File php5-suhosin-php55.patch of Package php5
https://github.com/NewEraCracker/suhosin-patches/blob/master/patches/ext/suhosin.diff
diff -uNr ext/suhosin/ex_imp.c ext/suhosin/ex_imp.c
--- ext/suhosin/ex_imp.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/ex_imp.c Sat Apr 6 16:14:59 2013
@@ -727,7 +727,7 @@
/* {{{ suhosin_ex_imp_functions[]
*/
-function_entry suhosin_ex_imp_functions[] = {
+zend_function_entry suhosin_ex_imp_functions[] = {
PHP_NAMED_FE(extract, PHP_FN(suhosin_extract), suhosin_arginfo_extract)
PHP_NAMED_FE(import_request_variables, PHP_FN(suhosin_import_request_variables), suhosin_arginfo_import_request_variables)
{NULL, NULL, NULL}
diff -uNr ext/suhosin/execute.c ext/suhosin/execute.c
--- ext/suhosin/execute.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/execute.c Sat Apr 6 16:14:59 2013
@@ -35,21 +35,27 @@
#include "zend_compile.h"
#include "zend_llist.h"
#include "SAPI.h"
+#include "main/php_version.h"
#include "sha256.h"
-
+#if PHP_MAJOR_VERSION < 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 5)
+#define IH_EXECUTE_INTERNAL_PARAMS zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC
+#define IH_EXECUTE_INTERNAL_PARAM_PASSTHRU execute_data_ptr, return_value_used TSRMLS_CC
static void (*old_execute)(zend_op_array *op_array TSRMLS_DC);
static void suhosin_execute(zend_op_array *op_array TSRMLS_DC);
static void (*old_execute_ZO)(zend_op_array *op_array, long dummy TSRMLS_DC);
static void suhosin_execute_ZO(zend_op_array *op_array, long dummy TSRMLS_DC);
static void *(*zo_set_oe_ex)(void *ptr) = NULL;
+#else
+#define IH_EXECUTE_INTERNAL_PARAMS zend_execute_data *execute_data_ptr, zend_fcall_info *fci, int return_value_used TSRMLS_DC
+#define IH_EXECUTE_INTERNAL_PARAM_PASSTHRU execute_data_ptr, fci, return_value_used TSRMLS_CC
+static void (*old_execute_ex)(zend_execute_data *execute_data_ptr TSRMLS_DC);
+static void suhosin_execute_ex(zend_execute_data *execute_data_ptr TSRMLS_DC);
+#endif
-/*STATIC zend_op_array* (*old_compile_file)(zend_file_handle* file_handle, int type TSRMLS_DC);
- STATIC zend_op_array* suhosin_compile_file(zend_file_handle*, int TSRMLS_DC);*/
-
-static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC);
-static void (*old_execute_internal)(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC);
+static void (*old_execute_internal)(IH_EXECUTE_INTERNAL_PARAMS);
+static void suhosin_execute_internal(IH_EXECUTE_INTERNAL_PARAMS);
extern zend_extension suhosin_zend_extension_entry;
@@ -152,7 +158,7 @@
t = h = (h == NULL) ? h2 : ( (h2 == NULL) ? h : ( (h < h2) ? h : h2 ) );
if (h == NULL) break;
- while (t > s && (isalnum(t[-1]) || t[-1]=='_')) {
+ while (t > s && (isalnum(t[-1]) || t[-1]=='_' || t[-1]=='.')) {
t--;
}
@@ -195,7 +201,7 @@
t = h = (h == NULL) ? h2 : ( (h2 == NULL) ? h : ( (h < h2) ? h : h2 ) );
if (h == NULL) break;
- while (t > s && (isalnum(t[-1]) || t[-1]=='_')) {
+ while (t > s && (isalnum(t[-1]) || t[-1]=='_' || t[-1]=='.')) {
t--;
}
@@ -353,10 +359,16 @@
return SUHOSIN_CODE_TYPE_UNKNOWN;
}
-/* {{{ void suhosin_execute_ex(zend_op_array *op_array TSRMLS_DC)
+/* {{{ void suhosin_execute_ex
* This function provides a hook for execution */
+#if PHP_MAJOR_VERSION < 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 5)
static void suhosin_execute_ex(zend_op_array *op_array, int zo, long dummy TSRMLS_DC)
{
+#else
+static void suhosin_execute_ex(zend_execute_data *execute_data_ptr TSRMLS_DC)
+{
+ zend_op_array *op_array = execute_data_ptr->op_array;
+#endif
zend_op_array *new_op_array;
int op_array_type, len;
char *fn;
@@ -579,17 +591,22 @@
}
continue_execution:
+#if PHP_MAJOR_VERSION < 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 5)
if (zo) {
old_execute_ZO (op_array, dummy TSRMLS_CC);
