#include <getopt.h>
#endif
-#include "safe_mode.h"
-
#ifdef PHP_WIN32
# include "win32/unistd.h"
#endif
{NULL, NULL, NULL}
};
-
-static PHP_INI_MH(OnUpdateSafeModeProtectedEnvVars)
-{
- char *protected_vars, *protected_var;
- char *token_buf;
- int dummy = 1;
-
- protected_vars = estrndup(new_value, new_value_length);
- zend_hash_clean(&BG(sm_protected_env_vars));
-
- protected_var = php_strtok_r(protected_vars, ", ", &token_buf);
- while (protected_var) {
- zend_hash_update(&BG(sm_protected_env_vars), protected_var, strlen(protected_var), &dummy, sizeof(int), NULL);
- protected_var = php_strtok_r(NULL, ", ", &token_buf);
- }
- efree(protected_vars);
- return SUCCESS;
-}
-
-
-static PHP_INI_MH(OnUpdateSafeModeAllowedEnvVars)
-{
- if (BG(sm_allowed_env_vars)) {
- free(BG(sm_allowed_env_vars));
- }
- BG(sm_allowed_env_vars) = zend_strndup(new_value, new_value_length);
- return SUCCESS;
-}
-
-
-PHP_INI_BEGIN()
- PHP_INI_ENTRY_EX("safe_mode_protected_env_vars", SAFE_MODE_PROTECTED_ENV_VARS, PHP_INI_SYSTEM, OnUpdateSafeModeProtectedEnvVars, NULL)
- PHP_INI_ENTRY_EX("safe_mode_allowed_env_vars", SAFE_MODE_ALLOWED_ENV_VARS, PHP_INI_SYSTEM, OnUpdateSafeModeAllowedEnvVars, NULL)
-PHP_INI_END()
-
-
zend_module_entry basic_functions_module = {
STANDARD_MODULE_HEADER,
"standard", /* extension name */
test_class_startup();
#endif
- REGISTER_INI_ENTRIES();
-
register_phpinfo_constants(INIT_FUNC_ARGS_PASSTHRU);
register_html_constants(INIT_FUNC_ARGS_PASSTHRU);
register_string_constants(INIT_FUNC_ARGS_PASSTHRU);
}
pe.key_len = strlen(pe.key);
- if (PG(safe_mode)) {
- /* Check the protected list */
- if (zend_hash_exists(&BG(sm_protected_env_vars), pe.key, pe.key_len)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Safe Mode warning: Cannot override protected environment variable '%s'", pe.key);
- efree(pe.putenv_string);
- efree(pe.key);
- RETURN_FALSE;
- }
-
- /* Check the allowed list */
- if (BG(sm_allowed_env_vars) && *BG(sm_allowed_env_vars)) {
- char *allowed_env_vars = estrdup(BG(sm_allowed_env_vars));
- char *allowed_prefix = strtok(allowed_env_vars, ", ");
- zend_bool allowed = 0;
-
- while (allowed_prefix) {
- if (!strncmp(allowed_prefix, pe.key, strlen(allowed_prefix))) {
- allowed = 1;
- break;
- }
- allowed_prefix = strtok(NULL, ", ");
- }
- efree(allowed_env_vars);
- if (!allowed) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Safe Mode warning: Cannot set environment variable '%s' - it's not in the allowed list", pe.key);
- efree(pe.putenv_string);
- efree(pe.key);
- RETURN_FALSE;
- }
- }
- }
-
zend_hash_del(&BG(putenv_ht), pe.key, pe.key_len+1);
/* find previous value */
}
}
- /* checks that ensure the user does not overwrite certain ini settings when safe_mode is enabled */
- if (PG(safe_mode)) {
- if (!strncmp("max_execution_time", Z_STRVAL_PP(varname), sizeof("max_execution_time")) ||
- !strncmp("memory_limit", Z_STRVAL_PP(varname), sizeof("memory_limit")) ||
- !strncmp("child_terminate", Z_STRVAL_PP(varname), sizeof("child_terminate"))) {
