[
{
"path": ".gitignore",
"content": ".DS_Store\n/config.log\n/config.guess\n/config.h\n/config.h.in\n/config.h.in~\n/config.nice\n/config.status\n/config.sub\n/*.lo\n/.deps\n/.libs/\n/Makefile\n/Makefile.*\n/ac*.m4\n/autom4te.cache/\n/build/\n/configure\n/configure.in\n/install-sh\n/libtool\n/ltmain.sh\n/missing\n/mkinstalldirs\n/modules/\n/run-tests.php\n/suhosin.la\n/tests/*/*.tmp\n"
},
{
"path": ".travis.yml",
"content": "language: php\nos: linux\n\nphp:\n - 5.6\n - 5.5\n - 5.4\n\nenv:\n - CC=gcc CFLAGS=\"\"\n - CC=clang CFLAGS=\"\"\n\nbefore_install:\n - lsb_release -a\n - uname -a\n\nbefore_script:\n - phpize\n - ./configure --enable-suhosin-experimental\n - make -j2 CFLAGS=\"-DSUHOSIN_DEBUG=1\"\n - phpenv config-rm xdebug.ini\n\nscript:\n - make test NO_INTERACTION=1\n"
},
{
"path": "CREDITS",
"content": "suhosin\nStefan Esser\n"
},
{
"path": "Changelog",
"content": "2016-xx-xx - 0.9.39dev2\n - some improvements for Windows (NewEraCracker)\n - fixes for test cases (NewEraCracker)\n - new feature: suhosin.log.max_error_length to limit the error output\n - fixed function_exists wrapper to ignore backslash-prefixes (#92)\n - backport of PHP bug 71152: mt_rand() returns the different values from original mt19937ar.c\n - removed dead code\n - better debian integration\n - fixed perdir checks\n - merged PHP changes to RFC1867 code\n\n2015-05-21 - 0.9.38\n - removed code compatibility for PHP <5.4 (lots of code + ifdefs)\n - allow https location for suhosin.filter.action\n - fixed newline detection for suhosin.mail.protect\n - Added suhosin.upload.max_newlines to protect againt DOS attack via many \n MIME headers in RFC1867 uploads (CVE-2015-4024)\n - mail related test cases now work on linux\n\n2014-12-12 - 0.9.37.1\n - Changed version string to 0.9.37.1 (without -dev)\n - Relaxed array index blacklist (removed '-') due to wordpress incompatibility\n\n2014-12-03 - 0.9.37\n\n - Added SQL injection protection for Mysqli and several test cases\n - Added wildcard matching for SQL username\n - Added check for SQL username to only contain valid characters (>= ASCII 32)\n - Test cases for user_prefix and user_postfix\n - Added experimental PDO support\n - SQL checks other than mysql (Mysqli + old-style) must be enabled with\n configure --enable-suhosin-experimental, e.g. MSSQL.\n - disallow_ws now matches all single-byte whitespace characters\n - remove_binary and disallow_binary now optionally allow UTF-8.\n - Introduced suhosin.upload.allow_utf8 (experimental)\n - Reimplemented suhosin_get_raw_cookies()\n - Fixed potential segfault for disable_display_errors=fail (only on ARM)\n - Fixed potential NULL-pointer dereference with func.blacklist and logging\n - Logging timestamps are localtime instead of gmt now (thanks to mkrokos)\n - Added new array index filter (character whitelist/blacklist)\n - Set default array index blacklist to '\"+-<>;()\n - Added option to suppress date/time for suhosin file logging (suhosin.log.file.time=0)\n - Added simple script to create binary Debian package\n - Fixed additional recursion problems with session handler\n - Suhosin now depends on php_session.h instead of version-specific struct code\n\n2014-06-10 - 0.9.36\n\n - Added better handling of non existing/non executable shell scripts\n - Added protection against XSS/SQL/Other Injections through User-Agent HTTP header\n - Fix variable logging statistics outputting on every include - ticket: #37\n - Added more entropy from /dev/urandom to internal random seeding (64 bit => 256 bit)\n - Added non initialized stack variables to random seeding\n - Added php_win32_get_random_bytes for windows compatibility in random seeding\n - Added suhosin.rand.seedingkey for INI supplied additional entropy string (idea DavisNT)\n - Added suhosin.rand.reseed_every_request to allow reseeding on every request (idea DavisNT)\n - Changed that calls to srand() / mt_srand() will trigger auto reseeding (idea DavisNT)\n - Fixed problems with SessionHandler() class and endless recursions\n - Added LICENSE file to make distributions happy\n\n2014-02-24 - 0.9.35\n\n - From now only PHP >= 5.4 is officially supported\n - Fix problems with the hard memory_limit on 64 bit systems\n - Fix problems with user space session handler due to change in PHP 5.4.0\n - Add changes in PHP 5.5 session handlers structures for PHP 5.5 compability\n - Fix std post handler for PHP >= 5.3.11\n - Fix suhosin logo in phpinfo() for PHP 5.5\n - Change fileupload handling for PHP >= 5.4.0 to use an up to date RFC1867 replacement code\n - Adapted suhosin to PHP 5.5 executor\n - Added some test cases for various things\n - Added suhosin.log.stdout to log to stdout (for debugging purposes only)\n - Add ini_set() fail mode to suhosin.disable.display_errors\n - Fix suhosin.get/post/cookie.max_totalname_length filter\n - Refactor array index handling in filter to make it work always\n - Added support for PHP 5.6.0alpha2\n - WARNING: FUNCTION WHITELISTS/BLACKLISTS NEVER WORKED CORRECTLY WITH PHP < 5.5\n\n2012-02-12 - 0.9.34\n\n - Added initial support for PHP 5.4.0\n - Fix include whitelist and blacklist to support shemes with dots in their names\n - Fix read after efree() that lets function_exists() malfunction\n - Fix build with clang compiler\n - Added a request variable drop statistic log message\n\n2012-01-19 - 0.9.33\n\n - Make clear that suhosin is incompatible to mbstring.encoding_translation=On\n - Stop mbstring extension from replacing POST handlers\n - Added detection of extensions manipulating POST handlers\n - Fixed environment variables for logging do not go through the filter extension anymore\n - Fixed stack based buffer overflow in transparent cookie encryption (see separate advisory)\n - Fixed that disabling HTTP response splitting protection also disabled NUL byte protection in HTTP headers\n - Removed crypt() support - because not used for PHP >= 5.3.0 anyway\n\n2010-07-23 - 0.9.32.1\n\n - Fixed missing header file resulting in compile errors\n\n2010-07-23 - 0.9.32\n\n - Added support for memory_limit > 2GB\n - Fixed missing header file resulting in wrong php_combined_lcg() prototype being used\n - Improved random number seed generation more by adding /dev/urandom juice\n\n2010-03-28 - 0.9.31\n\n - Fix ZTS build of session.c\n - Increased session identifier entropy by using /dev/urandom if available\n\n2010-03-25 - 0.9.30\n\n - Added line ending characters %0a and %0d to the list of dangerous characters handled\n by suhosin.server.encode and suhosin.server.strip\n - Fixed crash bug with PHP 5.3.x and session module (due to changed session globals struct)\n - Added ! protection to PHP session serializer\n - Fixed simulation mode now also affects (dis)allowed functions\n - Fixed missing return (1); in random number generator replacements\n - Fixed random number generator replacement error case behaviour in PHP 5.3.x\n - Fixed error case handling in function_exists() PHP 5.3.x\n - Merged changes/fixes in import_request_variables()/extract() from upstream PHP\n - Fixed suhosin_header_handler to be PHP 5.3.x compatible\n - Merge fixes and new features of PHP's file upload code to suhosin\n\n2009-08-15 - 0.9.29\n\n - Fixing crash bugs with PHP 5.3.0 caused by unexpected NULL in EG(active_symbol_table)\n - Added more compatible way to retrieve ext/session globals\n - Increased default length and count limit for POST variables (for people not reading docu)\n\n2009-08-14 - 0.9.28\n\n - Fixed crash bug with PHP 5.2.10 caused by a change in extension load order of ext/session\n - Fixed harmless parameter order error in a bogus memset()\n - Disable suhosin.session.cryptua by default because of Internet Explorer 8 \"features\"\n - Added suhosin.executor.include.allow_writable_files which can be disabled to disallow \n inclusion of files writable by the webserver\n\n2008-08-23 - 0.9.27\n\n - Fixed typo in replacement rand() / mt_rand() that was hidden by LAZY symbol loading\n\n2008-08-22 - 0.9.26\n\n - Fixed problem with suhosin.perdir\n Thanks to Hosteurope for tracking this down\n - Fixed problems with ext/uploadprogress\n Reported by: Christian Stocker\n - Added suhosin.srand.ignore and suhosin.mt_srand.ignore (default: on)\n - Modified rand()/srand() to use the Mersenne Twister algorithm with separate state \n - Added better internal seeding of rand() and mt_rand()\n \n2008-08-06 - 0.9.25\n\n - Fixed PHP 4 compilation problem introduced in 0.9.24\n - Fixed PHP 5.3 compilation problem\n - Changed PHP default POST handler to PHP's current handler\n\n2008-05-10 - 0.9.24\n\n - Added support for method-calls to function handling\n - This fixes white- and blacklist affecting methods with the same name\n\n2008-01-14 - 0.9.23\n\n - Fixed suhosin extension now compiles with snapshots of PHP 5.3\n - Fixed crypt() behaves like normal again when there is no salt supplied\n\n2007-12-01 - 0.9.22\n\n - Removed LFS warning message because it crashed on several systems\n\n2007-11-30 - 0.9.21\n\n - Fixed function_exists() now checks the Suhosin permissions\n - Fixed crypt() salt no longer uses Blowfish by default\n - Fixed .htaccess/perdir support\n - Fixed compilation problem on OS/X\n - Added protection against some attacks through _SERVER variables\n - Added suhosin.server.strip and suhosin.server.encode\n - Added error message that warns about the LFS binary incompatibility\n \n2007-05-19 - 0.9.20\n\n - Added protection flags against whitespace at variable start\n - Added mutex around crypt() to close the PHP crypt() \n thread safety vulnerability class\n - Improved HTTP Response Splitting Protection\n - Changed default maximum array depth to 50 for GPCR\n - Fixed possible endless loop in file logging\n - Fixed file locking in file logging\n\n2007-05-01 - 0.9.19\n\n - Fixed typo in HTTP header protection (only during simulation mode)\n Reported by: Ilia Alshanetsky\n - Fixed wrong \\0 termination in cookie decryptor\n - Fixed possible crash in SERVER variables protection when SAPI=embedded\n Fix provided by: Olivier Blin/Mandriva Linux\n - Added possibility to en-/disable INI_PERDIR\n Problem reported by: Ilia Alshanetsky\n - Added PHP Warning when disabled function is called\n - Added examples for new configuration option in suhosin.ini\n\n2007-03-06 - 0.9.18\n\n - Fixed session double hooking in edge case\n - Added additional crash protection for PHP's session module\n\n2007-03-04 - 0.9.17\n\n - Added a suhosin.ini example configuration \n Thanks to Mandriva Linux for supplying us with one\n - Added new logging device: file\n - Fixed that suhosin.filter.action did not affect POST limits\n - Fixed behaviour of request variable limit to be an upper limit\n for the other settings instead of being additive limit\n - Fixed hard_memory_limit bypass due to casting bug in PHP \n Problem was found by: Ilia Alshanetsky\n - Fixed some sql prefix/postfix problems\n - Added experimental SQL injection heuristic\n\n2006-12-02 - 0.9.16\n\n - Added suhosin.stealth which controls if suhosin loads in\n stealth mode when it is not the only zend_extension\n (Required for full compatibility with certain encoders \n that consider open source untrusted. e.g. ionCube, Zend)\n - Activate suhosin.stealth by default\n - Fixed that Suhosin tries handling functions disabled by\n disable_function. In v0.9.15 it was impossible to disable\n phpinfo() with disable_function.\n Problem was found by: Thorsten Schifferdecker\n \n2006-11-28 - 0.9.15\n\n - Added a transparent protection for open phpinfo() pages by\n adding an HTML META ROBOTS tag to the output that forbids \n indexing and archiving\n\n2006-11-22 - 0.9.14\n\n - Drop wrongly decrypted cookies instead of leaving them empty\n - Fix another problem with urlencoded cookie names\n - Fix compilation problem with PHP4\n - Added better regression to the release process to stop \n compilation and missing symbol problems\n\n2006-11-20 - 0.9.13\n\n - More compatible support for ap_php_snprintf() for old PHP\n - Changed phpinfo() output to put suhosin logo into a data: URL\n for Opera and Gecko based browsers when expose_php=off\n \n2006-11-14 - 0.9.12\n\n - Adding ap_php_snprintf() when compiling against PHP 4.3.9\n - Added suhosin.protectkey to remove cryptkeys from phpinfo() output\n - Disabled suhosin.cookie.encrypt in default install\n - Fixed static compilation against PHP 5.2.0\n\n2006-11-06 - 0.9.11\n \n - Fixed input filter for simulation mode \n\n2006-10-26 - 0.9.10\n\n - Fixed ZTS compile problem in new code\n - Fixed PHP4 compile problem in new code\n\n2006-10-25 - 0.9.9\n\n - Fixed mail() protection that failed to detect some injected headers\n - Fixed cookie decryption to not potentially trash apache memory\n - Fixed cookie enctyption to handle url encoded names correctly\n - Added suhosin.cookie/session.checkraddr\n - Added suhosin.cookie.cryptlist\n - Added suhosin.cookie.plainlist\n - Added suhosin_encrypt_cookie function for JS\n - Added suhosin_get_raw_cookies function\n - Changed dropped variable error messages\n \n2006-10-08 - 0.9.8\n \n - Fixed a PHP4 ZTS compile problem\n\n2006-10-08 - 0.9.7\n\n - Moved input handler hooking to a later place to ensure better compatibility\n with 3rd party extensions\n - Fixed a problem with overlong mail headers in mail protection\n - Fixed a problem with empty log/verification script names\n - Fixed a PHP4 compile problem with old gcc/in ZTS mode\n - Added mbregex.h from PHP4 to solve compile problems on systesm with broken\n header installations\n\n2006-10-02 - 0.9.6\n\n - Disallow symlink() when open_basedir (activated by default)\n - Fix a problem with compilation in Visual Studio\n\n2006-09-29 - 0.9.5\n\n - Added missing logo file\n - Added suhosin.apc_bug_workaround flag to enable compatibility with buggy APC 3.0.12x\n\n2006-09-29 - 0.9.4\n\n - Added version number and logo to phpinfo() output\n - Fixed that all uploaded files are dropped after a single one was disallowed\n - Added undocumented suhosin.coredump flag to tell suhosin to dump core instead\n of logging S_MEMORY events\n - Disable handling of rfc1867 mbstring decoding\n\n2006-09-24 - 0.9.3\n\n - Added protection against endless recursion for suhosin.log.phpscript\n - Added possibility to disable open_basedir and safe_mode for suhosin.log.phpscript\n - Added suhosin.executor.include.max_traversal to stop directory traversal includes\n\n2006-09-19 - 0.9.2\n\n - Fixes broken rfc1867 fileupload hook\n - Changed definition of binary to: 0..31, 128..255 except whitespace\n - Added suhosin.log.phpscript(.name) directive to log to a PHP script\n\t\n2006-09-16 - 0.9.1\n\n - A bunch of changes to compile and work on Windows\n\n2006-09-09 - BETA\n\n - Added decryption of HTTP_COOKIE\n - Fixed a last problem in suhosin_strcasestr() helper function\n\n2006-09-08 - BETA\n\n - Fixed a problem within suhosin_strcasestr() because it broke \n URL checks\n\n2006-09-07 - BETA\n\n - CVS version of PHP 5.2.0 was changed to support incasesensitive \n URLs, support for this in suhosin added\n - Fixed a problem when preg_replace() was called with more than\n 4 parameters\n \n"
},
{
"path": "LICENSE",
"content": "-------------------------------------------------------------------- \n The PHP License, version 3.01\nCopyright (c) 1999 - 2014 The PHP Group. All rights reserved.\n-------------------------------------------------------------------- \n\nRedistribution and use in source and binary forms, with or without\nmodification, is permitted provided that the following conditions\nare met:\n\n 1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer.\n \n 2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in\n the documentation and/or other materials provided with the\n distribution.\n \n 3. The name \"PHP\" must not be used to endorse or promote products\n derived from this software without prior written permission. For\n written permission, please contact group@php.net.\n \n 4. Products derived from this software may not be called \"PHP\", nor\n may \"PHP\" appear in their name, without prior written permission\n from group@php.net. You may indicate that your software works in\n conjunction with PHP by saying \"Foo for PHP\" instead of calling\n it \"PHP Foo\" or \"phpfoo\"\n \n 5. The PHP Group may publish revised and/or new versions of the\n license from time to time. Each version will be given a\n distinguishing version number.\n Once covered code has been published under a particular version\n of the license, you may always continue to use it under the terms\n of that version. You may also choose to use such covered code\n under the terms of any subsequent version of the license\n published by the PHP Group. No one other than the PHP Group has\n the right to modify the terms applicable to covered code created\n under this License.\n\n 6. Redistributions of any form whatsoever must retain the following\n acknowledgment:\n \"This product includes PHP software, freely available from\n \".\n\nTHIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM ``AS IS'' AND \nANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\nTHE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A \nPARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP\nDEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, \nINDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES \n(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR \nSERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\nHOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\nSTRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\nARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\nOF THE POSSIBILITY OF SUCH DAMAGE.\n\n-------------------------------------------------------------------- \n\nThis software consists of voluntary contributions made by many\nindividuals on behalf of the PHP Group.\n\nThe PHP Group can be contacted via Email at group@php.net.\n\nFor more information on the PHP Group and the PHP project, \nplease see .\n\nPHP includes the Zend Engine, freely available at\n.\n"
},
{
"path": "README.md",
"content": "[](https://travis-ci.org/sektioneins/suhosin)\n[](https://gitter.im/sektioneins/suhosin?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)\n\n# Suhosin\n\nSuhosin (pronounced 'su-ho-shin') is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core.\n"
},
{
"path": "aes.c",
"content": "/* Rijndael Block Cipher - rijndael.c\n\n Written by Mike Scott 21st April 1999\n mike@compapp.dcu.ie\n An alternative faster version is implemented in MIRACL \n ftp://ftp.computing.dcu.ie/pub/crypto/miracl.zip\n\n Copyright (c) 1999 Mike Scott\n\n Simply compile and run, e.g.\n\n cl /O2 rijndael.c (Microsoft C)\n bcc32 /O2 rijndael.c (Borland C)\n gcc -O2 rijndael.c -o rijndael (Gnu C)\n\n Compiles and runs fine as a C++ program also.\n\n See rijndael documentation. The code follows the documentation as closely\n as possible, and where possible uses the same function and variable names.\n\n Permission for free direct or derivative use is granted subject \n to compliance with any conditions that the originators of the \n algorithm place on its exploitation. \n\n Inspiration from Brian Gladman's implementation is acknowledged.\n\n Written for clarity, rather than speed.\n Assumes long is 32 bit quantity.\n Full implementation. \n Endian indifferent.\n*/\n\n#include \"php.h\"\n#include \"php_suhosin.h\"\n\n/* rotates x one bit to the left */\n\n#define ROTL(x) (((x)>>7)|((x)<<1))\n\n/* Rotates 32-bit word left by 1, 2 or 3 byte */\n\n#define ROTL8(x) (((x)<<8)|((x)>>24))\n#define ROTL16(x) (((x)<<16)|((x)>>16))\n#define ROTL24(x) (((x)<<24)|((x)>>8))\n\n/* Fixed Data */\n\nstatic BYTE InCo[4]={0xB,0xD,0x9,0xE}; /* Inverse Coefficients */\n\nstatic BYTE fbsub[256];\nstatic BYTE rbsub[256];\nstatic BYTE ptab[256],ltab[256];\nstatic WORD ftable[256];\nstatic WORD rtable[256];\nstatic WORD rco[30];\n\n/* Parameter-dependent data */\n\nstatic int Nk,Nb,Nr;\n\nstatic WORD pack(BYTE *b)\n{ /* pack bytes into a 32-bit Word */\n return ((WORD)b[3]<<24)|((WORD)b[2]<<16)|((WORD)b[1]<<8)|(WORD)b[0];\n}\n\nstatic void unpack(WORD a,BYTE *b)\n{ /* unpack bytes from a word */\n b[0]=(BYTE)a;\n b[1]=(BYTE)(a>>8);\n b[2]=(BYTE)(a>>16);\n b[3]=(BYTE)(a>>24);\n}\n\nstatic BYTE xtime(BYTE a)\n{\n BYTE b;\n if (a&0x80) b=0x1B;\n else b=0;\n a<<=1;\n a^=b;\n return a;\n}\n\nstatic BYTE bmul(BYTE x,BYTE y)\n{ /* x.y= AntiLog(Log(x) + Log(y)) */\n if (x && y) return ptab[(ltab[x]+ltab[y])%255];\n else return 0;\n}\n\nstatic WORD SubByte(WORD a)\n{\n BYTE b[4];\n unpack(a,b);\n b[0]=fbsub[b[0]];\n b[1]=fbsub[b[1]];\n b[2]=fbsub[b[2]];\n b[3]=fbsub[b[3]];\n return pack(b); \n}\n\nstatic BYTE product(WORD x,WORD y)\n{ /* dot product of two 4-byte arrays */\n BYTE xb[4],yb[4];\n unpack(x,xb);\n unpack(y,yb); \n return bmul(xb[0],yb[0])^bmul(xb[1],yb[1])^bmul(xb[2],yb[2])^bmul(xb[3],yb[3]);\n}\n\nstatic WORD InvMixCol(WORD x)\n{ /* matrix Multiplication */\n WORD y,m;\n BYTE b[4];\n\n m=pack(InCo);\n b[3]=product(m,x);\n m=ROTL24(m);\n b[2]=product(m,x);\n m=ROTL24(m);\n b[1]=product(m,x);\n m=ROTL24(m);\n b[0]=product(m,x);\n y=pack(b);\n return y;\n}\n\nstatic BYTE ByteSub(BYTE x)\n{\n BYTE y=ptab[255-ltab[x]]; /* multiplicative inverse */\n x=y; x=ROTL(x);\n y^=x; x=ROTL(x);\n y^=x; x=ROTL(x);\n y^=x; x=ROTL(x);\n y^=x; y^=0x63;\n return y;\n}\n\nvoid suhosin_aes_gentables()\n{ /* generate tables */\n int i;\n BYTE y,b[4];\n\n /* use 3 as primitive root to generate power and log tables */\n\n ltab[0]=0;\n ptab[0]=1; ltab[1]=0;\n ptab[1]=3; ltab[3]=1; \n for (i=2;i<256;i++)\n {\n ptab[i]=ptab[i-1]^xtime(ptab[i-1]);\n ltab[ptab[i]]=i;\n }\n \n /* affine transformation:- each bit is xored with itself shifted one bit */\n\n fbsub[0]=0x63;\n rbsub[0x63]=0;\n for (i=1;i<256;i++)\n {\n y=ByteSub((BYTE)i);\n fbsub[i]=y; rbsub[y]=i;\n }\n\n for (i=0,y=1;i<30;i++)\n {\n rco[i]=y;\n y=xtime(y);\n }\n\n /* calculate forward and reverse tables */\n for (i=0;i<256;i++)\n {\n y=fbsub[i];\n b[3]=y^xtime(y); b[2]=y;\n b[1]=y; b[0]=xtime(y);\n ftable[i]=pack(b);\n\n y=rbsub[i];\n b[3]=bmul(InCo[0],y); b[2]=bmul(InCo[1],y);\n b[1]=bmul(InCo[2],y); b[0]=bmul(InCo[3],y);\n rtable[i]=pack(b);\n }\n}\n\nvoid suhosin_aes_gkey(int nb,int nk,char *key TSRMLS_DC)\n{ /* blocksize=32*nb bits. Key=32*nk bits */\n /* currently nb,bk = 4, 6 or 8 */\n /* key comes as 4*Nk bytes */\n /* Key Scheduler. Create expanded encryption key */\n int i,j,k,m,N;\n int C1,C2,C3;\n WORD CipherKey[8];\n\n Nb=nb; Nk=nk;\n\n /* Nr is number of rounds */\n if (Nb>=Nk) Nr=6+Nb;\n else Nr=6+Nk;\n\n C1=1;\n if (Nb<8) { C2=2; C3=3; }\n else { C2=3; C3=4; }\n\n /* pre-calculate forward and reverse increments */\n for (m=j=0;j>8)])^\n ROTL16(ftable[(BYTE)(x[SUHOSIN_G(fi)[m+1]]>>16)])^\n ROTL24(ftable[x[SUHOSIN_G(fi)[m+2]]>>24]);\n }\n t=x; x=y; y=t; /* swap pointers */\n }\n\n/* Last Round - unroll if possible */ \n for (m=j=0;j>8)])^\n ROTL16((WORD)fbsub[(BYTE)(x[SUHOSIN_G(fi)[m+1]]>>16)])^\n ROTL24((WORD)fbsub[x[SUHOSIN_G(fi)[m+2]]>>24]);\n } \n for (i=j=0;i>8)])^\n ROTL16(rtable[(BYTE)(x[SUHOSIN_G(ri)[m+1]]>>16)])^\n ROTL24(rtable[x[SUHOSIN_G(ri)[m+2]]>>24]);\n }\n t=x; x=y; y=t; /* swap pointers */\n }\n\n/* Last Round - unroll if possible */ \n for (m=j=0;j>8)])^\n ROTL16((WORD)rbsub[(BYTE)(x[SUHOSIN_G(ri)[m+1]]>>16)])^\n ROTL24((WORD)rbsub[x[SUHOSIN_G(ri)[m+2]]>>24]);\n } \n for (i=j=0;i |\n | Ben Fuhrmannek |\n +----------------------------------------------------------------------+\n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"TSRM.h\"\n#include \"php_suhosin.h\"\n#include \"ext/standard/base64.h\"\n#include \"sha256.h\"\n\nstatic void suhosin_get_ipv4(char *buf TSRMLS_DC)\n{\n char *raddr = suhosin_getenv(ZEND_STRL(\"REMOTE_ADDR\") TSRMLS_CC);\n int i;\n\n\n if (raddr == NULL) {\n memset(buf, 0, 4);\n return;\n }\n\n for (i=0; i<4; i++) {\n if (raddr[0] == 0) {\n buf[i] = 0;\n } else {\n buf[i] = strtol(raddr, &raddr, 10);\n if (raddr[0] == '.') {\n raddr++;\n }\n }\n }\n}\n\nchar *suhosin_encrypt_string(char *str, int len, char *var, int vlen, char *key TSRMLS_DC)\n{\n int padded_len, i, slen;\n unsigned char *crypted, *tmp;\n unsigned int check = 0x13579BDF;\n\n if (str == NULL) {\n return NULL;\n }\n if (len == 0) {\n return estrndup(\"\", 0);\n }\n\n\n suhosin_aes_gkey(4,8,key TSRMLS_CC);\n\n padded_len = ((len+15) & ~0xF);\n crypted = emalloc(16+padded_len+1);\n memset(crypted, 0xff, 16+padded_len+1);\n memcpy(crypted+16, str, len+1);\n\n /* calculate check value */\n for (i = 0; i> (32-3));\n check += check << 1;\n check ^= (unsigned char)var[i];\n }\n for (i = 0; i> (32-3));\n check += check << 1;\n check ^= (unsigned char)str[i];\n }\n\n /* store ip value */\n suhosin_get_ipv4((char *)crypted+4 TSRMLS_CC);\n\n /* store check value */\n crypted[8] = check & 0xff;\n crypted[9] = (check >> 8) & 0xff;\n crypted[10] = (check >> 16) & 0xff;\n crypted[11] = (check >> 24) & 0xff;\n\n /* store original length */\n crypted[12] = len & 0xff;\n crypted[13] = (len >> 8) & 0xff;\n crypted[14] = (len >> 16) & 0xff;\n crypted[15] = (len >> 24) & 0xff;\n\n for (i=0, tmp=crypted; i 0) {\n int j;\n for (j=0; j<16; j++) tmp[j] ^= tmp[j-16];\n }\n suhosin_aes_encrypt((char *)tmp TSRMLS_CC);\n }\n\n tmp = php_base64_encode(crypted, padded_len+16, NULL);\n efree(crypted);\n slen=strlen((char *)tmp);\n for (i=0; i=0; i-=16, tmp-=16) {\n suhosin_aes_decrypt((char *)tmp TSRMLS_CC);\n if (i > 0) {\n int j;\n for (j=0; j<16; j++) tmp[j] ^= tmp[j-16];\n }\n }\n\n /* retrieve orig_len */\n o_len = decrypted[15];\n o_len <<= 8;\n o_len |= decrypted[14];\n o_len <<= 8;\n o_len |= decrypted[13];\n o_len <<= 8;\n o_len |= decrypted[12];\n\n if (o_len < 0 || o_len > len-16) {\n goto error_out;\n }\n\n /* calculate check value */\n for (i = 0; i> (32-3));\n check += check << 1;\n check ^= (unsigned char)var[i];\n }\n for (i = 0; i> (32-3));\n check += check << 1;\n check ^= decrypted[16+i];\n }\n\n /* check value */\n invalid = (decrypted[8] != (check & 0xff)) ||\n (decrypted[9] != ((check >> 8) & 0xff)) ||\n (decrypted[10] != ((check >> 16) & 0xff)) ||\n (decrypted[11] != ((check >> 24) & 0xff));\n\n /* check IP */\n if (check_ra > 0) {\n if (check_ra > 4) {\n check_ra = 4;\n }\n suhosin_get_ipv4(&buf[0] TSRMLS_CC);\n if (memcmp(buf, decrypted+4, check_ra) != 0) {\n goto error_out;\n }\n }\n\n if (invalid) {\n goto error_out;\n }\n\n if (orig_len) {\n *orig_len = o_len;\n }\n\n memmove(decrypted, decrypted+16, o_len);\n decrypted[o_len] = 0;\n /* we do not realloc() here because 16 byte less\n is simply not worth the overhead */\n return (char *)decrypted;\n}\n\nchar *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, char *cryptkey TSRMLS_DC)\n{\n char *_ua = NULL;\n char *_dr = NULL;\n char *_ra = NULL;\n suhosin_SHA256_CTX ctx;\n\n if (ua) {\n _ua = suhosin_getenv(ZEND_STRL(\"HTTP_USER_AGENT\") TSRMLS_CC);\n }\n\n if (dr) {\n _dr = suhosin_getenv(ZEND_STRL(\"DOCUMENT_ROOT\") TSRMLS_CC);\n }\n\n if (raddr > 0) {\n _ra = suhosin_getenv(ZEND_STRL(\"REMOTE_ADDR\") TSRMLS_CC);\n }\n\n SDEBUG(\"(suhosin_generate_key) KEY: %s - UA: %s - DR: %s - RA: %s\", key,_ua,_dr,_ra);\n\n suhosin_SHA256Init(&ctx);\n if (key == NULL || *key == 0) {\n suhosin_SHA256Update(&ctx, (unsigned char*)\"D3F4UL7\", strlen(\"D3F4UL7\"));\n } else {\n suhosin_SHA256Update(&ctx, (unsigned char*)key, strlen(key));\n }\n if (_ua) {\n suhosin_SHA256Update(&ctx, (unsigned char*)_ua, strlen(_ua));\n }\n if (_dr) {\n suhosin_SHA256Update(&ctx, (unsigned char*)_dr, strlen(_dr));\n }\n if (_ra) {\n if (raddr >= 4) {\n suhosin_SHA256Update(&ctx, (unsigned char*)_ra, strlen(_ra));\n } else {\n long dots = 0;\n char *tmp = _ra;\n\n while (*tmp) {\n if (*tmp == '.') {\n dots++;\n if (dots == raddr) {\n break;\n }\n }\n tmp++;\n }\n suhosin_SHA256Update(&ctx, (unsigned char*)_ra, tmp-_ra);\n }\n }\n suhosin_SHA256Final((unsigned char *)cryptkey, &ctx);\n cryptkey[32] = 0; /* uhmm... not really a string */\n\n return cryptkey;\n}\n"
},
{
"path": "ex_imp.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n/*\n $Id: ex_imp.c,v 1.2 2008-01-04 11:23:47 sesser Exp $ \n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"php_suhosin.h\"\n#include \"ext/standard/php_smart_str.h\"\n#include \"ext/standard/php_var.h\"\n\n\n#define EXTR_OVERWRITE\t\t\t0\n#define EXTR_SKIP\t\t\t\t1\n#define EXTR_PREFIX_SAME\t\t2\n#define\tEXTR_PREFIX_ALL\t\t\t3\n#define\tEXTR_PREFIX_INVALID\t\t4\n#define\tEXTR_PREFIX_IF_EXISTS\t5\n#define\tEXTR_IF_EXISTS\t\t\t6\n\n#define EXTR_REFS\t\t\t\t0x100\n\n\nstatic int php_valid_var_name(char *var_name, int len) /* {{{ */\n{\n\tint i, ch;\n\t\n\tif (!var_name)\n\t\treturn 0;\n\n\t/* These are allowed as first char: [a-zA-Z_\\x7f-\\xff] */\n\tch = (int)((unsigned char *)var_name)[0];\n\tif (var_name[0] != '_' &&\n\t\t(ch < 65 /* A */ || /* Z */ ch > 90) &&\n\t\t(ch < 97 /* a */ || /* z */ ch > 122) &&\n\t\t(ch < 127 /* 0x7f */ || /* 0xff */ ch > 255)\n\t) {\n\t\treturn 0;\n\t}\n\n\t/* And these as the rest: [a-zA-Z0-9_\\x7f-\\xff] */\n\tif (len > 1) {\n\t\tfor (i = 1; i < len; i++) {\n\t\t\tch = (int)((unsigned char *)var_name)[i];\n\t\t\tif (var_name[i] != '_' &&\n\t\t\t\t(ch < 48 /* 0 */ || /* 9 */ ch > 57) &&\n\t\t\t\t(ch < 65 /* A */ || /* Z */ ch > 90) &&\n\t\t\t\t(ch < 97 /* a */ || /* z */ ch > 122) &&\n\t\t\t\t(ch < 127 /* 0x7f */ || /* 0xff */ ch > 255)\n\t\t\t) {\t\n\t\t\t\treturn 0;\n\t\t\t}\n\t\t}\n\t}\n\n\tif (suhosin_is_protected_varname(var_name, len)) {\n\t\treturn 0;\n\t}\n\t\n\treturn 1;\n}\n\n\n/* {{{ proto int extract(array var_array [, int extract_type [, string prefix]])\n Imports variables into symbol table from an array */\nPHP_FUNCTION(suhosin_extract)\n{\n\tzval *var_array, *prefix = NULL;\n\tlong extract_type = EXTR_OVERWRITE;\n\tzval **entry, *data;\n\tchar *var_name;\n\tulong num_key;\n\tuint var_name_len;\n\tint var_exists, key_type, count = 0;\n\tint extract_refs = 0;\n\tHashPosition pos;\n\n\tif (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, \"a|lz/\", &var_array, &extract_type, &prefix) == FAILURE) {\n\t\treturn;\n\t}\n\n\textract_refs = (extract_type & EXTR_REFS);\n\textract_type &= 0xff;\n\n\tif (extract_type < EXTR_OVERWRITE || extract_type > EXTR_IF_EXISTS) {\n\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"Invalid extract type\");\n\t\treturn;\n\t}\n\n\tif (extract_type > EXTR_SKIP && extract_type <= EXTR_PREFIX_IF_EXISTS && ZEND_NUM_ARGS() < 3) {\n\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"specified extract type requires the prefix parameter\");\n\t\treturn;\n\t}\n\n\tif (prefix) {\n\t\tconvert_to_string(prefix);\n\t\tif (Z_STRLEN_P(prefix) && !php_valid_var_name(Z_STRVAL_P(prefix), Z_STRLEN_P(prefix))) {\n\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"prefix is not a valid identifier\");\n\t\t\treturn;\n\t\t}\n\t}\n\n\tif (!EG(active_symbol_table)) {\n\t\tzend_rebuild_symbol_table(TSRMLS_C);\n\t}\n\n\t/* var_array is passed by ref for the needs of EXTR_REFS (needs to\n\t * work on the original array to create refs to its members)\n\t * simulate pass_by_value if EXTR_REFS is not used */\n\tif (!extract_refs) {\n\t\tSEPARATE_ARG_IF_REF(var_array);\n\t}\n\n\tzend_hash_internal_pointer_reset_ex(Z_ARRVAL_P(var_array), &pos);\n\twhile (zend_hash_get_current_data_ex(Z_ARRVAL_P(var_array), (void **)&entry, &pos) == SUCCESS) {\n\t\tzval final_name;\n\n\t\tZVAL_NULL(&final_name);\n\n\t\tkey_type = zend_hash_get_current_key_ex(Z_ARRVAL_P(var_array), &var_name, &var_name_len, &num_key, 0, &pos);\n\t\tvar_exists = 0;\n\n\t\tif (key_type == HASH_KEY_IS_STRING) {\n\t\t\tvar_name_len--;\n\t\t\tvar_exists = zend_hash_exists(EG(active_symbol_table), var_name, var_name_len + 1);\n\t\t} else if (key_type == HASH_KEY_IS_LONG && (extract_type == EXTR_PREFIX_ALL || extract_type == EXTR_PREFIX_INVALID)) {\n\t\t\tzval num;\n\n\t\t\tZVAL_LONG(&num, num_key);\n\t\t\tconvert_to_string(&num);\n\t\t\tphp_prefix_varname(&final_name, prefix, Z_STRVAL(num), Z_STRLEN(num), 1 TSRMLS_CC);\n\t\t\tzval_dtor(&num);\n\t\t} else {\n\t\t\tzend_hash_move_forward_ex(Z_ARRVAL_P(var_array), &pos);\n\t\t\tcontinue;\n\t\t}\n\n\t\tswitch (extract_type) {\n\t\t\tcase EXTR_IF_EXISTS:\n\t\t\t\tif (!var_exists) break;\n\t\t\t\t/* break omitted intentionally */\n\n\t\t\tcase EXTR_OVERWRITE:\n\t\t\t\t/* GLOBALS protection */\n\t\t\t\tif (var_exists && var_name_len == sizeof(\"GLOBALS\") && !strcmp(var_name, \"GLOBALS\")) {\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t\tif (var_exists && var_name_len == sizeof(\"this\") && !strcmp(var_name, \"this\") && EG(scope) && EG(scope)->name_length != 0) {\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t\tZVAL_STRINGL(&final_name, var_name, var_name_len, 1);\n\t\t\t\tbreak;\n\n\t\t\tcase EXTR_PREFIX_IF_EXISTS:\n\t\t\t\tif (var_exists) {\n\t\t\t\t\tphp_prefix_varname(&final_name, prefix, var_name, var_name_len, 1 TSRMLS_CC);\n\t\t\t\t}\n\t\t\t\tbreak;\n\n\t\t\tcase EXTR_PREFIX_SAME:\n\t\t\t\tif (!var_exists && var_name_len != 0) {\n\t\t\t\t\tZVAL_STRINGL(&final_name, var_name, var_name_len, 1);\n\t\t\t\t}\n\t\t\t\t/* break omitted intentionally */\n\n\t\t\tcase EXTR_PREFIX_ALL:\n\t\t\t\tif (Z_TYPE(final_name) == IS_NULL && var_name_len != 0) {\n\t\t\t\t\tphp_prefix_varname(&final_name, prefix, var_name, var_name_len, 1 TSRMLS_CC);\n\t\t\t\t}\n\t\t\t\tbreak;\n\n\t\t\tcase EXTR_PREFIX_INVALID:\n\t\t\t\tif (Z_TYPE(final_name) == IS_NULL) {\n\t\t\t\t\tif (!php_valid_var_name(var_name, var_name_len)) {\n\t\t\t\t\t\tphp_prefix_varname(&final_name, prefix, var_name, var_name_len, 1 TSRMLS_CC);\n\t\t\t\t\t} else {\n\t\t\t\t\t\tZVAL_STRINGL(&final_name, var_name, var_name_len, 1);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\n\t\t\tdefault:\n\t\t\t\tif (!var_exists) {\n\t\t\t\t\tZVAL_STRINGL(&final_name, var_name, var_name_len, 1);\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t}\n\n\t\tif (Z_TYPE(final_name) != IS_NULL && php_valid_var_name(Z_STRVAL(final_name), Z_STRLEN(final_name))) {\n\t\t\tif (extract_refs) {\n\t\t\t\tzval **orig_var;\n\n\t\t\t\tSEPARATE_ZVAL_TO_MAKE_IS_REF(entry);\n\t\t\t\tzval_add_ref(entry);\n\n\t\t\t\tif (zend_hash_find(EG(active_symbol_table), Z_STRVAL(final_name), Z_STRLEN(final_name) + 1, (void **) &orig_var) == SUCCESS) {\n\t\t\t\t\tzval_ptr_dtor(orig_var);\n\t\t\t\t\t*orig_var = *entry;\n\t\t\t\t} else {\n\t\t\t\t\tzend_hash_update(EG(active_symbol_table), Z_STRVAL(final_name), Z_STRLEN(final_name) + 1, (void **) entry, sizeof(zval *), NULL);\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\tMAKE_STD_ZVAL(data);\n\t\t\t\t*data = **entry;\n\t\t\t\tzval_copy_ctor(data);\n\n\t\t\t\tZEND_SET_SYMBOL_WITH_LENGTH(EG(active_symbol_table), Z_STRVAL(final_name), Z_STRLEN(final_name) + 1, data, 1, 0);\n\t\t\t}\n\t\t\tcount++;\n\t\t}\n\t\tzval_dtor(&final_name);\n\n\t\tzend_hash_move_forward_ex(Z_ARRVAL_P(var_array), &pos);\n\t}\n\n\tif (!extract_refs) {\n\t\tzval_ptr_dtor(&var_array);\n\t}\n\n\tRETURN_LONG(count);\n}\n/* }}} */\n\n\n\nZEND_BEGIN_ARG_INFO_EX(suhosin_arginfo_extract, 0, 0, 1)\n\tZEND_ARG_INFO(ZEND_SEND_PREFER_REF, arg) /* ARRAY_INFO(0, arg, 0) */\n\tZEND_ARG_INFO(0, extract_type)\n\tZEND_ARG_INFO(0, prefix)\nZEND_END_ARG_INFO()\n\n\n/* {{{ suhosin_ex_imp_functions[]\n */\nzend_function_entry suhosin_ex_imp_functions[] = {\n\tPHP_NAMED_FE(extract, PHP_FN(suhosin_extract), suhosin_arginfo_extract)\n\t{NULL, NULL, NULL}\n};\n/* }}} */\n\nvoid suhosin_hook_ex_imp(TSRMLS_D)\n{\n\t/* replace the extract and import_request_variables functions */\n\tzend_hash_del(CG(function_table), \"extract\", sizeof(\"extract\"));\n\tzend_register_functions(NULL, suhosin_ex_imp_functions, NULL, MODULE_PERSISTENT TSRMLS_CC);\n}\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n\n\n"
},
{
"path": "execute.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n\n/* $Id: execute.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ */\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"zend_hash.h\"\n#include \"zend_extensions.h\"\n#include \"ext/standard/info.h\"\n#include \"ext/standard/php_rand.h\"\n#include \"ext/standard/php_lcg.h\"\n#include \"php_suhosin.h\"\n#include \"zend_compile.h\"\n#include \"zend_llist.h\"\n#include \"SAPI.h\"\n\n#include \"sha256.h\"\n\n#ifdef PHP_WIN32\n# include \"win32/fnmatch.h\"\n# include \"win32/winutil.h\"\n# include \"win32/time.h\"\n#else\n# ifdef HAVE_FNMATCH\n# include \n# endif\n# include \n#endif\n\n#if PHP_VERSION_ID >= 50500\nstatic void (*old_execute_ex)(zend_execute_data *execute_data TSRMLS_DC);\nstatic void suhosin_execute_ex(zend_execute_data *execute_data TSRMLS_DC);\n#endif\n\nstatic void (*old_execute)(zend_op_array *op_array TSRMLS_DC);\nstatic void suhosin_execute(zend_op_array *op_array TSRMLS_DC);\nstatic void (*old_execute_ZO)(zend_op_array *op_array, long dummy TSRMLS_DC);\nstatic void suhosin_execute_ZO(zend_op_array *op_array, long dummy TSRMLS_DC);\nstatic void *(*zo_set_oe_ex)(void *ptr) = NULL;\n\n/*STATIC zend_op_array* (*old_compile_file)(zend_file_handle* file_handle, int type TSRMLS_DC);\n STATIC zend_op_array* suhosin_compile_file(zend_file_handle*, int TSRMLS_DC);*/\n\n#if PHP_VERSION_ID >= 50500\nstatic void suhosin_execute_internal(zend_execute_data *execute_data_ptr, zend_fcall_info *fci, int return_value_used TSRMLS_DC);\nstatic void (*old_execute_internal)(zend_execute_data *execute_data_ptr, zend_fcall_info *fci, int return_value_used TSRMLS_DC);\n#else\nstatic void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC);\nstatic void (*old_execute_internal)(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC);\n#endif\n\nextern zend_extension suhosin_zend_extension_entry;\n\n/* {{{ suhosin_strcasestr */\nstatic char *suhosin_strcasestr(char *haystack, char *needle)\n{\n\tunsigned char *t, *h, *n;\n\th = (unsigned char *) haystack;\nconts:\n\twhile (*h) {\n\t\tn = (unsigned char *) needle;\n\t\tif (toupper(*h++) == toupper(*n++)) {\n\t\t\tfor (t=h; *n; t++, n++) {\n\t\t\t\tif (toupper(*t) != toupper(*n)) goto conts;\n\t\t\t}\n\t\t\treturn ((char*)h-1);\n\t\t}\n\t}\n\n\treturn (NULL);\n}\n/* }}} */\n\n\n#define SUHOSIN_CODE_TYPE_UNKNOWN\t0\n#define SUHOSIN_CODE_TYPE_COMMANDLINE\t1\n#define SUHOSIN_CODE_TYPE_EVAL\t\t2\n#define SUHOSIN_CODE_TYPE_REGEXP\t3\n#define SUHOSIN_CODE_TYPE_ASSERT\t4\n#define SUHOSIN_CODE_TYPE_CFUNC\t\t5\n#define SUHOSIN_CODE_TYPE_SUHOSIN\t6\n#define SUHOSIN_CODE_TYPE_UPLOADED\t7\n#define SUHOSIN_CODE_TYPE_0FILE\t\t8\n#define SUHOSIN_CODE_TYPE_BLACKURL\t9\n#define SUHOSIN_CODE_TYPE_BADURL\t10\n#define SUHOSIN_CODE_TYPE_GOODFILE\t11\n#define SUHOSIN_CODE_TYPE_BADFILE\t12\n#define SUHOSIN_CODE_TYPE_LONGNAME\t13\n#define SUHOSIN_CODE_TYPE_MANYDOTS\t14\n#define SUHOSIN_CODE_TYPE_WRITABLE 15\n#define SUHOSIN_CODE_TYPE_MBREGEXP\t16\n\nstatic int suhosin_check_filename(char *s, int len TSRMLS_DC)\n{\n\tchar fname[MAXPATHLEN+1];\n\tchar *t, *h, *h2, *index, *e;\n\tint tlen, i, count=0;\n\tuint indexlen;\n\tulong numindex;\n\tzend_bool isOk;\n\n\t/* check if filename is too long */\n\tif (len > MAXPATHLEN) {\n\t\treturn SUHOSIN_CODE_TYPE_LONGNAME;\n\t}\n\tmemcpy(fname, s, len);\n\tfname[len] = 0;\n\ts = (char *)&fname;\n\te = s + len;\n\n\t/* check if ASCIIZ attack -> not working yet (and cannot work in PHP4 + ZO) */\n\tif (len != strlen(s)) {\n\t\treturn SUHOSIN_CODE_TYPE_0FILE;\n\t}\n\n\t/* disallow uploaded files */\n\tif (SG(rfc1867_uploaded_files)) {\n\t\tif (zend_hash_exists(SG(rfc1867_uploaded_files), (char *) s, e-s+1)) {\n\t\t\treturn SUHOSIN_CODE_TYPE_UPLOADED;\n\t\t}\n\t}\n\n\t/* count number of directory traversals */\n\tfor (i=0; i < len-3; i++) {\n\t\tif (s[i] == '.' && s[i+1] == '.' && (s[i+2] == '/' || s[i+2] == '\\\\')) {\n\t\t\tcount++;\n\t\t\ti+=2;\n\t\t}\n\t}\n\tif (SUHOSIN_G(executor_include_max_traversal) && SUHOSIN_G(executor_include_max_traversal)<=count) {\n\t\treturn SUHOSIN_CODE_TYPE_MANYDOTS;\n\t}\n\nSDEBUG(\"xxx %p %p\",SUHOSIN_G(include_whitelist),SUHOSIN_G(include_blacklist));\n\t/* no black or whitelist then disallow all */\n\tif (SUHOSIN_G(include_whitelist)==NULL && SUHOSIN_G(include_blacklist)==NULL) {\n\t\t/* disallow all URLs */\n\t\tif (strstr(s, \"://\") != NULL || suhosin_strcasestr(s, \"data:\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_BADURL;\n\t\t}\n\t} else\n\t/* whitelist is stronger than blacklist */\n\tif (SUHOSIN_G(include_whitelist)) {\n\n\t\tdo {\n\t\t\tisOk = 0;\n\n\t\t\th = strstr(s, \"://\");\n\t\t\th2 = suhosin_strcasestr(s, \"data:\");\n\t\t\th2 = h2 == NULL ? NULL : h2 + 4;\n\t\t\tt = h = (h == NULL) ? h2 : ( (h2 == NULL) ? h : ( (h < h2) ? h : h2 ) );\n\t\t\tif (h == NULL) break;\n\n\t\t\twhile (t > s && (isalnum(t[-1]) || t[-1]=='_' || t[-1]=='.')) {\n\t\t\t\tt--;\n\t\t\t}\n\n\t\t\ttlen = e-t;\n\n\t\t\tzend_hash_internal_pointer_reset(SUHOSIN_G(include_whitelist));\n\t\t\tdo {\n\t\t\t\tint r = zend_hash_get_current_key_ex(SUHOSIN_G(include_whitelist), &index, &indexlen, &numindex, 0, NULL);\n\n\t\t\t\tif (r==HASH_KEY_NON_EXISTANT) {\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t\tif (r==HASH_KEY_IS_STRING) {\n\t\t\t\t\tif (h-t <= indexlen-1 && tlen>=indexlen-1) {\n\t\t\t\t\t\tif (strncasecmp(t, index, indexlen-1)==0) {\n\t\t\t\t\t\t\tisOk = 1;\n\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tzend_hash_move_forward(SUHOSIN_G(include_whitelist));\n\t\t\t} while (1);\n\n\t\t\t/* not found in whitelist */\n\t\t\tif (!isOk) {\n\t\t\t\treturn SUHOSIN_CODE_TYPE_BADURL;\n\t\t\t}\n\n\t\t\ts = h + 1;\n\t\t} while (1);\n\t} else {\n\n\t\tdo {\n\t\t\tint tlen;\n\n\t\t\th = strstr(s, \"://\");\n\t\t\th2 = suhosin_strcasestr(s, \"data:\");\n\t\t\th2 = h2 == NULL ? NULL : h2 + 4;\n\t\t\tt = h = (h == NULL) ? h2 : ( (h2 == NULL) ? h : ( (h < h2) ? h : h2 ) );\n\t\t\tif (h == NULL) break;\n\n\t\t\twhile (t > s && (isalnum(t[-1]) || t[-1]=='_' || t[-1]=='.')) {\n\t\t\t\tt--;\n\t\t\t}\n\n\t\t\ttlen = e-t;\n\n\t\t\tzend_hash_internal_pointer_reset(SUHOSIN_G(include_blacklist));\n\t\t\tdo {\n\t\t\t\tint r = zend_hash_get_current_key_ex(SUHOSIN_G(include_blacklist), &index, &indexlen, &numindex, 0, NULL);\n\n\t\t\t\tif (r==HASH_KEY_NON_EXISTANT) {\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t\tif (r==HASH_KEY_IS_STRING) {\n\t\t\t\t\tif (h-t <= indexlen-1 && tlen>=indexlen-1) {\n\t\t\t\t\t\tif (strncasecmp(t, index, indexlen-1)==0) {\n\t\t\t\t\t\t\treturn SUHOSIN_CODE_TYPE_BLACKURL;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tzend_hash_move_forward(SUHOSIN_G(include_blacklist));\n\t\t\t} while (1);\n\n\t\t\ts = h + 1;\n\t\t} while (1);\n\t}\n\n\t/* disallow writable files */\n\tif (!SUHOSIN_G(executor_include_allow_writable_files)) {\n\t\t/* protection against *REMOTE* attacks, potential\n\t\t race condition of access() is irrelevant */\n\t\tif (access(s, W_OK) == 0) {\n\t\t\treturn SUHOSIN_CODE_TYPE_WRITABLE;\n\t\t}\n\t}\n\n\treturn SUHOSIN_CODE_TYPE_GOODFILE;\n}\n\n\nstatic int (*old_zend_stream_open)(const char *filename, zend_file_handle *fh TSRMLS_DC);\n\nstatic int suhosin_zend_stream_open(const char *filename, zend_file_handle *fh TSRMLS_DC)\n{\n\tzend_execute_data *exd;\n\texd=EG(current_execute_data);\n\tif (EG(in_execution) && (exd!=NULL) && (exd->opline != NULL) && (exd->opline->opcode == ZEND_INCLUDE_OR_EVAL)) {\n\t\tint filetype = suhosin_check_filename((char *)filename, strlen(filename) TSRMLS_CC);\n\n\t\tswitch (filetype) {\n\t\t\tcase SUHOSIN_CODE_TYPE_LONGNAME:\n\t\t\tsuhosin_log(S_INCLUDE, \"Include filename ('%s') is too long\", filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\t\tcase SUHOSIN_CODE_TYPE_UPLOADED:\n\t\t\tsuhosin_log(S_INCLUDE, \"Include filename is an uploaded file\");\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\t\tcase SUHOSIN_CODE_TYPE_0FILE:\n\t\t\tsuhosin_log(S_INCLUDE, \"Include filename contains an ASCIIZ character\");\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\t\tcase SUHOSIN_CODE_TYPE_WRITABLE:\n\t\t\tsuhosin_log(S_INCLUDE, \"Include filename ('%s') is writable by PHP process\", filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\t\tcase SUHOSIN_CODE_TYPE_BLACKURL:\n\t\t\tsuhosin_log(S_INCLUDE, \"Include filename ('%s') is a URL that is forbidden by the blacklist\", filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\t\tcase SUHOSIN_CODE_TYPE_BADURL:\n\t\t\tsuhosin_log(S_INCLUDE, \"Include filename ('%s') is a URL that is not allowed\", filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\t\tcase SUHOSIN_CODE_TYPE_MANYDOTS:\n\t\t\tsuhosin_log(S_INCLUDE, \"Include filename ('%s') contains too many '../'\", filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\t\t}\n\t}\n\treturn old_zend_stream_open(filename, fh TSRMLS_CC);\n}\n\n\nstatic int suhosin_detect_codetype(zend_op_array *op_array TSRMLS_DC)\n{\n\tchar *s;\n\tint r;\n\n\ts = (char *)op_array->filename;\n\n\t/* eval, assert, create_function, preg_replace */\n\tif (op_array->type == ZEND_EVAL_CODE) {\n\t\tif (s == NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_UNKNOWN;\n\t\t}\n\n\t\tif (strstr(s, \"eval()'d code\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_EVAL;\n\t\t}\n\n\t\tif (strstr(s, \"regexp code\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_REGEXP;\n\t\t}\n\n\t\tif (strstr(s, \"mbregex replace\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_MBREGEXP;\n\t\t}\n\n\t\tif (strstr(s, \"assert code\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_ASSERT;\n\t\t}\n\n\t\tif (strstr(s, \"runtime-created function\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_CFUNC;\n\t\t}\n\n\t\tif (strstr(s, \"Command line code\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_COMMANDLINE;\n\t\t}\n\n\t\tif (strstr(s, \"Command line begin code\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_COMMANDLINE;\n\t\t}\n\n\t\tif (strstr(s, \"Command line run code\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_COMMANDLINE;\n\t\t}\n\n\t\tif (strstr(s, \"Command line end code\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_COMMANDLINE;\n\t\t}\n\n\t\tif (strstr(s, \"suhosin internal code\") != NULL) {\n\t\t\treturn SUHOSIN_CODE_TYPE_SUHOSIN;\n\t\t}\n\t} else {\n\t\tr = suhosin_check_filename(s, strlen(s) TSRMLS_CC);\n\t\treturn r;\n\t}\n\n\treturn SUHOSIN_CODE_TYPE_UNKNOWN;\n}\n\n/* {{{ void suhosin_execute_ex(zend_op_array *op_array TSRMLS_DC)\n * This function provides a hook for execution */\n#if PHP_VERSION_ID >= 50500\nstatic void suhosin_execute_ex(zend_execute_data *execute_data TSRMLS_DC)\n{\n\tzend_op_array *op_array = execute_data->op_array;\n#else\nstatic void suhosin_execute_ex(zend_op_array *op_array, int zo, long dummy TSRMLS_DC)\n{\n#endif\n\tzend_op_array *new_op_array;\n\tint op_array_type, len;\n\tchar *fn;\n\tzval cs;\n\tzend_uint orig_code_type;\n\tunsigned long *suhosin_flags = NULL;\n\n\t/* log variable dropping statistics */\n\tif (SUHOSIN_G(abort_request)) {\n\n\t\tSUHOSIN_G(abort_request) = 0; /* we only want this to happen the first time */\n\n\t\tif (SUHOSIN_G(att_request_variables)-SUHOSIN_G(cur_request_variables) > 0) {\n\t\t\tsuhosin_log(S_VARS, \"dropped %u request variables - (%u in GET, %u in POST, %u in COOKIE)\",\n\t\t\tSUHOSIN_G(att_request_variables)-SUHOSIN_G(cur_request_variables),\n\t\t\tSUHOSIN_G(att_get_vars)-SUHOSIN_G(cur_get_vars),\n\t\t\tSUHOSIN_G(att_post_vars)-SUHOSIN_G(cur_post_vars),\n\t\t\tSUHOSIN_G(att_cookie_vars)-SUHOSIN_G(cur_cookie_vars));\n\t\t}\n\n\t\tif (!SUHOSIN_G(simulation) && SUHOSIN_G(filter_action)) {\n\n\t\t\tchar *action = SUHOSIN_G(filter_action);\n\t\t\tlong code = -1;\n\n\t\t\twhile (*action == ' ' || *action == '\\t') action++;\n\n\t\t\tif (*action >= '0' && *action <= '9') {\n\t\t\t\tchar *end = action;\n\t\t\t\twhile (*end && *end != ',' && *end != ';') end++;\n\t\t\t\tcode = zend_atoi(action, end-action);\n\t\t\t\taction = end;\n\t\t\t}\n\n\t\t\twhile (*action == ' ' || *action == '\\t' || *action == ',' || *action == ';') action++;\n\n\t\t\tif (*action) {\n\n\t\t\t\tif (strncasecmp(\"http://\", action, sizeof(\"http://\")-1)==0\n\t\t\t\t|| strncasecmp(\"https://\", action, sizeof(\"https://\")-1)==0) {\n\t\t\t\t\tsapi_header_line ctr = {0};\n\n\t\t\t\t\tif (code == -1) {\n\t\t\t\t\t\tcode = 302;\n\t\t\t\t\t}\n\n\t\t\t\t\tctr.line_len = spprintf(&ctr.line, 0, \"Location: %s\", action);\n\t\t\t\t\tctr.response_code = code;\n\t\t\t\t\tsapi_header_op(SAPI_HEADER_REPLACE, &ctr TSRMLS_CC);\n\t\t\t\t\tefree(ctr.line);\n\t\t\t\t} else {\n\t\t\t\t\tzend_file_handle file_handle;\n\t\t\t\t\tzend_op_array *new_op_array;\n\t\t\t\t\tzval *result = NULL;\n\n\t\t\t\t\tif (code == -1) {\n\t\t\t\t\t\tcode = 200;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (zend_stream_open(action, &file_handle TSRMLS_CC) == SUCCESS) {\n\t\t\t\t\t\tif (!file_handle.opened_path) {\n\t\t\t\t\t\t\tfile_handle.opened_path = estrndup(action, strlen(action));\n\t\t\t\t\t\t}\n\t\t\t\t\t\tnew_op_array = zend_compile_file(&file_handle, ZEND_REQUIRE TSRMLS_CC);\n\t\t\t\t\t\tzend_destroy_file_handle(&file_handle TSRMLS_CC);\n\t\t\t\t\t\tif (new_op_array) {\n\t\t\t\t\t\t\tEG(return_value_ptr_ptr) = &result;\n\t\t\t\t\t\t\tEG(active_op_array) = new_op_array;\n\t\t\t\t\t\t\tzend_execute(new_op_array TSRMLS_CC);\n\t\t\t\t\t\t\tdestroy_op_array(new_op_array TSRMLS_CC);\n\t\t\t\t\t\t\tefree(new_op_array);\n\n\t\t\t\t\t\t\tif (!EG(exception))\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\tif (EG(return_value_ptr_ptr)) {\n\t\t\t\t\t\t\t\t\tzval_ptr_dtor(EG(return_value_ptr_ptr));\n\t\t\t\t\t\t\t\t\tEG(return_value_ptr_ptr) = NULL;\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\tcode = 500;\n\t\t\t\t\t\t}\n\t\t\t\t\t} else {\n\t\t\t\t\t\tcode = 500;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tsapi_header_op(SAPI_HEADER_SET_STATUS, (void *)code TSRMLS_CC);\n\t\t\tzend_bailout();\n\t\t}\n\t}\n\n\tSDEBUG(\"%s %s\", op_array->filename, op_array->function_name);\n\n\tSUHOSIN_G(execution_depth)++;\n\n\tif (SUHOSIN_G(max_execution_depth) && SUHOSIN_G(execution_depth) > SUHOSIN_G(max_execution_depth)) {\n\t\tsuhosin_log(S_EXECUTOR|S_GETCALLER, \"maximum execution depth reached - script terminated\");\n\t\tsuhosin_bailout(TSRMLS_C);\n\t}\n\n\tfn = (char *)op_array->filename;\n\tlen = strlen(fn);\n\n\torig_code_type = SUHOSIN_G(in_code_type);\n\tif (op_array->type == ZEND_EVAL_CODE) {\n\t\tSUHOSIN_G(in_code_type) = SUHOSIN_EVAL;\n\t} else {\n\t\tif (suhosin_zend_extension_entry.resource_number != -1) {\n\t\t\tsuhosin_flags = (unsigned long *) &op_array->reserved[suhosin_zend_extension_entry.resource_number];\n\t\t\tSDEBUG(\"suhosin flags: %08lx\", *suhosin_flags);\n\n\t\t\tif (*suhosin_flags & SUHOSIN_FLAG_CREATED_BY_EVAL) {\n\t\t\t\tSUHOSIN_G(in_code_type) = SUHOSIN_EVAL;\n\t\t\t}\n\t\t\tif (*suhosin_flags & SUHOSIN_FLAG_NOT_EVALED_CODE) {\n\t\t\t\tgoto not_evaled_code;\n\t\t\t}\n\t\t}\n\n\t\tif (strstr(op_array->filename, \"eval()'d code\")) {\n\t\t\tSUHOSIN_G(in_code_type) = SUHOSIN_EVAL;\n\t\t} else {\n\t\t\tif (suhosin_flags) {\n\t\t\t\t*suhosin_flags |= SUHOSIN_FLAG_NOT_EVALED_CODE;\n\t\t\t}\n\t\t}\n\t}\nnot_evaled_code:\n\tSDEBUG(\"code type %u\", SUHOSIN_G(in_code_type));\n\tif (op_array->function_name) {\n\t\tgoto continue_execution;\n\t}\n\n/*\tif (SUHOSIN_G(deactivate)) {\n\t\tgoto continue_execution;\n\t}\n*/\n\n\top_array_type = suhosin_detect_codetype(op_array TSRMLS_CC);\n\n\tswitch (op_array_type) {\n\t\tcase SUHOSIN_CODE_TYPE_EVAL:\n\t\t\tif (SUHOSIN_G(executor_disable_eval)) {\n\t\t\t\tsuhosin_log(S_EXECUTOR|S_GETCALLER, \"use of eval is forbidden by configuration\");\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tzend_error(E_ERROR, \"SUHOSIN - Use of eval is forbidden by configuration\");\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_REGEXP:\n\t\t\tif (SUHOSIN_G(executor_disable_emod)) {\n\t\t\t\tsuhosin_log(S_EXECUTOR|S_GETCALLER, \"use of preg_replace() with /e modifier is forbidden by configuration\");\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tzend_error(E_ERROR, \"SUHOSIN - Use of preg_replace() with /e modifier is forbidden by configuration\");\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_MBREGEXP:\n\t\t\t/* XXX TODO: Do we want to disallow this, too? */\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_ASSERT:\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_CFUNC:\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_LONGNAME:\n\t\t\tsuhosin_log(S_INCLUDE|S_GETCALLER, \"Include filename ('%s') is too long\", op_array->filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_MANYDOTS:\n\t\t\tsuhosin_log(S_INCLUDE|S_GETCALLER, \"Include filename ('%s') contains too many '../'\", op_array->filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_UPLOADED:\n\t\t\tsuhosin_log(S_INCLUDE|S_GETCALLER, \"Include filename is an uploaded file\");\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_0FILE:\n\t\t\tsuhosin_log(S_INCLUDE|S_GETCALLER, \"Include filename contains an ASCIIZ character\");\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_WRITABLE:\n\t\t\tsuhosin_log(S_INCLUDE|S_GETCALLER, \"Include filename ('%s') is writable by PHP process\", op_array->filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_BLACKURL:\n\t\t\tsuhosin_log(S_INCLUDE|S_GETCALLER, \"Include filename ('%s') is a URL that is forbidden by the blacklist\", op_array->filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_BADURL:\n\t\t\tsuhosin_log(S_INCLUDE|S_GETCALLER, \"Include filename ('%s') is a URL that is not allowed\", op_array->filename);\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_BADFILE:\n\t\t\tcs.type = IS_STRING;\n#define DIE_WITH_MSG \"die('disallowed_file'.chr(10).chr(10));\"\n\t\t\tcs.value.str.val = estrndup(DIE_WITH_MSG, sizeof(DIE_WITH_MSG)-1);\n\t\t\tcs.value.str.len = sizeof(DIE_WITH_MSG)-1;\n\t\t\tnew_op_array = compile_string(&cs, \"suhosin internal code\" TSRMLS_CC);\n\t\t\tif (new_op_array) {\n\t\t\t\top_array = new_op_array;\n\t\t\t\tgoto continue_execution;\n\t\t\t}\n\t\t\tsuhosin_bailout(TSRMLS_C);\n\t\t\tbreak;\n\n\t\tcase SUHOSIN_CODE_TYPE_COMMANDLINE:\n\t\tcase SUHOSIN_CODE_TYPE_SUHOSIN:\n\t\tcase SUHOSIN_CODE_TYPE_UNKNOWN:\n\t\tcase SUHOSIN_CODE_TYPE_GOODFILE:\n\t\t\tgoto continue_execution;\n\t}\n\ncontinue_execution:\n#if PHP_VERSION_ID >= 50500\n\told_execute_ex (execute_data TSRMLS_CC);\n#else\n\tif (zo) {\n\t\told_execute_ZO (op_array, dummy TSRMLS_CC);\n\t} else {\n\t\told_execute (op_array TSRMLS_CC);\n\t}\n#endif\n\t/* nothing to do */\n\tSUHOSIN_G(in_code_type) = orig_code_type;\n\tSUHOSIN_G(execution_depth)--;\n}\n/* }}} */\n\n#if PHP_VERSION_ID < 50500\n/* {{{ void suhosin_execute(zend_op_array *op_array TSRMLS_DC)\n * This function provides a hook for execution */\nstatic void suhosin_execute(zend_op_array *op_array TSRMLS_DC)\n{\n\tsuhosin_execute_ex(op_array, 0, 0 TSRMLS_CC);\n}\n\n/* {{{ void suhosin_execute(zend_op_array *op_array, long dummy TSRMLS_DC)\n * This function provides a hook for execution */\nstatic void suhosin_execute_ZO(zend_op_array *op_array, long dummy TSRMLS_DC)\n{\n\tsuhosin_execute_ex(op_array, 1, dummy TSRMLS_CC);\n}\n/* }}} */\n#endif\n\n#if PHP_VERSION_ID >= 50500\n#define IH_HANDLER_PARAMS_REST int ht, zval *return_value, zval **return_value_ptr, zval *this_ptr, int return_value_used TSRMLS_DC\n#define IH_HANDLER_PARAMS internal_function_handler *ih, IH_HANDLER_PARAMS_REST\n#define IH_HANDLER_PARAM_PASSTHRU ih, ht, return_value, return_value_ptr, this_ptr, return_value_used TSRMLS_CC\n#else\n#define IH_HANDLER_PARAMS_REST zend_execute_data *execute_data_ptr, int return_value_used, int ht, zval *return_value TSRMLS_DC\n#define IH_HANDLER_PARAMS internal_function_handler *ih, IH_HANDLER_PARAMS_REST\n#define IH_HANDLER_PARAM_PASSTHRU ih, execute_data_ptr, return_value_used, ht, return_value TSRMLS_CC\n#endif\n\nHashTable ihandler_table;\n\ntypedef struct _internal_function_handler {\n\n\tchar *name;\n\tint (*handler)(struct _internal_function_handler *ih, IH_HANDLER_PARAMS_REST);\n\tvoid *arg1;\n\tvoid *arg2;\n\tvoid *arg3;\n\n} internal_function_handler;\n\nint ih_preg_replace(IH_HANDLER_PARAMS)\n{\n\tzval **regex,\n\t **replace,\n\t **subject,\n\t **limit, **zcount;\n\n\t if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, \"ZZZ|ZZ\", ®ex, &replace, &subject, &limit, &zcount) == FAILURE) {\n\t\treturn (1);\n\t }\n\n\tif (Z_TYPE_PP(regex) == IS_ARRAY) {\n\t\tzval\t**regex_entry;\n\n\t\tzend_hash_internal_pointer_reset(Z_ARRVAL_PP(regex));\n\t\t/* For each entry in the regex array, get the entry */\n\t\twhile (zend_hash_get_current_data(Z_ARRVAL_PP(regex), (void **)®ex_entry) == SUCCESS) {\n\n\t\t\tif (Z_TYPE_PP(regex_entry) == IS_STRING) {\n\t\t\t\tif (strlen(Z_STRVAL_PP(regex_entry)) != Z_STRLEN_PP(regex_entry)) {\n\t\t\t\t\tsuhosin_log(S_EXECUTOR, \"string termination attack on first preg_replace parameter detected\");\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\tRETVAL_FALSE;\n\t\t\t\t\t\treturn (1);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tzend_hash_move_forward(Z_ARRVAL_PP(regex));\n\n\t\t}\n\n\t} else if (Z_TYPE_PP(regex) == IS_STRING) {\n\t\tif (strlen(Z_STRVAL_PP(regex)) != Z_STRLEN_PP(regex)) {\n\t\t\tsuhosin_log(S_EXECUTOR, \"string termination attack on first preg_replace parameter detected\");\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\tRETVAL_FALSE;\n\t\t\t\treturn (1);\n\t\t\t}\n\t\t}\n\t}\n\n\treturn (0);\n}\n\nint ih_symlink(IH_HANDLER_PARAMS)\n{\n\tif (SUHOSIN_G(executor_allow_symlink)) {\n\t\treturn (0);\n\t}\n\n\tif (PG(open_basedir) && PG(open_basedir)[0]) {\n\t\tsuhosin_log(S_EXECUTOR, \"symlink called during open_basedir\");\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tRETVAL_FALSE;\n\t\t\treturn (1);\n\t\t}\n\t}\n\n\treturn (0);\n}\n\nint ih_mail(IH_HANDLER_PARAMS)\n{\n\tchar *to=NULL, *message=NULL, *headers=NULL;\n\tchar *subject=NULL, *extra_cmd=NULL;\n\tchar *tmp;\n\tint to_len, message_len, headers_len;\n\tint subject_len, extra_cmd_len;\n\n\tif (SUHOSIN_G(mailprotect) == 0) {\n\t\treturn (0);\n\t}\n\n\tif (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, \"sss|ss\",\n\t\t\t\t\t\t &to, &to_len,\n\t\t\t\t\t\t &subject, &subject_len,\n\t\t\t\t\t\t &message, &message_len,\n\t\t\t\t\t\t &headers, &headers_len,\n\t\t\t\t\t\t &extra_cmd, &extra_cmd_len\n\t\t\t\t\t\t ) == FAILURE) {\n\t\tRETVAL_FALSE;\n\t\treturn (1);\n\t}\n\n\tif (headers_len > 0 && headers &&\n\t\t(strstr(headers, \"\\n\\n\") || strstr(headers, \"\\n\\r\\n\") /* double newline */\n\t\t\t|| *headers == '\\n' || (headers[0] == '\\r' && headers[1] == '\\n') /* starts with newline */\n\t)) {\n\t\tsuhosin_log(S_MAIL, \"mail() - double newline in headers, possible injection, mail dropped\");\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tRETVAL_FALSE;\n\t\t\treturn (1);\n\t\t}\n\t}\n\n\t/* check for spam attempts with buggy webforms */\n\tif (to_len > 0 && to) {\n\t\tdo {\n\t\t\tif ((tmp = strchr(to, '\\n')) == NULL)\n\t\t\t\ttmp = strchr(to, '\\r');\n\t\t\tif (tmp == NULL) break;\n\t\t\tto = tmp + 1;\n\t\t\tif (!isspace(*to)) break;\n\t\t} while (1);\n\t\tif (tmp != NULL) {\n\t\t\tsuhosin_log(S_MAIL, \"mail() - newline in To header, possible injection, mail dropped\");\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\tRETVAL_FALSE;\n\t\t\t\treturn (1);\n\t\t\t}\n\t\t}\n\t}\n\n\tif (subject_len > 0 && subject) {\n\t\tdo {\n\t\t\tif ((tmp = strchr(subject, '\\n')) == NULL)\n\t\t\t\ttmp = strchr(subject, '\\r');\n\t\t\tif (tmp == NULL) break;\n\t\t\tsubject = tmp + 1;\n\t\t\tif (!isspace(*subject)) break;\n\t\t} while (1);\n\t\tif (tmp != NULL) {\n\t\t\tsuhosin_log(S_MAIL, \"mail() - newline in Subject header, possible injection, mail dropped\");\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\tRETVAL_FALSE;\n\t\t\t\treturn (1);\n\t\t\t}\n\t\t}\n\t}\n\n\tif (SUHOSIN_G(mailprotect) > 1) {\n\t\t/* search for to, cc or bcc headers */\n\t\tif (headers_len > 0 && headers != NULL) {\n\t\t\tif (strncasecmp(headers, \"to:\", sizeof(\"to:\") - 1) == 0 || suhosin_strcasestr(headers, \"\\nto:\")) {\n\t\t\t\tsuhosin_log(S_MAIL, \"mail() - To: headers aren't allowed in the headers parameter.\");\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tRETVAL_FALSE;\n\t\t\t\t\treturn (1);\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (strncasecmp(headers, \"cc:\", sizeof(\"cc:\") - 1) == 0 || suhosin_strcasestr(headers, \"\\ncc:\")) {\n\t\t\t\tsuhosin_log(S_MAIL, \"mail() - CC: headers aren't allowed in the headers parameter.