} else {
old_execute (op_array TSRMLS_CC);
}
+#else
+ old_execute_ex(execute_data_ptr TSRMLS_CC);
+#endif
/* nothing to do */
SUHOSIN_G(in_code_type) = orig_code_type;
SUHOSIN_G(execution_depth)--;
}
/* }}} */
+#if PHP_MAJOR_VERSION < 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 5)
/* {{{ void suhosin_execute(zend_op_array *op_array TSRMLS_DC)
* This function provides a hook for execution */
static void suhosin_execute(zend_op_array *op_array TSRMLS_DC)
@@ -604,11 +621,22 @@
suhosin_execute_ex(op_array, 1, dummy TSRMLS_CC);
}
/* }}} */
+#endif
-
+#if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 4)
+#define IH_HANDLER_PARAMS_REST int ht, zval *return_value, zval **return_value_ptr, zval *this_ptr, int return_value_used TSRMLS_DC
+#define IH_HANDLER_PARAMS internal_function_handler *ih, IH_HANDLER_PARAMS_REST
+#define IH_HANDLER_PARAM_PASSTHRU ih, ht, *return_value_ptr, \
+ (execute_data_ptr->function_state.function->common.fn_flags & ZEND_ACC_RETURN_REFERENCE)?return_value_ptr:NULL, \
+ execute_data_ptr->object, return_value_used TSRMLS_CC
+#if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 5)
+#define IH_HANDLER_PARAM_FCI_PASSTHRU ih, fci->param_count, *fci->retval_ptr_ptr, fci->retval_ptr_ptr, fci->object_ptr, 1 TSRMLS_CC
+#endif
+#else
#define IH_HANDLER_PARAMS_REST zend_execute_data *execute_data_ptr, int return_value_used, int ht, zval *return_value TSRMLS_DC
#define IH_HANDLER_PARAMS internal_function_handler *ih, IH_HANDLER_PARAMS_REST
#define IH_HANDLER_PARAM_PASSTHRU ih, execute_data_ptr, return_value_used, ht, return_value TSRMLS_CC
+#endif
HashTable ihandler_table;
@@ -626,12 +654,20 @@
{
zval **regex,
**replace,
- **subject,
- **limit;
+ **subject;
+#ifndef PHP_ATLEAST_5_3
+ zval **limit;
if (ZEND_NUM_ARGS() < 3 || zend_get_parameters_ex(3, ®ex, &replace, &subject, &limit) == FAILURE) {
return (0);
}
+#else
+ long limit = -1;
+ zval **zcount = NULL;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ZZZ|lZ", ®ex, &replace, &subject, &limit, &zcount) == FAILURE) {
+ return (1);
+ }
+#endif
if (Z_TYPE_PP(regex) == IS_ARRAY) {
zval **regex_entry;
@@ -1022,6 +1058,7 @@
return (0);
}
+#if PHP_MAJOR_VERSION < 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 4)
static int suhosin_php_body_write(const char *str, uint str_length TSRMLS_DC)
{
#define P_META_ROBOTS "<meta name=\"ROBOTS\" content=\"NOINDEX,NOFOLLOW,NOARCHIVE\" />"
@@ -1065,6 +1102,7 @@
RETVAL_TRUE;
return (1);
}
+#endif
static int ih_function_exists(IH_HANDLER_PARAMS)
@@ -1072,35 +1110,34 @@
#ifndef PHP_ATLEAST_5_3
zval **function_name;
#endif
+ char *name;
+ int name_len;
zend_function *func;
char *lcname;
zend_bool retval;
- int func_name_len;
#ifndef PHP_ATLEAST_5_3
if (ZEND_NUM_ARGS()!=1 || zend_get_parameters_ex(1, &function_name)==FAILURE) {
ZEND_WRONG_PARAM_COUNT_WITH_RETVAL(1);
}
convert_to_string_ex(function_name);
- func_name_len = Z_STRLEN_PP(function_name);
- lcname = estrndup(Z_STRVAL_PP(function_name), func_name_len);
- zend_str_tolower(lcname, func_name_len);
+ name = Z_STRVAL_PP(function_name);
+ name_len = Z_STRLEN_PP(function_name);
#else
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &lcname, &func_name_len) == FAILURE) {
- return;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &name, &name_len) == FAILURE) {
+ return (1);
}
+#endif
+ lcname = zend_str_tolower_dup(name, name_len);
/* Ignore leading "\" */
- if (lcname[0] == '\\') {
- lcname = &lcname[1];
- func_name_len--;
+ name = lcname;
+ if (name_len > 0 && lcname[0] == '\\') {
+ name = &lcname[1];
+ name_len--;
}
- lcname = zend_str_tolower_dup(lcname, func_name_len);
-#endif
- retval = (zend_hash_find(EG(function_table), lcname, func_name_len+1, (void **)&func) == SUCCESS);
