Skip to content

Commit

Permalink
Ensure the request init hook is bound by the open_basedir INI directive
Browse files Browse the repository at this point in the history 
Also sandbox the request init hook so that errors and exceptions are ignored
  • Loading branch information
@SammyK
SammyK committed Sep 18, 2019
1 parent aeef8af commit 87fc324
Show file tree
Hide file tree
Showing 3 changed files with 49 additions and 7 deletions.
1 change: 1 addition & 0 deletions package.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@
<file name="random.h" role="src" />
<file name="request_hooks.c" role="src" />
<file name="request_hooks.h" role="src" />
<file name="sandbox.h" role="src" />
<file name="serializer.c" role="src" />
<file name="serializer.h" role="src" />
<file name="version.h" role="src" />
Expand Down
18 changes: 11 additions & 7 deletions src/ext/request_hooks.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
#include "ddtrace.h"
#include "env_config.h"
#include "logging.h"
#include "sandbox.h"

ZEND_EXTERN_MODULE_GLOBALS(ddtrace);

Expand Down Expand Up @@ -81,10 +82,10 @@ int dd_execute_php_file(const char *filename TSRMLS_DC) {
int ret;

BOOL_T rv = FALSE;
char *original_open_basedir = PG(open_basedir);
PG(open_basedir) = NULL;

DD_TRACE_SANDBOX_OPEN
ret = php_stream_open_for_zend_ex(filename, &file_handle, USE_PATH | STREAM_OPEN_FOR_INCLUDE TSRMLS_CC);
DD_TRACE_SANDBOX_CLOSE

if (ret == SUCCESS) {
if (!file_handle.opened_path) {
Expand All @@ -105,7 +106,10 @@ int dd_execute_php_file(const char *filename TSRMLS_DC) {
zend_rebuild_symbol_table(TSRMLS_C);
}

zend_execute(new_op_array TSRMLS_CC);
DD_TRACE_SANDBOX_OPEN
zend_try { zend_execute(new_op_array TSRMLS_CC); }
zend_end_try();
DD_TRACE_SANDBOX_CLOSE

destroy_op_array(new_op_array TSRMLS_CC);
efree(new_op_array);
Expand All @@ -118,7 +122,6 @@ int dd_execute_php_file(const char *filename TSRMLS_DC) {
}
}

PG(open_basedir) = original_open_basedir;
return rv;
}
#else
Expand All @@ -133,9 +136,9 @@ int dd_execute_php_file(const char *filename TSRMLS_DC) {
zend_op_array *new_op_array;
zval result;
int ret, rv = FALSE;
char *original_open_basedir = PG(open_basedir);
PG(open_basedir) = NULL;
DD_TRACE_SANDBOX_OPEN
ret = php_stream_open_for_zend_ex(filename, &file_handle, USE_PATH | STREAM_OPEN_FOR_INCLUDE);
DD_TRACE_SANDBOX_CLOSE

if (ret == SUCCESS) {
zend_string *opened_path;
Expand All @@ -154,7 +157,9 @@ int dd_execute_php_file(const char *filename TSRMLS_DC) {
zend_string_release(opened_path);
if (new_op_array) {
ZVAL_UNDEF(&result);
DD_TRACE_SANDBOX_OPEN
zend_execute(new_op_array, &result);
DD_TRACE_SANDBOX_CLOSE

destroy_op_array(new_op_array);
efree(new_op_array);
Expand All @@ -165,7 +170,6 @@ int dd_execute_php_file(const char *filename TSRMLS_DC) {
}
}

PG(open_basedir) = original_open_basedir;
return rv;
}
#endif
37 changes: 37 additions & 0 deletions src/ext/sandbox.h
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
#ifndef DDTRACE_SANDBOX_H
#define DDTRACE_SANDBOX_H
#include <Zend/zend_exceptions.h>
#include <php.h>

#if PHP_VERSION_ID < 70000
#define DD_TRACE_SANDBOX_OPEN \
zend_error_handling error_handling; \
int orig_error_reporting = EG(error_reporting); \
EG(error_reporting) = 0; \
zend_replace_error_handling(EH_SUPPRESS, NULL, &error_handling TSRMLS_CC); \
{
#define DD_TRACE_SANDBOX_CLOSE \
} \
zend_restore_error_handling(&error_handling TSRMLS_CC); \
EG(error_reporting) = orig_error_reporting; \
if (EG(exception)) { \
if (!DDTRACE_G(strict_mode)) { \
zend_clear_exception(TSRMLS_C); \
} \
}
#else
#define DD_TRACE_SANDBOX_OPEN \
int orig_error_reporting = EG(error_reporting); \
EG(error_reporting) = 0; \
{
#define DD_TRACE_SANDBOX_CLOSE \
} \
EG(error_reporting) = orig_error_reporting; \
if (EG(exception)) { \
if (!DDTRACE_G(strict_mode)) { \
zend_clear_exception(TSRMLS_C); \
} \
}
#endif

#endif // DDTRACE_SANDBOX_H

0 comments on commit 87fc324

Please sign in to comment.