static void php_hash_do_hash(INTERNAL_FUNCTION_PARAMETERS, int isfilename, zend_bool raw_output_default) /* {{{ */
{
char *algo, *data, *digest;
int algo_len, data_len;
zend_bool raw_output = raw_output_default;
const php_hash_ops *ops;
void *context;
php_stream *stream = NULL;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss|b", &algo, &algo_len, &data, &data_len, &raw_output) == FAILURE) {
return;
}
ops = php_hash_fetch_ops(algo, algo_len);
if (!ops) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown hashing algorithm: %s", algo);
RETURN_FALSE;
}
if (isfilename) {
if (CHECK_NULL_PATH(data, data_len)) {
RETURN_FALSE;
}
stream = php_stream_open_wrapper_ex(data, "rb", REPORT_ERRORS, NULL, DEFAULT_CONTEXT);
if (!stream) {
/* Stream will report errors opening file */
RETURN_FALSE;
}
}
context = emalloc(ops->context_size);
ops->hash_init(context);
if (isfilename) {
char buf[1024];
int n;
while ((n = php_stream_read(stream, buf, sizeof(buf))) > 0) {
ops->hash_update(context, (unsigned char *) buf, n);
}
php_stream_close(stream);
} else {
ops->hash_update(context, (unsigned char *) data, data_len);
}
digest = emalloc(ops->digest_size + 1);
ops->hash_final((unsigned char *) digest, context);
efree(context);
if (raw_output) {
digest[ops->digest_size] = 0;
RETURN_STRINGL(digest, ops->digest_size, 0);
} else {
char *hex_digest = safe_emalloc(ops->digest_size, 2, 1);
php_hash_bin2hex(hex_digest, (unsigned char *) digest, ops->digest_size);
hex_digest[2 * ops->digest_size] = 0;
efree(digest);
RETURN_STRINGL(hex_digest, 2 * ops->digest_size, 0);
}
}
static void php_hash_do_hash(INTERNAL_FUNCTION_PARAMETERS, int isfilename, zend_bool raw_output_default) /* {{{ */
{
zend_string *digest;
char *algo, *data;
size_t algo_len, data_len;
zend_bool raw_output = raw_output_default;
const php_hash_ops *ops;
void *context;
php_stream *stream = NULL;
if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss|b", &algo, &algo_len, &data, &data_len, &raw_output) == FAILURE) {
return;
}
ops = php_hash_fetch_ops(algo, algo_len);
if (!ops) {
php_error_docref(NULL, E_WARNING, "Unknown hashing algorithm: %s", algo);
RETURN_FALSE;
}
if (isfilename) {
if (CHECK_NULL_PATH(data, data_len)) {
php_error_docref(NULL, E_WARNING, "Invalid path");
RETURN_FALSE;
}
stream = php_stream_open_wrapper_ex(data, "rb", REPORT_ERRORS, NULL, FG(default_context));
if (!stream) {
/* Stream will report errors opening file */
RETURN_FALSE;
}
}
context = emalloc(ops->context_size);
ops->hash_init(context);
if (isfilename) {
char buf[1024];
size_t n;
while ((n = php_stream_read(stream, buf, sizeof(buf))) > 0) {
ops->hash_update(context, (unsigned char *) buf, n);
}
php_stream_close(stream);
} else {
ops->hash_update(context, (unsigned char *) data, data_len);
}
digest = zend_string_alloc(ops->digest_size, 0);
ops->hash_final((unsigned char *) ZSTR_VAL(digest), context);
efree(context);
if (raw_output) {
ZSTR_VAL(digest)[ops->digest_size] = 0;
RETURN_NEW_STR(digest);
} else {
zend_string *hex_digest = zend_string_safe_alloc(ops->digest_size, 2, 0, 0);
php_hash_bin2hex(ZSTR_VAL(hex_digest), (unsigned char *) ZSTR_VAL(digest), ops->digest_size);
ZSTR_VAL(hex_digest)[2 * ops->digest_size] = 0;
zend_string_release(digest);
RETURN_NEW_STR(hex_digest);
}
}
/* {{{ php_resolve_path
* Returns the realpath for given filename according to include path
*/
PHPAPI zend_string *php_resolve_path(const char *filename, int filename_length, const char *path)
{
char resolved_path[MAXPATHLEN];
char trypath[MAXPATHLEN];
const char *ptr, *end, *p;
const char *actual_path;
php_stream_wrapper *wrapper;
zend_string *exec_filename;
if (!filename || CHECK_NULL_PATH(filename, filename_length)) {
return NULL;
}
/* Don't resolve paths which contain protocol (except of file://) */
for (p = filename; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
if ((*p == ':') && (p - filename > 1) && (p[1] == '/') && (p[2] == '/')) {
wrapper = php_stream_locate_url_wrapper(filename, &actual_path, STREAM_OPEN_FOR_INCLUDE);
if (wrapper == &php_plain_files_wrapper) {