-
- efree(lcname);
+ retval = (zend_hash_find(EG(function_table), name, name_len+1, (void **)&func) == SUCCESS);
/*
* A bit of a hack, but not a bad one: we see if the handler of the function
@@ -1114,26 +1151,28 @@
/* Now check if function is forbidden by Suhosin */
if (SUHOSIN_G(in_code_type) == SUHOSIN_EVAL) {
if (SUHOSIN_G(eval_whitelist) != NULL) {
- if (!zend_hash_exists(SUHOSIN_G(eval_whitelist), lcname, func_name_len+1)) {
+ if (!zend_hash_exists(SUHOSIN_G(eval_whitelist), name, name_len+1)) {
retval = 0;
}
} else if (SUHOSIN_G(eval_blacklist) != NULL) {
- if (zend_hash_exists(SUHOSIN_G(eval_blacklist), lcname, func_name_len+1)) {
+ if (zend_hash_exists(SUHOSIN_G(eval_blacklist), name, name_len+1)) {
retval = 0;
}
}
}
if (SUHOSIN_G(func_whitelist) != NULL) {
- if (!zend_hash_exists(SUHOSIN_G(func_whitelist), lcname, func_name_len+1)) {
+ if (!zend_hash_exists(SUHOSIN_G(func_whitelist), name, name_len+1)) {
retval = 0;
}
} else if (SUHOSIN_G(func_blacklist) != NULL) {
- if (zend_hash_exists(SUHOSIN_G(func_blacklist), lcname, func_name_len+1)) {
+ if (zend_hash_exists(SUHOSIN_G(func_blacklist), name, name_len+1)) {
retval = 0;
}
}
+ efree(lcname);
+
RETVAL_BOOL(retval);
return (1);
}
@@ -1344,7 +1383,7 @@
suhosin_SHA256Init(&context);
suhosin_SHA256Update(&context, (void *) seedbuf, sizeof(php_uint32) * 8);
- suhosin_SHA256Final(seedbuf, &context);
+ suhosin_SHA256Final((void *)seedbuf, &context);
}
/* }}} */
@@ -1501,7 +1540,7 @@
{
#ifdef PHP_ATLEAST_5_3
if (zend_parse_parameters_none() == FAILURE) {
- return;
+ return (1);
}
#else
int argc = ZEND_NUM_ARGS();
@@ -1518,7 +1557,10 @@
{ "preg_replace", ih_preg_replace, NULL, NULL, NULL },
{ "mail", ih_mail, NULL, NULL, NULL },
{ "symlink", ih_symlink, NULL, NULL, NULL },
+
+#if PHP_MAJOR_VERSION < 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 4)
{ "phpinfo", ih_phpinfo, NULL, NULL, NULL },
+#endif
{ "srand", ih_srand, NULL, NULL, NULL },
{ "mt_srand", ih_mt_srand, NULL, NULL, NULL },
@@ -1575,13 +1617,19 @@
#define FUNCTION_WARNING() zend_error(E_WARNING, "%s() has been disabled for security reasons", get_active_function_name(TSRMLS_C));
#define FUNCTION_SIMULATE_WARNING() zend_error(E_WARNING, "SIMULATION - %s() has been disabled for security reasons", get_active_function_name(TSRMLS_C));
-/* {{{ void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC)
+/* {{{ void suhosin_execute_internal
* This function provides a hook for internal execution */
-static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC)
+static void suhosin_execute_internal(IH_EXECUTE_INTERNAL_PARAMS)
{
char *lcname;
int function_name_strlen, free_lcname = 0;
+
+#if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 4)
+ zval **return_value_ptr;
+#else
zval *return_value;
+#endif
+
zend_class_entry *ce = NULL;
int ht;
internal_function_handler *ih;
@@ -1605,13 +1653,6 @@
zend_str_tolower(lcname, function_name_strlen);
}
-#ifdef ZEND_ENGINE_2
- return_value = (*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->result.u.var)).var.ptr;
-#else
- return_value = execute_data_ptr->Ts[execute_data_ptr->opline->result.u.var].var.ptr;
-#endif
- ht = execute_data_ptr->opline->extended_value;
-
SDEBUG("function: %s", lcname);
if (SUHOSIN_G(in_code_type) == SUHOSIN_EVAL) {
@@ -1663,14 +1704,30 @@
void *handler = ((zend_internal_function *) execute_data_ptr->function_state.function)->handler;
if (handler != ZEND_FN(display_disabled_function)) {
+#if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 5)
+ if(fci != NULL) {
+ retval = ih->handler(IH_HANDLER_PARAM_FCI_PASSTHRU);
+ } else {
+ return_value_ptr = &EX_TMP_VAR(execute_data_ptr, execute_data_ptr->opline->result.var)->var.ptr;
