From 206ffa3fb3fd72c6a2eb45194fb176535a91288c Mon Sep 17 00:00:00 2001 From: xXx-caillou-xXx Date: Thu, 30 Aug 2018 17:14:08 +0200 Subject: Minor code cleanup --- src/sp_execute.c | 81 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 40 insertions(+), 41 deletions(-) (limited to 'src/sp_execute.c') diff --git a/src/sp_execute.c b/src/sp_execute.c index 5447ea1..60d63ab 100644 --- a/src/sp_execute.c +++ b/src/sp_execute.c @@ -13,14 +13,15 @@ static int (*orig_zend_stream_open)(const char *filename, // FIXME handle symlink ZEND_COLD static inline void terminate_if_writable(const char *filename) { + const sp_config_readonly_exec* config_ro_exec = + SNUFFLEUPAGUS_G(config).config_readonly_exec; + if (0 == access(filename, W_OK)) { - if (SNUFFLEUPAGUS_G(config).config_readonly_exec->dump) { - sp_log_request( - SNUFFLEUPAGUS_G(config).config_readonly_exec->dump, - SNUFFLEUPAGUS_G(config).config_readonly_exec->textual_representation, + if (config_ro_exec->dump) { + sp_log_request(config_ro_exec->dump, config_ro_exec->textual_representation, SP_TOKEN_READONLY_EXEC); } - if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->simulation) { + if (true == config_ro_exec->simulation) { sp_log_msg("readonly_exec", SP_LOG_SIMULATION, "Attempted execution of a writable file (%s).", filename); } else { @@ -57,7 +58,7 @@ inline static void is_builtin_matching( static void ZEND_HOT is_in_eval_and_whitelisted(const zend_execute_data *execute_data) { - sp_config_eval *eval = SNUFFLEUPAGUS_G(config).config_eval; + const sp_config_eval *config_eval = SNUFFLEUPAGUS_G(config).config_eval; if (EXPECTED(0 == SNUFFLEUPAGUS_G(in_eval))) { return; @@ -79,13 +80,11 @@ is_in_eval_and_whitelisted(const zend_execute_data *execute_data) { if (EXPECTED(NULL != current_function)) { if (UNEXPECTED(false == check_is_in_eval_whitelist(current_function))) { - if (eval->dump) { - sp_log_request( - SNUFFLEUPAGUS_G(config).config_eval->dump, - SNUFFLEUPAGUS_G(config).config_eval->textual_representation, + if (config_eval->dump) { + sp_log_request(config_eval->dump, config_eval->textual_representation, SP_TOKEN_EVAL_WHITELIST); } - if (eval->simulation) { + if (config_eval->simulation) { sp_log_msg( "Eval_whitelist", SP_LOG_SIMULATION, "The function '%s' isn't in the eval whitelist, logging its call.", @@ -124,17 +123,19 @@ zend_string *get_eval_filename(const char *const filename) { static void sp_execute_ex(zend_execute_data *execute_data) { is_in_eval_and_whitelisted(execute_data); + const HashTable* config_disabled_functions = + SNUFFLEUPAGUS_G(config).config_disabled_functions; if (!execute_data) { return; } if (UNEXPECTED(EX(func)->op_array.type == ZEND_EVAL_CODE)) { - const sp_list_node *config = zend_hash_str_find_ptr( - SNUFFLEUPAGUS_G(config).config_disabled_functions, "eval", 4); + const sp_list_node * config = zend_hash_str_find_ptr( + config_disabled_functions, "eval", sizeof("eval") - 1); + zend_string *filename = get_eval_filename(zend_get_executed_filename()); - is_builtin_matching(filename, "eval", NULL, config, - SNUFFLEUPAGUS_G(config).config_disabled_functions); + is_builtin_matching(filename, "eval", NULL, config, config_disabled_functions); zend_string_release(filename); SNUFFLEUPAGUS_G(in_eval)++; @@ -152,6 +153,9 @@ static void sp_execute_ex(zend_execute_data *execute_data) { if (SNUFFLEUPAGUS_G(config).hook_execute) { char *function_name = get_complete_function_path(execute_data); zval ret_val; + const sp_list_node* config_disabled_functions_reg = + SNUFFLEUPAGUS_G(config).config_disabled_functions_reg + ->disabled_functions; if (!function_name) { orig_execute_ex(execute_data); @@ -163,11 +167,9 @@ static void sp_execute_ex(zend_execute_data *execute_data) { !ZEND_USER_CODE(execute_data->prev_execute_data->func->type) || !execute_data->prev_execute_data->opline) { if (UNEXPECTED(true == - should_disable_ht( - execute_data, function_name, NULL, NULL, - SNUFFLEUPAGUS_G(config) - .config_disabled_functions_reg->disabled_functions, - SNUFFLEUPAGUS_G(config).config_disabled_functions))) { + should_disable_ht(execute_data, function_name, NULL, NULL, + config_disabled_functions_reg, + config_disabled_functions))) { sp_terminate(); } } else if ((execute_data->prev_execute_data->opline->opcode == @@ -177,11 +179,9 @@ static void sp_execute_ex(zend_execute_data *execute_data) { execute_data->prev_execute_data->opline->opcode == ZEND_DO_FCALL_BY_NAME)) { if (UNEXPECTED(true == - should_disable_ht( - execute_data, function_name, NULL, NULL, - SNUFFLEUPAGUS_G(config) - .config_disabled_functions_reg->disabled_functions, - SNUFFLEUPAGUS_G(config).config_disabled_functions))) { + should_disable_ht(execute_data, function_name, NULL, NULL, + config_disabled_functions_reg, + config_disabled_functions))) { sp_terminate(); } } @@ -235,6 +235,9 @@ static int sp_stream_open(const char *filename, zend_file_handle *handle) { } zend_string *zend_filename = zend_string_init(filename, strlen(filename), 0); + const HashTable* disabled_functions_hooked = + SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked; + switch (data->opline->opcode) { case ZEND_INCLUDE_OR_EVAL: if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) { @@ -244,34 +247,30 @@ static int sp_stream_open(const char *filename, zend_file_handle *handle) { case ZEND_INCLUDE: is_builtin_matching( zend_filename, "include", "inclusion path", - zend_hash_str_find_ptr( - SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked, - "include", 7), - SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked); + zend_hash_str_find_ptr(disabled_functions_hooked, + "include", sizeof("include") - 1), + disabled_functions_hooked); break; case ZEND_REQUIRE: is_builtin_matching( zend_filename, "require", "inclusion path", - zend_hash_str_find_ptr( - SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked, - "require", 7), - SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked); + zend_hash_str_find_ptr(disabled_functions_hooked, + "require", sizeof("require") - 1), + disabled_functions_hooked); break; case ZEND_REQUIRE_ONCE: is_builtin_matching( zend_filename, "require_once", "inclusion path", - zend_hash_str_find_ptr( - SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked, - "require_once", 12), - SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked); + zend_hash_str_find_ptr(disabled_functions_hooked, + "require_once", sizeof("require_once") - 1), + disabled_functions_hooked); break; case ZEND_INCLUDE_ONCE: is_builtin_matching( zend_filename, "include_once", "inclusion path", - zend_hash_str_find_ptr( - SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked, - "include_once", 12), - SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked); + zend_hash_str_find_ptr(disabled_functions_hooked, + "include_once", sizeof("include_once") - 1), + disabled_functions_hooked); break; EMPTY_SWITCH_DEFAULT_CASE(); } -- cgit v1.3