Skip to content

Commit

Permalink
Copyright Protection
Browse files Browse the repository at this point in the history
  • Loading branch information
@NathanFreeman
NathanFreeman committed Mar 5, 2024
1 parent d1c0486 commit 770fcc8
Show file tree
Hide file tree
Showing 2 changed files with 107 additions and 91 deletions.
92 changes: 1 addition & 91 deletions ext-src/swoole_http_request.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,9 @@
SW_EXTERN_C_BEGIN
#include "ext/standard/url.h"
#include "stubs/php_swoole_http_request_arginfo.h"
#include "thirdparty/php/main/SAPI.h"
SW_EXTERN_C_END

#include "main/php_variables.h"

#ifdef SW_HAVE_ZLIB
#include <zlib.h>
#endif
Expand Down Expand Up @@ -64,95 +63,6 @@ static int multipart_body_on_data(multipart_parser *p, const char *at, size_t le
static int multipart_body_on_header_complete(multipart_parser *p);
static int multipart_body_on_data_end(multipart_parser *p);

/**
* This only handles the cases of PARSE_STRING and PARSE_COOKIE
*/
static void swoole_php_treat_data(int arg, char *str, zval *destArray) {
char *res = NULL, *var, *val, *separator = NULL;
const char *c_var;
zval array;
int free_buffer = 0;
char *strtok_buf = NULL;
zend_long count = 0;

ZVAL_UNDEF(&array);
ZVAL_COPY_VALUE(&array, destArray);

res = str;
free_buffer = 1;

if (!res) {
return;
}

switch (arg) {
case PARSE_STRING:
separator = PG(arg_separator).input;
break;
case PARSE_COOKIE:
separator = (char *) ";\0";
break;
}

var = php_strtok_r(res, separator, &strtok_buf);

while (var) {
size_t val_len;
size_t new_val_len;

val = strchr(var, '=');

if (arg == PARSE_COOKIE) {
/* Remove leading spaces from cookie names, needed for multi-cookie header where ; can be followed by a
* space */
while (isspace(*var)) {
var++;
}
if (var == val || *var == '\0') {
goto next_cookie;
}
}

if (++count > PG(max_input_vars)) {
swoole_warning("Input variables exceeded " ZEND_LONG_FMT
". To increase the limit change max_input_vars in php.ini.",
PG(max_input_vars));
break;
}

if (val) { /* have a value */
*val++ = '\0';
if (arg == PARSE_COOKIE) {
val_len = php_raw_url_decode(val, strlen(val));
} else {
val_len = php_url_decode(val, strlen(val));
}
} else {
val = "";
val_len = 0;
}

val = estrndup(val, val_len);
if (arg != PARSE_COOKIE) {
php_url_decode(var, strlen(var));
}

if (sapi_module.input_filter(PARSE_STRING, var, &val, val_len, &new_val_len)) {
if (arg == PARSE_STRING ||
(arg == PARSE_COOKIE && !zend_symtable_str_exists(Z_ARRVAL_P(&array), var, strlen(var)))) {
php_register_variable_safe(var, val, new_val_len, &array);
}
}
efree(val);
next_cookie:
var = php_strtok_r(NULL, separator, &strtok_buf);
}

if (free_buffer) {
efree(res);
}
}

static int http_request_on_path(swoole_http_parser *parser, const char *at, size_t length) {
HttpContext *ctx = (HttpContext *) parser->data;
ctx->request.path = estrndup(at, length);
Expand Down
106 changes: 106 additions & 0 deletions thirdparty/php/main/SAPI.h
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
/*
+----------------------------------------------------------------------+
| Copyright (c) The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| https://www.php.net/license/3_01.txt |
| If you did not receive a copy of the PHP license and are unable to |
| obtain it through the world-wide-web, please send a note to |
| [email protected] so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
| Author: Zeev Suraski <[email protected]> |
+----------------------------------------------------------------------+
*/

#include "php_swoole_cxx.h"
#include "main/php_variables.h"

/**
* This only handles the cases of PARSE_STRING and PARSE_COOKIE
*/
static void swoole_php_treat_data(int arg, char *str, zval *destArray) {
char *res = NULL, *var, *val, *separator = NULL;
zval array;
int free_buffer = 0;
char *strtok_buf = NULL;
zend_long count = 0;

ZVAL_UNDEF(&array);
ZVAL_COPY_VALUE(&array, destArray);

res = str;
free_buffer = 1;

if (!res) {
return;
}

switch (arg) {
case PARSE_STRING:
separator = PG(arg_separator).input;
break;
case PARSE_COOKIE:
separator = (char *) ";\0";
break;
}

var = php_strtok_r(res, separator, &strtok_buf);

while (var) {
size_t val_len;
size_t new_val_len;

val = strchr(var, '=');

if (arg == PARSE_COOKIE) {
/* Remove leading spaces from cookie names, needed for multi-cookie header where ; can be followed by a
* space */
while (isspace(*var)) {
var++;
}
if (var == val || *var == '\0') {
goto next_cookie;
}
}

if (++count > PG(max_input_vars)) {
swoole_warning("Input variables exceeded " ZEND_LONG_FMT
". To increase the limit change max_input_vars in php.ini.",
PG(max_input_vars));
break;
}

if (val) { /* have a value */
*val++ = '\0';
if (arg == PARSE_COOKIE) {
val_len = php_raw_url_decode(val, strlen(val));
} else {
val_len = php_url_decode(val, strlen(val));
}
} else {
val = (char *) "";
val_len = 0;
}

val = estrndup(val, val_len);
if (arg != PARSE_COOKIE) {
php_url_decode(var, strlen(var));
}

if (sapi_module.input_filter(PARSE_STRING, var, &val, val_len, &new_val_len)) {
if (arg == PARSE_STRING ||
(arg == PARSE_COOKIE && !zend_symtable_str_exists(Z_ARRVAL_P(&array), var, strlen(var)))) {
php_register_variable_safe(var, val, new_val_len, &array);
}
}
efree(val);
next_cookie:
var = php_strtok_r(NULL, separator, &strtok_buf);
}

if (free_buffer) {
efree(res);
}
}

0 comments on commit 770fcc8

Please sign in to comment.