Skip to content
Browse files

Check blacklisted function if using suhosin module.

Signed-off-by: Muhammad Fikri <fikswznd@gmail.com>
  • Loading branch information...
1 parent c2300c8 commit c9da86f4c47e49a47df782455ef2c6118d1ba879 @swznd committed Sep 18, 2012
Showing with 39 additions and 3 deletions.
  1. +39 −3 system/libraries/Upload.php
View
42 system/libraries/Upload.php
@@ -1033,7 +1033,7 @@ protected function _file_mime_type($file)
? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1'
: 'file --brief --mime '.$file['tmp_name'].' 2>&1';
- if (function_exists('exec'))
+ if (function_exists('exec') && !$this->_is_suhosin_blacklisted('exec'))
{
/* This might look confusing, as $mime is being populated with all of the output when set in the second parameter.
* However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites
@@ -1048,7 +1048,7 @@ protected function _file_mime_type($file)
}
}
- if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec'))
+ if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec') && !$this->_is_suhosin_blacklisted('shell_exec'))
{
$mime = @shell_exec($cmd);
if (strlen($mime) > 0)
@@ -1062,7 +1062,7 @@ protected function _file_mime_type($file)
}
}
- if (function_exists('popen'))
+ if (function_exists('popen') && !$this->_is_suhosin_blacklisted('popen'))
{
$proc = @popen($cmd, 'r');
if (is_resource($proc))
@@ -1094,6 +1094,42 @@ protected function _file_mime_type($file)
$this->file_type = $file['type'];
}
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Check Suhosin Blacklist
+ *
+ *
+ * @param string
+ * @return bool
+ */
+
+ function _is_suhosin_blacklisted($func)
+ {
+ if(extension_loaded('suhosin'))
@alexbilbie
alexbilbie added a note Sep 18, 2012

Should be a space after if

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ {
+ $blacklist = @ini_get("suhosin.executor.func.blacklist");
@alexbilbie
alexbilbie added a note Sep 18, 2012

Should have single quotes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ if(!empty($blacklist))
@alexbilbie
alexbilbie added a note Sep 18, 2012

Should be a space after if and before and after !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ {
+ if(strpos($blacklist,',') !== false)
+ {
+ $blackarray = explode(',',$blacklist);
+ }
+ else {
+ $blackarray[] = $blacklist;
+ }
+
+ if(in_array($func,$blackarray))
+ {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ // --------------------------------------------------------------------
}

1 comment on commit c9da86f

@alexbilbie

Can you please update the code to conform to the style guidelines please. I've left a few examples

Please sign in to comment.
Something went wrong with that request. Please try again.