if (tsrm_realpath(actual_path, resolved_path)) {
return zend_string_init(resolved_path, strlen(resolved_path), 0);
}
}
return NULL;
}
if ((*filename == '.' &&
(IS_SLASH(filename[1]) ||
((filename[1] == '.') && IS_SLASH(filename[2])))) ||
IS_ABSOLUTE_PATH(filename, filename_length) ||
!path ||
!*path) {
if (tsrm_realpath(filename, resolved_path)) {
return zend_string_init(resolved_path, strlen(resolved_path), 0);
} else {
return NULL;
}
}
ptr = path;
while (ptr && *ptr) {
/* Check for stream wrapper */
int is_stream_wrapper = 0;
for (p = ptr; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
if ((*p == ':') && (p - ptr > 1) && (p[1] == '/') && (p[2] == '/')) {
/* .:// or ..:// is not a stream wrapper */
if (p[-1] != '.' || p[-2] != '.' || p - 2 != ptr) {
p += 3;
is_stream_wrapper = 1;
}
}
end = strchr(p, DEFAULT_DIR_SEPARATOR);
if (end) {
if ((end-ptr) + 1 + filename_length + 1 >= MAXPATHLEN) {
ptr = end + 1;
continue;
}
memcpy(trypath, ptr, end-ptr);
trypath[end-ptr] = '/';
memcpy(trypath+(end-ptr)+1, filename, filename_length+1);
ptr = end+1;
} else {
int len = (int)strlen(ptr);
if (len + 1 + filename_length + 1 >= MAXPATHLEN) {
break;
}
memcpy(trypath, ptr, len);
trypath[len] = '/';
memcpy(trypath+len+1, filename, filename_length+1);
ptr = NULL;
}
actual_path = trypath;
if (is_stream_wrapper) {
wrapper = php_stream_locate_url_wrapper(trypath, &actual_path, STREAM_OPEN_FOR_INCLUDE);
if (!wrapper) {
continue;
} else if (wrapper != &php_plain_files_wrapper) {
if (wrapper->wops->url_stat) {
php_stream_statbuf ssb;
if (SUCCESS == wrapper->wops->url_stat(wrapper, trypath, 0, &ssb, NULL)) {
return zend_string_init(trypath, strlen(trypath), 0);
}
}
continue;
}
}
if (tsrm_realpath(actual_path, resolved_path)) {
return zend_string_init(resolved_path, strlen(resolved_path), 0);
}
} /* end provided path */
/* check in calling scripts' current working directory as a fall back case
*/
if (zend_is_executing() &&
(exec_filename = zend_get_executed_filename_ex()) != NULL) {
const char *exec_fname = exec_filename->val;
size_t exec_fname_length = exec_filename->len;
while ((--exec_fname_length >= 0) && !IS_SLASH(exec_fname[exec_fname_length]));
if (exec_fname_length > 0 &&
exec_fname_length + 1 + filename_length + 1 < MAXPATHLEN) {
memcpy(trypath, exec_fname, exec_fname_length + 1);
memcpy(trypath+exec_fname_length + 1, filename, filename_length+1);
actual_path = trypath;
/* Check for stream wrapper */
for (p = trypath; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
if ((*p == ':') && (p - trypath > 1) && (p[1] == '/') && (p[2] == '/')) {
wrapper = php_stream_locate_url_wrapper(trypath, &actual_path, STREAM_OPEN_FOR_INCLUDE);
if (!wrapper) {
return NULL;
} else if (wrapper != &php_plain_files_wrapper) {
if (wrapper->wops->url_stat) {
php_stream_statbuf ssb;
if (SUCCESS == wrapper->wops->url_stat(wrapper, trypath, 0, &ssb, NULL)) {
return zend_string_init(trypath, strlen(trypath), 0);
}
}
return NULL;
}
}
if (tsrm_realpath(actual_path, resolved_path)) {
return zend_string_init(resolved_path, strlen(resolved_path), 0);
}
}
}
return NULL;
}
/* {{{ php_resolve_path
* Returns the realpath for given filename according to include path
*/
PHPAPI zend_string *php_resolve_path(const char *filename, int filename_length, const char *path)
{
char resolved_path[MAXPATHLEN];
char trypath[MAXPATHLEN];
const char *ptr, *end, *p;
const char *actual_path;
php_stream_wrapper *wrapper;
zend_string *exec_filename;
if (!filename || CHECK_NULL_PATH(filename, filename_length)) {
return NULL;
}
/* Don't resolve paths which contain protocol (except of file://) */
for (p = filename; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
if ((*p == ':') && (p - filename > 1) && (p[1] == '/') && (p[2] == '/')) {
wrapper = php_stream_locate_url_wrapper(filename, &actual_path, STREAM_OPEN_FOR_INCLUDE);
if (wrapper == &php_plain_files_wrapper) {
if (tsrm_realpath(actual_path, resolved_path)) {
return zend_string_init(resolved_path, strlen(resolved_path), 0);
}
}
return NULL;
}
if ((*filename == '.' &&
(IS_SLASH(filename[1]) ||
