[PHP-DEV] PATCH: enable disable_functions per dir

Tue, 16 Sep 2003 03:19:41 -0700 

Hello everyone!

I made a patch for PHP 4.3.3 which enables disable_functions perdir support.
It touches main/main.c and sapi/apache/mod_php4.c and it seems to work.

However, I would like to hear developer comments about it.

Thanks!


diff -Naur php-4.3.3-orig/main/main.c php-4.3.3/main/main.c
--- php-4.3.3-orig/main/main.c	2003-08-22 22:02:11.000000000 +0200
+++ php-4.3.3/main/main.c	2003-09-10 11:25:09.000000000 +0200
@@ -1,4 +1,4 @@
-/* 
+/*
    +----------------------------------------------------------------------+
    | PHP Version 4                                                        |
    +----------------------------------------------------------------------+
@@ -359,7 +359,7 @@
 	PHP_INI_ENTRY("precision",					"14",		PHP_INI_ALL,		OnSetPrecision)
 	PHP_INI_ENTRY("sendmail_from",				NULL,		PHP_INI_ALL,		NULL)
 	PHP_INI_ENTRY("sendmail_path",	DEFAULT_SENDMAIL_PATH,	PHP_INI_SYSTEM,		NULL)
-	PHP_INI_ENTRY("disable_functions",			"",			PHP_INI_SYSTEM,		NULL)
+	PHP_INI_ENTRY("disable_functions",			"",			PHP_INI_SYSTEM|PHP_INI_PERDIR,		NULL)
 	PHP_INI_ENTRY("disable_classes",			"",			PHP_INI_SYSTEM,		NULL)
 
 	STD_PHP_INI_BOOLEAN("allow_url_fopen",		"1",		PHP_INI_ALL,		OnUpdateBool,			allow_url_fopen,			php_core_globals,	core_globals)
diff -Naur php-4.3.3-orig/sapi/apache/mod_php4.c php-4.3.3/sapi/apache/mod_php4.c
--- php-4.3.3-orig/sapi/apache/mod_php4.c	2003-06-03 07:41:49.000000000 +0200
+++ php-4.3.3/sapi/apache/mod_php4.c	2003-09-10 11:25:29.000000000 +0200
@@ -528,12 +528,121 @@
 }
 /* }}} */
 
+#define MAX_DISABLED_FUNC_PER_DIR	128
+
+struct my_function_save
+{
+	char name[128];
+	int len;
+	void *handler;
+};
+
+static int functions_saved = 0;
+static struct my_function_save	function_save[MAX_DISABLED_FUNC_PER_DIR];
+
+/* {{{ my_zend_disable_function
+ */
+static int my_zend_disable_function(char *name, int name_len TSRMLS_CC)
+{
+	if ( functions_saved == MAX_DISABLED_FUNC_PER_DIR ) {
+		return 0;
+	}
+
+	zend_function *func;
+
+	if (zend_hash_find(CG(function_table), name, name_len+1, (void **) &func) == FAILURE) {
+		return 0;
+	}
+
+	if ( func->internal_function.handler == ZEND_FN(display_disabled_function) ) {
+		return 0;
+	}
+
+	strncpy(function_save[functions_saved].name,name,sizeof(function_save[0].name));
+	function_save[functions_saved].len = name_len;
+	function_save[functions_saved].handler = func->internal_function.handler;
+
+	func->internal_function.handler = ZEND_FN(display_disabled_function);
+
+	functions_saved++;
+
+	return 1;
+}
+/* }}} */
+
+/* {{{ my_php_restore_functions
+ */
+static int my_php_restore_functions(void)
+{
+	if ( functions_saved == 0 )
+		return 0;
+
+	zend_function *func;
+	int i;
+	int cnt = 0;
+
+	for ( i = 0; i < functions_saved; i++ ) {
+		if (zend_hash_find(CG(function_table), function_save[i].name, function_save[i].len+1, (void **) &func) == SUCCESS) {
+			func->internal_function.handler = function_save[i].handler;
+			cnt++;
+		}
+	}
+
+	functions_saved = 0;
+
+	return cnt;
+}
+/* }}} */
+
+/* {{{ my_php_disable_functions
+ */
+static int my_php_disable_functions(char *e TSRMLS_DC)
+{
+	char *s = NULL;
+	char p;
+	int cnt = 0;
+
+	if (!*e) {
+		return;
+	}
+
+	while (*e) {
+		switch (*e) {
+			case ' ':
+			case ',':
+				if (s) {
+					p = *e;
+					*e = '\0';
+					cnt += my_zend_disable_function(s, e-s TSRMLS_CC);
+					*e = p;
+					s = NULL;
+				}
+				break;
+			default:
+				if (!s) {
+					s = e;
+				}
+				break;
+		}
+		e++;
+	}
+	if (s) {
+		cnt += my_zend_disable_function(s, e-s TSRMLS_CC);
+	}
+
+	return cnt;
+}
+/* }}} */
+
+
 /* {{{ send_php
  */
 static int send_php(request_rec *r, int display_source_mode, char *filename)
 {
 	int retval;
 	HashTable *per_dir_conf;
+	int disabled = 0;
+	int ret = OK;
 	TSRMLS_FETCH();
 
 	if (AP(in_request)) {
@@ -561,9 +670,14 @@
 
 		per_dir_conf = (HashTable *) get_module_config(r->per_dir_config, &php4_module);
 		if (per_dir_conf) {
+			php_per_dir_entry *entry;
+			if ( zend_hash_find((HashTable *) per_dir_conf, "disable_functions",17,(void **) &entry) == SUCCESS )
+			{
+				disabled = my_php_disable_functions(entry->value);
+			}
 			zend_hash_apply((HashTable *) per_dir_conf, (apply_func_t) php_apache_alter_ini_entries TSRMLS_CC);
 		}
-		
+
 		/* If PHP parser engine has been turned off with an "engine off"
 		 * directive, then decline to handle this request
 		 */
@@ -573,7 +687,8 @@
 			zend_try {
 				zend_ini_deactivate(TSRMLS_C);
 			} zend_end_try();
-			return DECLINED;
+			ret = DECLINED;
+			goto out;
 		}
 		if (filename == NULL) {
 			filename = r->filename;
@@ -585,7 +700,8 @@
 			zend_try {
 				zend_ini_deactivate(TSRMLS_C);
 			} zend_end_try();
-			return retval;
+			ret = retval;
+			goto out;
 		}
 #endif
 
@@ -595,7 +711,8 @@
 				zend_try {
 					zend_ini_deactivate(TSRMLS_C);
 				} zend_end_try();
-				return retval;
+				ret = retval;
+				goto out;
 			}
 #else
 			update_mtime (r, r->finfo.st_mtime);
@@ -611,7 +728,7 @@
 		hard_timeout("send", r);
 
 		SG(server_context) = r;
-		
+
 		php_save_umask();
 		add_common_vars(r);
 		add_cgi_vars(r);
@@ -624,7 +741,14 @@
 		kill_timeout(r);
 	} zend_end_try();
 
-	return OK;
+out:
+	if ( disabled > 0 ) {
+		if ( disabled != my_php_restore_functions() ) {
+			ret = DECLINED;
+		}
+	}
+
+	return ret;
 }
 /* }}} */
 


-- 
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to