From 096e7faa6a5e21e5416a7c8c484e27acd4636a66 Mon Sep 17 00:00:00 2001
From: xXx-caillou-xXx
Date: Mon, 27 Aug 2018 13:56:44 +0200
Subject: Add whitelist support for php's wrappers

---
 src/sp_config.h | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'src/sp_config.h')

diff --git a/src/sp_config.h b/src/sp_config.h
index d2fa64f..9d58359 100644
--- a/src/sp_config.h
+++ b/src/sp_config.h
@@ -77,6 +77,12 @@ typedef struct {
   bool simulation;
 } sp_cookie;
 
+typedef struct {
+  sp_list_node *whitelist;
+  bool enabled;
+  size_t num_wrapper;  // Used to verify if wrappers were added.
+} sp_config_wrapper;
+
 typedef struct {
   bool encrypt;
   bool simulation;
@@ -166,6 +172,7 @@ typedef struct {
   sp_config_global_strict *config_global_strict;
   sp_config_disable_xxe *config_disable_xxe;
   sp_config_eval *config_eval;
+  sp_config_wrapper *config_wrapper;
   sp_config_session *config_session;
   bool hook_execute;
 
@@ -204,6 +211,7 @@ typedef struct {
 #define SP_TOKEN_EVAL_BLACKLIST ".eval_blacklist"
 #define SP_TOKEN_EVAL_WHITELIST ".eval_whitelist"
 #define SP_TOKEN_SLOPPY_COMPARISON ".sloppy_comparison"
+#define SP_TOKEN_ALLOW_WRAPPERS ".wrappers_whitelist"
 
 // common tokens
 #define SP_TOKEN_ENABLE ".enable("
@@ -256,8 +264,7 @@ typedef struct {
 // upload_validator
 #define SP_TOKEN_UPLOAD_SCRIPT ".script("
 
-// eval blacklist
-#define SP_TOKEN_EVAL_LIST ".list("
+#define SP_TOKEN_LIST ".list("
 
 int sp_parse_config(const char *);
 int parse_array(sp_disabled_function *);
@@ -267,6 +274,7 @@ int parse_regexp(char *restrict, char *restrict, void *);
 int parse_empty(char *restrict, char *restrict, void *);
 int parse_cidr(char *restrict, char *restrict, void *);
 int parse_php_type(char *restrict, char *restrict, void *);
+int parse_list(char *restrict, char *restrict, void *);
 
 // cleanup
 void sp_disabled_function_list_free(sp_list_node *);
-- 
cgit v1.3