+#elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION == 4)
+ return_value_ptr = &(*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->result.var)).var.ptr;
+#elif (PHP_MAJOR_VERSION == 5)
+ return_value = (*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->result.u.var)).var.ptr;
+#else
+ return_value = execute_data_ptr->Ts[execute_data_ptr->opline->result.u.var].var.ptr;
+#endif
+ ht = execute_data_ptr->opline->extended_value;
retval = ih->handler(IH_HANDLER_PARAM_PASSTHRU);
+#if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 5)
+ }
+#endif
}
if (retval == 0) {
- old_execute_internal(execute_data_ptr, return_value_used TSRMLS_CC);
+ old_execute_internal(IH_EXECUTE_INTERNAL_PARAM_PASSTHRU);
}
} else {
- old_execute_internal(execute_data_ptr, return_value_used TSRMLS_CC);
+ old_execute_internal(IH_EXECUTE_INTERNAL_PARAM_PASSTHRU);
}
if (free_lcname == 1) {
efree(lcname);
@@ -1686,6 +1743,7 @@
/* }}} */
+#if PHP_MAJOR_VERSION < 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 5)
/* {{{ int function_lookup(zend_extension *extension)
*/
static int function_lookup(zend_extension *extension)
@@ -1703,6 +1761,7 @@
return 0;
}
/* }}} */
+#endif
/* {{{ void suhosin_hook_execute()
@@ -1711,6 +1770,7 @@
{
internal_function_handler *ih;
+#if PHP_MAJOR_VERSION < 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 5)
old_execute = zend_execute;
zend_execute = suhosin_execute;
@@ -1727,6 +1787,10 @@
if (zo_set_oe_ex != NULL) {
old_execute_ZO = zo_set_oe_ex(suhosin_execute_ZO);
}
+#else
+ old_execute_ex = zend_execute_ex;
+ zend_execute_ex = suhosin_execute_ex;
+#endif
old_execute_internal = zend_execute_internal;
if (old_execute_internal == NULL) {
@@ -1761,11 +1825,15 @@
*/
void suhosin_unhook_execute()
{
+#if PHP_MAJOR_VERSION < 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 5)
if (zo_set_oe_ex) {
zo_set_oe_ex(old_execute_ZO);
}
zend_execute = old_execute;
+#else
+ zend_execute_ex = old_execute_ex;
+#endif
/* zend_compile_file = old_compile_file; */
diff -uNr ext/suhosin/ifilter.c ext/suhosin/ifilter.c
--- ext/suhosin/ifilter.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/ifilter.c Sat Apr 6 16:14:59 2013
@@ -146,7 +146,7 @@
if (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS &&
Z_TYPE_PP(tzval) == IS_STRING) {
- s = t = Z_STRVAL_PP(tzval);
+ s = t = (unsigned char *)Z_STRVAL_PP(tzval);
for (; *t; t++) {
if (suhosin_is_dangerous_char[*t]) {
*t = '?';
@@ -168,7 +168,7 @@
if (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS &&
Z_TYPE_PP(tzval) == IS_STRING) {
- temp = Z_STRVAL_PP(tzval);
+ temp = (unsigned char *)Z_STRVAL_PP(tzval);
t = temp;
for (t = temp; *t; t++) {
@@ -195,7 +195,7 @@
}
*n = 0;
- Z_STRVAL_PP(tzval) = newv;
+ Z_STRVAL_PP(tzval) = (char *)newv;
Z_STRLEN_PP(tzval) = n-newv;
}
}
diff -uNr ext/suhosin/log.c ext/suhosin/log.c
--- ext/suhosin/log.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/log.c Sat Apr 6 16:14:59 2013
@@ -31,11 +31,18 @@
#include "SAPI.h"
#include "ext/standard/datetime.h"
#include "ext/standard/flock_compat.h"
+#include "main/php_version.h"
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#elif defined(PHP_WIN32)
+#include "win32/time.h"
+#endif
+
#if defined(PHP_WIN32) || defined(__riscos__) || defined(NETWARE)
#undef AF_UNIX
#endif
@@ -261,7 +268,11 @@
/* SAPI Logging activated? */
SDEBUG("(suhosin_log) log_syslog: %u - log_sapi: %u - log_script: %u - log_phpscript: %u", SUHOSIN_G(log_syslog), SUHOSIN_G(log_sapi), SUHOSIN_G(log_script), SUHOSIN_G(log_phpscript));
if (((SUHOSIN_G(log_sapi)|S_INTERNAL) & loglevel)!=0) {
+#if PHP_VERSION_ID < 50400
sapi_module.log_message(buf);
+#else
+ sapi_module.log_message(buf TSRMLS_CC);
+#endif
}
/*log_script:*/
@@ -317,7 +328,9 @@