- zval_dtor(return_value);
- RETURN_FALSE;
- }
- }
-
if (zend_alter_ini_entry(Z_STRVAL_PP(varname), Z_STRLEN_PP(varname)+1, Z_STRVAL_PP(new_value), Z_STRLEN_PP(new_value),
PHP_INI_USER, PHP_INI_STAGE_RUNTIME) == FAILURE) {
zval_dtor(return_value);
if (!PG(enable_dl)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Dynamically loaded extensions aren't enabled");
RETURN_FALSE;
- } else if (PG(safe_mode)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Dynamically loaded extensions aren't allowed when running in Safe Mode");
- RETURN_FALSE;
}
if ((strncmp(sapi_module.name, "cgi", 3)!=0) &&
#include "php.h"
#include <ctype.h>
#include "php_string.h"
-#include "safe_mode.h"
#include "ext/standard/head.h"
#include "ext/standard/file.h"
#include "exec.h"
void (*sig_handler)() = NULL;
#endif
- if (PG(safe_mode)) {
- if ((c = strchr(cmd, ' '))) {
- *c = '\0';
- c++;
- }
- if (strstr(cmd, "..")) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "No '..' components allowed in path");
- goto err;
- }
- b = strrchr(cmd, PHP_DIR_SEPARATOR);
- spprintf(&d, 0, "%s%s%s%s%s", PG(safe_mode_exec_dir), (b ? "" : "/"), (b ? b : cmd), (c ? " " : ""), (c ? c : ""));
- if (c) {
- *(c - 1) = ' ';
- }
- cmd_p = php_escape_shell_cmd(d);
- efree(d);
- d = cmd_p;
- } else {
- cmd_p = cmd;
- }
+ cmd_p = cmd;
#if PHP_SIGCHILD
sig_handler = signal (SIGCHLD, SIG_DFL);
WRONG_PARAM_COUNT;
}
- if (PG(safe_mode)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot execute using backquotes in Safe Mode");
- RETURN_FALSE;
- }
-
convert_to_string_ex(cmd);
#ifdef PHP_WIN32
if ((in=VCWD_POPEN(Z_STRVAL_PP(cmd), "rt"))==NULL) {
#endif
#endif
#include "ext/standard/head.h"
-#include "safe_mode.h"
#include "php_string.h"
#include "file.h"
#if HAVE_PWD_H
}
}
#endif
- if (PG(safe_mode)){
- b = strchr(Z_STRVAL_PP(arg1), ' ');
- if (!b) {
- b = strrchr(Z_STRVAL_PP(arg1), '/');
- } else {
- char *c;
- c = Z_STRVAL_PP(arg1);
- while((*b != '/') && (b != c)) {
- b--;
- }
- if (b == c) {
- b = NULL;
- }
- }
-
- if (b) {
- spprintf(&buf, 0, "%s%s", PG(safe_mode_exec_dir), b);
- } else {
- spprintf(&buf, 0, "%s/%s", PG(safe_mode_exec_dir), Z_STRVAL_PP(arg1));
- }
-
- tmp = php_escape_shell_cmd(buf);
- fp = VCWD_POPEN(tmp, p);
- efree(tmp);
-
- if (!fp) {
- php_error_docref2(NULL TSRMLS_CC, buf, p, E_WARNING, "%s", strerror(errno));
- efree(p);
- efree(buf);
- RETURN_FALSE;
- }
-
- efree(buf);
-
- } else {
- fp = VCWD_POPEN(Z_STRVAL_PP(arg1), p);
- if (!fp) {
- php_error_docref2(NULL TSRMLS_CC, Z_STRVAL_PP(arg1), p, E_WARNING, "%s", strerror(errno));
- efree(p);
- RETURN_FALSE;
- }
+ fp = VCWD_POPEN(Z_STRVAL_PP(arg1), p);
+ if (!fp) {
+ php_error_docref2(NULL TSRMLS_CC, Z_STRVAL_PP(arg1), p, E_WARNING, "%s", strerror(errno));
+ efree(p);
+ RETURN_FALSE;
}
stream = php_stream_fopen_from_pipe(fp, p);
/* $Id$ */
#include "php.h"
-#include "safe_mode.h"
#include "fopen_wrappers.h"
#include "php_globals.h"
}
imode = (mode_t) Z_LVAL_PP(mode);
- /* in safe mode, do not allow to setuid files.
