forked from laruence/taint
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
initial version
- Loading branch information
Showing
8 changed files
with
654 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
taint |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Please do not enable this extension in product env. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
TAINT is a php-ext used to detect XXS codes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
dnl $Id$ | ||
|
||
PHP_ARG_ENABLE(taint, whether to enable taint support, | ||
[ --enable-taint Enable taint support]) | ||
|
||
if test "$PHP_TAINT" != "no"; then | ||
PHP_NEW_EXTENSION(taint, taint.c, $ext_shared) | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
// $Id$ | ||
// vim:ft=javascript | ||
|
||
ARG_ENABLE("taint", "enable taint support", "no"); | ||
|
||
if (PHP_TAINT != "no") { | ||
EXTENSION("taint", "taint.c"); | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
/* | ||
+----------------------------------------------------------------------+ | ||
| PHP Version 5 | | ||
+----------------------------------------------------------------------+ | ||
| Copyright (c) 1997-2010 The PHP Group | | ||
+----------------------------------------------------------------------+ | ||
| This source file is subject to version 3.01 of the PHP license, | | ||
| that is bundled with this package in the file LICENSE, and is | | ||
| available through the world-wide-web at the following url: | | ||
| http://www.php.net/license/3_01.txt | | ||
| If you did not receive a copy of the PHP license and are unable to | | ||
| obtain it through the world-wide-web, please send a note to | | ||
| license@php.net so we can mail you a copy immediately. | | ||
+----------------------------------------------------------------------+ | ||
| Author: Xinchen Hui <laruence@php.net> | | ||
+----------------------------------------------------------------------+ | ||
*/ | ||
|
||
/* $Id: header 297205 2010-03-30 21:09:07Z johannes $ */ | ||
|
||
#ifndef PHP_TAINT_H | ||
#define PHP_TAINT_H | ||
|
||
extern zend_module_entry taint_module_entry; | ||
#define phpext_taint_ptr &taint_module_entry | ||
|
||
#ifdef PHP_WIN32 | ||
#define PHP_TAINT_API __declspec(dllexport) | ||
#else | ||
#define PHP_TAINT_API | ||
#endif | ||
|
||
#ifdef ZTS | ||
#include "TSRM.h" | ||
#endif | ||
|
||
#define PHP_TAINT_MAGIC_LENGTH sizeof(unsigned) | ||
#define PHP_TAINT_MAGIC_NONE 0x00000000 | ||
#define PHP_TAINT_MAGIC_POSSIBLE 0x2A8FCC84 | ||
#define PHP_TAINT_MAGIC_UNTAINT 0x6C5E8F2D | ||
|
||
#define TAINT_T(offset) (*(temp_variable *)((char *) execute_data->Ts + offset)) | ||
#define TAINT_CV(i) (EG(current_execute_data)->CVs[i]) | ||
#define TAINT_PZVAL_UNLOCK(z, f) taint_pzval_unlock_func(z, f, 1) | ||
#define TAINT_PZVAL_UNLOCK_FREE(z) taint_pzval_unlock_free_func(z) | ||
#define TAINT_CV_OF(i) (EG(current_execute_data)->CVs[i]) | ||
#define TAINT_CV_DEF_OF(i) (EG(active_op_array)->vars[i]) | ||
|
||
#define PHP_TAINT_MARK(zv, mark) *((unsigned *)(Z_STRVAL_P(zv) + Z_STRLEN_P(zv) + 1)) = (mark) | ||
#define PHP_TAINT_POSSIBLE(zv) (*(unsigned *)(Z_STRVAL_P(zv) + Z_STRLEN_P(zv) + 1) == PHP_TAINT_MAGIC_POSSIBLE) | ||
#define PHP_TAINT_UNTAINT(zv) (*(unsigned *)(Z_STRVAL_P(zv) + Z_STRLEN_P(zv) + 1) == PHP_TAINT_MAGIC_UNTAINT) | ||
|
||
PHP_MINIT_FUNCTION(taint); | ||
PHP_MSHUTDOWN_FUNCTION(taint); | ||
PHP_RINIT_FUNCTION(taint); | ||
PHP_RSHUTDOWN_FUNCTION(taint); | ||
PHP_MINFO_FUNCTION(taint); | ||
|
||
PHP_FUNCTION(untaint); | ||
PHP_FUNCTION(is_taint); | ||
|
||
ZEND_BEGIN_MODULE_GLOBALS(taint) | ||
zend_bool enable; | ||
int error_level; | ||
ZEND_END_MODULE_GLOBALS(taint) | ||
|
||
#ifdef ZTS | ||
#define TAINT_G(v) TSRMG(taint_globals_id, zend_taint_globals *, v) | ||
#else | ||
#define TAINT_G(v) (taint_globals.v) | ||
#endif | ||
|
||
#endif /* PHP_TAINT_H */ | ||
|
||
|
||
/* | ||
* Local variables: | ||
* tab-width: 4 | ||
* c-basic-offset: 4 | ||
* End: | ||
* vim600: noet sw=4 ts=4 fdm=marker | ||
* vim<600: noet sw=4 ts=4 | ||
*/ |
Oops, something went wrong.