\");\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tRETVAL_FALSE;\n\t\t\t\t\treturn (1);\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (strncasecmp(headers, \"bcc:\", sizeof(\"bcc:\") - 1) == 0 || suhosin_strcasestr(headers, \"\\nbcc:\")) {\n\t\t\t\tsuhosin_log(S_MAIL, \"mail() - BCC: headers aren't allowed in the headers parameter.\");\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tRETVAL_FALSE;\n\t\t\t\t\treturn (1);\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\n\treturn (0);\n}\n\n#define SQLSTATE_SQL 0\n#define SQLSTATE_IDENTIFIER 1\n#define SQLSTATE_STRING 2\n#define SQLSTATE_COMMENT 3\n#define SQLSTATE_MLCOMMENT 4\n\nint ih_querycheck(IH_HANDLER_PARAMS)\n{\n\tvoid **p = zend_vm_stack_top(TSRMLS_C) - 1;\n\tunsigned long arg_count;\n\tzval **arg;\n\tchar *query, *s, *e;\n\tzval *backup;\n\tint len;\n\tchar quote;\n\tint state = SQLSTATE_SQL;\n\tint cnt_union = 0, cnt_select = 0, cnt_comment = 0, cnt_opencomment = 0;\n\tint mysql_extension = 0;\n\n\n\tSDEBUG(\"function: %s\", ih->name);\n\targ_count = (unsigned long) *p;\n\n\tif (ht < (long) ih->arg1) {\n\t\treturn (0);\n\t}\n\n\tif ((long) ih->arg2) {\n\t\tmysql_extension = 1;\n\t}\n\n\targ = (zval **) p - (arg_count - (long) ih->arg1 + 1); /* count from 0 */\n\n\tbackup = *arg;\n\tif (Z_TYPE_P(backup) != IS_STRING) {\n\t\treturn (0);\n\t}\n\tlen = Z_STRLEN_P(backup);\n\tquery = Z_STRVAL_P(backup);\n\tSDEBUG(\"SQL |%s|\", query);\n\n\ts = query;\n\te = s+len;\n\n\twhile (s < e) {\n\t\tswitch (state)\n\t\t{\n\t\t\tcase SQLSTATE_SQL:\n\t\t\t\tswitch (s[0])\n\t\t\t\t{\n\t\t\t\tcase '`':\n\t\t\t\t\tstate = SQLSTATE_IDENTIFIER;\n\t\t\t\t\tquote = '`';\n\t\t\t\t\tbreak;\n\t\t\t\tcase '\\'':\n\t\t\t\tcase '\"':\n\t\t\t\t\tstate = SQLSTATE_STRING;\n\t\t\t\t\tquote = *s;\n\t\t\t\t\tbreak;\n\t\t\t\tcase '/':\n\t\t\t\t\tif (s[1]=='*') {\n\t\t\t\t\t\tif (mysql_extension == 1 && s[2] == '!') {\n\t\t\t\t\t\t\ts += 2;\n\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t}\n\t\t\t\t\t\ts++;\n\t\t\t\t\t\tstate = SQLSTATE_MLCOMMENT;\n\t\t\t\t\t\tcnt_comment++;\n\t\t\t\t\t}\n\t\t\t\t\tbreak;\n\t\t\t\tcase '-':\n\t\t\t\t\tif (s[1]=='-') {\n\t\t\t\t\ts++;\n\t\t\t\t\tstate = SQLSTATE_COMMENT;\n\t\t\t\t\tcnt_comment++;\n\t\t\t\t\t}\n\t\t\t\t\tbreak;\n\t\t\t\tcase '#':\n\t\t\t\t\tstate = SQLSTATE_COMMENT;\n\t\t\t\t\tcnt_comment++;\n\t\t\t\t\tbreak;\n\t\t\t\tcase 'u':\n\t\t\t\tcase 'U':\n\t\t\t\t\tif (strncasecmp(\"union\", s, 5)==0) {\n\t\t\t\t\t\ts += 4;\n\t\t\t\t\tcnt_union++;\n\t\t\t\t\t}\n\t\t\t\t\tbreak;\n\t\t\t\tcase 's':\n\t\t\t\tcase 'S':\n\t\t\t\t\tif (strncasecmp(\"select\", s, 6)==0) {\n\t\t\t\t\t\ts += 5;\n\t\t\t\t\tcnt_select++;\n\t\t\t\t\t}\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\tcase SQLSTATE_STRING:\n\t\tcase SQLSTATE_IDENTIFIER:\n\t\t\t\tif (s[0] == quote) {\n\t\t\t\tif (s[1] == quote) {\n\t\t\t\t\ts++;\n\t\t\t\t} else {\n\t\t\t\t\tstate = SQLSTATE_SQL;\n\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (s[0] == '\\\\') {\n\t\t\t\ts++;\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\tcase SQLSTATE_COMMENT:\n\t\t\t\twhile (s[0] && s[0] != '\\n') {\n\t\t\t\ts++;\n\t\t\t\t}\n\t\t\t\tstate = SQLSTATE_SQL;\n\t\t\t\tbreak;\n\t\t\tcase SQLSTATE_MLCOMMENT:\n\t\t\t\twhile (s[0] && (s[0] != '*' || s[1] != '/')) {\n\t\t\t\ts++;\n\t\t\t\t}\n\t\t\t\tif (s[0]) {\n\t\t\t\tstate = SQLSTATE_SQL;\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t}\n\t\ts++;\n\t}\n\tif (state == SQLSTATE_MLCOMMENT) {\n\t\tcnt_opencomment = 1;\n\t}\n\n\tif (cnt_opencomment && SUHOSIN_G(sql_opencomment)>0) {\n\t\tsuhosin_log(S_SQL, \"Open comment in SQL query: '%*s'\", len, query);\n\t\tif (SUHOSIN_G(sql_opencomment)>1) {\n\t\tsuhosin_bailout(TSRMLS_C);\n\t\t}\n\t}\n\n\tif (cnt_comment && SUHOSIN_G(sql_comment)>0) {\n\t\tsuhosin_log(S_SQL, \"Comment in SQL query: '%*s'\", len, query);\n\t\tif (SUHOSIN_G(sql_comment)>1) {\n\t\tsuhosin_bailout(TSRMLS_C);\n\t\t}\n\t}\n\n\tif (cnt_union && SUHOSIN_G(sql_union)>0) {\n\t\tsuhosin_log(S_SQL, \"UNION in SQL query: '%*s'\", len, query);\n\t\tif (SUHOSIN_G(sql_union)>1) {\n\t\tsuhosin_bailout(TSRMLS_C);\n\t\t}\n\t}\n\n\tif (cnt_select>1 && SUHOSIN_G(sql_mselect)>0) {\n\t\tsuhosin_log(S_SQL, \"Multiple SELECT in SQL query: '%*s'\", len, query);\n\t\tif (SUHOSIN_G(sql_mselect)>1) {\n\t\tsuhosin_bailout(TSRMLS_C);\n\t\t}\n\t}\n\n\treturn (0);\n}\n\n\nint ih_fixusername(IH_HANDLER_PARAMS)\n{\n\tvoid **p = zend_vm_stack_top(TSRMLS_C) - 1;\n\tunsigned long arg_count;\n\tzval **arg;\n\tchar *prefix, *postfix, *user, *user_match, *cp;\n\tzval *backup, *my_user;\n\tint prefix_len, postfix_len, len;\n\n\tSDEBUG(\"function (fixusername): %s\", ih->name);\n\n\tprefix = SUHOSIN_G(sql_user_prefix);\n\tpostfix = SUHOSIN_G(sql_user_postfix);\n\tuser_match = SUHOSIN_G(sql_user_match);\n\n\targ_count = (unsigned long) *p;\n\n\tif (ht < (long) ih->arg1) {\n\t\treturn (0);\n\t}\n\n\targ = (zval **) p - (arg_count - (long) ih->arg1 + 1); /* count from 0 */\n\n\tbackup = *arg;\n\tif (Z_TYPE_P(backup) != IS_STRING) {\n\t\tuser = \"\";\n\t\tlen = 0;\n\t} else {\n\t\tlen = Z_STRLEN_P(backup);\n\t\tuser = Z_STRVAL_P(backup);\n\t}\n\n\tcp = user;\n\twhile (cp < user+len) {\n\t\tif (*cp < 32) {\n\t\t\tsuhosin_log(S_SQL, \"SQL username contains invalid characters\");\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\tRETVAL_FALSE;\n\t\t\t\treturn (1);\n\t\t\t}\n\t\t\tbreak;\n\t\t}\n\t\tcp++;\n\t}\n\n\tif ((prefix != NULL && prefix[0]) || (postfix != NULL && postfix[0])) {\n\t\tif (prefix == NULL) {\n\t\t\tprefix = \"\";\n\t\t}\n\t\tif (postfix == NULL) {\n\t\t\tpostfix = \"\";\n\t\t}\n\t\tprefix_len = strlen(prefix);\n\t\tpostfix_len = strlen(postfix);\n\n\t\tMAKE_STD_ZVAL(my_user);\n\t\tmy_user->type = IS_STRING;\n\t\tmy_user->value.str.len = spprintf(&my_user->value.str.val, 0, \"%s%s%s\", prefix, user, postfix);\n\n\t\t/* XXX: memory_leak? */\n\t\t*arg = my_user;\n\n\t\tlen = Z_STRLEN_P(my_user);\n\t\tuser = Z_STRVAL_P(my_user);\n\t}\n\n\tif (user_match && user_match[0]) {\n#ifdef HAVE_FNMATCH\n\t\tif (fnmatch(user_match, user, 0) != 0) {\n\t\t\tsuhosin_log(S_SQL, \"SQL username ('%s') does not match suhosin.sql.user_match ('%s')\", user, user_match);\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\tRETVAL_FALSE;\n\t\t\t\treturn (1);\n\t\t\t}\n\t\t}\n#else\n#warning no support for fnmatch() - setting suhosin.sql.user_match will always fail.\n\t\tsuhosin_log(S_SQL, \"suhosin.sql.user_match specified, but system does not support fnmatch()\");\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tRETVAL_FALSE;\n\t\t\treturn (1);\n\t\t}\n#endif\n\t}\n\n\tSDEBUG(\"function: %s - user: %s\", ih->name, user);\n\n\treturn (0);\n}\n\n\nstatic int ih_function_exists(IH_HANDLER_PARAMS)\n{\n\tchar *name;\n\tint name_len;\n\tzend_function *func;\n\tchar *lcname;\n\tzend_bool retval;\n\n\tif (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, \"s\", &name, &name_len) == FAILURE) {\n\t\treturn 1;\n\t}\n\n\tif (name_len <= 0) {\n\t\tRETVAL_BOOL(0);\n\t\treturn 1;\n\t}\n\n\tlcname = zend_str_tolower_dup(name, name_len);\n\n\t/* Ignore leading \"\\\" */\n\tname = lcname;\n\tif (lcname[0] == '\\\\') {\n\t\tname = &lcname[1];\n\t\tname_len--;\n\t}\n\n\tretval = (zend_hash_find(EG(function_table), name, name_len+1, (void **)&func) == SUCCESS);\n\n\t/*\n\t * A bit of a hack, but not a bad one: we see if the handler of the function\n\t * is actually one that displays \"function is disabled\" message.\n\t */\n\tif (retval && func->type == ZEND_INTERNAL_FUNCTION &&\n\t\tfunc->internal_function.handler == zif_display_disabled_function) {\n\t\t\tretval = 0;\n\t\t\tgoto ret;\n\t}\n\n\t/* Now check if function is forbidden by Suhosin */\n\tif (SUHOSIN_G(in_code_type) == SUHOSIN_EVAL) {\n\t\tif (SUHOSIN_G(eval_whitelist) != NULL) {\n\t\t\tif (!zend_hash_exists(SUHOSIN_G(eval_whitelist), name, name_len+1)) {\n\t\t\t\tretval = 0;\n\t\t\t\tgoto ret;\n\t\t\t}\n\t\t} else if (SUHOSIN_G(eval_blacklist) != NULL) {\n\t\t\tif (zend_hash_exists(SUHOSIN_G(eval_blacklist), name, name_len+1)) {\n\t\t\t\tretval = 0;\n\t\t\t\tgoto ret;\n\t\t\t}\n\t\t}\n\t}\n\n\tif (SUHOSIN_G(func_whitelist) != NULL) {\n\t\tif (!zend_hash_exists(SUHOSIN_G(func_whitelist), name, name_len+1)) {\n\t\t\tretval = 0;\n\t\t\tgoto ret;\n\t\t}\n\t} else if (SUHOSIN_G(func_blacklist) != NULL) {\n\t\tif (zend_hash_exists(SUHOSIN_G(func_blacklist), name, name_len+1)) {\n\t\t\tretval = 0;\n\t\t\tgoto ret;\n\t\t}\n\t}\n\nret:\n\tefree(lcname);\n\tRETVAL_BOOL(retval);\n\treturn 1;\n}\n\n/* MT RAND FUNCTIONS */\n\n/*\n\tThe following php_mt_...() functions are based on a C++ class MTRand by\n\tRichard J. Wagner. For more information see the web page at\n\thttp://www-personal.engin.umich.edu/~wagnerr/MersenneTwister.html\n\n\tMersenne Twister random number generator -- a C++ class MTRand\n\tBased on code by Makoto Matsumoto, Takuji Nishimura, and Shawn Cokus\n\tRichard J. Wagner v1.0 15 May 2003 rjwagner@writeme.com\n\n\tThe Mersenne Twister is an algorithm for generating random numbers. It\n\twas designed with consideration of the flaws in various other generators.\n\tThe period, 2^19937-1, and the order of equidistribution, 623 dimensions,\n\tare far greater. The generator is also fast; it avoids multiplication and\n\tdivision, and it benefits from caches and pipelines. For more information\n\tsee the inventors' web page at http://www.math.keio.ac.jp/~matumoto/emt.html\n\n\tReference\n\tM. Matsumoto and T. Nishimura, \"Mersenne Twister: A 623-Dimensionally\n\tEquidistributed Uniform Pseudo-Random Number Generator\", ACM Transactions on\n\tModeling and Computer Simulation, Vol. 8, No. 1, January 1998, pp 3-30.\n\n\tCopyright (C) 1997 - 2002, Makoto Matsumoto and Takuji Nishimura,\n\tCopyright (C) 2000 - 2003, Richard J. Wagner\n\tAll rights reserved.\n\n\tRedistribution and use in source and binary forms, with or without\n\tmodification, are permitted provided that the following conditions\n\tare met:\n\n\t1. Redistributions of source code must retain the above copyright\n\t notice, this list of conditions and the following disclaimer.\n\n\t2. Redistributions in binary form must reproduce the above copyright\n\t notice, this list of conditions and the following disclaimer in the\n\t documentation and/or other materials provided with the distribution.\n\n\t3. The names of its contributors may not be used to endorse or promote\n\t products derived from this software without specific prior written\n\t permission.\n\n\tTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\t\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n\tLIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n\tA PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR\n\tCONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,\n\tEXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,\n\tPROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR\n\tPROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF\n\tLIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING\n\tNEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS\n\tSOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n\n\tThe original code included the following notice:\n\n\tWhen you use this, send an email to: matumoto@math.keio.ac.jp\n with an appropriate reference to your work.\n\n\tIt would be nice to CC: rjwagner@writeme.com and Cokus@math.washington.edu\n\twhen you write.\n*/\n\n#define N 624 /* length of state vector */\n#define M (397) /* a period parameter */\n#define hiBit(u) ((u) & 0x80000000U) /* mask all but highest bit of u */\n#define loBit(u) ((u) & 0x00000001U) /* mask all but lowest bit of u */\n#define loBits(u) ((u) & 0x7FFFFFFFU) /* mask the highest bit of u */\n#define mixBits(u, v) (hiBit(u)|loBits(v)) /* move hi bit of u to hi bit of v */\n\n#define twist(m,u,v) (m ^ (mixBits(u,v)>>1) ^ ((php_uint32)(-(php_int32)(loBit(v))) & 0x9908b0dfU))\n\n/* {{{ php_mt_initialize\n */\nstatic inline void suhosin_mt_initialize(php_uint32 seed, php_uint32 *state)\n{\n\t/* Initialize generator state with seed\n\t See Knuth TAOCP Vol 2, 3rd Ed, p.106 for multiplier.\n\t In previous versions, most significant bits (MSBs) of the seed affect\n\t only MSBs of the state array. Modified 9 Jan 2002 by Makoto Matsumoto. */\n\n\tregister php_uint32 *s = state;\n\tregister php_uint32 *r = state;\n\tregister int i = 1;\n\n\t*s++ = seed & 0xffffffffU;\n\tfor( ; i < N; ++i ) {\n\t\t*s++ = ( 1812433253U * ( *r ^ (*r >> 30) ) + i ) & 0xffffffffU;\n\t\tr++;\n\t}\n}\n/* }}} */\n\nstatic inline void suhosin_mt_init_by_array(php_uint32 *key, int keylen, php_uint32 *state)\n{\n int i, j, k;\n suhosin_mt_initialize(19650218U, state);\n i = 1; j = 0;\n k = (N > keylen ? N : keylen);\n for (; k; k--) {\n state[i] = (state[i] ^ ((state[i-1] ^ (state[i-1] >> 30)) * 1664525U)) + key[j] + j;\n i++; j = (j+1) % keylen;\n if (i >= N) { state[0] = state[N-1]; i=1; }\n }\n for (k=N-1; k; k--) {\n state[i] = (state[i] ^ ((state[i-1] ^ (state[i-1] >> 30)) * 1566083941U)) - i;\n i++;\n if (i >= N) { state[0] = state[N-1]; i=1; }\n }\n state[0] = 0x80000000U;\n}\n/* }}} */\n\n\n/* {{{ suhosin_mt_reload\n */\nstatic inline void suhosin_mt_reload(php_uint32 *state, php_uint32 **next, int *left)\n{\n\t/* Generate N new values in state\n\t Made clearer and faster by Matthew Bellew (matthew.bellew@home.com) */\n\n\tregister php_uint32 *p = state;\n\tregister int i;\n\n\tfor (i = N - M; i--; ++p)\n\t\t*p = twist(p[M], p[0], p[1]);\n\tfor (i = M; --i; ++p)\n\t\t*p = twist(p[M-N], p[0], p[1]);\n\t*p = twist(p[M-N], p[0], state[0]);\n\t*left = N;\n\t*next = state;\n}\n/* }}} */\n\n/* {{{ suhosin_mt_srand\n */\nstatic void suhosin_mt_srand(php_uint32 seed TSRMLS_DC)\n{\n\t/* Seed the generator with a simple uint32 */\n\tsuhosin_mt_initialize(seed, SUHOSIN_G(mt_state));\n\tsuhosin_mt_reload(SUHOSIN_G(mt_state), &SUHOSIN_G(mt_next), &SUHOSIN_G(mt_left));\n\n\t/* Seed only once */\n\tSUHOSIN_G(mt_is_seeded) = 1;\n}\n/* }}} */\n\n/* {{{ suhosin_mt_rand\n */\nstatic php_uint32 suhosin_mt_rand(TSRMLS_D)\n{\n\t/* Pull a 32-bit integer from the generator state\n\t Every other access function simply transforms the numbers extracted here */\n\n\tregister php_uint32 s1;\n\n\tif (SUHOSIN_G(mt_left) == 0) {\n \tsuhosin_mt_reload(SUHOSIN_G(mt_state), &SUHOSIN_G(mt_next), &SUHOSIN_G(mt_left));\n\t}\n\t--SUHOSIN_G(mt_left);\n\n\ts1 = *SUHOSIN_G(mt_next)++;\n\ts1 ^= (s1 >> 11);\n\ts1 ^= (s1 << 7) & 0x9d2c5680U;\n\ts1 ^= (s1 << 15) & 0xefc60000U;\n\treturn ( s1 ^ (s1 >> 18) );\n}\n/* }}} */\n\n/* {{{ suhosin_gen_entropy\n */\nstatic void suhosin_gen_entropy(php_uint32 *entropybuf TSRMLS_DC)\n{\n php_uint32 seedbuf[20];\n /* On a modern OS code, stack and heap base are randomized */\n unsigned long code_value = (unsigned long)suhosin_gen_entropy;\n unsigned long stack_value = (unsigned long)&code_value;\n unsigned long heap_value = (unsigned long)SUHOSIN_G(r_state);\n suhosin_SHA256_CTX context;\n int fd;\n\n code_value ^= code_value >> 32;\n stack_value ^= stack_value >> 32;\n heap_value ^= heap_value >> 32;\n\n seedbuf[0] = code_value;\n seedbuf[1] = stack_value;\n seedbuf[2] = heap_value;\n seedbuf[3] = time(0);\n#ifdef PHP_WIN32\n seedbuf[4] = GetCurrentProcessId();\n#else\n seedbuf[4] = getpid();\n#endif\n seedbuf[5] = (php_uint32) 0x7fffffff * php_combined_lcg(TSRMLS_C);\n\n#ifndef PHP_WIN32\n fd = VCWD_OPEN(\"/dev/urandom\", O_RDONLY);\n if (fd >= 0) {\n /* ignore error case - if urandom doesn't give us any/enough random bytes */\n read(fd, &seedbuf[6], 8 * sizeof(php_uint32));\n close(fd);\n }\n#else\n /* we have to live with the possibility that this call fails */\n php_win32_get_random_bytes((unsigned char*)&seedbuf[6], 8 * sizeof(php_uint32));\n#endif\n\n suhosin_SHA256Init(&context);\n /* to our friends from Debian: yes this will add unitialized stack values to the entropy DO NOT REMOVE */\n suhosin_SHA256Update(&context, (void *) seedbuf, sizeof(seedbuf));\n if (SUHOSIN_G(seedingkey) != NULL && *SUHOSIN_G(seedingkey) != 0) {\n suhosin_SHA256Update(&context, (unsigned char*)SUHOSIN_G(seedingkey), strlen(SUHOSIN_G(seedingkey)));\n }\n suhosin_SHA256Final((void *)entropybuf, &context);\n}\n/* }}} */\n\n\n/* {{{ suhosin_srand_auto\n */\nstatic void suhosin_srand_auto(TSRMLS_D)\n{\n php_uint32 seed[8];\n suhosin_gen_entropy(&seed[0] TSRMLS_CC);\n\n\tsuhosin_mt_init_by_array(seed, 8, SUHOSIN_G(r_state));\n\tsuhosin_mt_reload(SUHOSIN_G(r_state), &SUHOSIN_G(r_next), &SUHOSIN_G(r_left));\n\n\t/* Seed only once */\n\tSUHOSIN_G(r_is_seeded) = 1;\n}\n/* }}} */\n\n/* {{{ suhosin_mt_srand_auto\n */\nstatic void suhosin_mt_srand_auto(TSRMLS_D)\n{\n php_uint32 seed[8];\n suhosin_gen_entropy(&seed[0] TSRMLS_CC);\n\n\tsuhosin_mt_init_by_array(seed, 8, SUHOSIN_G(mt_state));\n\tsuhosin_mt_reload(SUHOSIN_G(mt_state), &SUHOSIN_G(mt_next), &SUHOSIN_G(mt_left));\n\n\t/* Seed only once */\n\tSUHOSIN_G(mt_is_seeded) = 1;\n}\n/* }}} */\n\n\n/* {{{ suhosin_srand\n */\nstatic void suhosin_srand(php_uint32 seed TSRMLS_DC)\n{\n\t/* Seed the generator with a simple uint32 */\n\tsuhosin_mt_initialize(seed+0x12345, SUHOSIN_G(r_state));\n\tsuhosin_mt_reload(SUHOSIN_G(r_state), &SUHOSIN_G(r_next), &SUHOSIN_G(r_left));\n\n\t/* Seed only once */\n\tSUHOSIN_G(r_is_seeded) = 1;\n}\n/* }}} */\n\n/* {{{ suhosin_mt_rand\n */\nstatic php_uint32 suhosin_rand(TSRMLS_D)\n{\n\t/* Pull a 32-bit integer from the generator state\n\t Every other access function simply transforms the numbers extracted here */\n\n\tregister php_uint32 s1;\n\n\tif (SUHOSIN_G(r_left) == 0) {\n \tsuhosin_mt_reload(SUHOSIN_G(r_state), &SUHOSIN_G(r_next), &SUHOSIN_G(r_left));\n\t}\n\t--SUHOSIN_G(r_left);\n\n\ts1 = *SUHOSIN_G(r_next)++;\n\ts1 ^= (s1 >> 11);\n\ts1 ^= (s1 << 7) & 0x9d2c5680U;\n\ts1 ^= (s1 << 15) & 0xefc60000U;\n\treturn ( s1 ^ (s1 >> 18) );\n}\n/* }}} */\n\nstatic int ih_srand(IH_HANDLER_PARAMS)\n{\n\tint argc = ZEND_NUM_ARGS();\n\tlong seed;\n\n\tif (SUHOSIN_G(srand_ignore)) {\n\t\tSUHOSIN_G(r_is_seeded) = 0;\n\t\treturn 1;\n\t}\n\n\tif (zend_parse_parameters(argc TSRMLS_CC, \"|l\", &seed) == FAILURE) {\n\t\treturn 1;\n\t}\n\n\tif (argc) {\n\t\tsuhosin_srand(seed TSRMLS_CC);\n\t} else {\n\t\tsuhosin_srand_auto(TSRMLS_C);\n\t}\n\treturn (1);\n}\n\nstatic int ih_mt_srand(IH_HANDLER_PARAMS)\n{\n\tint argc = ZEND_NUM_ARGS();\n\tlong seed;\n\n\tif (SUHOSIN_G(mt_srand_ignore)) {\n\t\tSUHOSIN_G(mt_is_seeded) = 0;\n\t\treturn 1;\n\t}\n\n\tif (zend_parse_parameters(argc TSRMLS_CC, \"|l\", &seed) == FAILURE) {\n\t\treturn 1;\n\t}\n\n\tif (argc) {\n\t\tsuhosin_mt_srand(seed TSRMLS_CC);\n\t} else {\n\t\tsuhosin_mt_srand_auto(TSRMLS_C);\n\t}\n\treturn 1;\n}\n\nstatic int ih_mt_rand(IH_HANDLER_PARAMS)\n{\n int argc = ZEND_NUM_ARGS();\n long min;\n\tlong max;\n\tlong number;\n\n\tif (argc != 0 && zend_parse_parameters(argc TSRMLS_CC, \"ll\", &min, &max) == FAILURE) {\n\t return (1);\n\t}\n\n\tif (!SUHOSIN_G(mt_is_seeded)) {\n\t\tsuhosin_mt_srand_auto(TSRMLS_C);\n\t}\n\n\tnumber = (long) (suhosin_mt_rand(TSRMLS_C) >> 1);\n\tif (argc == 2) {\n\t\tRAND_RANGE(number, min, max, PHP_MT_RAND_MAX);\n\t}\n\n\tRETVAL_LONG(number);\n return (1);\n}\n\nstatic int ih_rand(IH_HANDLER_PARAMS)\n{\n int argc = ZEND_NUM_ARGS();\n long min;\n\tlong max;\n\tlong number;\n\n\tif (argc != 0 && zend_parse_parameters(argc TSRMLS_CC, \"ll\", &min, &max) == FAILURE) {\n\t return (1);\n\t}\n\n\tif (!SUHOSIN_G(r_is_seeded)) {\n\t\tsuhosin_srand_auto(TSRMLS_C);\n\t}\n\n\tnumber = (long) (suhosin_rand(TSRMLS_C) >> 1);\n\tif (argc == 2) {\n\t\tRAND_RANGE(number, min, max, PHP_MT_RAND_MAX);\n\t}\n\n\tRETVAL_LONG(number);\n return (1);\n}\n\nstatic int ih_getrandmax(IH_HANDLER_PARAMS)\n{\n\tif (zend_parse_parameters_none() == FAILURE) {\n\t\treturn (1);\n\t}\n\n\tRETVAL_LONG(PHP_MT_RAND_MAX);\n\treturn (1);\n}\n\ninternal_function_handler ihandlers[] = {\n\t{ \"preg_replace\", ih_preg_replace, NULL, NULL, NULL },\n\t{ \"mail\", ih_mail, NULL, NULL, NULL },\n\t{ \"symlink\", ih_symlink, NULL, NULL, NULL },\n\n\t{ \"srand\", ih_srand, NULL, NULL, NULL },\n\t{ \"mt_srand\", ih_mt_srand, NULL, NULL, NULL },\n\t{ \"rand\", ih_rand, NULL, NULL, NULL },\n\t{ \"mt_rand\", ih_mt_rand, NULL, NULL, NULL },\n\t{ \"getrandmax\", ih_getrandmax, NULL, NULL, NULL },\n\t{ \"mt_getrandmax\", ih_getrandmax, NULL, NULL, NULL },\n\n\t{ \"function_exists\", ih_function_exists, NULL, NULL, NULL },\n\n\t/* Mysqli */\n\t{ \"mysqli::mysqli\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"mysqli_connect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"mysqli::real_connect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"mysqli_real_connect\", ih_fixusername, (void *)3, NULL, NULL },\n\t{ \"mysqli_change_user\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"mysqli::change_user\", ih_fixusername, (void *)1, NULL, NULL },\n\n\t{ \"mysqli::query\", ih_querycheck, (void *)1, (void *)1, NULL },\n\t{ \"mysqli_query\", ih_querycheck, (void *)2, (void *)1, NULL },\n\t{ \"mysqli::multi_query\", ih_querycheck, (void *)1, (void *)1, NULL },\n\t{ \"mysqli_multi_query\", ih_querycheck, (void *)2, (void *)1, NULL },\n\t{ \"mysqli::prepare\", ih_querycheck, (void *)1, (void *)1, NULL },\n\t{ \"mysqli_prepare\", ih_querycheck, (void *)2, (void *)1, NULL },\n\t{ \"mysqli::real_query\", ih_querycheck, (void *)1, (void *)1, NULL },\n\t{ \"mysqli_real_query\", ih_querycheck, (void *)2, (void *)1, NULL },\n\t{ \"mysqli::send_query\", ih_querycheck, (void *)1, (void *)1, NULL },\n\t{ \"mysqli_send_query\", ih_querycheck, (void *)2, (void *)1, NULL },\n\t// removed in PHP 5.3\n\t{ \"mysqli_master_query\", ih_querycheck, (void *)2, (void *)1, NULL },\n\t{ \"mysqli_slave_query\", ih_querycheck, (void *)2, (void *)1, NULL },\n\t// ----\n\n\t/* Mysql API - deprecated in PHP 5.5 */\n\t{ \"mysql_connect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"mysql_pconnect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"mysql_query\", ih_querycheck, (void *)1, (void *)1, NULL },\n\t{ \"mysql_db_query\", ih_querycheck, (void *)2, (void *)1, NULL },\n\t{ \"mysql_unbuffered_query\", ih_querycheck, (void *)1, (void *)1, NULL },\n\n#ifdef SUHOSIN_EXPERIMENTAL\n\t/* MaxDB */\n\t{ \"maxdb::maxdb\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"maxdb_connect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"maxdb::real_connect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"maxdb_real_connect\", ih_fixusername, (void *)3, NULL, NULL },\n\t{ \"maxdb::change_user\", ih_fixusername, (void *)1, NULL, NULL },\n\t{ \"maxdb_change_user\", ih_fixusername, (void *)2, NULL, NULL },\n\n\t{ \"maxdb_master_query\", ih_querycheck, (void *)2, NULL, NULL },\n\t{ \"maxdb::multi_query\", ih_querycheck, (void *)1, NULL, NULL },\n\t{ \"maxdb_multi_query\", ih_querycheck, (void *)2, NULL, NULL },\n\t{ \"maxdb::query\", ih_querycheck, (void *)1, NULL, NULL },\n\t{ \"maxdb_query\", ih_querycheck, (void *)2, NULL, NULL },\n\t{ \"maxdb::real_query\", ih_querycheck, (void *)1, NULL, NULL },\n\t{ \"maxdb_real_query\", ih_querycheck, (void *)2, NULL, NULL },\n\t{ \"maxdb::send_query\", ih_querycheck, (void *)1, NULL, NULL },\n\t{ \"maxdb_send_query\", ih_querycheck, (void *)2, NULL, NULL },\n\t{ \"maxdb::prepare\", ih_querycheck, (void *)1, NULL, NULL },\n\t{ \"maxdb_prepare\", ih_querycheck, (void *)2, NULL, NULL },\n\n\t/* PDO */\n\t\t/* note: mysql conditional comments not supported here */\n\t{ \"pdo::__construct\", ih_fixusername, (void *)2, NULL, NULL }, /* note: username may come from dsn (param 1) */\n\t{ \"pdo::query\", ih_querycheck, (void *)1, NULL, NULL },\n\t{ \"pdo::prepare\", ih_querycheck, (void *)1, NULL, NULL },\n\t{ \"pdo::exec\", ih_querycheck, (void *)1, NULL, NULL },\n\n\t/* Oracle OCI8 */\n\t{ \"ocilogon\", ih_fixusername, (void *)1, NULL, NULL },\n\t{ \"ociplogon\", ih_fixusername, (void *)1, NULL, NULL },\n\t{ \"ocinlogon\", ih_fixusername, (void *)1, NULL, NULL },\n\t{ \"oci_connect\", ih_fixusername, (void *)1, NULL, NULL },\n\t{ \"oci_pconnect\", ih_fixusername, (void *)1, NULL, NULL },\n\t{ \"oci_new_connect\", ih_fixusername, (void *)1, NULL, NULL },\n\n\t/* FrontBase */\n\t{ \"fbsql_connect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"fbsql_pconnect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"fbsql_change_user\", ih_fixusername, (void *)1, NULL, NULL },\n\t{ \"fbsql_username\", ih_fixusername, (void *)2, NULL, NULL },\n\n\t/* Informix */\n\t{ \"ifx_connect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"ifx_pconnect\", ih_fixusername, (void *)2, NULL, NULL },\n\n\t/* Firebird/InterBase */\n\t{ \"ibase_connect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"ibase_pconnect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"ibase_service_attach\", ih_fixusername, (void *)2, NULL, NULL },\n\n\t/* Microsoft SQL Server */\n\t{ \"mssql_connect\", ih_fixusername, (void *)2, NULL, NULL },\n\t{ \"mssql_pconnect\", ih_fixusername, (void *)2, NULL, NULL },\n#endif\n\n\t{ NULL, NULL, NULL, NULL, NULL }\n};\n\n#define FUNCTION_WARNING() zend_error(E_WARNING, \"%s() has been disabled for security reasons\", get_active_function_name(TSRMLS_C));\n#define FUNCTION_SIMULATE_WARNING() zend_error(E_WARNING, \"SIMULATION - %s() has been disabled for security reasons\", get_active_function_name(TSRMLS_C));\n\n/* {{{ void suhosin_execute_internal\n * This function provides a hook for internal execution */\n#if PHP_VERSION_ID >= 50500\n#define EX_T(offset) (*EX_TMP_VAR(execute_data_ptr, offset))\n\nstatic void suhosin_execute_internal(zend_execute_data *execute_data_ptr, zend_fcall_info *fci, int return_value_used TSRMLS_DC)\n{\n\tzval *return_value;\n\tzval **return_value_ptr;\n\tzval *this_ptr;\n\tint ht;\n\n\tif (fci) {\n\t\treturn_value = *fci->retval_ptr_ptr;\n\t\treturn_value_ptr = fci->retval_ptr_ptr;\n\t\tthis_ptr = fci->object_ptr;\n\t\tht = fci->param_count;\n\t} else {\n\t\ttemp_variable *ret = &EX_T(execute_data_ptr->opline->result.var);\n\t\tzend_function *fbc = execute_data_ptr->function_state.function;\n\t\treturn_value = ret->var.ptr;\n\t\treturn_value_ptr = (fbc->common.fn_flags & ZEND_ACC_RETURN_REFERENCE) ? &ret->var.ptr : NULL;\n\t\tthis_ptr = execute_data_ptr->object;\n\t\tht = execute_data_ptr->opline->extended_value;\n\t}\n#else\nstatic void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC)\n{\n\tzval *return_value;\n\tint ht = execute_data_ptr->opline->extended_value;\n#endif\n\tchar *lcname;\n\tint function_name_strlen, free_lcname = 0;\n\tzend_class_entry *ce = NULL;\n\tinternal_function_handler *ih;\n\n\tce = ((zend_internal_function *) execute_data_ptr->function_state.function)->scope;\n\tlcname = (char *)((zend_internal_function *) execute_data_ptr->function_state.function)->function_name;\n\tfunction_name_strlen = strlen(lcname);\n\n\t/* handle methodcalls correctly */\n\tif (ce != NULL) {\n\t\tchar *tmp = (char *) emalloc(function_name_strlen + 2 + ce->name_length + 1);\n\t\tmemcpy(tmp, ce->name, ce->name_length);\n\t\tmemcpy(tmp+ce->name_length, \"::\", 2);\n\t\tmemcpy(tmp+ce->name_length+2, lcname, function_name_strlen);\n\t\tlcname = tmp;\n\t\tfree_lcname = 1;\n\t\tfunction_name_strlen += ce->name_length + 2;\n\t\tlcname[function_name_strlen] = 0;\n\t\tzend_str_tolower(lcname, function_name_strlen);\n\t}\n\n#if PHP_VERSION_ID < 50500\n\treturn_value = (*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->result.var)).var.ptr;\n#endif\n\n\tSDEBUG(\"function: %s\", lcname);\n\n\tif (SUHOSIN_G(in_code_type) == SUHOSIN_EVAL) {\n\n\t\tif (SUHOSIN_G(eval_whitelist) != NULL) {\n\t\t\tif (!zend_hash_exists(SUHOSIN_G(eval_whitelist), lcname, function_name_strlen+1)) {\n\t\t\t\tsuhosin_log(S_EXECUTOR|S_GETCALLER, \"function outside of eval whitelist called: %s()\", lcname);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t goto execute_internal_bailout;\n \t\t\t} else {\n \t\t\t FUNCTION_SIMULATE_WARNING()\n\t\t\t\t}\n\t\t\t}\n\t\t} else if (SUHOSIN_G(eval_blacklist) != NULL) {\n\t\t\tif (zend_hash_exists(SUHOSIN_G(eval_blacklist), lcname, function_name_strlen+1)) {\n\t\t\t\tsuhosin_log(S_EXECUTOR|S_GETCALLER, \"function within eval blacklist called: %s()\", lcname);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t goto execute_internal_bailout;\n \t\t\t} else {\n \t\t\t FUNCTION_SIMULATE_WARNING()\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\n\tif (SUHOSIN_G(func_whitelist) != NULL) {\n\t\tif (!zend_hash_exists(SUHOSIN_G(func_whitelist), lcname, function_name_strlen+1)) {\n\t\t\tsuhosin_log(S_EXECUTOR|S_GETCALLER, \"function outside of whitelist called: %s()\", lcname);\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t goto execute_internal_bailout;\n\t\t\t} else {\n\t\t\t FUNCTION_SIMULATE_WARNING()\n\t\t\t}\n\t\t}\n\t} else if (SUHOSIN_G(func_blacklist) != NULL) {\n\t\tif (zend_hash_exists(SUHOSIN_G(func_blacklist), lcname, function_name_strlen+1)) {\n\t\t\tsuhosin_log(S_EXECUTOR|S_GETCALLER, \"function within blacklist called: %s()\", lcname);\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t goto execute_internal_bailout;\n\t\t\t} else {\n\t\t\t FUNCTION_SIMULATE_WARNING()\n\t\t\t}\n\t\t}\n\t}\n\n\tif (zend_hash_find(&ihandler_table, lcname, function_name_strlen+1, (void **)&ih) == SUCCESS) {\n\n\t\tint retval = 0;\n\t\tvoid *handler = ((zend_internal_function *) execute_data_ptr->function_state.function)->handler;\n\n\t\tif (handler != ZEND_FN(display_disabled_function)) {\n\t\t retval = ih->handler(IH_HANDLER_PARAM_PASSTHRU);\n\t\t}\n\n\t\tif (retval == 0) {\n#if PHP_VERSION_ID >= 50500\n\t\t\told_execute_internal(execute_data_ptr, fci, return_value_used TSRMLS_CC);\n#else\n\t\t\told_execute_internal(execute_data_ptr, return_value_used TSRMLS_CC);\n#endif\n\t\t}\n\t} else {\n#if PHP_VERSION_ID >= 50500\n\t\told_execute_internal(execute_data_ptr, fci, return_value_used TSRMLS_CC);\n#else\n\t\told_execute_internal(execute_data_ptr, return_value_used TSRMLS_CC);\n#endif\n\t}\n\tif (free_lcname == 1) {\n\t\tefree(lcname);\n\t}\n\treturn;\nexecute_internal_bailout:\n\tif (free_lcname == 1) {\n\t\tefree(lcname);\n\t}\n\tFUNCTION_WARNING()\n\tsuhosin_bailout(TSRMLS_C);\n}\n/* }}} */\n\n\n/* {{{ int function_lookup(zend_extension *extension)\n */\nstatic int function_lookup(zend_extension *extension)\n{\n\tif (zo_set_oe_ex != NULL) {\n\t\treturn ZEND_HASH_APPLY_STOP;\n\t}\n\n\tif (extension->handle != NULL) {\n\t\tzo_set_oe_ex = (void *)DL_FETCH_SYMBOL(extension->handle, \"zend_optimizer_set_oe_ex\");\n\t}\n\n\treturn 0;\n}\n/* }}} */\n\n\n/* {{{ void suhosin_hook_execute()\n */\nvoid suhosin_hook_execute(TSRMLS_D)\n{\n\tinternal_function_handler *ih;\n\n#if PHP_VERSION_ID >= 50500\n\told_execute_ex = zend_execute_ex;\n\tzend_execute_ex = suhosin_execute_ex;\n#else\n\told_execute = zend_execute;\n\tzend_execute = suhosin_execute;\n#endif\n\n/*\told_compile_file = zend_compile_file;\n\tzend_compile_file = suhosin_compile_file; */\n\n#if ZO_COMPATIBILITY_HACK_TEMPORARY_DISABLED\n\tif (zo_set_oe_ex == NULL) {\n\t\tzo_set_oe_ex = (void *)DL_FETCH_SYMBOL(NULL, \"zend_optimizer_set_oe_ex\");\n\t}\n\tif (zo_set_oe_ex == NULL) {\n\t\tzend_llist_apply(&zend_extensions, (llist_apply_func_t)function_lookup TSRMLS_CC);\n\t}\n\n\tif (zo_set_oe_ex != NULL) {\n\t\told_execute_ZO = zo_set_oe_ex(suhosin_execute_ZO);\n\t}\n#endif\n\n\told_execute_internal = zend_execute_internal;\n\tif (old_execute_internal == NULL) {\n\t\told_execute_internal = execute_internal;\n\t}\n\tzend_execute_internal = suhosin_execute_internal;\n\t/* register internal function handlers */\n\tzend_hash_init(&ihandler_table, 16, NULL, NULL, 1);\n\tih = &ihandlers[0];\n\twhile (ih->name) {\n\t\tzend_hash_add(&ihandler_table, ih->name, strlen(ih->name)+1, ih, sizeof(internal_function_handler), NULL);\n\t\tih++;\n\t}\n\n\n\t/* Add additional protection layer, that SHOULD\n\t catch ZEND_INCLUDE_OR_EVAL *before* the engine tries\n\t to execute */\n\told_zend_stream_open = zend_stream_open_function;\n\tzend_stream_open_function = suhosin_zend_stream_open;\n\n}\n/* }}} */\n\n\n/* {{{ void suhosin_unhook_execute()\n */\nvoid suhosin_unhook_execute()\n{\n#if ZO_COMPATIBILITY_HACK_TEMPORARY_DISABLED\n\tif (zo_set_oe_ex) {\n\t\tzo_set_oe_ex(old_execute_ZO);\n\t}\n#endif\n\n#if PHP_VERSION_ID >= 50500\n\tzend_execute_ex = old_execute_ex;\n#else\n\tzend_execute = old_execute;\n#endif\n\n/*\tzend_compile_file = old_compile_file; */\n\n\tif (old_execute_internal == execute_internal) {\n\t\told_execute_internal = NULL;\n\t}\n\tzend_execute_internal = old_execute_internal;\n\tzend_hash_clean(&ihandler_table);\n\n\t/* remove zend_open protection */\n\tzend_stream_open_function = old_zend_stream_open;\n\n}\n/* }}} */\n\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n"
},
{
"path": "header.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n/*\n $Id: header.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $\n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"ext/standard/info.h\"\n#include \"ext/standard/url.h\"\n#include \"php_suhosin.h\"\n#include \"SAPI.h\"\n#include \"php_variables.h\"\n\nstatic int (*orig_header_handler)(sapi_header_struct *sapi_header, sapi_header_op_enum op, sapi_headers_struct *sapi_headers TSRMLS_DC) = NULL;\n\nchar *suhosin_encrypt_single_cookie(char *name, int name_len, char *value, int value_len, char *key TSRMLS_DC)\n{\n\tchar *buf, *buf2, *d, *d_url;\n\tint l;\n\n\tbuf = estrndup(name, name_len);\n\n\n\tname_len = php_url_decode(buf, name_len);\n\tnormalize_varname(buf);\n\tname_len = strlen(buf);\n\n\tif (SUHOSIN_G(cookie_plainlist)) {\n\t\tif (zend_hash_exists(SUHOSIN_G(cookie_plainlist), buf, name_len+1)) {\nencrypt_return_plain:\n\t\t\tefree(buf);\n\t\t\treturn estrndup(value, value_len);\n\t\t}\n\t} else if (SUHOSIN_G(cookie_cryptlist)) {\n\t\tif (!zend_hash_exists(SUHOSIN_G(cookie_cryptlist), buf, name_len+1)) {\n\t\t\tgoto encrypt_return_plain;\n\t\t}\n\t}\n\n\tbuf2 = estrndup(value, value_len);\n\n\tvalue_len = php_url_decode(buf2, value_len);\n\n\td = suhosin_encrypt_string(buf2, value_len, buf, name_len, key TSRMLS_CC);\n\td_url = php_url_encode(d, strlen(d), &l);\n\tefree(d);\n\tefree(buf);\n\tefree(buf2);\n\treturn d_url;\n}\n\nchar *suhosin_decrypt_single_cookie(char *name, int name_len, char *value, int value_len, char *key, char **where TSRMLS_DC)\n{\n\tint o_name_len = name_len;\n\tchar *buf, *buf2, *d, *d_url;\n\tint l;\n\n\tbuf = estrndup(name, name_len);\n\n\tname_len = php_url_decode(buf, name_len);\n\tnormalize_varname(buf);\n\tname_len = strlen(buf);\n\n\tif (SUHOSIN_G(cookie_plainlist)) {\n\t\tif (zend_hash_exists(SUHOSIN_G(cookie_plainlist), buf, name_len+1)) {\ndecrypt_return_plain:\n\t\t\tefree(buf);\n\t\t\tmemcpy(*where, name, o_name_len);\n\t\t\t*where += o_name_len;\n\t\t\t**where = '='; *where +=1;\n\t\t\tmemcpy(*where, value, value_len);\n\t\t\t*where += value_len;\n\t\t\treturn *where;\n\t\t}\n\t} else if (SUHOSIN_G(cookie_cryptlist)) {\n\t\tif (!zend_hash_exists(SUHOSIN_G(cookie_cryptlist), buf, name_len+1)) {\n\t\t\tgoto decrypt_return_plain;\n\t\t}\n\t}\n\n\n\tbuf2 = estrndup(value, value_len);\n\n\tvalue_len = php_url_decode(buf2, value_len);\n\n\td = suhosin_decrypt_string(buf2, value_len, buf, name_len, key, &l, SUHOSIN_G(cookie_checkraddr) TSRMLS_CC);\n\tif (d == NULL) {\n\t\tgoto skip_cookie;\n\t}\n\td_url = php_url_encode(d, l, &l);\n\tefree(d);\n\tmemcpy(*where, name, o_name_len);\n\t*where += o_name_len;\n\t**where = '=';*where += 1;\n\tmemcpy(*where, d_url, l);\n\t*where += l;\n\tefree(d_url);\nskip_cookie:\n\tefree(buf);\n\tefree(buf2);\n\treturn *where;\n}\n\n/* {{{ suhosin_cookie_decryptor\n */\nchar *suhosin_cookie_decryptor(TSRMLS_D)\n{\n\tchar *raw_cookie = SG(request_info).cookie_data;\n\tchar *decrypted, *ret, *var, *val, *tmp;\n\tint j;\n\tchar cryptkey[33];\n\n\t/*\n\tif (...deactivated...) {\n\t\treturn estrdup(raw_cookie);\n\t}\n\t*/\n\n\tsuhosin_generate_key(SUHOSIN_G(cookie_cryptkey), SUHOSIN_G(cookie_cryptua), SUHOSIN_G(cookie_cryptdocroot), SUHOSIN_G(cookie_cryptraddr), (char *)&cryptkey TSRMLS_CC);\n\n\tret = decrypted = emalloc(strlen(raw_cookie)*4+1);\n\traw_cookie = estrdup(raw_cookie);\n\tSUHOSIN_G(raw_cookie) = estrdup(raw_cookie);\n\n\n\tj = 0; tmp = raw_cookie;\n\twhile (*tmp) {\n\t\tchar *d_url;int varlen;\n\t\twhile (*tmp == '\\t' || *tmp == ' ') tmp++;\n\t\tvar = tmp;\n\t\twhile (*tmp && *tmp != ';' && *tmp != '=') tmp++;\n\n\t\tvarlen = tmp-var;\n\t\t/*memcpy(decrypted, var, varlen);\n\t\tdecrypted += varlen;*/\n\t\tif (*tmp == 0) break;\n\n\t\tif (*tmp++ == ';') {\n\t\t\t*decrypted++ = ';';\n\t\t\tcontinue;\n\t\t}\n\n\t\t/**decrypted++ = '=';*/\n\n\t\tval = tmp;\n\t\twhile (*tmp && *tmp != ';') tmp++;\n\n\t\td_url = suhosin_decrypt_single_cookie(var, varlen, val, tmp-val, (char *)&cryptkey, &decrypted TSRMLS_CC);\n\t\tif (*tmp == ';') {\n\t\t\t*decrypted++ = ';';\n\t\t}\n\n\t\tif (*tmp == 0) break;\n\t\ttmp++;\n\t}\n\t*decrypted++ = 0;\n\tret = erealloc(ret, decrypted-ret);\n\n\tSUHOSIN_G(decrypted_cookie) = ret;\n\tefree(raw_cookie);\n\n\treturn ret;\n}\n/* }}} */\n\n/* {{{ suhosin_header_handler\n */\nint suhosin_header_handler(sapi_header_struct *sapi_header, sapi_header_op_enum op, sapi_headers_struct *sapi_headers TSRMLS_DC)\n{\n\tint retval = SAPI_HEADER_ADD, i;\n\tchar *tmp;\n\n\tif (op != SAPI_HEADER_ADD && op != SAPI_HEADER_REPLACE) {\n\t\tgoto suhosin_skip_header_handling;\n\t}\n\n\tif (sapi_header && sapi_header->header) {\n\n\t\ttmp = sapi_header->header;\n\n\t\tfor (i=0; iheader_len; i++, tmp++) {\n\t\t\tif (tmp[0] == 0) {\n\t\t\t\tchar *fname = (char *)get_active_function_name(TSRMLS_C);\n\n\t\t\t\tif (!fname) {\n\t\t\t\t\tfname = \"unknown\";\n\t\t\t\t}\n\n\t\t\t\tsuhosin_log(S_MISC, \"%s() - wanted to send a HTTP header with an ASCII NUL in it\", fname);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tsapi_header->header_len = i;\n\t\t\t\t}\n\t\t\t}\n\t\t\tif (SUHOSIN_G(allow_multiheader)) {\n\t\t\t\tcontinue;\n\t\t\t} else if ((tmp[0] == '\\r' && (tmp[1] != '\\n' || i == 0)) ||\n\t\t\t (tmp[0] == '\\n' && (i == sapi_header->header_len-1 || i == 0 || (tmp[1] != ' ' && tmp[1] != '\\t')))) {\n\t\t\t\tchar *fname = (char *)get_active_function_name(TSRMLS_C);\n\n\t\t\t\tif (!fname) {\n\t\t\t\t\tfname = \"unknown\";\n\t\t\t\t}\n\n\t\t\t\tsuhosin_log(S_MISC, \"%s() - wanted to send multiple HTTP headers at once\", fname);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tsapi_header->header_len = i;\n\t\t\t\t\ttmp[0] = 0;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\n\t/* Handle a potential cookie */\n\n\tif (SUHOSIN_G(cookie_encrypt) && (strncasecmp(\"Set-Cookie:\", sapi_header->header, sizeof(\"Set-Cookie:\")-1) == 0)) {\n\n\t\tchar *start, *end, *rend, *tmp;\n\t\tchar *name, *value;\n\t\tint nlen, vlen, len, tlen;\n\t\tchar cryptkey[33];\n\n\t\tsuhosin_generate_key(SUHOSIN_G(cookie_cryptkey), SUHOSIN_G(cookie_cryptua), SUHOSIN_G(cookie_cryptdocroot), SUHOSIN_G(cookie_cryptraddr), (char *)&cryptkey TSRMLS_CC);\n\t\tstart = estrndup(sapi_header->header, sapi_header->header_len);\n\t\trend = end = start + sapi_header->header_len;\n\n\t\ttmp = memchr(start, ';', end-start);\n\t\tif (tmp != NULL) {\n\t\t\tend = tmp;\n\t\t}\n\n\t\ttmp = start + sizeof(\"Set-Cookie:\") - 1;\n\t\twhile (tmp < end && tmp[0]==' ') {\n\t\t\ttmp++;\n\t\t}\n\t\tname = tmp;\n\t\tnlen = end-name;\n\t\ttmp = memchr(name, '=', nlen);\n\t\tif (tmp == NULL) {\n\t\t\tvalue = end;\n\t\t} else {\n\t\t\tvalue = tmp+1;\n\t\t\tnlen = tmp-name;\n\t\t}\n\t\tvlen = end-value;\n\n\t\tvalue = suhosin_encrypt_single_cookie(name, nlen, value, vlen, (char *)&cryptkey TSRMLS_CC);\n\t\tvlen = strlen(value);\n\n\t\tlen = sizeof(\"Set-Cookie: \")-1 + nlen + 1 + vlen + rend-end;\n\t\ttmp = emalloc(len + 1);\n\t\ttlen = sprintf(tmp, \"Set-Cookie: %.*s=%s\", nlen,name, value);\n\t\tmemcpy(tmp + tlen, end, rend-end);\n\t\ttmp[len] = 0;\n\n\t\tefree(sapi_header->header);\n\t\tefree(value);\n\t\tefree(start);\n\n\t\tsapi_header->header = tmp;\n\t\tsapi_header->header_len = len;\n\t}\n\nsuhosin_skip_header_handling:\n\t/* If existing call the sapi header handler */\n\tif (orig_header_handler) {\n\t\tretval = orig_header_handler(sapi_header, op, sapi_headers TSRMLS_CC);\n\t}\n\n\treturn retval;\n}\n/* }}} */\n\n\n/* {{{ suhosin_hook_header_handler\n */\nvoid suhosin_hook_header_handler()\n{\n\tif (orig_header_handler == NULL) {\n\t\torig_header_handler = sapi_module.header_handler;\n\t\tsapi_module.header_handler = suhosin_header_handler;\n\t}\n}\n/* }}} */\n\n/* {{{ suhosin_unhook_header_handler\n */\nvoid suhosin_unhook_header_handler()\n{\n\tsapi_module.header_handler = orig_header_handler;\n\torig_header_handler = NULL;\n}\n/* }}} */\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n"
},
{
"path": "ifilter.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n/*\n $Id: ifilter.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $\n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"ext/standard/info.h\"\n#include \"php_suhosin.h\"\n#include \"php_variables.h\"\n#include \"ext/standard/php_var.h\"\n\n\nstatic void (*orig_register_server_variables)(zval *track_vars_array TSRMLS_DC) = NULL;\n\n#if !HAVE_STRNLEN\nstatic size_t strnlen(const char *s, size_t maxlen) {\n\tchar *r = memchr(s, '\\0', maxlen);\n\treturn r ? r-s : maxlen;\n}\n#endif\n\nsize_t suhosin_strnspn(const char *input, size_t n, const char *accept)\n{\n\tsize_t count = 0;\n\tfor (; *input != '\\0' && count < n; input++, count++) {\n\t\tif (strchr(accept, *input) == NULL)\n\t\t\tbreak;\n\t}\n\treturn count;\n}\n\nsize_t suhosin_strncspn(const char *input, size_t n, const char *reject)\n{\n\tsize_t count = 0;\n\tfor (; *input != '\\0' && count < n; input++, count++) {\n\t\tif (strchr(reject, *input) != NULL)\n\t\t\tbreak;\n\t}\n\treturn count;\n}\n\n\n/* {{{ normalize_varname\n */\nvoid normalize_varname(char *varname)\n{\n\tchar *s=varname, *index=NULL, *indexend=NULL, *p;\n\n\t/* overjump leading space */\n\twhile (*s == ' ') {\n\t\ts++;\n\t}\n\n\t/* and remove it */\n\tif (s != varname) {\n\t\tmemmove(varname, s, strlen(s)+1);\n\t}\n\n\tfor (p=varname; *p && *p != '['; p++) {\n\t\tswitch(*p) {\n\t\t\tcase ' ':\n\t\t\tcase '.':\n\t\t\t\t*p='_';\n\t\t\t\tbreak;\n\t\t}\n\t}\n\n\t/* find index */\n\tindex = strchr(varname, '[');\n\tif (index) {\n\t\tindex++;\n\t\ts=index;\n\t} else {\n\t\treturn;\n\t}\n\n\t/* done? */\n\twhile (index) {\n\n\t\twhile (*index == ' ' || *index == '\\r' || *index == '\\n' || *index=='\\t') {\n\t\t\tindex++;\n\t\t}\n\t\tindexend = strchr(index, ']');\n\t\tindexend = indexend ? indexend + 1 : index + strlen(index);\n\n\t\tif (s != index) {\n\t\t\tmemmove(s, index, strlen(index)+1);\n\t\t\ts += indexend-index;\n\t\t} else {\n\t\t\ts = indexend;\n\t\t}\n\n\t\tif (*s == '[') {\n\t\t\ts++;\n\t\t\tindex = s;\n\t\t} else {\n\t\t\tindex = NULL;\n\t\t}\n\t}\n\t*s++='\\0';\n}\n/* }}} */\n\nstatic unsigned char suhosin_hexchars[] = \"0123456789ABCDEF\";\n\nstatic const char suhosin_is_dangerous_char[256] = {\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0\n};\n\n/* {{{ suhosin_server_encode\n */\nstatic void suhosin_server_strip(HashTable *arr, char *key, int klen)\n{\n\tzval **tzval;\n\tunsigned char *s, *t;\n\n\tif (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS &&\n\t\t\tZ_TYPE_PP(tzval) == IS_STRING) {\n\n\t\ts = t = (unsigned char *)Z_STRVAL_PP(tzval);\n\t\tfor (; *t; t++) {\n\t\t\tif (suhosin_is_dangerous_char[*t]) {\n\t\t\t\t*t = '?';\n\t\t\t}\n\t\t}\n\t\tZ_STRLEN_PP(tzval) = t-s;\n\t}\n}\n/* }}} */\n\n/* {{{ suhosin_server_encode\n */\nstatic void suhosin_server_encode(HashTable *arr, char *key, int klen)\n{\n\tzval **tzval;\n\tunsigned char *temp = NULL, *t, *newv, *n;\n\tint extra = 0;\n\n\tif (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS &&\n\t\t\tZ_TYPE_PP(tzval) == IS_STRING) {\n\n\t\ttemp = (unsigned char *)Z_STRVAL_PP(tzval);\n\n\t\tfor (t = temp; *t; t++) {\n\t\t\tif (suhosin_is_dangerous_char[*t]) {\n\t\t\t\textra += 2;\n\t\t\t}\n\t\t}\n\n\t\t/* no extra bytes required */\n\t\tif (extra == 0) {\n\t\t\treturn;\n\t\t}\n\n\t\tn = newv = emalloc(t - temp + 1 + extra);\n\t\tt = temp;\n\t\tfor (t = temp; *t; t++, n++) {\n\t\t\tif (suhosin_is_dangerous_char[*t]) {\n\t\t\t\t*n++ = '%';\n\t\t\t\t*n++ = suhosin_hexchars[*t >> 4];\n\t\t\t\t*n = suhosin_hexchars[*t & 15];\n\t\t\t} else {\n\t\t\t\t*n = *t;\n\t\t\t}\n\t\t}\n\t\t*n = 0;\n\n\t\t/* XXX: we leak memory here, but only for the duration of the request */\n\t\tZ_STRVAL_PP(tzval) = (char *)newv;\n\t\tZ_STRLEN_PP(tzval) = n-newv;\n\t}\n}\n/* }}} */\n\n/* {{{ suhosin_register_server_variables\n */\nvoid suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)\n{\n\tHashTable *svars;\n\tint retval = 0, failure = 0;\n\n\torig_register_server_variables(track_vars_array TSRMLS_CC);\n\n\tsvars = Z_ARRVAL_P(track_vars_array);\n\tif (!SUHOSIN_G(simulation)) {\n\t\tretval = zend_hash_del(svars, \"HTTP_GET_VARS\", sizeof(\"HTTP_GET_VARS\"));\n\t\tif (retval == SUCCESS) failure = 1;\n\t\tretval = zend_hash_del(svars, \"HTTP_POST_VARS\", sizeof(\"HTTP_POST_VARS\"));\n\t\tif (retval == SUCCESS) failure = 1;\n\t\tretval = zend_hash_del(svars, \"HTTP_COOKIE_VARS\", sizeof(\"HTTP_COOKIE_VARS\"));\n\t\tif (retval == SUCCESS) failure = 1;\n\t\tretval = zend_hash_del(svars, \"HTTP_ENV_VARS\", sizeof(\"HTTP_ENV_VARS\"));\n\t\tif (retval == SUCCESS) failure = 1;\n\t\tretval = zend_hash_del(svars, \"HTTP_SERVER_VARS\", sizeof(\"HTTP_SERVER_VARS\"));\n\t\tif (retval == SUCCESS) failure = 1;\n\t\tretval = zend_hash_del(svars, \"HTTP_SESSION_VARS\", sizeof(\"HTTP_SESSION_VARS\"));\n\t\tif (retval == SUCCESS) failure = 1;\n\t\tretval = zend_hash_del(svars, \"HTTP_POST_FILES\", sizeof(\"HTTP_POST_FILES\"));\n\t\tif (retval == SUCCESS) failure = 1;\n\t\tretval = zend_hash_del(svars, \"HTTP_RAW_POST_DATA\", sizeof(\"HTTP_RAW_POST_DATA\"));\n\t\tif (retval == SUCCESS) failure = 1;\n\t} else {\n\t\tretval = zend_hash_exists(svars, \"HTTP_GET_VARS\", sizeof(\"HTTP_GET_VARS\"));\n\t\tretval+= zend_hash_exists(svars, \"HTTP_POST_VARS\", sizeof(\"HTTP_POST_VARS\"));\n\t\tretval+= zend_hash_exists(svars, \"HTTP_COOKIE_VARS\", sizeof(\"HTTP_COOKIE_VARS\"));\n\t\tretval+= zend_hash_exists(svars, \"HTTP_ENV_VARS\", sizeof(\"HTTP_ENV_VARS\"));\n\t\tretval+= zend_hash_exists(svars, \"HTTP_SERVER_VARS\", sizeof(\"HTTP_SERVER_VARS\"));\n\t\tretval+= zend_hash_exists(svars, \"HTTP_SESSION_VARS\", sizeof(\"HTTP_SESSION_VARS\"));\n\t\tretval+= zend_hash_exists(svars, \"HTTP_POST_FILES\", sizeof(\"HTTP_POST_FILES\"));\n\t\tretval+= zend_hash_exists(svars, \"HTTP_RAW_POST_DATA\", sizeof(\"HTTP_RAW_POST_DATA\"));\n\t\tif (retval > 0) failure = 1;\n\t}\n\n\tif (failure) {\n\t\tsuhosin_log(S_VARS, \"Attacker tried to overwrite a superglobal through a HTTP header\");\n\t}\n\n\tif (SUHOSIN_G(raw_cookie)) {\n\t\tzval *z;\n\t\tMAKE_STD_ZVAL(z);\n\t\tZVAL_STRING(z, SUHOSIN_G(raw_cookie), 1);\n\t\tzend_hash_add(svars, \"RAW_HTTP_COOKIE\", sizeof(\"RAW_HTTP_COOKIE\"), (void **)&z, sizeof(zval *), NULL);\n\t}\n\tif (SUHOSIN_G(decrypted_cookie)) {\n\t\tzval *z;\n\t\tMAKE_STD_ZVAL(z);\n\t\tZVAL_STRING(z, SUHOSIN_G(decrypted_cookie), 0);\n\t\tzend_hash_update(svars, \"HTTP_COOKIE\", sizeof(\"HTTP_COOKIE\"), (void **)&z, sizeof(zval *), NULL);\n\t\tSUHOSIN_G(decrypted_cookie) = NULL;\n\t}\n\n\tif (SUHOSIN_G(server_encode)) {\n\t\t/* suhosin_server_encode(svars, \"argv\", sizeof(\"argv\")); */\n\t\tsuhosin_server_encode(svars, \"REQUEST_URI\", sizeof(\"REQUEST_URI\"));\n\t\tsuhosin_server_encode(svars, \"QUERY_STRING\", sizeof(\"QUERY_STRING\"));\n\t}\n\tif (SUHOSIN_G(server_strip)) {\n\t\tsuhosin_server_strip(svars, \"PHP_SELF\", sizeof(\"PHP_SELF\"));\n\t\tsuhosin_server_strip(svars, \"PATH_INFO\", sizeof(\"PATH_INFO\"));\n\t\tsuhosin_server_strip(svars, \"PATH_TRANSLATED\", sizeof(\"PATH_TRANSLATED\"));\n\t\tsuhosin_server_strip(svars, \"HTTP_USER_AGENT\", sizeof(\"HTTP_USER_AGENT\"));\n\t}\n}\n/* }}} */\n\n\n/* Old Input filter */\nunsigned int (*old_input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC) = NULL;\n\n/* {{{ suhosin_input_filter_wrapper\n */\nunsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC)\n{\n\tzend_bool already_scanned = SUHOSIN_G(already_scanned);\n\tSUHOSIN_G(already_scanned) = 0;\n\n\tif (SUHOSIN_G(do_not_scan)) {\n\t\tif (new_val_len) {\n\t\t\t*new_val_len = val_len;\n\t\t}\n\t\treturn 1;\n\t}\n\n\tif (!already_scanned) {\n\t\tif (suhosin_input_filter(arg, var, val, val_len, new_val_len TSRMLS_CC)==0) {\n\t\t\tSUHOSIN_G(abort_request)=1;\n\t\t\treturn 0;\n\t\t}\n\t\tif (new_val_len) {\n\t\t\tval_len = *new_val_len;\n\t\t}\n\t}\n\tif (old_input_filter) {\n\t\treturn old_input_filter(arg, var, val, val_len, new_val_len TSRMLS_CC);\n\t} else {\n\t\treturn 1;\n\t}\n}\n\n/* {{{ suhosin_input_filter\n */\nunsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC)\n{\n\tchar *index, *prev_index = NULL;\n\tunsigned int var_len, total_len, depth = 0;\n\n\t/* Mark that we were called */\n\tSUHOSIN_G(already_scanned) = 1;\n\n\tif (new_val_len) {\n\t\t*new_val_len = 0;\n\t}\n\n\t/* Drop this variable if the limit was reached */\n\tswitch (arg) {\n\t\tcase PARSE_GET:\n\t\t\tSUHOSIN_G(att_get_vars)++;\n\t\t\tSUHOSIN_G(att_request_variables)++;\n\t\t\tif (SUHOSIN_G(no_more_get_variables)) {\n\t\t\t\treturn 0;\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_POST:\n\t\t\tSUHOSIN_G(att_post_vars)++;\n\t\t\tSUHOSIN_G(att_request_variables)++;\n\t\t\tif (SUHOSIN_G(no_more_post_variables)) {\n\t\t\t\treturn 0;\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_COOKIE:\n\t\t\tSUHOSIN_G(att_cookie_vars)++;\n\t\t\tSUHOSIN_G(att_request_variables)++;\n\t\t\tif (SUHOSIN_G(no_more_cookie_variables)) {\n\t\t\t\treturn 0;\n\t\t\t}\n\t\t\tbreak;\n\t\tdefault: /* we do not want to protect parse_str() and friends */\n\t\t\tif (new_val_len) {\n\t\t\t\t*new_val_len = val_len;\n\t\t\t}\n\t\t\treturn 1;\n\t}\n\n/* Drop this variable if the limit is now reached */\n\tswitch (arg) {\n\t\tcase PARSE_GET:\n\t\t\tif (SUHOSIN_G(max_get_vars) && SUHOSIN_G(max_get_vars) <= SUHOSIN_G(cur_get_vars)) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tSUHOSIN_G(no_more_get_variables) = 1;\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_COOKIE:\n\t\t\tif (SUHOSIN_G(max_cookie_vars) && SUHOSIN_G(max_cookie_vars) <= SUHOSIN_G(cur_cookie_vars)) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tSUHOSIN_G(no_more_cookie_variables) = 1;\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_POST:\n\t\t\tif (SUHOSIN_G(max_post_vars) && SUHOSIN_G(max_post_vars) <= SUHOSIN_G(cur_post_vars)) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tSUHOSIN_G(no_more_post_variables) = 1;\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t}\n\n\t/* Drop this variable if it begins with whitespace which is disallowed */\n\tif (isspace(*var)) {\n\t\tif (SUHOSIN_G(disallow_ws)) {\n\t\t\tsuhosin_log(S_VARS, \"request variable name begins with disallowed whitespace - dropped variable '%s'\", var);\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\treturn 0;\n\t\t\t}\n\t\t}\n\t\tswitch (arg) {\n\t\t\tcase PARSE_GET:\n\t\t\t\tif (SUHOSIN_G(disallow_get_ws)) {\n\t\t\t\t\tsuhosin_log(S_VARS, \"GET variable name begins with disallowed whitespace - dropped variable '%s'\", var);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\treturn 0;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\tcase PARSE_POST:\n\t\t\t\tif (SUHOSIN_G(disallow_post_ws)) {\n\t\t\t\t\tsuhosin_log(S_VARS, \"POST variable name begins with disallowed whitespace - dropped variable '%s'\", var);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\treturn 0;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\tcase PARSE_COOKIE:\n\t\t\t\tif (SUHOSIN_G(disallow_cookie_ws)) {\n\t\t\t\t\tsuhosin_log(S_VARS, \"COOKIE variable name begins with disallowed whitespace - dropped variable '%s'\", var);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\treturn 0;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t}\n\t}\n\n\t/* Drop this variable if it exceeds the value length limit */\n\tif (SUHOSIN_G(max_value_length) && SUHOSIN_G(max_value_length) < val_len) {\n\t\tsuhosin_log(S_VARS, \"configured request variable value length limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\treturn 0;\n\t\t}\n\t}\n\tswitch (arg) {\n\t\tcase PARSE_GET:\n\t\t\tif (SUHOSIN_G(max_get_value_length) && SUHOSIN_G(max_get_value_length) < val_len) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured GET variable value length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_COOKIE:\n\t\t\tif (SUHOSIN_G(max_cookie_value_length) && SUHOSIN_G(max_cookie_value_length) < val_len) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured COOKIE variable value length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_POST:\n\t\t\tif (SUHOSIN_G(max_post_value_length) && SUHOSIN_G(max_post_value_length) < val_len) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured POST variable value length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t}\n\n\t/* Normalize the variable name */\n\tnormalize_varname(var);\n\n\t/* Find length of variable name */\n\tindex = strchr(var, '[');\n\ttotal_len = strlen(var);\n\tvar_len = index ? index-var : total_len;\n\n\t/* Drop this variable if it exceeds the varname/total length limit */\n\tif (SUHOSIN_G(max_varname_length) && SUHOSIN_G(max_varname_length) < var_len) {\n\t\tsuhosin_log(S_VARS, \"configured request variable name length limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\treturn 0;\n\t\t}\n\t}\n\tif (SUHOSIN_G(max_totalname_length) && SUHOSIN_G(max_totalname_length) < total_len) {\n\t\tsuhosin_log(S_VARS, \"configured request variable total name length limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\treturn 0;\n\t\t}\n\t}\n\tswitch (arg) {\n\t\tcase PARSE_GET:\n\t\t\tif (SUHOSIN_G(max_get_name_length) && SUHOSIN_G(max_get_name_length) < var_len) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured GET variable name length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tif (SUHOSIN_G(max_get_totalname_length) && SUHOSIN_G(max_get_totalname_length) < total_len) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured GET variable total name length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_COOKIE:\n\t\t\tif (SUHOSIN_G(max_cookie_name_length) && SUHOSIN_G(max_cookie_name_length) < var_len) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured COOKIE variable name length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tif (SUHOSIN_G(max_cookie_totalname_length) && SUHOSIN_G(max_cookie_totalname_length) < total_len) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured COOKIE variable total name length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_POST:\n\t\t\tif (SUHOSIN_G(max_post_name_length) && SUHOSIN_G(max_post_name_length) < var_len) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured POST variable name length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tif (SUHOSIN_G(max_post_totalname_length) && SUHOSIN_G(max_post_totalname_length) < total_len) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured POST variable total name length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t}\n\n\t/* Find out array depth */\n\twhile (index) {\n\t\tchar *index_end;\n\t\tunsigned int index_length;\n\n\t\t/* overjump '[' */\n\t\tindex++;\n\n\t\t/* increase array depth */\n\t\tdepth++;\n\n\t\tindex_end = strchr(index, ']');\n\t\tif (index_end == NULL) {\n\t\t\tindex_end = index+strlen(index);\n\t\t}\n\n\t\tindex_length = index_end - index;\n\n\t\t/* max. array index length */\n\t\tif (SUHOSIN_G(max_array_index_length) && SUHOSIN_G(max_array_index_length) < index_length) {\n\t\t\tsuhosin_log(S_VARS, \"configured request variable array index length limit exceeded - dropped variable '%s'\", var);\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\treturn 0;\n\t\t\t}\n\t\t}\n\t\tswitch (arg) {\n\t\t\tcase PARSE_GET:\n\t\t\t\tif (SUHOSIN_G(max_get_array_index_length) && SUHOSIN_G(max_get_array_index_length) < index_length) {\n\t\t\t\t\tsuhosin_log(S_VARS, \"configured GET variable array index length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\treturn 0;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\tcase PARSE_COOKIE:\n\t\t\t\tif (SUHOSIN_G(max_cookie_array_index_length) && SUHOSIN_G(max_cookie_array_index_length) < index_length) {\n\t\t\t\t\tsuhosin_log(S_VARS, \"configured COOKIE variable array index length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\treturn 0;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\tcase PARSE_POST:\n\t\t\t\tif (SUHOSIN_G(max_post_array_index_length) && SUHOSIN_G(max_post_array_index_length) < index_length) {\n\t\t\t\t\tsuhosin_log(S_VARS, \"configured POST variable array index length limit exceeded - dropped variable '%s'\", var);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\treturn 0;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t}\n\n\t\t/* index whitelist/blacklist */\n\t\tif (SUHOSIN_G(array_index_whitelist) && *(SUHOSIN_G(array_index_whitelist))) {\n\t\t\tif (suhosin_strnspn(index, index_length, SUHOSIN_G(array_index_whitelist)) != index_length) {\n\t\t\t\tsuhosin_log(S_VARS, \"array index contains not whitelisted characters - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t} else if (SUHOSIN_G(array_index_blacklist) && *(SUHOSIN_G(array_index_blacklist))) {\n\t\t\tif (suhosin_strncspn(index, index_length, SUHOSIN_G(array_index_blacklist)) != index_length) {\n\t\t\t\tsuhosin_log(S_VARS, \"array index contains blacklisted characters - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\t\tindex = strchr(index, '[');\n\t}\n\n\t/* Drop this variable if it exceeds the array depth limit */\n\tif (SUHOSIN_G(max_array_depth) && SUHOSIN_G(max_array_depth) < depth) {\n\t\tsuhosin_log(S_VARS, \"configured request variable array depth limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\treturn 0;\n\t\t}\n\t}\n\tswitch (arg) {\n\t\tcase PARSE_GET:\n\t\t\tif (SUHOSIN_G(max_get_array_depth) && SUHOSIN_G(max_get_array_depth) < depth) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured GET variable array depth limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_COOKIE:\n\t\t\tif (SUHOSIN_G(max_cookie_array_depth) && SUHOSIN_G(max_cookie_array_depth) < depth) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured COOKIE variable array depth limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t\tcase PARSE_POST:\n\t\t\tif (SUHOSIN_G(max_post_array_depth) && SUHOSIN_G(max_post_array_depth) < depth) {\n\t\t\t\tsuhosin_log(S_VARS, \"configured POST variable array depth limit exceeded - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\treturn 0;\n\t\t\t\t}\n\t\t\t}\n\t\t\tbreak;\n\t}\n\n\t/* Check if variable value is truncated by a \\0 */\n\n\tif (val && *val && val_len != strnlen(*val, val_len)) {\n\n\t\tif (SUHOSIN_G(disallow_nul)) {\n\t\t\tsuhosin_log(S_VARS, \"ASCII-NUL chars not allowed within request variables - dropped variable '%s'\", var);\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\treturn 0;\n\t\t\t}\n\t\t}\n\t\tswitch (arg) {\n\t\t\tcase PARSE_GET:\n\t\t\t\tif (SUHOSIN_G(disallow_get_nul)) {\n\t\t\t\t\tsuhosin_log(S_VARS, \"ASCII-NUL chars not allowed within GET variables - dropped variable '%s'\", var);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\treturn 0;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\tcase PARSE_COOKIE:\n\t\t\t\tif (SUHOSIN_G(disallow_cookie_nul)) {\n\t\t\t\t\tsuhosin_log(S_VARS, \"ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'\", var);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\treturn 0;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\tcase PARSE_POST:\n\t\t\t\tif (SUHOSIN_G(disallow_post_nul)) {\n\t\t\t\t\tsuhosin_log(S_VARS, \"ASCII-NUL chars not allowed within POST variables - dropped variable '%s'\", var);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\treturn 0;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t}\n\t}\n\n\t/* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */\n\t/* This is to protect several silly scripts that do globalizing themself */\n\tif (suhosin_is_protected_varname(var, var_len)) {\n\t\tsuhosin_log(S_VARS, \"tried to register forbidden variable '%s' through %s variables\", var, arg == PARSE_GET ? \"GET\" : arg == PARSE_POST ? \"POST\" : \"COOKIE\");\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\treturn 0;\n\t\t}\n\t}\n\n\t/* Okay let PHP register this variable */\n\tSUHOSIN_G(cur_request_variables)++;\n\tswitch (arg) {\n\t\tcase PARSE_GET:\n\t\t\tSUHOSIN_G(cur_get_vars)++;\n\t\t\tbreak;\n\t\tcase PARSE_COOKIE:\n\t\t\tSUHOSIN_G(cur_cookie_vars)++;\n\t\t\tbreak;\n\t\tcase PARSE_POST:\n\t\t\tSUHOSIN_G(cur_post_vars)++;\n\t\t\tbreak;\n\t}\n\n\tif (new_val_len) {\n\t\t*new_val_len = val_len;\n\t}\n\n\treturn 1;\n}\n/* }}} */\n\n\n\n/* {{{ suhosin_hook_register_server_variables\n */\nvoid suhosin_hook_register_server_variables()\n{\n\tif (sapi_module.register_server_variables) {\n\t\torig_register_server_variables = sapi_module.register_server_variables;\n\t\tsapi_module.register_server_variables = suhosin_register_server_variables;\n\t}\n}\n/* }}} */\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n"