- Setuiding files could allow users to gain privileges
- that safe mode doesn't give them.
- */
- if(PG(safe_mode))
- imode &= 0777;
ret = VCWD_CHMOD(Z_STRVAL_PP(filename), imode);
if (ret == -1) {
#endif
#include "php_globals.h"
-#include "safe_mode.h"
/* Implementation of the language Header() function */
#include <errno.h>
#include <ctype.h>
-#include "safe_mode.h"
#include "php_link.h"
/* {{{ proto string readlink(string filename)
#include "php_mail.h"
#include "php_ini.h"
-#include "safe_mode.h"
#include "exec.h"
#if HAVE_SENDMAIL
char *force_extra_parameters = INI_STR("mail.force_extra_parameters");
char *to_r, *subject_r;
- if (PG(safe_mode) && (ZEND_NUM_ARGS() == 5)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE Restriction in effect. The fifth parameter is disabled in SAFE MODE.");
- RETURN_FALSE;
- }
-
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|ss",
&to, &to_len,
&subject, &subject_len,
#include <sys/param.h>
#endif
#include "ext/standard/head.h"
-#include "safe_mode.h"
#include "php_string.h"
#include "pack.h"
#if HAVE_PWD_H
#include <stdio.h>
#include <ctype.h>
#include "php_string.h"
-#include "safe_mode.h"
#include "ext/standard/head.h"
#include "ext/standard/file.h"
#include "exec.h"
}
/* }}} */
-/* {{{ php_make_safe_mode_command */
-static int php_make_safe_mode_command(char *cmd, char **safecmd, int is_persistent TSRMLS_DC)
-{
- int lcmd, larg0, ldir, len, overflow_limit;
- char *space, *sep, *arg0;
-
- if (!PG(safe_mode)) {
- *safecmd = pestrdup(cmd, is_persistent);
- return SUCCESS;
- }
-
- lcmd = strlen(cmd);
- ldir = strlen(PG(safe_mode_exec_dir));
- len = lcmd + ldir + 2;
- overflow_limit = len;
-
- arg0 = emalloc(len);
-
- strcpy(arg0, cmd);
-
- space = strchr(arg0, ' ');
- if (space) {
- *space = '\0';
- }
- larg0 = strlen(arg0);
-
- if (strstr(arg0, "..")) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "No '..' components allowed in path");
- efree(arg0);
- return FAILURE;
- }
-
- *safecmd = emalloc(len);
- strcpy(*safecmd, PG(safe_mode_exec_dir));
- overflow_limit -= ldir;
-
- sep = strrchr(arg0, PHP_DIR_SEPARATOR);
- if (sep) {
- strcat(*safecmd, sep);
- overflow_limit -= strlen(sep);
- } else {
- strcat(*safecmd, "/");
- strcat(*safecmd, arg0);
- overflow_limit -= larg0 + 1;
- }
- if (space) {
- strncat(*safecmd, cmd + larg0, overflow_limit);
- }
- efree(arg0);
- arg0 = php_escape_shell_cmd(*safecmd);
- efree(*safecmd);
- if (is_persistent) {
- *safecmd = pestrdup(arg0, 1);
- efree(arg0);
- } else {
- *safecmd = arg0;
- }
-
- return SUCCESS;
-}
-/* }}} */
-
/* {{{ PHP_MINIT_FUNCTION(proc_open) */
PHP_MINIT_FUNCTION(proc_open)
{
RETURN_FALSE;
}
- if (FAILURE == php_make_safe_mode_command(command, &command, is_persistent TSRMLS_CC)) {
- RETURN_FALSE;
- }
-
if (other_options) {
zval **item;
if (SUCCESS == zend_hash_find(Z_ARRVAL_P(other_options), "suppress_errors", sizeof("suppress_errors"), (void**)&item)) {
}
}
- command_len = strlen(command);
