Home
My Posts

Archive
Login
Signup

Recent Posts

Free subdomains

Want your own xyz.kpaste.net sub-domain for your community? Just type the address into your browser address bar (foo.xyz.kpaste.net is also supported).

Suggestions/Bugs?

Email us at . Try to include as much info as possible.

About

Pastebin is a tool for collaborative debugging or editing.

 

Suhosin 0.9.33 for PHP 5.4
Posted by Anonymous on Fri 9th Mar 2012 18:09
raw | new post
view followups (newest first): Suhosin 0.9.33 for PHP 5.4 by Anonymous

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting: None Bash C C++ CSS Diff HTML mIRC Script Perl PHP Python Smarty XML ---------------------------- ABAP Actionscript ADA Apache Log AppleScript APT sources.list ASM ASP AutoIT Bash C C# C++ C++ (with QT) CSS Diff HTML INI (Config Files) Java Javascript Lua Make mIRC Script MySQL NSIS Perl PHP Python Q(uick)BASIC robots Ruby Ruby on Rails SDLBasic Smarty SQL TCL Text VB.NET Visual BASIC Visual Fox Pro Visual Prolog Windows Registry Files XML Xorg.conf

To highlight particular lines, prefix each line with {%HIGHLIGHT}
--- a/execute.c +++ b/execute.c @@ -35,6 +35,7 @@ #include "zend_compile.h" #include "zend_llist.h" #include "SAPI.h" +#include "main/php_version.h" #include "sha256.h" @@ -1031,7 +1032,9 @@ if ((str_length == sizeof("</head>\n")-1) && (strcmp(str, "</head>\n")==0)) { SUHOSIN_G(old_php_body_write)(S_META_ROBOTS, sizeof(S_META_ROBOTS)-1 TSRMLS_CC); +#if PHP_VERSION_ID < 50400 OG(php_body_write) = SUHOSIN_G(old_php_body_write); +#endif return SUHOSIN_G(old_php_body_write)(str, str_length TSRMLS_CC); } else if ((str_length == sizeof(P_META_ROBOTS)-1) && (strcmp(str, P_META_ROBOTS)==0)) { return str_length; @@ -1054,6 +1057,7 @@ } /* Andale! Andale! Yee-Hah! */ +#if PHP_VERSION_ID < 50400 php_start_ob_buffer(NULL, 4096, 0 TSRMLS_CC); if (!sapi_module.phpinfo_as_text) { SUHOSIN_G(old_php_body_write) = OG(php_body_write); @@ -1061,6 +1065,11 @@ } php_print_info(flag TSRMLS_CC); php_end_ob_buffer(1, 0 TSRMLS_CC); +#else + php_output_start_default(TSRMLS_CC); + php_print_info(flag TSRMLS_CC); + php_output_end(); +#endif RETVAL_TRUE; return (1); @@ -1606,8 +1615,14 @@ } #ifdef ZEND_ENGINE_2 + +#if PHP_VERSION_ID < 50400 return_value = (*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->result.u.var)).var.ptr; #else + return_value = (*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->extended_value)).var.ptr; +#endif + +#else return_value = execute_data_ptr->Ts[execute_data_ptr->opline->result.u.var].var.ptr; #endif ht = execute_data_ptr->opline->extended_value; --- a/rfc1867.c +++ b/rfc1867.c @@ -35,6 +35,7 @@ #include "suhosin_rfc1867.h" #include "php_ini.h" #include "ext/standard/php_string.h" +#include "main/php_version.h" #define DEBUG_FILE_UPLOAD ZEND_DEBUG @@ -244,21 +245,29 @@ static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) { +#if PHP_VERSION_ID < 50400 int register_globals = PG(register_globals); PG(register_globals) = 0; +#endif safe_php_register_variable(strvar, val, http_post_files, override_protection TSRMLS_CC); +#if PHP_VERSION_ID < 50400 PG(register_globals) = register_globals; +#endif } static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC) { +#if PHP_VERSION_ID < 50400 int register_globals = PG(register_globals); PG(register_globals) = 0; +#endif safe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC); +#if PHP_VERSION_ID < 50400 PG(register_globals) = register_globals; +#endif } /* --- a/session.c +++ b/session.c @@ -33,6 +33,7 @@ #include "ext/standard/php_smart_str.h" #include "ext/standard/php_var.h" #include "sha256.h" +#include "main/php_version.h" #include <fcntl.h> @@ -294,6 +295,7 @@ if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) { ret = zend_hash_find(Z_ARRVAL_P(SESSION_G(http_session_vars)), name, namelen + 1, (void **) state_var); +#if