From 4dc67f99e579d7c6e147a5388b079ca627186bbf Mon Sep 17 00:00:00 2001 From: jvoisin Date: Wed, 28 Apr 2021 23:08:49 +0200 Subject: A pass of clang-format --- src/snuffleupagus.c | 87 +++++++++++++++++++++++++++-------------------------- 1 file changed, 45 insertions(+), 42 deletions(-) (limited to 'src/snuffleupagus.c') diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index 9a5ac90..f192dd2 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c @@ -47,8 +47,7 @@ static PHP_INI_MH(StrictMode) { PHP_INI_BEGIN() PHP_INI_ENTRY("sp.configuration_file", "", PHP_INI_SYSTEM, OnUpdateConfiguration) -PHP_INI_ENTRY("sp.allow_broken_configuration", "0", PHP_INI_SYSTEM, - StrictMode) +PHP_INI_ENTRY("sp.allow_broken_configuration", "0", PHP_INI_SYSTEM, StrictMode) PHP_INI_END() ZEND_DLEXPORT zend_extension zend_extension_entry = { @@ -59,24 +58,24 @@ ZEND_DLEXPORT zend_extension zend_extension_entry = { PHP_SNUFFLEUPAGUS_COPYRIGHT, sp_zend_startup, NULL, - NULL, /* activate_func_t */ - NULL, /* deactivate_func_t */ - NULL, /* message_handler_func_t */ - sp_op_array_handler, /* op_array_handler_func_t */ - NULL, /* statement_handler_func_t */ - NULL, /* fcall_begin_handler_func_t */ - NULL, /* fcall_end_handler_func_t */ - NULL, /* op_array_ctor_func_t */ - NULL, /* op_array_dtor_func_t */ + NULL, /* activate_func_t */ + NULL, /* deactivate_func_t */ + NULL, /* message_handler_func_t */ + sp_op_array_handler, /* op_array_handler_func_t */ + NULL, /* statement_handler_func_t */ + NULL, /* fcall_begin_handler_func_t */ + NULL, /* fcall_end_handler_func_t */ + NULL, /* op_array_ctor_func_t */ + NULL, /* op_array_dtor_func_t */ STANDARD_ZEND_EXTENSION_PROPERTIES}; PHP_GINIT_FUNCTION(snuffleupagus) { snuffleupagus_globals->is_config_valid = SP_CONFIG_NONE; snuffleupagus_globals->in_eval = 0; -#define SP_INIT_HT(F) snuffleupagus_globals->F = \ - pemalloc(sizeof(*(snuffleupagus_globals->F)), 1); \ - zend_hash_init(snuffleupagus_globals->F, 10, NULL, NULL, 1); +#define SP_INIT_HT(F) \ + snuffleupagus_globals->F = pemalloc(sizeof(*(snuffleupagus_globals->F)), 1); \ + zend_hash_init(snuffleupagus_globals->F, 10, NULL, NULL, 1); SP_INIT_HT(disabled_functions_hook); SP_INIT_HT(sp_internal_functions_hook); SP_INIT_HT(sp_eval_blacklist_functions_hook); @@ -86,8 +85,9 @@ PHP_GINIT_FUNCTION(snuffleupagus) { SP_INIT_HT(config.config_disabled_functions_ret_hooked); #undef SP_INIT_HT -#define SP_INIT(F) snuffleupagus_globals->config.F = \ - pecalloc(sizeof(*(snuffleupagus_globals->config.F)), 1, 1); +#define SP_INIT(F) \ + snuffleupagus_globals->config.F = \ + pecalloc(sizeof(*(snuffleupagus_globals->config.F)), 1, 1); SP_INIT(config_unserialize); SP_INIT(config_random); SP_INIT(config_sloppy); @@ -128,16 +128,15 @@ static void free_disabled_functions_hashtable(HashTable *ht) { } PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { - #define FREE_HT(F) \ - zend_hash_destroy(SNUFFLEUPAGUS_G(F)); \ - pefree(SNUFFLEUPAGUS_G(F), 1); + zend_hash_destroy(SNUFFLEUPAGUS_G(F)); \ + pefree(SNUFFLEUPAGUS_G(F), 1); FREE_HT(disabled_functions_hook); FREE_HT(sp_eval_blacklist_functions_hook); -#define FREE_HT_LIST(F) \ - free_disabled_functions_hashtable(SNUFFLEUPAGUS_G(config).F); \ - FREE_HT(config.F); +#define FREE_HT_LIST(F) \ + free_disabled_functions_hashtable(SNUFFLEUPAGUS_G(config).F); \ + FREE_HT(config.F); FREE_HT_LIST(config_disabled_functions); FREE_HT_LIST(config_disabled_functions_hooked); FREE_HT_LIST(config_disabled_functions_ret); @@ -145,12 +144,12 @@ PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { #undef FREE_HT_LIST #undef FREE_HT -#define FREE_LST_DISABLE(L) \ - do { \ - sp_list_node *_n = SNUFFLEUPAGUS_G(config).L; \ - sp_disabled_function_list_free(_n); \ - sp_list_free(_n); \ - } while (0) +#define FREE_LST_DISABLE(L) \ + do { \ + sp_list_node *_n = SNUFFLEUPAGUS_G(config).L; \ + sp_disabled_function_list_free(_n); \ + sp_list_free(_n); \ + } while (0) FREE_LST_DISABLE(config_disabled_functions_reg->disabled_functions); FREE_LST_DISABLE(config_disabled_functions_reg_ret->disabled_functions); #undef FREE_LST_DISABLE @@ -184,24 +183,26 @@ PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { } PHP_RINIT_FUNCTION(snuffleupagus) { - const sp_config_wrapper* config_wrapper = + const sp_config_wrapper *config_wrapper = SNUFFLEUPAGUS_G(config).config_wrapper; #if defined(COMPILE_DL_SNUFFLEUPAGUS) && defined(ZTS) ZEND_TSRMLS_CACHE_UPDATE(); #endif if (!SNUFFLEUPAGUS_G(allow_broken_configuration)) { - if (SNUFFLEUPAGUS_G(is_config_valid) == SP_CONFIG_INVALID ) { + if (SNUFFLEUPAGUS_G(is_config_valid) == SP_CONFIG_INVALID) { sp_log_err("config", "Invalid configuration file"); } else if (SNUFFLEUPAGUS_G(is_config_valid) == SP_CONFIG_NONE) { - sp_log_warn("config", "No configuration specificed via sp.configuration_file"); + sp_log_warn("config", + "No configuration specificed via sp.configuration_file"); } } - // We need to disable wrappers loaded by extensions loaded after SNUFFLEUPAGUS. + // We need to disable wrappers loaded by extensions loaded after + // SNUFFLEUPAGUS. if (config_wrapper->enabled && zend_hash_num_elements(php_stream_get_url_stream_wrappers_hash()) != - config_wrapper->num_wrapper) { + config_wrapper->num_wrapper) { sp_disable_wrapper(); } @@ -218,7 +219,7 @@ PHP_RSHUTDOWN_FUNCTION(snuffleupagus) { return SUCCESS; } PHP_MINFO_FUNCTION(snuffleupagus) { const char *valid_config; - switch(SNUFFLEUPAGUS_G(is_config_valid)) { + switch (SNUFFLEUPAGUS_G(is_config_valid)) { case SP_CONFIG_VALID: valid_config = "yes"; break; @@ -230,10 +231,11 @@ PHP_MINFO_FUNCTION(snuffleupagus) { valid_config = "no"; } php_info_print_table_start(); - php_info_print_table_row(2, "snuffleupagus support", - SNUFFLEUPAGUS_G(is_config_valid)?"enabled":"disabled"); + php_info_print_table_row( + 2, "snuffleupagus support", + SNUFFLEUPAGUS_G(is_config_valid) ? "enabled" : "disabled"); php_info_print_table_row(2, "Version", PHP_SNUFFLEUPAGUS_VERSION); - php_info_print_table_row( 2, "Valid config", valid_config); + php_info_print_table_row(2, "Valid config", valid_config); php_info_print_table_end(); DISPLAY_INI_ENTRIES(); } @@ -315,11 +317,12 @@ static PHP_INI_MH(OnUpdateConfiguration) { // If `zend_write_default` is not NULL it is already hooked. if ((zend_hash_str_find( - SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked, "echo", - sizeof("echo") - 1) || - zend_hash_str_find( - SNUFFLEUPAGUS_G(config).config_disabled_functions_ret_hooked, "echo", - sizeof("echo") - 1)) && NULL == zend_write_default) { + SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked, "echo", + sizeof("echo") - 1) || + zend_hash_str_find( + SNUFFLEUPAGUS_G(config).config_disabled_functions_ret_hooked, "echo", + sizeof("echo") - 1)) && + NULL == zend_write_default) { zend_write_default = zend_write; zend_write = hook_echo; } -- cgit v1.3 From 194b0bc9f0a4699854ea314ffa23e59f8082ddae Mon Sep 17 00:00:00 2001 From: jvoisin Date: Sat, 8 May 2021 17:14:46 +0200 Subject: Remove some memory-leaks --- src/snuffleupagus.c | 5 ++++- src/sp_config.c | 23 ++++++++++++++++++++++- src/sp_config.h | 1 + src/sp_pcre_compat.c | 5 +++++ src/sp_pcre_compat.h | 1 + 5 files changed, 33 insertions(+), 2 