zval *result = NULL;
long orig_execution_depth = SUHOSIN_G(execution_depth);
+#if PHP_VERSION_ID < 50400
zend_bool orig_safe_mode = PG(safe_mode);
+#endif
char *orig_basedir = PG(open_basedir);
char *phpscript = SUHOSIN_G(log_phpscriptname);
@@ -354,14 +367,18 @@
SUHOSIN_G(execution_depth) = 0;
if (SUHOSIN_G(log_phpscript_is_safe)) {
+#if PHP_VERSION_ID < 50400
PG(safe_mode) = 0;
+#endif
PG(open_basedir) = NULL;
}
zend_execute(new_op_array TSRMLS_CC);
SUHOSIN_G(execution_depth) = orig_execution_depth;
+#if PHP_VERSION_ID < 50400
PG(safe_mode) = orig_safe_mode;
+#endif
PG(open_basedir) = orig_basedir;
#ifdef ZEND_ENGINE_2
diff -uNr ext/suhosin/php_suhosin.h ext/suhosin/php_suhosin.h
--- ext/suhosin/php_suhosin.h Thu Jan 19 15:49:18 2012
+++ ext/suhosin/php_suhosin.h Sat Apr 6 16:14:59 2013
@@ -186,6 +186,7 @@
int (*old_php_body_write)(const char *str, unsigned int str_length TSRMLS_DC);
/* session */
+ void *old_s_module;
void *s_module;
int (*old_s_read)(void **mod_data, const char *key, char **val, int *vallen TSRMLS_DC);
int (*old_s_write)(void **mod_data, const char *key, const char *val, const int vallen TSRMLS_DC);
@@ -308,7 +309,7 @@
char *suhosin_cookie_decryptor(TSRMLS_D);
char *suhosin_getenv(char *name, size_t name_len TSRMLS_DC);
void suhosin_hook_post_handlers(TSRMLS_D);
-void suhosin_unhook_post_handlers();
+void suhosin_unhook_post_handlers(TSRMLS_D);
void suhosin_hook_register_server_variables();
void suhosin_hook_header_handler();
void suhosin_unhook_header_handler();
diff -uNr ext/suhosin/post_handler.c ext/suhosin/post_handler.c
--- ext/suhosin/post_handler.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/post_handler.c Sat Apr 6 16:14:59 2013
@@ -148,10 +148,10 @@
/* we need to tell suhosin patch that there is a new valid destructor */
/* therefore we have create HashTable that has this destructor */
- zend_hash_init(&tempht, 0, NULL, suhosin_post_handler_modification, 0);
+ zend_hash_init(&tempht, 0, NULL, (dtor_func_t)suhosin_post_handler_modification, 0);
zend_hash_destroy(&tempht);
/* And now we can overwrite the destructor for post entries */
- SG(known_post_content_types).pDestructor = suhosin_post_handler_modification;
+ SG(known_post_content_types).pDestructor = (dtor_func_t)suhosin_post_handler_modification;
/* we have to stop mbstring from replacing our post handler */
if (zend_hash_find(EG(ini_directives), "mbstring.encoding_translation", sizeof("mbstring.encoding_translation"), (void **) &ini_entry) == FAILURE) {
@@ -162,7 +162,7 @@
ini_entry->on_modify = suhosin_OnUpdate_mbstring_encoding_translation;
}
-void suhosin_unhook_post_handlers()
+void suhosin_unhook_post_handlers(TSRMLS_D)
{
zend_ini_entry *ini_entry;
@@ -186,5 +186,3 @@
* vim600: noet sw=4 ts=4 fdm=marker
* vim<600: noet sw=4 ts=4
*/
-
-
diff -uNr ext/suhosin/rfc1867.c ext/suhosin/rfc1867.c
--- ext/suhosin/rfc1867.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/rfc1867.c Sat Apr 6 16:14:59 2013
@@ -35,6 +35,7 @@
#include "suhosin_rfc1867.h"
#include "php_ini.h"
#include "ext/standard/php_string.h"
+#include "main/php_version.h"
#define DEBUG_FILE_UPLOAD ZEND_DEBUG
@@ -244,21 +245,29 @@
static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC)
{
+#if PHP_VERSION_ID < 50400
int register_globals = PG(register_globals);
PG(register_globals) = 0;
+#endif
safe_php_register_variable(strvar, val, http_post_files, override_protection TSRMLS_CC);
+#if PHP_VERSION_ID < 50400
PG(register_globals) = register_globals;
+#endif
}
static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC)
{
+#if PHP_VERSION_ID < 50400
int register_globals = PG(register_globals);
PG(register_globals) = 0;
+#endif
safe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC);
