Permalink
Browse files

commiting zend_disable_class patch for George:

disabled classes will be replaced by dummy classes
that print a warning upon instanciation
  • Loading branch information...
1 parent acef51e commit a700180f5d9e9c7467caefb351118e402ed8832e Harald Radi committed Mar 3, 2003
Showing with 31 additions and 1 deletion.
  1. +28 −0 Zend/zend_API.c
  2. +3 −1 Zend/zend_API.h
View
28 Zend/zend_API.c
@@ -1419,6 +1419,34 @@ ZEND_API int zend_disable_function(char *function_name, uint function_name_lengt
return zend_register_functions(NULL, disabled_function, CG(function_table), MODULE_PERSISTENT TSRMLS_CC);
}
+static zend_object_value display_disabled_class(zend_class_entry *class_type TSRMLS_DC)
+{
+ zend_object_value retval;
+ zend_object *intern;
+ retval = zend_objects_new(&intern, class_type);
+ ALLOC_HASHTABLE(intern->properties);
+ zend_hash_init(intern->properties, 0, NULL, ZVAL_PTR_DTOR, 0);
+ zend_error(E_WARNING, "%s() has been disabled for security reasons", class_type->name);
+ return retval;
+}
+
+static zend_function_entry disabled_class_new[] = {
+ { NULL, NULL, NULL }
+};
+
+ZEND_API int zend_disable_class(char *class_name, uint class_name_length TSRMLS_DC)
+{
+ zend_class_entry *disabled_class;
+ disabled_class = (zend_class_entry *) emalloc(sizeof(zend_class_entry));
+ if (zend_hash_del(CG(class_table), class_name, class_name_length+1)==FAILURE) {
+ return FAILURE;
+ }
+ INIT_CLASS_ENTRY((*disabled_class), class_name, disabled_class_new);
+ disabled_class->create_object = display_disabled_class;
+ zend_register_internal_class(disabled_class TSRMLS_CC);
+ return 1;
+}
+
zend_bool zend_is_callable(zval *callable, zend_bool syntax_only, char **callable_name)
{
char *lcname;
View
4 Zend/zend_API.h
@@ -90,7 +90,7 @@ BEGIN_EXTERN_C()
#define INIT_OVERLOADED_CLASS_ENTRY(class_container, class_name, functions, handle_fcall, handle_propget, handle_propset) \
{ \
class_container.name = strdup(class_name); \
- class_container.name_length = sizeof(class_name)-1; \
+ class_container.name_length = strlen(class_name); \
class_container.builtin_functions = functions; \
class_container.constructor = NULL; \
class_container.destructor = NULL; \
@@ -136,6 +136,7 @@ ZEND_API zend_class_entry *zend_register_internal_class(zend_class_entry *class_
ZEND_API zend_class_entry *zend_register_internal_class_ex(zend_class_entry *class_entry, zend_class_entry *parent_ce, char *parent_name TSRMLS_DC);
ZEND_API int zend_disable_function(char *function_name, uint function_name_length TSRMLS_DC);
+ZEND_API int zend_disable_class(char *class_name, uint class_name_length TSRMLS_DC);
ZEND_API void zend_wrong_param_count(TSRMLS_D);
ZEND_API zend_bool zend_is_callable(zval *callable, zend_bool syntax_only, char **callable_name);
@@ -250,6 +251,7 @@ ZEND_API int zend_set_hash_symbol(zval *symbol, char *name, int name_length,
#define add_method(arg, key, method) add_assoc_function((arg), (key), (method))
ZEND_API ZEND_FUNCTION(display_disabled_function);
+ZEND_API ZEND_FUNCTION(display_disabled_class);
#if ZEND_DEBUG
#define CHECK_ZVAL_STRING(z) \

0 comments on commit a700180

Please sign in to comment.