mirror of
https://github.com/php/php-src.git
synced 2024-11-28 20:34:29 +08:00
3c23084cf6
By explicitly computing the message length from bytes. This also makes sure that the length is interpreted in an endianness-independent manner.
414 lines
13 KiB
C
414 lines
13 KiB
C
/*
|
|
+----------------------------------------------------------------------+
|
|
| PHP Version 7 |
|
|
+----------------------------------------------------------------------+
|
|
| Copyright (c) The PHP Group |
|
|
+----------------------------------------------------------------------+
|
|
| This source file is subject to version 3.01 of the PHP license, |
|
|
| that is bundled with this package in the file LICENSE, and is |
|
|
| available through the world-wide-web at the following url: |
|
|
| http://www.php.net/license/3_01.txt |
|
|
| If you did not receive a copy of the PHP license and are unable to |
|
|
| obtain it through the world-wide-web, please send a note to |
|
|
| license@php.net so we can mail you a copy immediately. |
|
|
+----------------------------------------------------------------------+
|
|
| Authors: Bob Weinand <bwoebi@php.net> |
|
|
+----------------------------------------------------------------------+
|
|
*/
|
|
|
|
#include "phpdbg_wait.h"
|
|
#include "phpdbg_prompt.h"
|
|
#include "ext/standard/php_var.h"
|
|
#include "ext/standard/basic_functions.h"
|
|
|
|
ZEND_EXTERN_MODULE_GLOBALS(phpdbg)
|
|
|
|
static void phpdbg_rebuild_http_globals_array(int type, const char *name) {
|
|
zval *zvp;
|
|
if (Z_TYPE(PG(http_globals)[type]) != IS_UNDEF) {
|
|
zval_ptr_dtor_nogc(&PG(http_globals)[type]);
|
|
}
|
|
if ((zvp = zend_hash_str_find(&EG(symbol_table), name, strlen(name)))) {
|
|
Z_ADDREF_P(zvp);
|
|
PG(http_globals)[type] = *zvp;
|
|
}
|
|
}
|
|
|
|
|
|
static int phpdbg_dearm_autoglobals(zend_auto_global *auto_global) {
|
|
if (ZSTR_LEN(auto_global->name) != sizeof("GLOBALS") - 1 || memcmp(ZSTR_VAL(auto_global->name), "GLOBALS", sizeof("GLOBALS") - 1)) {
|
|
auto_global->armed = 0;
|
|
}
|
|
|
|
return ZEND_HASH_APPLY_KEEP;
|
|
}
|
|
|
|
typedef struct {
|
|
HashTable *ht[2];
|
|
HashPosition pos[2];
|
|
} phpdbg_intersect_ptr;
|
|
|
|
static int phpdbg_array_data_compare(const void *a, const void *b) {
|
|
Bucket *f, *s;
|
|
int result;
|
|
zval *first, *second;
|
|
|
|
f = *((Bucket **) a);
|
|
s = *((Bucket **) b);
|
|
|
|
first = &f->val;
|
|
second = &s->val;
|
|
|
|
result = string_compare_function(first, second);
|
|
|
|
if (result < 0) {
|
|
return -1;
|
|
} else if (result > 0) {
|
|
return 1;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void phpdbg_array_intersect_init(phpdbg_intersect_ptr *info, HashTable *ht1, HashTable *ht2) {
|
|
info->ht[0] = ht1;
|
|
info->ht[1] = ht2;
|
|
|
|
zend_hash_sort(info->ht[0], (compare_func_t) phpdbg_array_data_compare, 0);
|
|
zend_hash_sort(info->ht[1], (compare_func_t) phpdbg_array_data_compare, 0);
|
|
|
|