+#if PHP_VERSION_ID < 50400
PG(register_globals) = register_globals;
+#endif
}
/*
@@ -1224,7 +1233,7 @@
if ((tmp = strrchr(filename, '/')) > s) {
s = tmp;
}
-#ifdef PHP_WIN32
+#if defined(PHP_WIN32) && (PHP_VERSION_ID < 50400)
if (PG(magic_quotes_gpc)) {
s = s ? s : filename;
tmp = strrchr(s, '\'');
diff -uNr ext/suhosin/session.c ext/suhosin/session.c
--- ext/suhosin/session.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/session.c Sat Apr 6 16:14:59 2013
@@ -33,6 +33,7 @@
#include "ext/standard/php_smart_str.h"
#include "ext/standard/php_var.h"
#include "sha256.h"
+#include "main/php_version.h"
#include <fcntl.h>
@@ -233,9 +234,94 @@
zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */
} php_ps_globals_53;
+#if PHP_VERSION_ID >= 50400
+typedef struct _php_session_rfc1867_progress_54 {
+
+ size_t sname_len;
+ zval sid;
+ smart_str key;
+
+ long update_step;
+ long next_update;
+ double next_update_time;
+ zend_bool cancel_upload;
+ zend_bool apply_trans_sid;
+ size_t content_length;
+
+ zval *data; /* the array exported to session data */
+ zval *post_bytes_processed; /* data["bytes_processed"] */
+ zval *files; /* data["files"] array */
+ zval *current_file; /* array of currently uploading file */
+ zval *current_file_bytes_processed;
+} php_session_rfc1867_progress_54;
+
+typedef struct _php_ps_globals_54 {
+ char *save_path;
+ char *session_name;
+ char *id;
+ char *extern_referer_chk;
+ char *entropy_file;
+ char *cache_limiter;
+ long entropy_length;
+ long cookie_lifetime;
+ char *cookie_path;
+ char *cookie_domain;
+ zend_bool cookie_secure;
+ zend_bool cookie_httponly;
+ ps_module *mod;
+ ps_module *default_mod;
+ void *mod_data;
+ php_session_status session_status;
+ long gc_probability;
+ long gc_divisor;
+ long gc_maxlifetime;
+ int module_number;
+ long cache_expire;
+ union {
+ zval *names[6];
+ struct {
+ zval *ps_open;
+ zval *ps_close;
+ zval *ps_read;
+ zval *ps_write;
+ zval *ps_destroy;
+ zval *ps_gc;
+ } name;
+ } mod_user_names;
+ int mod_user_implemented;
+ int mod_user_is_open;
+ const struct ps_serializer_struct *serializer;
+ zval *http_session_vars;
+ zend_bool auto_start;
+ zend_bool use_cookies;
+ zend_bool use_only_cookies;
+ zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */
+ zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */
+
+ long hash_func;
+#if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH)
+ php_hash_ops *hash_ops;
+#endif
+ long hash_bits_per_character;
+ int send_cookie;
+ int define_sid;
+ zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */
+
+ php_session_rfc1867_progress_54 *rfc1867_progress;
+ zend_bool rfc1867_enabled; /* session.upload_progress.enabled */
+ zend_bool rfc1867_cleanup; /* session.upload_progress.cleanup */
+ smart_str rfc1867_prefix; /* session.upload_progress.prefix */
+ smart_str rfc1867_name; /* session.upload_progress.name */
+ long rfc1867_freq; /* session.upload_progress.freq */
+ double rfc1867_min_freq; /* session.upload_progress.min_freq */
+} php_ps_globals_54;
+#endif
+
#ifdef ZTS
static ts_rsrc_id session_globals_id = 0;
-# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3)
+# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 4)
+# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_54 *, v)
+# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3)
# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_53 *, v)
# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2)
# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_52 *, v)
@@ -247,7 +333,9 @@
UNSUPPORTED PHP VERSION
# endif
#else
-# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3)
+# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 4)
+static php_ps_globals_54 *session_globals = NULL;
+# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3)
static php_ps_globals_53 *session_globals = NULL;
# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2)
static php_ps_globals_52 *session_globals = NULL;
@@ -294,6 +382,7 @@
if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) {
ret = zend_hash_find(Z_ARRVAL_P(SESSION_G(http_session_vars)), name, namelen + 1, (void **) state_var);
+#if PHP_VERSION_ID < 50400
/* If register_globals is enabled, and
* if there is an entry for the slot in $_SESSION, and
* if that entry is still set to NULL, and
@@ -307,6 +396,7 @@
*state_var = tmp;
}
}
+#endif
}
return ret;
}
@@ -426,7 +516,7 @@
}
/* store ip value */
- suhosin_get_ipv4(crypted+4 TSRMLS_CC);
+ suhosin_get_ipv4((char *)crypted+4 TSRMLS_CC);
/* store check value */
crypted[8] = check & 0xff;
@@ -544,7 +634,7 @@
if (check_ra > 4) {
check_ra = 4;
}
- suhosin_get_ipv4(&buf TSRMLS_CC);
+ suhosin_get_ipv4(&buf[0] TSRMLS_CC);
if (memcmp(buf, decrypted+4, check_ra) != 0) {
goto error_out;
}
@@ -639,7 +729,12 @@
}*/
/* protect dumb session handlers */
- if (key == NULL || !key[0] || *mod_data == NULL) {
+ if (key == NULL || !key[0] ||
+ (*mod_data == NULL
+#if PHP_VERSION_ID >= 50400
+ && !SESSION_G(mod_user_implemented)
+#endif
+ )) {
regenerate:
SDEBUG("regenerating key is %s", key);
KEY = SESSION_G(id) = SESSION_G(mod)->s_create_sid(&SESSION_G(mod_data), NULL TSRMLS_CC);
@@ -688,7 +783,12 @@
char *v = (char *)val;
/* protect dumb session handlers */
- if (key == NULL || !key[0] || val == NULL || strlen(key) > SUHOSIN_G(session_max_id_length) || *mod_data == NULL) {
+ if (key == NULL || !key[0] || val == NULL || strlen(key) > SUHOSIN_G(session_max_id_length) ||
+ (*mod_data == NULL
+#if PHP_VERSION_ID >= 50400
+ && !SESSION_G(mod_user_implemented)
+#endif
+ )) {
r = FAILURE;
goto return_write;
}
@@ -731,7 +831,12 @@
int r;
/* protect dumb session handlers */
- if (key == NULL || !key[0] || strlen(key) > SUHOSIN_G(session_max_id_length) || *mod_data == NULL) {
+ if (key == NULL || !key[0] || strlen(key) > SUHOSIN_G(session_max_id_length) ||
+ (*mod_data == NULL
+#if PHP_VERSION_ID >= 50400
+ && !SESSION_G(mod_user_implemented)
+#endif
+ )) {
return FAILURE;
}
@@ -763,15 +868,25 @@
SUHOSIN_G(old_s_destroy) = mod->s_destroy;
mod->s_destroy = suhosin_hook_s_destroy;
+ SUHOSIN_G(old_s_module) = old_mod;
SESSION_G(mod) = mod;
}
+static void suhosin_unhook_session_module(TSRMLS_D)
+{
+ ps_module *old_mod = SUHOSIN_G(old_s_module);
+
+ if (old_mod != NULL) {
+ SESSION_G(mod) = old_mod;
+ }
+}
+
static PHP_INI_MH(suhosin_OnUpdateSaveHandler)
{
int r;
+ suhosin_unhook_session_module(TSRMLS_C);
r = old_OnUpdateSaveHandler(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC);
-
suhosin_hook_session_module(TSRMLS_C);
return r;
@@ -869,7 +984,7 @@
/* increase session identifier entropy */
if (SESSION_G(entropy_length) == 0 || SESSION_G(entropy_file) == NULL) {
-
+#ifndef PHP_WIN32
/* ensure that /dev/urandom exists */
int fd = VCWD_OPEN("/dev/urandom", O_RDONLY);
if (fd >= 0) {
@@ -877,6 +992,7 @@
SESSION_G(entropy_length) = 16;
SESSION_G(entropy_file) = pestrdup("/dev/urandom", 1);
}
+#endif
}
}
diff -uNr ext/suhosin/sha256.c ext/suhosin/sha256.c
--- ext/suhosin/sha256.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/sha256.c Sat Apr 6 16:14:59 2013
@@ -86,9 +86,11 @@
return;
}
+#if PHP_VERSION_ID < 50400
if (PG(safe_mode) && (!php_checkuid(arg, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
RETURN_FALSE;
}
+#endif
if (php_check_open_basedir(arg TSRMLS_CC)) {
RETURN_FALSE;
@@ -392,7 +394,7 @@
/* {{{ suhosin_sha256_functions[]
*/
-static function_entry suhosin_sha256_functions[] = {
+static zend_function_entry suhosin_sha256_functions[] = {