},
{
"path": "log.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n/*\n $Id: log.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ \n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"php_suhosin.h\"\n#include \n#include \"SAPI.h\"\n#include \"ext/standard/datetime.h\"\n#include \"ext/standard/flock_compat.h\"\n\n#ifdef HAVE_SYS_SOCKET_H\n#include \n#endif\n\n#ifdef HAVE_SYS_TIME_H\n#include \n#elif defined(PHP_WIN32)\n#include \"win32/time.h\"\n#endif\n\n#if defined(PHP_WIN32) || defined(__riscos__) || defined(NETWARE)\n#undef AF_UNIX\n#endif\n\n#if defined(AF_UNIX)\n#include \n#endif\n\n#define SYSLOG_PATH \"/dev/log\"\n\n#include \"snprintf.h\"\n\n#ifdef PHP_WIN32\nstatic HANDLE log_source = 0;\n#endif\n#include \n\nstatic char *loglevel2string(int loglevel)\n{\n\tswitch (loglevel) {\n\t case S_FILES:\n\t\treturn \"FILES\";\n\t case S_INCLUDE:\n\t\treturn \"INCLUDE\";\n\t case S_MEMORY:\n\t\treturn \"MEMORY\";\n\t case S_MISC:\n\t\treturn \"MISC\";\n\t case S_MAIL:\n\t\treturn \"MAIL\";\n\t\tcase S_SESSION:\n\t\treturn \"SESSION\";\n\t case S_SQL:\n\t\treturn \"SQL\";\n\t case S_EXECUTOR:\n\t\treturn \"EXECUTOR\";\n\t case S_VARS:\n\t\treturn \"VARS\";\n\t default:\n\t\treturn \"UNKNOWN\"; \n\t}\n}\n\nstatic char *month_names[] = {\n\t\"Jan\", \"Feb\", \"Mar\", \"Apr\", \"May\", \"Jun\",\n\t\"Jul\", \"Aug\", \"Sep\", \"Oct\", \"Nov\", \"Dec\"\n};\n\nPHP_SUHOSIN_API void suhosin_log(int loglevel, char *fmt, ...)\n{\n\tint s, r, i=0, fd;\n\tlong written, towrite;\n\tint getcaller=0;\n\tchar *wbuf;\n\tstruct timeval tv;\n\ttime_t now;\n\tstruct tm tm;\n#if defined(AF_UNIX)\n\tstruct sockaddr_un saun;\n#endif\n#ifdef PHP_WIN32\n\tLPTSTR strs[2];\n\tunsigned short etype;\n\tDWORD evid;\n#endif\n\tchar buf[5000] = {0};\n\tchar error[5000] = {0};\n\tchar *ip_address;\n\tchar *fname;\n\tchar *alertstring;\n\tint lineno = 0;\n\tva_list ap;\n\tTSRMLS_FETCH();\n\n#if PHP_VERSION_ID >= 50500\n\tgetcaller = (loglevel & S_GETCALLER) == S_GETCALLER;\n#endif\n\t/* remove the S_GETCALLER flag */\n\tloglevel = loglevel & ~S_GETCALLER;\n\n\tSDEBUG(\"(suhosin_log) loglevel: %d log_syslog: %ld - log_sapi: %ld - log_script: %ld\", loglevel, SUHOSIN_G(log_syslog), SUHOSIN_G(log_sapi), SUHOSIN_G(log_script));\n\n\t/* dump core if wanted */\n\tif (SUHOSIN_G(coredump) && loglevel == S_MEMORY) {\n\t\tvolatile unsigned int *x = 0;\n\t\tvolatile int y = *x;\n\t}\n\t\n\tif (SUHOSIN_G(log_use_x_forwarded_for)) {\n\t\tip_address = suhosin_getenv(\"HTTP_X_FORWARDED_FOR\", 20 TSRMLS_CC);\n\t\tif (ip_address == NULL) {\n\t\t\tip_address = \"X-FORWARDED-FOR not set\";\n\t\t}\n\t} else {\n\t\tip_address = suhosin_getenv(\"REMOTE_ADDR\", 11 TSRMLS_CC);\n\t\tif (ip_address == NULL) {\n\t\t\tip_address = \"REMOTE_ADDR not set\";\n\t\t}\n\t}\n\t\n\t\n\tva_start(ap, fmt);\n\tap_php_vsnprintf(error, sizeof(error), fmt, ap);\n\tva_end(ap);\n\tif (SUHOSIN_G(log_max_error_length) > 0 && SUHOSIN_G(log_max_error_length) < (sizeof(error) - 4)) {\n\t\tmemcpy(error + SUHOSIN_G(log_max_error_length), \"...\", 4);\n\t}\n\twhile (error[i]) {\n\t\tif (error[i] < 32) error[i] = '.';\n\t\ti++;\n\t}\n\t\n\tif (SUHOSIN_G(simulation)) {\n\t\talertstring = \"ALERT-SIMULATION\";\n\t} else {\n\t\talertstring = \"ALERT\";\n\t}\n\t\n\tif (zend_is_executing(TSRMLS_C)) {\n\t\tzend_execute_data *exdata = EG(current_execute_data);\n\t\tif (exdata) {\n\t\t\tif (getcaller && exdata->prev_execute_data && exdata->prev_execute_data->opline && exdata->prev_execute_data->op_array) {\n\t\t\t\tlineno = exdata->prev_execute_data->opline->lineno;\n\t\t\t\tfname = (char *)exdata->prev_execute_data->op_array->filename;\n\t\t\t} else if (exdata->opline && exdata->op_array) {\n\t\t\t\tlineno = exdata->opline->lineno;\n\t\t\t\tfname = (char *)exdata->op_array->filename;\n\t\t\t} else {\n\t\t\t\tlineno = 0;\n\t\t\t\tfname = \"[unknown filename]\";\n\t\t\t}\n\t\t} else {\n\t\t\tlineno = zend_get_executed_lineno(TSRMLS_C);\n\t\t\tfname = (char *)zend_get_executed_filename(TSRMLS_C);\n\t\t}\n\t\tap_php_snprintf(buf, sizeof(buf), \"%s - %s (attacker '%s', file '%s', line %u)\", alertstring, error, ip_address, fname, lineno);\n\t} else {\n\t\tfname = suhosin_getenv(\"SCRIPT_FILENAME\", 15 TSRMLS_CC);\n\t\tif (fname==NULL) {\n\t\t\tfname = \"unknown\";\n\t\t}\n\t\tap_php_snprintf(buf, sizeof(buf), \"%s - %s (attacker '%s', file '%s')\", alertstring, error, ip_address, fname);\n\t}\n\t\t\t\n\t/* Syslog-Logging disabled? */\n\tif (((SUHOSIN_G(log_syslog)|S_INTERNAL) & loglevel)==0) {\n\t\tgoto log_file;\n\t}\t\n\t\n#if defined(AF_UNIX)\n\tap_php_snprintf(error, sizeof(error), \"<%u>suhosin[%u]: %s\\n\", (unsigned int)(SUHOSIN_G(log_syslog_facility)|SUHOSIN_G(log_syslog_priority)),getpid(),buf);\n\n\ts = socket(AF_UNIX, SOCK_DGRAM, 0);\n\tif (s == -1) {\n\t\tgoto log_file;\n\t}\n\t\n\tmemset(&saun, 0, sizeof(saun));\n\tsaun.sun_family = AF_UNIX;\n\tstrcpy(saun.sun_path, SYSLOG_PATH);\n\t/*saun.sun_len = sizeof(saun);*/\n\t\n\tr = connect(s, (struct sockaddr *)&saun, sizeof(saun));\n\tif (r) {\n\t\tclose(s);\n \t\ts = socket(AF_UNIX, SOCK_STREAM, 0);\n\t\tif (s == -1) {\n\t\t\tgoto log_file;\n\t\t}\n\t\n\t\tmemset(&saun, 0, sizeof(saun));\n\t\tsaun.sun_family = AF_UNIX;\n\t\tstrcpy(saun.sun_path, SYSLOG_PATH);\n\t\t/*saun.sun_len = sizeof(saun);*/\n\n\t\tr = connect(s, (struct sockaddr *)&saun, sizeof(saun));\n\t\tif (r) { \n\t\t\tclose(s);\n\t\t\tgoto log_file;\n\t\t}\n\t}\n\tsend(s, error, strlen(error), 0);\n\t\n\tclose(s);\n#endif\n#ifdef PHP_WIN32\n\tap_php_snprintf(error, sizeof(error), \"suhosin[%u]: %s\", getpid(),buf);\n\n\tswitch (SUHOSIN_G(log_syslog_priority)) {\t\t\t/* translate UNIX type into NT type */\n\t\tcase 1: /*LOG_ALERT:*/\n\t\t\tetype = EVENTLOG_ERROR_TYPE;\n\t\t\tbreak;\n\t\tcase 6: /*LOG_INFO:*/\n\t\t\tetype = EVENTLOG_INFORMATION_TYPE;\n\t\t\tbreak;\n\t\tdefault:\n\t\t\tetype = EVENTLOG_WARNING_TYPE;\n\t}\n\tevid = loglevel;\n\tstrs[0] = error;\n\t/* report the event */\n\tif (log_source == NULL) {\n\t\tlog_source = RegisterEventSource(NULL, \"Suhosin-\" SUHOSIN_EXT_VERSION);\n\t}\n\tReportEvent(log_source, etype, (unsigned short) SUHOSIN_G(log_syslog_priority), evid, NULL, 1, 0, strs, NULL);\n\t\n#endif\nlog_file:\n\t/* File-Logging disabled? */\n\tif ((SUHOSIN_G(log_file) & loglevel)==0) {\n\t\tgoto log_sapi;\n\t}\n\t\n\tif (!SUHOSIN_G(log_filename) || !SUHOSIN_G(log_filename)[0]) {\n\t\tgoto log_sapi;\n\t}\n\tfd = open(SUHOSIN_G(log_filename), O_CREAT|O_APPEND|O_WRONLY, 0640);\n\tif (fd == -1) {\n\t suhosin_log(S_INTERNAL, \"Unable to open logfile: %s\", SUHOSIN_G(log_filename));\n\t return;\n\t}\n\n\tif (SUHOSIN_G(log_file_time)) {\n\t\tgettimeofday(&tv, NULL);\n\t\tnow = tv.tv_sec;\n\t\tphp_localtime_r(&now, &tm);\n\t\tap_php_snprintf(error, sizeof(error), \"%s %2d %02d:%02d:%02d [%u] %s\\n\", month_names[tm.tm_mon], tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec, getpid(),buf);\n\t} else {\n\t\tap_php_snprintf(error, sizeof(error), \"%s\\n\", buf);\n\t}\n\ttowrite = strlen(error);\n\twbuf = error;\n\tphp_flock(fd, LOCK_EX);\n\twhile (towrite > 0) {\n\t\twritten = write(fd, wbuf, towrite);\n\t\tif (written < 0) {\n\t\t\tbreak;\n\t\t}\n\t\ttowrite -= written;\n\t\twbuf += written;\n\t}\n\tphp_flock(fd, LOCK_UN);\n\tclose(fd);\n\nlog_sapi:\n\t/* SAPI Logging activated? */\n\tSDEBUG(\"(suhosin_log) log_syslog: %ld - log_sapi: %ld - log_script: %ld - log_phpscript: %ld\", SUHOSIN_G(log_syslog), SUHOSIN_G(log_sapi), SUHOSIN_G(log_script), SUHOSIN_G(log_phpscript));\n\tif (((SUHOSIN_G(log_sapi)|S_INTERNAL) & loglevel)!=0) {\n\t\tsapi_module.log_message(buf TSRMLS_CC);\n\t}\n\tif ((SUHOSIN_G(log_stdout) & loglevel)!=0) {\n\t\tfprintf(stdout, \"%s\\n\", buf);\n\t}\n\n/*log_script:*/\n\t/* script logging activaed? */\n\tif (((SUHOSIN_G(log_script) & loglevel)!=0) && SUHOSIN_G(log_scriptname)!=NULL) {\n\t\tchar cmd[8192], *cmdpos, *bufpos;\n\t\tFILE *in;\n\t\tint space;\n\t\tstruct stat st;\n\t\t\n\t\tchar *sname = SUHOSIN_G(log_scriptname);\n\t\twhile (isspace(*sname)) ++sname;\n\t\tif (*sname == 0) goto log_phpscript;\n\t\t\n\t\tif (VCWD_STAT(sname, &st) < 0) {\n\t\t\tsuhosin_log(S_INTERNAL, \"unable to find logging shell script %s - file dropped\", sname);\n\t\t\tgoto log_phpscript;\n\t\t}\n\t\tif (access(sname, X_OK|R_OK) < 0) {\n\t\t\tsuhosin_log(S_INTERNAL, \"logging shell script %s is not executable - file dropped\", sname);\n\t\t\tgoto log_phpscript;\t\t\t\t\t\n\t\t}\n\t\t\n\t\t/* TODO: clean up this code to calculate size of output dynamically */\n\t\tap_php_snprintf(cmd, sizeof(cmd) - 20, \"%s %s \\'\", sname, loglevel2string(loglevel));\n\t\tspace = sizeof(cmd) - strlen(cmd) - 20;\n\t\tcmdpos = cmd + strlen(cmd);\n\t\tbufpos = buf;\n\t\tif (space <= 1) return;\n\t\twhile (space > 2 && *bufpos) {\n\t\t\tif (*bufpos == '\\'') {\n\t\t\t\tif (space<=5) break;\n\t\t\t\t*cmdpos++ = '\\'';\n\t\t\t\t*cmdpos++ = '\\\\';\n\t\t\t\t*cmdpos++ = '\\'';\n\t\t\t\t*cmdpos++ = '\\'';\n\t\t\t\tbufpos++;\n\t\t\t\tspace-=4;\n\t\t\t} else {\n\t\t\t\t*cmdpos++ = *bufpos++;\n\t\t\t\tspace--;\n\t\t\t}\n\t\t}\n\t\t*cmdpos++ = '\\'';\n\t\t*cmdpos++ = ' ';\n\t\t*cmdpos++ = '2';\n\t\t*cmdpos++ = '>';\n\t\t*cmdpos++ = '&';\n\t\t*cmdpos++ = '1';\n\t\t*cmdpos = 0;\n\t\t\n\t\tif ((in=VCWD_POPEN(cmd, \"r\"))==NULL) {\n\t\t\tsuhosin_log(S_INTERNAL, \"Unable to execute logging shell script: %s\", sname);\n\t\t\tgoto log_phpscript;\n\t\t}\n\t\t/* read and forget the result */\n\t\twhile (1) {\n\t\t\tint readbytes = fread(cmd, 1, sizeof(cmd), in);\n\t\t\tif (readbytes<=0) {\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\tif (strncmp(cmd, \"sh: \", 4) == 0) {\n\t\t\t\t/* assume this is an error */\n\t\t\t\tsuhosin_log(S_INTERNAL, \"Error while executing logging shell script: %s\", sname);\n\t\t\t\tpclose(in);\n\t\t\t\tgoto log_phpscript;\n\t\t\t}\n\t\t}\n\t\tpclose(in);\n\t}\nlog_phpscript:\n\tif ((SUHOSIN_G(log_phpscript) & loglevel)!=0 && EG(in_execution) && SUHOSIN_G(log_phpscriptname) && SUHOSIN_G(log_phpscriptname)[0]) {\n\t\tzend_file_handle file_handle;\n\t\tzend_op_array *new_op_array;\n\t\tzval *result = NULL;\n\t\t\n\t\tlong orig_execution_depth = SUHOSIN_G(execution_depth);\n\t\tchar *orig_basedir = PG(open_basedir);\n\t\t\n\t\tchar *phpscript = SUHOSIN_G(log_phpscriptname);\nSDEBUG(\"scriptname %s\", SUHOSIN_G(log_phpscriptname));\t\t\t\t\n\t\tif (zend_stream_open(phpscript, &file_handle TSRMLS_CC) == SUCCESS) {\n\t\t\tif (!file_handle.opened_path) {\n\t\t\t\tfile_handle.opened_path = estrndup(phpscript, strlen(phpscript));\n\t\t\t}\n\t\t\tnew_op_array = zend_compile_file(&file_handle, ZEND_REQUIRE TSRMLS_CC);\n\t\t\tzend_destroy_file_handle(&file_handle TSRMLS_CC);\n\t\t\tif (new_op_array) {\n\t\t\t\tHashTable *active_symbol_table = EG(active_symbol_table);\n\t\t\t\tzval *zerror, *zerror_class;\n\t\t\t\t\n\t\t\t\tif (active_symbol_table == NULL) {\n\t\t\t\t\tactive_symbol_table = &EG(symbol_table);\n\t\t\t\t}\n\t\t\t\tEG(return_value_ptr_ptr) = &result;\n\t\t\t\tEG(active_op_array) = new_op_array;\n\t\t\t\t\n\t\t\t\tMAKE_STD_ZVAL(zerror);\n\t\t\t\tMAKE_STD_ZVAL(zerror_class);\n\t\t\t\tZVAL_STRING(zerror, buf, 1);\n\t\t\t\tZVAL_LONG(zerror_class, loglevel);\n\n\t\t\t\tzend_hash_update(active_symbol_table, \"SUHOSIN_ERROR\", sizeof(\"SUHOSIN_ERROR\"), (void **)&zerror, sizeof(zval *), NULL);\n\t\t\t\tzend_hash_update(active_symbol_table, \"SUHOSIN_ERRORCLASS\", sizeof(\"SUHOSIN_ERRORCLASS\"), (void **)&zerror_class, sizeof(zval *), NULL);\n\t\t\t\t\n\t\t\t\tSUHOSIN_G(execution_depth) = 0;\n\t\t\t\tif (SUHOSIN_G(log_phpscript_is_safe)) {\n\t\t\t\t\tPG(open_basedir) = NULL;\n\t\t\t\t}\n\t\t\t\t\n\t\t\t\tzend_execute(new_op_array TSRMLS_CC);\n\t\t\t\t\n\t\t\t\tSUHOSIN_G(execution_depth) = orig_execution_depth;\n\t\t\t\tPG(open_basedir) = orig_basedir;\n\t\t\t\t\n\t\t\t\tdestroy_op_array(new_op_array TSRMLS_CC);\n\t\t\t\tefree(new_op_array);\n\n\t\t\t\tif (!EG(exception))\n\t\t\t\t{\n\t\t\t\t\tif (EG(return_value_ptr_ptr)) {\n\t\t\t\t\t\tzval_ptr_dtor(EG(return_value_ptr_ptr));\n\t\t\t\t\t\tEG(return_value_ptr_ptr) = NULL;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\tsuhosin_log(S_INTERNAL, \"Unable to execute logging PHP script: %s\", SUHOSIN_G(log_phpscriptname));\n\t\t\t\treturn;\n\t\t\t}\n\t\t} else {\n\t\t\tsuhosin_log(S_INTERNAL, \"Unable to execute logging PHP script: %s\", SUHOSIN_G(log_phpscriptname));\n\t\t\treturn;\n\t\t}\n\t}\n\n}\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n"
},
{
"path": "mbregex/COPYING.LIB",
"content": "\n GNU LESSER GENERAL PUBLIC LICENSE\n Version 2.1, February 1999\n\n Copyright (C) 1991, 1999 Free Software Foundation, Inc.\n 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\n Everyone is permitted to copy and distribute verbatim copies\n of this license document, but changing it is not allowed.\n\n[This is the first released version of the Lesser GPL. It also counts\n as the successor of the GNU Library Public License, version 2, hence\n the version number 2.1.]\n\n Preamble\n\n The licenses for most software are designed to take away your\nfreedom to share and change it. By contrast, the GNU General Public\nLicenses are intended to guarantee your freedom to share and change\nfree software--to make sure the software is free for all its users.\n\n This license, the Lesser General Public License, applies to some\nspecially designated software packages--typically libraries--of the\nFree Software Foundation and other authors who decide to use it. You\ncan use it too, but we suggest you first think carefully about whether\nthis license or the ordinary General Public License is the better\nstrategy to use in any particular case, based on the explanations\nbelow.\n\n When we speak of free software, we are referring to freedom of use,\nnot price. Our General Public Licenses are designed to make sure that\nyou have the freedom to distribute copies of free software (and charge\nfor this service if you wish); that you receive source code or can get\nit if you want it; that you can change the software and use pieces of\nit in new free programs; and that you are informed that you can do\nthese things.\n\n To protect your rights, we need to make restrictions that forbid\ndistributors to deny you these rights or to ask you to surrender these\nrights. These restrictions translate to certain responsibilities for\nyou if you distribute copies of the library or if you modify it.\n\n For example, if you distribute copies of the library, whether gratis\nor for a fee, you must give the recipients all the rights that we gave\nyou. You must make sure that they, too, receive or can get the source\ncode. If you link other code with the library, you must provide\ncomplete object files to the recipients, so that they can relink them\nwith the library after making changes to the library and recompiling\nit. And you must show them these terms so they know their rights.\n\n We protect your rights with a two-step method: (1) we copyright the\nlibrary, and (2) we offer you this license, which gives you legal\npermission to copy, distribute and/or modify the library.\n\n To protect each distributor, we want to make it very clear that\nthere is no warranty for the free library. Also, if the library is\nmodified by someone else and passed on, the recipients should know\nthat what they have is not the original version, so that the original\nauthor's reputation will not be affected by problems that might be\nintroduced by others.\n^L\n Finally, software patents pose a constant threat to the existence of\nany free program. We wish to make sure that a company cannot\neffectively restrict the users of a free program by obtaining a\nrestrictive license from a patent holder. Therefore, we insist that\nany patent license obtained for a version of the library must be\nconsistent with the full freedom of use specified in this license.\n\n Most GNU software, including some libraries, is covered by the\nordinary GNU General Public License. This license, the GNU Lesser\nGeneral Public License, applies to certain designated libraries, and\nis quite different from the ordinary General Public License. We use\nthis license for certain libraries in order to permit linking those\nlibraries into non-free programs.\n\n When a program is linked with a library, whether statically or using\na shared library, the combination of the two is legally speaking a\ncombined work, a derivative of the original library. The ordinary\nGeneral Public License therefore permits such linking only if the\nentire combination fits its criteria of freedom. The Lesser General\nPublic License permits more lax criteria for linking other code with\nthe library.\n\n We call this license the \"Lesser\" General Public License because it\ndoes Less to protect the user's freedom than the ordinary General\nPublic License. It also provides other free software developers Less\nof an advantage over competing non-free programs. These disadvantages\nare the reason we use the ordinary General Public License for many\nlibraries. However, the Lesser license provides advantages in certain\nspecial circumstances.\n\n For example, on rare occasions, there may be a special need to\nencourage the widest possible use of a certain library, so that it\nbecomes\na de-facto standard. To achieve this, non-free programs must be\nallowed to use the library. A more frequent case is that a free\nlibrary does the same job as widely used non-free libraries. In this\ncase, there is little to gain by limiting the free library to free\nsoftware only, so we use the Lesser General Public License.\n\n In other cases, permission to use a particular library in non-free\nprograms enables a greater number of people to use a large body of\nfree software. For example, permission to use the GNU C Library in\nnon-free programs enables many more people to use the whole GNU\noperating system, as well as its variant, the GNU/Linux operating\nsystem.\n\n Although the Lesser General Public License is Less protective of the\nusers' freedom, it does ensure that the user of a program that is\nlinked with the Library has the freedom and the wherewithal to run\nthat program using a modified version of the Library.\n\n The precise terms and conditions for copying, distribution and\nmodification follow. Pay close attention to the difference between a\n\"work based on the library\" and a \"work that uses the library\". The\nformer contains code derived from the library, whereas the latter must\nbe combined with the library in order to run.\n^L\n GNU LESSER GENERAL PUBLIC LICENSE\n TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION\n\n 0. This License Agreement applies to any software library or other\nprogram which contains a notice placed by the copyright holder or\nother authorized party saying it may be distributed under the terms of\nthis Lesser General Public License (also called \"this License\").\nEach licensee is addressed as \"you\".\n\n A \"library\" means a collection of software functions and/or data\nprepared so as to be conveniently linked with application programs\n(which use some of those functions and data) to form executables.\n\n The \"Library\", below, refers to any such software library or work\nwhich has been distributed under these terms. A \"work based on the\nLibrary\" means either the Library or any derivative work under\ncopyright law: that is to say, a work containing the Library or a\nportion of it, either verbatim or with modifications and/or translated\nstraightforwardly into another language. (Hereinafter, translation is\nincluded without limitation in the term \"modification\".)\n\n \"Source code\" for a work means the preferred form of the work for\nmaking modifications to it. For a library, complete source code means\nall the source code for all modules it contains, plus any associated\ninterface definition files, plus the scripts used to control\ncompilation\nand installation of the library.\n\n Activities other than copying, distribution and modification are not\ncovered by this License; they are outside its scope. The act of\nrunning a program using the Library is not restricted, and output from\nsuch a program is covered only if its contents constitute a work based\non the Library (independent of the use of the Library in a tool for\nwriting it). Whether that is true depends on what the Library does\nand what the program that uses the Library does.\n\n 1. You may copy and distribute verbatim copies of the Library's\ncomplete source code as you receive it, in any medium, provided that\nyou conspicuously and appropriately publish on each copy an\nappropriate copyright notice and disclaimer of warranty; keep intact\nall the notices that refer to this License and to the absence of any\nwarranty; and distribute a copy of this License along with the\nLibrary.\n\n You may charge a fee for the physical act of transferring a copy,\nand you may at your option offer warranty protection in exchange for a\nfee.\n\f\n 2. You may modify your copy or copies of the Library or any portion\nof it, thus forming a work based on the Library, and copy and\ndistribute such modifications or work under the terms of Section 1\nabove, provided that you also meet all of these conditions:\n\n a) The modified work must itself be a software library.\n\n b) You must cause the files modified to carry prominent notices\n stating that you changed the files and the date of any change.\n\n c) You must cause the whole of the work to be licensed at no\n charge to all third parties under the terms of this License.\n\n d) If a facility in the modified Library refers to a function or a\n table of data to be supplied by an application program that uses\n the facility, other than as an argument passed when the facility\n is invoked, then you must make a good faith effort to ensure that,\n in the event an application does not supply such function or\n table, the facility still operates, and performs whatever part of\n its purpose remains meaningful.\n\n (For example, a function in a library to compute square roots has\n a purpose that is entirely well-defined independent of the\n application. Therefore, Subsection 2d requires that any\n application-supplied function or table used by this function must\n be optional: if the application does not supply it, the square\n root function must still compute square roots.)\n\nThese requirements apply to the modified work as a whole. If\nidentifiable sections of that work are not derived from the Library,\nand can be reasonably considered independent and separate works in\nthemselves, then this License, and its terms, do not apply to those\nsections when you distribute them as separate works. But when you\ndistribute the same sections as part of a whole which is a work based\non the Library, the distribution of the whole must be on the terms of\nthis License, whose permissions for other licensees extend to the\nentire whole, and thus to each and every part regardless of who wrote\nit.\n\nThus, it is not the intent of this section to claim rights or contest\nyour rights to work written entirely by you; rather, the intent is to\nexercise the right to control the distribution of derivative or\ncollective works based on the Library.\n\nIn addition, mere aggregation of another work not based on the Library\nwith the Library (or with a work based on the Library) on a volume of\na storage or distribution medium does not bring the other work under\nthe scope of this License.\n\n 3. You may opt to apply the terms of the ordinary GNU General Public\nLicense instead of this License to a given copy of the Library. To do\nthis, you must alter all the notices that refer to this License, so\nthat they refer to the ordinary GNU General Public License, version 2,\ninstead of to this License. (If a newer version than version 2 of the\nordinary GNU General Public License has appeared, then you can specify\nthat version instead if you wish.) Do not make any other change in\nthese notices.\n^L\n Once this change is made in a given copy, it is irreversible for\nthat copy, so the ordinary GNU General Public License applies to all\nsubsequent copies and derivative works made from that copy.\n\n This option is useful when you wish to copy part of the code of\nthe Library into a program that is not a library.\n\n 4. You may copy and distribute the Library (or a portion or\nderivative of it, under Section 2) in object code or executable form\nunder the terms of Sections 1 and 2 above provided that you accompany\nit with the complete corresponding machine-readable source code, which\nmust be distributed under the terms of Sections 1 and 2 above on a\nmedium customarily used for software interchange.\n\n If distribution of object code is made by offering access to copy\nfrom a designated place, then offering equivalent access to copy the\nsource code from the same place satisfies the requirement to\ndistribute the source code, even though third parties are not\ncompelled to copy the source along with the object code.\n\n 5. A program that contains no derivative of any portion of the\nLibrary, but is designed to work with the Library by being compiled or\nlinked with it, is called a \"work that uses the Library\". Such a\nwork, in isolation, is not a derivative work of the Library, and\ntherefore falls outside the scope of this License.\n\n However, linking a \"work that uses the Library\" with the Library\ncreates an executable that is a derivative of the Library (because it\ncontains portions of the Library), rather than a \"work that uses the\nlibrary\". The executable is therefore covered by this License.\nSection 6 states terms for distribution of such executables.\n\n When a \"work that uses the Library\" uses material from a header file\nthat is part of the Library, the object code for the work may be a\nderivative work of the Library even though the source code is not.\nWhether this is true is especially significant if the work can be\nlinked without the Library, or if the work is itself a library. The\nthreshold for this to be true is not precisely defined by law.\n\n If such an object file uses only numerical parameters, data\nstructure layouts and accessors, and small macros and small inline\nfunctions (ten lines or less in length), then the use of the object\nfile is unrestricted, regardless of whether it is legally a derivative\nwork. (Executables containing this object code plus portions of the\nLibrary will still fall under Section 6.)\n\n Otherwise, if the work is a derivative of the Library, you may\ndistribute the object code for the work under the terms of Section 6.\nAny executables containing that work also fall under Section 6,\nwhether or not they are linked directly with the Library itself.\n^L\n 6. As an exception to the Sections above, you may also combine or\nlink a \"work that uses the Library\" with the Library to produce a\nwork containing portions of the Library, and distribute that work\nunder terms of your choice, provided that the terms permit\nmodification of the work for the customer's own use and reverse\nengineering for debugging such modifications.\n\n You must give prominent notice with each copy of the work that the\nLibrary is used in it and that the Library and its use are covered by\nthis License. You must supply a copy of this License. If the work\nduring execution displays copyright notices, you must include the\ncopyright notice for the Library among them, as well as a reference\ndirecting the user to the copy of this License. Also, you must do one\nof these things:\n\n a) Accompany the work with the complete corresponding\n machine-readable source code for the Library including whatever\n changes were used in the work (which must be distributed under\n Sections 1 and 2 above); and, if the work is an executable linked\n with the Library, with the complete machine-readable \"work that\n uses the Library\", as object code and/or source code, so that the\n user can modify the Library and then relink to produce a modified\n executable containing the modified Library. (It is understood\n that the user who changes the contents of definitions files in the\n Library will not necessarily be able to recompile the application\n to use the modified definitions.)\n\n b) Use a suitable shared library mechanism for linking with the\n Library. A suitable mechanism is one that (1) uses at run time a\n copy of the library already present on the user's computer system,\n rather than copying library functions into the executable, and (2)\n will operate properly with a modified version of the library, if\n the user installs one, as long as the modified version is\n interface-compatible with the version that the work was made with.\n\n c) Accompany the work with a written offer, valid for at\n least three years, to give the same user the materials\n specified in Subsection 6a, above, for a charge no more\n than the cost of performing this distribution.\n\n d) If distribution of the work is made by offering access to copy\n from a designated place, offer equivalent access to copy the above\n specified materials from the same place.\n\n e) Verify that the user has already received a copy of these\n materials or that you have already sent this user a copy.\n\n For an executable, the required form of the \"work that uses the\nLibrary\" must include any data and utility programs needed for\nreproducing the executable from it. However, as a special exception,\nthe materials to be distributed need not include anything that is\nnormally distributed (in either source or binary form) with the major\ncomponents (compiler, kernel, and so on) of the operating system on\nwhich the executable runs, unless that component itself accompanies\nthe executable.\n\n It may happen that this requirement contradicts the license\nrestrictions of other proprietary libraries that do not normally\naccompany the operating system. Such a contradiction means you cannot\nuse both them and the Library together in an executable that you\ndistribute.\n^L\n 7. You may place library facilities that are a work based on the\nLibrary side-by-side in a single library together with other library\nfacilities not covered by this License, and distribute such a combined\nlibrary, provided that the separate distribution of the work based on\nthe Library and of the other library facilities is otherwise\npermitted, and provided that you do these two things:\n\n a) Accompany the combined library with a copy of the same work\n based on the Library, uncombined with any other library\n facilities. This must be distributed under the terms of the\n Sections above.\n\n b) Give prominent notice with the combined library of the fact\n that part of it is a work based on the Library, and explaining\n where to find the accompanying uncombined form of the same work.\n\n 8. You may not copy, modify, sublicense, link with, or distribute\nthe Library except as expressly provided under this License. Any\nattempt otherwise to copy, modify, sublicense, link with, or\ndistribute the Library is void, and will automatically terminate your\nrights under this License. However, parties who have received copies,\nor rights, from you under this License will not have their licenses\nterminated so long as such parties remain in full compliance.\n\n 9. You are not required to accept this License, since you have not\nsigned it. However, nothing else grants you permission to modify or\ndistribute the Library or its derivative works. These actions are\nprohibited by law if you do not accept this License. Therefore, by\nmodifying or distributing the Library (or any work based on the\nLibrary), you indicate your acceptance of this License to do so, and\nall its terms and conditions for copying, distributing or modifying\nthe Library or works based on it.\n\n 10. Each time you redistribute the Library (or any work based on the\nLibrary), the recipient automatically receives a license from the\noriginal licensor to copy, distribute, link with or modify the Library\nsubject to these terms and conditions. You may not impose any further\nrestrictions on the recipients' exercise of the rights granted herein.\nYou are not responsible for enforcing compliance by third parties with\nthis License.\n^L\n 11. If, as a consequence of a court judgment or allegation of patent\ninfringement or for any other reason (not limited to patent issues),\nconditions are imposed on you (whether by court order, agreement or\notherwise) that contradict the conditions of this License, they do not\nexcuse you from the conditions of this License. If you cannot\ndistribute so as to satisfy simultaneously your obligations under this\nLicense and any other pertinent obligations, then as a consequence you\nmay not distribute the Library at all. For example, if a patent\nlicense would not permit royalty-free redistribution of the Library by\nall those who receive copies directly or indirectly through you, then\nthe only way you could satisfy both it and this License would be to\nrefrain entirely from distribution of the Library.\n\nIf any portion of this section is held invalid or unenforceable under\nany particular circumstance, the balance of the section is intended to\napply, and the section as a whole is intended to apply in other\ncircumstances.\n\nIt is not the purpose of this section to induce you to infringe any\npatents or other property right claims or to contest validity of any\nsuch claims; this section has the sole purpose of protecting the\nintegrity of the free software distribution system which is\nimplemented by public license practices. Many people have made\ngenerous contributions to the wide range of software distributed\nthrough that system in reliance on consistent application of that\nsystem; it is up to the author/donor to decide if he or she is willing\nto distribute software through any other system and a licensee cannot\nimpose that choice.\n\nThis section is intended to make thoroughly clear what is believed to\nbe a consequence of the rest of this License.\n\n 12. If the distribution and/or use of the Library is restricted in\ncertain countries either by patents or by copyrighted interfaces, the\noriginal copyright holder who places the Library under this License\nmay add an explicit geographical distribution limitation excluding those\ncountries, so that distribution is permitted only in or among\ncountries not thus excluded. In such case, this License incorporates\nthe limitation as if written in the body of this License.\n\n 13. The Free Software Foundation may publish revised and/or new\nversions of the Lesser General Public License from time to time.\nSuch new versions will be similar in spirit to the present version,\nbut may differ in detail to address new problems or concerns.\n\nEach version is given a distinguishing version number. If the Library\nspecifies a version number of this License which applies to it and\n\"any later version\", you have the option of following the terms and\nconditions either of that version or of any later version published by\nthe Free Software Foundation. If the Library does not specify a\nlicense version number, you may choose any version ever published by\nthe Free Software Foundation.\n^L\n 14. If you wish to incorporate parts of the Library into other free\nprograms whose distribution conditions are incompatible with these,\nwrite to the author to ask for permission. For software which is\ncopyrighted by the Free Software Foundation, write to the Free\nSoftware Foundation; we sometimes make exceptions for this. Our\ndecision will be guided by the two goals of preserving the free status\nof all derivatives of our free software and of promoting the sharing\nand reuse of software generally.\n\n NO WARRANTY\n\n 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO\nWARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.\nEXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR\nOTHER PARTIES PROVIDE THE LIBRARY \"AS IS\" WITHOUT WARRANTY OF ANY\nKIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE\nIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\nPURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE\nLIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME\nTHE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.\n\n 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN\nWRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY\nAND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU\nFOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR\nCONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE\nLIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING\nRENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A\nFAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF\nSUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH\nDAMAGES.\n\n END OF TERMS AND CONDITIONS\n^L\n How to Apply These Terms to Your New Libraries\n\n If you develop a new library, and you want it to be of the greatest\npossible use to the public, we recommend making it free software that\neveryone can redistribute and change. You can do so by permitting\nredistribution under these terms (or, alternatively, under the terms\nof the ordinary General Public License).\n\n To apply these terms, attach the following notices to the library.\nIt is safest to attach them to the start of each source file to most\neffectively convey the exclusion of warranty; and each file should\nhave at least the \"copyright\" line and a pointer to where the full\nnotice is found.\n\n\n \n Copyright (C) \n\n This library is free software; you can redistribute it and/or\n modify it under the terms of the GNU Lesser General Public\n License as published by the Free Software Foundation; either\n version 2 of the License, or (at your option) any later version.\n\n This library is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU\n Lesser General Public License for more details.\n\n You should have received a copy of the GNU Lesser General Public\n License along with this library; if not, write to the Free Software\n Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\n\nAlso add information on how to contact you by electronic and paper\nmail.\n\nYou should also get your employer (if you work as a programmer) or\nyour\nschool, if any, to sign a \"copyright disclaimer\" for the library, if\nnecessary. Here is a sample; alter the names:\n\n Yoyodyne, Inc., hereby disclaims all copyright interest in the\n library `Frob' (a library for tweaking knobs) written by James\nRandom Hacker.\n\n , 1 April 1990\n Ty Coon, President of Vice\n\nThat's all there is to it!\n\n\n"
},
{
"path": "mbregex/mbregex.h",
"content": "/* Definitions for data structures and routines for the regular\n expression library, version 0.12.\n Copyright (C) 1985,89,90,91,92,93,95,96,97,98 Free Software Foundation, Inc.\n\n This file is part of the GNU C Library. Its master source is NOT part of\n the C library, however. The master source lives in /gd/gnu/lib.\n\n The GNU C Library is free software; you can redistribute it and/or\n modify it under the terms of the GNU Library General Public License as\n published by the Free Software Foundation; either version 2 of the\n License, or (at your option) any later version.\n\n The GNU C Library is distributed in the hope that it will be useful,\n but WITHOUT ANY WARRANTY; without even the implied warranty of\n MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU\n Library General Public License for more details.\n\n You should have received a copy of the GNU Library General Public\n License along with the GNU C Library; see the file COPYING.LIB. If not,\n write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,\n Boston, MA 02111-1307, USA. */\n/* Multi-byte extension added May, 1993 by t^2 (Takahiro Tanimoto)\n Last change: May 21, 1993 by t^2 */\n/* modified for Ruby by matz@netlab.co.jp */\n\n#ifndef __MB_REGEXP_LIBRARY\n#define __MB_REGEXP_LIBRARY\n\n#include \n\n/* Define number of parens for which we record the beginnings and ends.\n This affects how much space the `struct re_registers' type takes up. */\n#ifndef MBRE_NREGS\n#define MBRE_NREGS 10\n#endif\n\n#define MBRE_BYTEWIDTH 8\n\n#define MBRE_REG_MAX ((1< |\n +----------------------------------------------------------------------+\n*/\n\n/* $Id: mbregex.h,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ */\n\n#if HAVE_MBREGEX\n\n#include \"mbregex/mbregex.h\"\n\n#endif"
},
{
"path": "memory_limit.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n/*\n $Id: memory_limit.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ \n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"ext/standard/info.h\"\n#include \"php_suhosin.h\"\n\n\n/* {{{ PHP_INI_MH\n */\nstatic PHP_INI_MH(suhosin_OnChangeMemoryLimit)\n{\n#if SIZEOF_LONG==8\n\tlong hard_memory_limit = 0x7fffffffffffffff;\n#elif SIZEOF_LONG==4\n\tlong hard_memory_limit = 0x7fffffff;\n#endif /* will produce a compile error or SIZEOF_LONG is not 4 or 8 */\n\tif (stage == ZEND_INI_STAGE_RUNTIME) {\n\t\tif (SUHOSIN_G(memory_limit) > 0) {\n\t\t\tSUHOSIN_G(hard_memory_limit) = SUHOSIN_G(memory_limit);\n\t\t} else if (SUHOSIN_G(hard_memory_limit) == 0) {\n\t\t\tSUHOSIN_G(hard_memory_limit) = PG(memory_limit);\n\t\t}\n\t\thard_memory_limit = SUHOSIN_G(hard_memory_limit);\n\t} else {\n\t\tSUHOSIN_G(hard_memory_limit) = 0;\n\t}\n\tif (new_value) {\n\t\tPG(memory_limit) = zend_atol(new_value, new_value_length);\n\t\tif (hard_memory_limit > 0) {\n\t\t\tif (PG(memory_limit) > hard_memory_limit) {\n\t\t\t\tsuhosin_log(S_MISC, \"script tried to increase memory_limit to %lu bytes which is above the allowed value\", PG(memory_limit));\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tPG(memory_limit) = hard_memory_limit;\n\t\t\t\t\treturn FAILURE;\n\t\t\t\t}\n\t\t\t} else if (PG(memory_limit) < 0) {\n\t\t\t\tsuhosin_log(S_MISC, \"script tried to disable memory_limit by setting it to a negative value %ld bytes which is not allowed\", PG(memory_limit));\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tPG(memory_limit) = hard_memory_limit;\n\t\t\t\t\treturn FAILURE;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t} else {\n\t\tPG(memory_limit) = hard_memory_limit;\n\t}\n\treturn zend_set_memory_limit(PG(memory_limit));\n}\n/* }}} */\n\n\nvoid suhosin_hook_memory_limit(TSRMLS_D)\n{\n\tzend_ini_entry *ini_entry;\n\n\t/* check if we are compiled against memory_limit */\n\tif (zend_hash_find(EG(ini_directives), \"memory_limit\", sizeof(\"memory_limit\"), (void **) &ini_entry)==FAILURE) {\n\t\treturn;\n\t}\n\t\n\t/* replace OnUpdateMemoryLimit handler */\n\tini_entry->on_modify = suhosin_OnChangeMemoryLimit;\n}\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n\n\n"
},
{
"path": "php_suhosin.h",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n\n/* $Id: php_suhosin.h,v 1.4 2008-01-13 22:50:37 sesser Exp $ */\n\n#ifndef PHP_SUHOSIN_H\n#define PHP_SUHOSIN_H\n\n#define SUHOSIN_EXT_VERSION \"0.9.39dev2\"\n\n/*#define SUHOSIN_DEBUG*/\n#define SUHOSIN_LOG \"/tmp/suhosin_log.txt\"\n\n#ifdef PHP_WIN32\n#define SDEBUG\n#else\n\n#ifdef SUHOSIN_DEBUG\n#define SDEBUG(msg...) \\\n {FILE *f;f=fopen(SUHOSIN_LOG, \"a+\");if(f){fprintf(f,\"[%u] \",getpid());fprintf(f, msg);fprintf(f,\"\\n\");fclose(f);}}\n#else\n#define SDEBUG(msg...)\n#endif\n#endif\n\n#ifndef PHP_VERSION_ID\n#define PHP_VERSION_ID (PHP_MAJOR_VERSION * 10000 + PHP_MINOR_VERSION * 100 + PHP_RELEASE_VERSION)\n#endif\n\nextern zend_module_entry suhosin_module_entry;\n#define phpext_suhosin_ptr &suhosin_module_entry\n\n#ifdef PHP_WIN32\n#define PHP_SUHOSIN_API __declspec(dllexport)\n#else\n#define PHP_SUHOSIN_API\n#endif\n\n#ifdef ZTS\n#include \"TSRM.h\"\n#endif\n\n/*#define STATIC static*/\n#define STATIC\n\n#define BYTE unsigned char /* 8 bits */\n#define WORD unsigned int /* 32 bits */\n\nPHP_MINIT_FUNCTION(suhosin);\nPHP_MSHUTDOWN_FUNCTION(suhosin);\nPHP_RINIT_FUNCTION(suhosin);\nPHP_RSHUTDOWN_FUNCTION(suhosin);\nPHP_MINFO_FUNCTION(suhosin);\n\n#include \"ext/standard/basic_functions.h\"\n\nstatic inline int suhosin_is_protected_varname(char *var, int var_len)\n{\n\tswitch (var_len) {\n\t\tcase 18:\n\t\tif (memcmp(var, \"HTTP_RAW_POST_DATA\", 18)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 17:\n\t\tif (memcmp(var, \"HTTP_SESSION_VARS\", 17)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 16:\n\t\tif (memcmp(var, \"HTTP_SERVER_VARS\", 16)==0) goto protected_varname;\n\t\tif (memcmp(var, \"HTTP_COOKIE_VARS\", 16)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 15:\n\t\tif (memcmp(var, \"HTTP_POST_FILES\", 15)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 14:\n\t\tif (memcmp(var, \"HTTP_POST_VARS\", 14)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 13:\n\t\tif (memcmp(var, \"HTTP_GET_VARS\", 13)==0) goto protected_varname;\n\t\tif (memcmp(var, \"HTTP_ENV_VARS\", 13)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 8:\n\t\tif (memcmp(var, \"_SESSION\", 8)==0) goto protected_varname;\n\t\tif (memcmp(var, \"_REQUEST\", 8)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 7:\n\t\tif (memcmp(var, \"GLOBALS\", 7)==0) goto protected_varname;\n\t\tif (memcmp(var, \"_COOKIE\", 7)==0) goto protected_varname;\n\t\tif (memcmp(var, \"_SERVER\", 7)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 6:\n\t\tif (memcmp(var, \"_FILES\", 6)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 5:\n\t\tif (memcmp(var, \"_POST\", 5)==0) goto protected_varname;\n\t\tbreak;\n\t\tcase 4:\n\t\tif (memcmp(var, \"_ENV\", 4)==0) goto protected_varname;\n\t\tif (memcmp(var, \"_GET\", 4)==0) goto protected_varname;\n\t\tbreak;\n\t}\n\n\treturn 0;\nprotected_varname:\n\treturn 1;\n}\n\n\nZEND_BEGIN_MODULE_GLOBALS(suhosin)\n\tzend_uint in_code_type;\n\tlong execution_depth;\n\tzend_bool simulation;\n\tzend_bool stealth;\n\tzend_bool protectkey;\n\tzend_bool executor_allow_symlink;\n\tchar *filter_action;\n\tchar *sql_user_prefix;\n\tchar *sql_user_postfix;\n\tchar *sql_user_match;\n\tlong sql_comment;\n\tlong sql_opencomment;\n\tlong sql_union;\n\tlong sql_mselect;\n\n\tlong max_execution_depth;\n\tzend_bool\tabort_request;\n\tlong executor_include_max_traversal;\n\tzend_bool executor_include_allow_writable_files;\n\n\n\tHashTable *include_whitelist;\n\tHashTable *include_blacklist;\n\n\tHashTable *func_whitelist;\n\tHashTable *func_blacklist;\n\tHashTable *eval_whitelist;\n\tHashTable *eval_blacklist;\n\n\tzend_bool executor_disable_eval;\n\tzend_bool executor_disable_emod;\n\n\n/*\trequest variables */\n\tlong max_request_variables;\n\tlong cur_request_variables;\n\tlong att_request_variables;\n\tlong max_varname_length;\n\tlong max_totalname_length;\n\tlong max_value_length;\n\tlong max_array_depth;\n\tlong max_array_index_length;\n\tchar* array_index_whitelist;\n\tchar* array_index_blacklist;\n\tzend_bool disallow_nul;\n\tzend_bool disallow_ws;\n/*\tcookie variables */\n\tlong max_cookie_vars;\n\tlong cur_cookie_vars;\n\tlong att_cookie_vars;\n\tlong max_cookie_name_length;\n\tlong max_cookie_totalname_length;\n\tlong max_cookie_value_length;\n\tlong max_cookie_array_depth;\n\tlong max_cookie_array_index_length;\n\tzend_bool disallow_cookie_nul;\n\tzend_bool disallow_cookie_ws;\n/*\tget variables */\n\tlong max_get_vars;\n\tlong cur_get_vars;\n\tlong att_get_vars;\n\tlong max_get_name_length;\n\tlong max_get_totalname_length;\n\tlong max_get_value_length;\n\tlong max_get_array_depth;\n\tlong max_get_array_index_length;\n\tzend_bool disallow_get_nul;\n\tzend_bool disallow_get_ws;\n/*\tpost variables */\n\tlong max_post_vars;\n\tlong cur_post_vars;\n\tlong att_post_vars;\n\tlong max_post_name_length;\n\tlong max_post_totalname_length;\n\tlong max_post_value_length;\n\tlong max_post_array_depth;\n\tlong max_post_array_index_length;\n\tzend_bool disallow_post_nul;\n\tzend_bool disallow_post_ws;\n\n/*\tfileupload */\n\tlong upload_limit;\n\tlong upload_max_newlines;\n\tlong num_uploads;\n\tzend_bool upload_disallow_elf;\n\tzend_bool upload_disallow_binary;\n\tzend_bool upload_remove_binary;\n#ifdef SUHOSIN_EXPERIMENTAL\n\tzend_bool upload_allow_utf8;\n#endif\n\tchar *upload_verification_script;\n\n\tzend_bool no_more_variables;\n\tzend_bool no_more_get_variables;\n\tzend_bool no_more_post_variables;\n\tzend_bool no_more_cookie_variables;\n\tzend_bool no_more_uploads;\n\n\n\n/*\tlog */\n\tzend_bool log_use_x_forwarded_for;\n\tlong\tlog_syslog;\n\tlong\tlog_syslog_facility;\n\tlong\tlog_syslog_priority;\n\tlong\tlog_script;\n\tlong\tlog_sapi;\n\tlong\tlog_stdout;\n\tchar\t*log_scriptname;\n\tlong\tlog_phpscript;\n\tchar\t*log_phpscriptname;\n\tzend_bool log_phpscript_is_safe;\n\tlong\tlog_file;\n\tchar\t*log_filename;\n\tzend_bool log_file_time;\n\tlong log_max_error_length;\n\n/*\theader handler */\n\tzend_bool allow_multiheader;\n\n/*\tmailprotect */\n\tlong\tmailprotect;\n\n/*\tmemory_limit */\n\tlong\tmemory_limit;\n\tlong \thard_memory_limit;\n\n/* sqlprotect */\n\tzend_bool sql_bailout_on_error;\n\n\tint (*old_php_body_write)(const char *str, unsigned int str_length TSRMLS_DC);\n\n/*\tsession */\n\tvoid\t*s_module;\n\tvoid\t*s_original_mod;\n\tint \t(*old_s_read)(void **mod_data, const char *key, char **val, int *vallen TSRMLS_DC);\n\tint\t(*old_s_write)(void **mod_data, const char *key, const char *val, const int vallen TSRMLS_DC);\n\tint\t(*old_s_destroy)(void **mod_data, const char *key TSRMLS_DC);\n\n\tBYTE fi[24],ri[24];\n\tWORD fkey[120];\n\tWORD rkey[120];\n\n\tzend_bool\tsession_encrypt;\n\tchar*\tsession_cryptkey;\n\tzend_bool\tsession_cryptua;\n\tzend_bool\tsession_cryptdocroot;\n\tlong\t\tsession_cryptraddr;\n\tlong\t\tsession_checkraddr;\n\n\tlong\tsession_max_id_length;\n\n\tchar*\tdecrypted_cookie;\n\tchar*\traw_cookie;\n\tzend_bool\tcookie_encrypt;\n\tchar*\tcookie_cryptkey;\n\tzend_bool\tcookie_cryptua;\n\tzend_bool\tcookie_cryptdocroot;\n\tlong\t\tcookie_cryptraddr;\n\tlong\t\tcookie_checkraddr;\n\tHashTable *cookie_plainlist;\n\tHashTable *cookie_cryptlist;\n\n\tzend_bool\tcoredump;\n\tzend_bool\tapc_bug_workaround;\n\tzend_bool\talready_scanned;\n\tzend_bool\tdo_not_scan;\n\n\tzend_bool\tserver_encode;\n\tzend_bool\tserver_strip;\n\n\tzend_bool\tdisable_display_errors;\n\n\tphp_uint32\tr_state[625];\n\tphp_uint32\t*r_next;\n\tint\t\t\tr_left;\n\tzend_bool\tsrand_ignore;\n\tzend_bool\tmt_srand_ignore;\n\tphp_uint32\tmt_state[625];\n\tphp_uint32\t*mt_next;\n\tint\t\t\tmt_left;\n\n\tchar *seedingkey;\n\tzend_bool reseed_every_request;\n\n\tzend_bool r_is_seeded;\n\tzend_bool mt_is_seeded;\n\n\t/* PERDIR Handling */\n\tchar *perdir;\n\tzend_bool log_perdir;\n\tzend_bool exec_perdir;\n\tzend_bool get_perdir;\n\tzend_bool post_perdir;\n\tzend_bool cookie_perdir;\n\tzend_bool request_perdir;\n\tzend_bool upload_perdir;\n\tzend_bool sql_perdir;\n\tzend_bool misc_perdir;\n\nZEND_END_MODULE_GLOBALS(suhosin)\n\n#ifdef ZTS\n#define SUHOSIN_G(v) TSRMG(suhosin_globals_id, zend_suhosin_globals *, v)\n#else\n#define SUHOSIN_G(v) (suhosin_globals.v)\n#endif\n\n#ifndef ZEND_INI_STAGE_HTACCESS\n#define ZEND_INI_STAGE_HTACCESS (1<<5)\n#endif\n\n\n/* Error Constants */\n#ifndef S_MEMORY\n#define S_MEMORY\t\t\t(1<<0L)\n#define S_MISC\t\t\t\t(1<<1L)\n#define S_VARS\t\t\t\t(1<<2L)\n#define S_FILES\t\t\t\t(1<<3L)\n#define S_INCLUDE\t\t\t(1<<4L)\n#define S_SQL\t\t\t\t(1<<5L)\n#define S_EXECUTOR\t\t\t(1<<6L)\n#define S_MAIL\t\t\t\t(1<<7L)\n#define S_SESSION\t\t\t(1<<8L)\n#define S_INTERNAL\t\t\t(1<<29L)\n#define S_ALL (S_MEMORY | S_VARS | S_INCLUDE | S_FILES | S_MAIL | S_SESSION | S_MISC | S_SQL | S_EXECUTOR)\n#endif\n\n#ifndef S_GETCALLER\n#define S_GETCALLER (1<<30L)\n#endif\n\n#define SUHOSIN_NORMAL\t0\n#define SUHOSIN_EVAL\t1\n\n#define SUHOSIN_FLAG_CREATED_BY_EVAL 1\n#define SUHOSIN_FLAG_NOT_EVALED_CODE 2\n\nZEND_EXTERN_MODULE_GLOBALS(suhosin)\n\nstatic inline char *\nsuhosin_str_tolower_dup(const char *source, unsigned int length)\n{\n\tregister char *dup = estrndup(source, length);\n\tzend_str_tolower(dup, length);\n\treturn dup;\n}\n\n/* functions */\nPHP_SUHOSIN_API void suhosin_log(int loglevel, char *fmt, ...);\nchar *suhosin_encrypt_string(char *str, int len, char *var, int vlen, char *key TSRMLS_DC);\nchar *suhosin_decrypt_string(char *str, int padded_len, char *var, int vlen, char *key, int *orig_len, int check_ra TSRMLS_DC);\nchar *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, char *cryptkey TSRMLS_DC);\nchar *suhosin_cookie_decryptor(TSRMLS_D);\nchar *suhosin_getenv(char *name, size_t name_len TSRMLS_DC);\nvoid suhosin_hook_post_handlers(TSRMLS_D);\nvoid suhosin_unhook_post_handlers(TSRMLS_D);\nvoid suhosin_hook_register_server_variables();\nvoid suhosin_hook_header_handler();\nvoid suhosin_unhook_header_handler();\nvoid suhosin_hook_session(TSRMLS_D);\nvoid suhosin_unhook_session(TSRMLS_D);\nvoid suhosin_hook_sha256(TSRMLS_D);\n#if defined(__OpenBSD__) && defined(SUHOSIN_EXPERIMENTAL)\nvoid suhosin_hook_pledge(TSRMLS_D);\n#endif\nvoid suhosin_hook_ex_imp(TSRMLS_D);\nvoid suhosin_hook_treat_data();\nvoid suhosin_hook_memory_limit(TSRMLS_D);\nvoid suhosin_hook_execute(TSRMLS_D);\nvoid suhosin_unhook_execute();\nvoid suhosin_aes_gentables();\nvoid suhosin_aes_gkey(int nb,int nk,char *key TSRMLS_DC);\nvoid suhosin_aes_encrypt(char *buff TSRMLS_DC);\nvoid suhosin_aes_decrypt(char *buff TSRMLS_DC);\nunsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC);\nunsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC);\nextern unsigned int (*old_input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC);\nvoid normalize_varname(char *varname);\nint suhosin_rfc1867_filter(unsigned int event, void *event_data, void **extra TSRMLS_DC);\nvoid suhosin_bailout(TSRMLS_D);\nsize_t suhosin_strnspn(const char *input, size_t n, const char *accept);\nsize_t suhosin_strncspn(const char *input, size_t n, const char *reject);\n\n\n#endif\t/* PHP_SUHOSIN_H */\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n"
},
{
"path": "pkg/build_deb.sh",
"content": "#!/bin/bash\n\n_exit() {\n\techo \"[E] bye.\"\n\texit 1\n}\n\nyn_or_exit() {\n\techo -n \"[?] OK? [y] \"\n\tread yn\n\tif [ \"$yn\" != \"\" -a \"$yn\" != \"y\" ]; then\n\t\t_exit\n\tfi\n}\n\n##\n\necho \"[*] checking prerequisites...\"\nfor i in phpize make install fakeroot php-config dpkg-deb dpkg-architecture; do\n\tif [ \"`which $i`\" == \"\" ]; then\n\t\techo \"[E] please install '$i' and try again.\"\n\t\t_exit\n\tfi\ndone\n\n##\n\nHERE=`(cd $(dirname $0); pwd)`\nSUHOSIN=$HERE/..\nROOT=$HERE/tmp\nPKGDIR=$HERE\nPHP_EX=`php-config --extension-dir`\neval `dpkg-architecture -l`\nVERSION=${SUHOSIN_VERSION:-$1}\n\nif [ \"$VERSION\" == \"\" ]; then\n\techo \"[E] please set SUHOSIN_VERSION, e.g. $0 0.9.36-1~dev1\"\n\t_exit\nfi\n\necho \"[*] -----------------------------------------------------------\"\necho \"[+] suhosin dir: $SUHOSIN\"\necho \"[+] tmp dir: $ROOT\"\necho \"[+] PHP extension dir: $PHP_EX\"\necho \"[+] architecture: $DEB_HOST_ARCH\"\necho \"[+] suhosin deb version: $VERSION\"\necho \"[+] pkg output dir: $PKGDIR\"\nyn_or_exit\n\nif [ ! -f \"$SUHOSIN/modules/suhosin.so\" ]; then\n\techo \"[+] Cannot find suhosin.so. I will try to build it.\"\n\tyn_or_exit\n\t\n\teval `dpkg-buildflags --export=sh`\n\t\n\tif [ ! -f \"$SUHOSIN/configure\" ]; then\n\t\techo \"[*] phpize\"\n\t\tcd $SUHOSIN\n\t\tphpize || _exit\n\tfi\n\t\n\tif [ ! -f \"$SUHOSIN/Makefile\" ]; then\n\t\techo \"[*] configure\"\n\t\tcd $SUHOSIN\n\t\t./configure --enable-suhosin-experimental\n\tfi\n\t\n\techo \"[*] make\"\n\tmake clean\n\tmake -C $SUHOSIN || _exit\nfi\n\n##\n\necho \"[*] deb\"\n\nif [ -d \"$ROOT\" ]; then\n\techo \"[+] tmp dir $ROOT already exists. Delete?\"\n\tyn_or_exit\n\trm -rf $ROOT\nfi\n\n##\n\nmkdir -p $ROOT/DEBIAN\n#echo \"9\" >$ROOT/DEBIAN/compat\ncat >$ROOT/DEBIAN/control <\nHomepage: http://www.suhosin.org/\nConflicts: php5-suhosin\nDepends: php5-common\nDescription: advanced protection system for PHP5\n This package provides a PHP hardening module.\n .\n Suhosin is an advanced protection system for PHP installations. It was\n designed to protect servers and users from known and unknown flaws in PHP\n applications and the PHP core. Suhosin comes in two independent parts, that\n can be used separately or in combination. The first part is a small patch\n against the PHP core, that implements a few low-level protections against\n bufferoverflows or format string vulnerabilities and the second part is a\n powerful PHP extension that implements all the other protections.\n .\n This Package provides the suhosin extension only.\nEOF\n\necho \"Architecture: $DEB_HOST_ARCH\" >>$ROOT/DEBIAN/control\necho \"Version: $VERSION\" >>$ROOT/DEBIAN/control\n\necho \"/etc/php5/mods-available/suhosin.ini\" >$ROOT/DEBIAN/conffiles\n\ninstall -d -g 0 -o 0 $ROOT$PHP_EX\ninstall -g 0 -o 0 -m 644 $SUHOSIN/modules/suhosin.so $ROOT$PHP_EX\ninstall -d -g 0 -o 0 $ROOT/usr/share/doc/php5-suhosin-extension\ninstall -g 0 -o 0 -m 644 $SUHOSIN/suhosin.ini $ROOT/usr/share/doc/php5-suhosin-extension/suhosin.ini.example\ninstall -d -g 0 -o 0 $ROOT/etc/php5/mods-available\n( echo '; priority=70' ; sed -e 's/^;extension=/extension=/' $SUHOSIN/suhosin.ini ) >$ROOT/etc/php5/mods-available/suhosin.ini\nchown root:root $ROOT/etc/php5/mods-available/suhosin.ini\n\nfakeroot dpkg-deb -b $ROOT $PKGDIR\n\necho \"[*] done.\"\n"
},
{
"path": "pledge.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: David Carlier |\n +----------------------------------------------------------------------+\n*/\n\n#if defined(__OpenBSD__) && defined(SUHOSIN_EXPERIMENTAL)\n\n#include \n#include \n#include \"php.h\"\n#include \"ext/standard/info.h\"\n#include \"ext/standard/php_string.h\"\n#include \"ext/standard/php_smart_str.h\"\n\n#include \"pledge.h\"\n\nconst char *promises_defined[] = {\n \"rpath\",\n \"wpath\",\n \"cpath\",\n \"tmppath\",\n \"inet\",\n \"flock\",\n \"unix\",\n \"dns\",\n \"sendfd\",\n \"recvfd\",\n \"proc\",\n \"exec\",\n NULL\n};\n\n/* {{{ proto string pledge(string str [, bool raw_output])\n Wrapper around pledge call. Hence subsequent calls are\n allowed only to diminish the permissions. */\nstatic PHP_FUNCTION(suhosin_pledge)\n{\n zval *promises, **current;\n HashTable *hashp;\n HashPosition hashpos;\n const char *pm;\n int ret;\n smart_str promisesbuf = { 0 };\n\n if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, \"a\", &promises) == FAILURE) {\n return;\n }\n\n /* PHP needs at least few functions from this promise */\n smart_str_appends(&promisesbuf, \"stdio\");\n hashp = Z_ARRVAL_P(promises);\n for (zend_hash_internal_pointer_reset_ex(hashp, &hashpos);\n zend_hash_get_current_data_ex(hashp, (void **)¤t, &hashpos) == SUCCESS;\n zend_hash_move_forward_ex(hashp, &hashpos)) {\n if (Z_TYPE_PP(current) != IS_STRING)\n continue;\n pm = NULL;\n const char **ptr = promises_defined;\n char *pp = Z_STRVAL_PP(current);\n char *p = php_trim(pp, strlen(pp), \" \", 1, NULL, 3);\n while (*ptr) {\n if (strcmp(*ptr, p) == 0) {\n pm = *ptr;\n break;\n }\n ptr ++;\n }\n if (pm == NULL) {\n if (strcmp(p, \"stdio\") != 0)\n php_error_docref(NULL TSRMLS_CC, E_WARNING, \"pledge: %s invalid or forbidden promise\", p);\n efree(p);\n continue;\n }\n efree(p);\n smart_str_appends(&promisesbuf, \" \");\n smart_str_appends(&promisesbuf, pm);\n }\n\n smart_str_0(&promisesbuf);\n ret = pledge(promisesbuf.c, NULL);\n smart_str_free(&promisesbuf);\n\n if (ret == -1)\n php_error_docref(NULL TSRMLS_CC, E_ERROR, \"pledge failed: %s\", strerror(errno));\n\n RETVAL_LONG(ret);\n}\n\n/* }}} */\n\n/* {{{ suhosin_pledge_functions[]\n */\nstatic zend_function_entry suhosin_pledge_functions[] = {\n\tPHP_NAMED_FE(pledge, PHP_FN(suhosin_pledge), NULL)\n\t{NULL, NULL, NULL}\n};\n/* }}} */\n\nvoid suhosin_hook_pledge(TSRMLS_D)\n{\n zend_register_functions(NULL, suhosin_pledge_functions, NULL, MODULE_PERSISTENT TSRMLS_CC);\n}\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: sw=4 ts=4 fdm=marker\n * vim<600: sw=4 ts=4\n */\n#endif\n"
},
{