zend_hash_internal_pointer_reset_ex(info->ht[0], &info->pos[0]);
|
|
zend_hash_internal_pointer_reset_ex(info->ht[1], &info->pos[1]);
|
|
}
|
|
|
|
/* -1 => first array, 0 => both arrays equal, 1 => second array */
|
|
static int phpdbg_array_intersect(phpdbg_intersect_ptr *info, zval **ptr) {
|
|
int ret;
|
|
zval *zvp[2];
|
|
int invalid = !info->ht[0] + !info->ht[1];
|
|
|
|
if (invalid > 0) {
|
|
invalid = !info->ht[0];
|
|
|
|
if (!(*ptr = zend_hash_get_current_data_ex(info->ht[invalid], &info->pos[invalid]))) {
|
|
return 0;
|
|
}
|
|
|
|
zend_hash_move_forward_ex(info->ht[invalid], &info->pos[invalid]);
|
|
|
|
return invalid ? 1 : -1;
|
|
}
|
|
|
|
if (!(zvp[0] = zend_hash_get_current_data_ex(info->ht[0], &info->pos[0]))) {
|
|
info->ht[0] = NULL;
|
|
return phpdbg_array_intersect(info, ptr);
|
|
}
|
|
if (!(zvp[1] = zend_hash_get_current_data_ex(info->ht[1], &info->pos[1]))) {
|
|
info->ht[1] = NULL;
|
|
return phpdbg_array_intersect(info, ptr);
|
|
}
|
|
|
|
ret = zend_binary_zval_strcmp(zvp[0], zvp[1]);
|
|
|
|
if (ret <= 0) {
|
|
*ptr = zvp[0];
|
|
zend_hash_move_forward_ex(info->ht[0], &info->pos[0]);
|
|
}
|
|
if (ret >= 0) {
|
|
*ptr = zvp[1];
|
|
zend_hash_move_forward_ex(info->ht[1], &info->pos[1]);
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
void phpdbg_webdata_decompress(char *msg, int len) {
|
|
zval *free_zv = NULL;
|
|
zval zv, *zvp;
|
|
HashTable *ht;
|
|
php_unserialize_data_t var_hash;
|
|
|
|
PHP_VAR_UNSERIALIZE_INIT(var_hash);
|
|
if (!php_var_unserialize(&zv, (const unsigned char **) &msg, (unsigned char *) msg + len, &var_hash)) {
|
|
PHP_VAR_UNSERIALIZE_DESTROY(var_hash);
|
|
phpdbg_error("wait", "type=\"invaliddata\" import=\"fail\"", "Malformed serialized was sent to this socket, arborting");
|
|
return;
|
|
}
|
|
PHP_VAR_UNSERIALIZE_DESTROY(var_hash);
|
|
|
|
ht = Z_ARRVAL(zv);
|
|
|
|
/* Reapply symbol table */
|
|
if ((zvp = zend_hash_str_find(ht, ZEND_STRL("GLOBALS"))) && Z_TYPE_P(zvp) == IS_ARRAY) {
|
|
{
|
|
zval *srv;
|
|
if ((srv = zend_hash_str_find(Z_ARRVAL_P(zvp), ZEND_STRL("_SERVER"))) && Z_TYPE_P(srv) == IS_ARRAY) {
|
|
zval *script;
|
|
if ((script = zend_hash_str_find(Z_ARRVAL_P(srv), ZEND_STRL("SCRIPT_FILENAME"))) && Z_TYPE_P(script) == IS_STRING) {
|
|
phpdbg_param_t param;
|
|
param.str = Z_STRVAL_P(script);
|
|
PHPDBG_COMMAND_HANDLER(exec)(¶m);
|
|
}
|
|
}
|
|
}
|
|
|
|
PG(auto_globals_jit) = 0;
|
|
zend_hash_apply(CG(auto_globals), (apply_func_t) phpdbg_dearm_autoglobals);
|
|
|
|
zend_hash_clean(&EG(symbol_table));
|
|
EG(symbol_table) = *Z_ARR_P(zvp);
|
|
|
|
/* Rebuild cookies, env vars etc. from GLOBALS (PG(http_globals)) */
|
|
phpdbg_rebuild_http_globals_array(TRACK_VARS_POST, "_POST");
|
|
phpdbg_rebuild_http_globals_array(TRACK_VARS_GET, "_GET");
|
|
phpdbg_rebuild_http_globals_array(TRACK_VARS_COOKIE, "_COOKIE");
|
|
phpdbg_rebuild_http_globals_array(TRACK_VARS_SERVER, "_SERVER");
|
|
phpdbg_rebuild_http_globals_array(TRACK_VARS_ENV, "_ENV");
