcre, error code: %d", ret); diff --git a/src/sp_utils.h b/src/sp_utils.h index e54f307..e055e70 100644 --- a/src/sp_utils.h +++ b/src/sp_utils.h @@ -9,13 +9,13 @@ #include "sp_list.h" #if defined(__GNUC__) -# if __GNUC__ >= 3 -# define sp_pure __attribute__((pure)) -# define sp_const __attribute__((const)) -# else -# define sp_pure -# define sp_const -# endif +#if __GNUC__ >= 3 +#define sp_pure __attribute__((pure)) +#define sp_const __attribute__((const)) +#else +#define sp_pure +#define sp_const +#endif #endif /* The dump filename are of the form * `sp_dump_DATE_IPADDR.dump`, with: @@ -34,7 +34,8 @@ #define SHA256_SIZE 32 #define HOOK_FUNCTION(original_name, hook_table, new_function, execution) \ - hook_function(original_name, SNUFFLEUPAGUS_G(hook_table), new_function, execution) + hook_function(original_name, SNUFFLEUPAGUS_G(hook_table), new_function, \ + execution) #define HOOK_FUNCTION_BY_REGEXP(regexp, hook_table, new_function, execution) \ hook_regexp(regexp, SNUFFLEUPAGUS_G(hook_table), new_function, execution) @@ -46,14 +47,14 @@ #define sp_log_err(feature, ...) sp_log_msg(feature, SP_LOG_ERROR, __VA_ARGS__) #ifdef SP_DEBUG - #define sp_log_debug(...) sp_log_msg("DEBUG", SP_LOG_DEBUG, __VA_ARGS__) +#define sp_log_debug(...) sp_log_msg("DEBUG", SP_LOG_DEBUG, __VA_ARGS__) #else - #define sp_log_debug(...) +#define sp_log_debug(...) #endif -#define GET_SUFFIX(x) (x==1)?"st":((x==2)?"nd":"th") +#define GET_SUFFIX(x) (x == 1) ? "st" : ((x == 2) ? "nd" : "th") -void sp_log_msg(char const *feature, char const *level, const char* fmt, ...); +void sp_log_msg(char const *feature, char const *level, const char *fmt, ...); int compute_hash(const char *const filename, char *file_hash); char *sp_convert_to_string(zval *); bool sp_match_value(const char *, const char *, const pcre *); diff --git a/src/sp_var_parser.c b/src/sp_var_parser.c index 3f3dcdc..55cbfc2 100644 --- a/src/sp_var_parser.c +++ b/src/sp_var_parser.c @@ -1,7 +1,7 @@ #include "php_snuffleupagus.h" static int parse_str_tokens(const char *str, const sp_conf_token token, - sp_list_node *tokens_list) { + sp_list_node *tokens_list) { const char *cur_str = str; while ((cur_str = strchr(cur_str, token.text_repr[0]))) { @@ -30,23 +30,24 @@ static bool is_var_name_valid(const char *name) { } if (NULL == regexp_var || NULL == regexp_const) { regexp_var = sp_pcre_compile(REGEXP_VAR, PCRE_CASELESS, &pcre_error, - &pcre_error_offset, NULL); + &pcre_error_offset, NULL); regexp_const = sp_pcre_compile(REGEXP_CONST, PCRE_CASELESS, &pcre_error, - &pcre_error_offset, NULL); + &pcre_error_offset, NULL); } if (NULL == regexp_var || NULL == regexp_const) { sp_log_err("config", "Could not compile regexp."); return false; } - if (0 > sp_pcre_exec(regexp_var, NULL, name, strlen(name), 0, 0, NULL, 0) - && 0 > sp_pcre_exec(regexp_const, NULL, name, strlen(name), 0, 0, NULL, 0)) { + if (0 > sp_pcre_exec(regexp_var, NULL, name, strlen(name), 0, 0, NULL, 0) && + 0 > sp_pcre_exec(regexp_const, NULL, name, strlen(name), 0, 0, NULL, 0)) { return false; } return true; } static int create_var(sp_tree *tree, const char *restrict value, - size_t value_len, elem_type _type, const char *restrict idx) { + size_t value_len, elem_type _type, + const char *restrict idx) { sp_tree *var_node = NULL; if (!tree) { @@ -72,7 +73,8 @@ static int create_var(sp_tree *tree, const char *restrict value, sp_log_err("config", "Can't allocate a strndup"); return -1; } - if (var_node->type != INTERPRETED_STRING && !is_var_name_valid(var_node->value)) { + if (var_node->type != INTERPRETED_STRING && + !is_var_name_valid(var_node->value)) { sp_log_err("config", "Invalid var name: %s.", var_node->value); return -1; } @@ -88,22 +90,23 @@ static int create_var(sp_tree *tree, const char *restrict value, } int cmp_tokens(sp_list_node *list1, sp_list_node *list2) { - return (((sp_conf_token *)list1->data)->pos - - ((sp_conf_token *)list2->data)->pos); + return (((sp_conf_token *)list1->data)->pos - + ((sp_conf_token *)list2->data)->pos); } static int is_next_token_empty(sp_conf_token *token, sp_conf_token *token_next, - const char * restrict str) { - if ((token_next && token_next->pos == token->pos + strlen(token->text_repr)) - || (!token_next && token->pos == strlen(str) - strlen(token->text_repr))) { + const char *restrict str) { + if ((token_next && + token_next->pos == token->pos + strlen(token->text_repr)) || + (!token_next && token->pos == strlen(str) - strlen(token->text_repr))) { return -1; } return 0; } static int is_token_valid(sp_list_node *tokens_list, elem_type quote, - int array_count, const char * restrict str, - size_t pos) { + int array_count, const char *restrict str, + size_t pos) { sp_conf_token *token = (sp_conf_token *)tokens_list->data; sp_conf_token *token_next = NULL; @@ -114,40 +117,40 @@ static int is_token_valid(sp_list_node *tokens_list, elem_type quote, case LITERAL_STRING: case INTERPRETED_STRING: if (quote == token->type) { - if (token_next) { - if (token_next->pos != token->pos + 1) { - return -1; - } - } else if (token->pos != strlen(str) - 1) { - return -1; - } + if (token_next) { + if (token_next->pos != token->pos + 1) { + return -1; + } + } else if (token->pos != strlen(str) - 1) { + return -1; + } } break; case ARRAY_END: if (!quote) { - if (array_count < 1) { - return -1; - } else if (token_next) { - if (token_next->type == INTERPRETED_STRING - || token_next->type == LITERAL_STRING) { - return -1; - } - } else if (token->pos != strlen(str) - strlen(token->text_repr)) { - return -1; - } + if (array_count < 1) { + return -1; + } else if (token_next) { + if (token_next->type == INTERPRETED_STRING || + token_next->type == LITERAL_STRING) { + return -1; + } + } else if (token->pos != strlen(str) - strlen(token->text_repr)) { + return -1; + } } break; case OBJECT: if (!quote && -1 == is_next_token_empty(token, token_next, str)) { - return -1; + return -1; } if (pos == 0 && *str != VARIABLE_TOKEN) { - return -1; + return -1; } break; case CLASS: if (!quote && -1 == is_next_token_empty(token, token_next, str)) { - return -1; + return -1; } break; default: @@ -156,8 +159,8 @@ static int is_token_valid(sp_list_node *tokens_list, elem_type quote, return 0; } -static sp_tree *parse_tokens(const char * restrict str, - sp_list_node *tokens_list) { +static sp_tree *parse_tokens(const char *restrict str, + sp_list_node *tokens_list) { size_t pos = 0; int array_count = 0, pos_idx_start = -1; elem_type quote = 0; @@ -179,7 +182,9 @@ static sp_tree *parse_tokens(const char * restrict str, } if (quote == 0) { if (token->type == ARRAY) { - pos_idx_start = (array_count) ? pos_idx_start : (int)(token->pos + strlen(token->text_repr)); + pos_idx_start = (array_count) + ? pos_idx_start + : (int)(token->pos + strlen(token->text_repr)); array_count++; } else if (token->type == ARRAY_END) { array_count--; @@ -210,12 +215,12 @@ static sp_tree *parse_tokens(const char * restrict str, } if (quote != 