"path": "pledge.h",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: David Carlier |\n +----------------------------------------------------------------------+\n*/\n\n/* $Id: pledge.h $ */\n\n#ifndef PLEDGE_H\n#define PLEDGE_H\n\n#include \"ext/standard/basic_functions.h\"\n#ifdef __OpenBSD__\n\n#endif\n#endif\n"
},
{
"path": "post_handler.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n/*\n $Id: post_handler.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ \n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"php_suhosin.h\"\n#include \"SAPI.h\"\n#include \"php_variables.h\"\n#include \"php_content_types.h\"\n#include \"suhosin_rfc1867.h\"\n#include \"ext/standard/url.h\"\n#include \"ext/standard/php_smart_str.h\"\n\n#if defined(PHP_WIN32) && PHP_VERSION_ID >= 50600\n#include \"win32/php_inttypes.h\"\n#endif\n\nSAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler);\n\n\n#if PHP_VERSION_ID < 50600\nSAPI_POST_HANDLER_FUNC(suhosin_std_post_handler)\n{\n\tchar *var, *val, *e, *s, *p;\n\tzval *array_ptr = (zval *) arg;\n\tlong count = 0;\n\n\tif (SG(request_info).post_data == NULL) {\n\t\treturn;\n\t}\t\n\n\ts = SG(request_info).post_data;\n\te = s + SG(request_info).post_data_length;\n\n\twhile (s < e && (p = memchr(s, '&', (e - s)))) {\nlast_value:\n\t\tif ((val = memchr(s, '=', (p - s)))) { /* have a value */\n\t\t\tunsigned int val_len, new_val_len;\n\n\t\t\tif (++count > PG(max_input_vars)) {\n\t\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.\", PG(max_input_vars));\n\t\t\t\treturn;\n\t\t\t}\n\t\t\tvar = s;\n\n\t\t\tphp_url_decode(var, (val - s));\n\t\t\tval++;\n\t\t\tval_len = php_url_decode(val, (p - val));\n\t\t\tval = estrndup(val, val_len);\n\t\t\tif (suhosin_input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {\n\t\t\t\tif (sapi_module.input_filter(PARSE_POST, var, &val, new_val_len, &new_val_len TSRMLS_CC)) {\n\t\t\t\t\tphp_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\tSUHOSIN_G(abort_request)=1;\n\t\t\t}\n\t\t\tefree(val);\n\t\t}\n\t\ts = p + 1;\n\t}\n\tif (s < e) {\n\t\tp = e;\n\t\tgoto last_value;\n\t}\n}\n#else\ntypedef struct post_var_data {\n\tsmart_str str;\n\tchar *ptr;\n\tchar *end;\n\tuint64_t cnt;\n} post_var_data_t;\n\nstatic zend_bool add_post_var(zval *arr, post_var_data_t *var, zend_bool eof TSRMLS_DC)\n{\n\tchar *ksep, *vsep, *val;\n\tsize_t klen, vlen;\n\t/* FIXME: string-size_t */\n\tunsigned int new_vlen;\n\n\tif (var->ptr >= var->end) {\n\t\treturn 0;\n\t}\n\n\tvsep = memchr(var->ptr, '&', var->end - var->ptr);\n\tif (!vsep) {\n\t\tif (!eof) {\n\t\t\treturn 0;\n\t\t} else {\n\t\t\tvsep = var->end;\n\t\t}\n\t}\n\n\tksep = memchr(var->ptr, '=', vsep - var->ptr);\n\tif (ksep) {\n\t\t*ksep = '\\0';\n\t\t/* \"foo=bar&\" or \"foo=&\" */\n\t\tklen = ksep - var->ptr;\n\t\tvlen = vsep - ++ksep;\n\t} else {\n\t\tksep = \"\";\n\t\t/* \"foo&\" */\n\t\tklen = vsep - var->ptr;\n\t\tvlen = 0;\n\t}\n\n\t/* do not forget that value needs to be allocated for the filters */\n\tval = estrndup(ksep, vlen);\n\t\n\tphp_url_decode(var->ptr, klen);\n\tif (vlen) {\n\t\tvlen = php_url_decode(val, vlen);\n\t}\n\n\tif (suhosin_input_filter(PARSE_POST, var->ptr, &val, vlen, &new_vlen TSRMLS_CC)) {\n\t\tif (sapi_module.input_filter(PARSE_POST, var->ptr, &val, new_vlen, &new_vlen TSRMLS_CC)) {\n\t\t\tphp_register_variable_safe(var->ptr, val, new_vlen, arr TSRMLS_CC);\n\t\t}\n\t} else {\n\t\tSUHOSIN_G(abort_request)=1;\n\t}\n\tefree(val);\n\n\tvar->ptr = vsep + (vsep != var->end);\n\treturn 1;\n}\n\nstatic inline int add_post_vars(zval *arr, post_var_data_t *vars, zend_bool eof TSRMLS_DC)\n{\n\tuint64_t max_vars = PG(max_input_vars);\n\n\tvars->ptr = vars->str.c;\n\tvars->end = vars->str.c + vars->str.len;\n\twhile (add_post_var(arr, vars, eof TSRMLS_CC)) {\n\t\tif (++vars->cnt > max_vars) {\n\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING,\n\t\t\t\t\t\"Input variables exceeded %\" PRIu64 \". \"\n\t\t\t\t\t\"To increase the limit change max_input_vars in php.ini.\",\n\t\t\t\t\tmax_vars);\n\t\t\treturn FAILURE;\n\t\t}\n\t}\n\n\tif (!eof) {\n\t\tmemmove(vars->str.c, vars->ptr, vars->str.len = vars->end - vars->ptr);\n\t}\n\treturn SUCCESS;\n}\n\nSAPI_POST_HANDLER_FUNC(suhosin_std_post_handler)\n{\n\tzval *arr = (zval *) arg;\n\tphp_stream *s = SG(request_info).request_body;\n\tpost_var_data_t post_data;\n\n\tif (s && SUCCESS == php_stream_rewind(s)) {\n\t\tmemset(&post_data, 0, sizeof(post_data));\n\n\t\twhile (!php_stream_eof(s)) {\n\t\t\tchar buf[BUFSIZ] = {0};\n\t\t\tsize_t len = php_stream_read(s, buf, BUFSIZ);\n\n\t\t\tif (len && len != (size_t) -1) {\n\t\t\t\tsmart_str_appendl(&post_data.str, buf, len);\n\n\t\t\t\tif (SUCCESS != add_post_vars(arr, &post_data, 0 TSRMLS_CC)) {\n\t\t\t\t\tif (post_data.str.c) {\n\t\t\t\t\t\tefree(post_data.str.c);\n\t\t\t\t\t}\n\t\t\t\t\treturn;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (len != BUFSIZ){\n\t\t\t\tbreak;\n\t\t\t}\n\t\t}\n\n\t\tadd_post_vars(arr, &post_data, 1 TSRMLS_CC);\n\t\tif (post_data.str.c) {\n\t\t\tefree(post_data.str.c);\n\t\t}\n\t}\n}\n#endif\n\nstatic void suhosin_post_handler_modification(sapi_post_entry *spe)\n{\n\tchar *content_type = estrndup(spe->content_type, spe->content_type_len);\n\tsuhosin_log(S_VARS, \"some extension replaces the POST handler for %s - Suhosin's protection might be incomplete\", content_type);\n\tefree(content_type);\n}\n\nstatic int (*old_OnUpdate_mbstring_encoding_translation)(zend_ini_entry *entry, char *new_value, uint new_value_length, void *mh_arg1, void *mh_arg2, void *mh_arg3, int stage TSRMLS_DC) = NULL;\n\n/* {{{ static PHP_INI_MH(suhosin_OnUpdate_mbstring_encoding_translation) */\nstatic PHP_INI_MH(suhosin_OnUpdate_mbstring_encoding_translation)\n{\n\tzend_bool *p;\n#ifndef ZTS\n\tchar *base = (char *) mh_arg2;\n#else\n\tchar *base;\n\n\tbase = (char *) ts_resource(*((int *) mh_arg2));\n#endif\n\n\tp = (zend_bool *) (base+(size_t) mh_arg1);\n\n\tif (new_value_length == 2 && strcasecmp(\"on\", new_value) == 0) {\n\t\t\t*p = (zend_bool) 1;\n\t}\n\telse if (new_value_length == 3 && strcasecmp(\"yes\", new_value) == 0) {\n\t\t*p = (zend_bool) 1;\n\t}\n\telse if (new_value_length == 4 && strcasecmp(\"true\", new_value) == 0) {\n\t\t*p = (zend_bool) 1;\n\t}\n\telse {\n\t\t*p = (zend_bool) atoi(new_value);\n\t}\n\tif (*p) {\n\t\tsuhosin_log(S_VARS, \"Dynamic configuration (maybe a .htaccess file) tried to activate mbstring.encoding_translation which is incompatible with suhosin\");\n\t}\n\treturn SUCCESS;\n}\n/* }}} */\n\n/* {{{ php_post_entries[]\n */\nstatic sapi_post_entry suhosin_post_entries[] = {\n\t{ DEFAULT_POST_CONTENT_TYPE, sizeof(DEFAULT_POST_CONTENT_TYPE)-1, sapi_read_standard_form_data,\tsuhosin_std_post_handler },\n\t{ MULTIPART_CONTENT_TYPE, sizeof(MULTIPART_CONTENT_TYPE)-1, NULL, suhosin_rfc1867_post_handler },\n\t{ NULL, 0, NULL, NULL }\n};\n/* }}} */\n\nvoid suhosin_hook_post_handlers(TSRMLS_D)\n{\n\tHashTable tempht;\n\tzend_ini_entry *ini_entry;\n\t\n\tsapi_unregister_post_entry(&suhosin_post_entries[0] TSRMLS_CC);\n\tsapi_unregister_post_entry(&suhosin_post_entries[1] TSRMLS_CC);\n\tsapi_register_post_entries(suhosin_post_entries TSRMLS_CC);\n\n\t/* we want to get notified if another extension deregisters the suhosin post handlers */\n\n\t/* we need to tell suhosin patch that there is a new valid destructor */\n\t/* therefore we have create HashTable that has this destructor */\n\tzend_hash_init(&tempht, 0, NULL, (dtor_func_t)suhosin_post_handler_modification, 0);\n\tzend_hash_destroy(&tempht);\n\t/* And now we can overwrite the destructor for post entries */\n\tSG(known_post_content_types).pDestructor = (dtor_func_t)suhosin_post_handler_modification;\n\t\n\t/* we have to stop mbstring from replacing our post handler */\n\tif (zend_hash_find(EG(ini_directives), \"mbstring.encoding_translation\", sizeof(\"mbstring.encoding_translation\"), (void **) &ini_entry) == FAILURE) {\n\t\treturn;\n\t}\n\t/* replace OnUpdate_mbstring_encoding_translation handler */\n\told_OnUpdate_mbstring_encoding_translation = ini_entry->on_modify;\n\tini_entry->on_modify = suhosin_OnUpdate_mbstring_encoding_translation;\n}\n\nvoid suhosin_unhook_post_handlers(TSRMLS_D)\n{\n\tzend_ini_entry *ini_entry;\n\n\t/* Restore to an empty destructor */\n\tSG(known_post_content_types).pDestructor = NULL;\n\n\t/* Now restore the ini entry handler */\n\tif (zend_hash_find(EG(ini_directives), \"mbstring.encoding_translation\", sizeof(\"mbstring.encoding_translation\"), (void **) &ini_entry) == FAILURE) {\n\t\treturn;\n\t}\n\t/* replace OnUpdate_mbstring_encoding_translation handler */\n\tini_entry->on_modify = old_OnUpdate_mbstring_encoding_translation;\n\told_OnUpdate_mbstring_encoding_translation = NULL;\n}\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n\n\n"
},
{
"path": "rfc1867_new.c",
"content": "/*\n +----------------------------------------------------------------------+\n | PHP Version 5 |\n +----------------------------------------------------------------------+\n | Copyright (c) 1997-2016 The PHP Group |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Authors: Rasmus Lerdorf |\n | Jani Taskinen |\n +----------------------------------------------------------------------+\n */\n\n/* $Id$ */\n\n/*\n * This product includes software developed by the Apache Group\n * for use in the Apache HTTP server project (http://www.apache.org/).\n *\n */\n\n#include \n#include \"php.h\"\n#include \"php_open_temporary_file.h\"\n#include \"zend_globals.h\"\n#include \"php_globals.h\"\n#include \"php_variables.h\"\n#include \"php_suhosin.h\"\n#include \"suhosin_rfc1867.h\"\n#include \"ext/standard/php_string.h\"\n#include \"ext/standard/php_smart_str.h\"\n\n#if defined(PHP_WIN32) && !defined(HAVE_ATOLL)\n# define atoll(s) _atoi64(s)\n# define HAVE_ATOLL 1\n#endif\n\n#define DEBUG_FILE_UPLOAD ZEND_DEBUG\n\nstatic int dummy_encoding_translation(TSRMLS_D)\n{\n\treturn 0;\n}\n\nstatic char *php_ap_getword(const zend_encoding *encoding, char **line, char stop TSRMLS_DC);\nstatic char *php_ap_getword_conf(const zend_encoding *encoding, char *str TSRMLS_DC);\n\nstatic php_rfc1867_encoding_translation_t php_rfc1867_encoding_translation = dummy_encoding_translation;\nstatic php_rfc1867_get_detect_order_t php_rfc1867_get_detect_order = NULL;\nstatic php_rfc1867_set_input_encoding_t php_rfc1867_set_input_encoding = NULL;\nstatic php_rfc1867_getword_t php_rfc1867_getword = php_ap_getword;\nstatic php_rfc1867_getword_conf_t php_rfc1867_getword_conf = php_ap_getword_conf;\nstatic php_rfc1867_basename_t php_rfc1867_basename = NULL;\n\nstatic void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC);\n\n/* The longest property name we use in an uploaded file array */\n#define MAX_SIZE_OF_INDEX sizeof(\"[tmp_name]\")\n\n/* The longest anonymous name */\n#define MAX_SIZE_ANONNAME 33\n\n/* Errors */\n#define UPLOAD_ERROR_OK 0 /* File upload successful */\n#define UPLOAD_ERROR_A 1 /* Uploaded file exceeded upload_max_filesize */\n#define UPLOAD_ERROR_B 2 /* Uploaded file exceeded MAX_FILE_SIZE */\n#define UPLOAD_ERROR_C 3 /* Partially uploaded */\n#define UPLOAD_ERROR_D 4 /* No file uploaded */\n#define UPLOAD_ERROR_E 6 /* Missing /tmp or similar directory */\n#define UPLOAD_ERROR_F 7 /* Failed to write file to disk */\n#define UPLOAD_ERROR_X 8 /* File upload stopped by extension */\n\nstatic void normalize_protected_variable(char *varname TSRMLS_DC) /* {{{ */\n{\n\tchar *s = varname, *index = NULL, *indexend = NULL, *p;\n\n\t/* overjump leading space */\n\twhile (*s == ' ') {\n\t\ts++;\n\t}\n\n\t/* and remove it */\n\tif (s != varname) {\n\t\tmemmove(varname, s, strlen(s)+1);\n\t}\n\n\tfor (p = varname; *p && *p != '['; p++) {\n\t\tswitch(*p) {\n\t\t\tcase ' ':\n\t\t\tcase '.':\n\t\t\t\t*p = '_';\n\t\t\t\tbreak;\n\t\t}\n\t}\n\n\t/* find index */\n\tindex = strchr(varname, '[');\n\tif (index) {\n\t\tindex++;\n\t\ts = index;\n\t} else {\n\t\treturn;\n\t}\n\n\t/* done? */\n\twhile (index) {\n\t\twhile (*index == ' ' || *index == '\\r' || *index == '\\n' || *index=='\\t') {\n\t\t\tindex++;\n\t\t}\n\t\tindexend = strchr(index, ']');\n\t\tindexend = indexend ? indexend + 1 : index + strlen(index);\n\n\t\tif (s != index) {\n\t\t\tmemmove(s, index, strlen(index)+1);\n\t\t\ts += indexend-index;\n\t\t} else {\n\t\t\ts = indexend;\n\t\t}\n\n\t\tif (*s == '[') {\n\t\t\ts++;\n\t\t\tindex = s;\n\t\t} else {\n\t\t\tindex = NULL;\n\t\t}\n\t}\n\t*s = '\\0';\n}\n/* }}} */\n\nstatic void add_protected_variable(char *varname TSRMLS_DC) /* {{{ */\n{\n\tint dummy = 1;\n\n\tnormalize_protected_variable(varname TSRMLS_CC);\n\tzend_hash_add(&PG(rfc1867_protected_variables), varname, strlen(varname)+1, &dummy, sizeof(int), NULL);\n}\n/* }}} */\n\nstatic zend_bool is_protected_variable(char *varname TSRMLS_DC) /* {{{ */\n{\n\tnormalize_protected_variable(varname TSRMLS_CC);\n\treturn zend_hash_exists(&PG(rfc1867_protected_variables), varname, strlen(varname)+1);\n}\n/* }}} */\n\nstatic void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */\n{\n\tif (override_protection || !is_protected_variable(var TSRMLS_CC)) {\n\t\tphp_register_variable_safe(var, strval, val_len, track_vars_array TSRMLS_CC);\n\t}\n}\n/* }}} */\n\nstatic void safe_php_register_variable_ex(char *var, zval *val, zval *track_vars_array, zend_bool override_protection TSRMLS_DC) /* {{{ */\n{\n\tif (override_protection || !is_protected_variable(var TSRMLS_CC)) {\n\t\tphp_register_variable_ex(var, val, track_vars_array TSRMLS_CC);\n\t}\n}\n/* }}} */\n\nstatic void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */\n{\n\tsafe_php_register_variable(strvar, val, strlen(val), http_post_files, override_protection TSRMLS_CC);\n}\n/* }}} */\n\nstatic void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) /* {{{ */\n{\n\tsafe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC);\n}\n/* }}} */\n\nstatic int unlink_filename(char **filename TSRMLS_DC) /* {{{ */\n{\n\tVCWD_UNLINK(*filename);\n\treturn 0;\n}\n/* }}} */\n\n// void destroy_uploaded_files_hash(TSRMLS_D) /* {{{ */\n// {\n// \tzend_hash_apply(SG(rfc1867_uploaded_files), (apply_func_t) unlink_filename TSRMLS_CC);\n// \tzend_hash_destroy(SG(rfc1867_uploaded_files));\n// \tFREE_HASHTABLE(SG(rfc1867_uploaded_files));\n// }\n/* }}} */\n\n/* {{{ Following code is based on apache_multipart_buffer.c from libapreq-0.33 package. */\n\n#define FILLUNIT (1024 * 5)\n\ntypedef struct {\n\n\t/* read buffer */\n\tchar *buffer;\n\tchar *buf_begin;\n\tint bufsize;\n\tint bytes_in_buffer;\n\n\t/* boundary info */\n\tchar *boundary;\n\tchar *boundary_next;\n\tint boundary_next_len;\n\n\tconst zend_encoding *input_encoding;\n\tconst zend_encoding **detect_order;\n\tsize_t detect_order_size;\n} multipart_buffer;\n\ntypedef struct {\n\tchar *key;\n\tchar *value;\n} mime_header_entry;\n\n/*\n * Fill up the buffer with client data.\n * Returns number of bytes added to buffer.\n */\nstatic int fill_buffer(multipart_buffer *self TSRMLS_DC)\n{\n\tint bytes_to_read, total_read = 0, actual_read = 0;\n\n\t/* shift the existing data if necessary */\n\tif (self->bytes_in_buffer > 0 && self->buf_begin != self->buffer) {\n\t\tmemmove(self->buffer, self->buf_begin, self->bytes_in_buffer);\n\t}\n\n\tself->buf_begin = self->buffer;\n\n\t/* calculate the free space in the buffer */\n\tbytes_to_read = self->bufsize - self->bytes_in_buffer;\n\n\t/* read the required number of bytes */\n\twhile (bytes_to_read > 0) {\n\n\t\tchar *buf = self->buffer + self->bytes_in_buffer;\n\n\t\tactual_read = sapi_module.read_post(buf, bytes_to_read TSRMLS_CC);\n\n\t\t/* update the buffer length */\n\t\tif (actual_read > 0) {\n\t\t\tself->bytes_in_buffer += actual_read;\n\t\t\tSG(read_post_bytes) += actual_read;\n\t\t\ttotal_read += actual_read;\n\t\t\tbytes_to_read -= actual_read;\n\t\t} else {\n\t\t\tbreak;\n\t\t}\n\t}\n\n\treturn total_read;\n}\n\n/* eof if we are out of bytes, or if we hit the final boundary */\nstatic int multipart_buffer_eof(multipart_buffer *self TSRMLS_DC)\n{\n\tif ( (self->bytes_in_buffer == 0 && fill_buffer(self TSRMLS_CC) < 1) ) {\n\t\treturn 1;\n\t} else {\n\t\treturn 0;\n\t}\n}\n\n/* create new multipart_buffer structure */\nstatic multipart_buffer *multipart_buffer_new(char *boundary, int boundary_len TSRMLS_DC)\n{\n\tmultipart_buffer *self = (multipart_buffer *) ecalloc(1, sizeof(multipart_buffer));\n\n\tint minsize = boundary_len + 6;\n\tif (minsize < FILLUNIT) minsize = FILLUNIT;\n\n\tself->buffer = (char *) ecalloc(1, minsize + 1);\n\tself->bufsize = minsize;\n\n\tspprintf(&self->boundary, 0, \"--%s\", boundary);\n\n\tself->boundary_next_len = spprintf(&self->boundary_next, 0, \"\\n--%s\", boundary);\n\n\tself->buf_begin = self->buffer;\n\tself->bytes_in_buffer = 0;\n\n\tif (php_rfc1867_encoding_translation(TSRMLS_C)) {\n\t\tphp_rfc1867_get_detect_order(&self->detect_order, &self->detect_order_size TSRMLS_CC);\n\t} else {\n\t\tself->detect_order = NULL;\n\t\tself->detect_order_size = 0;\n\t}\n\n\tself->input_encoding = NULL;\n\n\treturn self;\n}\n\n/*\n * Gets the next CRLF terminated line from the input buffer.\n * If it doesn't find a CRLF, and the buffer isn't completely full, returns\n * NULL; otherwise, returns the beginning of the null-terminated line,\n * minus the CRLF.\n *\n * Note that we really just look for LF terminated lines. This works\n * around a bug in internet explorer for the macintosh which sends mime\n * boundaries that are only LF terminated when you use an image submit\n * button in a multipart/form-data form.\n */\nstatic char *next_line(multipart_buffer *self)\n{\n\t/* look for LF in the data */\n\tchar* line = self->buf_begin;\n\tchar* ptr = memchr(self->buf_begin, '\\n', self->bytes_in_buffer);\n\n\tif (ptr) {\t/* LF found */\n\n\t\t/* terminate the string, remove CRLF */\n\t\tif ((ptr - line) > 0 && *(ptr-1) == '\\r') {\n\t\t\t*(ptr-1) = 0;\n\t\t} else {\n\t\t\t*ptr = 0;\n\t\t}\n\n\t\t/* bump the pointer */\n\t\tself->buf_begin = ptr + 1;\n\t\tself->bytes_in_buffer -= (self->buf_begin - line);\n\n\t} else {\t/* no LF found */\n\n\t\t/* buffer isn't completely full, fail */\n\t\tif (self->bytes_in_buffer < self->bufsize) {\n\t\t\treturn NULL;\n\t\t}\n\t\t/* return entire buffer as a partial line */\n\t\tline[self->bufsize] = 0;\n\t\tself->buf_begin = ptr;\n\t\tself->bytes_in_buffer = 0;\n\t}\n\n\treturn line;\n}\n\n/* Returns the next CRLF terminated line from the client */\nstatic char *get_line(multipart_buffer *self TSRMLS_DC)\n{\n\tchar* ptr = next_line(self);\n\n\tif (!ptr) {\n\t\tfill_buffer(self TSRMLS_CC);\n\t\tptr = next_line(self);\n\t}\n\n\treturn ptr;\n}\n\n/* Free header entry */\nstatic void php_free_hdr_entry(mime_header_entry *h)\n{\n\tif (h->key) {\n\t\tefree(h->key);\n\t}\n\tif (h->value) {\n\t\tefree(h->value);\n\t}\n}\n\n/* finds a boundary */\nstatic int find_boundary(multipart_buffer *self, char *boundary TSRMLS_DC)\n{\n\tchar *line;\n\n\t/* loop thru lines */\n\twhile( (line = get_line(self TSRMLS_CC)) )\n\t{\n\t\t/* finished if we found the boundary */\n\t\tif (!strcmp(line, boundary)) {\n\t\t\treturn 1;\n\t\t}\n\t}\n\n\t/* didn't find the boundary */\n\treturn 0;\n}\n\n/* parse headers */\nstatic int multipart_buffer_headers(multipart_buffer *self, zend_llist *header TSRMLS_DC)\n{\n\tchar *line;\n\tmime_header_entry entry = {0};\n\tsmart_str buf_value = {0};\n\tchar *key = NULL;\n\n\t// mime_header_entry prev_entry = {0};\n\t// int prev_len, cur_len;\n\tint newlines = 0;\n\n\t/* didn't find boundary, abort */\n\tif (!find_boundary(self, self->boundary TSRMLS_CC)) {\n\t\treturn 0;\n\t}\n\n\t/* get lines of text, or CRLF_CRLF */\n\n\twhile( (line = get_line(self TSRMLS_CC)) && line[0] != '\\0' )\n\t{\n\t\t/* add header to table */\n\t\tchar *value = NULL;\n\n\t\tif (php_rfc1867_encoding_translation(TSRMLS_C)) {\n\t\t\tself->input_encoding = zend_multibyte_encoding_detector((unsigned char *)line, strlen(line), self->detect_order, self->detect_order_size TSRMLS_CC);\n\t\t}\n\n\t\t/* space in the beginning means same header */\n\t\tif (!isspace(line[0])) {\n\t\t\tvalue = strchr(line, ':');\n\t\t}\n\n\t\tif (value) {\n\t\t\tif(buf_value.c && key) {\n\t\t\t\t/* new entry, add the old one to the list */\n\t\t\t\tsmart_str_0(&buf_value);\n\t\t\t\tentry.key = key;\n\t\t\t\tentry.value = buf_value.c;\n\t\t\t\tzend_llist_add_element(header, &entry);\n\t\t\t\tbuf_value.c = NULL;\n\t\t\t\tkey = NULL;\n\t\t\t}\n\n\t\t\t*value = '\\0';\n\t\t\tdo { value++; } while(isspace(*value));\n\n\t\t\tkey = estrdup(line);\n\t\t\tsmart_str_appends(&buf_value, value);\n\n\t\t\tnewlines = 0;\n\n\t\t} else if (buf_value.c) { /* If no ':' on the line, add to previous line */\n\t\t\tnewlines++;\n\t\t\tif (newlines > SUHOSIN_G(upload_max_newlines)) {\n\t\t\t\tSUHOSIN_G(abort_request) = 1;\n\t\t\t\tsuhosin_log(S_FILES, \"configured maximum number of newlines in RFC1867 MIME headers limit exceeded - dropping rest of upload\");\n\t\t\t\tsmart_str_free(&buf_value);\n\t\t\t\treturn 0;\n\t\t\t}\n\t\t\tsmart_str_appends(&buf_value, line);\n\n\t\t} else {\n\t\t\tcontinue;\n\t\t}\n\t}\n\tif(buf_value.c && key) {\n\t\t/* add the last one to the list */\n\t\tsmart_str_0(&buf_value);\n\t\tentry.key = key;\n\t\tentry.value = buf_value.c;\n\t\tzend_llist_add_element(header, &entry);\n\t}\n\n\treturn 1;\n}\n\nstatic char *php_mime_get_hdr_value(zend_llist header, char *key)\n{\n\tmime_header_entry *entry;\n\n\tif (key == NULL) {\n\t\treturn NULL;\n\t}\n\n\tentry = zend_llist_get_first(&header);\n\twhile (entry) {\n\t\tif (!strcasecmp(entry->key, key)) {\n\t\t\treturn entry->value;\n\t\t}\n\t\tentry = zend_llist_get_next(&header);\n\t}\n\n\treturn NULL;\n}\n\nstatic char *php_ap_getword(const zend_encoding *encoding, char **line, char stop TSRMLS_DC)\n{\n\tchar *pos = *line, quote;\n\tchar *res;\n\n\twhile (*pos && *pos != stop) {\n\t\tif ((quote = *pos) == '\"' || quote == '\\'') {\n\t\t\t++pos;\n\t\t\twhile (*pos && *pos != quote) {\n\t\t\t\tif (*pos == '\\\\' && pos[1] && pos[1] == quote) {\n\t\t\t\t\tpos += 2;\n\t\t\t\t} else {\n\t\t\t\t\t++pos;\n\t\t\t\t}\n\t\t\t}\n\t\t\tif (*pos) {\n\t\t\t\t++pos;\n\t\t\t}\n\t\t} else ++pos;\n\t}\n\tif (*pos == '\\0') {\n\t\tres = estrdup(*line);\n\t\t*line += strlen(*line);\n\t\treturn res;\n\t}\n\n\tres = estrndup(*line, pos - *line);\n\n\twhile (*pos == stop) {\n\t\t++pos;\n\t}\n\n\t*line = pos;\n\treturn res;\n}\n\nstatic char *substring_conf(char *start, int len, char quote)\n{\n\tchar *result = emalloc(len + 1);\n\tchar *resp = result;\n\tint i;\n\n\tfor (i = 0; i < len && start[i] != quote; ++i) {\n\t\tif (start[i] == '\\\\' && (start[i + 1] == '\\\\' || (quote && start[i + 1] == quote))) {\n\t\t\t*resp++ = start[++i];\n\t\t} else {\n\t\t\t*resp++ = start[i];\n\t\t}\n\t}\n\n\t*resp = '\\0';\n\treturn result;\n}\n\nstatic char *php_ap_getword_conf(const zend_encoding *encoding, char *str TSRMLS_DC)\n{\n\twhile (*str && isspace(*str)) {\n\t\t++str;\n\t}\n\n\tif (!*str) {\n\t\treturn estrdup(\"\");\n\t}\n\n\tif (*str == '\"' || *str == '\\'') {\n\t\tchar quote = *str;\n\n\t\tstr++;\n\t\treturn substring_conf(str, strlen(str), quote);\n\t} else {\n\t\tchar *strend = str;\n\n\t\twhile (*strend && !isspace(*strend)) {\n\t\t\t++strend;\n\t\t}\n\t\treturn substring_conf(str, strend - str, 0);\n\t}\n}\n\nstatic char *php_ap_basename(const zend_encoding *encoding, char *path TSRMLS_DC)\n{\n\tchar *s = strrchr(path, '\\\\');\n\tchar *s2 = strrchr(path, '/');\n\n\tif (s && s2) {\n\t\tif (s > s2) {\n\t\t\t++s;\n\t\t} else {\n\t\t\ts = ++s2;\n\t\t}\n\t\treturn s;\n\t} else if (s) {\n\t\treturn ++s;\n\t} else if (s2) {\n\t\treturn ++s2;\n\t}\n\treturn path;\n}\n\n/*\n * Search for a string in a fixed-length byte string.\n * If partial is true, partial matches are allowed at the end of the buffer.\n * Returns NULL if not found, or a pointer to the start of the first match.\n */\nstatic void *php_ap_memstr(char *haystack, int haystacklen, char *needle, int needlen, int partial)\n{\n\tint len = haystacklen;\n\tchar *ptr = haystack;\n\n\t/* iterate through first character matches */\n\twhile( (ptr = memchr(ptr, needle[0], len)) ) {\n\n\t\t/* calculate length after match */\n\t\tlen = haystacklen - (ptr - (char *)haystack);\n\n\t\t/* done if matches up to capacity of buffer */\n\t\tif (memcmp(needle, ptr, needlen < len ? needlen : len) == 0 && (partial || len >= needlen)) {\n\t\t\tbreak;\n\t\t}\n\n\t\t/* next character */\n\t\tptr++; len--;\n\t}\n\n\treturn ptr;\n}\n\n/* read until a boundary condition */\nstatic int multipart_buffer_read(multipart_buffer *self, char *buf, int bytes, int *end TSRMLS_DC)\n{\n\tint len, max;\n\tchar *bound;\n\n\t/* fill buffer if needed */\n\tif (bytes > self->bytes_in_buffer) {\n\t\tfill_buffer(self TSRMLS_CC);\n\t}\n\n\t/* look for a potential boundary match, only read data up to that point */\n\tif ((bound = php_ap_memstr(self->buf_begin, self->bytes_in_buffer, self->boundary_next, self->boundary_next_len, 1))) {\n\t\tmax = bound - self->buf_begin;\n\t\tif (end && php_ap_memstr(self->buf_begin, self->bytes_in_buffer, self->boundary_next, self->boundary_next_len, 0)) {\n\t\t\t*end = 1;\n\t\t}\n\t} else {\n\t\tmax = self->bytes_in_buffer;\n\t}\n\n\t/* maximum number of bytes we are reading */\n\tlen = max < bytes-1 ? max : bytes-1;\n\n\t/* if we read any data... */\n\tif (len > 0) {\n\n\t\t/* copy the data */\n\t\tmemcpy(buf, self->buf_begin, len);\n\t\tbuf[len] = 0;\n\n\t\tif (bound && len > 0 && buf[len-1] == '\\r') {\n\t\t\tbuf[--len] = 0;\n\t\t}\n\n\t\t/* update the buffer */\n\t\tself->bytes_in_buffer -= len;\n\t\tself->buf_begin += len;\n\t}\n\n\treturn len;\n}\n\n/*\n XXX: this is horrible memory-usage-wise, but we only expect\n to do this on small pieces of form data.\n*/\nstatic char *multipart_buffer_read_body(multipart_buffer *self, unsigned int *len TSRMLS_DC)\n{\n\tchar buf[FILLUNIT], *out=NULL;\n\tint total_bytes=0, read_bytes=0;\n\n\twhile((read_bytes = multipart_buffer_read(self, buf, sizeof(buf), NULL TSRMLS_CC))) {\n\t\tout = erealloc(out, total_bytes + read_bytes + 1);\n\t\tmemcpy(out + total_bytes, buf, read_bytes);\n\t\ttotal_bytes += read_bytes;\n\t}\n\n\tif (out) {\n\t\tout[total_bytes] = '\\0';\n\t}\n\t*len = total_bytes;\n\n\treturn out;\n}\n/* }}} */\n\n/*\n * The combined READER/HANDLER\n *\n */\n\nSAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler) /* {{{ */\n{\n\tchar *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL;\n\tchar *temp_filename = NULL, *lbuf = NULL, *abuf = NULL;\n\tint boundary_len = 0, cancel_upload = 0, is_arr_upload = 0, array_len = 0;\n\tint64_t total_bytes = 0, max_file_size = 0;\n\tint skip_upload = 0, anonindex = 0, is_anonymous;\n\tzval *http_post_files = NULL;\n\tHashTable *uploaded_files = NULL;\n\tmultipart_buffer *mbuff;\n\tzval *array_ptr = (zval *) arg;\n\tint fd = -1;\n\tzend_llist header;\n\tvoid *event_extra_data = NULL;\n\tunsigned int llen = 0;\n\tint upload_cnt = INI_INT(\"max_file_uploads\");\n\tconst zend_encoding *internal_encoding = zend_multibyte_get_internal_encoding(TSRMLS_C);\n\tphp_rfc1867_getword_t getword;\n\tphp_rfc1867_getword_conf_t getword_conf;\n\tphp_rfc1867_basename_t _basename;\n\tlong count = 0;\n\n\tif (php_rfc1867_encoding_translation(TSRMLS_C) && internal_encoding) {\n\t\tgetword = php_rfc1867_getword;\n\t\tgetword_conf = php_rfc1867_getword_conf;\n\t\t_basename = php_rfc1867_basename;\n\t} else {\n\t\tgetword = php_ap_getword;\n\t\tgetword_conf = php_ap_getword_conf;\n\t\t_basename = php_ap_basename;\n\t}\n\n\tif (SG(post_max_size) > 0 && SG(request_info).content_length > SG(post_max_size)) {\n\t\tsapi_module.sapi_error(E_WARNING, \"POST Content-Length of %ld bytes exceeds the limit of %ld bytes\", SG(request_info).content_length, SG(post_max_size));\n\t\treturn;\n\t}\n\n\t/* Get the boundary */\n\tboundary = strstr(content_type_dup, \"boundary\");\n\tif (!boundary) {\n\t\tint content_type_len = strlen(content_type_dup);\n\t\tchar *content_type_lcase = estrndup(content_type_dup, content_type_len);\n\n\t\tphp_strtolower(content_type_lcase, content_type_len);\n\t\tboundary = strstr(content_type_lcase, \"boundary\");\n\t\tif (boundary) {\n\t\t\tboundary = content_type_dup + (boundary - content_type_lcase);\n\t\t}\n\t\tefree(content_type_lcase);\n\t}\n\n\tif (!boundary || !(boundary = strchr(boundary, '='))) {\n\t\tsapi_module.sapi_error(E_WARNING, \"Missing boundary in multipart/form-data POST data\");\n\t\treturn;\n\t}\n\n\tboundary++;\n\tboundary_len = strlen(boundary);\n\n\tif (boundary[0] == '\"') {\n\t\tboundary++;\n\t\tboundary_end = strchr(boundary, '\"');\n\t\tif (!boundary_end) {\n\t\t\tsapi_module.sapi_error(E_WARNING, \"Invalid boundary in multipart/form-data POST data\");\n\t\t\treturn;\n\t\t}\n\t} else {\n\t\t/* search for the end of the boundary */\n\t\tboundary_end = strpbrk(boundary, \",;\");\n\t}\n\tif (boundary_end) {\n\t\tboundary_end[0] = '\\0';\n\t\tboundary_len = boundary_end-boundary;\n\t}\n\n\t/* Initialize the buffer */\n\tif (!(mbuff = multipart_buffer_new(boundary, boundary_len TSRMLS_CC))) {\n\t\tsapi_module.sapi_error(E_WARNING, \"Unable to initialize the input buffer\");\n\t\treturn;\n\t}\n\n\t/* Initialize $_FILES[] */\n\tzend_hash_init(&PG(rfc1867_protected_variables), 5, NULL, NULL, 0);\n\n\tALLOC_HASHTABLE(uploaded_files);\n\tzend_hash_init(uploaded_files, 5, NULL, (dtor_func_t) free_estring, 0);\n\tSG(rfc1867_uploaded_files) = uploaded_files;\n\n\tALLOC_ZVAL(http_post_files);\n\tarray_init(http_post_files);\n\tINIT_PZVAL(http_post_files);\n\tPG(http_globals)[TRACK_VARS_FILES] = http_post_files;\n\n\tzend_llist_init(&header, sizeof(mime_header_entry), (llist_dtor_func_t) php_free_hdr_entry, 0);\n\n\tif (&suhosin_rfc1867_filter != NULL) {\n\t\tmultipart_event_start event_start;\n\n\t\tevent_start.content_length = SG(request_info).content_length;\n\t\tif (suhosin_rfc1867_filter(MULTIPART_EVENT_START, &event_start, &event_extra_data TSRMLS_CC) == FAILURE) {\n\t\t\tgoto fileupload_done;\n\t\t}\n\t}\n\n\twhile (!multipart_buffer_eof(mbuff TSRMLS_CC))\n\t{\n\t\tchar buff[FILLUNIT];\n\t\tchar *cd = NULL, *param = NULL, *filename = NULL, *tmp = NULL;\n\t\tsize_t blen = 0, wlen = 0;\n\t\toff_t offset;\n\n\t\tzend_llist_clean(&header);\n\n\t\tif (!multipart_buffer_headers(mbuff, &header TSRMLS_CC)) {\n\t\t\tgoto fileupload_done;\n\t\t}\n\n\t\tif ((cd = php_mime_get_hdr_value(header, \"Content-Disposition\"))) {\n\t\t\tchar *pair = NULL;\n\t\t\tint end = 0;\n\n\t\t\twhile (isspace(*cd)) {\n\t\t\t\t++cd;\n\t\t\t}\n\n\t\t\twhile (*cd && (pair = getword(mbuff->input_encoding, &cd, ';' TSRMLS_CC)))\n\t\t\t{\n\t\t\t\tchar *key = NULL, *word = pair;\n\n\t\t\t\twhile (isspace(*cd)) {\n\t\t\t\t\t++cd;\n\t\t\t\t}\n\n\t\t\t\tif (strchr(pair, '=')) {\n\t\t\t\t\tkey = getword(mbuff->input_encoding, &pair, '=' TSRMLS_CC);\n\n\t\t\t\t\tif (!strcasecmp(key, \"name\")) {\n\t\t\t\t\t\tif (param) {\n\t\t\t\t\t\t\tefree(param);\n\t\t\t\t\t\t}\n\t\t\t\t\t\tparam = getword_conf(mbuff->input_encoding, pair TSRMLS_CC);\n\t\t\t\t\t\tif (mbuff->input_encoding && internal_encoding) {\n\t\t\t\t\t\t\tunsigned char *new_param;\n\t\t\t\t\t\t\tsize_t new_param_len;\n\t\t\t\t\t\t\tif ((size_t)-1 != zend_multibyte_encoding_converter(&new_param, &new_param_len, (unsigned char *)param, strlen(param), internal_encoding, mbuff->input_encoding TSRMLS_CC)) {\n\t\t\t\t\t\t\t\tefree(param);\n\t\t\t\t\t\t\t\tparam = (char *)new_param;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t} else if (!strcasecmp(key, \"filename\")) {\n\t\t\t\t\t\tif (filename) {\n\t\t\t\t\t\t\tefree(filename);\n\t\t\t\t\t\t}\n\t\t\t\t\t\tfilename = getword_conf(mbuff->input_encoding, pair TSRMLS_CC);\n\t\t\t\t\t\tif (mbuff->input_encoding && internal_encoding) {\n\t\t\t\t\t\t\tunsigned char *new_filename;\n\t\t\t\t\t\t\tsize_t new_filename_len;\n\t\t\t\t\t\t\tif ((size_t)-1 != zend_multibyte_encoding_converter(&new_filename, &new_filename_len, (unsigned char *)filename, strlen(filename), internal_encoding, mbuff->input_encoding TSRMLS_CC)) {\n\t\t\t\t\t\t\t\tefree(filename);\n\t\t\t\t\t\t\t\tfilename = (char *)new_filename;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (key) {\n\t\t\t\t\tefree(key);\n\t\t\t\t}\n\t\t\t\tefree(word);\n\t\t\t}\n\n\t\t\t/* Normal form variable, safe to read all data into memory */\n\t\t\tif (!filename && param) {\n\t\t\t\tunsigned int value_len;\n\t\t\t\tchar *value = multipart_buffer_read_body(mbuff, &value_len TSRMLS_CC);\n\t\t\t\tunsigned int new_val_len; /* Dummy variable */\n\n\t\t\t\tif (!value) {\n\t\t\t\t\tvalue = estrdup(\"\");\n\t\t\t\t\tvalue_len = 0;\n\t\t\t\t}\n\n\t\t\t\tif (mbuff->input_encoding && internal_encoding) {\n\t\t\t\t\tunsigned char *new_value;\n\t\t\t\t\tsize_t new_value_len;\n\t\t\t\t\tif ((size_t)-1 != zend_multibyte_encoding_converter(&new_value, &new_value_len, (unsigned char *)value, value_len, internal_encoding, mbuff->input_encoding TSRMLS_CC)) {\n\t\t\t\t\t\tefree(value);\n\t\t\t\t\t\tvalue = (char *)new_value;\n\t\t\t\t\t\tvalue_len = new_value_len;\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (suhosin_input_filter(PARSE_POST, param, &value, value_len, &new_val_len TSRMLS_CC) == 0) {\n\t\t\t\t\tSUHOSIN_G(abort_request)=1;\n\t\t\t\t\tefree(param);\n\t\t\t\t\tefree(value);\n\t\t\t\t\tcontinue;\n\t\t\t\t}\n\n\t\t\t\tif (++count <= PG(max_input_vars) && sapi_module.input_filter(PARSE_POST, param, &value, new_val_len, &new_val_len TSRMLS_CC)) {\n\t\t\t\t\tif (&suhosin_rfc1867_filter != NULL) {\n\t\t\t\t\t\tmultipart_event_formdata event_formdata;\n\t\t\t\t\t\tsize_t newlength = new_val_len;\n\n\t\t\t\t\t\tevent_formdata.post_bytes_processed = SG(read_post_bytes);\n\t\t\t\t\t\tevent_formdata.name = param;\n\t\t\t\t\t\tevent_formdata.value = &value;\n\t\t\t\t\t\tevent_formdata.length = new_val_len;\n\t\t\t\t\t\tevent_formdata.newlength = &newlength;\n\t\t\t\t\t\tif (suhosin_rfc1867_filter(MULTIPART_EVENT_FORMDATA, &event_formdata, &event_extra_data TSRMLS_CC) == FAILURE) {\n\t\t\t\t\t\t\tefree(param);\n\t\t\t\t\t\t\tefree(value);\n\t\t\t\t\t\t\tcontinue;\n\t\t\t\t\t\t}\n\t\t\t\t\t\tnew_val_len = newlength;\n\t\t\t\t\t}\n\t\t\t\t\tsafe_php_register_variable(param, value, new_val_len, array_ptr, 0 TSRMLS_CC);\n\t\t\t\t} else {\n\t\t\t\t\tif (count == PG(max_input_vars) + 1) {\n\t\t\t\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.\", PG(max_input_vars));\n\t\t\t\t\t}\n\n\t\t\t\t\tif (&suhosin_rfc1867_filter != NULL) {\n\t\t\t\t\t\tmultipart_event_formdata event_formdata;\n\n\t\t\t\t\t\tevent_formdata.post_bytes_processed = SG(read_post_bytes);\n\t\t\t\t\t\tevent_formdata.name = param;\n\t\t\t\t\t\tevent_formdata.value = &value;\n\t\t\t\t\t\tevent_formdata.length = value_len;\n\t\t\t\t\t\tevent_formdata.newlength = NULL;\n\t\t\t\t\t\tsuhosin_rfc1867_filter(MULTIPART_EVENT_FORMDATA, &event_formdata, &event_extra_data TSRMLS_CC);\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (!strcasecmp(param, \"MAX_FILE_SIZE\")) {\n#ifdef HAVE_ATOLL\n\t\t\t\t\tmax_file_size = atoll(value);\n#else\n\t\t\t\t\tmax_file_size = strtoll(value, NULL, 10);\n#endif\n\t\t\t\t}\n\n\t\t\t\tefree(param);\n\t\t\t\tefree(value);\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\t/* If file_uploads=off, skip the file part */\n\t\t\tif (!PG(file_uploads)) {\n\t\t\t\tskip_upload = 1;\n\t\t\t} else if (upload_cnt <= 0) {\n\t\t\t\tskip_upload = 1;\n\t\t\t\tsapi_module.sapi_error(E_WARNING, \"Maximum number of allowable file uploads has been exceeded\");\n\t\t\t}\n\n\t\t\t/* Return with an error if the posted data is garbled */\n\t\t\tif (!param && !filename) {\n\t\t\t\tsapi_module.sapi_error(E_WARNING, \"File Upload Mime headers garbled\");\n\t\t\t\tgoto fileupload_done;\n\t\t\t}\n\n\t\t\tif (!param) {\n\t\t\t\tis_anonymous = 1;\n\t\t\t\tparam = emalloc(MAX_SIZE_ANONNAME);\n\t\t\t\tsnprintf(param, MAX_SIZE_ANONNAME, \"%u\", anonindex++);\n\t\t\t} else {\n\t\t\t\tis_anonymous = 0;\n\t\t\t}\n\n\t\t\t/* New Rule: never repair potential malicious user input */\n\t\t\tif (!skip_upload) {\n\t\t\t\tlong c = 0;\n\t\t\t\ttmp = param;\n\n\t\t\t\twhile (*tmp) {\n\t\t\t\t\tif (*tmp == '[') {\n\t\t\t\t\t\tc++;\n\t\t\t\t\t} else if (*tmp == ']') {\n\t\t\t\t\t\tc--;\n\t\t\t\t\t\tif (tmp[1] && tmp[1] != '[') {\n\t\t\t\t\t\t\tskip_upload = 1;\n\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (c < 0) {\n\t\t\t\t\t\tskip_upload = 1;\n\t\t\t\t\t\tbreak;\n\t\t\t\t\t}\n\t\t\t\t\ttmp++;\n\t\t\t\t}\n\t\t\t\t/* Brackets should always be closed */\n\t\t\t\tif(c != 0) {\n\t\t\t\t\tskip_upload = 1;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\ttotal_bytes = cancel_upload = 0;\n\t\t\ttemp_filename = NULL;\n\t\t\tfd = -1;\n\n\t\t\tif (!skip_upload && (&suhosin_rfc1867_filter != NULL)) {\n\t\t\t\tmultipart_event_file_start event_file_start;\n\n\t\t\t\tevent_file_start.post_bytes_processed = SG(read_post_bytes);\n\t\t\t\tevent_file_start.name = param;\n\t\t\t\tevent_file_start.filename = &filename;\n\t\t\t\tif (suhosin_rfc1867_filter(MULTIPART_EVENT_FILE_START, &event_file_start, &event_extra_data TSRMLS_CC) == FAILURE) {\n\t\t\t\t\ttemp_filename = \"\";\n\t\t\t\t\tefree(param);\n\t\t\t\t\tefree(filename);\n\t\t\t\t\tcontinue;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (skip_upload) {\n\t\t\t\tefree(param);\n\t\t\t\tefree(filename);\n\t\t\t\tcontinue;\n\t\t\t}\n\n\t\t\tif (filename[0] == '\\0') {\n#if DEBUG_FILE_UPLOAD\n\t\t\t\tsapi_module.sapi_error(E_NOTICE, \"No file uploaded\");\n#endif\n\t\t\t\tcancel_upload = UPLOAD_ERROR_D;\n\t\t\t}\n\n\t\t\toffset = 0;\n\t\t\tend = 0;\n\n\t\t\tif (!cancel_upload) {\n\t\t\t\t/* only bother to open temp file if we have data */\n\t\t\t\tblen = multipart_buffer_read(mbuff, buff, sizeof(buff), &end TSRMLS_CC);\n#if DEBUG_FILE_UPLOAD\n\t\t\t\tif (blen > 0) {\n#else\n\t\t\t\t/* in non-debug mode we have no problem with 0-length files */\n\t\t\t\t{\n#endif\n\t\t\t\t\tfd = php_open_temporary_fd_ex(PG(upload_tmp_dir), \"php\", &temp_filename, 1 TSRMLS_CC);\n\t\t\t\t\tupload_cnt--;\n\t\t\t\t\tif (fd == -1) {\n\t\t\t\t\t\tsapi_module.sapi_error(E_WARNING, \"File upload error - unable to create a temporary file\");\n\t\t\t\t\t\tcancel_upload = UPLOAD_ERROR_E;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\twhile (!cancel_upload && (blen > 0))\n\t\t\t{\n\t\t\t\tif (&suhosin_rfc1867_filter != NULL) {\n\t\t\t\t\tmultipart_event_file_data event_file_data;\n\n\t\t\t\t\tevent_file_data.post_bytes_processed = SG(read_post_bytes);\n\t\t\t\t\tevent_file_data.offset = offset;\n\t\t\t\t\tevent_file_data.data = buff;\n\t\t\t\t\tevent_file_data.length = blen;\n\t\t\t\t\tevent_file_data.newlength = &blen;\n\t\t\t\t\tif (suhosin_rfc1867_filter(MULTIPART_EVENT_FILE_DATA, &event_file_data, &event_extra_data TSRMLS_CC) == FAILURE) {\n\t\t\t\t\t\tcancel_upload = UPLOAD_ERROR_X;\n\t\t\t\t\t\tcontinue;\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (PG(upload_max_filesize) > 0 && (long)(total_bytes+blen) > PG(upload_max_filesize)) {\n#if DEBUG_FILE_UPLOAD\n\t\t\t\t\tsapi_module.sapi_error(E_NOTICE, \"upload_max_filesize of %ld bytes exceeded - file [%s=%s] not saved\", PG(upload_max_filesize), param, filename);\n#endif\n\t\t\t\t\tcancel_upload = UPLOAD_ERROR_A;\n\t\t\t\t} else if (max_file_size && ((long)(total_bytes+blen) > max_file_size)) {\n#if DEBUG_FILE_UPLOAD\n\t\t\t\t\tsapi_module.sapi_error(E_NOTICE, \"MAX_FILE_SIZE of %ld bytes exceeded - file [%s=%s] not saved\", max_file_size, param, filename);\n#endif\n\t\t\t\t\tcancel_upload = UPLOAD_ERROR_B;\n\t\t\t\t} else if (blen > 0) {\n\t\t\t\t\twlen = write(fd, buff, blen);\n\n\t\t\t\t\tif (wlen == -1) {\n\t\t\t\t\t\t/* write failed */\n#if DEBUG_FILE_UPLOAD\n\t\t\t\t\t\tsapi_module.sapi_error(E_NOTICE, \"write() failed - %s\", strerror(errno));\n#endif\n\t\t\t\t\t\tcancel_upload = UPLOAD_ERROR_F;\n\t\t\t\t\t} else if (wlen < blen) {\n#if DEBUG_FILE_UPLOAD\n\t\t\t\t\t\tsapi_module.sapi_error(E_NOTICE, \"Only %d bytes were written, expected to write %d\", wlen, blen);\n#endif\n\t\t\t\t\t\tcancel_upload = UPLOAD_ERROR_F;\n\t\t\t\t\t} else {\n\t\t\t\t\t\ttotal_bytes += wlen;\n\t\t\t\t\t}\n\t\t\t\t\toffset += wlen;\n\t\t\t\t}\n\n\t\t\t\t/* read data for next iteration */\n\t\t\t\tblen = multipart_buffer_read(mbuff, buff, sizeof(buff), &end TSRMLS_CC);\n\t\t\t}\n\n\t\t\tif (fd != -1) { /* may not be initialized if file could not be created */\n\t\t\t\tclose(fd);\n\t\t\t}\n\n\t\t\tif (!cancel_upload && !end) {\n#if DEBUG_FILE_UPLOAD\n\t\t\t\tsapi_module.sapi_error(E_NOTICE, \"Missing mime boundary at the end of the data for file %s\", filename[0] != '\\0' ? filename : \"\");\n#endif\n\t\t\t\tcancel_upload = UPLOAD_ERROR_C;\n\t\t\t}\n#if DEBUG_FILE_UPLOAD\n\t\t\tif (filename[0] != '\\0' && total_bytes == 0 && !cancel_upload) {\n\t\t\t\tsapi_module.sapi_error(E_WARNING, \"Uploaded file size 0 - file [%s=%s] not saved\", param, filename);\n\t\t\t\tcancel_upload = 5;\n\t\t\t}\n#endif\n\t\t\tif (&suhosin_rfc1867_filter != NULL) {\n\t\t\t\tmultipart_event_file_end event_file_end;\n\n\t\t\t\tevent_file_end.post_bytes_processed = SG(read_post_bytes);\n\t\t\t\tevent_file_end.temp_filename = temp_filename;\n\t\t\t\tevent_file_end.cancel_upload = cancel_upload;\n\t\t\t\tif (suhosin_rfc1867_filter(MULTIPART_EVENT_FILE_END, &event_file_end, &event_extra_data TSRMLS_CC) == FAILURE) {\n\t\t\t\t\tcancel_upload = UPLOAD_ERROR_X;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (cancel_upload) {\n\t\t\t\tif (temp_filename) {\n\t\t\t\t\tif (cancel_upload != UPLOAD_ERROR_E) { /* file creation failed */\n\t\t\t\t\t\tunlink(temp_filename);\n\t\t\t\t\t}\n\t\t\t\t\tefree(temp_filename);\n\t\t\t\t}\n\t\t\t\ttemp_filename = \"\";\n\t\t\t} else {\n\t\t\t\tzend_hash_add(SG(rfc1867_uploaded_files), temp_filename, strlen(temp_filename) + 1, &temp_filename, sizeof(char *), NULL);\n\t\t\t}\n\n\t\t\t/* is_arr_upload is true when name of file upload field\n\t\t\t * ends in [.*]\n\t\t\t * start_arr is set to point to 1st [ */\n\t\t\tis_arr_upload =\t(start_arr = strchr(param,'[')) && (param[strlen(param)-1] == ']');\n\n\t\t\tif (is_arr_upload) {\n\t\t\t\tarray_len = strlen(start_arr);\n\t\t\t\tif (array_index) {\n\t\t\t\t\tefree(array_index);\n\t\t\t\t}\n\t\t\t\tarray_index = estrndup(start_arr + 1, array_len - 2);\n\t\t\t}\n\n\t\t\t/* Add $foo_name */\n\t\t\tif (llen < strlen(param) + MAX_SIZE_OF_INDEX + 1) {\n\t\t\t\tllen = strlen(param);\n\t\t\t\tlbuf = (char *) safe_erealloc(lbuf, llen, 1, MAX_SIZE_OF_INDEX + 1);\n\t\t\t\tllen += MAX_SIZE_OF_INDEX + 1;\n\t\t\t}\n\n\t\t\tif (is_arr_upload) {\n\t\t\t\tif (abuf) efree(abuf);\n\t\t\t\tabuf = estrndup(param, strlen(param)-array_len);\n\t\t\t\tsnprintf(lbuf, llen, \"%s_name[%s]\", abuf, array_index);\n\t\t\t} else {\n\t\t\t\tsnprintf(lbuf, llen, \"%s_name\", param);\n\t\t\t}\n\n\t\t\t/* The \\ check should technically be needed for win32 systems only where\n\t\t\t * it is a valid path separator. However, IE in all it's wisdom always sends\n\t\t\t * the full path of the file on the user's filesystem, which means that unless\n\t\t\t * the user does basename() they get a bogus file name. Until IE's user base drops\n\t\t\t * to nill or problem is fixed this code must remain enabled for all systems. */\n\t\t\ts = _basename(internal_encoding, filename TSRMLS_CC);\n\t\t\tif (!s) {\n\t\t\t\ts = filename;\n\t\t\t}\n\n\t\t\tif (!is_anonymous) {\n\t\t\t\tsafe_php_register_variable(lbuf, s, strlen(s), NULL, 0 TSRMLS_CC);\n\t\t\t}\n\n\t\t\t/* Add $foo[name] */\n\t\t\tif (is_arr_upload) {\n\t\t\t\tsnprintf(lbuf, llen, \"%s[name][%s]\", abuf, array_index);\n\t\t\t} else {\n\t\t\t\tsnprintf(lbuf, llen, \"%s[name]\", param);\n\t\t\t}\n\t\t\tregister_http_post_files_variable(lbuf, s, http_post_files, 0 TSRMLS_CC);\n\t\t\tefree(filename);\n\t\t\ts = NULL;\n\n\t\t\t/* Possible Content-Type: */\n\t\t\tif (cancel_upload || !(cd = php_mime_get_hdr_value(header, \"Content-Type\"))) {\n\t\t\t\tcd = \"\";\n\t\t\t} else {\n\t\t\t\t/* fix for Opera 6.01 */\n\t\t\t\ts = strchr(cd, ';');\n\t\t\t\tif (s != NULL) {\n\t\t\t\t\t*s = '\\0';\n\t\t\t\t}\n\t\t\t}\n\n\t\t\t/* Add $foo_type */\n\t\t\tif (is_arr_upload) {\n\t\t\t\tsnprintf(lbuf, llen, \"%s_type[%s]\", abuf, array_index);\n\t\t\t} else {\n\t\t\t\tsnprintf(lbuf, llen, \"%s_type\", param);\n\t\t\t}\n\t\t\tif (!is_anonymous) {\n\t\t\t\tsafe_php_register_variable(lbuf, cd, strlen(cd), NULL, 0 TSRMLS_CC);\n\t\t\t}\n\n\t\t\t/* Add $foo[type] */\n\t\t\tif (is_arr_upload) {\n\t\t\t\tsnprintf(lbuf, llen, \"%s[type][%s]\", abuf, array_index);\n\t\t\t} else {\n\t\t\t\tsnprintf(lbuf, llen, \"%s[type]\", param);\n\t\t\t}\n\t\t\tregister_http_post_files_variable(lbuf, cd, http_post_files, 0 TSRMLS_CC);\n\n\t\t\t/* Restore Content-Type Header */\n\t\t\tif (s != NULL) {\n\t\t\t\t*s = ';';\n\t\t\t}\n\t\t\ts = \"\";\n\n\t\t\t{\n\t\t\t\t/* store temp_filename as-is (in case upload_tmp_dir\n\t\t\t\t * contains escapeable characters. escape only the variable name.) */\n\t\t\t\tzval zfilename;\n\n\t\t\t\t/* Initialize variables */\n\t\t\t\tadd_protected_variable(param TSRMLS_CC);\n\n\t\t\t\t/* if param is of form xxx[.*] this will cut it to xxx */\n\t\t\t\tif (!is_anonymous) {\n\t\t\t\t\tZVAL_STRING(&zfilename, temp_filename, 1);\n\t\t\t\t\tsafe_php_register_variable_ex(param, &zfilename, NULL, 1 TSRMLS_CC);\n\t\t\t\t}\n\n\t\t\t\t/* Add $foo[tmp_name] */\n\t\t\t\tif (is_arr_upload) {\n\t\t\t\t\tsnprintf(lbuf, llen, \"%s[tmp_name][%s]\", abuf, array_index);\n\t\t\t\t} else {\n\t\t\t\t\tsnprintf(lbuf, llen, \"%s[tmp_name]\", param);\n\t\t\t\t}\n\t\t\t\tadd_protected_variable(lbuf TSRMLS_CC);\n\t\t\t\tZVAL_STRING(&zfilename, temp_filename, 1);\n\t\t\t\tregister_http_post_files_variable_ex(lbuf, &zfilename, http_post_files, 1 TSRMLS_CC);\n\t\t\t}\n\n\t\t\t{\n\t\t\t\tzval file_size, error_type;\n\t\t\t\tint size_overflow = 0;\n\t\t\t\tchar file_size_buf[65];\n\n\t\t\t\tZVAL_LONG(&error_type, cancel_upload);\n\n\t\t\t\t/* Add $foo[error] */\n\t\t\t\tif (cancel_upload) {\n\t\t\t\t\tZVAL_LONG(&file_size, 0);\n\t\t\t\t} else {\n\t\t\t\t\tif (total_bytes > LONG_MAX) {\n#ifdef PHP_WIN32\n\t\t\t\t\t\tif (_i64toa_s(total_bytes, file_size_buf, 65, 10)) {\n\t\t\t\t\t\t\tfile_size_buf[0] = '0';\n\t\t\t\t\t\t\tfile_size_buf[1] = '\\0';\n\t\t\t\t\t\t}\n#else\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tint __len = snprintf(file_size_buf, 65, \"%lld\", total_bytes);\n\t\t\t\t\t\t\tfile_size_buf[__len] = '\\0';\n\t\t\t\t\t\t}\n#endif\n\t\t\t\t\t\tsize_overflow = 1;\n\n\t\t\t\t\t} else {\n\t\t\t\t\t\tZVAL_LONG(&file_size, total_bytes);\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (is_arr_upload) {\n\t\t\t\t\tsnprintf(lbuf, llen, \"%s[error][%s]\", abuf, array_index);\n\t\t\t\t} else {\n\t\t\t\t\tsnprintf(lbuf, llen, \"%s[error]\", param);\n\t\t\t\t}\n\t\t\t\tregister_http_post_files_variable_ex(lbuf, &error_type, http_post_files, 0 TSRMLS_CC);\n\n\t\t\t\t/* Add $foo_size */\n\t\t\t\tif (is_arr_upload) {\n\t\t\t\t\tsnprintf(lbuf, llen, \"%s_size[%s]\", abuf, array_index);\n\t\t\t\t} else {\n\t\t\t\t\tsnprintf(lbuf, llen, \"%s_size\", param);\n\t\t\t\t}\n\t\t\t\tif (!is_anonymous) {\n\t\t\t\t\tif (size_overflow) {\n\t\t\t\t\t\tZVAL_STRING(&file_size, file_size_buf, 1);\n\t\t\t\t\t}\n\t\t\t\t\tsafe_php_register_variable_ex(lbuf, &file_size, NULL, size_overflow TSRMLS_CC);\n\t\t\t\t}\n\n\t\t\t\t/* Add $foo[size] */\n\t\t\t\tif (is_arr_upload) {\n\t\t\t\t\tsnprintf(lbuf, llen, \"%s[size][%s]\", abuf, array_index);\n\t\t\t\t} else {\n\t\t\t\t\tsnprintf(lbuf, llen, \"%s[size]\", param);\n\t\t\t\t}\n\t\t\t\tif (size_overflow) {\n\t\t\t\t\tZVAL_STRING(&file_size, file_size_buf, 1);\n\t\t\t\t}\n\t\t\t\tregister_http_post_files_variable_ex(lbuf, &file_size, http_post_files, size_overflow TSRMLS_CC);\n\t\t\t}\n\t\t\tefree(param);\n\t\t}\n\t}\n\nfileupload_done:\n\tif (&suhosin_rfc1867_filter != NULL) {\n\t\tmultipart_event_end event_end;\n\n\t\tevent_end.post_bytes_processed = SG(read_post_bytes);\n\t\tsuhosin_rfc1867_filter(MULTIPART_EVENT_END, &event_end, &event_extra_data TSRMLS_CC);\n\t}\n\n\tif (lbuf) efree(lbuf);\n\tif (abuf) efree(abuf);\n\tif (array_index) efree(array_index);\n\tzend_hash_destroy(&PG(rfc1867_protected_variables));\n\tzend_llist_destroy(&header);\n\tif (mbuff->boundary_next) efree(mbuff->boundary_next);\n\tif (mbuff->boundary) efree(mbuff->boundary);\n\tif (mbuff->buffer) efree(mbuff->buffer);\n\tif (mbuff) efree(mbuff);\n}\n/* }}} */\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: sw=4 ts=4 fdm=marker\n * vim<600: sw=4 ts=4\n */\n"
},
{
"path": "session.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Authors: Stefan Esser |\n | Ben Fuhrmannek |\n +----------------------------------------------------------------------+\n*/\n/*\n $Id: session.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $\n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"TSRM.h\"\n#include \"SAPI.h\"\n#include \"php_ini.h\"\n#include \"php_suhosin.h\"\n#include \"ext/standard/php_smart_str.h\"\n#include \"ext/standard/php_var.h\"\n\n#include \n\n#if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH)\n# include \"ext/hash/php_hash.h\"\n#endif\n\n#ifdef HAVE_PHP_SESSION\n#include \"ext/session/php_session.h\"\n\n#ifdef ZTS\nstatic ts_rsrc_id session_globals_id = 0;\n#define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals *, v)\n#else\nstatic php_ps_globals *session_globals = NULL;\n#define SESSION_G(v) (session_globals->v)\n#endif\n\nps_serializer *(*suhosin_find_ps_serializer)(char *name TSRMLS_DC) = NULL;\n\n#define PS_DELIMITER '|'\n#define PS_UNDEF_MARKER '!'\n\nint suhosin_session_encode(char **newstr, int *newlen TSRMLS_DC)\n{\n\tsmart_str buf = {0};\n\tphp_serialize_data_t var_hash;\n\tPS_ENCODE_VARS;\n\n\tPHP_VAR_SERIALIZE_INIT(var_hash);\n\n\tPS_ENCODE_LOOP(\n\t\t\tsmart_str_appendl(&buf, key, key_length);\n\t\t\tif (key[0] == PS_UNDEF_MARKER || memchr(key, PS_DELIMITER, key_length)) {\n\t\t\t\tPHP_VAR_SERIALIZE_DESTROY(var_hash);\n\t\t\t\tsmart_str_free(&buf);\n\t\t\t\treturn FAILURE;\n\t\t\t}\n\t\t\tsmart_str_appendc(&buf, PS_DELIMITER);\n\n\t\t\tphp_var_serialize(&buf, struc, &var_hash TSRMLS_CC);\n\t\t} else {\n\t\t\tsmart_str_appendc(&buf, PS_UNDEF_MARKER);\n\t\t\tsmart_str_appendl(&buf, key, key_length);\n\t\t\tsmart_str_appendc(&buf, PS_DELIMITER);\n\t);\n\n\tif (newlen) {\n\t\t*newlen = buf.len;\n\t}\n\tsmart_str_0(&buf);\n\t*newstr = buf.c;\n\n\tPHP_VAR_SERIALIZE_DESTROY(var_hash);\n\treturn SUCCESS;\n}\n\nstatic void suhosin_send_cookie(TSRMLS_D)\n{\n\tint * session_send_cookie = &SESSION_G(send_cookie);\n\tchar * base;\n\tzend_ini_entry *ini_entry;\n\n\t/* The following is requires to be 100% compatible to PHP\n\t versions where the hash extension is not available by default */\n\tif (zend_hash_find(EG(ini_directives), \"session.hash_bits_per_character\", sizeof(\"session.hash_bits_per_character\"), (void **) &ini_entry) == SUCCESS) {\n#ifndef ZTS\n\t\tbase = (char *) ini_entry->mh_arg2;\n#else\n\t\tbase = (char *) ts_resource(*((int *) ini_entry->mh_arg2));\n#endif\n\t\tsession_send_cookie = (int *) (base+(size_t) ini_entry->mh_arg1+sizeof(long));\n\t}\n\t*session_send_cookie = 1;\n}\n\n\n\nstatic int (*old_OnUpdateSaveHandler)(zend_ini_entry *entry, char *new_value, uint new_value_length, void *mh_arg1, void *mh_arg2, void *mh_arg3, int stage TSRMLS_DC) = NULL;\nstatic int (*old_SessionRINIT)(INIT_FUNC_ARGS) = NULL;\n\nstatic int suhosin_hook_s_read(void **mod_data, const char *key, char **val, int *vallen TSRMLS_DC)\n{\n\tint r;\n\n\tint i;char *v,*KEY=(char *)key;\n\n\t/* protect session vars */\n/* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) {\n\t\tSESSION_G(http_session_vars)->refcount++;\n\t}*/\n\n\t/* protect dumb session handlers */\n\tif (key == NULL || !key[0] ||\n\t\t(*mod_data == NULL\n\t\t&& !SESSION_G(mod_user_implemented)\n\t\t)) {\nregenerate:\n\t\tSDEBUG(\"regenerating key is %s\", key);\n\t\tKEY = SESSION_G(id) = SESSION_G(mod)->s_create_sid(&SESSION_G(mod_data), NULL TSRMLS_CC);\n\t\tsuhosin_send_cookie(TSRMLS_C);\n\t} else if (strlen(key) > SUHOSIN_G(session_max_id_length)) {\n\t\tsuhosin_log(S_SESSION, \"session id ('%s') exceeds maximum length - regenerating\", KEY);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tgoto regenerate;\n\t\t}\n\t}\n\n\tr = SUHOSIN_G(old_s_read)(mod_data, KEY, val, vallen TSRMLS_CC);\n\n\tif (r == SUCCESS && SUHOSIN_G(session_encrypt) && *vallen > 0) {\n\t\tchar cryptkey[33];\n\n\t\tSUHOSIN_G(do_not_scan) = 1;\n\t\tsuhosin_generate_key(SUHOSIN_G(session_cryptkey), SUHOSIN_G(session_cryptua), SUHOSIN_G(session_cryptdocroot), SUHOSIN_G(session_cryptraddr), (char *)&cryptkey TSRMLS_CC);\n\n\t\tv = *val;\n\t\ti = *vallen;\n\t\t*val = suhosin_decrypt_string(v, i, \"\", 0, (char *)&cryptkey, vallen, SUHOSIN_G(session_checkraddr) TSRMLS_CC);\n\t\tSUHOSIN_G(do_not_scan) = 0;\n\tif (*val == NULL) {\n\t\t*val = estrndup(\"\", 0);\n\t\t*vallen = 0;\n\t}\n\t\tefree(v);\n\t}\n\n\treturn r;\n}\n\nstatic int suhosin_hook_s_write(void **mod_data, const char *key, const char *val, const int vallen TSRMLS_DC)\n{\n\tint r;\n/* int nullify = 0;*/\n\tchar *v = (char *)val;\n\n\t/* protect dumb session handlers */\n\tif (key == NULL || !key[0] || val == NULL || strlen(key) > SUHOSIN_G(session_max_id_length) ||\n\t\t(*mod_data == NULL\n\t\t&& !SESSION_G(mod_user_implemented)\n\t\t)) {\n\t\tr = FAILURE;\n\t\tgoto return_write;\n\t}\n\n\tr = vallen;\n\n\tif (r > 0 && SUHOSIN_G(session_encrypt)) {\n\t\tchar cryptkey[33];\n\n\t\tSUHOSIN_G(do_not_scan) = 1;\n\n\t\tsuhosin_generate_key(SUHOSIN_G(session_cryptkey), SUHOSIN_G(session_cryptua), SUHOSIN_G(session_cryptdocroot), SUHOSIN_G(session_cryptraddr), (char *)&cryptkey TSRMLS_CC);\n\n\t\tv = suhosin_encrypt_string(v, vallen, \"\", 0, (char *)&cryptkey TSRMLS_CC);\n\n\t\tSUHOSIN_G(do_not_scan) = 0;\n\t\tr = strlen(v);\n\t}\n\n\tr = SUHOSIN_G(old_s_write)(mod_data, key, v, r TSRMLS_CC);\n\nreturn_write:\n\t/* protect session vars */\n/* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) {\n\t\tif (SESSION_G(http_session_vars)->refcount==1) {\n\t\t\tnullify = 1;\n\t\t}\n\t\tzval_ptr_dtor(&SESSION_G(http_session_vars));\n\t\tif (nullify) {\n\t\t\tsuhosin_log(S_SESSION, \"possible session variables double free attack stopped\");\n\t\t\tSESSION_G(http_session_vars) = NULL;\n\t\t}\n\t}*/\n\n\treturn r;\n}\n\nstatic int suhosin_hook_s_destroy(void **mod_data, const char *key TSRMLS_DC)\n{\n\tint r;\n\n\t/* protect dumb session handlers */\n\tif (key == NULL || !key[0] || strlen(key) > SUHOSIN_G(session_max_id_length) ||\n\t\t(*mod_data == NULL\n\t\t&& !SESSION_G(mod_user_implemented)\n\t\t)) {\n\t\treturn FAILURE;\n\t}\n\n\tr = SUHOSIN_G(old_s_destroy)(mod_data, key TSRMLS_CC);\n\n\treturn r;\n}\n\nstatic void suhosin_hook_session_module(TSRMLS_D)\n{\n\tps_module *old_mod = SESSION_G(mod), *mod;\n\n\tif (old_mod == NULL || SUHOSIN_G(s_module) == old_mod) {\n\t\treturn;\n\t}\n\n\tif (SUHOSIN_G(s_module) == NULL) {\n\t\tSUHOSIN_G(s_module) = mod = malloc(sizeof(ps_module));\n\t\tif (mod == NULL) {\n\t\t\treturn;\n\t\t}\n\t}\n\n\tSUHOSIN_G(s_original_mod) = old_mod;\n\n\tmod = SUHOSIN_G(s_module);\n\tmemcpy(mod, old_mod, sizeof(ps_module));\n\n\tSUHOSIN_G(old_s_read) = mod->s_read;\n\tmod->s_read = suhosin_hook_s_read;\n\tSUHOSIN_G(old_s_write) = mod->s_write;\n\tmod->s_write = suhosin_hook_s_write;\n\tSUHOSIN_G(old_s_destroy) = mod->s_destroy;\n\tmod->s_destroy = suhosin_hook_s_destroy;\n\n\tSESSION_G(mod) = mod;\n}\n\nstatic PHP_INI_MH(suhosin_OnUpdateSaveHandler)\n{\n\tint r;\n\n\tif (stage == PHP_INI_STAGE_RUNTIME && SESSION_G(session_status) == php_session_none && SUHOSIN_G(s_original_mod)\n\t\t&& strcmp(new_value, \"user\") == 0 && strcmp(((ps_module*)SUHOSIN_G(s_original_mod))->s_name, \"user\") == 0) {\n\t\treturn SUCCESS;\n\t}\n\n\tSESSION_G(mod) = SUHOSIN_G(s_original_mod);\n\n\tr = old_OnUpdateSaveHandler(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC);\n\n\tsuhosin_hook_session_module(TSRMLS_C);\n\n\treturn r;\n}\n\n\nstatic int suhosin_hook_session_RINIT(INIT_FUNC_ARGS)\n{\n\tif (SESSION_G(mod) == NULL) {\n\t\tchar *value = zend_ini_string(\"session.save_handler\", sizeof(\"session.save_handler\"), 0);\n\n\t\tif (value) {\n\t\t\tsuhosin_OnUpdateSaveHandler(NULL, value, strlen(value), NULL, NULL, NULL, 0 TSRMLS_CC);\n\t\t}\n\t}\n\treturn old_SessionRINIT(INIT_FUNC_ARGS_PASSTHRU);\n}\n\nvoid suhosin_hook_session(TSRMLS_D)\n{\n\tps_serializer *serializer;\n\tzend_ini_entry *ini_entry;\n\tzend_module_entry *module;\n#ifdef ZTS\n\tts_rsrc_id *ps_globals_id_ptr;\n#endif\n\n\tif (zend_hash_find(&module_registry, \"session\", sizeof(\"session\"), (void**)&module) == FAILURE) {\n\t\treturn;\n\t}\n\t/* retrieve globals from module entry struct if possible */\n#ifdef ZTS\n\tif (session_globals_id == 0) {\n\tsession_globals_id = *module->globals_id_ptr;\n\t}\n#else\n\tif (session_globals == NULL) {\n\tsession_globals = module->globals_ptr;\n\t}\n#endif\n\n\tif (old_OnUpdateSaveHandler != NULL) {\n\t\treturn;\n\t}\n\n\t/* hook request startup function of session module */\n\told_SessionRINIT = module->request_startup_func;\n\tmodule->request_startup_func = suhosin_hook_session_RINIT;\n\n\t/* retrieve pointer to session.save_handler ini entry */\n\tif (zend_hash_find(EG(ini_directives), \"session.save_handler\", sizeof(\"session.save_handler\"), (void **) &ini_entry) == FAILURE) {\n\t\treturn;\n\t}\n\tSUHOSIN_G(s_module) = NULL;\n\n\t/* replace OnUpdateMemoryLimit handler */\n\told_OnUpdateSaveHandler = ini_entry->on_modify;\n\tini_entry->on_modify = suhosin_OnUpdateSaveHandler;\n\n\tsuhosin_hook_session_module(TSRMLS_C);\n\n\t/* Protect the PHP serializer from ! attacks */\n\tserializer = (ps_serializer *) SESSION_G(serializer);\n\tif (serializer != NULL && strcmp(serializer->name, \"php\")==0) {\n\t\tserializer->encode = suhosin_session_encode;\n\t}\n\n\t/* increase session identifier entropy */\n\tif (SESSION_G(entropy_length) == 0 || SESSION_G(entropy_file) == NULL) {\n#ifndef PHP_WIN32\n\t\t/* ensure that /dev/urandom exists */\n\t\tint fd = VCWD_OPEN(\"/dev/urandom\", O_RDONLY);\n\t\tif (fd >= 0) {\n\t\t\tclose(fd);\n\t\t\tSESSION_G(entropy_length) = 16;\n\t\t\tSESSION_G(entropy_file) = pestrdup(\"/dev/urandom\", 1);\n\t\t}\n#endif\n\t}\n}\n\nvoid suhosin_unhook_session(TSRMLS_D)\n{\n\tif (old_OnUpdateSaveHandler != NULL) {\n\t\tzend_ini_entry *ini_entry;\n\n\t\t/* retrieve pointer to session.save_handler ini entry */\n\t\tif (zend_hash_find(EG(ini_directives), \"session.save_handler\", sizeof(\"session.save_handler\"), (void **) &ini_entry) == FAILURE) {\n\t\t\treturn;\n\t\t}\n\t\tini_entry->on_modify = old_OnUpdateSaveHandler;\n\n\t\told_OnUpdateSaveHandler = NULL;\n\t}\n\n}\n\n#else /* HAVE_PHP_SESSION */\n\n#warning BUILDING SUHOSIN WITHOUT SESSION SUPPORT\n\nvoid suhosin_hook_session(TSRMLS_D)\n{\n}\n\nvoid suhosin_unhook_session(TSRMLS_D)\n{\n}\n\n#endif /* HAVE_PHP_SESSION */\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: sw=4 ts=4 fdm=marker\n * vim<600: sw=4 ts=4\n */\n"
},
{