|
|
phpdbg_rebuild_http_globals_array(TRACK_VARS_FILES, "_FILES");
|
|
|
|
Z_ADDREF_P(zvp);
|
|
free_zv = zvp;
|
|
}
|
|
|
|
if ((zvp = zend_hash_str_find(ht, ZEND_STRL("input"))) && Z_TYPE_P(zvp) == IS_STRING) {
|
|
if (SG(request_info).request_body) {
|
|
php_stream_close(SG(request_info).request_body);
|
|
}
|
|
SG(request_info).request_body = php_stream_temp_create_ex(TEMP_STREAM_DEFAULT, SAPI_POST_BLOCK_SIZE, PG(upload_tmp_dir));
|
|
php_stream_truncate_set_size(SG(request_info).request_body, 0);
|
|
php_stream_write(SG(request_info).request_body, Z_STRVAL_P(zvp), Z_STRLEN_P(zvp));
|
|
}
|
|
|
|
if ((zvp = zend_hash_str_find(ht, ZEND_STRL("cwd"))) && Z_TYPE_P(zvp) == IS_STRING) {
|
|
if (VCWD_CHDIR(Z_STRVAL_P(zvp)) == SUCCESS) {
|
|
if (BG(CurrentStatFile) && !IS_ABSOLUTE_PATH(BG(CurrentStatFile), strlen(BG(CurrentStatFile)))) {
|
|
efree(BG(CurrentStatFile));
|
|
BG(CurrentStatFile) = NULL;
|
|
}
|
|
if (BG(CurrentLStatFile) && !IS_ABSOLUTE_PATH(BG(CurrentLStatFile), strlen(BG(CurrentLStatFile)))) {
|
|
efree(BG(CurrentLStatFile));
|
|
BG(CurrentLStatFile) = NULL;
|
|
}
|
|
}
|
|
}
|
|
|
|
if ((zvp = zend_hash_str_find(ht, ZEND_STRL("sapi_name"))) && (Z_TYPE_P(zvp) == IS_STRING || Z_TYPE_P(zvp) == IS_NULL)) {
|
|
if (PHPDBG_G(sapi_name_ptr)) {
|
|
free(PHPDBG_G(sapi_name_ptr));
|
|
}
|
|
if (Z_TYPE_P(zvp) == IS_STRING) {
|
|
PHPDBG_G(sapi_name_ptr) = sapi_module.name = strdup(Z_STRVAL_P(zvp));
|
|
} else {
|
|
PHPDBG_G(sapi_name_ptr) = sapi_module.name = NULL;
|
|
}
|
|
}
|
|
|
|
if ((zvp = zend_hash_str_find(ht, ZEND_STRL("modules"))) && Z_TYPE_P(zvp) == IS_ARRAY) {
|
|
phpdbg_intersect_ptr pos;
|
|
zval *module;
|
|
zend_module_entry *mod;
|
|
HashTable zv_registry;
|
|
|
|
/* intersect modules, unregister modules loaded "too much", announce not yet registered modules (phpdbg_notice) */
|
|
|
|
zend_hash_init(&zv_registry, zend_hash_num_elements(&module_registry), 0, ZVAL_PTR_DTOR, 0);
|
|
ZEND_HASH_FOREACH_PTR(&module_registry, mod) {
|
|
if (mod->name) {
|
|
zval value;
|
|
ZVAL_NEW_STR(&value, zend_string_init(mod->name, strlen(mod->name), 0));
|
|
zend_hash_next_index_insert(&zv_registry, &value);
|
|
}
|
|
} ZEND_HASH_FOREACH_END();
|
|
|
|
phpdbg_array_intersect_init(&pos, &zv_registry, Z_ARRVAL_P(zvp));
|
|
do {
|
|
int mode = phpdbg_array_intersect(&pos, &module);
|
|
if (mode < 0) {
|
|
// loaded module, but not needed
|
|
if (strcmp(PHPDBG_NAME, Z_STRVAL_P(module))) {
|
|
zend_hash_del(&module_registry, Z_STR_P(module));
|
|
}
|
|
} else if (mode > 0) {
|
|
// not loaded module
|
|
if (!sapi_module.name || strcmp(sapi_module.name, Z_STRVAL_P(module))) {
|
|
phpdbg_notice("wait", "missingmodule=\"%.*s\"", "The module %.*s isn't present in " PHPDBG_NAME ", you still can load via dl /path/to/module/%.*s.so", (int) Z_STRLEN_P(module), Z_STRVAL_P(module), (int) Z_STRLEN_P(module), Z_STRVAL_P(module));
|
|
}
|
|
}
|
|
} while (module);
|
|
|
|
