From 868f96c759b6650d88ff9f4fbc5c048302134248 Mon Sep 17 00:00:00 2001
From: Sebastien Blot
Date: Wed, 20 Sep 2017 10:11:01 +0200
Subject: Initial import

---
 src/sp_disable_xxe.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 src/sp_disable_xxe.c

(limited to 'src/sp_disable_xxe.c')

diff --git a/src/sp_disable_xxe.c b/src/sp_disable_xxe.c
new file mode 100644
index 0000000..d11b3d0
--- /dev/null
+++ b/src/sp_disable_xxe.c
@@ -0,0 +1,25 @@
+#include "php_snuffleupagus.h"
+
+ZEND_DECLARE_MODULE_GLOBALS(snuffleupagus)
+
+PHP_FUNCTION(sp_libxml_disable_entity_loader) { RETURN_TRUE; }
+
+int hook_libxml_disable_entity_loader() {
+  zval func_name;
+  zval hmac;
+  zval params[1];
+
+  TSRMLS_FETCH();
+
+  /* Call the php function here instead of re-implementing it is a bit
+   * ugly, but we do not want to introduce compile-time dependencies against
+   * libxml. */
+  ZVAL_STRING(&func_name, "libxml_disable_entity_loader");
+  ZVAL_STRING(&params[0], "true");
+  call_user_function(CG(function_table), NULL, &func_name, &hmac, 1, params);
+
+  HOOK_FUNCTION("libxml_disable_entity_loader", sp_internal_functions_hook,
+                PHP_FN(sp_libxml_disable_entity_loader), false);
+
+  return SUCCESS;
+}
-- 
cgit v1.3