PHP_NAMED_FE(sha256, PHP_FN(suhosin_sha256), NULL)
PHP_NAMED_FE(sha256_file, PHP_FN(suhosin_sha256_file), NULL)
{NULL, NULL, NULL}
diff -uNr ext/suhosin/suhosin.c ext/suhosin/suhosin.c
--- ext/suhosin/suhosin.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/suhosin.c Sat Apr 6 16:14:59 2013
@@ -32,8 +32,12 @@
#include "zend_llist.h"
#include "zend_operators.h"
#include "SAPI.h"
+
+#if PHP_VERSION_ID < 50500
#include "php_logos.h"
#include "suhosin_logo.h"
+#endif
+
#include "ext/standard/php_string.h"
#include "ext/standard/url.h"
#include "ext/standard/base64.h"
@@ -189,9 +193,11 @@
static void suhosin_shutdown(zend_extension *extension)
{
+ TSRMLS_FETCH();
+
suhosin_unhook_execute();
suhosin_unhook_header_handler();
- suhosin_unhook_post_handlers();
+ suhosin_unhook_post_handlers(TSRMLS_C);
if (ze != NULL) {
ze->startup = orig_module_startup;
@@ -646,12 +652,16 @@
array_init(gpc_element);
zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
} else {
+#if PHP_VERSION_ID < 50400
if (PG(magic_quotes_gpc) && (index != var)) {
/* no need to addslashes() the index if it's the main variable name */
escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC);
} else {
+#endif
escaped_index = index;
+#if PHP_VERSION_ID < 50400
}
+#endif
if (zend_symtable_find(symtable1, escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE
|| Z_TYPE_PP(gpc_element_p) != IS_ARRAY) {
MAKE_STD_ZVAL(gpc_element);
@@ -683,11 +693,15 @@
if (!index) {
zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
} else {
+#if PHP_VERSION_ID < 50400
if (PG(magic_quotes_gpc)) {
escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC);
} else {
+#endif
escaped_index = index;
+#if PHP_VERSION_ID < 50400
}
+#endif
/*
* According to rfc2965, more specific paths are listed above the less specific ones.
* If we encounter a duplicate cookie name, we should skip it, since it is not possible
@@ -714,11 +728,15 @@
/* Prepare value */
Z_STRLEN(new_entry) = str_len;
+#if PHP_VERSION_ID < 50400
if (PG(magic_quotes_gpc)) {
Z_STRVAL(new_entry) = php_addslashes(strval, Z_STRLEN(new_entry), &Z_STRLEN(new_entry), 0 TSRMLS_CC);
} else {
+#endif
Z_STRVAL(new_entry) = estrndup(strval, Z_STRLEN(new_entry));
+#if PHP_VERSION_ID < 50400
}
+#endif
Z_TYPE(new_entry) = IS_STRING;
suhosin_register_cookie_variable(var, &new_entry, track_vars_array TSRMLS_CC);
@@ -1100,8 +1118,10 @@
suhosin_hook_sha256();
suhosin_hook_ex_imp();
+#if PHP_VERSION_ID < 50500
/* register the logo for phpinfo */
php_register_info_logo(SUHOSIN_LOGO_GUID, "image/jpeg", suhosin_logo, sizeof(suhosin_logo));
+#endif
#if PHP_MAJOR_VERSION < 5
php_error_docref(NULL TSRMLS_CC, E_ERROR, "Suhosin Extension is not designed to run with PHP 4 and below. Erroring Out.");
@@ -1191,6 +1211,8 @@
PHP_MINFO_FUNCTION(suhosin)
{
php_info_print_box_start(0);
+
+#if PHP_VERSION_ID < 50500
if (!sapi_module.phpinfo_as_text) {
if (PG(expose_php)) {
PUTS("<a href=\"http://www.suhosin.org/\"><img border=\"0\" src=\"");
@@ -1227,6 +1249,7 @@
PUTS("\" alt=\"Suhosin logo\" /></a>\n");
} while(0);
}
+#endif
PUTS("This server is protected with the Suhosin Extension " SUHOSIN_EXT_VERSION);
PUTS(!sapi_module.phpinfo_as_text?"<br /><br />":"\n\n");
if (sapi_module.phpinfo_as_text) {
diff -uNr ext/suhosin/treat_data.c ext/suhosin/treat_data.c
--- ext/suhosin/treat_data.c Thu Jan 19 15:49:18 2012
+++ ext/suhosin/treat_data.c Sat Apr 6 16:14:59 2013
@@ -194,7 +194,12 @@
void suhosin_hook_treat_data()
{
+#if PHP_VERSION_ID < 50400
sapi_register_treat_data(suhosin_treat_data);
+#else
+ TSRMLS_FETCH();
+ sapi_register_treat_data(suhosin_treat_data TSRMLS_CC);
+#endif
#ifdef ZEND_ENGINE_2
if (old_input_filter == NULL) {
old_input_filter = sapi_module.input_filter;