zend_hash_clean(&zv_registry);
|
|
}
|
|
|
|
if ((zvp = zend_hash_str_find(ht, ZEND_STRL("extensions"))) && Z_TYPE_P(zvp) == IS_ARRAY) {
|
|
zend_extension *extension;
|
|
zend_llist_position pos;
|
|
zval *name = NULL;
|
|
zend_string *strkey = NULL;
|
|
|
|
extension = (zend_extension *) zend_llist_get_first_ex(&zend_extensions, &pos);
|
|
while (extension) {
|
|
extension = (zend_extension *) zend_llist_get_next_ex(&zend_extensions, &pos);
|
|
if (extension == NULL){
|
|
break;
|
|
}
|
|
|
|
ZEND_HASH_FOREACH_STR_KEY_PTR(Z_ARRVAL_P(zvp), strkey, name) {
|
|
if (Z_TYPE_P(name) == IS_STRING && !zend_binary_strcmp(extension->name, strlen(extension->name), Z_STRVAL_P(name), Z_STRLEN_P(name))) {
|
|
break;
|
|
}
|
|
name = NULL;
|
|
strkey = NULL;
|
|
} ZEND_HASH_FOREACH_END();
|
|
|
|
if (name) {
|
|
/* sigh, breaking the encapsulation, there aren't any functions manipulating the llist at the place of the zend_llist_position */
|
|
zend_llist_element *elm = pos;
|
|
if (elm->prev) {
|
|
elm->prev->next = elm->next;
|
|
} else {
|
|
zend_extensions.head = elm->next;
|
|
}
|
|
if (elm->next) {
|
|
elm->next->prev = elm->prev;
|
|
} else {
|
|
zend_extensions.tail = elm->prev;
|
|
}
|
|
#if ZEND_EXTENSIONS_SUPPORT
|
|
if (extension->shutdown) {
|
|
extension->shutdown(extension);
|
|
}
|
|
#endif
|
|
if (zend_extensions.dtor) {
|
|
zend_extensions.dtor(elm->data);
|
|
}
|
|
pefree(elm, zend_extensions.persistent);
|
|
zend_extensions.count--;
|
|
} else {
|
|
ZEND_ASSERT(strkey);
|
|
zend_hash_del(Z_ARRVAL_P(zvp), strkey);
|
|
}
|
|
}
|
|
|
|
ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(zvp), name) {
|
|
if (Z_TYPE_P(name) == IS_STRING) {
|
|
phpdbg_notice("wait", "missingextension=\"%.*s\"", "The Zend extension %.*s isn't present in " PHPDBG_NAME ", you still can load via dl /path/to/extension.so", (int) Z_STRLEN_P(name), Z_STRVAL_P(name));
|
|
}
|
|
} ZEND_HASH_FOREACH_END();
|
|
}
|
|
|
|
zend_ini_deactivate();
|
|
|
|
if ((zvp = zend_hash_str_find(ht, ZEND_STRL("systemini"))) && Z_TYPE_P(zvp) == IS_ARRAY) {
|
|
zval *ini_entry;
|
|
zend_ini_entry *original_ini;
|
|
zend_string *key;
|
|
|
|
ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(zvp), key, ini_entry) {
|
|
if (key && Z_TYPE_P(ini_entry) == IS_STRING) {
|
|
if ((original_ini = zend_hash_find_ptr(EG(ini_directives), key))) {
|
|
if (!original_ini->on_modify || original_ini->on_modify(original_ini, Z_STR_P(ini_entry), original_ini->mh_arg1, original_ini->mh_arg2, original_ini->mh_arg3, ZEND_INI_STAGE_ACTIVATE) == SUCCESS) {
|
|
if (original_ini->modified && original_ini->orig_value != original_ini->value) {
|
|
efree(original_ini->value);
|
|
}
|
|
original_ini->value = Z_STR_P(ini_entry);
|
|
Z_ADDREF_P(ini_entry); /* don't free the string */
|
|
}
|
|
}
|
|
}
|
|
} ZEND_HASH_FOREACH_END();
|
|
}
|
|
|
|
if ((zvp = zend_hash_str_find(ht, ZEND_STRL("userini"))) && Z_TYPE_P(zvp) == IS_ARRAY) {
|
|
zval *ini_entry;
|
|
