Hi,
it recently came to my attention that the function whitelist and blacklist
feature inside Suhosin is easily bypassable since PHP 5.0.
The reason for this is that PHP is no longer calling the
zend_execute_internal() hook if a function is called from another function (via
zend_call_function)
In the days of PHP 4 the code looked like this:
if (!zend_execute_internal) {
((zend_internal_function *)
EX(function_state).function)->handler(EX(opline)->extended_value,
EX(Ts)[EX(opline)->result.u.var].var.ptr, EX(object).ptr, 1 TSRMLS_CC);
} else {
zend_execute_internal(&execute_data, 1 TSRMLS_CC);
}
Nowadays (since PHP 5.0) the code was moved from call_user_function_ex to
zend_call_function and just looks like this:
((zend_internal_function *)
EX(function_state).function)->handler(fci->param_count, *fci->retval_ptr_ptr,
fci->retval_ptr_ptr, fci->object_ptr, 1 TSRMLS_CC);
While this has no immediate impact for average PHP users, it basically kills
the possibility for an extension like Suhosin to catch all function starts.
This should also be a problem for your DTRACE support. And IIRC Xdebug was
hooking this point (at least in the past), too.
My suggestion is to change the code to call the hook again.
Regards,
Stefan
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
