From 89432f57aa9769d2efd5b8934241d10b005afd1a Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Thu, 28 Dec 2017 11:27:06 +0100
Subject: Implement hooking on user-defined functions return values

This should close #99, thanks to @blotus for the implementation idea!
---
 src/sp_disabled_functions.c                       | 2 +-
 src/sp_disabled_functions.h                       | 1 +
 src/sp_execute.c                                  | 4 ++++
 src/tests/disabled_functions_ret_type_object.phpt | 3 +--
 4 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c
index 18545c0..9736d2b 100644
--- a/src/sp_disabled_functions.c
+++ b/src/sp_disabled_functions.c
@@ -339,7 +339,7 @@ allow:
   return false;
 }
 
-static bool should_drop_on_ret(zval* return_value,
+bool should_drop_on_ret(zval* return_value,
                                const zend_execute_data* const execute_data) {
   const sp_list_node* config =
       SNUFFLEUPAGUS_G(config).config_disabled_functions_ret->disabled_functions;
diff --git a/src/sp_disabled_functions.h b/src/sp_disabled_functions.h
index e9180c9..e43afe8 100644
--- a/src/sp_disabled_functions.h
+++ b/src/sp_disabled_functions.h
@@ -3,5 +3,6 @@
 
 int hook_disabled_functions();
 bool should_disable(zend_execute_data*, const char *, const char *, const char *);
+bool should_drop_on_ret(zval*, const zend_execute_data* const);
 
 #endif /* __SP_DISABLE_FUNCTIONS_H */
diff --git a/src/sp_execute.c b/src/sp_execute.c
index 2a62fd8..a541bfb 100644
--- a/src/sp_execute.c
+++ b/src/sp_execute.c
@@ -78,6 +78,10 @@ static void sp_execute_ex(zend_execute_data *execute_data) {
   }
 
   orig_execute_ex(execute_data);
+
+  if (true == should_drop_on_ret(execute_data->return_value, execute_data)) {
+    sp_terminate();
+  }
 }
 
 static int sp_stream_open(const char *filename, zend_file_handle *handle) {
diff --git a/src/tests/disabled_functions_ret_type_object.phpt b/src/tests/disabled_functions_ret_type_object.phpt
index 66f298c..eb07cc3 100644
--- a/src/tests/disabled_functions_ret_type_object.phpt
+++ b/src/tests/disabled_functions_ret_type_object.phpt
@@ -4,8 +4,6 @@ Disable functions check on `ret` by type matching (object).
 <?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/disabled_functions_ret_type_object.ini
---XFAIL--
-We're not implementing hooking on retval of user functions yet
 --FILE--
 <?php 
 function a(){
@@ -15,3 +13,4 @@ $var = a();
 echo "fail";
 ?>
 --EXPECTF--
+[snuffleupagus][0.0.0.0][disabled_function][drop] The execution has been aborted in %a/tests/disabled_functions_ret_type_object.php:5, because the return value (OBJECT) of the function 'a' matched a rule.
-- 
cgit v1.3