1 /*
2    +----------------------------------------------------------------------+
3    | PHP Version 7                                                        |
4    +----------------------------------------------------------------------+
5    | Copyright (c) 1997-2018 The PHP Group                                |
6    +----------------------------------------------------------------------+
7    | This source file is subject to version 3.01 of the PHP license,      |
8    | that is bundled with this package in the file LICENSE, and is        |
9    | available through the world-wide-web at the following url:           |
10    | http://www.php.net/license/3_01.txt                                  |
11    | If you did not receive a copy of the PHP license and are unable to   |
12    | obtain it through the world-wide-web, please send a note to          |
13    | license@php.net so we can mail you a copy immediately.               |
14    +----------------------------------------------------------------------+
15    | Authors: Bob Weinand <bwoebi@php.net>                                |
16    +----------------------------------------------------------------------+
17 */
18 
19 #include "phpdbg_webdata_transfer.h"
20 #include "ext/standard/php_var.h"
21 
phpdbg_is_auto_global(char * name,int len)22 static int phpdbg_is_auto_global(char *name, int len) {
23 	int ret;
24 	zend_string *str = zend_string_init(name, len, 0);
25 	ret = zend_is_auto_global(str);
26 	zend_string_free(str);
27 	return ret;
28 }
29 
phpdbg_webdata_compress(char ** msg,size_t * len)30 PHPDBG_API void phpdbg_webdata_compress(char **msg, size_t *len) {
31 	zval array;
32 	HashTable *ht;
33 	zval zv[9] = {{{0}}};
34 
35 	array_init(&array);
36 	ht = Z_ARRVAL(array);
37 
38 	/* fetch superglobals */
39 	{
40 		phpdbg_is_auto_global(ZEND_STRL("GLOBALS"));
41 		/* might be JIT */
42 		phpdbg_is_auto_global(ZEND_STRL("_ENV"));
43 		phpdbg_is_auto_global(ZEND_STRL("_SERVER"));
44 		phpdbg_is_auto_global(ZEND_STRL("_REQUEST"));
45 		array_init(&zv[1]);
46 		zend_hash_copy(Z_ARRVAL(zv[1]), &EG(symbol_table), NULL);
47 		Z_ARRVAL(zv[1])->pDestructor = NULL; /* we're operating on a copy! Don't double free zvals */
48 		zend_hash_str_del(Z_ARRVAL(zv[1]), ZEND_STRL("GLOBALS")); /* do not use the reference to itself in json */
49 		zend_hash_str_add(ht, ZEND_STRL("GLOBALS"), &zv[1]);
50 	}
51 
52 	/* save php://input */
53 	{
54 		php_stream *stream;
55 		zend_string *str;
56 
57 		stream = php_stream_temp_create_ex(TEMP_STREAM_DEFAULT, SAPI_POST_BLOCK_SIZE, PG(upload_tmp_dir));
58 		if ((str = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0))) {
59 			ZVAL_STR(&zv[2], str);
60 		} else {
61 			ZVAL_EMPTY_STRING(&zv[2]);
62 		}
63 		Z_SET_REFCOUNT(zv[2], 1);
64 		zend_hash_str_add(ht, ZEND_STRL("input"), &zv[2]);
65 	}
66 
67 	/* change sapi name */
68 	{
69 		if (sapi_module.name) {
70 			ZVAL_STRING(&zv[6], sapi_module.name);
71 		} else {
72 			Z_TYPE_INFO(zv[6]) = IS_NULL;
73 		}