"path": "sha256.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n\n/* $Id: sha256.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ */\n\n#include \n#include \"php.h\"\n\n/* This code is heavily based on the PHP md5/sha1 implementations */ \n\n#include \"sha256.h\"\n\nstatic void make_sha256_digest(char *sha256str, unsigned char *digest)\n{\n\tint i;\n\n\tfor (i = 0; i < 32; i++) {\n\t\tsprintf(sha256str, \"%02x\", digest[i]);\n\t\tsha256str += 2;\n\t}\n\n\t*sha256str = '\\0';\n}\n\n/* {{{ proto string sha256(string str [, bool raw_output])\n Calculate the sha256 hash of a string */\nstatic PHP_FUNCTION(suhosin_sha256)\n{\n\tchar *arg;\n\tint arg_len;\n\tzend_bool raw_output = 0;\n\tchar sha256str[65];\n\tsuhosin_SHA256_CTX context;\n\tunsigned char digest[32];\n\t\n\tif (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, \"s|b\", &arg, &arg_len, &raw_output) == FAILURE) {\n\t\treturn;\n\t}\n\n\tsha256str[0] = '\\0';\n\tsuhosin_SHA256Init(&context);\n\tsuhosin_SHA256Update(&context, (unsigned char *)arg, (unsigned int)arg_len);\n\tsuhosin_SHA256Final(digest, &context);\n\tif (raw_output) {\n\t\tRETURN_STRINGL((char *)digest, 32, 1);\n\t} else {\n\t\tmake_sha256_digest(sha256str, digest);\n\t\tRETVAL_STRING(sha256str, 1);\n\t}\n\n}\n\n/* }}} */\n\n/* {{{ proto string sha256_file(string filename [, bool raw_output])\n Calculate the sha256 hash of given filename */\nstatic PHP_FUNCTION(suhosin_sha256_file)\n{\n\tchar *arg;\n\tint arg_len;\n\tzend_bool raw_output = 0;\n\tchar sha256str[65];\n\tunsigned char buf[1024];\n\tunsigned char digest[32];\n\tsuhosin_SHA256_CTX context;\n\tint n;\n\tFILE *fp;\n\n\tif (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, \"s|b\", &arg, &arg_len, &raw_output) == FAILURE) {\n\t\treturn;\n\t}\n\n\tif (php_check_open_basedir(arg TSRMLS_CC)) {\n\t\tRETURN_FALSE;\n\t}\n\n\tif ((fp = VCWD_FOPEN(arg, \"rb\")) == NULL) {\n\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"Unable to open file\");\n\t\tRETURN_FALSE;\n\t}\n\n\tsuhosin_SHA256Init(&context);\n\n\twhile ((n = fread(buf, 1, sizeof(buf), fp)) > 0) {\n\t\tsuhosin_SHA256Update(&context, buf, n);\n\t}\n\n\tsuhosin_SHA256Final(digest, &context);\n\n\tif (ferror(fp)) {\n\t\tfclose(fp);\n\t\tRETURN_FALSE;\n\t}\n\n\tfclose(fp);\n\n\tif (raw_output) {\n\t\tRETURN_STRINGL((char *)digest, 32, 1);\n\t} else {\n\t\tmake_sha256_digest(sha256str, digest);\n\t\tRETVAL_STRING(sha256str, 1);\n\t}\n}\n/* }}} */\n\n\nstatic void SHA256Transform(php_uint32[8], const unsigned char[64]);\nstatic void SHA256Encode(unsigned char *, php_uint32 *, unsigned int);\nstatic void SHA256Decode(php_uint32 *, const unsigned char *, unsigned int);\n\nstatic unsigned char PADDING[64] =\n{\n\t0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n\t0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0\n};\n\n/* F, G, H and I are basic SHA256 functions.\n */\n#define F(x) (ROTATE_RIGHT(x,2) ^ ROTATE_RIGHT(x,13) ^ ROTATE_RIGHT(x,22))\n#define G(x, y, z) (((x) & (y)) | ((z) & ((y) | (x))))\n#define H(x) (ROTATE_RIGHT(x,6) ^ ROTATE_RIGHT(x,11) ^ ROTATE_RIGHT(x,25))\n#define I(x, y, z) (((x) & (y)) | ((~x) & z))\n\n/* ROTATE_RIGHT rotates x right n bits.\n */\n#define ROTATE_RIGHT(x, n) (((x) >> (n)) | ((x) << (32-(n))))\n\n/* W[i]\n */\n#define W(i) ( tmp1=ROTATE_RIGHT(x[(i-15)&15],7)^ROTATE_RIGHT(x[(i-15)&15],18)^(x[(i-15)&15] >> 3), \\\n\ttmp2=ROTATE_RIGHT(x[(i-2)&15],17)^ROTATE_RIGHT(x[(i-2)&15],19)^(x[(i-2)&15] >> 10), \\\n\t(x[i&15]=x[i&15] + tmp1 + x[(i-7)&15] + tmp2) ) \n\n/* ROUND function of sha256\n */\n\n#define ROUND(a,b,c,d,e,f,g,h,w,k) { \\\n t1 = (h) + H((e)) + I((e), (f), (g)) + (k) + (php_uint32)(w); \\\n (h) = F((a)) + G((a), (b), (c)) + t1; \\\n (d) += t1; \\\n } \n\t\t\t \n\n/* {{{ suhosin_SHA256Init\n * SHA256 initialization. Begins an SHA256 operation, writing a new context.\n */\nvoid suhosin_SHA256Init(suhosin_SHA256_CTX * context)\n{\n\tcontext->count[0] = context->count[1] = 0;\n\t/* Load magic initialization constants.\n\t */\n\tcontext->state[0] = 0x6a09e667;\n\tcontext->state[1] = 0xbb67ae85;\n\tcontext->state[2] = 0x3c6ef372;\n\tcontext->state[3] = 0xa54ff53a;\n\tcontext->state[4] = 0x510e527f;\n\tcontext->state[5] = 0x9b05688c;\n\tcontext->state[6] = 0x1f83d9ab;\n\tcontext->state[7] = 0x5be0cd19;\t\n}\n/* }}} */\n\n/* {{{ suhosin_SHA256Update\n SHA256 block update operation. Continues an SHA256 message-digest\n operation, processing another message block, and updating the\n context.\n */\nvoid suhosin_SHA256Update(suhosin_SHA256_CTX * context, const unsigned char *input,\n\t\t\t unsigned int inputLen)\n{\n\tunsigned int i, index, partLen;\n\n\t/* Compute number of bytes mod 64 */\n\tindex = (unsigned int) ((context->count[0] >> 3) & 0x3F);\n\n\t/* Update number of bits */\n\tif ((context->count[0] += ((php_uint32) inputLen << 3))\n\t\t< ((php_uint32) inputLen << 3))\n\t\tcontext->count[1]++;\n\tcontext->count[1] += ((php_uint32) inputLen >> 29);\n\n\tpartLen = 64 - index;\n\n\t/* Transform as many times as possible.\n\t */\n\tif (inputLen >= partLen) {\n\t\tmemcpy\n\t\t\t((unsigned char*) & context->buffer[index], (unsigned char*) input, partLen);\n\t\tSHA256Transform(context->state, context->buffer);\n\n\t\tfor (i = partLen; i + 63 < inputLen; i += 64)\n\t\t\tSHA256Transform(context->state, &input[i]);\n\n\t\tindex = 0;\n\t} else\n\t\ti = 0;\n\n\t/* Buffer remaining input */\n\tmemcpy\n\t\t((unsigned char*) & context->buffer[index], (unsigned char*) & input[i],\n\t\t inputLen - i);\n}\n/* }}} */\n\n/* {{{ suhosin_SHA256Final\n SHA256 finalization. Ends an SHA256 message-digest operation, writing the\n the message digest and zeroizing the context.\n */\nvoid suhosin_SHA256Final(unsigned char digest[32], suhosin_SHA256_CTX * context)\n{\n\tunsigned char bits[8];\n\tunsigned int index, padLen;\n\n\t/* Save number of bits */\n\tbits[7] = context->count[0] & 0xFF;\n\tbits[6] = (context->count[0] >> 8) & 0xFF;\n\tbits[5] = (context->count[0] >> 16) & 0xFF;\n\tbits[4] = (context->count[0] >> 24) & 0xFF;\n\tbits[3] = context->count[1] & 0xFF;\n\tbits[2] = (context->count[1] >> 8) & 0xFF;\n\tbits[1] = (context->count[1] >> 16) & 0xFF;\n\tbits[0] = (context->count[1] >> 24) & 0xFF;\n\t\n\t/* Pad out to 56 mod 64.\n\t */\n\tindex = (unsigned int) ((context->count[0] >> 3) & 0x3f);\n\tpadLen = (index < 56) ? (56 - index) : (120 - index);\n\tsuhosin_SHA256Update(context, PADDING, padLen);\n\n\t/* Append length (before padding) */\n\tsuhosin_SHA256Update(context, bits, 8);\n\n\t/* Store state in digest */\n\tSHA256Encode(digest, context->state, 32);\n\n\t/* Zeroize sensitive information.\n\t */\n\tmemset((unsigned char*) context, 0, sizeof(*context));\n}\n/* }}} */\n\n/* {{{ SHA256Transform\n * SHA256 basic transformation. Transforms state based on block.\n */\nstatic void SHA256Transform(state, block)\nphp_uint32 state[8];\nconst unsigned char block[64];\n{\n\tphp_uint32 a = state[0], b = state[1], c = state[2];\n\tphp_uint32 d = state[3], e = state[4], f = state[5];\n\tphp_uint32 g = state[6], h = state[7], x[16], tmp1, tmp2, t1;\n\n\tSHA256Decode(x, block, 64);\n\n\tROUND(a, b, c, d, e, f, g, h, x[0], 0x428a2f98)\n\tROUND(h, a, b, c, d, e, f, g, x[1], 0x71374491)\n\tROUND(g, h, a, b, c, d, e, f, x[2], 0xb5c0fbcf)\n\tROUND(f, g, h, a, b, c, d, e, x[3], 0xe9b5dba5)\n\tROUND(e, f, g, h, a, b, c, d, x[4], 0x3956c25b)\n\tROUND(d, e, f, g, h, a, b, c, x[5], 0x59f111f1)\n\tROUND(c, d, e, f, g, h, a, b, x[6], 0x923f82a4)\n\tROUND(b, c, d, e, f, g, h, a, x[7], 0xab1c5ed5)\n\tROUND(a, b, c, d, e, f, g, h, x[8], 0xd807aa98)\n\tROUND(h, a, b, c, d, e, f, g, x[9], 0x12835b01)\n\tROUND(g, h, a, b, c, d, e, f, x[10], 0x243185be)\n\tROUND(f, g, h, a, b, c, d, e, x[11], 0x550c7dc3)\n\tROUND(e, f, g, h, a, b, c, d, x[12], 0x72be5d74)\n\tROUND(d, e, f, g, h, a, b, c, x[13], 0x80deb1fe)\n\tROUND(c, d, e, f, g, h, a, b, x[14], 0x9bdc06a7)\n\tROUND(b, c, d, e, f, g, h, a, x[15], 0xc19bf174)\n\tROUND(a, b, c, d, e, f, g, h, W(16), 0xe49b69c1)\n\tROUND(h, a, b, c, d, e, f, g, W(17), 0xefbe4786)\n\tROUND(g, h, a, b, c, d, e, f, W(18), 0x0fc19dc6)\n\tROUND(f, g, h, a, b, c, d, e, W(19), 0x240ca1cc)\n\tROUND(e, f, g, h, a, b, c, d, W(20), 0x2de92c6f)\n\tROUND(d, e, f, g, h, a, b, c, W(21), 0x4a7484aa)\n\tROUND(c, d, e, f, g, h, a, b, W(22), 0x5cb0a9dc)\n\tROUND(b, c, d, e, f, g, h, a, W(23), 0x76f988da)\n\tROUND(a, b, c, d, e, f, g, h, W(24), 0x983e5152)\n\tROUND(h, a, b, c, d, e, f, g, W(25), 0xa831c66d)\n\tROUND(g, h, a, b, c, d, e, f, W(26), 0xb00327c8)\n\tROUND(f, g, h, a, b, c, d, e, W(27), 0xbf597fc7)\n\tROUND(e, f, g, h, a, b, c, d, W(28), 0xc6e00bf3)\n\tROUND(d, e, f, g, h, a, b, c, W(29), 0xd5a79147)\n\tROUND(c, d, e, f, g, h, a, b, W(30), 0x06ca6351)\n\tROUND(b, c, d, e, f, g, h, a, W(31), 0x14292967)\n\tROUND(a, b, c, d, e, f, g, h, W(32), 0x27b70a85)\n\tROUND(h, a, b, c, d, e, f, g, W(33), 0x2e1b2138)\n\tROUND(g, h, a, b, c, d, e, f, W(34), 0x4d2c6dfc)\n\tROUND(f, g, h, a, b, c, d, e, W(35), 0x53380d13)\n\tROUND(e, f, g, h, a, b, c, d, W(36), 0x650a7354)\n\tROUND(d, e, f, g, h, a, b, c, W(37), 0x766a0abb)\n\tROUND(c, d, e, f, g, h, a, b, W(38), 0x81c2c92e)\n\tROUND(b, c, d, e, f, g, h, a, W(39), 0x92722c85)\n\tROUND(a, b, c, d, e, f, g, h, W(40), 0xa2bfe8a1)\n\tROUND(h, a, b, c, d, e, f, g, W(41), 0xa81a664b)\n\tROUND(g, h, a, b, c, d, e, f, W(42), 0xc24b8b70)\n\tROUND(f, g, h, a, b, c, d, e, W(43), 0xc76c51a3)\n\tROUND(e, f, g, h, a, b, c, d, W(44), 0xd192e819)\n\tROUND(d, e, f, g, h, a, b, c, W(45), 0xd6990624)\n\tROUND(c, d, e, f, g, h, a, b, W(46), 0xf40e3585)\n\tROUND(b, c, d, e, f, g, h, a, W(47), 0x106aa070)\n\tROUND(a, b, c, d, e, f, g, h, W(48), 0x19a4c116)\n\tROUND(h, a, b, c, d, e, f, g, W(49), 0x1e376c08)\n\tROUND(g, h, a, b, c, d, e, f, W(50), 0x2748774c)\n\tROUND(f, g, h, a, b, c, d, e, W(51), 0x34b0bcb5)\n\tROUND(e, f, g, h, a, b, c, d, W(52), 0x391c0cb3)\n\tROUND(d, e, f, g, h, a, b, c, W(53), 0x4ed8aa4a)\n\tROUND(c, d, e, f, g, h, a, b, W(54), 0x5b9cca4f)\n\tROUND(b, c, d, e, f, g, h, a, W(55), 0x682e6ff3)\n\tROUND(a, b, c, d, e, f, g, h, W(56), 0x748f82ee)\n\tROUND(h, a, b, c, d, e, f, g, W(57), 0x78a5636f)\n\tROUND(g, h, a, b, c, d, e, f, W(58), 0x84c87814)\n\tROUND(f, g, h, a, b, c, d, e, W(59), 0x8cc70208)\n\tROUND(e, f, g, h, a, b, c, d, W(60), 0x90befffa)\n\tROUND(d, e, f, g, h, a, b, c, W(61), 0xa4506ceb)\n\tROUND(c, d, e, f, g, h, a, b, W(62), 0xbef9a3f7)\n\tROUND(b, c, d, e, f, g, h, a, W(63), 0xc67178f2)\n\n\tstate[0] += a;\n\tstate[1] += b;\n\tstate[2] += c;\n\tstate[3] += d;\n\tstate[4] += e;\n\tstate[5] += f;\n\tstate[6] += g;\n\tstate[7] += h;\n\n\t/* Zeroize sensitive information. */\n\tmemset((unsigned char*) x, 0, sizeof(x));\n}\n/* }}} */\n\n/* {{{ SHA256Encode\n Encodes input (php_uint32) into output (unsigned char). Assumes len is\n a multiple of 4.\n */\nstatic void SHA256Encode(output, input, len)\nunsigned char *output;\nphp_uint32 *input;\nunsigned int len;\n{\n\tunsigned int i, j;\n\n\tfor (i = 0, j = 0; j < len; i++, j += 4) {\n\t\toutput[j] = (unsigned char) ((input[i] >> 24) & 0xff);\n\t\toutput[j + 1] = (unsigned char) ((input[i] >> 16) & 0xff);\n\t\toutput[j + 2] = (unsigned char) ((input[i] >> 8) & 0xff);\n\t\toutput[j + 3] = (unsigned char) (input[i] & 0xff);\n\t}\n}\n/* }}} */\n\n/* {{{ SHA256Decode\n Decodes input (unsigned char) into output (php_uint32). Assumes len is\n a multiple of 4.\n */\nstatic void SHA256Decode(output, input, len)\nphp_uint32 *output;\nconst unsigned char *input;\nunsigned int len;\n{\n\tunsigned int i, j;\n\n\tfor (i = 0, j = 0; j < len; i++, j += 4)\n\t\toutput[i] = ((php_uint32) input[j + 3]) | (((php_uint32) input[j + 2]) << 8) |\n\t\t\t(((php_uint32) input[j + 1]) << 16) | (((php_uint32) input[j]) << 24);\n}\n/* }}} */\n\n\n/* {{{ suhosin_sha256_functions[]\n */\nstatic zend_function_entry suhosin_sha256_functions[] = {\n\tPHP_NAMED_FE(sha256, PHP_FN(suhosin_sha256), NULL)\n\tPHP_NAMED_FE(sha256_file, PHP_FN(suhosin_sha256_file), NULL)\n\t{NULL, NULL, NULL}\n};\n/* }}} */\n\n\nvoid suhosin_hook_sha256(TSRMLS_D)\n{\n\t/* check if we already have sha256 support */\n\tif (zend_hash_exists(CG(function_table), \"sha256\", sizeof(\"sha256\"))) {\n\t\treturn;\t\t\n\t}\n\t\n\t/* add the sha256 functions */\n\tzend_register_functions(NULL, suhosin_sha256_functions, NULL, MODULE_PERSISTENT TSRMLS_CC);\n}\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: sw=4 ts=4 fdm=marker\n * vim<600: sw=4 ts=4\n */\n"
},
{
"path": "sha256.h",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n\n/* $Id: sha256.h,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ */\n\n#ifndef SHA256_H\n#define SHA256_H\n\n#include \"ext/standard/basic_functions.h\"\n\n/* SHA1 context. */\ntypedef struct {\n\tphp_uint32 state[8];\t\t/* state (ABCD) */\n\tphp_uint32 count[2];\t\t/* number of bits, modulo 2^64 (lsb first) */\n\tunsigned char buffer[64];\t/* input buffer */\n} suhosin_SHA256_CTX;\n\nvoid suhosin_SHA256Init(suhosin_SHA256_CTX *);\nvoid suhosin_SHA256Update(suhosin_SHA256_CTX *, const unsigned char *, unsigned int);\nvoid suhosin_SHA256Final(unsigned char[32], suhosin_SHA256_CTX *);\n\n#endif\n"
},
{
"path": "suhosin.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n\n/* $Id: suhosin.c,v 1.2 2007-11-28 16:01:50 sesser Exp $ */\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"zend_extensions.h\"\n#include \"ext/standard/info.h\"\n#include \"php_syslog.h\"\n#include \"php_variables.h\"\n#include \"php_suhosin.h\"\n#include \"zend_llist.h\"\n#include \"zend_operators.h\"\n#include \"SAPI.h\"\n#if PHP_VERSION_ID < 50500\n#include \"php_logos.h\"\n#endif\n#include \"suhosin_logo.h\"\n#include \"ext/standard/php_string.h\"\n#include \"ext/standard/url.h\"\n#include \"ext/standard/base64.h\"\n\nZEND_DECLARE_MODULE_GLOBALS(suhosin)\n\nstatic zend_llist_position lp = NULL;\nstatic int (*old_startup)(zend_extension *extension) = NULL;\nstatic zend_extension *ze = NULL;\n\nstatic int suhosin_module_startup(zend_extension *extension);\nstatic void suhosin_shutdown(zend_extension *extension);\n\n\nstatic void (*orig_op_array_ctor)(zend_op_array *op_array) = NULL;\nstatic void (*orig_op_array_dtor)(zend_op_array *op_array) = NULL;\nstatic void (*orig_module_shutdown)(zend_extension *extension) = NULL;\nstatic int (*orig_module_startup)(zend_extension *extension) = NULL;\n\n\nstatic void suhosin_op_array_ctor(zend_op_array *op_array);\nstatic void suhosin_op_array_dtor(zend_op_array *op_array);\n\nSTATIC zend_extension suhosin_zend_extension_entry = {\n\t\"Suhosin\",\n\tSUHOSIN_EXT_VERSION,\n\t\"SektionEins GmbH\",\n\t\"http://www.suhosin.org\",\n\t\"Copyright (c) 2007-2015\",\n\tsuhosin_module_startup,\n\tsuhosin_shutdown,\n\tNULL,\n\tNULL,\n\tNULL,\n\tNULL,\n\tNULL,\n\tNULL,\n\tNULL,\n\tsuhosin_op_array_ctor,\n\tsuhosin_op_array_dtor,\n\n\tSTANDARD_ZEND_EXTENSION_PROPERTIES\n};\n\nstatic void suhosin_op_array_ctor(zend_op_array *op_array)\n{\n\tTSRMLS_FETCH();\n\n\tif (suhosin_zend_extension_entry.resource_number != -1) {\n\n\t\tunsigned long suhosin_flags = 0;\n\n\t\tif (SUHOSIN_G(in_code_type) == SUHOSIN_EVAL) {\n\t\t\tsuhosin_flags |= SUHOSIN_FLAG_CREATED_BY_EVAL;\n\t\t}\n\n\t\top_array->reserved[suhosin_zend_extension_entry.resource_number] = (void *)suhosin_flags;\n\n\t}\n}\n\n\n\nstatic void suhosin_op_array_dtor(zend_op_array *op_array)\n{\n\tif (suhosin_zend_extension_entry.resource_number != -1) {\n\t\top_array->reserved[suhosin_zend_extension_entry.resource_number] = NULL;\n\t}\n}\n\n/* Stealth Mode functions */\n\nstatic void stealth_op_array_ctor(zend_op_array *op_array)\n{\n\tif (orig_op_array_ctor != NULL) {\n\t\torig_op_array_ctor(op_array);\n\t}\n\tsuhosin_op_array_ctor(op_array);\n}\n\nstatic void stealth_op_array_dtor(zend_op_array *op_array)\n{\n\tif (orig_op_array_dtor != NULL) {\n\t\torig_op_array_dtor(op_array);\n\t}\n\tsuhosin_op_array_dtor(op_array);\n}\n\nstatic int stealth_module_startup(zend_extension *extension)\n{\n\tint r = orig_module_startup == NULL ? SUCCESS : orig_module_startup(extension);\n\tsuhosin_module_startup(extension);\n\treturn r;\n}\n\nstatic void stealth_module_shutdown(zend_extension *extension)\n{\n\tif (orig_module_shutdown != NULL) {\n\t\torig_module_shutdown(extension);\n\t}\n\tsuhosin_shutdown(extension);\n}\n\n\nstatic int suhosin_module_startup(zend_extension *extension)\n{\n\tzend_module_entry *module_entry_ptr;\n\tint resid;\n\tTSRMLS_FETCH();\n\n/*\tzend_register_module(&suhosin_module_entry TSRMLS_CC); */\n\n\tif (zend_hash_find(&module_registry, \"suhosin\", sizeof(\"suhosin\"), (void **)&module_entry_ptr)==SUCCESS) {\n\n\t\tif (extension) {\n\t\t\textension->handle = module_entry_ptr->handle;\n\t\t} else {\n\t\t\tzend_extension ext;\n\t\t\text = suhosin_zend_extension_entry;\n\t\t\text.handle = module_entry_ptr->handle;\n\t\t\t/*\n\t\t\tzend_llist_add_element(&zend_extensions, &ext);\n\t\t\textension = zend_llist_get_last(&zend_extensions);\n\t\t\t*/\n\t\t\textension = &suhosin_zend_extension_entry;\n\t\t}\n\t\tmodule_entry_ptr->handle = NULL;\n\n\t} else {\n\t\treturn FAILURE;\n\t}\n\n\n\n\tif (SUHOSIN_G(apc_bug_workaround)) {\n\t\tresid = zend_get_resource_handle(extension);\n\t}\n\tresid = zend_get_resource_handle(extension);\n\tsuhosin_zend_extension_entry.resource_number = resid;\n\n\tsuhosin_hook_treat_data();\n\tsuhosin_hook_post_handlers(TSRMLS_C);\n\tsuhosin_aes_gentables();\n\tsuhosin_hook_register_server_variables();\n\tsuhosin_hook_header_handler();\n\tsuhosin_hook_execute(TSRMLS_C);\n\tsuhosin_hook_session(TSRMLS_C);\n\n\n\treturn SUCCESS;\n}\n\n\nstatic void suhosin_shutdown(zend_extension *extension)\n{\n\tTSRMLS_FETCH();\n\n\tsuhosin_unhook_execute();\n\tsuhosin_unhook_header_handler();\n\tsuhosin_unhook_post_handlers(TSRMLS_C);\n\t/* suhosin_unhook_session(); - enabling this causes compability problems */\n\n\tif (ze != NULL) {\n\t\tze->startup = orig_module_startup;\n\t\tze->shutdown = orig_module_shutdown;\n\t\tze->op_array_ctor = orig_op_array_ctor;\n\t\tze->op_array_dtor = orig_op_array_dtor;\n\t}\n}\n\n\nstatic int suhosin_startup_wrapper(zend_extension *ext)\n{\n\tint res = SUCCESS;\n\tzend_extension *ex = &suhosin_zend_extension_entry;\n\tchar *new_info;\n\tint new_info_length;\n\tTSRMLS_FETCH();\n\n\t/* Ugly but working hack */\n\tnew_info_length = sizeof(\"%s\\n with %s v%s, %s, by %s\\n\")\n\t\t\t\t\t\t+ strlen(ext->author)\n\t\t\t\t\t\t+ strlen(ex->name)\n\t\t\t\t\t\t+ strlen(ex->version)\n\t\t\t\t\t\t+ strlen(ex->copyright)\n\t\t\t\t\t\t+ strlen(ex->author);\n\n\tnew_info = (char *) malloc(new_info_length+1);\n\tsprintf(new_info, \"%s\\n with %s v%s, %s, by %s\", ext->author, ex->name, ex->version, ex->copyright, ex->author);\n\text->author = new_info;\n\n\tze->startup = old_startup;\n\n\t/* Stealth Mode */\n\torig_module_startup = ze->startup;\n\torig_module_shutdown = ze->shutdown;\n\torig_op_array_ctor = ze->op_array_ctor;\n\torig_op_array_dtor = ze->op_array_dtor;\n\n\t/*if (SUHOSIN_G(stealth) != 0) {*/\n\t\tze->startup = stealth_module_startup;\n\t\tze->shutdown = stealth_module_shutdown;\n\t\tze->op_array_ctor = stealth_op_array_ctor;\n\t\tze->op_array_dtor = stealth_op_array_dtor;\n\t/*}*/\n\n\tif (old_startup != NULL) {\n\t\tres = old_startup(ext);\n\t}\n\n/*\tex->name = NULL;\n\tex->author = NULL;\n\tex->copyright = NULL;\n\tex->version = NULL;*/\n\n\t/*zend_extensions.head=NULL;*/\n\n\tsuhosin_module_startup(NULL);\n\n\treturn res;\n}\n\n/*static zend_extension_version_info extension_version_info = { ZEND_EXTENSION_API_NO, ZEND_VERSION, ZTS_V, ZEND_DEBUG };*/\n\n#define PERDIR_CHECK(upper, lower) \\\n\tif (!SUHOSIN_G(lower ## _perdir) && stage == ZEND_INI_STAGE_HTACCESS) { \\\n\t\treturn FAILURE; \\\n\t}\n\n#define LOG_PERDIR_CHECK() PERDIR_CHECK(LOG, log)\n#define EXEC_PERDIR_CHECK() PERDIR_CHECK(EXEC, exec)\n#define MISC_PERDIR_CHECK() PERDIR_CHECK(MISC, misc)\n#define GET_PERDIR_CHECK() PERDIR_CHECK(GET, get)\n#define POST_PERDIR_CHECK() PERDIR_CHECK(POST, post)\n#define COOKIE_PERDIR_CHECK() PERDIR_CHECK(COOKIE, cookie)\n#define REQUEST_PERDIR_CHECK() PERDIR_CHECK(REQUEST, request)\n#define UPLOAD_PERDIR_CHECK() PERDIR_CHECK(UPLOAD, upload)\n#define SQL_PERDIR_CHECK() PERDIR_CHECK(SQL, sql)\n\n#define ZEND_INI_MH_PASSTHRU entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC\n\n\nstatic ZEND_INI_MH(OnUpdateSuhosin_perdir)\n{\n\tchar *tmp;\n\n\tif (SUHOSIN_G(perdir)) {\n\t\t\tpefree(SUHOSIN_G(perdir), 1);\n\t}\n\tSUHOSIN_G(perdir) = NULL;\n\n\t/* Initialize the perdir flags */\n\tSUHOSIN_G(log_perdir) = 0;\n\tSUHOSIN_G(exec_perdir) = 0;\n\tSUHOSIN_G(get_perdir) = 0;\n\tSUHOSIN_G(cookie_perdir) = 0;\n\tSUHOSIN_G(post_perdir) = 0;\n\tSUHOSIN_G(request_perdir) = 0;\n\tSUHOSIN_G(sql_perdir) = 0;\n\tSUHOSIN_G(upload_perdir) = 0;\n\tSUHOSIN_G(misc_perdir) = 0;\n\n\tif (new_value == NULL) {\n\t\treturn SUCCESS;\n\t}\n\n\ttmp = SUHOSIN_G(perdir) = pestrdup(new_value,1);\n\n\t/* trim the whitespace */\n\twhile (isspace(*tmp)) tmp++;\n\n\t/* should we deactivate perdir completely? */\n\tif (*tmp == 0 || *tmp == '0') {\n\t\treturn SUCCESS;\n\t}\n\n\t/* no deactivation so check the flags */\n\twhile (*tmp) {\n\t\tswitch (*tmp) {\n\t\t\tcase 'l':\n\t\t\tcase 'L':\n\t\t\t\tSUHOSIN_G(log_perdir) = 1;\n\t\t\t\tbreak;\n\t\t\tcase 'e':\n\t\t\tcase 'E':\n\t\t\t\tSUHOSIN_G(exec_perdir) = 1;\n\t\t\t\tbreak;\n\t\t\tcase 'g':\n\t\t\tcase 'G':\n\t\t\t\tSUHOSIN_G(get_perdir) = 1;\n\t\t\t\tbreak;\n\t\t\tcase 'c':\n\t\t\tcase 'C':\n\t\t\t\tSUHOSIN_G(cookie_perdir) = 1;\n\t\t\t\tbreak;\n\t\t\tcase 'p':\n\t\t\tcase 'P':\n\t\t\t\tSUHOSIN_G(post_perdir) = 1;\n\t\t\t\tbreak;\n\t\t\tcase 'r':\n\t\t\tcase 'R':\n\t\t\t\tSUHOSIN_G(request_perdir) = 1;\n\t\t\t\tbreak;\n\t\t\tcase 's':\n\t\t\tcase 'S':\n\t\t\t\tSUHOSIN_G(sql_perdir) = 1;\n\t\t\t\tbreak;\n\t\t\tcase 'u':\n\t\t\tcase 'U':\n\t\t\t\tSUHOSIN_G(upload_perdir) = 1;\n\t\t\t\tbreak;\n\t\t\tcase 'm':\n\t\t\tcase 'M':\n\t\t\t\tSUHOSIN_G(misc_perdir) = 1;\n\t\t\t\tbreak;\n\t\t}\n\t\ttmp++;\n\t}\n\treturn SUCCESS;\n}\n\n#define dohandler(handler, name, upper, lower) \\\n\tstatic ZEND_INI_MH(OnUpdate ## name ## handler) \\\n\t{ \\\n\t\tPERDIR_CHECK(upper, lower) \\\n\t\treturn OnUpdate ## handler (ZEND_INI_MH_PASSTHRU); \\\n\t} \\\n\n#define dohandlers(name, upper, lower) \\\n\tdohandler(Bool, name, upper, lower) \\\n\tdohandler(String, name, upper, lower) \\\n\tdohandler(Long, name, upper, lower) \\\n\ndohandlers(Log, LOG, log)\ndohandlers(Exec, EXEC, exec)\ndohandlers(Misc, MISC, misc)\ndohandlers(Get, GET, get)\ndohandlers(Post, POST, post)\ndohandlers(Cookie, COOKIE, cookie)\ndohandlers(Request, REQUEST, request)\ndohandlers(Upload, UPLOAD, upload)\ndohandlers(SQL, SQL, sql)\n\nstatic ZEND_INI_MH(OnUpdateSuhosin_log_syslog)\n{\n\tLOG_PERDIR_CHECK()\n\tif (!new_value) {\n\t\tSUHOSIN_G(log_syslog) = (S_ALL & ~S_SQL) | S_MEMORY;\n\t} else {\n\t\tif (is_numeric_string(new_value, strlen(new_value), NULL, NULL, 0) != IS_LONG) {\n\t\t\tSUHOSIN_G(log_syslog) = (S_ALL & ~S_SQL) | S_MEMORY;\n\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"unknown constant in suhosin.log.syslog=%s\", new_value);\n\t\t\treturn FAILURE;\n\t\t}\n\t\tSUHOSIN_G(log_syslog) = atoi(new_value) | S_MEMORY;\n\t}\n\treturn SUCCESS;\n}\nstatic ZEND_INI_MH(OnUpdateSuhosin_log_syslog_facility)\n{\n\tLOG_PERDIR_CHECK()\n\tif (!new_value) {\n\t\tSUHOSIN_G(log_syslog_facility) = LOG_USER;\n\t} else {\n\t\tSUHOSIN_G(log_syslog_facility) = atoi(new_value);\n\t}\n\treturn SUCCESS;\n}\nstatic ZEND_INI_MH(OnUpdateSuhosin_log_syslog_priority)\n{\n\tLOG_PERDIR_CHECK()\n\tif (!new_value) {\n\t\tSUHOSIN_G(log_syslog_priority) = LOG_ALERT;\n\t} else {\n\t\tSUHOSIN_G(log_syslog_priority) = atoi(new_value);\n\t}\n\treturn SUCCESS;\n}\nstatic ZEND_INI_MH(OnUpdateSuhosin_log_sapi)\n{\n\tLOG_PERDIR_CHECK()\n\tif (!new_value) {\n\t\tSUHOSIN_G(log_sapi) = (S_ALL & ~S_SQL);\n\t} else {\n\t\tif (is_numeric_string(new_value, strlen(new_value), NULL, NULL, 0) != IS_LONG) {\n\t\t\tSUHOSIN_G(log_sapi) = (S_ALL & ~S_SQL);\n\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"unknown constant in suhosin.log.sapi=%s\", new_value);\n\t\t\treturn FAILURE;\n\t\t}\n\t\tSUHOSIN_G(log_sapi) = atoi(new_value);\n\t}\n\treturn SUCCESS;\n}\nstatic ZEND_INI_MH(OnUpdateSuhosin_log_stdout)\n{\n\tLOG_PERDIR_CHECK()\n\tif (!new_value) {\n\t\tSUHOSIN_G(log_stdout) = (S_ALL & ~S_SQL);\n\t} else {\n\t\tif (is_numeric_string(new_value, strlen(new_value), NULL, NULL, 0) != IS_LONG) {\n\t\t\tSUHOSIN_G(log_stdout) = (S_ALL & ~S_SQL);\n\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"unknown constant in suhosin.log.stdout=%s\", new_value);\n\t\t\treturn FAILURE;\n\t\t}\n\t\tSUHOSIN_G(log_stdout) = atoi(new_value);\n\t}\n\treturn SUCCESS;\n}\nstatic ZEND_INI_MH(OnUpdateSuhosin_log_script)\n{\n\tLOG_PERDIR_CHECK()\n\tif (!new_value) {\n\t\tSUHOSIN_G(log_script) = S_ALL & ~S_MEMORY;\n\t} else {\n\t\tif (is_numeric_string(new_value, strlen(new_value), NULL, NULL, 0) != IS_LONG) {\n\t\t\tSUHOSIN_G(log_script) = S_ALL & ~S_MEMORY;\n\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"unknown constant in suhosin.log.script=%s\", new_value);\n\t\t\treturn FAILURE;\n\t\t}\n\t\tSUHOSIN_G(log_script) = atoi(new_value) & (~S_MEMORY) & (~S_INTERNAL);\n\t}\n\treturn SUCCESS;\n}\nstatic ZEND_INI_MH(OnUpdateSuhosin_log_scriptname)\n{\n\tLOG_PERDIR_CHECK()\n\tif (SUHOSIN_G(log_scriptname)) {\n\t\tpefree(SUHOSIN_G(log_scriptname),1);\n\t}\n\tSUHOSIN_G(log_scriptname) = NULL;\n\tif (new_value) {\n\t\tSUHOSIN_G(log_scriptname) = pestrdup(new_value,1);\n\t}\n\treturn SUCCESS;\n}\nstatic ZEND_INI_MH(OnUpdateSuhosin_log_phpscript)\n{\n\tLOG_PERDIR_CHECK()\n\tif (!new_value) {\n\t\tSUHOSIN_G(log_phpscript) = S_ALL & ~S_MEMORY;\n\t} else {\n\t\tif (is_numeric_string(new_value, strlen(new_value), NULL, NULL, 0) != IS_LONG) {\n\t\t\tSUHOSIN_G(log_phpscript) = S_ALL & ~S_MEMORY;\n\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"unknown constant in suhosin.log.phpscript=%s\", new_value);\n\t\t\treturn FAILURE;\n\t\t}\n\t\tSUHOSIN_G(log_phpscript) = atoi(new_value) & (~S_MEMORY) & (~S_INTERNAL);\n\t}\n\treturn SUCCESS;\n}\nstatic ZEND_INI_MH(OnUpdateSuhosin_log_file)\n{\n\tLOG_PERDIR_CHECK()\n\tif (!new_value) {\n\t\tSUHOSIN_G(log_file) = S_ALL & ~S_MEMORY;\n\t} else {\n\t\tif (is_numeric_string(new_value, strlen(new_value), NULL, NULL, 0) != IS_LONG) {\n\t\t\tSUHOSIN_G(log_file) = S_ALL & ~S_MEMORY;\n\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"unknown constant in suhosin.log.file=%s\", new_value);\n\t\t\treturn FAILURE;\n\t\t}\n\t\tSUHOSIN_G(log_file) = atoi(new_value) & (~S_MEMORY) & (~S_INTERNAL);\n\t}\n\treturn SUCCESS;\n}\n\nstatic void parse_list(HashTable **ht, char *list, zend_bool lc)\n{\n\tchar *s = NULL, *e, *val;\n\tunsigned long dummy = 1;\n\n\tif (list == NULL) {\nlist_destroy:\n\t\tif (*ht) {\n\t\t\tzend_hash_destroy(*ht);\n\t\t\tpefree(*ht, 1);\n\t\t}\n\t\t*ht = NULL;\n\t\treturn;\n\t}\n\twhile (*list == ' ' || *list == '\\t') list++;\n\tif (*list == 0) {\n\t\tgoto list_destroy;\n\t}\n\n\t*ht = pemalloc(sizeof(HashTable), 1);\n\tzend_hash_init(*ht, 5, NULL, NULL, 1);\n\n\tif (lc) {\n\t\tval = suhosin_str_tolower_dup(list, strlen(list));\n\t} else {\n\t\tval = estrndup(list, strlen(list));\n\t}\n\te = val;\n\n\twhile (*e) {\n\t\tswitch (*e) {\n\t\t\tcase ' ':\n\t\t\tcase ',':\n\t\t\t\tif (s) {\n\t\t\t\t\t*e = '\\0';\n\t\t\t\t\tzend_hash_add(*ht, s, e-s+1, &dummy, sizeof(unsigned long), NULL);\n\t\t\t\t\ts = NULL;\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t\tdefault:\n\t\t\t\tif (!s) {\n\t\t\t\t\ts = e;\n\t\t\t\t}\n\t\t\t\tbreak;\n\t\t}\n\t\te++;\n\t}\n\tif (s) {\n\t\tzend_hash_add(*ht, s, e-s+1, &dummy, sizeof(unsigned long), NULL);\n\t}\n\tefree(val);\n\n}\n\nstatic ZEND_INI_MH(OnUpdate_include_blacklist)\n{\n\tEXEC_PERDIR_CHECK()\n\tparse_list(&SUHOSIN_G(include_blacklist), new_value, 1);\n\treturn SUCCESS;\n}\n\nstatic ZEND_INI_MH(OnUpdate_include_whitelist)\n{\n\tEXEC_PERDIR_CHECK()\n\tparse_list(&SUHOSIN_G(include_whitelist), new_value, 1);\n\treturn SUCCESS;\n}\n\nstatic ZEND_INI_MH(OnUpdate_func_blacklist)\n{\n\tEXEC_PERDIR_CHECK()\n\tparse_list(&SUHOSIN_G(func_blacklist), new_value, 1);\n\treturn SUCCESS;\n}\n\nstatic ZEND_INI_MH(OnUpdate_func_whitelist)\n{\n\tEXEC_PERDIR_CHECK()\n\tparse_list(&SUHOSIN_G(func_whitelist), new_value, 1);\n\treturn SUCCESS;\n}\n\nstatic ZEND_INI_MH(OnUpdate_eval_blacklist)\n{\n\tEXEC_PERDIR_CHECK()\n\tparse_list(&SUHOSIN_G(eval_blacklist), new_value, 1);\n\treturn SUCCESS;\n}\n\nstatic ZEND_INI_MH(OnUpdate_eval_whitelist)\n{\n\tEXEC_PERDIR_CHECK()\n\tparse_list(&SUHOSIN_G(eval_whitelist), new_value, 1);\n\treturn SUCCESS;\n}\n\n\nstatic ZEND_INI_MH(OnUpdate_cookie_cryptlist)\n{\n\tCOOKIE_PERDIR_CHECK()\n\tparse_list(&SUHOSIN_G(cookie_cryptlist), new_value, 0);\n\treturn SUCCESS;\n}\n\nstatic ZEND_INI_MH(OnUpdate_cookie_plainlist)\n{\n\tCOOKIE_PERDIR_CHECK()\n\tparse_list(&SUHOSIN_G(cookie_plainlist), new_value, 0);\n\treturn SUCCESS;\n}\n\nstatic ZEND_INI_MH(OnUpdate_disable_display_errors) /* {{{ */\n{\n\tzend_bool *p;\n#ifndef ZTS\n\tchar *base = (char *) mh_arg2;\n#else\n\tchar *base;\n\n\tbase = (char *) ts_resource(*((int *) mh_arg2));\n#endif\n\n\tp = (zend_bool *) (base+(size_t) mh_arg1);\n\n\tif (new_value_length == 2 && strcasecmp(\"on\", new_value) == 0) {\n\t\t*p = (zend_bool) 1;\n\t}\n\telse if (new_value_length == 3 && strcasecmp(\"yes\", new_value) == 0) {\n\t\t*p = (zend_bool) 1;\n\t}\n\telse if (new_value_length == 4 && strcasecmp(\"true\", new_value) == 0) {\n\t\t*p = (zend_bool) 1;\n\t}\n\telse if (new_value_length == 4 && strcasecmp(\"fail\", new_value) == 0) {\n\t\t*p = (zend_bool) 2;\n\t}\n\telse {\n\t\t*p = (zend_bool) atoi(new_value);\n\t}\n\treturn SUCCESS;\n}\n/* }}} */\n\nstatic ZEND_INI_MH(OnUpdate_fail)\n{\n\treturn FAILURE;\n}\n\n\n\n/* {{{ proto string suhosin_encrypt_cookie(string name, string value)\n Encrypts a cookie value according to current cookie encrpytion setting */\nstatic PHP_FUNCTION(suhosin_encrypt_cookie)\n{\n\tchar *name, *value;\n\tint name_len, value_len;\n\tchar cryptkey[33];\n\n\tif (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, \"ss\", &name, &name_len, &value, &value_len) == FAILURE) {\n\t\treturn;\n\t}\n\n\tif (!SUHOSIN_G(cookie_encrypt)) {\nreturn_plain:\n\t\tRETURN_STRINGL(value, value_len, 1);\n\t}\n\n\tif (SUHOSIN_G(cookie_plainlist)) {\n\t\tif (zend_hash_exists(SUHOSIN_G(cookie_plainlist), name, name_len+1)) {\n\t\t\tgoto return_plain;\n\t\t}\n\t} else if (SUHOSIN_G(cookie_cryptlist)) {\n\t\tif (!zend_hash_exists(SUHOSIN_G(cookie_cryptlist), name, name_len+1)) {\n\t\t\tgoto return_plain;\n\t\t}\n\t}\n\n\tsuhosin_generate_key(SUHOSIN_G(cookie_cryptkey), SUHOSIN_G(cookie_cryptua), SUHOSIN_G(cookie_cryptdocroot), SUHOSIN_G(cookie_cryptraddr), (char *)&cryptkey TSRMLS_CC);\n\tvalue = suhosin_encrypt_string(value, value_len, name, name_len, (char *)&cryptkey TSRMLS_CC);\n\n\tRETVAL_STRING(value, 0);\n}\n/* }}} */\n\n/* {{{ proto mixed suhosin_get_raw_cookies()\n Returns an array containing the raw cookie values */\nstatic PHP_FUNCTION(suhosin_get_raw_cookies)\n{\n\tchar *var, *val, *res;\n\tzval *array_ptr = return_value;\n\tchar *strtok_buf = NULL;\n\tint val_len;\n\n\tarray_init(array_ptr);\n\n\tif (SUHOSIN_G(raw_cookie)) {\n\t\tres = estrdup(SUHOSIN_G(raw_cookie));\n\t} else {\n\t\treturn;\n\t}\n\n\tvar = NULL;\n\twhile (var != res) {\n\t\tvar = strrchr(res, ';');\n\t\tif (var) {\n\t\t\t*var++ = '\\0';\n\t\t} else {\n\t\t\tvar = res;\n\t\t}\n\t\tif (!*var) { continue; }\n\n\t\tval = strchr(var, '=');\n\t\tif (val) { /* have a value */\n\t\t\t*val++ = '\\0';\n\t\t\tphp_url_decode(var, strlen(var));\n\t\t\tval_len = php_url_decode(val, strlen(val));\n\t\t} else {\n\t\t\tphp_url_decode(var, strlen(var));\n\t\t\tval_len = 0;\n\t\t\tval = \"\";\n\t\t}\n\t\tphp_register_variable_safe(var, val, val_len, array_ptr TSRMLS_CC);\n\n\t}\n\n\tefree(res);\n}\n/* }}} */\n\n\n\n/* {{{ suhosin_functions[]\n */\nzend_function_entry suhosin_functions[] = {\n\tPHP_NAMED_FE(suhosin_encrypt_cookie, PHP_FN(suhosin_encrypt_cookie), NULL)\n\tPHP_NAMED_FE(suhosin_get_raw_cookies, PHP_FN(suhosin_get_raw_cookies), NULL)\n\t{NULL, NULL, NULL}\t/* Must be the last line in suhosin_functions[] */\n};\n/* }}} */\n\n/* {{{ suhosin_module_entry\n */\nzend_module_entry suhosin_module_entry = {\n#if ZEND_MODULE_API_NO >= 20010901\n\tSTANDARD_MODULE_HEADER,\n#endif\n\t\"suhosin\",\n\tsuhosin_functions,\n\tPHP_MINIT(suhosin),\n\tPHP_MSHUTDOWN(suhosin),\n\tPHP_RINIT(suhosin),\n\tPHP_RSHUTDOWN(suhosin),\n\tPHP_MINFO(suhosin),\n#if ZEND_MODULE_API_NO >= 20010901\n\tSUHOSIN_EXT_VERSION, /* Replace with version number for your extension */\n#endif\n\tSTANDARD_MODULE_PROPERTIES\n};\n/* }}} */\n\n#ifdef COMPILE_DL_SUHOSIN\nZEND_GET_MODULE(suhosin)\n#endif\n\n/* {{{ PHP_INI\n */\nstatic zend_ini_entry shared_ini_entries[] = {\n\tZEND_INI_ENTRY(\"suhosin.log.syslog\",\t\t\tNULL /* S_ALL & ~S_SQL */,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSuhosin_log_syslog)\n\tZEND_INI_ENTRY(\"suhosin.log.syslog.facility\",\t\tNULL /* LOG_USER */,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSuhosin_log_syslog_facility)\n\tZEND_INI_ENTRY(\"suhosin.log.syslog.priority\",\t\tNULL /* LOG_ALERT */,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSuhosin_log_syslog_priority)\n\tZEND_INI_ENTRY(\"suhosin.log.sapi\",\t\t\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSuhosin_log_sapi)\n\tZEND_INI_ENTRY(\"suhosin.log.stdout\",\t\t\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSuhosin_log_stdout)\n\tZEND_INI_ENTRY(\"suhosin.log.script\",\t\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSuhosin_log_script)\n\tZEND_INI_ENTRY(\"suhosin.log.script.name\",\t\t\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSuhosin_log_scriptname)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.log.use-x-forwarded-for\",\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateLogBool, log_use_x_forwarded_for,\tzend_suhosin_globals,\tsuhosin_globals)\n\tZEND_INI_ENTRY(\"suhosin.log.phpscript\",\t\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSuhosin_log_phpscript)\n\tSTD_ZEND_INI_ENTRY(\"suhosin.log.phpscript.name\",\t\t\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateLogString, log_phpscriptname, zend_suhosin_globals, suhosin_globals)\n\tZEND_INI_ENTRY(\"suhosin.log.file\",\t\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSuhosin_log_file)\n\tSTD_ZEND_INI_ENTRY(\"suhosin.log.file.name\",\t\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateLogString, log_filename, zend_suhosin_globals, suhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.log.file.time\",\t\t\t\"1\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateLogBool, log_file_time,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.log.phpscript.is_safe\",\t\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateLogBool, log_phpscript_is_safe,\tzend_suhosin_globals,\tsuhosin_globals)\nZEND_INI_END()\n\nPHP_INI_BEGIN()\n\tSTD_PHP_INI_ENTRY(\"suhosin.log.max_error_length\", \"0\", PHP_INI_SYSTEM, OnUpdateLogLong, log_max_error_length, zend_suhosin_globals, suhosin_globals)\n\tZEND_INI_ENTRY(\"suhosin.perdir\",\t\t\"0\",\t\tZEND_INI_SYSTEM,\tOnUpdateSuhosin_perdir)\n\tSTD_ZEND_INI_ENTRY(\"suhosin.executor.include.max_traversal\",\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateExecLong, executor_include_max_traversal,\tzend_suhosin_globals,\tsuhosin_globals)\n\tZEND_INI_ENTRY(\"suhosin.executor.include.whitelist\",\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdate_include_whitelist)\n\tZEND_INI_ENTRY(\"suhosin.executor.include.blacklist\",\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdate_include_blacklist)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.executor.include.allow_writable_files\",\t\"1\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateExecBool, executor_include_allow_writable_files,\tzend_suhosin_globals,\tsuhosin_globals)\n\tZEND_INI_ENTRY(\"suhosin.executor.eval.whitelist\",\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdate_eval_whitelist)\n\tZEND_INI_ENTRY(\"suhosin.executor.eval.blacklist\",\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdate_eval_blacklist)\n\tZEND_INI_ENTRY(\"suhosin.executor.func.whitelist\",\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdate_func_whitelist)\n\tZEND_INI_ENTRY(\"suhosin.executor.func.blacklist\",\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdate_func_blacklist)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.executor.disable_eval\",\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateExecBool, executor_disable_eval,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.executor.disable_emodifier\",\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateExecBool, executor_disable_emod,\tzend_suhosin_globals,\tsuhosin_globals)\n\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.executor.allow_symlink\",\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateExecBool, executor_allow_symlink,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_ENTRY(\"suhosin.executor.max_depth\",\t\t\"750\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateExecLong, max_execution_depth,\tzend_suhosin_globals,\tsuhosin_globals)\n\n\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.multiheader\",\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateMiscBool, allow_multiheader,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_ENTRY(\"suhosin.mail.protect\",\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateMiscLong, mailprotect,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_ENTRY(\"suhosin.memory_limit\",\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateMiscLong, memory_limit,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.simulation\",\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateMiscBool, simulation,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.filter.action\", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscString, filter_action, zend_suhosin_globals, suhosin_globals)\n\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.protectkey\",\t\t\"1\",\t\tZEND_INI_SYSTEM,\tOnUpdateBool, protectkey,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.coredump\",\t\t\"0\",\t\tZEND_INI_SYSTEM,\tOnUpdateBool, coredump,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.stealth\",\t\t\"1\",\t\tZEND_INI_SYSTEM,\tOnUpdateBool, stealth,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.apc_bug_workaround\",\t\t\"0\",\t\tZEND_INI_SYSTEM,\tOnUpdateBool, apc_bug_workaround,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.disable.display_errors\",\t\t\"0\",\t\tZEND_INI_SYSTEM,\tOnUpdate_disable_display_errors, disable_display_errors,\tzend_suhosin_globals,\tsuhosin_globals)\n\n\n\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.max_vars\", \"1000\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_request_variables, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.max_varname_length\", \"64\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_varname_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.max_value_length\", \"1000000\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_value_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.max_array_depth\", \"50\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_array_depth, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.max_totalname_length\", \"256\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_totalname_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.max_array_index_length\", \"64\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_array_index_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.array_index_whitelist\", \"\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateString, array_index_whitelist, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.array_index_blacklist\", \"'\\\"+<>;()\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateString, array_index_blacklist, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.disallow_nul\", \"1\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestBool, disallow_nul, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.request.disallow_ws\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestBool, disallow_ws, zend_suhosin_globals, suhosin_globals)\n\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.max_vars\", \"100\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_vars, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.max_name_length\", \"64\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_name_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.max_totalname_length\", \"256\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_totalname_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.max_value_length\", \"10000\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_value_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.max_array_depth\", \"50\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_array_depth, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.max_array_index_length\", \"64\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_array_index_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.disallow_nul\", \"1\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieBool, disallow_cookie_nul, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.disallow_ws\", \"1\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieBool, disallow_cookie_ws, zend_suhosin_globals, suhosin_globals)\n\n\tSTD_PHP_INI_ENTRY(\"suhosin.get.max_vars\", \"100\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_vars, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.get.max_name_length\", \"64\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_name_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.get.max_totalname_length\", \"256\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_totalname_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.get.max_value_length\", \"512\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_value_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.get.max_array_depth\", \"50\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_array_depth, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.get.max_array_index_length\", \"64\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_array_index_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.get.disallow_nul\", \"1\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetBool, disallow_get_nul, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.get.disallow_ws\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetBool, disallow_get_ws, zend_suhosin_globals, suhosin_globals)\n\n\tSTD_PHP_INI_ENTRY(\"suhosin.post.max_vars\", \"1000\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_vars, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.post.max_name_length\", \"64\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_name_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.post.max_totalname_length\", \"256\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_totalname_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.post.max_value_length\", \"1000000\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_value_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.post.max_array_depth\", \"50\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_array_depth, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.post.max_array_index_length\", \"64\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_array_index_length, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.post.disallow_nul\", \"1\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostBool, disallow_post_nul, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.post.disallow_ws\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostBool, disallow_post_ws, zend_suhosin_globals, suhosin_globals)\n\n\tSTD_PHP_INI_ENTRY(\"suhosin.upload.max_uploads\", \"25\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadLong, upload_limit, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.upload.max_newlines\", \"100\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadLong, upload_max_newlines, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.upload.disallow_elf\", \"1\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_disallow_elf, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.upload.disallow_binary\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_disallow_binary, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.upload.remove_binary\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_remove_binary, zend_suhosin_globals, suhosin_globals)\n\t#ifdef SUHOSIN_EXPERIMENTAL\n\tSTD_PHP_INI_BOOLEAN(\"suhosin.upload.allow_utf8\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_allow_utf8, zend_suhosin_globals, suhosin_globals)\n\t#endif\n\tSTD_PHP_INI_ENTRY(\"suhosin.upload.verification_script\", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadString, upload_verification_script, zend_suhosin_globals, suhosin_globals)\n\n\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.sql.bailout_on_error\",\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateSQLBool, sql_bailout_on_error,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.sql.user_prefix\", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLString, sql_user_prefix, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.sql.user_postfix\", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLString, sql_user_postfix, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.sql.user_match\", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLString, sql_user_match, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.sql.comment\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLLong, sql_comment, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.sql.opencomment\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLLong, sql_opencomment, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.sql.multiselect\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLLong, sql_mselect, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.sql.union\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLLong, sql_union, zend_suhosin_globals, suhosin_globals)\n\n#ifdef HAVE_PHP_SESSION\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.session.encrypt\",\t\t\"1\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateMiscBool, session_encrypt,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.session.cryptkey\", \"\", PHP_INI_ALL, OnUpdateMiscString, session_cryptkey, zend_suhosin_globals, suhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.session.cryptua\",\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateMiscBool, session_cryptua,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.session.cryptdocroot\",\t\t\"1\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateMiscBool, session_cryptdocroot,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.session.cryptraddr\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscLong, session_cryptraddr, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.session.checkraddr\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscLong, session_checkraddr, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.session.max_id_length\", \"128\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscLong, session_max_id_length, zend_suhosin_globals, suhosin_globals)\n#else /* HAVE_PHP_SESSION */\n#warning BUILDING SUHOSIN WITHOUT SESSION SUPPORT\n#endif /* HAVE_PHP_SESSION */\n\n\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.cookie.encrypt\",\t\t\"0\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateBool, cookie_encrypt,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.cryptkey\", \"\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateString, cookie_cryptkey, zend_suhosin_globals, suhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.cookie.cryptua\",\t\t\"1\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateBool, cookie_cryptua,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.cookie.cryptdocroot\",\t\t\"1\",\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdateBool, cookie_cryptdocroot,\tzend_suhosin_globals,\tsuhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.cryptraddr\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong, cookie_cryptraddr, zend_suhosin_globals, suhosin_globals)\n\tSTD_PHP_INI_ENTRY(\"suhosin.cookie.checkraddr\", \"0\", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong, cookie_checkraddr, zend_suhosin_globals, suhosin_globals)\n\tZEND_INI_ENTRY(\"suhosin.cookie.cryptlist\",\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdate_cookie_cryptlist)\n\tZEND_INI_ENTRY(\"suhosin.cookie.plainlist\",\tNULL,\t\tZEND_INI_PERDIR|ZEND_INI_SYSTEM,\tOnUpdate_cookie_plainlist)\n\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.server.encode\", \"1\", ZEND_INI_SYSTEM, OnUpdateBool, server_encode,zend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.server.strip\", \"1\", ZEND_INI_SYSTEM, OnUpdateBool, server_strip,zend_suhosin_globals,\tsuhosin_globals)\n\n\tSTD_PHP_INI_ENTRY(\"suhosin.rand.seedingkey\", \"\", ZEND_INI_SYSTEM|ZEND_INI_PERDIR, OnUpdateMiscString, seedingkey, zend_suhosin_globals, suhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.rand.reseed_every_request\", \"0\", ZEND_INI_SYSTEM|ZEND_INI_PERDIR, OnUpdateMiscBool, reseed_every_request, zend_suhosin_globals, suhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.srand.ignore\", \"1\", ZEND_INI_SYSTEM|ZEND_INI_PERDIR, OnUpdateMiscBool, srand_ignore,zend_suhosin_globals,\tsuhosin_globals)\n\tSTD_ZEND_INI_BOOLEAN(\"suhosin.mt_srand.ignore\", \"1\", ZEND_INI_SYSTEM|ZEND_INI_PERDIR, OnUpdateMiscBool, mt_srand_ignore,zend_suhosin_globals,\tsuhosin_globals)\n\nPHP_INI_END()\n/* }}} */\n\n\n/* {{{ suhosin_getenv\n */\nchar *suhosin_getenv(char *name, size_t name_len TSRMLS_DC)\n{\n\tif (sapi_module.getenv) {\n\t\tchar *value, *tmp = sapi_module.getenv(name, name_len TSRMLS_CC);\n\t\tif (tmp) {\n\t\t\tvalue = estrdup(tmp);\n\t\t} else {\n\t\t\treturn NULL;\n\t\t}\n\t\treturn value;\n\t} else {\n\t\t/* fallback to the system's getenv() function */\n\t\tchar *tmp;\n\n\t\tname = estrndup(name, name_len);\n\t\ttmp = getenv(name);\n\t\tefree(name);\n\t\tif (tmp) {\n\t\t\treturn estrdup(tmp);\n\t\t}\n\t}\n\treturn NULL;\n}\n/* }}} */\n\n\n/* {{{ suhosin_bailout\n */\nvoid suhosin_bailout(TSRMLS_D)\n{\n\tif (!SUHOSIN_G(simulation)) {\n\t\tzend_bailout();\n\t}\n}\n/* }}} */\n\n/* {{{ php_suhosin_init_globals\n */\nSTATIC void php_suhosin_init_globals(zend_suhosin_globals *suhosin_globals)\n{\n\tmemset(suhosin_globals, 0, sizeof(zend_suhosin_globals));\n}\n/* }}} */\n\n/* {{{ PHP_MINIT_FUNCTION\n */\nPHP_MINIT_FUNCTION(suhosin)\n{\n\tSDEBUG(\"(MINIT)\");\n\tZEND_INIT_MODULE_GLOBALS(suhosin, php_suhosin_init_globals, NULL);\n\n\t/* only register constants if they have not previously been registered by a possible patched PHP */\n\tif (zend_hash_exists(EG(zend_constants), \"S_MEMORY\", sizeof(\"S_MEMORY\"))==0) {\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_MEMORY\", S_MEMORY, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_VARS\", S_VARS, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_FILES\", S_FILES, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_INCLUDE\", S_INCLUDE, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_SQL\", S_SQL, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_EXECUTOR\", S_EXECUTOR, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_MAIL\", S_MAIL, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_SESSION\", S_SESSION, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_MISC\", S_MISC, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_INTERNAL\", S_INTERNAL, CONST_PERSISTENT | CONST_CS);\n\t\tREGISTER_MAIN_LONG_CONSTANT(\"S_ALL\", S_ALL, CONST_PERSISTENT | CONST_CS);\n\t}\n\n\t/* check if shared ini directives are already known (maybe a patched PHP) */\n\tif (zend_hash_exists(EG(ini_directives), \"suhosin.log.syslog\", sizeof(\"suhosin.log.syslog\"))) {\n\n\t\t/* and update them */\n\t\tzend_ini_entry *p = (zend_ini_entry *)&shared_ini_entries;\n\n\t\twhile (p->name) {\n\n\t\t\tzend_ini_entry *i;\n\n\t\t\tif (zend_hash_find(EG(ini_directives), p->name, p->name_length, (void **) &i)==FAILURE) {\n\t\t\t\t/* continue registering them */\n\t\t\t\tzend_register_ini_entries(p, module_number TSRMLS_CC);\n\t\t\t\tbreak;\n\t\t\t}\n\n\t\t\tSDEBUG(\"updating ini %s=%s\", i->name, i->value);\n\n\t\t\ti->modifiable = p->modifiable;\n\t\t\ti->module_number = module_number;\n\t\t\ti->on_modify = p->on_modify;\n\t\t\ti->mh_arg1 = p->mh_arg1;\n\t\t\ti->mh_arg2 = p->mh_arg2;\n\t\t\ti->mh_arg3 = p->mh_arg3;\n\t\t\ti->on_modify(i, i->value, i->value_length, i->mh_arg1, i->mh_arg2, i->mh_arg3, ZEND_INI_STAGE_STARTUP TSRMLS_CC);\n\t\t\tp++;\n\t\t}\n\t} else {\n\n\t\t/* not registered yet, then simply use the API */\n\t\tzend_register_ini_entries((zend_ini_entry *)&shared_ini_entries, module_number TSRMLS_CC);\n\n\t}\n\n\t/* and register the rest of the ini entries */\n\tREGISTER_INI_ENTRIES();\n\n\t/* Force display_errors=off */\n\tif (SUHOSIN_G(disable_display_errors)) {\n\t\tzend_ini_entry *i;\n\t\tif (zend_hash_find(EG(ini_directives), \"display_errors\", sizeof(\"display_errors\"), (void **) &i) == SUCCESS) {\n\t\t\tif (i->on_modify) {\n\t\t\t\ti->on_modify(i, \"0\", 1, i->mh_arg1, i->mh_arg2, i->mh_arg3, ZEND_INI_STAGE_STARTUP TSRMLS_CC);\n\t\t\t\tif (SUHOSIN_G(disable_display_errors) > 1) {\n\t\t\t\t\ti->value = \"0\";\n\t\t\t\t\ti->modified = 0;\n\t\t\t\t\ti->value_length = strlen(i->value);\n\t\t\t\t\ti->on_modify = OnUpdate_fail;\n\t\t\t\t} else {\n\t\t\t\t\ti->on_modify = NULL;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\n\t/* Load invisible to other Zend Extensions */\n\tif (zend_llist_count(&zend_extensions)==0 || SUHOSIN_G(stealth)==0) {\n\t\tzend_extension extension;\n\t\textension = suhosin_zend_extension_entry;\n\t\textension.handle = NULL;\n\t\tzend_llist_add_element(&zend_extensions, &extension);\n\t\tze = NULL;\n\t} else {\n\t\tze = (zend_extension *)zend_llist_get_last_ex(&zend_extensions, &lp);\n\t\told_startup = ze->startup;\n\t\tze->startup = suhosin_startup_wrapper;\n\t}\n\n\t/* now hook a bunch of stuff */\n\tsuhosin_hook_memory_limit(TSRMLS_C);\n\tsuhosin_hook_sha256(TSRMLS_C);\n\tsuhosin_hook_ex_imp(TSRMLS_C);\n#if defined(__OpenBSD__) && defined(SUHOSIN_EXPERIMENTAL)\n\tsuhosin_hook_pledge(TSRMLS_C);\n#endif\n\n#if PHP_VERSION_ID < 50500\n\t/* register the logo for phpinfo */\n\tphp_register_info_logo(SUHOSIN_LOGO_GUID, \"image/jpeg\", suhosin_logo, sizeof(suhosin_logo));\n#endif\n\n#if PHP_VERSION_ID < 50400\n#error Suhosin Extension is not designed to run with PHP versions lower than 5.4.\n#endif\n\n#if !defined(HAVE_PHP_SESSION) && !defined(SUHOSIN_NO_SESSION_WARNING)\n\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"Suhosin was compiled without session support, which is probably not what you want. All session related features will not be available, e.g. session encryption. If session support is really not needed, recompile Suhosin with -DSUHOSIN_NO_SESSION_WARNING=1 to suppress this warning.\");\n#endif\n\n\treturn SUCCESS;\n}\n/* }}} */\n\n/* {{{ PHP_MSHUTDOWN_FUNCTION\n */\nPHP_MSHUTDOWN_FUNCTION(suhosin)\n{\n\tSDEBUG(\"(MSHUTDOWN)\");\n\tUNREGISTER_INI_ENTRIES();\n\treturn SUCCESS;\n}\n/* }}} */\n\n\n/* {{{ PHP_RINIT_FUNCTION\n */\nPHP_RINIT_FUNCTION(suhosin)\n{\n\tSDEBUG(\"(RINIT)\");\n\tSUHOSIN_G(in_code_type) = SUHOSIN_NORMAL;\n\tSUHOSIN_G(execution_depth) = 0;\n\n\treturn SUCCESS;\n}\n/* }}} */\n\n\n/* {{{ PHP_RSHUTDOWN_FUNCTION\n */\nPHP_RSHUTDOWN_FUNCTION(suhosin)\n{\n\tSDEBUG(\"(RSHUTDOWN)\");\n\n\t/* We need to clear the input filtering\n\t variables in the request shutdown\n\t because input filtering is done before\n\t RINIT */\n\n\tSUHOSIN_G(cur_request_variables) = 0;\n\tSUHOSIN_G(cur_cookie_vars) = 0;\n\tSUHOSIN_G(cur_get_vars) = 0;\n\tSUHOSIN_G(cur_post_vars) = 0;\n\tSUHOSIN_G(att_request_variables) = 0;\n\tSUHOSIN_G(att_cookie_vars) = 0;\n\tSUHOSIN_G(att_get_vars) = 0;\n\tSUHOSIN_G(att_post_vars) = 0;\n\tSUHOSIN_G(num_uploads) = 0;\n\n\tSUHOSIN_G(no_more_variables) = 0;\n\tSUHOSIN_G(no_more_get_variables) = 0;\n\tSUHOSIN_G(no_more_post_variables) = 0;\n\tSUHOSIN_G(no_more_cookie_variables) = 0;\n\tSUHOSIN_G(no_more_uploads) = 0;\n\n\tSUHOSIN_G(abort_request) = 0;\n\n\tif (SUHOSIN_G(reseed_every_request)) {\n\t\tSUHOSIN_G(r_is_seeded) = 0;\n\t\tSUHOSIN_G(mt_is_seeded) = 0;\n\t}\n\n\tif (SUHOSIN_G(decrypted_cookie)) {\n\t\tefree(SUHOSIN_G(decrypted_cookie));\n\t\tSUHOSIN_G(decrypted_cookie)=NULL;\n\t}\n\tif (SUHOSIN_G(raw_cookie)) {\n\t\tefree(SUHOSIN_G(raw_cookie));\n\t\tSUHOSIN_G(raw_cookie)=NULL;\n\t}\n\n\treturn SUCCESS;\n}\n/* }}} */\n\n/* {{{ suhosin_ini_displayer(zend_ini_entry *ini_entry, int type)\n */\nstatic void suhosin_ini_displayer(zend_ini_entry *ini_entry, int type)\n{\n\tTSRMLS_FETCH();\n\n\tPHPWRITE(\"[ protected ]\", strlen(\"[ protected ]\"));\n}\n/* }}} */\n\n/* {{{ PHP_MINFO_FUNCTION\n */\nPHP_MINFO_FUNCTION(suhosin)\n{\n\tphp_info_print_box_start(0);\n\tif (!sapi_module.phpinfo_as_text) {\n\t\tdo {\n\t\t\tchar *enc_logo;\n\t\t\tint ret;\n\n\t\t\tPUTS(\"![\\\"Suhosin](\\\"data:image/jpeg;base64,\");\n\t\t\tenc_logo=(char)
\\n\");\n\t\t} while(0);\n\t}\n\tPUTS(\"This server is protected with the Suhosin Extension \" SUHOSIN_EXT_VERSION);\n\tPUTS(!sapi_module.phpinfo_as_text?\"
\":\"\\n\\n\");\n\tif (sapi_module.phpinfo_as_text) {\n\t\tPUTS(\"Copyright (c) 2006-2007 Hardened-PHP Project\\n\");\n\t\tPUTS(\"Copyright (c) 2007-2015 SektionEins GmbH\\n\");\n\t} else {\n\t\tPUTS(\"Copyright (c) 2006-2007 Hardened-PHP Project
\\n\");\n\t\tPUTS(\"Copyright (c) 2007-2015 SektionEins GmbH\\n\");\n\t}\n\tphp_info_print_box_end();\n\n\tif (SUHOSIN_G(protectkey)) {\n\t\tzend_ini_entry *i;\n\n\t\tif (zend_hash_find(EG(ini_directives), \"suhosin.cookie.cryptkey\", sizeof(\"suhosin.cookie.cryptkey\"), (void **) &i)==SUCCESS) {\n\t\t\ti->displayer = suhosin_ini_displayer;\n\t\t}\n\t\tif (zend_hash_find(EG(ini_directives), \"suhosin.session.cryptkey\", sizeof(\"suhosin.session.cryptkey\"), (void **) &i)==SUCCESS) {\n\t\t\ti->displayer = suhosin_ini_displayer;\n\t\t}\n\t\tif (zend_hash_find(EG(ini_directives), \"suhosin.rand.seedingkey\", sizeof(\"suhosin.rand.seedingkey\"), (void **) &i)==SUCCESS) {\n\t\t\ti->displayer = suhosin_ini_displayer;\n\t\t}\n\t}\n\n\tDISPLAY_INI_ENTRIES();\n\n\tif (SUHOSIN_G(protectkey)) {\n\t\tzend_ini_entry *i;\n\n\t\tif (zend_hash_find(EG(ini_directives), \"suhosin.cookie.cryptkey\", sizeof(\"suhosin.cookie.cryptkey\"), (void **) &i)==SUCCESS) {\n\t\t\ti->displayer = NULL;\n\t\t}\n\t\tif (zend_hash_find(EG(ini_directives), \"suhosin.session.cryptkey\", sizeof(\"suhosin.session.cryptkey\"), (void **) &i)==SUCCESS) {\n\t\t\ti->displayer = NULL;\n\t\t}\n\t\tif (zend_hash_find(EG(ini_directives), \"suhosin.rand.seedingkey\", sizeof(\"suhosin.rand.seedingkey\"), (void **) &i)==SUCCESS) {\n\t\t\ti->displayer = NULL;\n\t\t}\n\t}\n\n}\n/* }}} */\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n"
},
{
"path": "suhosin.ini",
