Initial work on the protected env vars stuff

ext/standard/basic_functions.c

@@ -307,9 +307,14 @@ function_entry basic_functions[] = {
 };
 
 
+static PHP_INI_MH(OnUpdateSafeModeProtectedEnvVars)
+{
+	return SUCCESS;
+}
+
+
 PHP_INI_BEGIN()
-	PHP_INI_ENTRY1("highlight.string",	"#foobar",	PHP_INI_ALL,		NULL,		NULL)
-	PHP_INI_ENTRY1("test2",				"testing",	PHP_INI_SYSTEM,		NULL,		NULL)
+	PHP_INI_ENTRY_EX("safe_mode_protected_env_vars",	SAFE_MODE_PROTECTED_ENV_VARS,	PHP_INI_SYSTEM,		OnUpdateSafeModeProtectedEnvVars,		NULL)
 PHP_INI_END()
 
 

ext/standard/basic_functions.h

@@ -136,6 +136,8 @@ typedef struct {
 	zval **array_walk_func_name;
 	zval **user_compare_func_name;
 	
+	HashTable protected_env_vars;
+
 	/* pageinfo.c */
 	long page_uid;
 	long page_inode;
@@ -180,4 +182,10 @@ typedef struct {
 } putenv_entry;
 #endif
 
+/* Values are coma-delimited
+ * All variables, beginning with the following prefixes, will be protected
+ * from change by the PHP runtime function putenv()
+ */
+#define SAFE_MODE_PROTECTED_ENV_VARS "LD_"
+
 #endif /* _BASIC_FUNCTIONS_H */

main/configuration-parser.y

@@ -48,7 +48,7 @@ static HashTable configuration_hash;
 extern HashTable browser_hash;
 PHPAPI extern char *php_ini_path;
 #endif
-static HashTable *activezend_hash_table;
+static HashTable *active_hash_table;
 static pval *current_section;
 static char *currently_parsed_filename;
 
@@ -226,7 +226,7 @@ int php_init_config(void)
 		}
 			
 		init_cfg_scanner();
-		activezend_hash_table = &configuration_hash;
+		active_hash_table = &configuration_hash;
 		parsing_mode = PARSING_MODE_CFG;
 		currently_parsed_filename = "php.ini";
 		yyparse();
@@ -254,7 +254,7 @@ PHP_MINIT_FUNCTION(browscap)
 			return FAILURE;
 		}
 		init_cfg_scanner();
-		activezend_hash_table = &browser_hash;
+		active_hash_table = &browser_hash;
 		parsing_mode = PARSING_MODE_BROWSCAP;
 		currently_parsed_filename = browscap;
 		yyparse();
@@ -410,10 +410,10 @@ statement:
 #endif
 			$3.type = IS_STRING;
 			if (parsing_mode==PARSING_MODE_CFG) {
-				zend_hash_update(activezend_hash_table, $1.value.str.val, $1.value.str.len+1, &$3, sizeof(pval), NULL);
-                                if (activezend_hash_table == &configuration_hash) {
-				        php_alter_ini_entry($1.value.str.val, $1.value.str.len+1, $3.value.str.val, $3.value.str.len+1, PHP_INI_SYSTEM);
-                                }
+				zend_hash_update(active_hash_table, $1.value.str.val, $1.value.str.len+1, &$3, sizeof(pval), NULL);
+				if (active_hash_table == &configuration_hash) {
+			        php_alter_ini_entry($1.value.str.val, $1.value.str.len+1, $3.value.str.val, $3.value.str.len+1, PHP_INI_SYSTEM);
+				}
 			} else if (parsing_mode==PARSING_MODE_BROWSCAP) {
 				zend_str_tolower($1.value.str.val,$1.value.str.len);
 				zend_hash_update(current_section->value.ht, $1.value.str.val, $1.value.str.len+1, &$3, sizeof(pval), NULL);
@@ -461,7 +461,7 @@ statement:
 				tmp.value.ht = (HashTable *) malloc(sizeof(HashTable));
 				zend_hash_init(tmp.value.ht, 0, NULL, (void (*)(void *))pvalue_config_destructor, 1);
 				tmp.type = IS_OBJECT;
-				zend_hash_update(activezend_hash_table, $1.value.str.val, $1.value.str.len+1, (void *) &tmp, sizeof(pval), (void **) &current_section);
+				zend_hash_update(active_hash_table, $1.value.str.val, $1.value.str.len+1, (void *) &tmp, sizeof(pval), (void **) &current_section);
 				tmp.value.str.val = zend_strndup($1.value.str.val,$1.value.str.len);
 				tmp.value.str.len = $1.value.str.len;
 				tmp.type = IS_STRING;

main/main.c

@@ -210,6 +210,7 @@ PHP_INI_BEGIN()
 	STD_PHP_INI_BOOLEAN("enable_dl",		"1",	PHP_INI_SYSTEM,			OnUpdateBool,	enable_dl,				php_core_globals,	core_globals)
 	STD_PHP_INI_BOOLEAN("expose_php",		"1",	PHP_INI_SYSTEM,			OnUpdateBool,	expose_php,				php_core_globals,	core_globals)
 
+
 	PHP_INI_ENTRY("SMTP",			"localhost",			PHP_INI_ALL,		NULL)
 	PHP_INI_ENTRY("sendmail_path",	DEFAULT_SENDMAIL_PATH,	PHP_INI_SYSTEM,		NULL)
 	PHP_INI_ENTRY("sendmail_from",	NULL,					PHP_INI_ALL,		NULL)