deletions(-) (limited to 'src/snuffleupagus.c') diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index f192dd2..79a3003 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c @@ -154,8 +154,11 @@ PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { FREE_LST_DISABLE(config_disabled_functions_reg_ret->disabled_functions); #undef FREE_LST_DISABLE + sp_list_node *_n = SNUFFLEUPAGUS_G(config).config_cookie->cookies; + sp_cookie_list_free(_n); + sp_list_free(_n); + #define FREE_LST(L) sp_list_free(SNUFFLEUPAGUS_G(config).L); - FREE_LST(config_cookie->cookies); FREE_LST(config_eval->blacklist); FREE_LST(config_eval->whitelist); FREE_LST(config_wrapper->whitelist); diff --git a/src/sp_config.c b/src/sp_config.c index 69730e3..958c7e5 100644 --- a/src/sp_config.c +++ b/src/sp_config.c @@ -216,11 +216,32 @@ void sp_disabled_function_list_free(sp_list_node *list) { sp_list_node *cursor = list; while (cursor) { sp_disabled_function *df = cursor->data; - if (df && df->functions_list) sp_list_free(df->functions_list); if (df) { + sp_list_free(df->functions_list); + sp_list_free(df->param_array_keys); + sp_list_free(df->var_array_keys); + + sp_pcre_free(df->r_filename); + sp_pcre_free(df->r_function); + sp_pcre_free(df->r_param); + sp_pcre_free(df->r_ret); + sp_pcre_free(df->r_value); + sp_pcre_free(df->r_key); + sp_tree_free(df->param); sp_tree_free(df->var); } cursor = cursor->next; } } + +void sp_cookie_list_free(sp_list_node *list) { + sp_list_node *cursor = list; + while (cursor) { + sp_cookie *c = cursor->data; + if (c) { + sp_pcre_free(c->name_r); + } + cursor = cursor->next; + } +} diff --git a/src/sp_config.h b/src/sp_config.h index b06e8be..e7b1473 100644 --- a/src/sp_config.h +++ b/src/sp_config.h @@ -282,5 +282,6 @@ int parse_list(char *restrict, char *restrict, void *); // cleanup void sp_disabled_function_list_free(sp_list_node *); +void sp_cookie_list_free(sp_list_node *); #endif /* SP_CONFIG_H */ diff --git a/src/sp_pcre_compat.c b/src/sp_pcre_compat.c index 09a2fc7..adcdee7 100644 --- a/src/sp_pcre_compat.c +++ b/src/sp_pcre_compat.c @@ -1,5 +1,10 @@ #include "php_snuffleupagus.h" +inline void sp_pcre_free(sp_pcre* regexp) { + pcre2_code_free(regexp); + regexp = NULL; +} + sp_pcre* sp_pcre_compile(const char* const pattern) { assert(NULL != pattern); diff --git a/src/sp_pcre_compat.h b/src/sp_pcre_compat.h index 14c33b2..725004d 100644 --- a/src/sp_pcre_compat.h +++ b/src/sp_pcre_compat.h @@ -17,6 +17,7 @@ #endif sp_pcre* sp_pcre_compile(const char* str); +void sp_pcre_free(sp_pcre* regexp); #define sp_is_regexp_matching_zend(regexp, zstr) \ sp_is_regexp_matching_len(regexp, ZSTR_VAL(zstr), ZSTR_LEN(zstr)) #define sp_is_regexp_matching(regexp, str) \ -- cgit v1.3 From c3115fc26daebd0fa7135c202154272e42fbfcfd Mon Sep 17 00:00:00 2001 From: jvoisin Date: Sun, 9 May 2021 22:32:20 +0200 Subject: Add some checks to prevent recursion upon config reloading --- src/snuffleupagus.c | 2 +- src/sp_upload_validation.c | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'src/snuffleupagus.c') diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index 79a3003..f360a0c 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c @@ -325,7 +325,7 @@ static PHP_INI_MH(OnUpdateConfiguration) { zend_hash_str_find( SNUFFLEUPAGUS_G(config).config_disabled_functions_ret_hooked, "echo", sizeof("echo") - 1)) && - NULL == zend_write_default) { + NULL == zend_write_default && zend_write != hook_echo) { zend_write_default = zend_write; zend_write = hook_echo; } diff --git a/src/sp_upload_validation.c b/src/sp_upload_validation.c index