"content": ";extension=suhosin.so\n[suhosin]\n; \n; =====================\n; Logging Configuration\n; =====================\n; \n; suhosin.log.syslog\n; ------------------\n; \n; * Type: Integer\n; * Default: S_ALL & ~S_SQL\n; \n; Defines what classes of security alerts are logged to the syslog daemon.\n; Logging of errors of the class S_MEMORY are always logged to syslog, no matter\n; what this configuration says, because a corrupted heap could mean that the\n; other logging options will malfunction during the logging process.\n; \n; +------------+-----------+----------------------------------------------------+\n; | Constant | Value | Description |\n; +============+===========+====================================================+\n; | S_MEMORY | 1 | All canary violations and the safe unlink |\n; | | | protection use this class |\n; +------------+-----------+----------------------------------------------------+\n; | S_MISC | 2 | All log messages (f.e. format string protection) |\n; | | | that do not fit in other classes use this class |\n; +------------+-----------+----------------------------------------------------+\n; | S_VARS | 4 | All variable filters trigger this class |\n; +------------+-----------+----------------------------------------------------+\n; | S_FILES | 8 | All violations triggered by the uploaded files |\n; | | | filter use this class |\n; +------------+-----------+----------------------------------------------------+\n; | S_INCLUDE | 16 | The protection against malicious include filenames |\n; | | | use this class |\n; +------------+-----------+----------------------------------------------------+\n; | S_SQL | 32 | Failed SQL queries are logged with this class |\n; | | | (not yet supported in Suhosin BETA) |\n; +------------+-----------+----------------------------------------------------+\n; | S_EXECUTOR | 64 | The execution depth protection uses this logging |\n; | | | class |\n; +------------+-----------+----------------------------------------------------+\n; | S_MAIL | 128 | The mail() header newline protection uses this |\n; | | | logging class |\n; +------------+-----------+----------------------------------------------------+\n; | S_SESSION | 256 | The transparent session protection uses this |\n; | | | logging class |\n; +------------+-----------+----------------------------------------------------+\n; | S_ALL | 511 | Combines all classes |\n; +------------+-----------+----------------------------------------------------+\n; \n; Using constant names is only supported with the Suhosin-Patch. If in doubt, use\n; the numeric value, e.g. `suhosin.log.syslog=511`.\n;\n;suhosin.log.syslog = S_ALL & ~S_SQL\n;\n; \n; suhosin.log.syslog.facility\n; ---------------------------\n; \n; * Type: Integer\n; * Default: LOG_USER\n; \n; Defines the syslog facility that is used when ALERTs are logged to syslog.\n; Depending on your system type (syslogd) the following facilities are available.\n; Please check your system's include header if the values are the same for your\n; syslogd.\n; \n; +--------------+-------+\n; | Constant | Value |\n; +==============+=======+\n; | LOG_KERN | 8 |\n; +--------------+-------+\n; | LOG_USER | 9 |\n; +--------------+-------+\n; | LOG_MAIL | 10 |\n; +--------------+-------+\n; | LOG_DAEMON | 11 |\n; +--------------+-------+\n; | LOG_AUTH | 12 |\n; +--------------+-------+\n; | LOG_SYSLOG | 13 |\n; +--------------+-------+\n; | LOG_LPR | 14 |\n; +--------------+-------+\n; | LOG_NEWS | 15 |\n; +--------------+-------+\n; | LOG_UUCP | 16 |\n; +--------------+-------+\n; | LOG_CRON | 17 |\n; +--------------+-------+\n; | LOG_AUTHPRIV | 18 |\n; +--------------+-------+\n; | LOG_LOCAL0 | 24 |\n; +--------------+-------+\n; | LOG_LOCAL1 | 25 |\n; +--------------+-------+\n; | LOG_LOCAL2 | 26 |\n; +--------------+-------+\n; | LOG_LOCAL3 | 27 |\n; +--------------+-------+\n; | LOG_LOCAL4 | 28 |\n; +--------------+-------+\n; | LOG_LOCAL5 | 29 |\n; +--------------+-------+\n; | LOG_LOCAL6 | 30 |\n; +--------------+-------+\n; | LOG_LOCAL7 | 31 |\n; +--------------+-------+\n;\n;suhosin.log.syslog.facility = LOG_USER\n;\n; \n; suhosin.log.syslog.priority\n; ---------------------------\n; \n; * Type: Integer\n; * Default: LOG_ALERT\n; \n; Defines the syslog priority that is used when ALERTs are logged to syslog.\n; Depending on your system type (syslogd) the following priorities are available.\n; Please check your system's include header if the values are the same for your\n; syslogd.\n; \n; +------------+-------+\n; |Constant | Value |\n; +============+=======+\n; |LOG_EMERG | 0 |\n; +------------+-------+\n; |LOG_ALERT | 1 |\n; +------------+-------+\n; |LOG_CRIT | 2 |\n; +------------+-------+\n; |LOG_WARNING | 3 |\n; +------------+-------+\n; |LOG_NOTICE | 4 |\n; +------------+-------+\n; |LOG_INFO | 5 |\n; +------------+-------+\n; |LOG_DEBUG | 6 |\n; +------------+-------+\n; |LOG_ERR | 7 |\n; +------------+-------+\n;\n;suhosin.log.syslog.priority = LOG_ALERT\n;\n; \n; suhosin.log.sapi\n; ----------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Defines what classes of security alerts are logged through the SAPI error log.\n; For a list of available classes see table 1.\n; \n; Using constant names is only supported with the Suhosin-Patch. If in doubt, use\n; the numeric value.\n;\n;suhosin.log.sapi = 0\n;\n; \n; suhosin.log.stdout\n; ------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Defines what classes of security alerts are logged through STDOUT. For a list\n; of available classes see table 1.\n; \n; Using constant names is only supported with the Suhosin-Patch. If in doubt, use\n; the numeric value.\n; \n; **IMPORTANT NOTE**: This option is meant for debugging purposes and unittests\n; only and should not be used in production.\n;\n;suhosin.log.stdout = 0\n;\n; \n; suhosin.log.file\n; ----------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Defines what classes of security alerts are logged to a separate Suhosin log\n; file set by suhosin.log.file.name.\n; \n; Using constant names is only supported with the Suhosin-Patch. If in doubt, use\n; the numeric value.\n;\n;suhosin.log.file = 0\n;\n; \n; suhosin.log.file.name\n; ---------------------\n; \n; * Type: String\n; * Default: \n; \n; Defines the full path to a dedicated Suhosin log file.\n;\n;suhosin.log.file.name = \n;\n; \n; suhosin.log.file.time\n; ---------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Specifies if suhosin.log.file contains timestamp for each log entry.\n; \n; **IMPORTANT NOTE**: This option is meant for debugging purposes and unittests\n; only and should not be used in production.\n;\n;suhosin.log.file.time = On\n;\n; \n; suhosin.log.script\n; ------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Defines what classes of security alerts are logged through the external logging\n; script. For a list of available classes see table 1. An exception is the\n; S_MEMORY class. It cannot be logged by a script, because S_MEMORY is triggered\n; by buffer overflows etc... which means the process is in an unstable state.\n; \n; Using constant names is only supported with the Suhosin-Patch. If in doubt, use\n; the numeric value.\n;\n;suhosin.log.script = 0\n;\n; \n; suhosin.log.script.name\n; -----------------------\n; \n; * Type: String\n; * Default: \n; \n; Defines the full path to an external logging script. The script is called with\n; 2 parameters. The first one is the alert class in string notation and the\n; second parameter is the log message. This can be used for example to mail\n; failing MySQL queries to your email address, because on a production system\n; these things should never happen (S_SQL not yet supported by Suhosin).\n;\n;suhosin.log.script.name = \n;\n; \n; suhosin.log.phpscript\n; ---------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Defines what classes of security alerts are logged through the defined PHP\n; script. For a list of available classes see table 1. Please notice, that only\n; those classes are allowed, that can be triggered during script execution. An\n; exception is the S_MEMORY class. It cannot be logged by a PHP script, because\n; S_MEMORY is triggered by buffer overflows etc... which means the process is in\n; an unstable state.\n; \n; Using constant names is only supported with the Suhosin-Patch. If in doubt, use\n; the numeric value.\n;\n;suhosin.log.phpscript = 0\n;\n; \n; suhosin.log.phpscript.name\n; --------------------------\n; \n; * Type: String\n; * Default: \n; \n; Defines the full path to a PHP logging script. The script is called with 2\n; variables registered in the current scope: SUHOSIN_ERRORCLASS and\n; SUHOSIN_ERROR. The first one is the alert class and the second variable is the\n; log message. This can be used for example to mail attempted remote URL include\n; attacks to your email address.\n;\n;suhosin.log.phpscript.name = \n;\n; \n; suhosin.log.phpscript.is_safe\n; -----------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; Disables open_basedir (and safe_mode for older PHP versions < 5.4) when\n; executing suhosin.log.phpscript.name.\n;\n;suhosin.log.phpscript.is_safe = Off\n;\n; \n; suhosin.log.use-x-forwarded-for\n; -------------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; When the Suhosin logs an error the log message also contains the IP of the\n; attacker. Usually this IP is retrieved from the REMOTE_ADDR SAPI environment\n; variable. With this switch it is possible to change this behavior to read the\n; IP from the X-Forwarded-For HTTP header. This is for example necessary when\n; your PHP server runs behind a reverse proxy.\n;\n;suhosin.log.use-x-forwarded-for = Off\n;\n; \n; ================\n; Executor Options\n; ================\n; \n; suhosin.executor.max_depth\n; --------------------------\n; \n; * Type: Integer\n; * Default: 750\n; \n; Defines the maximum stack depth allowed by the executor before it stops the\n; script. Without this function an endless recursion in a PHP script could crash\n; the PHP executor or trigger the configured memory_limit. A value of '0'\n; disables this feature.\n; \n; (Before 0.9.37, the default value was 0.)\n;\n;suhosin.executor.max_depth = 750\n;\n; \n; suhosin.executor.include.max_traversal\n; --------------------------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Defines how many '../' an include filename needs to contain to be considered an\n; attack and stopped. A value of '2' will block '../../etc/passwd', while a value\n; of '3' will allow it. Most PHP applications should work flawlessly with values\n; '4' or '5'. A value of '0' disables this feature.\n;\n;suhosin.executor.include.max_traversal = 0\n;\n; \n; suhosin.executor.include.whitelist\n; ----------------------------------\n; \n; * Type: String\n; * Default: \n; \n; Comma separated whitelist of URL schemes that are allowed to be included from\n; include or require statements. Additionally to URL schemes it is possible to\n; specify the beginning of allowed URLs. (f.e.: php://stdin) If no whitelist is\n; specified, then the blacklist is evaluated.\n; \n; Notes:\n; \n; * This setting deactivates suhosin.executor.include.blacklist.\n; * If both suhosin.executor.include.whitelist and\n; suhosin.executor.include.blacklist are unset or empty, all URLs will be\n; blocked. This is the default.\n;\n;suhosin.executor.include.whitelist = \n;\n; \n; suhosin.executor.include.blacklist\n; ----------------------------------\n; \n; * Type: String\n; * Default: \n; \n; Comma separated blacklist of URL schemes that are not allowed to be included\n; from include or require statements. Additionally to URL schemes it is possible\n; to specify the beginning of allowed URLs. (f.e.: php://stdin) If no blacklist\n; and no whitelist is specified all URL schemes are forbidden.\n;\n;suhosin.executor.include.blacklist = \n;\n; \n; suhosin.executor.include.allow_writable_files\n; ---------------------------------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Turn this flag off to prevent PHP from executing writable PHP files. This can\n; prevent attackers from executing code that was uploaded before.\n; \n; Note: Some software such as web-installers or web-based plugin installers won't\n; work out of the box with this flag turned off.\n;\n;suhosin.executor.include.allow_writable_files = On\n;\n; \n; suhosin.executor.func.whitelist\n; -------------------------------\n; \n; * Type: String\n; * Default: \n; \n; Comma separated whitelist of functions that are allowed to be called. If the\n; whitelist is empty the blacklist is evaluated, otherwise calling a function not\n; in the whitelist will terminate the script and get logged.\n; \n; Note: This setting deactivates suhosin.executor.func.blacklist.\n;\n;suhosin.executor.func.whitelist = \n;\n; \n; suhosin.executor.func.blacklist\n; -------------------------------\n; \n; * Type: String\n; * Default: \n; \n; Comma separated blacklist of functions that are not allowed to be called. If no\n; whitelist is given, calling a function within the blacklist will terminate the\n; script and get logged.\n;\n;suhosin.executor.func.blacklist = \n;\n; \n; suhosin.executor.eval.whitelist\n; -------------------------------\n; \n; * Type: String\n; * Default: \n; \n; Comma separated whitelist of functions that are allowed to be called from\n; within eval(). If the whitelist is empty the blacklist is evaluated, otherwise\n; calling a function not in the whitelist will terminate the script and get\n; logged. Please read the instructions carefully.\n; \n; Note: This setting deactivates suhosin.executor.eval.blacklist.\n;\n;suhosin.executor.eval.whitelist = \n;\n; \n; suhosin.executor.eval.blacklist\n; -------------------------------\n; \n; * Type: String\n; * Default: \n; \n; Comma separated blacklist of functions that are not allowed to be called from\n; within eval(). If no whitelist is given, calling a function within the\n; blacklist will terminate the script and get logged. Please read the\n; instructions carefully.\n;\n;suhosin.executor.eval.blacklist = \n;\n; \n; suhosin.executor.disable_eval\n; -----------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; eval() is a very dangerous statement and therefore you might want to disable it\n; completely. Deactivating it will however break lots of scripts. Because every\n; violation is logged, this allows finding all places where eval() is used.\n;\n;suhosin.executor.disable_eval = Off\n;\n; \n; suhosin.executor.disable_emodifier\n; ----------------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; The /e modifier inside preg_replace() allows code execution. Often it is the\n; cause for remote code execution exploits. It is wise to deactivate this feature\n; and test where in the application it is used. The developer using the /e\n; modifier should be made aware that he should use preg_replace_callback()\n; instead.\n;\n;suhosin.executor.disable_emodifier = Off\n;\n; \n; suhosin.executor.allow_symlink\n; ------------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; This flag reactivates symlink() when open_basedir is used, which is disabled by\n; default in Suhosin >= 0.9.6. Allowing symlink() while open_basedir is used is\n; actually a security risk.\n;\n;suhosin.executor.allow_symlink = Off\n;\n; \n; ============\n; Misc Options\n; ============\n; \n; suhosin.simulation\n; ------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; If you fear that Suhosin breaks your application, you can activate Suhosin's\n; simulation mode with this flag. When Suhosin runs in simulation mode,\n; violations are logged as usual, but nothing is blocked or removed from the\n; request. (Transparent Encryptions are NOT deactivated in simulation mode.)\n;\n;suhosin.simulation = Off\n;\n; \n; suhosin.perdir\n; --------------\n; \n; * Type: String\n; * Default: \"0\"\n; \n; Allow certain categories of config directives to be changed by .htaccess for\n; each directory individually. Possible values are \"l\" (log), \"e\" (exec), \"g\"\n; (get), \"c\" (cookie), \"p\" (post), \"r\" (request), \"s\" (sql), \"u\" (upload), \"m\"\n; (misc) or any combination, e.g. \"legcprsum\" to allow everything. Both \"0\" and\n; no value disable this feature.\n;\n;suhosin.perdir = \"0\"\n;\n; \n; suhosin.protectkey\n; ------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Prevent Suhosin's secret key material (suhosin.cookie.cryptkey,\n; suhosin.session.cryptkey, suhosin.rand.seedingkey) from being exposed by\n; phpinfo().\n;\n;suhosin.protectkey = On\n;\n; \n; suhosin.coredump\n; ----------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; Controls if suhosin coredumps when the optional suhosin patch detects a buffer\n; overflow, memory corruption or double free. This is only for debugging purposes\n; and should not be activated.\n;\n;suhosin.coredump = Off\n;\n; \n; suhosin.stealth\n; ---------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Controls if suhosin loads in stealth mode when it is not the only\n; zend_extension (Required for full compatibility with certain encoders that\n; consider open source untrusted. e.g. ionCube, Zend)\n;\n;suhosin.stealth = On\n;\n; \n; suhosin.apc_bug_workaround\n; --------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; APC 3.0.12(p1/p2) uses reserved resources without requesting a resource slot\n; first. It always uses resource slot 0. If Suhosin got this slot assigned APC\n; will overwrite the information Suhosin stores in this slot. When this flag is\n; set Suhosin will request 2 Slots and use the second one. This allows working\n; correctly with these buggy APC versions.\n;\n;suhosin.apc_bug_workaround = Off\n;\n; \n; suhosin.disable.display_errors\n; ------------------------------\n; \n; * Type: String\n; * Default: 0\n; \n; Prevent PHP from setting display_errors programmatically. \"0\" means off. Any\n; one of \"1\", \"on\", \"yes\", \"true\" means on. \"fail\" or \"2\" (or greater values)\n; will let PHP know that the value change failed.\n;\n;suhosin.disable.display_errors = 0\n;\n; \n; suhosin.multiheader\n; -------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; This directive controls if multiple headers are allowed or not in a header()\n; call. By default the Suhosin forbids this. (HTTP headers spanning multiple\n; lines are still allowed).\n;\n;suhosin.multiheader = Off\n;\n; \n; suhosin.mail.protect\n; --------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; This directive controls if the mail() header protection is activated or not and\n; to what degree it is activated. The appended table lists the possible\n; activation levels.\n; \n; +-------+--------------------------------------------------------------------+\n; | Value | Description |\n; +=======+====================================================================+\n; | 0 | mail() header protection is disabled |\n; +-------+--------------------------------------------------------------------+\n; | 1 | Disallows newlines in Subject:, To: headers and double newlines in |\n; | | additional headers |\n; +-------+--------------------------------------------------------------------+\n; | 2 | Additionally disallows To:, CC:, BCC: in additional headers |\n; +-------+--------------------------------------------------------------------+\n; \n; Logging of this class of alerts is controlled by the new S_MAIL constant.\n;\n;suhosin.mail.protect = 0\n;\n; \n; suhosin.memory_limit\n; --------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; As long scripts are not running within safe_mode they are free to change the\n; memory_limit to whatever value they want. Suhosin changes this fact and\n; disallows setting the memory_limit to a value greater than the one the script\n; started with, when this option is left at 0. A value greater than 0 means that\n; Suhosin will disallow scripts setting the memory_limit to a value above this\n; configured hard limit. This is for example useful if you want to run the script\n; normally with a limit of 16M but image processing scripts may raise it to 20M.\n;\n;suhosin.memory_limit = 0\n;\n; \n; ========================\n; SQL Injection Protection\n; ========================\n; This class of features is experimental and still in development. As of Suhosin\n; version 0.9.36 only preliminary MySQL and Mysqli support was added.\n; \n; suhosin.sql.bailout_on_error\n; ----------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; (Planned feature. This is not yet supported.) When an SQL Query fails scripts\n; often spit out a bunch of useful information for possible attackers. When this\n; configuration directive is turned on, the script will silently terminate, after\n; the problem has been logged.\n;\n;suhosin.sql.bailout_on_error = Off\n;\n; \n; suhosin.sql.user_match\n; ----------------------\n; \n; * Type: String\n; * Default: \n; \n; (introduced in 0.9.37) The SQL username must match this wildcard pattern or the\n; connect function will fail and return FALSE. Example: `suhosin.sql.user_match =\n; public_*`\n;\n;suhosin.sql.user_match = \n;\n; \n; suhosin.sql.user_prefix\n; -----------------------\n; \n; * Type: String\n; * Default: \n; \n; This is an experimental feature for shared environments. With this\n; configuration option it is possible to specify a prefix that is automatically\n; prepended to the database username, whenever a database connection is made.\n; (Unless the username starts with the prefix)\n; \n; With this feature it is possible for shared hosters to disallow customers to\n; connect with the usernames of other customers. This feature is experimental,\n; because support for PDO and PostgreSQL are not yet implemented.\n;\n;suhosin.sql.user_prefix = \n;\n; \n; suhosin.sql.user_postfix\n; ------------------------\n; \n; * Type: String\n; * Default: \n; \n; This is an experimental feature for shared environments. With this\n; configuration option it is possible to specify a postfix that is automatically\n; appended to the database username, whenever a database connection is made.\n; (Unless the username end with the postfix)\n; \n; With this feature it is possible for shared hosters to disallow customers to\n; connect with the usernames of other customers. This feature is experimental,\n; because support for PDO and PostgreSQL are not yet implemented.\n;\n;suhosin.sql.user_postfix = \n;\n; \n; suhosin.sql.comment\n; -------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; This is an experimental feature. Alert if an SQL query contains one or more\n; comments starting with --, /* or #. A value of 1 logs the alert; 2 or greater\n; let the call fail.\n; \n; Note: Mysql conditional statements starting with ``/*!`` are exempt if used\n; with Mysqli.\n;\n;suhosin.sql.comment = 0\n;\n; \n; suhosin.sql.opencomment\n; -----------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; This is an experimental feature.\n; Alert if a MySQL comment was started but not closed: ``/*`` without ``*/``. A\n; value of 1 logs the alert; 2 or greater let the call fail.\n;\n;suhosin.sql.opencomment = 0\n;\n; \n; suhosin.sql.multiselect\n; -----------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; This is an experimental feature.\n; Alert if an SQL query contains more than one SELECT statement. A value of 1\n; logs the alert; 2 or greater let the call fail.\n; \n; Note: This flag will recognise multiple statements as well as subselects, e.g.\n; \"SELECT 1; SELECT 2\" and \"SELECT * FROM (SELECT 1)\".\n;\n;suhosin.sql.multiselect = 0\n;\n; \n; suhosin.sql.union\n; -----------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; This is an experimental feature.\n; Alert if an SQL query contains one or more UNIONs.\n; A value of 1 logs the alert; 2 or greater let the call fail.\n;\n;suhosin.sql.union = 0\n;\n; \n; ==============================\n; Transparent Encryption Options\n; ==============================\n; \n; suhosin.session.encrypt\n; -----------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Flag that decides if the transparent session encryption is activated or not.\n;\n;suhosin.session.encrypt = On\n;\n; \n; suhosin.session.cryptkey\n; ------------------------\n; \n; * Type: String\n; * Default: \n; \n; Session data can be encrypted transparently. The encryption key used consists\n; of this user defined string (which can be altered by a script via ini_set())\n; and optionally the User-Agent, the Document-Root and 0-4 octects of the\n; REMOTE_ADDR.\n;\n;suhosin.session.cryptkey = \n;\n; \n; suhosin.session.cryptua\n; -----------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; Flag that decides if the transparent session encryption key depends on the\n; User-Agent field. (When activated this feature transparently adds a little bit\n; protection against session fixation/hijacking attacks)\n;\n;suhosin.session.cryptua = Off\n;\n; \n; suhosin.session.cryptdocroot\n; ----------------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Flag that decides if the transparent session encryption key depends on the\n; Documentroot field.\n;\n;suhosin.session.cryptdocroot = On\n;\n; \n; suhosin.session.cryptraddr\n; --------------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Number of octets (0-4) from the REMOTE_ADDR that the transparent session\n; encryption key depends on. Keep in mind that this should not be used on sites\n; that have visitors from big ISPs, because their IP address often changes during\n; a session. But this feature might be interesting for admin interfaces or\n; intranets. When used wisely this is a transparent protection against session\n; hijacking/fixation. This feature supports IPv4 only.\n;\n;suhosin.session.cryptraddr = 0\n;\n; \n; suhosin.session.checkraddr\n; --------------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the\n; session. The difference to suhosin.session.cryptaddr is, that the IP is not\n; part of the encryption key, so that the same session can be used for different\n; areas with different protection levels on the site. This feature supports IPv4\n; only.\n;\n;suhosin.session.checkraddr = 0\n;\n; \n; suhosin.cookie.encrypt\n; ----------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; Flag that decides if the transparent cookie encryption is activated or not.\n;\n;suhosin.cookie.encrypt = Off\n;\n; \n; suhosin.cookie.cryptkey\n; -----------------------\n; \n; * Type: String\n; * Default: \n; \n; Cookies can be encrypted transparently. The encryption key used consists of\n; this user defined string and optionally the User-Agent, the Document-Root and\n; 0-4 octects of the REMOTE_ADDR.\n;\n;suhosin.cookie.cryptkey = \n;\n; \n; suhosin.cookie.cryptua\n; ----------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Flag that decides if the transparent session encryption key depends on the\n; User-Agent field. (When activated this feature transparently adds a little bit\n; protection against session fixation/hijacking attacks (if only session cookies\n; are allowed))\n;\n;suhosin.cookie.cryptua = On\n;\n; \n; suhosin.cookie.cryptdocroot\n; ---------------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Flag that decides if the transparent cookie encryption key depends on the\n; Documentroot field.\n;\n;suhosin.cookie.cryptdocroot = On\n;\n; \n; suhosin.cookie.cryptraddr\n; -------------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Number of octets (0-4) from the REMOTE_ADDR that the transparent cookie\n; encryption key depends on. Keep in mind that this should not be used on sites\n; that have visitors from big ISPs, because their IP address often changes during\n; a session. But this feature might be interesting for admin interfaces or\n; intranets. When used wisely this is a transparent protection against session\n; hijacking/fixation. This feature supports IPv4 only.\n;\n;suhosin.cookie.cryptraddr = 0\n;\n; \n; suhosin.cookie.checkraddr\n; -------------------------\n; \n; * Type: Integer\n; * Default: 0\n; \n; Number of octets (0-4) from the REMOTE_ADDR that have to match to decrypt the\n; cookie. The difference to suhosin.cookie.cryptaddr is, that the IP is not part\n; of the encryption key, so that the same cookie can be used for different areas\n; with different protection levels on the site. This feature supports IPv4 only.\n;\n;suhosin.cookie.checkraddr = 0\n;\n; \n; suhosin.cookie.cryptlist\n; ------------------------\n; \n; * Type: String\n; * Default: \n; \n; In case not all cookies are supposed to get encrypted this is a comma separated\n; list of cookie names that should get encrypted. All other cookies will not get\n; touched.\n; \n; Note: Cookies handled on client side with JavaScript as well as on server side\n; should not be encrypted, e.g. listed in suhosin.cookie.plainlist or omitted in\n; suhosin.cookie.cryptlist.\n;\n;suhosin.cookie.cryptlist = \n;\n; \n; suhosin.cookie.plainlist\n; ------------------------\n; \n; * Type: String\n; * Default: \n; \n; In case some cookies should not be encrypted this is a comma separated list of\n; cookies that do not get encrypted. All other cookies will be encrypted.\n; \n; Note: This setting deactivates suhosin.cookie.cryptlist.\n;\n;suhosin.cookie.plainlist = \n;\n; \n; =================\n; Filtering Options\n; =================\n; \n; suhosin.filter.action\n; ---------------------\n; \n; * Type: Mixed\n; * Default: \n; \n; Defines the reaction of Suhosin on a filter violation. Following possible\n; actions are supported\n; \n; +-------------------------------+--------------------------------------------+\n; | Type | Description |\n; +===============================+============================================+\n; | | Normal action is simply blocking the |\n; | | variable from being registered |\n; +-------------------------------+--------------------------------------------+\n; | 402 | Do not execute the script and return a |\n; | | HTTP 402 response code |\n; +-------------------------------+--------------------------------------------+\n; | [302,]http://www.example.com | Redirect to http://www.example.com instead |\n; | | of executing. Optionally set a specific |\n; | | HTTP response code |\n; +-------------------------------+--------------------------------------------+\n; | [402,]/var/scripts/badguy.php | Execute a specific PHP script instead of |\n; | | the requested script. Optionally set a |\n; | | specific HTTP response code |\n; +-------------------------------+--------------------------------------------+\n;\n;suhosin.filter.action = \n;\n; \n; suhosin.cookie.max_array_depth\n; ------------------------------\n; \n; * Type: Integer\n; * Default: 50\n; \n; Defines the maximum depth an array variable may have, when registered through\n; the COOKIE.\n; \n; Note: Array depth is not the number of elements within an array.\n;\n;suhosin.cookie.max_array_depth = 50\n;\n; \n; suhosin.cookie.max_array_index_length\n; -------------------------------------\n; \n; * Type: Integer\n; * Default: 64\n; \n; Defines the maximum length of array indices for variables registered through\n; the COOKIE.\n;\n;suhosin.cookie.max_array_index_length = 64\n;\n; \n; suhosin.cookie.max_name_length\n; ------------------------------\n; \n; * Type: Integer\n; * Default: 64\n; \n; Defines the maximum length of variable names for variables registered through\n; the COOKIE. For array variables this is the name in front of the indices.\n;\n;suhosin.cookie.max_name_length = 64\n;\n; \n; suhosin.cookie.max_totalname_length\n; -----------------------------------\n; \n; * Type: Integer\n; * Default: 256\n; \n; Defines the maximum length of the total variable name when registered through\n; the COOKIE. For array variables this includes all indices.\n;\n;suhosin.cookie.max_totalname_length = 256\n;\n; \n; suhosin.cookie.max_value_length\n; -------------------------------\n; \n; * Type: Integer\n; * Default: 10000\n; \n; Defines the maximum length of a variable that is registered through the COOKIE.\n;\n;suhosin.cookie.max_value_length = 10000\n;\n; \n; suhosin.cookie.max_vars\n; -----------------------\n; \n; * Type: Integer\n; * Default: 100\n; \n; Defines the maximum number of variables that may be registered through the\n; COOKIE.\n;\n;suhosin.cookie.max_vars = 100\n;\n; \n; suhosin.cookie.disallow_nul\n; ---------------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; When set to On ASCIIZ chars are not allowed in variables.\n;\n;suhosin.cookie.disallow_nul = On\n;\n; \n; suhosin.cookie.disallow_ws\n; --------------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Ignore cookies with names starting with whitespace.\n;\n;suhosin.cookie.disallow_ws = On\n;\n; \n; suhosin.get.max_array_depth\n; ---------------------------\n; \n; * Type: Integer\n; * Default: 50\n; \n; Defines the maximum depth an array variable may have, when registered through\n; the URL.\n; \n; Note: Array depth is not the number of elements within an array.\n;\n;suhosin.get.max_array_depth = 50\n;\n; \n; suhosin.get.max_array_index_length\n; ----------------------------------\n; \n; * Type: Integer\n; * Default: 64\n; \n; Defines the maximum length of array indices for variables registered through\n; the URL.\n;\n;suhosin.get.max_array_index_length = 64\n;\n; \n; suhosin.get.max_name_length\n; ---------------------------\n; \n; * Type: Integer\n; * Default: 64\n; \n; Defines the maximum length of variable names for variables registered through\n; the URL. For array variables this is the name in front of the indices.\n;\n;suhosin.get.max_name_length = 64\n;\n; \n; suhosin.get.max_totalname_length\n; --------------------------------\n; \n; * Type: Integer\n; * Default: 256\n; \n; Defines the maximum length of the total variable name when registered through\n; the URL. For array variables this includes all indices.\n;\n;suhosin.get.max_totalname_length = 256\n;\n; \n; suhosin.get.max_value_length\n; ----------------------------\n; \n; * Type: Integer\n; * Default: 512\n; \n; Defines the maximum length of a variable that is registered through the URL.\n;\n;suhosin.get.max_value_length = 512\n;\n; \n; suhosin.get.max_vars\n; --------------------\n; \n; * Type: Integer\n; * Default: 100\n; \n; Defines the maximum number of variables that may be registered through the URL.\n;\n;suhosin.get.max_vars = 100\n;\n; \n; suhosin.get.disallow_nul\n; ------------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; When set to On ASCIIZ chars are not allowed in variables.\n;\n;suhosin.get.disallow_nul = On\n;\n; \n; suhosin.get.disallow_ws\n; -----------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; Ignore GET parameters with names starting with whitespace.\n;\n;suhosin.get.disallow_ws = Off\n;\n; \n; suhosin.post.max_array_depth\n; ----------------------------\n; \n; * Type: Integer\n; * Default: 50\n; \n; Defines the maximum depth an array variable may have, when registered through a\n; POST request.\n; \n; Note: Array depth is not the number of elements within an array.\n;\n;suhosin.post.max_array_depth = 50\n;\n; \n; suhosin.post.max_array_index_length\n; -----------------------------------\n; \n; * Type: Integer\n; * Default: 64\n; \n; Defines the maximum length of array indices for variables registered through a\n; POST request.\n;\n;suhosin.post.max_array_index_length = 64\n;\n; \n; suhosin.post.max_name_length\n; ----------------------------\n; \n; * Type: Integer\n; * Default: 64\n; \n; Defines the maximum length of variable names for variables registered through a\n; POST request. For array variables this is the name in front of the indices.\n;\n;suhosin.post.max_name_length = 64\n;\n; \n; suhosin.post.max_totalname_length\n; ---------------------------------\n; \n; * Type: Integer\n; * Default: 256\n; \n; Defines the maximum length of the total variable name when registered through a\n; POST request. For array variables this includes all indices.\n;\n;suhosin.post.max_totalname_length = 256\n;\n; \n; suhosin.post.max_value_length\n; -----------------------------\n; \n; * Type: Integer\n; * Default: 1000000\n; \n; Defines the maximum length of a variable that is registered through a POST\n; request.\n;\n;suhosin.post.max_value_length = 1000000\n;\n; \n; suhosin.post.max_vars\n; ---------------------\n; \n; * Type: Integer\n; * Default: 1000\n; \n; Defines the maximum number of variables that may be registered through a POST\n; request.\n;\n;suhosin.post.max_vars = 1000\n;\n; \n; suhosin.post.disallow_nul\n; -------------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; When set to On ASCIIZ chars are not allowed in variables.\n;\n;suhosin.post.disallow_nul = On\n;\n; \n; suhosin.post.disallow_ws\n; ------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; Ignore POST parameters with names starting with whitespace.\n;\n;suhosin.post.disallow_ws = Off\n;\n; \n; suhosin.request.array_index_blacklist\n; -------------------------------------\n; \n; * Type: String\n; * Default: \"'\\\"+<>;()\"\n; \n; Defines a character blacklist for array indices not allowed in user input.\n;\n;suhosin.request.array_index_blacklist = \"'\\\"+<>;()\"\n;\n; \n; suhosin.request.array_index_whitelist\n; -------------------------------------\n; \n; * Type: String\n; * Default: \n; \n; * Example: \"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ\"\n; \n; Defines a character whitelist for array indices allowed in user input.\n; \n; Note: This setting deactivates suhosin.request.array_index_blacklist.\n;\n;suhosin.request.array_index_whitelist = \n;\n; \n; suhosin.request.max_array_depth\n; -------------------------------\n; \n; * Type: Integer\n; * Default: 50\n; \n; Defines the maximum depth an array variable may have, when registered through\n; GET , POST or COOKIE. This setting is also an upper limit for the separate GET,\n; POST, COOKIE configuration directives.\n; \n; Note: Array depth is not the number of elements within an array.\n;\n;suhosin.request.max_array_depth = 50\n;\n; \n; suhosin.request.max_array_index_length\n; --------------------------------------\n; \n; * Type: Integer\n; * Default: 64\n; \n; Defines the maximum length of array indices for variables registered through\n; GET, POST or COOKIE. This setting is also an upper limit for the separate GET,\n; POST, COOKIE configuration directives.\n;\n;suhosin.request.max_array_index_length = 64\n;\n; \n; suhosin.request.max_totalname_length\n; ------------------------------------\n; \n; * Type: Integer\n; * Default: 256\n; \n; Defines the maximum length of variable names for variables registered through\n; the COOKIE, the URL or through a POST request. This is the complete name\n; string, including all indices. This setting is also an upper limit for the\n; separate GET, POST, COOKIE configuration directives.\n;\n;suhosin.request.max_totalname_length = 256\n;\n; \n; suhosin.request.max_value_length\n; --------------------------------\n; \n; * Type: Integer\n; * Default: 1000000\n; \n; Defines the maximum length of a variable that is registered through the COOKIE,\n; the URL or through a POST request. This setting is also an upper limit for the\n; variable origin specific configuration directives.\n;\n;suhosin.request.max_value_length = 1000000\n;\n; \n; suhosin.request.max_vars\n; ------------------------\n; \n; * Type: Integer\n; * Default: 1000\n; \n; Defines the maximum number of variables that may be registered through the\n; COOKIE, the URL or through a POST request. This setting is also an upper limit\n; for the variable origin specific configuration directives.\n;\n;suhosin.request.max_vars = 1000\n;\n; \n; suhosin.request.max_varname_length\n; ----------------------------------\n; \n; * Type: Integer\n; * Default: 64\n; \n; Defines the maximum name length (excluding possible array indices) of variables\n; that may be registered through the COOKIE, the URL or through a POST request.\n; This setting is also an upper limit for the variable origin specific\n; configuration directives.\n;\n;suhosin.request.max_varname_length = 64\n;\n; \n; suhosin.request.disallow_nul\n; ----------------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; When set to On ASCIIZ chars are not allowed in variables.\n;\n;suhosin.request.disallow_nul = On\n;\n; \n; suhosin.request.disallow_ws\n; ---------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; Ignore all variables with names starting with whitespace.\n;\n;suhosin.request.disallow_ws = Off\n;\n; \n; suhosin.upload.max_uploads\n; --------------------------\n; \n; * Type: Integer\n; * Default: 25\n; \n; Defines the maximum number of files that may be uploaded with one request.\n;\n;suhosin.upload.max_uploads = 25\n;\n; \n; suhosin.upload.max_newlines\n; ---------------------------\n; \n; * Type: Integer\n; * Default: 100\n; \n; Defines the maximum number of newlines in rfc1867 mime headers.\n; (added with version 0.9.38)\n;\n;suhosin.upload.max_newlines = 100\n;\n; \n; suhosin.upload.disallow_elf\n; ---------------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; When set to On it is not possible to upload ELF executables.\n;\n;suhosin.upload.disallow_elf = On\n;\n; \n; suhosin.upload.disallow_binary\n; ------------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; When set to On it is not possible to upload binary files.\n;\n;suhosin.upload.disallow_binary = Off\n;\n; \n; suhosin.upload.remove_binary\n; ----------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; When set to On binary content is removed from the uploaded files.\n;\n;suhosin.upload.remove_binary = Off\n;\n; \n; suhosin.upload.allow_utf8\n; -------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; This is an experimental feature. This option allows UTF-8 along with ASCII when\n; using `suhosin.upload.disallow_binary` or `suhosin.upload.remove_binary`.\n;\n;suhosin.upload.allow_utf8 = Off\n;\n; \n; suhosin.upload.verification_script\n; ----------------------------------\n; \n; * Type: String\n; * Default: \n; \n; This defines the full path to a verification script for uploaded files. The\n; script gets the temporary filename supplied and has to decide if the upload is\n; allowed. A possible application for this is to scan uploaded files for viruses.\n; The called script has to write a 1 as first line to standard output to allow\n; the upload. Any other value or no output at all will result in the file being\n; deleted.\n;\n;suhosin.upload.verification_script = \n;\n; \n; suhosin.session.max_id_length\n; -----------------------------\n; \n; * Type: Integer\n; * Default: 128\n; \n; Specifies the maximum length of the session identifier that is allowed. When a\n; longer session identifier is passed a new session identifier will be created.\n; This feature is important to fight buffer overflows in 3rd party session\n; handlers.\n;\n;suhosin.session.max_id_length = 128\n;\n; \n; suhosin.server.encode\n; ---------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Encode potentially dangerous characters in REQUEST_URI and QUERY_STRING with\n; URL encoding.\n;\n;suhosin.server.encode = On\n;\n; \n; suhosin.server.strip\n; --------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Replace potentially dangerous characters in PHP_SELF, PATH_INFO,\n; PATH_TRANSLATED and HTTP_USER_AGENT with '?'.\n;\n;suhosin.server.strip = On\n;\n; \n; suhosin.rand.seedingkey\n; -----------------------\n; \n; * Type: String\n; * Default: \n; \n; This string is added to the entropy pool for seeding the random number\n; generator.\n;\n;suhosin.rand.seedingkey = \n;\n; \n; suhosin.rand.reseed_every_request\n; ---------------------------------\n; \n; * Type: Boolean\n; * Default: Off\n; \n; Controls if automatic reseeding of rand() / mt_rand() is done for every new\n; request. Will improve security but decrease performance. In case the system's\n; entry pool is exhausted, this flag may either significantly increase execution\n; time or otherwise use less entropy (which is bad).\n;\n;suhosin.rand.reseed_every_request = Off\n;\n; \n; suhosin.srand.ignore\n; --------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Flag that controls if calls to srand() are ignored in favour of Suhosin's own\n; enhanced seeding - since 0.9.36 calls will trigger auto-reseeding.\n;\n;suhosin.srand.ignore = On\n;\n; \n; suhosin.mt_srand.ignore\n; -----------------------\n; \n; * Type: Boolean\n; * Default: On\n; \n; Flag that controls if calls to mt_srand() are ignored in favour of Suhosin's\n; own enhanced seeding - since 0.9.36 calls will trigger auto-reseeding.\n;\n;suhosin.mt_srand.ignore = On\n;\n"
},
{
"path": "suhosin_logo.h",
"content": "#define SUHOSIN_LOGO_GUID \"SUHO8567F54-D428-14d2-A769-00DA302A5F18\"\n\nstatic unsigned char suhosin_logo[] =\n\t\"\\xff\\xd8\\xff\\xe0\\x00\\x10\\x4a\\x46\\x49\\x46\\x00\\x01\\x01\\x01\\x00\\x48\"\n\t\"\\x00\\x48\\x00\\x00\\xff\\xe1\\x00\\x16\\x45\\x78\\x69\\x66\\x00\\x00\\x4d\\x4d\"\n\t\"\\x00\\x2a\\x00\\x00\\x00\\x08\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xdb\\x00\\x43\"\n\t\"\\x00\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\"\n\t\"\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\"\n\t\"\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\"\n\t\"\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\\x01\"\n\t\"\\x01\\xff\\xc0\\x00\\x0b\\x08\\x00\\x27\\x00\\x71\\x01\\x01\\x22\\x00\\xff\\xc4\"\n\t\"\\x00\\x1e\\x00\\x00\\x02\\x02\\x02\\x03\\x01\\x01\\x00\\x00\\x00\\x00\\x00\\x00\"\n\t\"\\x00\\x00\\x00\\x00\\x09\\x06\\x08\\x05\\x07\\x02\\x03\\x0a\\x01\\x04\\xff\\xc4\"\n\t\"\\x00\\x32\\x10\\x00\\x01\\x04\\x03\\x00\\x02\\x00\\x05\\x01\\x05\\x09\\x01\\x00\"\n\t\"\\x00\\x00\\x00\\x05\\x02\\x03\\x04\\x06\\x01\\x07\\x08\\x00\\x09\\x11\\x12\\x13\"\n\t\"\\x14\\x21\\x15\\x0a\\x16\\x31\\x56\\x96\\x17\\x18\\x19\\x23\\x32\\x41\\x58\\x98\"\n\t\"\\xd4\\xd6\\xff\\xda\\x00\\x08\\x01\\x01\\x00\\x00\\x3f\\x00\\xf4\\xc1\\xe1\\xe5\"\n\t\"\\x69\\xe9\\x3e\\xb9\\xd1\\x7c\\x8a\\x2e\\x9d\\x66\\xe8\\x3b\\x29\\x4d\\x7f\\x46\"\n\t\"\\xba\\x58\\x55\\x54\\x8d\\xb1\\x5f\\xaa\\xd9\\x8d\\x51\\x2b\\xb6\\x27\\x5a\\x69\"\n\t\"\\xd1\\x43\\xaf\\x16\\x1a\\xf0\\xb2\\xb1\\xe9\\x6d\\x9f\\xc2\\xa4\\x36\\x18\\xb5\"\n\t\"\\x85\\x10\\x41\\xbe\\xfc\\x09\\xac\\x49\\x29\\x11\\xd4\\x32\\x97\\xec\\x08\\x13\"\n\t\"\\xc1\\x2d\\x20\\xc3\\x59\\xeb\\x26\\x05\\xd8\\x6b\\x76\\x31\\x43\\x8f\\x57\\xcf\"\n\t\"\\x84\\x9f\\x14\\xa8\\x53\\x81\\x0b\\xc3\\x64\\x80\\xa3\\x02\\x0a\\x41\\x75\\xf8\"\n\t\"\\x44\\x85\\x93\\x81\\x22\\x3c\\xd8\\x13\\xe1\\xbe\\xf4\\x59\\x91\\x1f\\x6a\\x44\"\n\t\"\\x77\\x5c\\x69\\xc4\\x2f\\x39\\x5f\\x0f\\x2a\\x8d\\xeb\\xba\\xf8\\xc3\\x56\\x6c\"\n\t\"\\x3b\\x36\\xa7\\xda\\xbd\\x4d\\xa1\\xb5\\x4e\\xc6\\xa7\\xa4\\x3a\\xec\\x15\\x2d\"\n\t\"\\xa5\\xb3\\xea\\x5a\\xdc\\xac\\x46\\xac\\x01\\x60\\xd8\\x43\\xc8\\x8e\\x8b\\xb1\"\n\t\"\\x40\\x4c\\x95\\x8b\\x34\\x41\\x28\\x52\\x91\\x28\\x43\\xd3\\xa3\\xb6\\xa7\\x55\"\n\t\"\\x15\\xe7\\x5a\\x96\\xcb\\xf1\\xda\\xe5\\x55\\xee\\xfe\\x1e\\xbd\\xd9\\x41\\xd3\"\n\t\"\\x28\\xfd\\x97\\xca\\x57\\x2b\\x85\\x9c\\xa4\\x30\\x95\\xaa\\xa5\\x57\\xa2\\x35\"\n\t\"\\x15\\x86\\xcb\\x61\\x34\\x41\\xe4\\xc7\\x80\\x20\\x18\\x21\\x17\\x09\\x85\\x0b\"\n\t\"\\x14\\x9d\\x21\\x68\\x62\\x1c\\x08\\x11\\x64\\x4b\\x92\\xf2\\xd2\\xd3\\x2d\\x2d\"\n\t\"\\x6a\\xc2\\x73\\x6b\\x3c\\x3c\\x8b\\x9e\\xbc\\x52\\xaa\\xa4\\xab\\x81\\x6c\\xf6\"\n\t\"\\xfa\\xbd\\x70\\xc5\\xc6\\x7b\\xc2\\xaa\\x22\\x4f\\x58\\x04\\x87\\x25\\x6a\\x27\"\n\t\"\\x1d\\xa4\\x3d\\x20\\x75\\x72\\x01\\x09\\x71\\xe5\\x1c\\x9e\\xc3\\x2e\\x36\\xf3\"\n\t\"\\xd0\\xc6\\x35\\x2a\\x43\\x4d\\x2d\\x0e\\x2d\\xb4\\xa1\\x49\\xce\\x65\\x1e\\x52\"\n\t\"\\x9e\\xa1\\xf6\\x09\\xcc\\xdc\\x63\\x66\\xa8\\x01\\xe9\\x3b\\x0d\\xd7\\x5a\\x85\"\n\t\"\\xbb\\xc5\\x65\\xc0\\x7b\\x2e\\x46\\xa9\\xd9\\x56\\x1d\\x4c\\x92\\x72\\x26\\x4e\"\n\t\"\\x86\\xd5\\x68\\xae\\xc4\\xaa\\x55\\xce\\xd7\\x83\\x59\\xb3\\x81\\xee\\xce\\x74\"\n\t\"\\x39\\x39\\x31\\x9f\\x8a\\x25\\xe8\\xa5\\xa5\\xe5\\x81\\xf2\\x11\\x23\\xcb\\xa1\"\n\t\"\\x1e\\x43\\x12\\xe3\\xb1\\x2a\\x2b\\xcd\\xc8\\x8d\\x25\\x96\\xa4\\x47\\x7d\\x95\"\n\t\"\\xa5\\xc6\\x9f\\x61\\xe4\\x25\\xc6\\x5e\\x69\\xc4\\xe7\\x29\\x5b\\x6e\\xb6\\xa4\"\n\t\"\\xad\\x0b\\x4e\\x72\\x95\\x25\\x58\\x56\\x33\\x9c\\x67\\xce\\xef\\x0f\\x17\\xbf\"\n\t\"\\x4c\\x7b\\x2d\\xe6\\xfe\\x76\\x35\\x27\\x5a\\x07\\x97\\x67\\xe8\\xae\\x8d\\x71\"\n\t\"\\x0f\\xb2\\x13\\x99\\xb9\\xbc\\x14\\xad\\xb3\\xb7\\xe6\\x11\\x6f\\xe0\\xda\\x58\"\n\t\"\\xb1\\x08\\xac\\xa6\\x6c\\x2d\\x7f\\x05\\xb7\\x56\\xd2\\xe6\\xcf\\xbb\\x4d\\x0c\"\n\t\"\\xe3\\x50\\xb2\\xec\\x91\\xf0\\x4a\\xb8\\xd6\\x22\\xb8\\xa7\\xf6\\x67\\xaf\\xcf\"\n\t\"\\x63\\x7e\\xd7\\xe7\\x42\\xd8\\xbd\\xc3\\x71\\xa1\\xf2\\x7e\\x9b\\xa8\\x97\\x83\"\n\t\"\\x6e\\xd1\\xdc\\x4b\\x06\\x11\\x2d\\xae\\x26\\x61\\x98\\x72\\x10\\xf4\\x42\\x5d\"\n\t\"\\x20\\x4a\\xa3\\x73\\xd7\\xf2\\xcd\\x3c\\x48\\x32\\xe4\\x03\\x9f\\x80\\x37\\x08\"\n\t\"\\x36\\x11\\xd0\\xcb\\x97\\x6c\\x08\\xed\\x6d\\x33\\x24\\xa2\\x1b\\xb4\\x77\\xdf\"\n\t\"\\x61\\x5d\\x5f\\xc1\\x43\\xc2\\x82\\xeb\\x0f\\x5d\\x84\\x08\\x68\\xaa\\xa4\\x01\"\n\t\"\\xe1\\x19\\xdf\\xbc\\x31\\x65\\xfe\\xd1\\xf5\\x7d\\x7a\\xb2\\x2a\\x33\\x50\\x21\"\n\t\"\\x2a\\x56\\x9d\\xb1\\x81\\xab\\xdb\\x35\\x78\\x30\\x83\\xd9\\x89\\x1d\\x31\\xac\"\n\t\"\\x96\\x14\\x07\\x61\\xbc\\x20\\x68\\x42\\x85\\x33\\x19\\xac\\xbe\\xdb\\x34\\x56\"\n\t\"\\xf1\\xd5\\xfd\\x29\\xa9\\x28\\xdb\\xcb\\x4c\\x5a\\x23\\xdc\\xf5\\x96\\xc5\\x10\"\n\t\"\\xa3\\x35\\x5b\\x14\\x68\\xd3\\x61\\x62\\x64\\x76\\x26\\xcb\\x17\\x3e\\x34\\x98\"\n\t\"\\x04\\xa3\\xc4\\x20\\x38\\x90\\x92\\xe3\\xc8\\x07\\x2c\\x36\\x74\\x66\\x26\\x0e\"\n\t\"\\x29\\x02\\x64\\x29\\x2d\\x21\\xe6\\x16\\x9c\\x6b\\xce\\xa3\\x89\\xd9\\x4f\\xd3\"\n\t\"\\xc4\\xbd\\xc5\\x87\\x79\\x9c\\x65\\xf6\\x39\\x45\\x60\\xe8\\xce\\x9e\\xab\\x6d\"\n\t\"\\x13\\x15\\x22\\xe1\\x5e\\x4b\\x38\\x42\\xc4\\x1e\\xd5\\x76\\xe0\\xc5\\xeb\\x85\"\n\t\"\\x07\\x2d\\x0f\\xb8\\xb6\\xa6\\xd6\\x6d\\x71\\x0d\\xa2\\x43\\x4c\\x25\\xea\\xfa\"\n\t\"\\xa1\\xae\\x4c\\xe4\\x7d\\xbd\\x76\\xa9\\xfb\\x06\\xc2\\x83\\x42\\xeb\\xad\\xe7\"\n\t\"\\xe9\\x5f\\x68\\x6f\\xba\\xfb\\x2f\\x07\\xce\\xb8\\x13\\xc1\\x9b\\xeb\\xb0\\x76\"\n\t\"\\x45\\x57\\x28\\x7b\\xea\\xbe\\x0f\\xf4\\x30\\x7b\\xa0\\xed\\xe4\\x22\\x93\\x21\"\n\t\"\\xfc\\xbc\\xe0\\xb9\\x75\\xc1\\x4f\\xfc\\xef\\xb6\\xfa\\xa1\\xfc\\x64\\xa1\\x4a\"\n\t\"\\x82\\xc7\\x33\\xad\\x75\\xed\\x82\\xbd\\x3d\\xdb\\xf7\\xa8\\xbe\\x5e\\xbb\\x36\"\n\t\"\\x62\\x04\\x9a\\x2e\\xc5\\xd9\\x9e\\x9c\\x3a\\x0b\\x98\\x0b\\x57\\xac\\xf1\\x24\"\n\t\"\\x62\\x58\\x83\\x15\\x5b\\xa6\\xf2\\xda\\x34\\x70\\x03\\xce\\x0f\\x93\\x1b\\x12\"\n\t\"\\xc7\\xce\\x54\\x87\\x33\\x15\\xd6\\x53\\x25\\x1f\\x2a\\x90\\x87\\x12\\xe3\\x78\"\n\t\"\\xef\\x55\\x77\\x4d\\x4a\\xd8\\x7e\\xef\\xd2\\xfd\\xd1\\xaf\\x3a\\xaf\\x55\\xdb\"\n\t\"\\x6a\\x2d\\x3d\\x42\\xac\\x51\\x79\\xee\\x91\\xab\\xe1\\x05\\x2d\\x3c\\x80\\xa2\"\n\t\"\\x43\\xad\\x22\\x2e\\xd5\\x33\\x13\\xa4\\x9e\\x00\\xe0\\x04\\x10\\x84\\xc8\\xf2\"\n\t\"\\x19\\x30\\x92\\x1f\\xaa\\xc3\\x28\\xc9\\x76\\x30\\x3f\\xe9\\x10\\x61\\x5e\\x79\"\n\t\"\\xd5\\xf7\\xdf\\xd0\\x54\\xdb\\xae\\xb6\\xae\\xfa\\xe8\\xa3\\x57\\xe0\\x6c\\x2d\"\n\t\"\\xf7\\xbd\\x49\\xd6\\x6e\\x76\\x79\\xcc\\x54\\x0c\\x5f\\xff\\x00\\xbb\\x06\\x98\"\n\t\"\\xa6\\x9e\\x89\\x61\\xb4\\x6f\\xc3\\xe3\\x6a\\xc2\\x4f\\x59\\x03\\xc9\\x80\\x2c\"\n\t\"\\x59\\x24\\x44\\x70\\x38\\xd5\\x96\\x6a\\x9e\\x8b\\x81\\x64\\xe5\\xbc\\xa0\\x3c\"\n\t\"\\x33\\xaf\\x17\\x9d\\xff\\x00\\x71\\x1a\\xd1\\x3a\\x80\\x66\\xb3\\xd9\\x31\\x77\"\n\t\"\\x0d\\x12\\xbd\\xae\\x29\\xb5\\x6a\\xd6\\xcf\\x8d\\x68\\x87\\x75\\xcd\\xe8\\x65\"\n\t\"\\x5a\\xbe\\x3c\\x04\\x7b\\x34\\xdb\\x54\\x19\\xa4\\x63\\x9c\\x2a\\x5d\\x23\\xbe\"\n\t\"\\xf4\\xb1\\x1c\\x4d\\x90\\xec\\x92\\x2f\\x49\\x71\\xf7\\x14\\xf2\\x97\\x9f\\x15\"\n\t\"\\x57\\xed\\x13\\x21\\x2a\\xf5\\x33\\xd1\\x2a\\x52\\x52\\xac\\xb7\\x62\\xd1\\xcb\"\n\t\"\\x46\\x73\\x8c\\x67\\x28\\x56\\x77\\x86\\xbf\\x6f\\x2a\\x4e\\x73\\xfe\\x95\\x65\"\n\t\"\\x0b\\x5a\\x3e\\x38\\xfc\\xfc\\xaa\\x56\\x3f\\x86\\x73\\xe3\\xb9\\x4a\\x52\\x84\"\n\t\"\\xa5\\x08\\x4e\\x12\\x94\\x27\\x09\\x4a\\x53\\x8c\\x61\\x29\\x4a\\x71\\xf0\\x4a\"\n\t\"\\x53\\x8c\\x7e\\x31\\x8c\\x63\\x18\\xc6\\x31\\x8f\\xc6\\x31\\xf8\\xc7\\x9f\\x7c\"\n\t\"\\xd5\\xbb\\xae\\x5e\\xe2\\x1f\\xab\\x6e\\x24\\x34\\x00\\x8a\\x25\\x83\\x70\\x40\"\n\t\"\\x1c\\xcc\\xda\\x45\\x7f\\x66\\x4e\\x30\\x2e\\x94\\x7e\\x74\\x49\\xf0\\xe4\\x4e\"\n\t\"\\x06\\x5c\\xa8\\x2f\\x89\\x21\\x2e\\x98\\x0e\\xd9\\x21\\xc2\\x0b\\x21\\x0f\\xc4\"\n\t\"\\x16\\x6e\\x48\\xd9\\xe4\\xe3\\x4a\\x19\\x1e\\x64\\x67\\x54\\xff\\x00\\x3a\\x6d\"\n\t\"\\x4f\\x62\\xb5\\x00\\x4a\\xaa\\x51\\xfd\\x2d\\xe8\\x0e\\x6c\\xaf\\xc6\\x7d\\x6d\"\n\t\"\\xc8\\x88\\xc7\\x67\\xea\\x8a\\x58\\x02\\x73\\xe3\\x65\\x4d\\xc9\\x24\\xc0\\x3d\"\n\t\"\\x57\\xa3\\x2e\\x53\\x16\\x99\\x4f\\xe5\\xe7\\x19\\x97\\x3e\\x3b\\xcf\\xc9\\x4b\"\n\t\"\\x99\\x7f\\x33\\x25\\xa5\\xdf\\xba\\x77\\x2b\\xd3\\x3e\\xc2\\x7b\\x8b\\x94\\x07\"\n\t\"\\xe9\\x52\\x5b\\x43\\x87\\x34\\x14\\x86\\x37\\xcf\\x41\\x6b\\x8e\\x6a\\xa5\\x22\"\n\t\"\\xab\\xdb\\x96\\xa2\\xcf\\x46\\xd8\\x9b\\x45\\x93\\xef\\xd6\\xdf\\x3e\\x99\\x9c\"\n\t\"\\x7e\\x29\\x10\\x6b\\x6c\\xa2\\xb8\\x43\\x05\\x09\\x44\\x70\\x8c\\xb8\\xaa\\x54\"\n\t\"\\x7c\\x30\\x36\\x5e\\x1c\\x5e\\x5b\\x9f\\x6c\\x0d\\x81\\xee\\xa0\\x93\\x8d\\x67\"\n\t\"\\x55\\xf3\\x87\\xaf\\xaa\\x6b\\x58\\xf9\\xbe\\xb2\\x36\\x07\\x42\\x6e\\xbd\\x96\"\n\t\"\\xe3\\x9f\\x1f\\x8f\\xc9\\xf4\\x9d\\xae\\x6a\\x7d\\x4c\\x96\\xbe\\x5f\\xc7\\xcd\"\n\t\"\\xf3\\xb2\\xf7\\xcd\\xf0\\xcf\\xc3\\xe4\\xf8\\xfe\\x37\\x4f\\x1c\\x4d\\xf6\\x40\"\n\t\"\\xf1\\x6b\\x7c\\x4e\\xe0\\xa6\\x71\\xad\\x56\\xa7\\x1c\\x5c\\x15\\x6b\\xfc\\xf3\"\n\t\"\\x01\\x5d\\xac\\xf1\\x75\\x9a\\x72\\x6b\\xaa\\x28\\xc5\\x88\\x6d\\xfb\\x33\\x85\"\n\t\"\\xe0\\x4e\\x61\\xab\\xeb\\x31\\x2c\\x71\\x08\\x73\\x11\\x3b\\xfc\\xb5\\xc0\\x96\"\n\t\"\\xcc\\x87\\x24\\x44\\xb5\\x9b\\x9e\\xb3\\x71\\xba\\xe9\\xed\\xb1\\x4e\\xd7\\x76\"\n\t\"\\x6c\\xd2\\xb6\\x05\\xb7\\x5a\\xde\\xeb\\x34\\x5b\\x96\\x16\\xfb\\x59\\xa9\\x5c\"\n\t\"\\x4f\\x55\\xca\\x8a\\xac\\x59\\xb0\\xe4\\x54\\x39\\x25\\xbc\\x81\\x37\\x2a\\x09\"\n\t\"\\x5f\\x9e\\x3b\\x6b\\x7d\\x1f\\x69\\xf3\\x34\\x85\\x39\\x84\\xa7\\x28\\x0b\\xd3\"\n\t\"\\xfd\\xfb\\x4b\\x7a\\xea\\xe7\\xd2\\x3c\\xd3\\xda\\x15\\x68\\xbc\\x73\\xd3\\x22\"\n\t\"\\x6f\\xd7\\x72\\x5b\\x2b\\x66\\xee\\xa8\\x0d\\x54\\xe8\\x5b\\xf9\\x92\\x96\\x92\"\n\t\"\\x93\\xea\\x97\\x4a\\xc7\\x43\\x10\\x46\\x35\\xc5\\xc0\\x60\\x8a\\xe4\\xc1\\xb5\"\n\t\"\\x36\\xc6\\xae\\xed\\xf7\\x70\\xa5\\x86\\x99\\x3d\\x91\\xf8\\xfd\\x4e\\x53\\xeb\"\n\t\"\\xbb\\xbd\\x6d\\xec\\x8f\\xd7\\x89\\x3d\\x31\\x7f\\xd7\\x78\\xba\\x50\\xbb\\x74\"\n\t\"\\x9d\\xf6\\xac\\x4e\\xb9\\x03\\x9c\\x79\\xd5\\xe1\\xbd\\x17\\x68\\xd9\\x13\\x0b\"\n\t\"\\x45\\x75\\x88\\x00\\x1d\\x1f\\xae\\x73\\x6a\\x1d\\x5c\\x6e\\x44\\x9f\\xa6\\xfa\"\n\t\"\\x4e\\xd8\\x25\\x8b\\xc0\\xbc\\xb2\\x99\\xe3\\x17\\x24\\xb3\\x23\\xe2\\x48\\x8b\"\n\t\"\\xfa\\x22\\xe7\\x7e\\x8f\\xe6\\x3f\\x5f\\x55\\x0d\\x75\\xd3\\x51\\x0b\\xd7\\xed\"\n\t\"\\xd3\\x6f\\x97\\x3b\\x85\\x42\\x80\\x7e\\x5f\\xdc\\x1b\\xd6\\xba\\xee\\xc4\\x80\"\n\t\"\\xce\\x06\\xa9\\x15\\x8c\\x97\\x5f\\x40\\x69\\xb2\\x4d\\xc5\\xb2\\x5c\\x1e\\x01\"\n\t\"\\x87\\x7e\\xe0\\x36\\x6d\\x78\\x80\\x4e\\x3c\\x02\\xec\\x90\\x1d\\x11\\x81\\x74\"\n\t\"\\xa5\\x8b\\xa4\\xa0\\x56\\x06\\xd5\\x79\\x72\\x85\\x57\\x3b\\xb2\\x2e\\xae\\x90\"\n\t\"\\x18\\x8d\\x91\\xb2\\x0e\\x44\\x19\\xaa\\xb4\\xcc\\x08\\xed\\x46\\xfa\\xd7\\x2b\"\n\t\"\\x78\\x58\\x72\\x5d\\xbb\\x5e\\x49\\xe7\\xee\\xf3\\x8a\\x9d\\x22\\xa4\\x19\\xc8\"\n\t\"\\xe7\\x08\\xc3\\x90\\x9b\\x35\\x9a\\xa4\\x25\\x8c\\x4b\\x9b\\xa7\\xf8\\xbf\\x81\"\n\t\"\\xf5\\xdf\\x22\\x66\\xf1\\x7e\\x9f\\x66\\x3d\\xbb\\xfa\\x73\\x73\\x4d\\xfd\\x67\"\n\t\"\\x7b\\xf4\\xce\\xc3\\x62\\x2e\\x6f\\xbb\\x0c\\xa2\\xdc\\x69\\xfc\\x8a\\x17\\x0e\"\n\t\"\\x3a\\x9e\\x83\\x46\\xd7\\xe3\\x5e\\x65\\x86\\xc0\\x51\\x00\\xbb\\x91\\xe3\\xe1\"\n\t\"\\xc1\\x16\\xc4\\xe9\\x65\\x5c\\x14\\x3e\\x44\\x6a\\x6b\\xd1\\x1e\\xb0\\x36\\xdd\"\n\t\"\\x0b\\x7d\\x8a\\xeb\\xaf\\x58\\x5b\\x64\\x3f\\x38\\xed\\x52\\x76\\xe8\\x46\\xf7\"\n\t\"\\x86\\x84\\xb3\\x93\\xb1\\x0b\\xe5\\xfd\\xfd\\x0d\\xe9\\x6d\\xe4\\xf1\\x1b\\x1d\"\n\t\"\\x56\\xb4\\x34\\xe4\\x6a\\xf5\\xa4\\x9c\\x2c\\xc9\\x64\\x94\\xc1\\xf5\\x79\\x6d\"\n\t\"\\x12\\x96\\xf3\\x47\\xc5\\x48\\xa8\\xdb\\xd8\\x95\\x64\\x29\\xcf\\xf6\\x88\\xf1\"\n\t\"\\x95\\x7a\\x98\\xe8\\xbc\\x27\\x19\\xce\\x73\\x61\\xd1\\xb8\\xc6\\x31\\x8c\\xe7\"\n\t\"\\x39\\xce\\x77\\x9e\\xbc\\xc6\\x31\\x8c\\x63\\xf3\\x9c\\xe7\\x39\\xc6\\x31\\x8f\"\n\t\"\\xf7\\xce\\x7e\\x1e\\x3b\\x7f\\x0f\\x0f\\x0f\\x13\\x57\\xb9\\x0a\\xe1\\x0b\\x64\"\n\t\"\\x5f\\x58\\x40\\xc6\\xc7\\x7a\\x4b\\xf2\\x3d\\xbc\\x71\\xf4\\xa7\\xd2\\xca\\x14\"\n\t\"\\xe2\\x98\\x1a\\x30\\x1e\\xe0\\x26\\x5a\\x6a\\xf0\\x9c\\x67\\x38\\x66\\x00\\xb8\"\n\t\"\\x72\\xe6\\xbe\\xac\\xfe\\x12\\xd3\\x0b\\x56\\x73\\x8c\\x63\\xc7\\x2b\\xe1\\xe2\"\n\t\"\\xe8\\xdd\\x7b\\xff\\x00\\xd8\\xe5\\x23\\x6c\\xce\\xa8\\x69\\xcf\\x5e\\x3a\\xef\"\n\t\"\\x77\\xea\\xe5\\xab\\x0e\\x82\\xdb\\xd9\\xed\\x7a\\x9e\\xb8\\x6d\\x51\\x32\\xdb\"\n\t\"\\x79\\xc3\\x36\\x9a\\x2d\\xa3\\x50\\x39\\x65\\x0a\\x63\\x0e\\xe5\\xd4\\x39\\x12\"\n\t\"\\xbf\\x8b\\x98\\xa4\\xa1\\x2d\\xad\\xb3\\xcf\\x65\\x6a\\x43\\x78\\xb3\\x3b\\x07\"\n\t\"\\xd8\\xd5\\xea\\xae\\x76\\xad\\x6f\\xf5\\xff\\x00\\xca\\x93\\xab\\x96\\xb0\\x64\"\n\t\"\\xeb\\xd6\\x4a\\xd5\\x87\\xba\\xec\\x24\\x60\\x97\\x06\\x76\\x03\\xe3\\x4c\\x07\"\n\t\"\\x29\\x11\\x8e\\x34\\x25\\x02\\x64\\x29\\xf0\\x25\\x48\\x85\\x3a\\x33\\x8b\\x7a\"\n\t\"\\x3c\\x86\\x1e\\x75\\xa5\\x61\\xc6\\x97\\x9f\\x8d\\x25\\xf5\\xc9\\xcd\\xde\\xc9\"\n\t\"\\x7d\\x77\\xf2\\xc8\\x7e\\x70\\xaf\\x73\\x5f\\x2d\\xec\\xa2\\x51\\x2d\\x96\\xfb\"\n\t\"\\x89\\xad\\x80\\x57\\xb2\\x36\\x1d\\x7d\\x83\\x45\\xac\\xf3\\xdb\\xcc\\x6c\\x31\"\n\t\"\\x4f\\xcf\\x30\\x58\\xd0\\x12\\x28\\x90\\x50\\x42\\x86\\xfb\\x48\\x16\\x3c\\xc5\"\n\t\"\\x9c\\xf8\\xe7\\xcc\\x29\\x88\\xb3\\x4a\\x4b\\x4e\\x6c\\xbc\\xdb\\xc7\\xbb\\xe9\"\n\t\"\\xb6\\xa0\\x8b\\x11\\xa1\\x7d\\x73\\xd7\\xe9\\xbf\\x7e\\xc2\\x6c\\x10\\x8d\\xee\"\n\t\"\\x9d\\xef\\x63\\x3a\\xe0\\xf5\\xbe\\x8c\\x3e\\xa1\\xc7\\xc5\\xd1\\x00\\x44\\x1e\"\n\t\"\\xf3\\x51\\xf2\\xe2\\xb0\\xe3\\xb5\\x13\\x7f\\x32\\xf1\\x8c\\xa6\\x22\\xfe\\x1f\"\n\t\"\\x49\\x4d\\xbb\\xcf\\x3a\\x5d\\xed\\x4c\\xd2\\xfc\\x85\\xed\\x23\\xd6\\xc7\\x50\"\n\t\"\\xb6\\x5b\\x3a\\x16\\x83\\xb8\\x6f\\xfd\\x32\\x3f\\xaa\\x36\\x34\\xbb\\xf5\\x96\"\n\t\"\\xa9\\xab\\xcf\\x9f\\x8f\\xac\\xc3\\xca\\xd5\\x8b\\xd8\\x48\\x9e\\x79\\xaa\\x30\"\n\t\"\\x87\\xca\\x58\\x4d\\x59\\x96\\xb9\\x4f\\xc5\\x1b\\x1c\\xd2\\xda\\x5b\\xe6\\x57\"\n\t\"\\x29\\xa1\\x28\\x7a\\x2b\\x5b\\xff\\x00\\x12\\x2f\\x5e\\x3f\\xf3\\xbb\\x8e\\x7f\"\n\t\"\\xec\\xc6\\x98\\xff\\x00\\xed\\x3c\\xa6\\xdd\\xa9\\xdc\\x7e\\xa0\\xf7\\xd6\\x99\"\n\t\"\\x31\\xa2\\xf7\\xaf\\x6b\\xe9\\x82\\x74\\x4b\\x3d\\x8f\\x5e\\x58\\x0b\\x33\\xab\"\n\t\"\\xef\\xc3\\xaf\\x84\\x64\\xb9\\xae\\xb6\\x25\\x5f\\x62\\x8f\\x1c\\xe3\\xf4\\x51\"\n\t\"\\xb7\\x96\\xe3\\x0e\\x30\\x42\\xa9\\x18\\x39\\xbf\\x9e\\x2a\\x1f\\x74\\x19\\x02\"\n\t\"\\x2d\\x43\\x93\\x06\\x63\\xb1\\xa7\\x47\\x6a\\xfa\\x9b\\x6c\\xeb\\xbd\\xe9\\xae\"\n\t\"\\x6a\\x7b\\x6f\\x53\\x5a\\x60\\x5d\\xb5\\xcd\\xe8\\x67\\xeb\\x35\\x3b\\x48\\xc6\"\n\t\"\\xa6\\xb3\\x04\\xc8\\xdf\\xb8\\x7e\\x26\\x64\\xb0\\xc9\\x18\\xb0\\xa7\\x33\\xf2\"\n\t\"\\x4a\\x8b\\x22\\x3b\\x8d\\x4b\\x89\\x1d\\xf6\\x9d\\x65\\xc4\\x38\\xd2\\x54\\x9c\"\n\t\"\\xe3\\xcd\\x89\\xe1\\xe1\\xe6\\x3e\\x70\\x81\\x45\\x1d\\x18\\xf9\\x31\\x83\\xc8\"\n\t\"\\xbe\\x14\\x82\\x4b\\x87\\x7a\\x74\\x28\\xd2\\xdd\\x12\\x55\\x30\\xe6\\x0e\\x49\"\n\t\"\\x31\\x8e\\x48\\x69\\xc5\\xc0\\x20\\x91\\xe4\\x48\\x41\\x4c\\xd8\\xb9\\x6a\\x4e\"\n\t\"\\x21\\xce\\x99\\x1b\\x0e\\xfd\\x09\\x4f\\xa1\\x79\\x0f\\x0f\\x0f\\x0f\\x0f\\x0f\"\n\t\"\\x0f\\x3f\\x3c\\xb8\\x71\\x27\\xc7\\x72\\x24\\xe8\\xb1\\xa6\\xc5\\x7b\\x18\\xc3\"\n\t\"\\xb1\\xa5\\xb0\\xd4\\x98\\xee\\xe3\\x19\\xc6\\x71\\x87\\x19\\x79\\x2b\\x6d\\x78\"\n\t\"\\xc6\\x71\\x8c\\xe3\\x0a\\x4e\\x71\\x8c\\xe3\\x19\\xfe\\x38\\xf2\\x3b\\xfb\\x8b\"\n\t\"\\x48\\xfe\\x4e\\xaa\\xff\\x00\\x4f\\x08\\xff\\x00\\xc7\\xe1\\xfb\\x8b\\x48\\xfe\"\n\t\"\\x4e\\xaa\\xff\\x00\\x4f\\x08\\xff\\x00\\xc7\\xe4\\x95\\x86\\x18\\x8a\\xcb\\x31\"\n\t\"\\xa3\\x32\\xd4\\x78\\xf1\\xdb\\x43\\x2c\\x47\\x61\\xb4\\x32\\xcb\\x2c\\xb4\\x9c\"\n\t\"\\x21\\xb6\\x99\\x69\\xbc\\x25\\xb6\\xdb\\x6d\\x18\\xc2\\x10\\xda\\x12\\x94\\xa1\"\n\t\"\\x38\\xc2\\x53\\x8c\\x63\\x18\\xc7\\x9d\\xbe\\x7f\\xff\\xd9\"\n\t;\n"
},
{
"path": "suhosin_rfc1867.h",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n\n/* $Id: suhosin_rfc1867.h,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ */\n\n#ifndef SUHOSIN_RFC1867_H\n#define SUHOSIN_RFC1867_H\n\n#include \"rfc1867.h\"\n#include \"SAPI.h\"\n\n#define MULTIPART_CONTENT_TYPE \"multipart/form-data\"\n#ifdef MULTIPART_EVENT_START\n#define HAVE_RFC1867_CALLBACK\t\t1\n#else\n#define HAVE_RFC1867_CALLBACK\t\t0\n\n#define MULTIPART_EVENT_START\t\t0\n#define MULTIPART_EVENT_FORMDATA\t1\n#define MULTIPART_EVENT_FILE_START\t2\n#define MULTIPART_EVENT_FILE_DATA\t3\n#define MULTIPART_EVENT_FILE_END\t4\n#define MULTIPART_EVENT_END\t\t5\n\ntypedef struct _multipart_event_start {\n\tsize_t\tcontent_length;\n} multipart_event_start;\n\ntypedef struct _multipart_event_formdata {\n\tsize_t\tpost_bytes_processed;\n\tchar\t*name;\n\tchar\t**value;\n\tsize_t\tlength;\n\tsize_t\t*newlength;\n} multipart_event_formdata;\n\ntypedef struct _multipart_event_file_start {\n\tsize_t\tpost_bytes_processed;\n\tchar\t*name;\n\tchar\t**filename;\n} multipart_event_file_start;\n\ntypedef struct _multipart_event_file_data {\n\tsize_t\tpost_bytes_processed;\n\toff_t\toffset;\n\tchar\t*data;\n\tsize_t\tlength;\n\tsize_t\t*newlength;\t\n} multipart_event_file_data;\n\ntypedef struct _multipart_event_file_end {\n\tsize_t\tpost_bytes_processed;\n\tchar\t*temp_filename;\n\tint\tcancel_upload;\n} multipart_event_file_end;\n\ntypedef struct _multipart_event_end {\n\tsize_t\tpost_bytes_processed;\n} multipart_event_end;\n\n#endif\n\nSAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler);\n\n// void destroy_uploaded_files_hash(TSRMLS_D);\n#if !HAVE_RFC1867_CALLBACK\nextern PHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC);\n#else\nextern PHPAPI int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC);\n#endif\n\n#endif /* SUHOSIN_RFC1867_H */\n"
},
{
"path": "tests/cookie/crypt.checkraddr_4.phpt",
"content": "--TEST--\ncookie encryption with checkraddr=4\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=Off\nsuhosin.cookie.cryptdocroot=Off\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=4\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\narray(1) {\n [\"foo\"]=>\n string(3) \"bar\"\n}"
},
{
"path": "tests/cookie/crypt.checkraddr_4_incorrect.phpt",
"content": "--TEST--\ncookie encryption with checkraddr=4\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=Off\nsuhosin.cookie.cryptdocroot=Off\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=4\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\narray(0) {\n}"
},
{
"path": "tests/cookie/crypt.cryptlist.phpt",
"content": "--TEST--\ncookie encryption with cryptlist set\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=0\nsuhosin.cookie.cryptdocroot=0\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=0\nsuhosin.cookie.cryptlist=a,b,foo,c\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\nSet-Cookie: foo=EgJxlQxzPwoAcVFj395vssv3hy1rAem1lH9qZYUvRi8.\nSet-Cookie: foo2=bar2"
},
{
"path": "tests/cookie/crypt.docroot.phpt",
"content": "--TEST--\ncookie encryption using document root\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=Off\nsuhosin.cookie.cryptdocroot=On\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\nSet-Cookie: foo=CY8CspcGmDQPsap1NqJO1uAjB6fobur1Os5ZCqFGhU8."