74 		zend_hash_str_add(ht, ZEND_STRL("sapi_name"), &zv[6]);
75 		Z_SET_REFCOUNT(zv[6], 1);
76 	}
77 
78 	/* handle modules / extensions */
79 	{
80 		zend_module_entry *module;
81 		zend_extension *extension;
82 		zend_llist_position pos;
83 
84 		array_init(&zv[7]);
85 		ZEND_HASH_FOREACH_PTR(&module_registry, module) {
86 			zval *value = ecalloc(sizeof(zval), 1);
87 			ZVAL_STRING(value, module->name);
88 			zend_hash_next_index_insert(Z_ARRVAL(zv[7]), value);
89 		} ZEND_HASH_FOREACH_END();
90 		zend_hash_str_add(ht, ZEND_STRL("modules"), &zv[7]);
91 
92 		array_init(&zv[8]);
93 		extension = (zend_extension *) zend_llist_get_first_ex(&zend_extensions, &pos);
94 		while (extension) {
95 			zval *value = ecalloc(sizeof(zval), 1);
96 			ZVAL_STRING(value, extension->name);
97 			zend_hash_next_index_insert(Z_ARRVAL(zv[8]), value);
98 			extension = (zend_extension *) zend_llist_get_next_ex(&zend_extensions, &pos);
99 		}
100 		zend_hash_str_add(ht, ZEND_STRL("extensions"), &zv[8]);
101 	}
102 
103 	/* switch cwd */
104 	if (SG(options) & SAPI_OPTION_NO_CHDIR) {
105 		char *ret = NULL;
106 		char path[MAXPATHLEN];
107 
108 #if HAVE_GETCWD
109 		ret = VCWD_GETCWD(path, MAXPATHLEN);
110 #elif HAVE_GETWD
111 		ret = VCWD_GETWD(path);
112 #endif
113 		if (ret) {
114 			ZVAL_STRING(&zv[5], path);
115 			Z_SET_REFCOUNT(zv[5], 1);
116 			zend_hash_str_add(ht, ZEND_STRL("cwd"), &zv[5]);
117 		}
118 	}
119 
120 	/* get system ini entries */
121 	{
122 		zend_ini_entry *ini_entry;
123 
124 		array_init(&zv[3]);
125 		ZEND_HASH_FOREACH_PTR(EG(ini_directives), ini_entry) {
126 			zval *value = ecalloc(sizeof(zval), 1);
127 			if (ini_entry->modified) {
128 				if (!ini_entry->orig_value) {
129 					efree(value);
130 					continue;
131 				}
132 				ZVAL_STR(value, ini_entry->orig_value);
133 			} else {
134 				if (!ini_entry->value) {
135 					efree(value);
136 					continue;
137 				}
138 				ZVAL_STR(value, ini_entry->value);
139 			}
140 			zend_hash_add(Z_ARRVAL(zv[3]), ini_entry->name, value);
141 		} ZEND_HASH_FOREACH_END();
142 		zend_hash_str_add(ht, ZEND_STRL("systemini"), &zv[3]);
143 	}
144 
145 	/* get perdir ini entries */
146 	if (EG(modified_ini_directives)) {
147 		zend_ini_entry *ini_entry;
148 
149 		array_init(&zv[4]);
150 		ZEND_HASH_FOREACH_PTR(EG(ini_directives), ini_entry) {
151 			zval *value = ecalloc(sizeof(zval), 1);
152 			if (!ini_entry->value) {
153 				efree(value);
154 				continue;
155 			}
156 			ZVAL_STR(value, ini_entry->value);
157 			zend_hash_add(Z_ARRVAL(zv[4]), ini_entry->name, value);
158 		} ZEND_HASH_FOREACH_END();
159 		zend_hash_str_add(ht, ZEND_STRL("userini"), &zv[4]);
160 	}
161 
162 	/* encode data */
163 	{
164 		php_serialize_data_t var_hash;
165 		smart_str buf = {0};
166 
167 		PHP_VAR_SERIALIZE_INIT(var_hash);
168 		php_var_serialize(&buf, &array, &var_hash);
169 		PHP_VAR_SERIALIZE_DESTROY(var_hash);
170 		*msg = ZSTR_VAL(buf.s);
171 		*len = ZSTR_LEN(buf.s);
172 	}
173 
174 	zend_array_destroy(Z_ARR(array));
175 }
176