From 39929ce509361ee72746a9b971bdc531fbf0b843 Mon Sep 17 00:00:00 2001 From: kkadosh Date: Mon, 19 Mar 2018 16:39:47 +0000 Subject: The filename filter is now matching on callsite instead of implemsite (#167) * Add match on the file where the function is called * Add the test * Constify some params * Fix potentiel null deref * Return more before if execute_data is NULL --- src/sp_disabled_functions.c | 59 ++++++++++++++++++++++++++++++++++++++------- 1 file changed, 50 insertions(+), 9 deletions(-) (limited to 'src/sp_disabled_functions.c') diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c index 0e05f4e..eeee007 100644 --- a/src/sp_disabled_functions.c +++ b/src/sp_disabled_functions.c @@ -213,12 +213,53 @@ static bool is_param_matching(zend_execute_data* execute_data, return false; } +static zend_execute_data* is_file_matching( + zend_execute_data* const execute_data, + sp_disabled_function const* const config_node, + char const* const current_filename) { +#define ITERATE(ex) \ + ex = ex->prev_execute_data; \ + while (ex && (!ex->func || !ZEND_USER_CODE(ex->func->type))) \ + ex = ex->prev_execute_data; \ + if (!ex) return NULL; + + zend_execute_data* ex = execute_data; + if (config_node->filename) { + if (0 == strcmp(current_filename, config_node->filename)) { + return ex; + } + ITERATE(ex); + if (0 == + strcmp(ZSTR_VAL(ex->func->op_array.filename), config_node->filename)) { + return ex; + } + } else if (config_node->r_filename) { + if (true == + sp_is_regexp_matching(config_node->r_filename, current_filename)) { + return ex; + } + ITERATE(ex); + if (true == sp_is_regexp_matching(config_node->r_filename, + ZSTR_VAL(ex->func->op_array.filename))) { + return ex; + } + } + return NULL; +#undef ITERATE +} + bool should_disable(zend_execute_data* execute_data, const char* builtin_name, const char* builtin_param, const char* builtin_param_name) { char current_file_hash[SHA256_SIZE * 2 + 1] = {0}; const sp_list_node* config = get_config_node(builtin_name); char* complete_path_function = NULL; const char* current_filename = NULL; + unsigned int line = 0; + char* filename = NULL; + + if (!execute_data) { + return false; + } if (!config || !config->data) { return false; @@ -269,14 +310,14 @@ bool should_disable(zend_execute_data* execute_data, const char* builtin_name, } } - if (config_node->filename) { /* Check the current file name. */ - if (0 != strcmp(current_filename, config_node->filename)) { - goto next; - } - } else if (config_node->r_filename) { - if (false == - sp_is_regexp_matching(config_node->r_filename, current_filename)) { + if (config_node->filename || config_node->r_filename) { + zend_execute_data* ex = + is_file_matching(execute_data, config_node, current_filename); + if (!ex) { goto next; + } else if (ex != execute_data) { + line = ex->opline->lineno; + filename = ZSTR_VAL(ex->func->op_array.filename); } } @@ -327,10 +368,10 @@ bool should_disable(zend_execute_data* execute_data, const char* builtin_name, if (config_node->functions_list) { sp_log_disable(config_node->function, arg_name, arg_value_str, - config_node); + config_node, line, filename); } else { sp_log_disable(complete_path_function, arg_name, arg_value_str, - config_node); + config_node, line, filename); } if (true == config_node->simulation) { goto next; -- cgit v1.3