zend_string *key;
|
|
|
|
ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(zvp), key, ini_entry) {
|
|
if (key && Z_TYPE_P(ini_entry) == IS_STRING) {
|
|
zend_alter_ini_entry_ex(key, Z_STR_P(ini_entry), ZEND_INI_PERDIR, ZEND_INI_STAGE_HTACCESS, 1);
|
|
}
|
|
} ZEND_HASH_FOREACH_END();
|
|
}
|
|
|
|
zval_ptr_dtor(&zv);
|
|
if (free_zv) {
|
|
/* separate freeing to not dtor the symtable too, just the container zval... */
|
|
efree(free_zv);
|
|
}
|
|
|
|
/* Reapply raw input */
|
|
/* ??? */
|
|
}
|
|
|
|
PHPDBG_COMMAND(wait) /* {{{ */
|
|
{
|
|
#ifndef PHP_WIN32
|
|
struct sockaddr_un local, remote;
|
|
int rlen, sr, sl;
|
|
unlink(PHPDBG_G(socket_path));
|
|
if (PHPDBG_G(socket_server_fd) == -1) {
|
|
int len;
|
|
PHPDBG_G(socket_server_fd) = sl = socket(AF_UNIX, SOCK_STREAM, 0);
|
|
if (sl == -1) {
|
|
phpdbg_error("wait", "type=\"nosocket\" import=\"fail\"", "Unable to open a socket to UNIX domain socket at %s defined by phpdbg.path ini setting", PHPDBG_G(socket_path));
|
|
return FAILURE;
|
|
}
|
|
|
|
local.sun_family = AF_UNIX;
|
|
if (strlcpy(local.sun_path, PHPDBG_G(socket_path), sizeof(local.sun_path)) > sizeof(local.sun_path)) {
|
|
phpdbg_error("wait", "type=\"nosocket\" import=\"fail\"", "Socket at %s defined by phpdbg.path ini setting is too long", PHPDBG_G(socket_path));
|
|
return FAILURE;
|
|
}
|
|
len = strlen(local.sun_path) + sizeof(local.sun_family);
|
|
if (bind(sl, (struct sockaddr *)&local, len) == -1) {
|
|
phpdbg_error("wait", "type=\"nosocket\" import=\"fail\"", "Unable to connect to UNIX domain socket at %s defined by phpdbg.path ini setting", PHPDBG_G(socket_path));
|
|
return FAILURE;
|
|
}
|
|
|
|
chmod(PHPDBG_G(socket_path), 0666);
|
|
|
|
listen(sl, 2);
|
|
} else {
|
|
sl = PHPDBG_G(socket_server_fd);
|
|
}
|
|
|
|
rlen = sizeof(remote);
|
|
sr = accept(sl, (struct sockaddr *) &remote, (socklen_t *) &rlen);
|
|
if (sr == -1) {
|
|
phpdbg_error("wait", "type=\"nosocket\" import=\"fail\"", "Unable to create a connection to UNIX domain socket at %s defined by phpdbg.path ini setting", PHPDBG_G(socket_path));
|
|
close(PHPDBG_G(socket_server_fd));
|
|
return FAILURE;
|
|
}
|
|
|
|
unsigned char msglen_buf[4];
|
|
int needed = 4;
|
|
|
|
do {
|
|
needed -= recv(sr, &msglen_buf[4 - needed], needed, 0);
|
|
} while (needed > 0);
|
|
|
|
uint32_t msglen = (msglen_buf[3] << 24)
|
|
| (msglen_buf[2] << 16)
|
|
| (msglen_buf[1] << 8)
|
|
| (msglen_buf[0] << 0);
|
|
char *data = emalloc(msglen);
|
|
needed = msglen;
|
|
|
|
do {
|
|
needed -= recv(sr, &(data[msglen - needed]), needed, 0);
|
|
} while (needed > 0);
|
|
|
|
phpdbg_webdata_decompress(data, msglen);
|
|
|
|
if (PHPDBG_G(socket_fd) != -1) {
|
|
close(PHPDBG_G(socket_fd));
|
|
}
|
|
PHPDBG_G(socket_fd) = sr;
|
|
|
|
efree(data);
|
|
|
|
phpdbg_notice("wait", "import=\"success\"", "Successfully imported request data, stopped before executing");
|
|
#endif
|
|
|
|
return SUCCESS;
|
|
} /* }}} */
|