From 78e451eaf99e8f239867def2d8220dfa348cc167 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Tue, 31 Jan 2023 20:16:21 +0100 Subject: Add sp.log_max_len --- src/php_snuffleupagus.h | 1 + src/snuffleupagus.c | 2 ++ src/sp_config.c | 1 + src/sp_config.h | 1 + src/sp_config_keywords.c | 1 + src/sp_utils.c | 4 ++-- src/tests/config/phplog_max_len.ini | 2 ++ src/tests/phplog_max_len.phpt | 14 ++++++++++++++ 8 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 src/tests/config/phplog_max_len.ini create mode 100644 src/tests/phplog_max_len.phpt (limited to 'src') diff --git a/src/php_snuffleupagus.h b/src/php_snuffleupagus.h index 7af4da2..229c1b9 100644 --- a/src/php_snuffleupagus.h +++ b/src/php_snuffleupagus.h @@ -131,6 +131,7 @@ sp_config_wrapper config_wrapper; sp_config_session config_session; sp_config_ini config_ini; char config_log_media; +int config_log_max_len; u_long config_max_execution_depth; bool config_server_encode; bool config_server_strip; diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index 8454fc1..c957cf6 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c @@ -89,6 +89,7 @@ static PHP_GINIT_FUNCTION(snuffleupagus) { sp_load_other_modules(); snuffleupagus_globals->is_config_valid = SP_CONFIG_NONE; snuffleupagus_globals->in_eval = 0; + snuffleupagus_globals->config_log_max_len = 255; #define SP_INIT_HT(F) \ snuffleupagus_globals->F = pemalloc(sizeof(*(snuffleupagus_globals->F)), 1); \ @@ -355,6 +356,7 @@ static void dump_config() { add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_ENCRYPTION_KEY, SPCFG(encryption_key) && ZSTR_LEN(SPCFG(encryption_key))); ADD_ASSOC_ZSTR(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_ENV_VAR, SPCFG(cookies_env_var)); add_assoc_long(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_LOG_MEDIA, SPCFG(log_media)); + add_assoc_long(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_LOG_MAX_LEN, SPCFG(log_max_len)); add_assoc_long(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_MAX_EXECUTION_DEPTH, SPCFG(max_execution_depth)); add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_SERVER_ENCODE, SPCFG(server_encode)); add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_SERVER_STRIP, SPCFG(server_strip)); diff --git a/src/sp_config.c b/src/sp_config.c index 8bd238a..5db511e 100644 --- a/src/sp_config.c +++ b/src/sp_config.c @@ -11,6 +11,7 @@ static zend_result sp_process_config_root(sp_parsed_keyword *parsed_rule) { {parse_unserialize_noclass, SP_TOKEN_UNSERIALIZE_NOCLASS, &(SPCFG(unserialize_noclass))}, {parse_enable, SP_TOKEN_HARDEN_RANDOM, &(SPCFG(random).enable)}, {parse_log_media, SP_TOKEN_LOG_MEDIA, &(SPCFG(log_media))}, + {parse_ulong, SP_TOKEN_LOG_MAX_LEN, &(SPCFG(log_max_len))}, {parse_disabled_functions, SP_TOKEN_DISABLE_FUNC, NULL}, {parse_readonly_exec, SP_TOKEN_READONLY_EXEC, &(SPCFG(readonly_exec))}, {parse_enable, SP_TOKEN_GLOBAL_STRICT, &(SPCFG(global_strict).enable)}, diff --git a/src/sp_config.h b/src/sp_config.h index cddf816..f957d15 100644 --- a/src/sp_config.h +++ b/src/sp_config.h @@ -264,6 +264,7 @@ typedef struct { #define SP_TOKEN_ENCRYPTION_KEY "secret_key" #define SP_TOKEN_ENV_VAR "cookie_env_var" #define SP_TOKEN_LOG_MEDIA "log_media" +#define SP_TOKEN_LOG_MAX_LEN "log_max_len" #define SP_TOKEN_MAX_EXECUTION_DEPTH "max_execution_depth" #define SP_TOKEN_SERVER_ENCODE "server_encode" #define SP_TOKEN_SERVER_STRIP "server_strip" diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c index ff834dd..e7ff3e6 100644 --- a/src/sp_config_keywords.c +++ b/src/sp_config_keywords.c @@ -144,6 +144,7 @@ SP_PARSE_FN(parse_global) { {parse_str, SP_TOKEN_ENCRYPTION_KEY, &(SPCFG(encryption_key))}, {parse_str, SP_TOKEN_ENV_VAR, &(SPCFG(cookies_env_var))}, {parse_log_media, SP_TOKEN_LOG_MEDIA, &(SPCFG(log_media))}, + {parse_ulong, SP_TOKEN_LOG_MAX_LEN, &(SPCFG(log_max_len))}, {parse_ulong, SP_TOKEN_MAX_EXECUTION_DEPTH, &(SPCFG(max_execution_depth))}, {parse_enable, SP_TOKEN_SERVER_ENCODE, &(SPCFG(server_encode))}, {parse_enable, SP_TOKEN_SERVER_STRIP, &(SPCFG(server_strip))}, diff --git a/src/sp_utils.c b/src/sp_utils.c index 3107f77..0fae9ba 100644 --- a/src/sp_utils.c +++ b/src/sp_utils.c @@ -300,7 +300,7 @@ void sp_log_disable(const char* restrict path, const char* restrict arg_name, char* char_repr = NULL; if (arg_value) { char_repr = zend_string_to_char(arg_value); - sp_sanitize_charstring(char_repr, 255); + sp_sanitize_charstring(char_repr, SPCFG(log_max_len)); } if (alias) { sp_log_auto( @@ -341,7 +341,7 @@ void sp_log_disable_ret(const char* restrict path, } if (ret_value) { char_repr = zend_string_to_char(ret_value); - sp_sanitize_charstring(char_repr, 255); + sp_sanitize_charstring(char_repr, SPCFG(log_max_len)); } if (alias) { sp_log_auto( diff --git a/src/tests/config/phplog_max_len.ini b/src/tests/config/phplog_max_len.ini new file mode 100644 index 0000000..3465d17 --- /dev/null +++ b/src/tests/config/phplog_max_len.ini @@ -0,0 +1,2 @@ +sp.disable_function.function("ini_set").param("option").value("1234567890abcdefghijklmnopqrstuvwxyz").drop(); +sp.log_max_len("16"); diff --git a/src/tests/phplog_max_len.phpt b/src/tests/phplog_max_len.phpt new file mode 100644 index 0000000..6294f4e --- /dev/null +++ b/src/tests/phplog_max_len.phpt @@ -0,0 +1,14 @@ +--TEST-- +Check the phplog output with a log_max_len +--SKIPIF-- + + +--INI-- +sp.configuration_file={PWD}/config/phplog_max_len.ini +--FILE-- + +--EXPECTF-- +Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'ini_set', because its argument '$option' content (1234567890abcdef) matched a rule in %s/tests/phplog_max_len.php on line 2 + -- cgit v1.3