PHP_VERSION_ID < 50400 /* If register_globals is enabled, and * if there is an entry for the slot in $_SESSION, and * if that entry is still set to NULL, and @@ -307,6 +309,7 @@ *state_var = tmp; } } +#endif } return ret; } --- a/log.c +++ b/log.c @@ -31,6 +31,7 @@ #include "SAPI.h" #include "ext/standard/datetime.h" #include "ext/standard/flock_compat.h" +#include "main/php_version.h" #ifdef HAVE_SYS_SOCKET_H #include <sys/socket.h> @@ -317,7 +318,9 @@ zval *result = NULL; long orig_execution_depth = SUHOSIN_G(execution_depth); +#if PHP_VERSION_ID < 50400 zend_bool orig_safe_mode = PG(safe_mode); +#endif char *orig_basedir = PG(open_basedir); char *phpscript = SUHOSIN_G(log_phpscriptname); @@ -354,14 +357,18 @@ SUHOSIN_G(execution_depth) = 0; if (SUHOSIN_G(log_phpscript_is_safe)) { +#if PHP_VERSION_ID < 50400 PG(safe_mode) = 0; +#endif PG(open_basedir) = NULL; } zend_execute(new_op_array TSRMLS_CC); SUHOSIN_G(execution_depth) = orig_execution_depth; +#if PHP_VERSION_ID < 50400 PG(safe_mode) = orig_safe_mode; +#endif PG(open_basedir) = orig_basedir; #ifdef ZEND_ENGINE_2 --- a/sha256.c +++ b/sha256.c @@ -86,9 +86,11 @@ return; } +#if PHP_VERSION_ID < 50400 if (PG(safe_mode) && (!php_checkuid(arg, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { RETURN_FALSE; } +#endif if (php_check_open_basedir(arg TSRMLS_CC)) { RETURN_FALSE; @@ -392,7 +394,11 @@ /* {{{ suhosin_sha256_functions[] */ +#if PHP_VERSION_ID < 50400 static function_entry suhosin_sha256_functions[] = { +#else +static zend_function_entry suhosin_sha256_functions[] = { +#endif PHP_NAMED_FE(sha256, PHP_FN(suhosin_sha256), NULL) PHP_NAMED_FE(sha256_file, PHP_FN(suhosin_sha256_file), NULL) {NULL, NULL, NULL} --- a/suhosin.c +++ b/suhosin.c @@ -646,12 +646,16 @@ array_init(gpc_element); zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); } else { +#if PHP_VERSION_ID < 50400 if (PG(magic_quotes_gpc) && (index != var)) { /* no need to addslashes() the index if it's the main variable name */ escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC); } else { +#endif escaped_index = index; +#if PHP_VERSION_ID < 50400 } +#endif if (zend_symtable_find(symtable1, escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE || Z_TYPE_PP(gpc_element_p) != IS_ARRAY) { MAKE_STD_ZVAL(gpc_element); @@ -683,11 +687,15 @@ if (!index) { zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); } else { +#if PHP_VERSION_ID < 50400 if (PG(magic_quotes_gpc)) { escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC); } else { +#endif escaped_index = index; +#if PHP_VERSION_ID < 50400 } +#endif /* * According to rfc2965, more specific paths are listed above the less specific ones. * If we encounter a duplicate cookie name, we should skip it, since it is not possible @@ -714,11 +722,15 @@ /* Prepare value */ Z_STRLEN(new_entry) = str_len; +#if PHP_VERSION_ID < 50400 if (PG(magic_quotes_gpc)) { Z_STRVAL(new_entry) = php_addslashes(strval, Z_STRLEN(new_entry), &Z_STRLEN(new_entry), 0 TSRMLS_CC); } else { +#endif Z_STRVAL(new_entry) = estrndup(strval, Z_STRLEN(new_entry)); +#if PHP_VERSION_ID < 50400 } +#endif Z_TYPE(new_entry) = IS_STRING; suhosin_register_cookie_variable(var, &new_entry, track_vars_array TSRMLS_CC); --- a/ex_imp.c +++ b/ex_imp.c @@ -727,7 +727,11 @@ /* {{{ suhosin_ex_imp_functions[] */ +#if PHP_VERSION_ID < 50400 function_entry suhosin_ex_imp_functions[] = { +#else +zend_function_entry suhosin_ex_imp_functions[] = { +#endif PHP_NAMED_FE(extract, PHP_FN(suhosin_extract), suhosin_arginfo_extract) PHP_NAMED_FE(import_request_variables, PHP_FN(suhosin_import_request_variables), suhosin_arginfo_import_request_variables) {NULL, NULL, NULL}

Title:

Privacy: Public Private

How long should your post be retained?

15 mins an hour a day a week a month forever

All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at