0) { sp_log_err("config", "Missing a closing quote."); -error: + error: sp_tree_free(tree); return NULL; } - if (pos != strlen(str) - && create_var(tree, &str[pos], strlen(str) - pos, CONSTANT, NULL)) { + if (pos != strlen(str) && + create_var(tree, &str[pos], strlen(str) - pos, CONSTANT, NULL)) { goto error; } return tree; @@ -225,20 +230,19 @@ sp_tree *parse_var(const char *line) { sp_list_node *tokens_list = NULL; sp_tree *tree = NULL; const sp_conf_token delimiter_list[] = { - {.type=OBJECT, .text_repr=OBJECT_TOKEN}, - {.type=ARRAY, .text_repr=ARRAY_TOKEN}, - {.type=ARRAY_END, .text_repr=ARRAY_END_TOKEN}, - {.type=INTERPRETED_STRING, .text_repr=STRING_TOKEN}, - {.type=LITERAL_STRING, .text_repr=ESC_STRING_TOKEN}, - {.type=CLASS, .text_repr=CLASS_TOKEN} - }; - + {.type = OBJECT, .text_repr = OBJECT_TOKEN}, + {.type = ARRAY, .text_repr = ARRAY_TOKEN}, + {.type = ARRAY_END, .text_repr = ARRAY_END_TOKEN}, + {.type = INTERPRETED_STRING, .text_repr = STRING_TOKEN}, + {.type = LITERAL_STRING, .text_repr = ESC_STRING_TOKEN}, + {.type = CLASS, .text_repr = CLASS_TOKEN}}; if (!line) { return NULL; } tokens_list = sp_list_new(); - for (unsigned int i = 0; i < sizeof(delimiter_list) / sizeof(sp_conf_token); i++) { + for (unsigned int i = 0; i < sizeof(delimiter_list) / sizeof(sp_conf_token); + i++) { parse_str_tokens(line, delimiter_list[i], tokens_list); } tokens_list = sp_list_sort(tokens_list, cmp_tokens); diff --git a/src/sp_var_value.c b/src/sp_var_value.c index 7f74afa..9a23ad9 100644 --- a/src/sp_var_value.c +++ b/src/sp_var_value.c @@ -23,16 +23,16 @@ static zval *get_local_var(zend_execute_data *ed, const char *var_name) { zval *value = NULL; while (current) { - zend_string* key = NULL; + zend_string *key = NULL; EG(current_execute_data) = current; - zend_array* symtable = zend_rebuild_symbol_table(); + zend_array *symtable = zend_rebuild_symbol_table(); ZEND_HASH_FOREACH_STR_KEY_VAL(symtable, key, value) { if (0 == strcmp(var_name, key->val)) { - if (Z_TYPE_P(value) == IS_INDIRECT) { - value = Z_INDIRECT_P(value); - } - EG(current_execute_data) = orig_execute_data; - return value; + if (Z_TYPE_P(value) == IS_INDIRECT) { + value = Z_INDIRECT_P(value); + } + EG(current_execute_data) = orig_execute_data; + return value; } } ZEND_HASH_FOREACH_END(); @@ -51,7 +51,7 @@ static zval *get_constant(const char *value) { } static zval *get_var_value(zend_execute_data *ed, const char *var_name, - bool is_param) { + bool is_param) { zval *zvalue = NULL; if (!var_name) { @@ -73,14 +73,14 @@ static zval *get_var_value(zend_execute_data *ed, const char *var_name, } static void *get_entry_hashtable(const HashTable *ht, const char *entry, - size_t entry_len) { + size_t entry_len) { zval *zvalue = zend_hash_str_find(ht, entry, entry_len); if (!zvalue) { zvalue = zend_hash_index_find(ht, atol(entry)); } - while (zvalue && (Z_TYPE_P(zvalue) == IS_INDIRECT - || Z_TYPE_P(zvalue) == IS_PTR)) { + while (zvalue && + (Z_TYPE_P(zvalue) == IS_INDIRECT || Z_TYPE_P(zvalue) == IS_PTR)) { if (Z_TYPE_P(zvalue) == IS_INDIRECT) { zvalue = Z_INDIRECT_P(zvalue); } else { @@ -91,7 +91,7 @@ static void *get_entry_hashtable(const HashTable *ht, const char *entry, } static zval *get_array_value(zend_execute_data *ed, zval *zvalue, - const sp_tree *tree) { + const sp_tree *tree) { zval *idx_value, *ret = NULL; char *idx = NULL; @@ -108,7 +108,7 @@ static zval *get_array_value(zend_execute_data *ed, zval *zvalue, } static zval *get_object_property(zend_execute_data *ed, zval *object, - const char *property, bool is_param) { + const char *property, bool is_param) { char *class_name = object->value.obj->ce->name->val; HashTable *array = Z_OBJPROP_P(object); zval *zvalue = NULL; @@ -131,7 +131,8 @@ static zval *get_object_property(zend_execute_data *ed, zval *object, } if (!zvalue) { char *private_property = emalloc(strlen(class_name) + 3 + strlen(property)); - len = sprintf(private_property, PRIVATE_PROP_FMT, 0, class_name, 0, property); + len = + sprintf(private_property, PRIVATE_PROP_FMT, 0, class_name, 0, property); zvalue = get_entry_hashtable(array, private_property, len); efree(private_property); } @@ -149,8 +150,8 @@ static zend_class_entry *get_class(const char *value) { } static zval *get_unknown_type(const char *restrict value, zval *zvalue, - zend_class_entry *ce, zend_execute_data *ed, - const sp_tree *tree, bool is_param) { + zend_class_entry *ce, zend_execute_data *ed, + const sp_tree *tree, bool is_param) { if (ce) { zvalue = get_entry_hashtable(&ce->constants_table, value, strlen(value)); ce = NULL; @@ -171,51 +172,50 @@ static zval *get_unknown_type(const char *restrict value, zval *zvalue, return zvalue; } -zval *get_value(zend_execute_data *ed, const sp_tree *tree, - bool is_param) { +zval *get_value(zend_execute_data *ed, const sp_tree *tree, bool is_param) { zval *zvalue = NULL; zend_class_entry *ce = NULL; while (tree) { switch (tree->type) { case ARRAY: - if (ce) { - zvalue = get_entry_hashtable(&ce->constants_table, tree->value, - strlen(tree->value)); - ce = NULL; - } else if (!zvalue) { - zvalue = get_var_value(ed, tree->value, is_param); - } else if (Z_TYPE_P(zvalue) == IS_OBJECT) { - zvalue = get_object_property(ed, zvalue, tree->value, is_param); - } - zvalue = get_array_value(ed, zvalue, tree); - break; + if (ce) { + zvalue = get_entry_hashtable(&ce->constants_table, tree->value, + strlen(tree->value)); + ce = NULL; + } else if (!zvalue) { + zvalue = get_var_value(ed, tree->value, is_param); + } else if (Z_TYPE_P(zvalue) == IS_OBJECT) { + zvalue = get_object_property(ed, zvalue, tree->value, is_param); + } + zvalue = get_array_value(ed, zvalue, tree); + break; case VAR: - if (zvalue && Z_TYPE_P(zvalue) == IS_OBJECT) { - zvalue = get_object_property(ed, zvalue, tree->value, is_param); - } else { - zvalue = get_var_value(ed, tree->value, is_param); - } - break; + if (zvalue && Z_TYPE_P(zvalue) == IS_OBJECT) { + zvalue = get_object_property(ed, zvalue, tree->value, is_param); + } else { + zvalue = get_var_value(ed, tree->value, is_param); + } + break; case OBJECT: - if (!zvalue) { - zvalue = get_var_value(ed, tree->value, is_param); - } else if (Z_TYPE_P(zvalue) == IS_OBJECT) { - if (0 != strlen(tree->value)) { - zvalue = get_object_property(ed, zvalue, tree->value, is_param); - } - } else { - return NULL; - } - break; + if (!zvalue) { + zvalue = get_var_value(ed, tree->value, is_param); + } else if (Z_TYPE_P(zvalue) == IS_OBJECT) { + if (0 != strlen(tree->value)) { + zvalue = get_object_property(ed, zvalue, tree->value, is_param); + } + } else { + return NULL; + } + break; case CLASS: - ce = get_class(tree->value); - zvalue = NULL; - break; + ce = get_class(tree->value); + zvalue = NULL; + break; default: - zvalue = get_unknown_type(tree->value, zvalue, ce, ed, tree, is_param); - ce = NULL; - break; + zvalue = get_unknown_type(tree->value, zvalue, ce, ed, tree, is_param); + ce = NULL; + break; } if (!zvalue && !ce) { return NULL; -- cgit v1.3