},
{
"path": "tests/cookie/crypt.invalid.phpt",
"content": "--TEST--\ncookie encryption with invalid cookie\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=Off\nsuhosin.cookie.cryptdocroot=Off\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\narray(0) {\n}"
},
{
"path": "tests/cookie/crypt.key_default.phpt",
"content": "--TEST--\ncookie encryption with default key\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=D3F4UL7\nsuhosin.cookie.cryptua=0\nsuhosin.cookie.cryptdocroot=0\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--COOKIE--\na=b\n--FILE--\n\n--EXPECTF--\nSet-Cookie: foo=Jq5FsTmo4aEWrLMKdoEeUuFxZ4IujCzrQjg-8Y-xphg."
},
{
"path": "tests/cookie/crypt.key_empty.phpt",
"content": "--TEST--\ncookie encryption with empty key\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=0\nsuhosin.cookie.cryptdocroot=0\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--COOKIE--\na=b\n--FILE--\n\n--EXPECTF--\nSet-Cookie: foo=Jq5FsTmo4aEWrLMKdoEeUuFxZ4IujCzrQjg-8Y-xphg."
},
{
"path": "tests/cookie/crypt.key_empty_remote_addr.phpt",
"content": "--TEST--\ncookie encryption with empty key and REMOTE_ADDR set\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=0\nsuhosin.cookie.cryptdocroot=0\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\nSet-Cookie: foo=EgJxlQxzPwoAcVFj395vssv3hy1rAem1lH9qZYUvRi8."
},
{
"path": "tests/cookie/crypt.no_encryption.phpt",
"content": "--TEST--\ncookie without encryption\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=0\n--COOKIE--\na=b\n--FILE--\n\n--EXPECTF--\nSet-Cookie: foo=bar"
},
{
"path": "tests/cookie/crypt.plainlist.phpt",
"content": "--TEST--\ncookie encryption with plainlist set\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=0\nsuhosin.cookie.cryptdocroot=0\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\nsuhosin.cookie.plainlist=a,b,foo2,c\n--ENV--\nreturn <<\n--EXPECTF--\nSet-Cookie: foo=EgJxlQxzPwoAcVFj395vssv3hy1rAem1lH9qZYUvRi8.\nSet-Cookie: foo2=bar2"
},
{
"path": "tests/cookie/crypt.raddr_1.phpt",
"content": "--TEST--\ncookie encryption using REMOTE_ADDR (cryptraddr=1)\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=Off\nsuhosin.cookie.cryptdocroot=Off\nsuhosin.cookie.cryptraddr=1\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\nSet-Cookie: foo=lwB1g2gEIQbzRLsbKEyLcKlmu6kpBNRd6sft46-la-4."
},
{
"path": "tests/cookie/crypt.raddr_2.phpt",
"content": "--TEST--\ncookie encryption using REMOTE_ADDR (cryptraddr=2)\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=Off\nsuhosin.cookie.cryptdocroot=Off\nsuhosin.cookie.cryptraddr=2\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\nSet-Cookie: foo=iTnKmpON_PFkZ2Sv8omXt_myOw0LIxwZTmj5OZYQ5c8."
},
{
"path": "tests/cookie/crypt.raddr_3.phpt",
"content": "--TEST--\ncookie encryption using REMOTE_ADDR (cryptraddr=3)\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=Off\nsuhosin.cookie.cryptdocroot=Off\nsuhosin.cookie.cryptraddr=3\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\nSet-Cookie: foo=q2LriHN5UE2RN8YKu8N-k2hE5ShtXbk8vZooBU0idWg."
},
{
"path": "tests/cookie/crypt.raddr_4.phpt",
"content": "--TEST--\ncookie encryption using REMOTE_ADDR (cryptraddr=4)\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=Off\nsuhosin.cookie.cryptdocroot=Off\nsuhosin.cookie.cryptraddr=4\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\nSet-Cookie: foo=KYNdxYn5b1vujSEplr6YyON2A04YRH0YY4pCZWQDxG8."
},
{
"path": "tests/cookie/crypt.ua.phpt",
"content": "--TEST--\ncookie with encryption using HTTP_USER_AGENT\n--SKIPIF--\n\n--INI--\nsuhosin.cookie.encrypt=1\nsuhosin.cookie.cryptkey=\nsuhosin.cookie.cryptua=On\nsuhosin.cookie.cryptdocroot=0\nsuhosin.cookie.cryptraddr=0\nsuhosin.cookie.checkraddr=0\n;suhosin.cookie.cryptlist=\n;suhosin.cookie.plainlist=\n--ENV--\nreturn <<\n--EXPECTF--\nSet-Cookie: foo=ZWvJsNdplAsT5Uz57vuUq7-_pbjyXTGeMrUfSrgre5w."
},
{
"path": "tests/empty.inc",
"content": ""
},
{
"path": "tests/executor/allow_symlink_off.phpt",
"content": "--TEST--\nsuhosin.executor.allow_symlink=Off\n--SKIPIF--\n\n--INI--\nerror_reporting=E_ALL\nopen_basedir=\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.executor.allow_symlink=Off\n--FILE--\n\n--EXPECTF--\nWarning: symlink() expects exactly 2 parameters, 0 given in %s on line 2\nALERT - symlink called during open_basedir (attacker 'REMOTE_ADDR not set', file '%s', line 4)\n"
},
{
"path": "tests/executor/allow_symlink_on.phpt",
"content": "--TEST--\nsuhosin.executor.allow_symlink=On\n--SKIPIF--\n\n--INI--\nerror_reporting=E_ALL\nopen_basedir=\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.executor.allow_symlink=On\n--FILE--\n\n--EXPECTF--\nWarning: symlink() expects exactly 2 parameters, 0 given in %s on line 2\n\nWarning: symlink() expects exactly 2 parameters, 0 given in %s on line 4\n"
},
{
"path": "tests/executor/disable_emod_off.phpt",
"content": "--TEST--\nTesting: suhosin.executor.disable_emodifier=0\n--SKIPIF--\n\n--INI--\nerror_reporting=E_ALL&~E_DEPRECATED\nsuhosin.log.sapi=64\nsuhosin.executor.disable_emodifier=0\n--FILE--\n\n--EXPECTF--\nstring(5) \"HALLO\"\nstring(5) \"HALLO\"\n\n"
},
{
"path": "tests/executor/disable_emod_on.phpt",
"content": "--TEST--\nTesting: suhosin.executor.disable_emodifier=1\n--SKIPIF--\n\n--INI--\nerror_reporting=E_ALL&~E_DEPRECATED\nsuhosin.log.sapi=64\nsuhosin.executor.disable_emodifier=1\n--FILE--\n\n--EXPECTF--\nstring(5) \"HALLO\"\nALERT - use of preg_replace() with /e modifier is forbidden by configuration (attacker 'REMOTE_ADDR not set', file '%s', line 7)\n\nFatal error: SUHOSIN - Use of preg_replace() with /e modifier is forbidden by configuration in %s(7) : regexp code on line %d\n"
},
{
"path": "tests/executor/disable_eval_off.phpt",
"content": "--TEST--\nTesting: suhosin.executor.disable_eval=0\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.disable_eval=0\n--FILE--\n\n--EXPECTF--\nint(1)\n"
},
{
"path": "tests/executor/disable_eval_on.phpt",
"content": "--TEST--\nTesting: suhosin.executor.disable_eval=1\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.disable_eval=1\n--FILE--\n\n--EXPECTF--\nALERT - use of eval is forbidden by configuration (attacker 'REMOTE_ADDR not set', file '%s', line 3)\n\nFatal error: SUHOSIN - Use of eval is forbidden by configuration in %s(3) : eval()'d code on line %d\n"
},
{
"path": "tests/executor/eval_blacklist.phpt",
"content": "--TEST--\nTesting: suhosin.executor.eval.blacklist=max\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.disable_eval=0\nsuhosin.executor.eval.blacklist=max\n--FILE--\n\n--EXPECTF--\nALERT - function within eval blacklist called: max() (attacker 'REMOTE_ADDR not set', file '%s', line 4)\n\nWarning: max() has been disabled for security reasons in %s : eval()'d code on line 2\n"
},
{
"path": "tests/executor/eval_blacklist_printf.phpt",
"content": "--TEST--\nTesting: suhosin.executor.eval.blacklist=printf via call_user_func\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.disable_eval=0\nsuhosin.executor.eval.blacklist=printf\n--FILE--\n\n--EXPECTF--\nALERT - function within eval blacklist called: printf() (attacker 'REMOTE_ADDR not set', file '%s : eval()'d code', line 1)\n\nWarning: printf() has been disabled for security reasons in %s : eval()'d code on line 1\n"
},
{
"path": "tests/executor/eval_blacklist_printf_function_exists.phpt",
"content": "--TEST--\nTesting: suhosin.executor.eval.blacklist=printf with function_exists()\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.disable_eval=0\nsuhosin.executor.eval.blacklist=printf,max\n--FILE--\n\n--EXPECTF--\nbool(true)\nbool(false)\nbool(true)\nbool(false)\nbool(true)\n\n"
},
{
"path": "tests/executor/eval_whitelist_absmax.phpt",
"content": "--TEST--\nTesting: suhosin.executor.eval.whitelist=abs,max\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.disable_eval=0\nsuhosin.executor.eval.whitelist=abs,max\n--FILE--\n\n--EXPECTF--\n\n"
},
{
"path": "tests/executor/eval_whitelist_call_user_func.phpt",
"content": "--TEST--\nTesting: suhosin.executor.eval.whitelist=printf via call_user_func\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.eval.whitelist=call_user_func\n--FILE--\n\n--EXPECTF--\nALERT - function outside of eval whitelist called: printf() (attacker 'REMOTE_ADDR not set', file '%s : eval()'d code', line 1)\n\nWarning: printf() has been disabled for security reasons in %s : eval()'d code on line 1\n"
},
{
"path": "tests/executor/function_blacklist.phpt",
"content": "--TEST--\nTesting: suhosin.executor.func.blacklist=max\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.func.blacklist=max\n--FILE--\n\n--EXPECTF--\nALERT - function within blacklist called: max() (attacker 'REMOTE_ADDR not set', file '%s', line 3)\n\nWarning: max() has been disabled for security reasons in %s on line 3\n"
},
{
"path": "tests/executor/function_blacklist_printf.phpt",
"content": "--TEST--\nTesting: suhosin.executor.func.blacklist=printf\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.func.blacklist=printf\n--FILE--\n\n--EXPECTF--\nALERT - function within blacklist called: printf() (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n\nWarning: printf() has been disabled for security reasons in %s on line 2\n"
},
{
"path": "tests/executor/function_blacklist_printf_function_exists.phpt",
"content": "--TEST--\nTesting: suhosin.executor.func.blacklist=printf with function_exists()\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.func.blacklist=printf,max\n--FILE--\n\n--EXPECTF--\nbool(true)\nbool(false)\nbool(true)\nbool(false)\nbool(true)\n\n"
},
{
"path": "tests/executor/function_call_user_func.phpt",
"content": "--TEST--\nTesting if call_user_func() actually works\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\n--FILE--\n\n--EXPECTF--\nhello"
},
{
"path": "tests/executor/function_whitelist.phpt",
"content": "--TEST--\nTesting: suhosin.executor.func.whitelist=abs\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.func.whitelist=abs\n--FILE--\n\n--EXPECTF--\nALERT - function outside of whitelist called: max() (attacker 'REMOTE_ADDR not set', file '%s', line 3)\n\nWarning: max() has been disabled for security reasons in %s on line 3\n"
},
{
"path": "tests/executor/function_whitelist_absmax.phpt",
"content": "--TEST--\nTesting: suhosin.executor.func.whitelist=abs,max\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.func.whitelist=abs,max\n--FILE--\n\n--EXPECTF--\n\n"
},
{
"path": "tests/executor/function_whitelist_call_user_func.phpt",
"content": "--TEST--\nTesting: suhosin.executor.func.whitelist=call_user_func\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.func.whitelist=call_user_func\n--FILE--\n\n--EXPECTF--\nALERT - function outside of whitelist called: printf() (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n\nWarning: printf() has been disabled for security reasons in %s on line 2\n"
},
{
"path": "tests/executor/function_whitelist_function_exists.phpt",
"content": "--TEST--\nTesting: suhosin.executor.func.whitelist with function_exists()\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.func.whitelist=printf,max,function_exists,var_dump\n--FILE--\n\n--EXPECTF--\nbool(false)\nbool(true)\nbool(false)\nbool(true)\nbool(false)\n\n"
},
{
"path": "tests/executor/function_whitelist_maxabs.phpt",
"content": "--TEST--\nTesting: suhosin.executor.func.whitelist=max,abs\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.func.whitelist=max,abs\n--FILE--\n\n--EXPECTF--\n\n"
},
{
"path": "tests/executor/function_whitelist_without_function_exists.phpt",
"content": "--TEST--\nTesting: suhosin.executor.func.whitelist without function_exists()\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.func.whitelist=printf,max,var_dump\n--FILE--\n\n--EXPECTF--\nALERT - function outside of whitelist called: function_exists() (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n\nWarning: function_exists() has been disabled for security reasons in %s on line 2\n\n"
},
{
"path": "tests/executor/memory_limit.phpt",
"content": "--TEST--\nmemory_limit test: set suhosin hard_limit to normal limit\n--SKIPIF--\n\n--INI--\nmemory_limit=16M\nsuhosin.memory_limit=0\nsuhosin.log.syslog=0\nsuhosin.log.script=0\nsuhosin.log.sapi=2\n--FILE--\n\n--EXPECTF--\n13M\n14M\n15M\n16M\nALERT - script tried to increase memory_limit to 17825792 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 6)\n16M\nALERT - script tried to increase memory_limit to 18874368 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 7)\n16M\n\n"
},
{
"path": "tests/executor/memory_limit_64bit.phpt",
"content": "--TEST--\nmemory_limit test: set suhosin hard_limit to normal limit (64 bit)\n--SKIPIF--\n\n--INI--\nmemory_limit=16M\nsuhosin.memory_limit=0\nsuhosin.log.syslog=0\nsuhosin.log.script=0\nsuhosin.log.sapi=2\n--FILE--\n\n--EXPECTF--\n13M\n14M\n15M\n16M\nALERT - script tried to increase memory_limit to 17825792 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 6)\n16M\nALERT - script tried to increase memory_limit to 18874368 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 7)\n16M\nALERT - script tried to increase memory_limit to 2147483648 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 8)\n16M\nALERT - script tried to increase memory_limit to 3221225472 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 9)\n16M\nALERT - script tried to increase memory_limit to 4294967296 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 10)\n16M\nALERT - script tried to increase memory_limit to 5368709120 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 11)\n16M\n\n"
},
{
"path": "tests/executor/memory_limit_64bit_10G.phpt",
"content": "--TEST--\nmemory_limit test: set suhosin hard_limit to normal limit (64 bit) - 10 GB\n--SKIPIF--\n\n--INI--\nmemory_limit=10G\nsuhosin.memory_limit=0\nsuhosin.log.syslog=0\nsuhosin.log.script=0\nsuhosin.log.sapi=2\n--FILE--\n\n--EXPECTF--\n13M\n14M\n15M\n16M\n17M\n18M\n2G\n3G\n4G\n5G\n"
},
{
"path": "tests/executor/memory_limit_negative.phpt",
"content": "--TEST--\nmemory_limit test: trying to set memory_limit to a negative value\n--SKIPIF--\n\n--INI--\nmemory_limit=16M\nsuhosin.memory_limit=17M\nsuhosin.log.syslog=0\nsuhosin.log.script=0\nsuhosin.log.sapi=2\n--FILE--\n\n--EXPECTF--\nALERT - script tried to disable memory_limit by setting it to a negative value -%d bytes which is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n16M\n\n"
},
{
"path": "tests/executor/memory_limit_other_hardlimit.phpt",
"content": "--TEST--\nmemory_limit test: set suhosin hard_limit to normal limit + 1M\n--SKIPIF--\n\n--INI--\nmemory_limit=16M\nsuhosin.memory_limit=17M\nsuhosin.log.syslog=0\nsuhosin.log.script=0\nsuhosin.log.sapi=2\n--FILE--\n\n--EXPECTF--\n13M\n14M\n15M\n16M\n17M\nALERT - script tried to increase memory_limit to %d bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 7)\n17M\n\n"
},
{
"path": "tests/executor/preg_replace.phpt",
"content": "--TEST--\nTesting protection against \"\\0\" in preg_replace() first parameter\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=0\n--FILE--\n\n--EXPECT--\nstring(49) \"One little boy with 2 dogs, 3 cats and four birds\"\nbool(false)\nstring(39) \"The three cats play with the four birds\"\nbool(false)\n"
},
{
"path": "tests/executor/preg_replace_error.phpt",
"content": "--TEST--\nTesting protection against \"\\0\" in preg_replace() first parameter (INCL. SUHOSIN ERROR MESSAGES)\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\n--FILE--\n\n--EXPECTF--\nstring(49) \"One little boy with 2 dogs, 3 cats and four birds\"\nALERT - string termination attack on first preg_replace parameter detected (attacker 'REMOTE_ADDR not set', file '%s', line 14)\nbool(false)\nstring(39) \"The three cats play with the four birds\"\nALERT - string termination attack on first preg_replace parameter detected (attacker 'REMOTE_ADDR not set', file '%s', line 16)\nbool(false)\n"
},
{
"path": "tests/executor/recursion_maxdepth.phpt",
"content": "--TEST--\nTesting: suhosin.executor.max_depth\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=64\nsuhosin.executor.max_depth=13\n--FILE--\n\n--EXPECTF--\n2\n3\n4\n5\n6\n7\n8\n9\n10\n11\n12\n13\nALERT - maximum execution depth reached - script terminated (attacker 'REMOTE_ADDR not set', file '%s', line 5)\n"
},
{
"path": "tests/executor/user_session_handler.phpt",
"content": "--TEST--\nTesting user session handler functions\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.script=0\nsuhosin.log.sapi=2\nsuhosin.session.encrypt=On\nsession.save_path=SUHOSIN_TEST_CASE\n--FILE--\n $sessionName\";\n}\nfunction sess_close()\n{\n\t$GLOBALS['msg'][] = \"close\";\n}\nfunction sess_read($id)\n{\n\t$GLOBALS['msg'][] = \"read $id\";\n\treturn @$GLOBALS['test_array_session'][$id];\n}\nfunction sess_write($id, $data)\n{\n\t$GLOBALS['msg'][] = \"write $id - $data\";\n\t$GLOBALS['test_array_session'][$id] = $data;\n\treturn true;\n}\nfunction sess_destroy($id)\n{\n\t$GLOBALS['msg'][] = \"destroy $id\";\n}\nfunction sess_gc($lifetime)\n{\n}\n \nsession_set_save_handler ( \"sess_open\" , \"sess_close\" , \"sess_read\" , \"sess_write\" , \"sess_destroy\" , \"sess_gc\" );\nsession_id(md5(\"testsession1\"));\nsession_start();\n\n$_SESSION['test1'] = \"test\";\n$_SESSION['test2'] = 12345;\n$_SESSION['test3'] = array();\n$_SESSION['test4'] = new StdClass();\n\nsession_write_close();\n\nsession_start();\n\nvar_dump($_SESSION);\nvar_dump($msg);\n\n?>\n--EXPECTF--\narray(4) {\n [\"test1\"]=>\n string(4) \"test\"\n [\"test2\"]=>\n int(12345)\n [\"test3\"]=>\n array(0) {\n }\n [\"test4\"]=>\n object(stdClass)#1 (0) {\n }\n}\narray(6) {\n [0]=>\n string(35) \"open SUHOSIN_TEST_CASE -> PHPSESSID\"\n [1]=>\n string(37) \"read 4cdacd154c45b08c35d83f3b514eddab\"\n [2]=>\n string(%d) \"write 4cdacd154c45b08c35d83f3b514eddab - %s\"\n [3]=>\n string(5) \"close\"\n [4]=>\n string(35) \"open SUHOSIN_TEST_CASE -> PHPSESSID\"\n [5]=>\n string(37) \"read 4cdacd154c45b08c35d83f3b514eddab\"\n}\n"
},
{
"path": "tests/filter/cookie_disallow_nul.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.cookie.disallow_nul)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.disallow_nul=0\nsuhosin.cookie.disallow_nul=1\n--SKIPIF--\n\n--COOKIE--\nvar1=xx%001;var2=2;var3=xx%003;var4=4;\n--GET--\n--POST--\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"var2\"]=>\n string(1) \"2\"\n [\"var4\"]=>\n string(1) \"4\"\n}\nALERT - ASCII-NUL chars not allowed within COOKIE variables - dropped variable 'var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - ASCII-NUL chars not allowed within COOKIE variables - dropped variable 'var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 0 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/cookie_disallow_ws.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.cookie.disallow_ws)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.cookie.disallow_ws=1\n--SKIPIF--\n\n--COOKIE--\n+var1=1;var2=2;%20var3=3; var4=4;\n--GET--\n--POST--\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"var2\"]=>\n string(1) \"2\"\n [\"var4\"]=>\n string(1) \"4\"\n}\nALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 0 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/cookie_max_array_depth.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.cookie.max_array_depth)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_depth=0\nsuhosin.cookie.max_array_depth=4\n--SKIPIF--\n\n--COOKIE--\nvar1[]=1;var2[][]=2;var3[][][]=3;var4[][][][]=4;var5[][][][][]=5;var6[][][][][][]=6;\n--GET--\n--POST--\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var1\"]=>\n array(1) {\n [0]=>\n string(1) \"1\"\n }\n [\"var2\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n }\n [\"var3\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"3\"\n }\n }\n }\n [\"var4\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"4\"\n }\n }\n }\n }\n}\nALERT - configured COOKIE variable array depth limit exceeded - dropped variable 'var5[][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured COOKIE variable array depth limit exceeded - dropped variable 'var6[][][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 0 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/cookie_max_array_index_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.cookie.max_array_index_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_index_length=0\nsuhosin.cookie.max_array_index_length=3\n--SKIPIF--\n\n--COOKIE--\nvar1[AAA]=1;var2[BBBB]=1;var3[AAA][BBB]=1;var4[AAA][BBBB]=4;var5[AAA][BBB][CCC]=1;var6[AAA][BBBB][CCC]=1;\n--GET--\n--POST--\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"var1\"]=>\n array(1) {\n [\"AAA\"]=>\n string(1) \"1\"\n }\n [\"var3\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n string(1) \"1\"\n }\n }\n [\"var5\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n array(1) {\n [\"CCC\"]=>\n string(1) \"1\"\n }\n }\n }\n}\nALERT - configured COOKIE variable array index length limit exceeded - dropped variable 'var2[BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured COOKIE variable array index length limit exceeded - dropped variable 'var4[AAA][BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured COOKIE variable array index length limit exceeded - dropped variable 'var6[AAA][BBBB][CCC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (0 in GET, 0 in POST, 3 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/cookie_max_name_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.cookie.max_name_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_varname_length=0\nsuhosin.cookie.max_name_length=4\n--SKIPIF--\n\n--COOKIE--\nvar=0;var1=1;var2[]=2;var3[xxx]=3;var04=4;var05[]=5;var06[xxx]=6;\n--GET--\n--POST--\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var3\"]=>\n array(1) {\n [\"xxx\"]=>\n string(1) \"3\"\n }\n}\nALERT - configured COOKIE variable name length limit exceeded - dropped variable 'var04' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured COOKIE variable name length limit exceeded - dropped variable 'var05[]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured COOKIE variable name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (0 in GET, 0 in POST, 3 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/cookie_max_totalname_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.cookie.max_totalname_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_totalname_length=0\nsuhosin.cookie.max_totalname_length=7\n--SKIPIF--\n\n--COOKIE--\nvar=0;var1=1;var2[]=2;var3[xxx]=3;var04=4;var05[]=5;var06[xxx]=6;\n--GET--\n--POST--\n--FILE--\n\n--EXPECTF--\narray(5) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var04\"]=>\n string(1) \"4\"\n [\"var05\"]=>\n array(1) {\n [0]=>\n string(1) \"5\"\n }\n}\nALERT - configured COOKIE variable total name length limit exceeded - dropped variable 'var3[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured COOKIE variable total name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 0 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/cookie_max_value_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.cookie.max_value_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_value_length=0\nsuhosin.cookie.max_value_length=3\n--SKIPIF--\n\n--COOKIE--\nvar1=1;var2=22;var3=333;var4=4444;var5=55%00555;var6=666666;\n--GET--\n--POST--\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n string(2) \"22\"\n [\"var3\"]=>\n string(3) \"333\"\n}\nALERT - configured COOKIE variable value length limit exceeded - dropped variable 'var4' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured COOKIE variable value length limit exceeded - dropped variable 'var5' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured COOKIE variable value length limit exceeded - dropped variable 'var6' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (0 in GET, 0 in POST, 3 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/cookie_max_vars.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.cookie.max_vars)\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.cookie.max_vars=3\n--COOKIE--\na=1; b=2; c=3; d=4\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"a\"]=>\n string(1) \"1\"\n [\"b\"]=>\n string(1) \"2\"\n [\"c\"]=>\n string(1) \"3\"\n}\nALERT - configured COOKIE variable limit exceeded - dropped variable 'd' - all further COOKIE variables are dropped (attacker '%s', file '%s')\nALERT - dropped 1 request variables - (0 in GET, 0 in POST, 1 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/filter_action_302.phpt",
"content": "--TEST--\nsuhosin filter action: 302 redirect\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.request.disallow_nul=1\nsuhosin.filter.action=302,http://example.com/\n--SKIPIF--\n\n--CGI--\n--COOKIE--\nx=%00\n--FILE--\n\n--EXPECTHEADERS--\nStatus: 302 Moved Temporarily\nLocation: http://example.com/\n--EXPECTF--\n"
},
{
"path": "tests/filter/filter_action_php.phpt",
"content": "--TEST--\nsuhosin filter action: fallback PHP file\n--FOO--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.request.disallow_nul=1\nsuhosin.filter.action=404,filter_action_php.phpt\n--SKIPIF--\n\n--COOKIE--\nx=%00\n--FILE--\n\n--EXPECTF--\n%s\n%s\n%s\nFALLBACK"
},
{
"path": "tests/filter/filter_logging_statistics.phpt",
"content": "--TEST--\nsuhosin variable filter logging statistics\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.get.max_vars=5\nerror_reporting=E_ALL\n--SKIPIF--\n\n--COOKIE--\n--GET--\nA=A&B=B&C=C&D=D&E=E&F=F&G=G&\n--POST--\n--FILE--\n\n--EXPECTF--\nNotice: Undefined variable: counter in %s on line 2\narray(5) {\n [\"A\"]=>\n string(1) \"A\"\n [\"B\"]=>\n string(1) \"B\"\n [\"C\"]=>\n string(1) \"C\"\n [\"D\"]=>\n string(1) \"D\"\n [\"E\"]=>\n string(1) \"E\"\n}\nALERT - configured GET variable limit exceeded - dropped variable 'F' - all further GET variables are dropped (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (2 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/get_allow_ws.phpt",
"content": "--TEST--\nsuhosin input filter (allow whitespace)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.request.disallow_ws=0\nsuhosin.get.disallow_ws=0\nsuhosin.post.disallow_ws=0\nsuhosin.cookie.disallow_ws=0\n--SKIPIF--\n\n--COOKIE--\n+var1=1;var2=2;%20var3=3; var4=4;\n--GET--\n+var1=1&var2=2&%20var3=3& var4=4&\n--POST--\n+var1=1&var2=2&%20var3=3& var4=4&\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n string(1) \"2\"\n [\"var3\"]=>\n string(1) \"3\"\n [\"var4\"]=>\n string(1) \"4\"\n}\narray(4) {\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n string(1) \"2\"\n [\"var3\"]=>\n string(1) \"3\"\n [\"var4\"]=>\n string(1) \"4\"\n}\narray(4) {\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n string(1) \"2\"\n [\"var3\"]=>\n string(1) \"3\"\n [\"var4\"]=>\n string(1) \"4\"\n}"
},
{
"path": "tests/filter/get_disallow_nul.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.get.disallow_nul)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.disallow_nul=0\nsuhosin.get.disallow_nul=1\n--SKIPIF--\n\n--COOKIE--\n--GET--\nvar1=xx%001&var2=2&var3=xx%003&var4=4&\n--POST--\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"var2\"]=>\n string(1) \"2\"\n [\"var4\"]=>\n string(1) \"4\"\n}\nALERT - ASCII-NUL chars not allowed within GET variables - dropped variable 'var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - ASCII-NUL chars not allowed within GET variables - dropped variable 'var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (2 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/get_disallow_ws.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.get.disallow_ws)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.get.disallow_ws=1\n--SKIPIF--\n\n--COOKIE--\n--GET--\n+var1=1&var2=2&%20var3=3& var4=4&\n--POST--\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"var2\"]=>\n string(1) \"2\"\n}\nALERT - GET variable name begins with disallowed whitespace - dropped variable ' var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - GET variable name begins with disallowed whitespace - dropped variable ' var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - GET variable name begins with disallowed whitespace - dropped variable ' var4' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (3 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/get_filter_1.phpt",
"content": "--TEST--\nsuhosin GET filter (disallowed variable names)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\n--SKIPIF--\n\n--COOKIE--\n--GET--\nHTTP_RAW_POST_DATA=HTTP_RAW_POST_DATA&HTTP_SESSION_VARS=HTTP_SESSION_VARS&harmless1=harmless1&HTTP_SERVER_VARS=HTTP_SERVER_VARS&HTTP_COOKIE_VARS=HTTP_COOKIE_VARS&HTTP_POST_FILES=HTTP_POST_FILES&HTTP_POST_VARS=HTTP_POST_VARS&HTTP_GET_VARS=HTTP_GET_VARS&HTTP_ENV_VARS=HTTP_ENV_VARS&_SESSION=_SESSION&_REQUEST=_REQUEST&GLOBALS=GLOBALS&_COOKIE=_COOKIE&_SERVER=_SERVER&_FILES=_FILES&_POST=_POST&_ENV=_ENV&_GET=_GET&harmless2=harmless2&\n--POST--\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"harmless1\"]=>\n string(9) \"harmless1\"\n [\"harmless2\"]=>\n string(9) \"harmless2\"\n}\nALERT - tried to register forbidden variable 'HTTP_RAW_POST_DATA' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_SESSION_VARS' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_SERVER_VARS' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_COOKIE_VARS' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_POST_FILES' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_POST_VARS' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_GET_VARS' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_ENV_VARS' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_SESSION' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_REQUEST' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'GLOBALS' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_COOKIE' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_SERVER' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_FILES' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_POST' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_ENV' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_GET' through GET variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 17 request variables - (17 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/get_filter_2.phpt",
"content": "--TEST--\nsuhosin GET filter (suhosin.get.max_vars)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.get.max_vars=5\n--SKIPIF--\n\n--COOKIE--\n--GET--\nA=A&B=B&C=C&D=D&E=E&F=F&G=G&\n--POST--\n--FILE--\n\n--EXPECTF--\narray(5) {\n [\"A\"]=>\n string(1) \"A\"\n [\"B\"]=>\n string(1) \"B\"\n [\"C\"]=>\n string(1) \"C\"\n [\"D\"]=>\n string(1) \"D\"\n [\"E\"]=>\n string(1) \"E\"\n}\nALERT - configured GET variable limit exceeded - dropped variable 'F' - all further GET variables are dropped (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (2 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/get_globals.phpt",
"content": "--TEST--\nTesting: GLOBALS in GET\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=255\nsuhosin.log.script.name=/tmp/xx\n--GET--\na=1&b=2&GLOBALS=123&c=3\n--FILE--\n\n--EXPECT--\nstring(1) \"1\"\nstring(1) \"2\"\nstring(1) \"3\"\nint(5)\n"
},
{
"path": "tests/filter/get_max_array_depth.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.get.max_array_depth)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_depth=0\nsuhosin.get.max_array_depth=4\n--SKIPIF--\n\n--COOKIE--\n--GET--\nvar1[]=1&var2[][]=2&var3[][][]=3&var4[][][][]=4&var5[][][][][]=5&var6[][][][][][]=6&\n--POST--\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var1\"]=>\n array(1) {\n [0]=>\n string(1) \"1\"\n }\n [\"var2\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n }\n [\"var3\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"3\"\n }\n }\n }\n [\"var4\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"4\"\n }\n }\n }\n }\n}\nALERT - configured GET variable array depth limit exceeded - dropped variable 'var5[][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured GET variable array depth limit exceeded - dropped variable 'var6[][][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (2 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/get_max_array_index_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.get.max_array_index_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_index_length=0\nsuhosin.get.max_array_index_length=3\n--SKIPIF--\n\n--COOKIE--\n--GET--\nvar1[AAA]=1&var2[BBBB]=1&var3[AAA][BBB]=1&var4[AAA][BBBB]=4&var5[AAA][BBB][CCC]=1&var6[AAA][BBBB][CCC]=1\n--POST--\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"var1\"]=>\n array(1) {\n [\"AAA\"]=>\n string(1) \"1\"\n }\n [\"var3\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n string(1) \"1\"\n }\n }\n [\"var5\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n array(1) {\n [\"CCC\"]=>\n string(1) \"1\"\n }\n }\n }\n}\nALERT - configured GET variable array index length limit exceeded - dropped variable 'var2[BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured GET variable array index length limit exceeded - dropped variable 'var4[AAA][BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured GET variable array index length limit exceeded - dropped variable 'var6[AAA][BBBB][CCC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (3 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/get_max_name_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.get.max_name_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_varname_length=0\nsuhosin.get.max_name_length=4\n--SKIPIF--\n\n--COOKIE--\n--GET--\nvar=0&var1=1&var2[]=2&var3[xxx]=3&var04=4&var05[]=5&var06[xxx]=6&\n--POST--\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var3\"]=>\n array(1) {\n [\"xxx\"]=>\n string(1) \"3\"\n }\n}\nALERT - configured GET variable name length limit exceeded - dropped variable 'var04' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured GET variable name length limit exceeded - dropped variable 'var05[]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured GET variable name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (3 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/get_max_totalname_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.get.max_totalname_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_totalname_length=0\nsuhosin.get.max_totalname_length=7\n--SKIPIF--\n\n--COOKIE--\n--GET--\nvar=0&var1=1&var2[]=2&var3[xxx]=3&var04=4&var05[]=5&var06[xxx]=6&\n--POST--\n--FILE--\n\n--EXPECTF--\narray(5) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var04\"]=>\n string(1) \"4\"\n [\"var05\"]=>\n array(1) {\n [0]=>\n string(1) \"5\"\n }\n}\nALERT - configured GET variable total name length limit exceeded - dropped variable 'var3[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured GET variable total name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (2 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/get_max_value_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.get.max_value_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_value_length=0\nsuhosin.get.max_value_length=3\n--SKIPIF--\n\n--COOKIE--\n--GET--\nvar1=1&var2=22&var3=333&var4=4444&var5=55%00555&var6=666666&\n--POST--\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n string(2) \"22\"\n [\"var3\"]=>\n string(3) \"333\"\n}\nALERT - configured GET variable value length limit exceeded - dropped variable 'var4' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured GET variable value length limit exceeded - dropped variable 'var5' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured GET variable value length limit exceeded - dropped variable 'var6' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (3 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/input_filter_request_max_value_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.request.max_value_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_value_length=3\n--SKIPIF--\n\n--COOKIE--\nvar1=1;var2=22;var3=333;var4=4444;var5=55%00555;var6=666666;\n--GET--\nvar1=1&var2=22&var3=333&var4=4444&var5=55%00555&var6=666666&\n--POST--\nvar1=1&var2=22&var3=333&var4=4444&var5=55%00555&var6=666666&\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n string(2) \"22\"\n [\"var3\"]=>\n string(3) \"333\"\n}\narray(3) {\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n string(2) \"22\"\n [\"var3\"]=>\n string(3) \"333\"\n}\narray(3) {\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n string(2) \"22\"\n [\"var3\"]=>\n string(3) \"333\"\n}\nALERT - configured request variable value length limit exceeded - dropped variable 'var4' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable value length limit exceeded - dropped variable 'var5' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable value length limit exceeded - dropped variable 'var6' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable value length limit exceeded - dropped variable 'var4' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable value length limit exceeded - dropped variable 'var5' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable value length limit exceeded - dropped variable 'var6' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable value length limit exceeded - dropped variable 'var4' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable value length limit exceeded - dropped variable 'var5' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable value length limit exceeded - dropped variable 'var6' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 9 request variables - (3 in GET, 3 in POST, 3 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/post_disallow_nul.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.disallow_nul)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.disallow_nul=0\nsuhosin.post.disallow_nul=1\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nvar1=xx%001&var2=2&var3=xx%003&var4=4&\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"var2\"]=>\n string(1) \"2\"\n [\"var4\"]=>\n string(1) \"4\"\n}\nALERT - ASCII-NUL chars not allowed within POST variables - dropped variable 'var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - ASCII-NUL chars not allowed within POST variables - dropped variable 'var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 2 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/post_disallow_ws.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.disallow_ws)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.post.disallow_ws=1\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\n+var1=1&var2=2&%20var3=3& var4=4&\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"var2\"]=>\n string(1) \"2\"\n}\nALERT - POST variable name begins with disallowed whitespace - dropped variable ' var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - POST variable name begins with disallowed whitespace - dropped variable ' var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - POST variable name begins with disallowed whitespace - dropped variable ' var4' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (0 in GET, 3 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/post_fileupload_array_index_blacklist.phpt",
"content": "--TEST--\nsuhosin file upload filter (array index whitelist)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nfile_uploads=1\nsuhosin.request.array_index_blacklist=ABC\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"fn[foo][bar]\"\n\nok\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"fn[foo][BAR]\"\n\nbad\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"fn\"]=>\n array(1) {\n [\"foo\"]=>\n array(1) {\n [\"bar\"]=>\n string(2) \"ok\"\n }\n }\n}\nALERT - array index contains blacklisted characters - dropped variable 'fn[foo][BAR]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 1 request variables - (0 in GET, 1 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/post_fileupload_array_index_whitelist.phpt",
"content": "--TEST--\nsuhosin file upload filter (array index whitelist)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nfile_uploads=1\nsuhosin.request.array_index_whitelist=abcdefghijklmnopqrstuvwxyz\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"fn[foo][bar]\"\n\nok\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"fn[foo][BAR]\"\n\nbad\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"fn\"]=>\n array(1) {\n [\"foo\"]=>\n array(1) {\n [\"bar\"]=>\n string(2) \"ok\"\n }\n }\n}\nALERT - array index contains not whitelisted characters - dropped variable 'fn[foo][BAR]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 1 request variables - (0 in GET, 1 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/post_fileupload_filter_1.phpt",
"content": "--TEST--\nsuhosin rfc1867 file upload filter (disallowed variable names)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nfile_uploads=1\nupload_max_filesize=1024\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"HTTP_RAW_POST_DATA\"\n\nHTTP_RAW_POST_DATA\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"HTTP_SESSION_VARS\"\n\nHTTP_SESSION_VARS\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"HTTP_SERVER_VARS\"\n\nHTTP_SERVER_VARS\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"HTTP_COOKIE_VARS\"\n\nHTTP_COOKIE_VARS\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"HTTP_POST_FILES\"\n\nHTTP_POST_FILES\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"HTTP_POST_VARS\"\n\nHTTP_POST_VARS\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"HTTP_GET_VARS\"\n\nHTTP_GET_VARS\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"HTTP_ENV_VARS\"\n\nHTTP_ENV_VARS\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"_SESSION\"\n\n_SESSION\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"_REQUEST\"\n\n_REQUEST\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"GLOBALS\"\n\nGLOBALS\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"_COOKIE\"\n\n_COOKIE\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"_SERVER\"\n\n_SERVER\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"_FILES\"\n\n_FILES\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"_POST\"\n\n_POST\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"_ENV\"\n\n_ENV\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"_GET\"\n\n_GET\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"harmless\"\n\nharmless\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"harmless\"]=>\n string(8) \"harmless\"\n}\nALERT - tried to register forbidden variable 'HTTP_RAW_POST_DATA' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_SESSION_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_SERVER_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_COOKIE_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_POST_FILES' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_POST_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_GET_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_ENV_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_SESSION' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_REQUEST' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'GLOBALS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_COOKIE' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_SERVER' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_FILES' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_POST' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_ENV' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_GET' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 17 request variables - (0 in GET, 17 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/post_fileupload_filter_2.phpt",
"content": "--TEST--\nsuhosin rfc1867 file upload filter (suhosin.post.max_vars)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.post.max_vars=5\nfile_uploads=1\nupload_max_filesize=1024\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"A\"\n\nA\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"B\"\n\nB\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"C\"\n\nC\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"D\"\n\nD\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"E\"\n\nE\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"F\"\n\nF\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"G\"\n\nG\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(5) {\n [\"A\"]=>\n string(1) \"A\"\n [\"B\"]=>\n string(1) \"B\"\n [\"C\"]=>\n string(1) \"C\"\n [\"D\"]=>\n string(1) \"D\"\n [\"E\"]=>\n string(1) \"E\"\n}\nALERT - configured POST variable limit exceeded - dropped variable 'F' - all further POST variables are dropped (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 2 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/post_filter_1.phpt",
"content": "--TEST--\nsuhosin POST filter (disallowed variable names)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nHTTP_RAW_POST_DATA=HTTP_RAW_POST_DATA&HTTP_SESSION_VARS=HTTP_SESSION_VARS&harmless1=harmless1&HTTP_SERVER_VARS=HTTP_SERVER_VARS&HTTP_COOKIE_VARS=HTTP_COOKIE_VARS&HTTP_POST_FILES=HTTP_POST_FILES&HTTP_POST_VARS=HTTP_POST_VARS&HTTP_GET_VARS=HTTP_GET_VARS&HTTP_ENV_VARS=HTTP_ENV_VARS&_SESSION=_SESSION&_REQUEST=_REQUEST&GLOBALS=GLOBALS&_COOKIE=_COOKIE&_SERVER=_SERVER&_FILES=_FILES&_POST=_POST&_ENV=_ENV&_GET=_GET&harmless2=harmless2&\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"harmless1\"]=>\n string(9) \"harmless1\"\n [\"harmless2\"]=>\n string(9) \"harmless2\"\n}\nALERT - tried to register forbidden variable 'HTTP_RAW_POST_DATA' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_SESSION_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_SERVER_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_COOKIE_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_POST_FILES' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_POST_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_GET_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'HTTP_ENV_VARS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_SESSION' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_REQUEST' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable 'GLOBALS' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_COOKIE' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_SERVER' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_FILES' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_POST' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_ENV' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - tried to register forbidden variable '_GET' through POST variables (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 17 request variables - (0 in GET, 17 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/post_filter_2.phpt",
"content": "--TEST--\nsuhosin POST filter (suhosin.post.max_vars)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.post.max_vars=5\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nA=A&B=B&C=C&D=D&E=E&F=F&G=G&\n--FILE--\n\n--EXPECTF--\narray(5) {\n [\"A\"]=>\n string(1) \"A\"\n [\"B\"]=>\n string(1) \"B\"\n [\"C\"]=>\n string(1) \"C\"\n [\"D\"]=>\n string(1) \"D\"\n [\"E\"]=>\n string(1) \"E\"\n}\nALERT - configured POST variable limit exceeded - dropped variable 'F' - all further POST variables are dropped (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 2 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/post_filter_empty_avar.phpt",
"content": "--TEST--\nsuhosin POST filter with empty array variable\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\na[]=&a[]=test\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"a\"]=>\n array(2) {\n [0]=>\n string(0) \"\"\n [1]=>\n string(4) \"test\"\n }\n}\n"
},
{
"path": "tests/filter/post_filter_empty_var.phpt",
"content": "--TEST--\nsuhosin POST filter with empty variable\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nA=&B=test\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"A\"]=>\n string(0) \"\"\n [\"B\"]=>\n string(4) \"test\"\n}\n"
},
{
"path": "tests/filter/post_max_array_depth.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.max_array_depth)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_depth=0\nsuhosin.post.max_array_depth=4\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nvar1[]=1&var2[][]=2&var3[][][]=3&var4[][][][]=4&var5[][][][][]=5&var6[][][][][][]=6&\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var1\"]=>\n array(1) {\n [0]=>\n string(1) \"1\"\n }\n [\"var2\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n }\n [\"var3\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"3\"\n }\n }\n }\n [\"var4\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"4\"\n }\n }\n }\n }\n}\nALERT - configured POST variable array depth limit exceeded - dropped variable 'var5[][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable array depth limit exceeded - dropped variable 'var6[][][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 2 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/post_max_array_depth_rfc1867.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.max_array_depth - RFC1867 version)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_depth=0\nsuhosin.post.max_array_depth=4\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var1[]\"\n\n1\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var2[][]\"\n\n2\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var3[][][]\"\n\n3\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var4[][][][]\"\n\n4\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var5[][][][][]\"\n\n5\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var6[][][][][][]\"\n\n6\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var1\"]=>\n array(1) {\n [0]=>\n string(1) \"1\"\n }\n [\"var2\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n }\n [\"var3\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"3\"\n }\n }\n }\n [\"var4\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"4\"\n }\n }\n }\n }\n}\nALERT - configured POST variable array depth limit exceeded - dropped variable 'var5[][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable array depth limit exceeded - dropped variable 'var6[][][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 2 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/post_max_array_index_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.max_array_index_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_index_length=0\nsuhosin.post.max_array_index_length=3\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nvar1[AAA]=1&var2[BBBB]=1&var3[AAA][BBB]=1&var4[AAA][BBBB]=4&var5[AAA][BBB][CCC]=1&var6[AAA][BBBB][CCC]=1\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"var1\"]=>\n array(1) {\n [\"AAA\"]=>\n string(1) \"1\"\n }\n [\"var3\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n string(1) \"1\"\n }\n }\n [\"var5\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n array(1) {\n [\"CCC\"]=>\n string(1) \"1\"\n }\n }\n }\n}\nALERT - configured POST variable array index length limit exceeded - dropped variable 'var2[BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable array index length limit exceeded - dropped variable 'var4[AAA][BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable array index length limit exceeded - dropped variable 'var6[AAA][BBBB][CCC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (0 in GET, 3 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/post_max_array_index_length_rfc1867.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.max_array_index_length - RFC1867 version)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_index_length=0\nsuhosin.post.max_array_index_length=3\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nvar1[AAA]=1&var2[BBBB]=1&var3[AAA][BBB]=1&var4[AAA][BBBB]=4&var5[AAA][BBB][CCC]=1&var6[AAA][BBBB][CCC]=1\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var1[AAA]\"\n\n1\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var2[BBBB]\"\n\n1\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var3[AAA][BBB]\"\n\n1\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var4[AAA][BBBB]\"\n\n1\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var5[AAA][BBB][CCC]\"\n\n1\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var6[AAA][BBBB][CCC]\"\n\n1\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"var1\"]=>\n array(1) {\n [\"AAA\"]=>\n string(1) \"1\"\n }\n [\"var3\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n string(1) \"1\"\n }\n }\n [\"var5\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n array(1) {\n [\"CCC\"]=>\n string(1) \"1\"\n }\n }\n }\n}\nALERT - configured POST variable array index length limit exceeded - dropped variable 'var2[BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable array index length limit exceeded - dropped variable 'var4[AAA][BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable array index length limit exceeded - dropped variable 'var6[AAA][BBBB][CCC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (0 in GET, 3 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/post_max_name_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.max_name_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_varname_length=0\nsuhosin.post.max_name_length=4\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nvar=0&var1=1&var2[]=2&var3[xxx]=3&var04=4&var05[]=5&var06[xxx]=6&\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var3\"]=>\n array(1) {\n [\"xxx\"]=>\n string(1) \"3\"\n }\n}\nALERT - configured POST variable name length limit exceeded - dropped variable 'var04' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable name length limit exceeded - dropped variable 'var05[]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (0 in GET, 3 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/post_max_name_length_rfc1867.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.max_name_length - RFC1867 version)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_varname_length=0\nsuhosin.post.max_name_length=4\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var\"\n\n0\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var1\"\n\n1\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var2[]\"\n\n2\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var3[xxx]\"\n\n3\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var04\"\n\n4\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var05[]\"\n\n5\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var06[xxx]\"\n\n6\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var3\"]=>\n array(1) {\n [\"xxx\"]=>\n string(1) \"3\"\n }\n}\nALERT - configured POST variable name length limit exceeded - dropped variable 'var04' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable name length limit exceeded - dropped variable 'var05[]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (0 in GET, 3 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/post_max_totalname_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.max_totalname_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_totalname_length=0\nsuhosin.post.max_totalname_length=7\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nvar=0&var1=1&var2[]=2&var3[xxx]=3&var04=4&var05[]=5&var06[xxx]=6&\n--FILE--\n\n--EXPECTF--\narray(5) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var04\"]=>\n string(1) \"4\"\n [\"var05\"]=>\n array(1) {\n [0]=>\n string(1) \"5\"\n }\n}\nALERT - configured POST variable total name length limit exceeded - dropped variable 'var3[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable total name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 2 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/post_max_totalname_length_rfc1867.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.max_totalname_length - RFC1867 version)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_totalname_length=0\nsuhosin.post.max_totalname_length=7\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var\"\n\n0\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var1\"\n\n1\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var2[]\"\n\n2\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var3[xxx]\"\n\n3\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var04\"\n\n4\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var05[]\"\n\n5\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"var06[xxx]\"\n\n6\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(5) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var04\"]=>\n string(1) \"4\"\n [\"var05\"]=>\n array(1) {\n [0]=>\n string(1) \"5\"\n }\n}\nALERT - configured POST variable total name length limit exceeded - dropped variable 'var3[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable total name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 2 request variables - (0 in GET, 2 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/post_max_value_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.post.max_value_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_value_length=0\nsuhosin.post.max_value_length=3\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST--\nvar1=1&var2=22&var3=333&var4=4444&var5=55%00555&var6=666666&\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n string(2) \"22\"\n [\"var3\"]=>\n string(3) \"333\"\n}\nALERT - configured POST variable value length limit exceeded - dropped variable 'var4' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable value length limit exceeded - dropped variable 'var5' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured POST variable value length limit exceeded - dropped variable 'var6' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (0 in GET, 3 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/request_array_index_blacklist.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.request.array_index_blacklist)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.array_index_blacklist=\"=ABC%{}\\\\$;\"\n--SKIPIF--\n\n--COOKIE--\nvar1[aaa]=1;var2[bbB]=1;var3[ccc][ccC]=1\n--GET--\nvar1[aaa]=1&var2[bbB]=1&var3[ccc][ccC]=1\n--POST--\nvar1[aaa]=1&var2[bbB]=1&var3[ccc][ccC]=1\n--FILE--\n\n--EXPECTF--\nstring(10) \"=ABC%{}\\$;\"\narray(1) {\n [\"var1\"]=>\n array(1) {\n [\"aaa\"]=>\n string(1) \"1\"\n }\n}\narray(1) {\n [\"var1\"]=>\n array(1) {\n [\"aaa\"]=>\n string(1) \"1\"\n }\n}\narray(1) {\n [\"var1\"]=>\n array(1) {\n [\"aaa\"]=>\n string(1) \"1\"\n }\n}\nALERT - array index contains blacklisted characters - dropped variable 'var2[bbB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains blacklisted characters - dropped variable 'var3[ccc][ccC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains blacklisted characters - dropped variable 'var2[bbB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains blacklisted characters - dropped variable 'var3[ccc][ccC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains blacklisted characters - dropped variable 'var2[bbB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains blacklisted characters - dropped variable 'var3[ccc][ccC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 6 request variables - (2 in GET, 2 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/request_array_index_whitelist.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.request.array_index_whitelist)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.array_index_whitelist=abcdefghijklmnopqrstuvwxyz\n--SKIPIF--\n\n--COOKIE--\nvar1[aaa]=1;var2[bbB]=1;var3[ccc][ccC]=1\n--GET--\nvar1[aaa]=1&var2[bbB]=1&var3[ccc][ccC]=1\n--POST--\nvar1[aaa]=1&var2[bbB]=1&var3[ccc][ccC]=1\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"var1\"]=>\n array(1) {\n [\"aaa\"]=>\n string(1) \"1\"\n }\n}\narray(1) {\n [\"var1\"]=>\n array(1) {\n [\"aaa\"]=>\n string(1) \"1\"\n }\n}\narray(1) {\n [\"var1\"]=>\n array(1) {\n [\"aaa\"]=>\n string(1) \"1\"\n }\n}\nALERT - array index contains not whitelisted characters - dropped variable 'var2[bbB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains not whitelisted characters - dropped variable 'var3[ccc][ccC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains not whitelisted characters - dropped variable 'var2[bbB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains not whitelisted characters - dropped variable 'var3[ccc][ccC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains not whitelisted characters - dropped variable 'var2[bbB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - array index contains not whitelisted characters - dropped variable 'var3[ccc][ccC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 6 request variables - (2 in GET, 2 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/request_disallow_nul.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.request.disallow_nul)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.disallow_nul=1\n--SKIPIF--\n\n--COOKIE--\nvar1=xx%001;var2=2;var3=xx%003;var4=4;\n--GET--\nvar1=xx%001&var2=2&var3=xx%003&var4=4&\n--POST--\nvar1=xx%001&var2=2&var3=xx%003&var4=4&\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"var2\"]=>\n string(1) \"2\"\n [\"var4\"]=>\n string(1) \"4\"\n}\narray(2) {\n [\"var2\"]=>\n string(1) \"2\"\n [\"var4\"]=>\n string(1) \"4\"\n}\narray(2) {\n [\"var2\"]=>\n string(1) \"2\"\n [\"var4\"]=>\n string(1) \"4\"\n}\nALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 6 request variables - (2 in GET, 2 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/request_disallow_ws.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.request.disallow_ws)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.disallow_ws=1\n--SKIPIF--\n\n--COOKIE--\n--GET--\n+var1=1&var2=2&%20var3=3& var4=4&\n--POST--\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"var2\"]=>\n string(1) \"2\"\n}\nALERT - request variable name begins with disallowed whitespace - dropped variable ' var1' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - request variable name begins with disallowed whitespace - dropped variable ' var3' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - request variable name begins with disallowed whitespace - dropped variable ' var4' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 3 request variables - (3 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/request_max_array_depth.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.request.max_array_depth)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_depth=4\n--SKIPIF--\n\n--COOKIE--\nvar1[]=1;var2[][]=2;var3[][][]=3;var4[][][][]=4;var5[][][][][]=5;var6[][][][][][]=6;\n--GET--\nvar1[]=1&var2[][]=2&var3[][][]=3&var4[][][][]=4&var5[][][][][]=5&var6[][][][][][]=6&\n--POST--\nvar1[]=1&var2[][]=2&var3[][][]=3&var4[][][][]=4&var5[][][][][]=5&var6[][][][][][]=6&\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var1\"]=>\n array(1) {\n [0]=>\n string(1) \"1\"\n }\n [\"var2\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n }\n [\"var3\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"3\"\n }\n }\n }\n [\"var4\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"4\"\n }\n }\n }\n }\n}\narray(4) {\n [\"var1\"]=>\n array(1) {\n [0]=>\n string(1) \"1\"\n }\n [\"var2\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n }\n [\"var3\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"3\"\n }\n }\n }\n [\"var4\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"4\"\n }\n }\n }\n }\n}\narray(4) {\n [\"var1\"]=>\n array(1) {\n [0]=>\n string(1) \"1\"\n }\n [\"var2\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n }\n [\"var3\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"3\"\n }\n }\n }\n [\"var4\"]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n array(1) {\n [0]=>\n string(1) \"4\"\n }\n }\n }\n }\n}\nALERT - configured request variable array depth limit exceeded - dropped variable 'var5[][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array depth limit exceeded - dropped variable 'var6[][][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array depth limit exceeded - dropped variable 'var5[][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array depth limit exceeded - dropped variable 'var6[][][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array depth limit exceeded - dropped variable 'var5[][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array depth limit exceeded - dropped variable 'var6[][][][][][]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 6 request variables - (2 in GET, 2 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/request_max_array_index_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.request.max_array_index_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_array_index_length=3\n--SKIPIF--\n\n--COOKIE--\nvar1[AAA]=1;var2[BBBB]=1;var3[AAA][BBB]=1;var4[AAA][BBBB]=4;var5[AAA][BBB][CCC]=1;var6[AAA][BBBB][CCC]=1;\n--GET--\nvar1[AAA]=1&var2[BBBB]=1&var3[AAA][BBB]=1&var4[AAA][BBBB]=4&var5[AAA][BBB][CCC]=1&var6[AAA][BBBB][CCC]=1\n--POST--\nvar1[AAA]=1&var2[BBBB]=1&var3[AAA][BBB]=1&var4[AAA][BBBB]=4&var5[AAA][BBB][CCC]=1&var6[AAA][BBBB][CCC]=1\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"var1\"]=>\n array(1) {\n [\"AAA\"]=>\n string(1) \"1\"\n }\n [\"var3\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n string(1) \"1\"\n }\n }\n [\"var5\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n array(1) {\n [\"CCC\"]=>\n string(1) \"1\"\n }\n }\n }\n}\narray(3) {\n [\"var1\"]=>\n array(1) {\n [\"AAA\"]=>\n string(1) \"1\"\n }\n [\"var3\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n string(1) \"1\"\n }\n }\n [\"var5\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n array(1) {\n [\"CCC\"]=>\n string(1) \"1\"\n }\n }\n }\n}\narray(3) {\n [\"var1\"]=>\n array(1) {\n [\"AAA\"]=>\n string(1) \"1\"\n }\n [\"var3\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n string(1) \"1\"\n }\n }\n [\"var5\"]=>\n array(1) {\n [\"AAA\"]=>\n array(1) {\n [\"BBB\"]=>\n array(1) {\n [\"CCC\"]=>\n string(1) \"1\"\n }\n }\n }\n}\nALERT - configured request variable array index length limit exceeded - dropped variable 'var2[BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array index length limit exceeded - dropped variable 'var4[AAA][BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array index length limit exceeded - dropped variable 'var6[AAA][BBBB][CCC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array index length limit exceeded - dropped variable 'var2[BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array index length limit exceeded - dropped variable 'var4[AAA][BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array index length limit exceeded - dropped variable 'var6[AAA][BBBB][CCC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array index length limit exceeded - dropped variable 'var2[BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array index length limit exceeded - dropped variable 'var4[AAA][BBBB]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable array index length limit exceeded - dropped variable 'var6[AAA][BBBB][CCC]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 9 request variables - (3 in GET, 3 in POST, 3 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/request_max_name_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.request.max_varname_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_varname_length=4\n--SKIPIF--\n\n--COOKIE--\nvar=0;var1=1;var2[]=2;var3[xxx]=3;var04=4;var05[]=5;var06[xxx]=6;\n--GET--\nvar=0&var1=1&var2[]=2&var3[xxx]=3&var04=4&var05[]=5&var06[xxx]=6&\n--POST--\nvar=0&var1=1&var2[]=2&var3[xxx]=3&var04=4&var05[]=5&var06[xxx]=6&\n--FILE--\n\n--EXPECTF--\narray(4) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var3\"]=>\n array(1) {\n [\"xxx\"]=>\n string(1) \"3\"\n }\n}\narray(4) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var3\"]=>\n array(1) {\n [\"xxx\"]=>\n string(1) \"3\"\n }\n}\narray(4) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var3\"]=>\n array(1) {\n [\"xxx\"]=>\n string(1) \"3\"\n }\n}\nALERT - configured request variable name length limit exceeded - dropped variable 'var04' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable name length limit exceeded - dropped variable 'var05[]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable name length limit exceeded - dropped variable 'var04' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable name length limit exceeded - dropped variable 'var05[]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable name length limit exceeded - dropped variable 'var04' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable name length limit exceeded - dropped variable 'var05[]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 9 request variables - (3 in GET, 3 in POST, 3 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/request_max_totalname_length.phpt",
