hirokawa Tue Mar 21 01:58:27 2006 UTC
Modified files: (Branch: PHP_5_1)
/php-src/ext/mbstring mbstring.c mbstring.h
/php-src/ext/mbstring/libmbfl/mbfl mbfilter.c mbfilter.h
mbfl_convert.c mbfl_convert.h
Log:
@added possible encoding attack detection by mb_get_info('illegalchars').
http://cvs.php.net/viewcvs.cgi/php-src/ext/mbstring/mbstring.c?r1=1.224.2.17&r2=1.224.2.18&diff_format=u
Index: php-src/ext/mbstring/mbstring.c
diff -u php-src/ext/mbstring/mbstring.c:1.224.2.17
php-src/ext/mbstring/mbstring.c:1.224.2.18
--- php-src/ext/mbstring/mbstring.c:1.224.2.17 Sun Mar 12 07:54:42 2006
+++ php-src/ext/mbstring/mbstring.c Tue Mar 21 01:58:27 2006
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mbstring.c,v 1.224.2.17 2006/03/12 07:54:42 hirokawa Exp $ */
+/* $Id: mbstring.c,v 1.224.2.18 2006/03/21 01:58:27 hirokawa Exp $ */
/*
* PHP 4 Multibyte String module "mbstring"
@@ -927,6 +927,7 @@
MBSTRG(current_http_output_encoding) = MBSTRG(http_output_encoding);
MBSTRG(current_filter_illegal_mode) = MBSTRG(filter_illegal_mode);
MBSTRG(current_filter_illegal_substchar) =
MBSTRG(filter_illegal_substchar);
+ MBSTRG(illegalchars) = 0;
n = 0;
if (MBSTRG(detect_order_list)) {
@@ -995,6 +996,7 @@
MBSTRG(current_detect_order_list_size) = 0;
}
if (MBSTRG(outconv) != NULL) {
+ MBSTRG(illegalchars) +=
mbfl_buffer_illegalchars(MBSTRG(outconv));
mbfl_buffer_converter_delete(MBSTRG(outconv));
MBSTRG(outconv) = NULL;
}
@@ -1451,6 +1453,7 @@
if ((arg_status & PHP_OUTPUT_HANDLER_START) != 0) {
/* delete the converter just in case. */
if (MBSTRG(outconv)) {
+ MBSTRG(illegalchars) +=
mbfl_buffer_illegalchars(MBSTRG(outconv));
mbfl_buffer_converter_delete(MBSTRG(outconv));
MBSTRG(outconv) = NULL;
}
@@ -1515,6 +1518,7 @@
/* delete the converter if it is the last feed. */
if (last_feed) {
+ MBSTRG(illegalchars) +=
mbfl_buffer_illegalchars(MBSTRG(outconv));
mbfl_buffer_converter_delete(MBSTRG(outconv));
MBSTRG(outconv) = NULL;
}
@@ -2079,6 +2083,7 @@
output = (char *)ret->val;
}
+ MBSTRG(illegalchars) += mbfl_buffer_illegalchars(convd);
mbfl_buffer_converter_delete(convd);
return output;
}
@@ -2725,6 +2730,7 @@
}
efree(stack);
+ MBSTRG(illegalchars) += mbfl_buffer_illegalchars(convd);
mbfl_buffer_converter_delete(convd);
}
@@ -3422,6 +3428,8 @@
if (lang != NULL && (name = (char
*)mbfl_no_encoding2name(lang->mail_body_encoding)) != NULL) {
RETVAL_STRING(name, 1);
}
+ } else if (!strcasecmp("illegalchars", typ)) {
+ RETVAL_LONG(MBSTRG(illegalchars));
} else {
RETURN_FALSE;
}
@@ -3588,6 +3596,7 @@
str[i] = ret->val;
len[i] = ret->len;
}
+ MBSTRG(illegalchars) += mbfl_buffer_illegalchars(convd);
mbfl_buffer_converter_delete(convd);
}
@@ -3804,6 +3813,7 @@
*to = ret->val;
*to_length = ret->len;
}
+ MBSTRG(illegalchars) += mbfl_buffer_illegalchars(convd);
mbfl_buffer_converter_delete(convd);
return ret ? 0 : -1;
http://cvs.php.net/viewcvs.cgi/php-src/ext/mbstring/mbstring.h?r1=1.66.2.2&r2=1.66.2.3&diff_format=u
Index: php-src/ext/mbstring/mbstring.h
diff -u php-src/ext/mbstring/mbstring.h:1.66.2.2
php-src/ext/mbstring/mbstring.h:1.66.2.3
--- php-src/ext/mbstring/mbstring.h:1.66.2.2 Sun Jan 1 12:50:08 2006
+++ php-src/ext/mbstring/mbstring.h Tue Mar 21 01:58:27 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mbstring.h,v 1.66.2.2 2006/01/01 12:50:08 sniper Exp $ */
+/* $Id: mbstring.h,v 1.66.2.3 2006/03/21 01:58:27 hirokawa Exp $ */
/*
* PHP 4 Multibyte String module "mbstring" (currently only for Japanese)
@@ -181,6 +181,7 @@
long func_overload;
zend_bool encoding_translation;
long strict_detection;
+ long illegalchars;
mbfl_buffer_converter *outconv;