f3ae311..cebab3e 100644 --- a/src/sp_upload_validation.c +++ b/src/sp_upload_validation.c @@ -103,6 +103,10 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) { #endif void hook_upload() { + if (php_rfc1867_callback == sp_rfc1867_callback) { + return; + } + if (NULL == sp_rfc1867_orig_callback) { sp_rfc1867_orig_callback = php_rfc1867_callback; php_rfc1867_callback = sp_rfc1867_callback; -- cgit v1.3 From d934db81cdcd64086c8867bb422bfa7e0d18bb38 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Sun, 9 May 2021 22:55:36 +0200 Subject: strtok/strtok_r is a thing from the past, don't use it. --- src/snuffleupagus.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'src/snuffleupagus.c') diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index f360a0c..f0737b4 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c @@ -250,14 +250,15 @@ static PHP_INI_MH(OnUpdateConfiguration) { return FAILURE; } - glob_t globbuf; - char *config_file; - char *rest = new_value->val; + char *str = new_value->val; - while ((config_file = strtok_r(rest, ",", &rest))) { - int ret = glob(config_file, GLOB_NOCHECK, NULL, &globbuf); + while (1) { + // We don't care about overwriting new_value->val + char *config_file = strsep(&str, ","); + if (config_file == NULL) break; - if (ret != 0) { + glob_t globbuf; + if (0 != glob(config_file, GLOB_NOCHECK, NULL, &globbuf)) { SNUFFLEUPAGUS_G(is_config_valid) = SP_CONFIG_INVALID; globfree(&globbuf); return FAILURE; -- cgit v1.3 From e62f226c3ed885808c832040872fc2d73ca46dac Mon Sep 17 00:00:00 2001 From: jvoisin Date: Wed, 28 Jul 2021 11:55:57 +0200 Subject: Sprinkle even more `const` --- src/snuffleupagus.c | 8 ++++---- src/sp_config.c | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'src/snuffleupagus.c') diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index f0737b4..7bf3649 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c @@ -21,7 +21,7 @@ ZEND_DLEXPORT int sp_zend_startup(zend_extension *extension) { } // LCOV_EXCL_END -static inline void sp_op_array_handler(zend_op_array *op) { +static inline void sp_op_array_handler(zend_op_array *const op) { // We need a filename, and strict mode not already enabled on this op if (NULL == op->filename || op->fn_flags & ZEND_ACC_STRICT_TYPES) { return; @@ -121,7 +121,7 @@ PHP_MINIT_FUNCTION(snuffleupagus) { return SUCCESS; } -static void free_disabled_functions_hashtable(HashTable *ht) { +static void free_disabled_functions_hashtable(HashTable *const ht) { void *ptr = NULL; ZEND_HASH_FOREACH_PTR(ht, ptr) { sp_list_free(ptr); } ZEND_HASH_FOREACH_END(); @@ -186,7 +186,7 @@ PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { } PHP_RINIT_FUNCTION(snuffleupagus) { - const sp_config_wrapper *config_wrapper = + const sp_config_wrapper *const config_wrapper = SNUFFLEUPAGUS_G(config).config_wrapper; #if defined(COMPILE_DL_SNUFFLEUPAGUS) && defined(ZTS) ZEND_TSRMLS_CACHE_UPDATE(); @@ -254,7 +254,7 @@ static PHP_INI_MH(OnUpdateConfiguration) { while (1) { // We don't care about overwriting new_value->val - char *config_file = strsep(&str, ","); + const char *config_file = strsep(&str, ","); if (config_file == NULL) break; glob_t globbuf; diff --git a/src/sp_config.c b/src/sp_config.c index 26476a2..c12b435 100644 --- a/src/sp_config.c +++ b/src/sp_config.c @@ -6,7 +6,7 @@ size_t sp_line_no; -sp_config_tokens const sp_func[] = { +static sp_config_tokens const sp_func[] = { {.func = parse_unserialize, .token = SP_TOKEN_UNSERIALIZE_HMAC}, {.func = parse_random, .token = SP_TOKEN_HARDEN_RANDOM}, {.func = parse_log_media, .token = SP_TOKEN_LOG_MEDIA}, -- cgit v1.3