"content": "--TEST--\nsuhosin input filter (suhosin.request.max_totalname_length)\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.request.max_totalname_length=7\n--SKIPIF--\n\n--COOKIE--\nvar=0;var1=1;var2[]=2;var3[xxx]=3;var04=4;var05[]=5;var06[xxx]=6;\n--GET--\nvar=0&var1=1&var2[]=2&var3[xxx]=3&var04=4&var05[]=5&var06[xxx]=6&\n--POST--\nvar=0&var1=1&var2[]=2&var3[xxx]=3&var04=4&var05[]=5&var06[xxx]=6&\n--FILE--\n\n--EXPECTF--\narray(5) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var04\"]=>\n string(1) \"4\"\n [\"var05\"]=>\n array(1) {\n [0]=>\n string(1) \"5\"\n }\n}\narray(5) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var04\"]=>\n string(1) \"4\"\n [\"var05\"]=>\n array(1) {\n [0]=>\n string(1) \"5\"\n }\n}\narray(5) {\n [\"var\"]=>\n string(1) \"0\"\n [\"var1\"]=>\n string(1) \"1\"\n [\"var2\"]=>\n array(1) {\n [0]=>\n string(1) \"2\"\n }\n [\"var04\"]=>\n string(1) \"4\"\n [\"var05\"]=>\n array(1) {\n [0]=>\n string(1) \"5\"\n }\n}\nALERT - configured request variable total name length limit exceeded - dropped variable 'var3[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable total name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable total name length limit exceeded - dropped variable 'var3[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable total name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable total name length limit exceeded - dropped variable 'var3[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - configured request variable total name length limit exceeded - dropped variable 'var06[xxx]' (attacker 'REMOTE_ADDR not set', file '%s')\nALERT - dropped 6 request variables - (2 in GET, 2 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')\n\n"
},
{
"path": "tests/filter/server_encode_off.phpt",
"content": "--TEST--\nTesting: suhosin.server.encode=Off\n--DESCRIPTION--\nThis test is incomplete but at the moment we cannot do better with the standard test framework.\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.server.encode=Off\n--SKIPIF--\n\n--ENV--\nreturn <<\"'`!AAA\nEND;\n--COOKIE--\n--GET--\nBBB<>\"'`!BBB\n--POST--\n--FILE--\n\n--EXPECTF--\nstring(12) \"AAA<>\"'`!AAA\"\nstring(12) \"BBB<>\"'`!BBB\"\n\n\n"
},
{
"path": "tests/filter/server_encode_on.phpt",
"content": "--TEST--\nTesting: suhosin.server.encode=On\n--DESCRIPTION--\nThis test is incomplete but at the moment we cannot do better with the standard test framework.\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.server.encode=On\n--SKIPIF--\n\n--ENV--\nreturn <<\"'`!AAA\nEND;\n--COOKIE--\n--GET--\nBBB<>\"'`!BBB\n--POST--\n--FILE--\n\n--EXPECTF--\nstring(22) \"AAA%3C%3E%22%27%60!AAA\"\nstring(22) \"BBB%3C%3E%22%27%60!BBB\"\n\n"
},
{
"path": "tests/filter/server_filter.phpt",
"content": "--TEST--\nsuhosin SERVER filter\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\n--SKIPIF--\n\n--ENV--\nreturn << $v) {\n\tif (!strncmp($k, \"HTTP_\", 5)) echo \"$k => $v\\n\";\n}\n?>\n--EXPECTF--\nHTTP_MY_VARS => HTTP_MY_VARS\nALERT - Attacker tried to overwrite a superglobal through a HTTP header (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/server_strip_off.phpt",
"content": "--TEST--\nTesting: suhosin.server.strip=Off\n--DESCRIPTION--\nThis test is incomplete but at the moment we cannot do better with the standard test framework.\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.server.strip=Off\n--SKIPIF--\n\n--ENV--\nreturn <<\"'`!AAA\nEND;\n--COOKIE--\n--GET--\nA=B\n--POST--\n--FILE--\n\n--EXPECTF--\nstring(40) \"X/index.php/THIS_IS_A_FAKE_NAME<>\"'`!AAA\"\n"
},
{
"path": "tests/filter/server_strip_on.phpt",
"content": "--TEST--\nTesting: suhosin.server.strip=On\n--DESCRIPTION--\nThis test is incomplete but at the moment we cannot do better with the standard test framework.\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.server.strip=On\n--SKIPIF--\n\n--ENV--\nreturn <<\"'`!AAA\nEND;\n--COOKIE--\n--GET--\nA=B\n--POST--\n--FILE--\n\n--EXPECTF--\nstring(40) \"X/index.php/THIS_IS_A_FAKE_NAME?????!AAA\"\n"
},
{
"path": "tests/filter/server_user_agent_strip_off.phpt",
"content": "--TEST--\nTesting: suhosin.server.strip=On\n--DESCRIPTION--\nThis test is not exactly what we want, but good enough due to limitations of the test framework.\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.server.strip=Off\n--SKIPIF--\n\n--ENV--\nreturn <<alert('123');Gecko/20100101 Firefox/29.0\nEND;\n--COOKIE--\n--GET--\nA=B\n--POST--\n--FILE--\n\n--EXPECTF--\nstring(95) \"Mozilla/5.0 (Windows NT 6.0; rv:29.0) Gecko/20100101 Firefox/29.0\"\n\n"
},
{
"path": "tests/filter/server_user_agent_strip_on.phpt",
"content": "--TEST--\nTesting: suhosin.server.strip=On\n--DESCRIPTION--\nThis test is not exactly what we want, but good enough due to limitations of the test framework.\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.server.strip=On\n--SKIPIF--\n\n--ENV--\nreturn <<alert('123');Gecko/20100101 Firefox/29.0\nEND;\n--COOKIE--\n--GET--\nA=B\n--POST--\n--FILE--\n\n--EXPECTF--\nstring(95) \"Mozilla/5.0 (Windows NT 6.0; rv:29.0) ?script?alert(?123?);?/script?Gecko/20100101 Firefox/29.0\"\n\n"
},
{
"path": "tests/filter/suhosin_upload_disallow_binary_utf8.phpt",
"content": "--TEST--\nTesting: suhosin.upload.disallow_binary=On with UTF-8\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nfile_uploads=1\nsuhosin.upload.disallow_binary=On\nsuhosin.upload.allow_utf8=On\nmax_file_uploads=40\nsuhosin.upload.max_uploads=40\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=bound\n--bound\nContent-Disposition: form-data; name=\"test\"; filename=\"test\"\n\nSpaß am Gerät!\n\n--bound--\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"test\"]=>\n array(5) {\n [\"name\"]=>\n string(4) \"test\"\n [\"type\"]=>\n string(0) \"\"\n [\"tmp_name\"]=>\n string(%d) \"%s\"\n [\"error\"]=>\n int(0)\n [\"size\"]=>\n int(17)\n }\n}\n"
},
{
"path": "tests/filter/suhosin_upload_disallow_binary_utf8fail.phpt",
"content": "--TEST--\nTesting: suhosin.upload.disallow_binary=On with UTF-8 and allow_utf8=Off\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nfile_uploads=1\nsuhosin.upload.disallow_binary=On\nsuhosin.upload.allow_utf8=Off\nmax_file_uploads=40\nsuhosin.upload.max_uploads=40\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=bound\n--bound\nContent-Disposition: form-data; name=\"test\"; filename=\"test\"\n\nSpaß am Gerät!\n\n--bound--\n--FILE--\n\n--EXPECTF--\narray(1) {\n [\"test\"]=>\n array(5) {\n [\"name\"]=>\n string(4) \"test\"\n [\"type\"]=>\n string(0) \"\"\n [\"tmp_name\"]=>\n string(0) \"\"\n [\"error\"]=>\n int(8)\n [\"size\"]=>\n int(0)\n }\n}\nALERT - uploaded file contains binary data - file dropped (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/filter/suhosin_upload_disallow_elf.phpt",
"content": "--TEST--\nTesting: suhosin.upload.disallow_elf=On\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nfile_uploads=1\nsuhosin.upload.disallow_elf=On\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"A\"; filename=\"A\"\n\nELFABCDEFGHIJKLMN\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"B\"; filename=\"B\"\n\nXELFABCDEFGHIJKLMN\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"A\"]=>\n array(5) {\n [\"name\"]=>\n string(1) \"A\"\n [\"type\"]=>\n string(0) \"\"\n [\"tmp_name\"]=>\n string(0) \"\"\n [\"error\"]=>\n int(8)\n [\"size\"]=>\n int(0)\n }\n [\"B\"]=>\n array(5) {\n [\"name\"]=>\n string(1) \"B\"\n [\"type\"]=>\n string(0) \"\"\n [\"tmp_name\"]=>\n string(%d) \"%s\"\n [\"error\"]=>\n int(0)\n [\"size\"]=>\n int(18)\n }\n}\nALERT - uploaded file is an ELF executable - file dropped (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/suhosin_upload_disallow_elf_off.phpt",
"content": "--TEST--\nTesting: suhosin.upload.disallow_elf=Off\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nfile_uploads=1\nsuhosin.upload.disallow_elf=Off\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"A\"; filename=\"A\"\n\nELFABCDEFGHIJKLMN\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"B\"; filename=\"B\"\n\nXELFABCDEFGHIJKLMN\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(2) {\n [\"A\"]=>\n array(5) {\n [\"name\"]=>\n string(1) \"A\"\n [\"type\"]=>\n string(0) \"\"\n [\"tmp_name\"]=>\n string(%d) \"%s\"\n [\"error\"]=>\n int(0)\n [\"size\"]=>\n int(18)\n }\n [\"B\"]=>\n array(5) {\n [\"name\"]=>\n string(1) \"B\"\n [\"type\"]=>\n string(0) \"\"\n [\"tmp_name\"]=>\n string(%d) \"%s\"\n [\"error\"]=>\n int(0)\n [\"size\"]=>\n int(18)\n }\n}"
},
{
"path": "tests/filter/suhosin_upload_max_uploads.phpt",
"content": "--TEST--\nsuhosin.upload.max_uploads\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.post.max_vars=5\nfile_uploads=1\nsuhosin.upload.max_uploads=3\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"A\"; filename=\"A\"\n\nA\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"B\"; filename=\"B\"\n\nB\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"C\"; filename=\"C\"\n\nC\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"D\"; filename=\"D\"\n\nD\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"E\"; filename=\"E\"\n\nE\n-----------------------------20896060251896012921717172737--\n--FILE--\n\n--EXPECTF--\narray(3) {\n [\"A\"]=>\n array(5) {\n [\"name\"]=>\n string(1) \"A\"\n [\"type\"]=>\n string(0) \"\"\n [\"tmp_name\"]=>\n string(%d) \"%s\"\n [\"error\"]=>\n int(0)\n [\"size\"]=>\n int(1)\n }\n [\"B\"]=>\n array(5) {\n [\"name\"]=>\n string(1) \"B\"\n [\"type\"]=>\n string(0) \"\"\n [\"tmp_name\"]=>\n string(%d) \"%s\"\n [\"error\"]=>\n int(0)\n [\"size\"]=>\n int(1)\n }\n [\"C\"]=>\n array(5) {\n [\"name\"]=>\n string(1) \"C\"\n [\"type\"]=>\n string(0) \"\"\n [\"tmp_name\"]=>\n string(%d) \"%s\"\n [\"error\"]=>\n int(0)\n [\"size\"]=>\n int(1)\n }\n}\nALERT - configured fileupload limit exceeded - file dropped (attacker 'REMOTE_ADDR not set', file '%s')"
},
{
"path": "tests/filter/suhosin_upload_remove_binary_utf8.phpt",
"content": "--TEST--\nTesting: suhosin.upload.remove_binary=On with UTF-8\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nfile_uploads=1\nsuhosin.upload.disallow_binary=Off\nsuhosin.upload.remove_binary=On\nsuhosin.upload.allow_utf8=On\nmax_file_uploads=40\nsuhosin.upload.max_uploads=40\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=bound\n--bound\nContent-Disposition: form-data; name=\"test\"; filename=\"test\"\n\nSpaß am Gerät!\n\n--bound--\n--FILE--\n\n--EXPECTF--\nstring(17) \"Spaß am Gerät!\n\""
},
{
"path": "tests/filter/suhosin_upload_remove_binary_utf8fail.phpt",
"content": "--TEST--\nTesting: suhosin.upload.remove_binary=On with UTF-8 and allow_utf8=Off\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nfile_uploads=1\nsuhosin.upload.disallow_binary=Off\nsuhosin.upload.remove_binary=On\nsuhosin.upload.allow_utf8=Off\nmax_file_uploads=40\nsuhosin.upload.max_uploads=40\n--SKIPIF--\n\n--COOKIE--\n--GET--\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=bound\n--bound\nContent-Disposition: form-data; name=\"test\"; filename=\"test\"\n\nSpaß am Gerät!\n\n--bound--\n--FILE--\n\n--EXPECTF--\nstring(13) \"Spa am Gert!\n\""
},
{
"path": "tests/funcs/crypt_blowfish.phpt",
"content": "--TEST--\nCRYPT_BLOWFISH support\n--SKIPIF--\n\n--FILE--\n\n--EXPECT--\nint(1)\n$2a$07$rasmuslerd............nIdrcHdxcUxWomQX9j6kvERCFjTg7Ra\n\n"
},
{
"path": "tests/funcs/crypt_ext_des.phpt",
"content": "--TEST--\nCRYPT_EXT_DES support\n--SKIPIF--\n\n--FILE--\n\n--EXPECT--\n_J9..rasmBYk8r9AiWNc\n\n\n"
},
{
"path": "tests/funcs/crypt_md5.phpt",
"content": "--TEST--\nCRYPT_MD5 support\n--SKIPIF--\n\n--FILE--\n\n--EXPECT--\n$1$rasmusle$rISCgZzpwk3UhDidwXvin0\n\n"
},
{
"path": "tests/funcs/crypt_std_des.phpt",
"content": "--TEST--\nCRYPT_STD_DES support\n--SKIPIF--\n\n--FILE--\n\n--EXPECT--\nrl.3StKT.4T8M\n\n"
},
{
"path": "tests/funcs/sha256.phpt",
"content": "--TEST--\nSHA256 support\n--SKIPIF--\n\n--FILE--\n\n--EXPECT--\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\nca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb\n68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b\n7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788\n4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803\n7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504\n7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605\n0eb0281b27a4604709b0513b43ad29fdcff9a7a958554abc689d7fe35af703e4\ndee684641421d1ba5a65c71f986a117cbb3d619a052a0b3409306c629575c00f\n47f527210d6e8f940b5082fec01b7305908fa2b49ea3ae597c19a3986097153c\nc60d239cc6da3ad31f4de0c2d58a73ccf3f9279e504fa60ad55a31dcf686f3ca\ne0164d90dbfcf173bb88044fac596ccd03b8d247c79907aaa5701767fad7b576\ndc990ef3109a7bcf626199db9ab7801213ceb0ad2ee398963b5061e39c05c7b5\nc1c9a4daadcc8678835872c7f1f8824376ac7b412e1fc2285069b41afd51397e\n6840619417b4d8ecaa7902f8eaf2e82be2638dec97cb7e8fcc377007cc176718\n0f5308ff22b828e18bd65afbc427e3c1a678962832519df5f2f803f68f55e10b\n"
},
{
"path": "tests/include/include_allow_writable_files_off.phpt",
"content": "--TEST--\nTesting suhosin.executor.include.allow_writable_files=Off\n--DESCRIPTION--\nBecause the test file itself is writable the whole test case is not executed!!!\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\nsuhosin.executor.include.allow_writable_files=Off\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('%s') is writable by PHP process (attacker 'REMOTE_ADDR not set', file '%s')\n"
},
{
"path": "tests/include/include_allow_writable_files_on.phpt",
"content": "--TEST--\nTesting suhosin.executor.include.allow_writable_files=On\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\nsuhosin.executor.include.allow_writable_files=On\n--FILE--\n\n--EXPECTF--\nAAAA\nBBBB\n"
},
{
"path": "tests/include/include_blacklist.phpt",
"content": "--TEST--\nInclude blacklist\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=foo,boo\n--FILE--\n\n--EXPECTF--\nvalue-from-empty.inc\nALERT - Include filename ('foo://test') is a URL that is forbidden by the blacklist (attacker 'REMOTE_ADDR not set', file '%s', line 6)"
},
{
"path": "tests/include/include_blackwhitelist_empty.phpt",
"content": "--TEST--\nInclude URL with empty black-/whitelist\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nvalue-from-empty.inc\nALERT - Include filename ('foo://test') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 6)"
},
{
"path": "tests/include/include_constant.phpt",
"content": "--TEST--\nInclude \"Constant URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n"
},
{
"path": "tests/include/include_etc_passwd.phpt",
"content": "--TEST--\nInclude \"../../../../../../../../../../../etc/passwd\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\nsuhosin.executor.include.max_traversal=3\n--FILE--\n\n--EXPECTF--\nvalue-from-empty.inc\nALERT - Include filename ('%s../../../../../../../../../../../etc/passwd') contains too many '../' (attacker 'REMOTE_ADDR not set', file '%s', line 6)\n"
},
{
"path": "tests/include/include_max_traversal.phpt",
"content": "--TEST--\nTesting suhosin.executor.include.max_traversal=10\n--DESCRIPTION--\nSeems to work fine, maybe split up later into multiple test cases.\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nerror_reporting=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\nsuhosin.executor.include.max_traversal=10\n--FILE--\n\n--EXPECTF--\nC1 INCLUDED!\nC2 INCLUDED!\nALERT - Include filename ('/.././.././.././.././.././.././.././.././.././../%s') contains too many '../' (attacker 'REMOTE_ADDR not set', file '%s', line 7)\n"
},
{
"path": "tests/include/include_nul_in_filename.phpt",
"content": "--TEST--\nTesting include of filename including ASCIIZ character\n--DESCRIPTION--\n\nThis test will only trigger the PHP internal protection.\nIf this test case ever breaks then PHP has failed and hopefully Suhosin has kicked in.\n\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nWarning: include(): Failed opening 'AAAA' for inclusion (include_path='%s') in %s on line 3"
},
{
"path": "tests/include/include_once_constant.phpt",
"content": "--TEST--\nInclude_once \"Constant URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n"
},
{
"path": "tests/include/include_once_tmpvar.phpt",
"content": "--TEST--\nInclude_once \"Temp Variable URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/?') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 4)\n"
},
{
"path": "tests/include/include_once_var.phpt",
"content": "--TEST--\nInclude_once \"Variable URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 3)\n"
},
{
"path": "tests/include/include_tmpvar.phpt",
"content": "--TEST--\nInclude \"Temp Variable URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/?') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 4)\n"
},
{
"path": "tests/include/include_too_long.phpt",
"content": "--TEST--\nTesting include of too long filename\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('AAAA%sAAAA') is too long (attacker 'REMOTE_ADDR not set', file '%s', line 3)"
},
{
"path": "tests/include/include_uploaded_file_diff_filename.phpt",
"content": "--TEST--\nTesting include file from $_FILES (but change name a bit)\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.stdout=255\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"f1\"; filename=\"filename2\"\n\n\n--EXPECTF--\nALERT - Include filename is an uploaded file (attacker 'REMOTE_ADDR not set', file '%s', line 2)"
},
{
"path": "tests/include/include_uploaded_file_from_FILES.phpt",
"content": "--TEST--\nTesting include file from $_FILES\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.stdout=255\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--POST_RAW--\nContent-Type: multipart/form-data; boundary=---------------------------20896060251896012921717172737\n-----------------------------20896060251896012921717172737\nContent-Disposition: form-data; name=\"f1\"; filename=\"filename2\"\n\n\n--EXPECTF--\nALERT - Include filename is an uploaded file (attacker 'REMOTE_ADDR not set', file '%s', line 2)"
},
{
"path": "tests/include/include_var.phpt",
"content": "--TEST--\nInclude \"Variable URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 3)\n"
},
{
"path": "tests/include/include_whitelist.phpt",
"content": "--TEST--\nInclude whitelist\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=file\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nvalue-from-empty.inc\nALERT - Include filename ('foo://test') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 6)"
},
{
"path": "tests/include/require_constant.phpt",
"content": "--TEST--\nRequire \"Constant URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n"
},
{
"path": "tests/include/require_once_constant.phpt",
"content": "--TEST--\nRequire_once \"Constant URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n"
},
{
"path": "tests/include/require_once_tmpvar.phpt",
"content": "--TEST--\nRequire_once \"Temp Variable URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/?') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 4)\n"
},
{
"path": "tests/include/require_once_var.phpt",
"content": "--TEST--\nRequire_once \"Variable URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 3)\n"
},
{
"path": "tests/include/require_tmpvar.phpt",
"content": "--TEST--\nRequire \"Temp Variable URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/?') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 4)\n"
},
{
"path": "tests/include/require_var.phpt",
"content": "--TEST--\nRequire \"Variable URL\";\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=255\nsuhosin.log.script=0\nsuhosin.log.phpscript=0\nsuhosin.executor.include.whitelist=\nsuhosin.executor.include.blacklist=\n--FILE--\n\n--EXPECTF--\nALERT - Include filename ('http://127.0.0.1/') is a URL that is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 3)\n"
},
{
"path": "tests/logging/log_max_error_length.phpt",
"content": "--TEST--\nTesting: suhosin.log.use-x-forwarded-for=On (without X-Forwarded-For set)\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.max_error_length=20\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\n--FILE--\n\n--EXPECTF--\nALERT - script tried to disa... %s\n"
},
{
"path": "tests/logging/logscript_executable.phpt",
"content": "--TEST--\nTesting: suhosin.log.script.name=EXECUTABLE\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=0\nsuhosin.log.stdout=0\nsuhosin.log.script=255\nsuhosin.log.script.name=/bin/echo\nsuhosin.log.syslog=0\nsuhosin.executor.func.blacklist=max\n--FILE--\n\n--EXPECTF--\nWarning: max() has been disabled for security reasons in %s on line 2"
},
{
"path": "tests/logging/logscript_nonexecutable.phpt",
"content": "--TEST--\nTesting: suhosin.log.script.name=NON-EXECUTABLE\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=0\nsuhosin.log.stdout=0\nsuhosin.log.script=255\nsuhosin.log.script.name=/etc/passwd\nsuhosin.log.syslog=0\nsuhosin.executor.func.blacklist=max\n--FILE--\n\n--EXPECTF--\nALERT - logging shell script /etc/passwd is not executable - file dropped (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n\nWarning: max() has been disabled for security reasons in %s on line 2"
},
{
"path": "tests/logging/logscript_nonexistant.phpt",
"content": "--TEST--\nTesting: suhosin.log.script.name=NON-EXISTANT\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=0\nsuhosin.log.stdout=0\nsuhosin.log.script=255\nsuhosin.log.script.name=/php/non-existant-script-really-really-really\nsuhosin.log.syslog=0\nsuhosin.executor.func.blacklist=max\n--FILE--\n\n--EXPECTF--\nALERT - unable to find logging shell script /php/non-existant-script-really-really-really - file dropped (attacker 'REMOTE_ADDR not set', file '%s', line 2)\n\nWarning: max() has been disabled for security reasons in %s on line 2"
},
{
"path": "tests/logging/use_x_forwarded_for_off.phpt",
"content": "--TEST--\nTesting: suhosin.log.use-x-forwarded-for=Off\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.executor.func.blacklist=max\nsuhosin.log.use-x-forwarded-for=Off\nsuhosin.simulation=1\n--ENV--\nreturn <<\n--EXPECTF--\nWarning: SIMULATION - max() has been disabled for security reasons in %s on line 2\nALERT-SIMULATION - function within blacklist called: max() (attacker '101.102.103.104', file '%s', line 2)"
},
{
"path": "tests/logging/use_x_forwarded_for_off_no_remote_addr.phpt",
"content": "--TEST--\nTesting: suhosin.log.use-x-forwarded-for=Off (without REMOTE_ADDR set)\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.executor.func.blacklist=max\nsuhosin.log.use-x-forwarded-for=Off\nsuhosin.simulation=1\n--FILE--\n\n--EXPECTF--\nWarning: SIMULATION - max() has been disabled for security reasons in %s on line 2\nALERT-SIMULATION - function within blacklist called: max() (attacker 'REMOTE_ADDR not set', file '%s', line 2)"
},
{
"path": "tests/logging/use_x_forwarded_for_on.phpt",
"content": "--TEST--\nTesting: suhosin.log.use-x-forwarded-for=On\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.executor.func.blacklist=max\nsuhosin.log.use-x-forwarded-for=On\nsuhosin.simulation=1\n--ENV--\nreturn <<\n--EXPECTF--\nWarning: SIMULATION - max() has been disabled for security reasons in %s on line 2\nALERT-SIMULATION - function within blacklist called: max() (attacker '1.2.3.4', file '%s', line 2)"
},
{
"path": "tests/logging/use_x_forwarded_for_on_no_x_forwarded.phpt",
"content": "--TEST--\nTesting: suhosin.log.use-x-forwarded-for=On (without X-Forwarded-For set)\n--SKIPIF--\n\n--INI--\nsuhosin.log.syslog=0\nsuhosin.log.sapi=0\nsuhosin.log.script=0\nsuhosin.log.file=255\nsuhosin.log.file.time=0\nsuhosin.log.file.name={PWD}/suhosintest.$$.log.tmp\nauto_append_file={PWD}/suhosintest.$$.log.tmp\nsuhosin.executor.func.blacklist=max\nsuhosin.log.use-x-forwarded-for=On\nsuhosin.simulation=1\n--FILE--\n\n--EXPECTF--\nWarning: SIMULATION - max() has been disabled for security reasons in %s on line 2\nALERT-SIMULATION - function within blacklist called: max() (attacker 'X-FORWARDED-FOR not set', file '%s', line 2)"
},
{
"path": "tests/misc/disable_display_errors_fail.phpt",
"content": "--TEST--\nTesting: suhosin.disable.display_errors=fail\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.log.syslog=0\ndisplay_errors=1\nsuhosin.disable.display_errors=fail\n--FILE--\n\n--EXPECTF--\nstring(1) \"0\"\nbool(false)\nstring(1) \"0\"\nbool(false)\nstring(1) \"0\"\n"
},
{
"path": "tests/misc/disable_display_errors_off.phpt",
"content": "--TEST--\nTesting: suhosin.disable.display_errors=Off\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.log.syslog=0\ndisplay_errors=1\nsuhosin.disable.display_errors=0\n--FILE--\n\n--EXPECTF--\nWarning: ini_get() expects exactly 1 parameter, 0 given in %s on line 6\nstring(1) \"1\"\nstring(1) \"1\"\nstring(1) \"0\"\nstring(1) \"0\"\nstring(1) \"1\"\n\nWarning: ini_get() expects exactly 1 parameter, 0 given in %s on line 13\n"
},
{
"path": "tests/misc/disable_display_errors_on.phpt",
"content": "--TEST--\nTesting: suhosin.disable.display_errors=On\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.log.syslog=0\ndisplay_errors=1\nsuhosin.disable.display_errors=1\n--FILE--\n\n--EXPECTF--\nstring(1) \"1\"\nstring(1) \"1\"\nstring(1) \"0\"\nstring(1) \"0\"\nstring(1) \"1\"\n"
},
{
"path": "tests/misc/mailprotect_1_header_nl.phpt",
"content": "--TEST--\nTesting: suhosin.mail.protect=1 and extra headers start with newline\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mail.protect=1\nsendmail_path=$([ -f /bin/true ]&& echo /bin/true || echo /usr/bin/true)\n--FILE--\n\n--EXPECTF--\nALERT - mail() - double newline in headers, possible injection, mail dropped (attacker 'REMOTE_ADDR not set', file '%s', line 2)\nbool(false)"
},
{
"path": "tests/misc/mailprotect_1_header_nlnl.phpt",
"content": "--TEST--\nTesting: suhosin.mail.protect=1 and extra headers contain double newline\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mail.protect=1\nsendmail_path=$([ -f /bin/true ]&& echo /bin/true || echo /usr/bin/true)\n--FILE--\n\n--EXPECTF--\nALERT - mail() - double newline in headers, possible injection, mail dropped (attacker 'REMOTE_ADDR not set', file '%s', line 2)\nbool(false)"
},
{
"path": "tests/misc/mailprotect_1_subject.phpt",
"content": "--TEST--\nTesting: suhosin.mail.protect=1 with NL in Subject\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mail.protect=1\nsendmail_path=$([ -f /bin/true ]&& echo /bin/true || echo /usr/bin/true)\n--FILE--\n\n--EXPECTF--\nALERT - mail() - newline in Subject header, possible injection, mail dropped (attacker 'REMOTE_ADDR not set', file '%s', line 2)\nbool(false)"
},
{
"path": "tests/misc/mailprotect_1_subject_long.phpt",
"content": "--TEST--\nTesting: suhosin.mail.protect=1 with valid long Subject\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mail.protect=1\nsendmail_path=$([ -f /bin/true ]&& echo /bin/true || echo /usr/bin/true)\n--FILE--\n\n--EXPECTF--\nbool(true)\n"
},
{
"path": "tests/misc/mailprotect_1_to.phpt",
"content": "--TEST--\nTesting: suhosin.mail.protect=1 with NL in To\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mail.protect=1\nsendmail_path=$([ -f /bin/true ]&& echo /bin/true || echo /usr/bin/true)\n--FILE--\n\n--EXPECTF--\nALERT - mail() - newline in To header, possible injection, mail dropped (attacker 'REMOTE_ADDR not set', file '%s', line 2)\nbool(false)"
},
{
"path": "tests/misc/mailprotect_1_to_long.phpt",
"content": "--TEST--\nTesting: suhosin.mail.protect=1 with valid long To\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mail.protect=1\nsendmail_path=$([ -f /bin/true ]&& echo /bin/true || echo /usr/bin/true)\n--FILE--\n\n--EXPECTF--\nbool(true)"
},
{
"path": "tests/misc/mailprotect_2_bcc.phpt",
"content": "--TEST--\nTesting: suhosin.mail.protect=2 and extra headers contain Bcc:\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mail.protect=2\nsendmail_path=$([ -f /bin/true ]&& echo /bin/true || echo /usr/bin/true)\n--FILE--\n\n--EXPECTF--\nALERT - mail() - BCC: headers aren't allowed in the headers parameter. (attacker 'REMOTE_ADDR not set', file '%s', line 2)\nbool(false)"
},
{
"path": "tests/misc/mailprotect_2_cc.phpt",
"content": "--TEST--\nTesting: suhosin.mail.protect=2 and extra headers contain Cc:\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mail.protect=2\nsendmail_path=$([ -f /bin/true ]&& echo /bin/true || echo /usr/bin/true)\n--FILE--\n\n--EXPECTF--\nALERT - mail() - CC: headers aren't allowed in the headers parameter. (attacker 'REMOTE_ADDR not set', file '%s', line 2)\nbool(false)"
},
{
"path": "tests/misc/mailprotect_2_to.phpt",
"content": "--TEST--\nTesting: suhosin.mail.protect=2 and extra headers contain To:\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mail.protect=2\nsendmail_path=$([ -f /bin/true ]&& echo /bin/true || echo /usr/bin/true)\n--FILE--\n\n--EXPECTF--\nALERT - mail() - To: headers aren't allowed in the headers parameter. (attacker 'REMOTE_ADDR not set', file '%s', line 2)\nbool(false)"
},
{
"path": "tests/misc/mt_srand_ignore_off.phpt",
"content": "--TEST--\nTesting: suhosin.mt_srand.ignore=0\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mt_srand.ignore=0\n--FILE--\n\n--EXPECTF--\nbool(true)\n"
},
{
"path": "tests/misc/mt_srand_ignore_on.phpt",
"content": "--TEST--\nTesting: suhosin.mt_srand.ignore=1\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.mt_srand.ignore=1\n--FILE--\n\n--EXPECTF--\nbool(true)\n"
},
{
"path": "tests/misc/protectkey_off.phpt",
"content": "--TEST--\nTesting: suhosin.protectkey=On\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.protectkey=0\nsuhosin.session.cryptkey=SUHOSIN_TEST_SESSION_CRYPTKEY\nsuhosin.cookie.cryptkey=SUHOSIN_TEST_COOKIE_CRYPTKEY\nsuhosin.rand.seedingkey=SUHOSIN_TEST_SEEDINGKEY\n--FILE--\n\n--EXPECTF--\nbool(false)\nbool(false)\nbool(false)\n"
},
{
"path": "tests/misc/protectkey_on.phpt",
"content": "--TEST--\nTesting: suhosin.protectkey=On\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=0\nsuhosin.log.stdout=255\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.protectkey=1\nsuhosin.session.cryptkey=SUHOSIN_TEST_SESSION_CRYPTKEY\nsuhosin.cookie.cryptkey=SUHOSIN_TEST_COOKIE_CRYPTKEY\nsuhosin.rand.seedingkey=SUHOSIN_TEST_SEEDINGKEY\n--FILE--\n\n--EXPECTF--\nbool(true)\nbool(true)\nbool(true)\n"
},
{
"path": "tests/misc/srand_ignore_off.phpt",
"content": "--TEST--\nTesting: suhosin.srand.ignore=0\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.srand.ignore=0\n--FILE--\n\n--EXPECTF--\nbool(true)\n"
},
{
"path": "tests/misc/srand_ignore_on.phpt",
"content": "--TEST--\nTesting: suhosin.srand.ignore=1\n--SKIPIF--\n\n--INI--\nsuhosin.log.sapi=255\nsuhosin.log.stdout=0\nsuhosin.log.script=0\nsuhosin.log.syslog=0\nsuhosin.srand.ignore=1\n--FILE--\n\n--EXPECTF--\nbool(true)\n"
},
{
"path": "tests/session/PHPSESSID_max_id_length_ok.phpt",
"content": "--TEST--\nPHPSESSID session id not too long\n--SKIPIF--\n\n--INI--\nsuhosin.session.max_id_length=32\nsession.hash_bits_per_character=4\n--COOKIE--\nPHPSESSID=12345678901234567890123456789012;\n--FILE--\n\n--EXPECTF--\n12345678901234567890123456789012"
},
{
"path": "tests/session/PHPSESSID_max_id_length_toolong.phpt",
"content": "--TEST--\nPHPSESSID session id too long\n--SKIPIF--\n\n--INI--\nsuhosin.session.max_id_length=32\nsession.hash_bits_per_character=4\n--COOKIE--\nPHPSESSID=123456789012345678901234567890123;\n--FILE--\n\n--EXPECTF--\n32"
},
{
"path": "tests/session/crypt.checkraddr_4.phpt",
"content": "--TEST--\nsession encryption with checkraddr=4\n--SKIPIF--\n\n--ENV--\nreturn <<\n--EXPECTF--\narray(1) {\n [\"a\"]=>\n string(1) \"b\"\n}\n"
},
{
"path": "tests/session/crypt.checkraddr_4_incorrect.phpt",
"content": "--TEST--\nsession encryption with checkraddr=4 and incorrect REMOTE_ADDR\n--SKIPIF--\n\n--ENV--\nreturn <<\n--EXPECTF--\narray(0) {\n}\n"
},
{
"path": "tests/session/crypt.docroot.phpt",
"content": "--TEST--\nsession with encryption using docroot\n--SKIPIF--\n\n--ENV--\nreturn <<\n--EXPECTF--\nSESSION: NKChb1rdctXd-Acz0uzOYVnJT_J2mxYRVUgSh0w5mlk.\n"
},
{
"path": "tests/session/crypt.key_default.phpt",
"content": "--TEST--\nsession with encryption default key\n--SKIPIF--\n\n--INI--\nsuhosin.session.encrypt=On\nsuhosin.session.cryptkey=D3F4UL7\nsuhosin.session.cryptua=Off\nsuhosin.session.cryptdocroot=Off\nsuhosin.session.cryptraddr=0\nsuhosin.session.checkraddr=0\n--FILE--\n\n--EXPECTF--\nSESSION: RIuy2LSSd3_s3hhDCnN89bNWyCnhvNAO0YUq7OQKuJc.\n"
},
{
"path": "tests/session/crypt.key_empty.phpt",
"content": "--TEST--\nsession with encryption key empty\n--SKIPIF--\n\n--INI--\nsuhosin.session.encrypt=On\nsuhosin.session.cryptkey=\nsuhosin.session.cryptua=Off\nsuhosin.session.cryptdocroot=Off\nsuhosin.session.cryptraddr=0\nsuhosin.session.checkraddr=0\n--FILE--\n\n--EXPECTF--\nSESSION: RIuy2LSSd3_s3hhDCnN89bNWyCnhvNAO0YUq7OQKuJc.\n"
},
{
"path": "tests/session/crypt.key_empty_remote_addr.phpt",
"content": "--TEST--\nsession with encryption key empty and REMOTE_ADDR set\n--SKIPIF--\n\n--ENV--\nreturn <<\n--EXPECTF--\nSESSION: j1YTvIOAUqxZMjuJ_ZnHPHWY5XEayycsr7O94aMzmBQ.\n"
},
{
"path": "tests/session/crypt.no_encryption.phpt",
"content": "--TEST--\nsession without encryption\n--SKIPIF--\n\n--INI--\nsuhosin.session.encrypt=Off\n--FILE--\n\n--EXPECTF--\nSESSION: a|s:1:\"b\";"
},
{
"path": "tests/session/crypt.raddr_1.phpt",
"content": "--TEST--\nsession with encryption using REMOTE_ADDR (cryptraddr=1)\n--SKIPIF--\n\n--ENV--\nreturn <<\n--EXPECTF--\nSESSION: wkiQGgZgWnBFDyCs_4QYD_oaw_m35l_5I35XRg0wX_g.\n"
},
{
"path": "tests/session/crypt.raddr_2.phpt",
"content": "--TEST--\nsession with encryption using REMOTE_ADDR (cryptraddr=2)\n--SKIPIF--\n\n--ENV--\nreturn <<\n--EXPECTF--\nSESSION: WDyvE0R4mUqvOG6e5VzhfgWMjfCWSFC5bNNI_3dIT3w.\n"
},
{
"path": "tests/session/crypt.raddr_3.phpt",
"content": "--TEST--\nsession with encryption using REMOTE_ADDR (cryptraddr=3)\n--SKIPIF--\n\n--ENV--\nreturn <<\n--EXPECTF--\nSESSION: 6kLKLrgCmlOuEPXPON_K5SWHLuIbHdLsh4MJ0QtTFj8.\n"
},
{
"path": "tests/session/crypt.raddr_4.phpt",
"content": "--TEST--\nsession with encryption using REMOTE_ADDR (cryptraddr=4)\n--SKIPIF--\n\n--ENV--\nreturn <<\n--EXPECTF--\nSESSION: QYSbWh8enETvdtKfao8G6aiXqK7_lhzFmRNYa2lo-UM.\n"
},
{
"path": "tests/session/crypt.ua.phpt",
"content": "--TEST--\nsession with encryption using ua\n--SKIPIF--\n\n--ENV--\nreturn <<\n--EXPECTF--\nSESSION: 3pVZdIv7vHG-PwO_rLQLUGerd4L_UX60xJoAM-IoVC4.\n"
},
{
"path": "tests/session/max_id_length_ok.phpt",
"content": "--TEST--\nsession id not too long\n--SKIPIF--\n\n--INI--\nsuhosin.session.max_id_length=32\nsession.hash_bits_per_character=4\n--FILE--\n\n--EXPECTF--\n12345678901234567890123456789012"
},
{
"path": "tests/session/max_id_length_toolong.phpt",
"content": "--TEST--\nsession id too long\n--SKIPIF--\n\n--INI--\nsuhosin.session.max_id_length=32\nsession.hash_bits_per_character=4\n--FILE--\n\n--EXPECTF--\n32"
},
{
"path": "tests/session/session_recursive_crash.phpt",
"content": "--TEST--\nsession SessionHandler() recursive crash\n--SKIPIF--\n\n--ENV--\nreturn <<\n string(1) \"b\"\n}\n"
},
{
"path": "tests/session/session_recursive_crash2.phpt",
"content": "--TEST--\nsession user handler recursive crash - issue #60\n--SKIPIF--\n\n--ENV--\nreturn <<\n"
},
{
"path": "tests/skipif.inc",
"content": "\n"
},
{
"path": "tests/skipifcli.inc",
"content": "\n"
},
{
"path": "tests/skipifnotcli.inc",
"content": "\n"
},
{
"path": "tests/sql/connect.inc",
"content": ""
},
{
"path": "tests/sql/mysqli_comment_conditional.phpt",
"content": "--TEST--\nMysqli query with SQL comment protection and MySQL condition (/*!...*/)\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=2\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 /*! ... */\");\nflush();\necho \"mark.\";\n?>\n--EXPECTF--\nmark."
},
{
"path": "tests/sql/mysqli_comment_cstyle_fail.phpt",
"content": "--TEST--\nMysqli query with SQL comment (/*...*/) protection set to fail\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=2\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 /* injection */\");\nflush();\necho \"mark.\";\n?>\n--EXPECTREGEX--\nALERT - Comment in SQL query.*\\)"
},
{
"path": "tests/sql/mysqli_comment_hashstyle_fail.phpt",
"content": "--TEST--\nMysqli query with SQL comment (#) protection set to fail\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=2\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 # injection\");\nflush();\necho \"mark.\";\n?>\n--EXPECTREGEX--\nALERT - Comment in SQL query.*\\)"
},
{
"path": "tests/sql/mysqli_comment_sqlstyle.phpt",
"content": "--TEST--\nMysqli query with SQL comment (--) protection\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=1\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 -- injection\");\nflush();\necho \"mark.\";\n?>\n--EXPECTREGEX--\nALERT - Comment in SQL query.*mark."
},
{
"path": "tests/sql/mysqli_comment_sqlstyle_fail.phpt",
"content": "--TEST--\nMysqli query with SQL comment (--) protection set to fail\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=2\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 -- injection\");\nflush();\necho \"mark.\";\n?>\n--EXPECTREGEX--\nALERT - Comment in SQL query.*\\)"
},
{
"path": "tests/sql/mysqli_connect_invalid_username.phpt",
"content": "--TEST--\nMysqli connect with user_match not matching username\n--INI--\nextension=mysqli.so\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\n\n--EXPECTREGEX--\nALERT - SQL username contains invalid characters.*"
},
{
"path": "tests/sql/mysqli_multiselect.phpt",
"content": "--TEST--\nMysqli query with multiple SELECT statements\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=0\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=1\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1; SELECT 2\");\nflush();\necho \"mark.\";\n?>\n--EXPECTREGEX--\nALERT - Multiple SELECT in SQL query.*mark."
},
{
"path": "tests/sql/mysqli_multiselect_fail.phpt",
"content": "--TEST--\nMysqli query with multiple SELECT statements set to fail\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=0\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=2\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1; SELECT 2\");\nflush();\necho \"mark.\";\n?>\n--EXPECTREGEX--\nALERT - Multiple SELECT in SQL query.*\\)"
},
{
"path": "tests/sql/mysqli_multiselect_subselect.phpt",
"content": "--TEST--\nMysqli query with sub-SELECT\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=0\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=1\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT * FROM (SELECT 1)\");\nflush();\necho \"mark.\";\n?>\n--EXPECTREGEX--\nALERT - Multiple SELECT in SQL query.*mark."
},
{
"path": "tests/sql/mysqli_no_constraints.phpt",
"content": "--TEST--\nMysqli connection test without any constraints\n--INI--\nextension=mysqli.so\nsuhosin.sql.comment=0\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=0\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=0\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 AS A UNION SELECT 2 -- injection\");\n$rows = $result->fetch_all();\nif ($rows !== null && count($rows) == 2) { echo \"ok\"; }\n\n?>\n--EXPECTF--\nok"
},
{
"path": "tests/sql/mysqli_open_comment.phpt",
"content": "--TEST--\nMysqli query with SQL open comment protection (/*...)\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=0\nsuhosin.sql.opencomment=1\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 /*\");\nflush();\necho \"mark.\";\n?>\n--EXPECTREGEX--\nALERT - Open comment in SQL query.*mark."
},
{
"path": "tests/sql/mysqli_open_comment_fail.phpt",
"content": "--TEST--\nMysqli query with SQL open comment protection (/*...) set to fail\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=0\nsuhosin.sql.opencomment=2\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=0\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 /*\");\nflush();\necho \"mark.\";\n?>\n--EXPECTREGEX--\nALERT - Open comment in SQL query.*\\)"
},
{
"path": "tests/sql/mysqli_union.phpt",
"content": "--TEST--\nMysqli query with UNION protection\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=0\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=1\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 UNION SELECT 2\");\nflush();\necho \"mark.\";\n\n?>\n--EXPECTREGEX--\nALERT - UNION in SQL query.*mark."
},
{
"path": "tests/sql/mysqli_union_fail.phpt",
"content": "--TEST--\nMysqli query with UNION protection set to fail\n--INI--\nextension=mysqli.so\nsuhosin.sql.bailout_on_error=0\nsuhosin.sql.comment=0\nsuhosin.sql.opencomment=0\nsuhosin.sql.multiselect=0\nsuhosin.sql.union=2\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\nquery(\"SELECT 1 UNION SELECT 2\");\necho \"mark.\";\n\n?>\n--EXPECTREGEX--\nALERT - UNION in SQL query.*\\)"
},
{
"path": "tests/sql/mysqli_user_match_error.phpt",
"content": "--TEST--\nMysqli connect with user_match not matching username\n--INI--\nextension=mysqli.so\nsuhosin.sql.user_match=complicated_userprefix*\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\n\n--EXPECTREGEX--\nALERT - SQL username .* does not match.*"
},
{
"path": "tests/sql/mysqli_user_match_ok.phpt",
"content": "--TEST--\nMysqli connect with user_match matching username\n--INI--\nextension=mysqli.so\nsuhosin.sql.user_match=invalid_*\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\n\n--EXPECTREGEX--\n.*Access denied for user 'invalid_username'.*"
},
{
"path": "tests/sql/mysqli_user_postfix.phpt",
"content": "--TEST--\nMysqli connect with user_postfix\n--INI--\nextension=mysqli.so\nsuhosin.sql.user_postfix=_post\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\n\n--EXPECTREGEX--\n.*Access denied for user 'invalid_username_post'.*"
},
{
"path": "tests/sql/mysqli_user_prefix.phpt",
"content": "--TEST--\nMysqli connect with user_prefix\n--INI--\nextension=mysqli.so\nsuhosin.sql.user_prefix=pre_\nsuhosin.log.stdout=32\n--SKIPIF--\n\n--FILE--\n\n--EXPECTREGEX--\n.*Access denied for user 'pre_invalid_username'.*"
},
{
"path": "tests/sql/skipifmysqli.inc",
"content": ""
},
{
"path": "treat_data.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n/*\n $Id: treat_data.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $\n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"php_suhosin.h\"\n#include \"SAPI.h\"\n#include \"php_variables.h\"\n#include \"ext/standard/url.h\"\n\nSAPI_TREAT_DATA_FUNC(suhosin_treat_data)\n{\n\tchar *res = NULL, *var, *val, *separator = NULL;\n\tconst char *c_var;\n\tzval *array_ptr;\n\tint free_buffer = 0;\n\tchar *strtok_buf = NULL;\n\n\tlong count = 0;\n\n\t/* Mark that we were not yet called */\n\tSUHOSIN_G(already_scanned) = 0;\n\n\tswitch (arg) {\n\t\tcase PARSE_POST:\n\t\tcase PARSE_GET:\n\t\tcase PARSE_COOKIE:\n\t\t\tALLOC_ZVAL(array_ptr);\n\t\t\tarray_init(array_ptr);\n\t\t\tINIT_PZVAL(array_ptr);\n\t\t\tswitch (arg) {\n\t\t\t\tcase PARSE_POST:\n\t\t\t\t\tif (PG(http_globals)[TRACK_VARS_POST]) {\n\t\t\t\t\t\tzval_ptr_dtor(&PG(http_globals)[TRACK_VARS_POST]);\n\t\t\t\t\t}\n\t\t\t\t\tPG(http_globals)[TRACK_VARS_POST] = array_ptr;\n\n\t\t\t\t\tif (SUHOSIN_G(max_request_variables) && (SUHOSIN_G(max_post_vars) == 0 ||\n\t\t\t\t\t\tSUHOSIN_G(max_request_variables) <= SUHOSIN_G(max_post_vars))) {\n\t\t\t\t\t\tSUHOSIN_G(max_post_vars) = SUHOSIN_G(max_request_variables);\n\t\t\t\t\t}\n\t\t\t\t\tbreak;\n\t\t\t\tcase PARSE_GET:\n\t\t\t\t\tif (PG(http_globals)[TRACK_VARS_GET]) {\n\t\t\t\t\t\tzval_ptr_dtor(&PG(http_globals)[TRACK_VARS_GET]);\n\t\t\t\t\t}\n\t\t\t\t\tPG(http_globals)[TRACK_VARS_GET] = array_ptr;\n\t\t\t\t\tif (SUHOSIN_G(max_request_variables) && (SUHOSIN_G(max_get_vars) == 0 ||\n\t\t\t\t\t\tSUHOSIN_G(max_request_variables) <= SUHOSIN_G(max_get_vars))) {\n\t\t\t\t\t\tSUHOSIN_G(max_get_vars) = SUHOSIN_G(max_request_variables);\n\t\t\t\t\t}\n\t\t\t\t\tbreak;\n\t\t\t\tcase PARSE_COOKIE:\n\t\t\t\t\tif (PG(http_globals)[TRACK_VARS_COOKIE]) {\n\t\t\t\t\t\tzval_ptr_dtor(&PG(http_globals)[TRACK_VARS_COOKIE]);\n\t\t\t\t\t}\n\t\t\t\t\tPG(http_globals)[TRACK_VARS_COOKIE] = array_ptr;\n\t\t\t\t\tif (SUHOSIN_G(max_request_variables) && (SUHOSIN_G(max_cookie_vars) == 0 ||\n\t\t\t\t\t\tSUHOSIN_G(max_request_variables) <= SUHOSIN_G(max_cookie_vars))) {\n\t\t\t\t\t\tSUHOSIN_G(max_cookie_vars) = SUHOSIN_G(max_request_variables);\n\t\t\t\t\t}\n\t\t\t\t\tbreak;\n\t\t\t}\n\t\t\tbreak;\n\t\tdefault:\n\t\t\tarray_ptr = destArray;\n\t\t\tbreak;\n\t}\n\n\tif (arg == PARSE_POST) {\n\t\tsapi_handle_post(array_ptr TSRMLS_CC);\n\t\treturn;\n\t}\n\n\tif (arg == PARSE_GET) {\t\t/* GET data */\n\t\tc_var = SG(request_info).query_string;\n\t\tif (c_var && *c_var) {\n\t\t\tres = (char *) estrdup(c_var);\n\t\t\tfree_buffer = 1;\n\t\t} else {\n\t\t\tfree_buffer = 0;\n\t\t}\n\t} else if (arg == PARSE_COOKIE) {\t\t/* Cookie data */\n\t\tc_var = SG(request_info).cookie_data;\n\t\tif (c_var && *c_var) {\n\t\t\tif (SUHOSIN_G(cookie_encrypt)) {\n\t\t\t\tres = (char *) estrdup(suhosin_cookie_decryptor(TSRMLS_C));\n\t\t\t} else {\n\t\t\t\tres = (char *) estrdup(c_var);\n\t\t\t}\n\t\t\tfree_buffer = 1;\n\t\t} else {\n\t\t\tfree_buffer = 0;\n\t\t}\n\t} else if (arg == PARSE_STRING) {\t\t/* String data */\n\t\tres = str;\n\t\tfree_buffer = 1;\n\t}\n\n\tif (!res) {\n\t\treturn;\n\t}\n\n\tswitch (arg) {\n\t\tcase PARSE_GET:\n\t\tcase PARSE_STRING:\n\t\t\tseparator = (char *) estrdup(PG(arg_separator).input);\n\t\t\tbreak;\n\t\tcase PARSE_COOKIE:\n\t\t\tseparator = \";\\0\";\n\t\t\tbreak;\n\t}\n\n\tvar = php_strtok_r(res, separator, &strtok_buf);\n\n\twhile (var) {\n\n\t\tif (arg == PARSE_COOKIE) {\n\t\t\t/* Remove leading spaces from cookie names, needed for multi-cookie header where ; can be followed by a space */\n\t\t\twhile (isspace(*var)) {\n\t\t\t\tvar++;\n\t\t\t}\n\t\t}\n\t\tval = strchr(var, '=');\n\n\t\tif (++count > PG(max_input_vars)) {\n\t\t\tphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.\", PG(max_input_vars));\n\t\t\tbreak;\n\t\t}\n\n\t\tif (val) { /* have a value */\n\t\t\tint val_len;\n\t\t\tunsigned int new_val_len;\n\n\t\t\t*val++ = '\\0';\n\t\t\tphp_url_decode(var, strlen(var));\n\t\t\tval_len = php_url_decode(val, strlen(val));\n\t\t\tval = estrndup(val, val_len);\n\t\t\tif (suhosin_input_filter(arg, var, &val, val_len, &new_val_len TSRMLS_CC)) {\n\t\t\t\tif (sapi_module.input_filter(arg, var, &val, new_val_len, &new_val_len TSRMLS_CC)) {\n\t\t\t\t\tphp_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\tSUHOSIN_G(abort_request) = 1;\n\t\t\t}\n\t\t\tefree(val);\n\t\t} else {\n\t\t\tint val_len;\n\t\t\tunsigned int new_val_len;\n\n\t\t\tphp_url_decode(var, strlen(var));\n\t\t\tval_len = 0;\n\t\t\tval = estrndup(\"\", val_len);\n\t\t\tif (suhosin_input_filter(arg, var, &val, val_len, &new_val_len TSRMLS_CC)) {\n\t\t\t\tif (sapi_module.input_filter(arg, var, &val, new_val_len, &new_val_len TSRMLS_CC)) {\n\t\t\t\t\tphp_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\tSUHOSIN_G(abort_request) = 1;\n\t\t\t}\n\t\t\tefree(val);\n\t\t}\n\t\tvar = php_strtok_r(NULL, separator, &strtok_buf);\n\t}\n\n\tif (arg != PARSE_COOKIE) {\n\t\tefree(separator);\n\t}\n\n\tif (free_buffer) {\n\t\tefree(res);\n\t}\n}\n\n\nvoid suhosin_hook_treat_data()\n{\n\tTSRMLS_FETCH();\n\n\tsapi_register_treat_data(suhosin_treat_data TSRMLS_CC);\n\n\tif (old_input_filter == NULL) {\n\t\told_input_filter = sapi_module.input_filter;\n\t}\n\tsapi_module.input_filter = suhosin_input_filter_wrapper;\n}\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: noet sw=4 ts=4 fdm=marker\n * vim<600: noet sw=4 ts=4\n */\n"
},
{
"path": "ufilter.c",
"content": "/*\n +----------------------------------------------------------------------+\n | Suhosin Version 1 |\n +----------------------------------------------------------------------+\n | Copyright (c) 2006-2007 The Hardened-PHP Project |\n | Copyright (c) 2007-2015 SektionEins GmbH |\n +----------------------------------------------------------------------+\n | This source file is subject to version 3.01 of the PHP license, |\n | that is bundled with this package in the file LICENSE, and is |\n | available through the world-wide-web at the following url: |\n | http://www.php.net/license/3_01.txt |\n | If you did not receive a copy of the PHP license and are unable to |\n | obtain it through the world-wide-web, please send a note to |\n | license@php.net so we can mail you a copy immediately. |\n +----------------------------------------------------------------------+\n | Author: Stefan Esser |\n +----------------------------------------------------------------------+\n*/\n/*\n $Id: ufilter.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $\n*/\n\n#ifdef HAVE_CONFIG_H\n#include \"config.h\"\n#endif\n\n#include \"php.h\"\n#include \"php_ini.h\"\n#include \"ext/standard/info.h\"\n#include \"php_suhosin.h\"\n#include \"php_variables.h\"\n#include \"suhosin_rfc1867.h\"\n#include \"ext/standard/php_var.h\"\n\n#if !HAVE_RFC1867_CALLBACK\nPHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL;\n#endif\n\n\n/* {{{ SAPI_UPLOAD_VARNAME_FILTER_FUNC\n */\nstatic int check_fileupload_varname(char *varname TSRMLS_DC)\n{\n\tchar *index, *prev_index = NULL, *var;\n\tunsigned int var_len, total_len, depth = 0;\n\n\tvar = estrdup(varname);\n\n\t/* Normalize the variable name */\n\tnormalize_varname(var);\n\n\t/* Find length of variable name */\n\tindex = strchr(var, '[');\n\ttotal_len = strlen(var);\n\tvar_len = index ? index-var : total_len;\n\n\t/* Drop this variable if it exceeds the varname/total length limit */\n\tif (SUHOSIN_G(max_varname_length) && SUHOSIN_G(max_varname_length) < var_len) {\n\t\tsuhosin_log(S_FILES, \"configured request variable name length limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tgoto return_failure;\n\t\t}\n\t}\n\tif (SUHOSIN_G(max_totalname_length) && SUHOSIN_G(max_totalname_length) < total_len) {\n\t\tsuhosin_log(S_FILES, \"configured request variable total name length limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tgoto return_failure;\n\t\t}\n\t}\n\tif (SUHOSIN_G(max_post_name_length) && SUHOSIN_G(max_post_name_length) < var_len) {\n\t\tsuhosin_log(S_FILES, \"configured POST variable name length limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tgoto return_failure;\n\t\t}\n\t}\n\tif (SUHOSIN_G(max_post_totalname_length) && SUHOSIN_G(max_post_totalname_length) < var_len) {\n\t\tsuhosin_log(S_FILES, \"configured POST variable total name length limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tgoto return_failure;\n\t\t}\n\t}\n\n\t/* Find out array depth */\n\twhile (index) {\n\t\tchar *index_end;\n\t\tunsigned int index_length;\n\n\t\t/* overjump '[' */\n\t\tindex++;\n\n\t\t/* increase array depth */\n\t\tdepth++;\n\n\t\tindex_end = strchr(index, ']');\n\t\tif (index_end == NULL) {\n\t\t\tindex_end = index+strlen(index);\n\t\t}\n\n\t\tindex_length = index_end - index;\n\n\t\tif (SUHOSIN_G(max_array_index_length) && SUHOSIN_G(max_array_index_length) < index_length) {\n\t\t\tsuhosin_log(S_FILES, \"configured request variable array index length limit exceeded - dropped variable '%s'\", var);\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\tgoto return_failure;\n\t\t\t}\n\t\t}\n\t\tif (SUHOSIN_G(max_post_array_index_length) && SUHOSIN_G(max_post_array_index_length) < index_length) {\n\t\t\tsuhosin_log(S_FILES, \"configured POST variable array index length limit exceeded - dropped variable '%s'\", var);\n\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\tgoto return_failure;\n\t\t\t}\n\t\t}\n\n\t\t/* index whitelist/blacklist */\n\t\tif (SUHOSIN_G(array_index_whitelist) && *(SUHOSIN_G(array_index_whitelist))) {\n\t\t\tif (suhosin_strnspn(index, index_length, SUHOSIN_G(array_index_whitelist)) != index_length) {\n\t\t\t\tsuhosin_log(S_VARS, \"array index contains not whitelisted characters - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tgoto return_failure;\n\t\t\t\t}\n\t\t\t}\n\t\t} else if (SUHOSIN_G(array_index_blacklist) && *(SUHOSIN_G(array_index_blacklist))) {\n\t\t\tif (suhosin_strncspn(index, index_length, SUHOSIN_G(array_index_blacklist)) != index_length) {\n\t\t\t\tsuhosin_log(S_VARS, \"array index contains blacklisted characters - dropped variable '%s'\", var);\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tgoto return_failure;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\n\t\tindex = strchr(index, '[');\n\t}\n\n\t/* Drop this variable if it exceeds the array depth limit */\n\tif (SUHOSIN_G(max_array_depth) && SUHOSIN_G(max_array_depth) < depth) {\n\t\tsuhosin_log(S_FILES, \"configured request variable array depth limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tgoto return_failure;\n\t\t}\n\t}\n\tif (SUHOSIN_G(max_post_array_depth) && SUHOSIN_G(max_post_array_depth) < depth) {\n\t\tsuhosin_log(S_FILES, \"configured POST variable array depth limit exceeded - dropped variable '%s'\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tgoto return_failure;\n\t\t}\n\t}\n\n\n\t/* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */\n\t/* This is to protect several silly scripts that do globalizing themself */\n\tif (php_varname_check(var, var_len, 1 TSRMLS_CC) == FAILURE || suhosin_is_protected_varname(var, var_len)) {\n\t\tsuhosin_log(S_FILES, \"tried to register forbidden variable '%s' through FILE variables\", var);\n\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\tgoto return_failure;\n\t\t}\n\t}\n\n\tefree(var);\n\treturn SUCCESS;\n\nreturn_failure:\n\tefree(var);\n\treturn FAILURE;\n}\n/* }}} */\n\n#ifdef SUHOSIN_EXPERIMENTAL\nstatic inline int suhosin_validate_utf8_multibyte(const char* cp, size_t maxlen)\n{\n\tif (maxlen < 2 || !(*cp & 0x80)) { return 0; }\n\tif ((*cp & 0xe0) == 0xc0 &&\t\t\t\t\t// 1st byte is 110xxxxx\n\t\t(*(cp+1) & 0xc0) == 0x80 &&\t\t\t\t// 2nd byte is 10xxxxxx\n\t\t(*cp & 0x1e)) {\t\t\t\t\t\t\t// overlong check 110[xxxx]x 10xxxxxx\n\t\t\t return 2;\n\t}\n\tif (maxlen < 3) { return 0; }\n\tif ((*cp & 0xf0) == 0xe0 &&\t\t\t\t\t// 1st byte is 1110xxxx\n\t\t(*(cp+1) & 0xc0) == 0x80 &&\t\t\t\t// 2nd byte is 10xxxxxx\n\t\t(*(cp+2) & 0xc0) == 0x80 &&\t\t\t\t// 3rd byte is 10xxxxxx\n\t\t((*cp & 0x0f) | (*(cp+1) & 0x20))) {\t// 1110[xxxx] 10[x]xxxxx 10xxxxxx\n\t\t\treturn 3;\n\t}\n\tif (maxlen < 4) { return 0; }\n\tif ((*cp & 0xf8) == 0xf0 &&\t\t\t\t// 1st byte is 11110xxx\n\t\t(*(cp+1) & 0xc0) == 0x80 &&\t\t\t\t// 2nd byte is 10xxxxxx\n\t\t(*(cp+2) & 0xc0) == 0x80 &&\t\t\t\t// 3rd byte is 10xxxxxx\n\t\t(*(cp+3) & 0xc0) == 0x80 &&\t\t\t\t// 4th byte is 10xxxxxx\n\t\t((*cp & 0x07) | (*(cp+1) & 0x30))) {\t// 11110[xxx] 10[xx]xxxx 10xxxxxx 10xxxxxx\n\t\t\treturn 4;\n\t}\n\treturn 0;\n}\n#endif\n\nint suhosin_rfc1867_filter(unsigned int event, void *event_data, void **extra TSRMLS_DC)\n{\n\tint retval = SUCCESS;\n\n\tSDEBUG(\"rfc1867_filter %u\", event);\n\n\tswitch (event) {\n\t\tcase MULTIPART_EVENT_START:\n\t\tcase MULTIPART_EVENT_FORMDATA:\n\t\t\t/* nothing todo */\n\t\t\tbreak;\n\n\t\tcase MULTIPART_EVENT_FILE_START:\n\t\t\t{\n\t\t\t\tmultipart_event_file_start *mefs = (multipart_event_file_start *) event_data;\n\n\t\t\t\t/* Drop if no more variables flag is set */\n\t\t\t\tif (SUHOSIN_G(no_more_uploads)) {\n\t\t\t\t\t\tgoto continue_with_failure;\n\t\t\t\t}\n\n\t\t\t\t/* Drop this fileupload if the limit is reached */\n\t\t \t\tif (SUHOSIN_G(upload_limit) && SUHOSIN_G(upload_limit) <= SUHOSIN_G(num_uploads)) {\n\t\t\t \t\tsuhosin_log(S_FILES, \"configured fileupload limit exceeded - file dropped\");\n\t\t\t \t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\tSUHOSIN_G(no_more_uploads) = 1;\n\t\t\t\t\t\tgoto continue_with_failure;\n\t\t\t \t\t}\n\t\t \t\t}\n\n\n\t\t\t\tif (check_fileupload_varname(mefs->name TSRMLS_CC) == FAILURE) {\n\t\t\t\t\tgoto continue_with_failure;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tbreak;\n\n\t\tcase MULTIPART_EVENT_FILE_DATA:\n\n\t\t\tif (SUHOSIN_G(upload_disallow_elf)) {\n\t\t\t\tmultipart_event_file_data *mefd = (multipart_event_file_data *) event_data;\n\n\t\t\t\tif (mefd->offset == 0 && mefd->length > 10) {\n\t\t\t\t\tif (mefd->data[0] == 0x7F && mefd->data[1] == 'E' && mefd->data[2] == 'L' && mefd->data[3] == 'F') {\n\t\t\t\t\t\tsuhosin_log(S_FILES, \"uploaded file is an ELF executable - file dropped\");\n\t\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\t\tgoto continue_with_failure;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (SUHOSIN_G(upload_disallow_binary)) {\n\n\t\t\t\tmultipart_event_file_data *mefd = (multipart_event_file_data *) event_data;\n\n\t\t\t\tchar *cp, *cpend;\n\t\t\t\tint n;\n\t\t\t\tcpend = mefd->data + mefd->length;\n\t\t\t\tfor (cp = mefd->data; cp < cpend; cp++) {\n\t\t\t\t\tif (*cp >= 32 || isspace(*cp)) {\n\t\t\t\t\t\tcontinue;\n\t\t\t\t\t}\n#ifdef SUHOSIN_EXPERIMENTAL\n\t\t\t\t\tif ((*cp & 0x80) && SUHOSIN_G(upload_allow_utf8)) {\n\t\t\t\t\t\tSDEBUG(\"checking char %x\", *cp);\n\t\t\t\t\t\tif ((n = suhosin_validate_utf8_multibyte(cp, cpend-cp))) { // valid UTF8 multibyte character\n\t\t\t\t\t\t\tcp += n - 1;\n\t\t\t\t\t\t\tcontinue;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n#endif\n\t\t\t\t\tsuhosin_log(S_FILES, \"uploaded file contains binary data - file dropped\");\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\tgoto continue_with_failure;\n\t\t\t\t\t}\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (SUHOSIN_G(upload_remove_binary)) {\n\n\t\t\t\tmultipart_event_file_data *mefd = (multipart_event_file_data *) event_data;\n\t\t\t\tsize_t i, j;\n\t\t\t\tint n;\n\n\t\t\t\tfor (i=0, j=0; ilength; i++) {\n\t\t\t\t\tif (mefd->data[i] >= 32 || isspace(mefd->data[i])) {\n\t\t\t\t\t\tmefd->data[j++] = mefd->data[i];\n\t\t\t\t\t}\n#ifdef SUHOSIN_EXPERIMENTAL\n\t\t\t\t\telse if (SUHOSIN_G(upload_allow_utf8) && mefd->data[i] & 0x80) {\n\t\t\t\t\t\tn = suhosin_validate_utf8_multibyte(mefd->data + i, mefd->length - i);\n\t\t\t\t\t\tif (!n) { continue; }\n\t\t\t\t\t\twhile (n--) {\n\t\t\t\t\t\t\tmefd->data[j++] = mefd->data[i++];\n\t\t\t\t\t\t}\n\t\t\t\t\t\ti--;\n\t\t\t\t\t}\n#endif\n\t\t\t\t}\n\t\t\t\tmefd->data[j] = '\\0';\n\n\t\t\t\tSDEBUG(\"removing binary %zu %zu\",i,j);\n\t\t\t\t/* IMPORTANT FOR DAISY CHAINING */\n\t\t\t\tmefd->length = j;\n\t\t\t\tif (mefd->newlength) {\n\t\t\t\t\t*mefd->newlength = j;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tbreak;\n\n\t\tcase MULTIPART_EVENT_FILE_END:\n\n\t\t\tif (SUHOSIN_G(upload_verification_script)) {\n\t\t\t\tmultipart_event_file_end *mefe = (multipart_event_file_end *) event_data;\n\t\t\t\tchar cmd[8192];\n\t\t\t\tFILE *in;\n\t\t\t\tint first=1;\n\t\t\t\tstruct stat st;\n\t\t\t\tchar *sname = SUHOSIN_G(upload_verification_script);\n\n\t\t\t\t/* ignore files that will get deleted anyway */\n\t\t\t\tif (mefe->cancel_upload) {\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\n\t\t\t\t/* ignore empty scriptnames */\n\t\t\t\twhile (isspace(*sname)) ++sname;\n\t\t\t\tif (*sname == 0) {\n\t\t\t\t\tSUHOSIN_G(num_uploads)++;\n\t\t\t\t\tbreak;\n\t\t\t\t}\n\n\t\t\t\tif (VCWD_STAT(sname, &st) < 0) {\n\t\t\t\t\tsuhosin_log(S_FILES, \"unable to find fileupload verification script %s - file dropped\", sname);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\tgoto continue_with_failure;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tgoto continue_with_next;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (access(sname, X_OK|R_OK) < 0) {\n\t\t\t\t\tsuhosin_log(S_FILES, \"fileupload verification script %s is not executable - file dropped\", sname);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\tgoto continue_with_failure;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tgoto continue_with_next;\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tap_php_snprintf(cmd, sizeof(cmd), \"%s %s 2>&1\", sname, mefe->temp_filename);\n\n\t\t\t\tif ((in=VCWD_POPEN(cmd, \"r\"))==NULL) {\n\t\t\t\t\tsuhosin_log(S_FILES, \"unable to execute fileupload verification script %s - file dropped\", sname);\n\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\tgoto continue_with_failure;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tgoto continue_with_next;\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tretval = FAILURE;\n\n\t\t\t\t/* read and forget the result */\n\t\t\t\twhile (1) {\n\t\t\t\t\tint readbytes = fread(cmd, 1, sizeof(cmd), in);\n\t\t\t\t\tif (readbytes<=0) {\n\t\t\t\t\t\tbreak;\n\t\t\t\t\t}\n\t\t\t\t\tif (first) {\n\t\t\t\t\t\tif (strncmp(cmd, \"sh: \", 4) == 0) {\n\t\t\t\t\t\t\t/* assume this is an error */\n\t\t\t\t\t\t\tsuhosin_log(S_FILES, \"error while executing fileupload verification script %s - file dropped\", sname);\n\t\t\t\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\t\t\t\tgoto continue_with_failure;\n\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\tgoto continue_with_next;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\tretval = atoi(cmd) == 1 ? SUCCESS : FAILURE;\n\t\t\t\t\t\t\tfirst = 0;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tpclose(in);\n\t\t\t}\n\n\t\t\tif (retval != SUCCESS) {\n\t\t\t\tsuhosin_log(S_FILES, \"fileupload verification script disallows file - file dropped\");\n\t\t\t\tif (!SUHOSIN_G(simulation)) {\n\t\t\t\t\tgoto continue_with_failure;\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tSUHOSIN_G(num_uploads)++;\n\t\t\tbreak;\n\n\t\tcase MULTIPART_EVENT_END:\n\t\t\t/* nothing todo */\n\t\t\tbreak;\n\n\t\tdefault:\n\t\t\t/* unknown: return failure */\n\t\t\tgoto continue_with_failure;\n\t}\ncontinue_with_next:\n#if HAVE_RFC1867_CALLBACK\n\tif (php_rfc1867_callback != NULL) {\n\t\treturn php_rfc1867_callback(event, event_data, extra TSRMLS_CC);\n\t}\n#endif\n\treturn SUCCESS;\ncontinue_with_failure:\n\tSUHOSIN_G(abort_request) = 1;\n\treturn FAILURE;\n}\n\n\n\n/*\n * Local variables:\n * tab-width: 4\n * c-basic-offset: 4\n * End:\n * vim600: sw=4 ts=4 fdm=marker\n * vim<600: sw=4 ts=4\n */\n"
}
]