-
if (environment) {
env = _php_array_to_envp(environment, is_persistent TSRMLS_CC);
} else {
exit_fail:
_php_free_envp(env, is_persistent);
- pefree(command, is_persistent);
#if PHP_CAN_DO_PTS
if (dev_ptmx >= 0) {
close(dev_ptmx);
-/* Generated by re2c 0.9.11 on Sun Dec 18 21:50:01 2005 */
+/* Generated by re2c 0.9.11 on Sun Feb 19 13:10:33 2006 */
#line 1 "ext/standard/var_unserializer.re"
/*
+----------------------------------------------------------------------+
if (Z_OBJCE_PP(rval) != PHP_IC_ENTRY &&
zend_hash_exists(&Z_OBJCE_PP(rval)->function_table, "__wakeup", sizeof("__wakeup"))) {
INIT_PZVAL(&fname);
- ZVAL_STRINGL(&fname, "__wakeup", sizeof("__wakeup") - 1, 0);
+ ZVAL_ASCII_STRINGL(&fname, "__wakeup", sizeof("__wakeup") - 1, 1);
call_user_function_ex(CG(function_table), rval, &fname, &retval_ptr, 0, 0, 1, NULL TSRMLS_CC);
+ zval_dtor(&fname);
}
if (retval_ptr)
0, 0, 0, 0, 0, 0, 0, 0,
};
-#line 394 "ext/standard/var_unserializer.c"
+#line 395 "ext/standard/var_unserializer.c"
{
YYCTYPE yych;
unsigned int yyaccept = 0;
if(yych == ':') goto yy87;
goto yy3;
yy3:
-#line 626 "ext/standard/var_unserializer.re"
+#line 627 "ext/standard/var_unserializer.re"
{ return 0; }
-#line 424 "ext/standard/var_unserializer.c"
+#line 425 "ext/standard/var_unserializer.c"
yy4: yyaccept = 0;
yych = *(YYMARKER = ++YYCURSOR);
if(yych == ':') goto yy81;
yy13: ++YYCURSOR;
goto yy14;
yy14:
-#line 620 "ext/standard/var_unserializer.re"
+#line 621 "ext/standard/var_unserializer.re"
{
/* this is the case where we have less data than planned */
php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Unexpected end of serialized data");
return 0; /* not sure if it should be 0 or 1 here? */
}
-#line 469 "ext/standard/var_unserializer.c"
+#line 470 "ext/standard/var_unserializer.c"
yy15: yych = *++YYCURSOR;
goto yy3;
yy16: yych = *++YYCURSOR;
yy22: ++YYCURSOR;
goto yy23;
yy23:
-#line 508 "ext/standard/var_unserializer.re"
+#line 509 "ext/standard/var_unserializer.re"
{
size_t len, len2, len3, maxlen;
long elements;
return object_common2(UNSERIALIZE_PASSTHRU, elements);
}
-#line 614 "ext/standard/var_unserializer.c"
+#line 615 "ext/standard/var_unserializer.c"
yy24: yych = *++YYCURSOR;
if(yych <= ','){
if(yych != '+') goto yy17;
yy29: ++YYCURSOR;
goto yy30;
yy30:
-#line 500 "ext/standard/var_unserializer.re"
+#line 501 "ext/standard/var_unserializer.re"
{
INIT_PZVAL(*rval);
return object_common2(UNSERIALIZE_PASSTHRU,
object_common1(UNSERIALIZE_PASSTHRU, ZEND_STANDARD_CLASS_DEF_PTR));
}
-#line 651 "ext/standard/var_unserializer.c"
+#line 652 "ext/standard/var_unserializer.c"
yy31: yych = *++YYCURSOR;
if(yych == '+') goto yy32;
if(yych <= '/') goto yy17;
yy36: ++YYCURSOR;
goto yy37;
yy37:
-#line 478 "ext/standard/var_unserializer.re"
+#line 479 "ext/standard/var_unserializer.re"
{
long elements = parse_iv(start + 2);
/* use iv() not uiv() in order to check data range */
return finish_nested_data(UNSERIALIZE_PASSTHRU);