#if HAVE_MBREGEX && defined(PHP_MBREGEX_GLOBALS)
PHP_MBREGEX_GLOBALS
http://cvs.php.net/viewcvs.cgi/php-src/ext/mbstring/libmbfl/mbfl/mbfilter.c?r1=1.7.2.3&r2=1.7.2.4&diff_format=u
Index: php-src/ext/mbstring/libmbfl/mbfl/mbfilter.c
diff -u php-src/ext/mbstring/libmbfl/mbfl/mbfilter.c:1.7.2.3
php-src/ext/mbstring/libmbfl/mbfl/mbfilter.c:1.7.2.4
--- php-src/ext/mbstring/libmbfl/mbfl/mbfilter.c:1.7.2.3 Sun Dec 25
15:23:55 2005
+++ php-src/ext/mbstring/libmbfl/mbfl/mbfilter.c Tue Mar 21 01:58:27 2006
@@ -331,6 +331,20 @@
return mbfl_memory_device_result(&convd->device, result);
}
+int mbfl_buffer_illegalchars(mbfl_buffer_converter *convd)
+{
+ int num_illegalchars = 0;
+
+ if (convd->filter1 != NULL) {
+ num_illegalchars += convd->filter1->num_illegalchar;
+ }
+
+ if (convd->filter2 != NULL) {
+ num_illegalchars += convd->filter2->num_illegalchar;
+ }
+
+ return (num_illegalchars);
+}
/*
* encoding detector
http://cvs.php.net/viewcvs.cgi/php-src/ext/mbstring/libmbfl/mbfl/mbfilter.h?r1=1.4.2.1&r2=1.4.2.2&diff_format=u
Index: php-src/ext/mbstring/libmbfl/mbfl/mbfilter.h
diff -u php-src/ext/mbstring/libmbfl/mbfl/mbfilter.h:1.4.2.1
php-src/ext/mbstring/libmbfl/mbfl/mbfilter.h:1.4.2.2
--- php-src/ext/mbstring/libmbfl/mbfl/mbfilter.h:1.4.2.1 Sun Dec 25
15:23:55 2005
+++ php-src/ext/mbstring/libmbfl/mbfl/mbfilter.h Tue Mar 21 01:58:27 2006
@@ -129,6 +129,7 @@
MBFLAPI extern mbfl_string *
mbfl_buffer_converter_getbuffer(mbfl_buffer_converter *convd, mbfl_string
*result);
MBFLAPI extern mbfl_string *
mbfl_buffer_converter_result(mbfl_buffer_converter *convd, mbfl_string *result);
MBFLAPI extern mbfl_string *
mbfl_buffer_converter_feed_result(mbfl_buffer_converter *convd, mbfl_string
*string, mbfl_string *result);
+MBFLAPI extern int mbfl_buffer_illegalchars(mbfl_buffer_converter *convd);
/*
* encoding detector
http://cvs.php.net/viewcvs.cgi/php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.c?r1=1.5&r2=1.5.2.1&diff_format=u
Index: php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.c
diff -u php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.c:1.5
php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.c:1.5.2.1
--- php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.c:1.5 Tue Mar 22
22:22:10 2005
+++ php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.c Tue Mar 21 01:58:27 2006
@@ -250,6 +250,7 @@
filter->data = data;
filter->illegal_mode = MBFL_OUTPUTFILTER_ILLEGAL_MODE_CHAR;
filter->illegal_substchar = 0x3f; /* '?' */
+ filter->num_illegalchar = 0;
/* setup the function table */
mbfl_convert_filter_reset_vtbl(filter);
@@ -317,6 +318,7 @@
dist->to = src->to;
dist->illegal_mode = src->illegal_mode;
dist->illegal_substchar = src->illegal_substchar;
+ dist->num_illegalchar = src->num_illegalchar;
}
int mbfl_convert_filter_devcat(mbfl_convert_filter *filter, mbfl_memory_device
*src)
@@ -432,7 +434,7 @@
break;
}
filter->illegal_mode = mode_backup;
-
+ filter->num_illegalchar++;
return ret;
}
http://cvs.php.net/viewcvs.cgi/php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.h?r1=1.4&r2=1.4.2.1&diff_format=u
Index: php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.h
diff -u php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.h:1.4
php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.h:1.4.2.1
--- php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.h:1.4 Mon Feb 21
10:12:43 2005
+++ php-src/ext/mbstring/libmbfl/mbfl/mbfl_convert.h Tue Mar 21 01:58:27 2006
@@ -51,6 +51,7 @@
const mbfl_encoding *to;
int illegal_mode;
int illegal_substchar;
+ int num_illegalchar;
void *opaque;
};
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