}
-#line 697 "ext/standard/var_unserializer.c"
+#line 698 "ext/standard/var_unserializer.c"
yy38: yych = *++YYCURSOR;
if(yych == '+') goto yy39;
if(yych <= '/') goto yy17;
yy43: ++YYCURSOR;
goto yy44;
yy44:
-#line 450 "ext/standard/var_unserializer.re"
+#line 451 "ext/standard/var_unserializer.re"
{
size_t len, maxlen;
char *str;
ZVAL_STRINGL(*rval, str, len, 1);
return 1;
}
-#line 749 "ext/standard/var_unserializer.c"
+#line 750 "ext/standard/var_unserializer.c"
yy45: yych = *++YYCURSOR;
if(yych <= '/'){
if(yych <= ','){
yy55: ++YYCURSOR;
goto yy56;
yy56:
-#line 443 "ext/standard/var_unserializer.re"
+#line 444 "ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
ZVAL_DOUBLE(*rval, zend_strtod((const char *)start + 2, NULL));
return 1;
}
-#line 845 "ext/standard/var_unserializer.c"
+#line 846 "ext/standard/var_unserializer.c"
yy57: yych = *++YYCURSOR;
if(yych <= ','){
if(yych != '+') goto yy17;
yy66: ++YYCURSOR;
goto yy67;
yy67:
-#line 428 "ext/standard/var_unserializer.re"
+#line 429 "ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
return 1;
}
-#line 920 "ext/standard/var_unserializer.c"
+#line 921 "ext/standard/var_unserializer.c"
yy68: yych = *++YYCURSOR;
if(yych == 'N') goto yy65;
goto yy17;
yy73: ++YYCURSOR;
goto yy74;
yy74:
-#line 421 "ext/standard/var_unserializer.re"
+#line 422 "ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
ZVAL_LONG(*rval, parse_iv(start + 2));
return 1;
}
-#line 956 "ext/standard/var_unserializer.c"
+#line 957 "ext/standard/var_unserializer.c"
yy75: yych = *++YYCURSOR;
if(yych <= '/') goto yy17;
if(yych >= '2') goto yy17;
yy77: ++YYCURSOR;
goto yy78;
yy78:
-#line 414 "ext/standard/var_unserializer.re"
+#line 415 "ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
ZVAL_BOOL(*rval, parse_iv(start + 2));
return 1;
}
-#line 974 "ext/standard/var_unserializer.c"
+#line 975 "ext/standard/var_unserializer.c"
yy79: ++YYCURSOR;
goto yy80;
yy80:
-#line 407 "ext/standard/var_unserializer.re"
+#line 408 "ext/standard/var_unserializer.re"
{
*p = YYCURSOR;
INIT_PZVAL(*rval);
ZVAL_NULL(*rval);
return 1;
}
-#line 985 "ext/standard/var_unserializer.c"
+#line 986 "ext/standard/var_unserializer.c"
yy81: yych = *++YYCURSOR;
if(yych <= ','){
if(yych != '+') goto yy17;
yy85: ++YYCURSOR;
goto yy86;
yy86:
-#line 384 "ext/standard/var_unserializer.re"
+#line 385 "ext/standard/var_unserializer.re"
{
long id;
return 1;
}
-#line 1034 "ext/standard/var_unserializer.c"
+#line 1035 "ext/standard/var_unserializer.c"
yy87: yych = *++YYCURSOR;
if(yych <= ','){
if(yych != '+') goto yy17;
yy91: ++YYCURSOR;
goto yy92;
yy92:
-#line 363 "ext/standard/var_unserializer.re"
+#line 364 "ext/standard/var_unserializer.re"
{
long id;
return 1;
}
-#line 1081 "ext/standard/var_unserializer.c"
+#line 1082 "ext/standard/var_unserializer.c"
}
}
-#line 628 "ext/standard/var_unserializer.re"
+#line 629 "ext/standard/var_unserializer.re"
return 0;
projects / php / commitdiff