((filename[1] == '.') && IS_SLASH(filename[2])))) ||
IS_ABSOLUTE_PATH(filename, filename_length) ||
#if PHP_WIN32
/* This should count as an absolute local path as well, however
IS_ABSOLUTE_PATH doesn't care about this path form till now. It
might be a big thing to extend, thus just a local handling for
now. */
filename_length >=2 && IS_SLASH(filename[0]) && !IS_SLASH(filename[1]) ||
#endif
!path ||
!*path) {
if (tsrm_realpath(filename, resolved_path)) {
return zend_string_init(resolved_path, strlen(resolved_path), 0);
} else {
return NULL;
}
}
ptr = path;
while (ptr && *ptr) {
/* Check for stream wrapper */
int is_stream_wrapper = 0;
for (p = ptr; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
if ((*p == ':') && (p - ptr > 1) && (p[1] == '/') && (p[2] == '/')) {
/* .:// or ..:// is not a stream wrapper */
if (p[-1] != '.' || p[-2] != '.' || p - 2 != ptr) {
p += 3;
is_stream_wrapper = 1;
}
}
end = strchr(p, DEFAULT_DIR_SEPARATOR);
if (end) {
if (filename_length > (MAXPATHLEN - 2) || (end-ptr) > MAXPATHLEN || (end-ptr) + 1 + (size_t)filename_length + 1 >= MAXPATHLEN) {
ptr = end + 1;
continue;
}
memcpy(trypath, ptr, end-ptr);
trypath[end-ptr] = '/';
memcpy(trypath+(end-ptr)+1, filename, filename_length+1);
ptr = end+1;
} else {
size_t len = strlen(ptr);
if (filename_length > (MAXPATHLEN - 2) || len > MAXPATHLEN || len + 1 + (size_t)filename_length + 1 >= MAXPATHLEN) {
break;
}
memcpy(trypath, ptr, len);
trypath[len] = '/';
memcpy(trypath+len+1, filename, filename_length+1);
ptr = NULL;
}
actual_path = trypath;
if (is_stream_wrapper) {
wrapper = php_stream_locate_url_wrapper(trypath, &actual_path, STREAM_OPEN_FOR_INCLUDE);
if (!wrapper) {
continue;
} else if (wrapper != &php_plain_files_wrapper) {
if (wrapper->wops->url_stat) {
php_stream_statbuf ssb;
if (SUCCESS == wrapper->wops->url_stat(wrapper, trypath, 0, &ssb, NULL)) {
return zend_string_init(trypath, strlen(trypath), 0);
}
}
continue;
}
}
if (tsrm_realpath(actual_path, resolved_path)) {
return zend_string_init(resolved_path, strlen(resolved_path), 0);
}
} /* end provided path */
/* check in calling scripts' current working directory as a fall back case
*/
if (zend_is_executing() &&
(exec_filename = zend_get_executed_filename_ex()) != NULL) {
const char *exec_fname = ZSTR_VAL(exec_filename);
size_t exec_fname_length = ZSTR_LEN(exec_filename);
while ((--exec_fname_length < SIZE_MAX) && !IS_SLASH(exec_fname[exec_fname_length]));
if (exec_fname_length > 0 &&
filename_length < (MAXPATHLEN - 2) &&
exec_fname_length + 1 + filename_length + 1 < MAXPATHLEN) {
memcpy(trypath, exec_fname, exec_fname_length + 1);
memcpy(trypath+exec_fname_length + 1, filename, filename_length+1);
actual_path = trypath;
/* Check for stream wrapper */
for (p = trypath; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
if ((*p == ':') && (p - trypath > 1) && (p[1] == '/') && (p[2] == '/')) {
wrapper = php_stream_locate_url_wrapper(trypath, &actual_path, STREAM_OPEN_FOR_INCLUDE);
if (!wrapper) {
return NULL;
} else if (wrapper != &php_plain_files_wrapper) {
if (wrapper->wops->url_stat) {
php_stream_statbuf ssb;
if (SUCCESS == wrapper->wops->url_stat(wrapper, trypath, 0, &ssb, NULL)) {
return zend_string_init(trypath, strlen(trypath), 0);
}
}
return NULL;
}
}
if (tsrm_realpath(actual_path, resolved_path)) {
return zend_string_init(resolved_path, strlen(resolved_path), 0);
}
}
}
return NULL;
}
static void _php_finfo_get_type(INTERNAL_FUNCTION_PARAMETERS, int mode, int mimetype_emu) /* {{{ */
{
zend_long options = 0;
char *ret_val = NULL, *buffer = NULL;
size_t buffer_len;
php_fileinfo *finfo = NULL;
zval *zfinfo, *zcontext = NULL;
zval *what;
char mime_directory[] = "directory";
struct magic_set *magic = NULL;
FILEINFO_DECLARE_INIT_OBJECT(object)
if (mimetype_emu) {
/* mime_content_type(..) emulation */
if (zend_parse_parameters(ZEND_NUM_ARGS(), "z", &what) == FAILURE) {
return;
}
switch (Z_TYPE_P(what)) {
case IS_STRING:
buffer = Z_STRVAL_P(what);
buffer_len = Z_STRLEN_P(what);
mode = FILEINFO_MODE_FILE;
break;
case IS_RESOURCE:
mode = FILEINFO_MODE_STREAM;
break;
default:
php_error_docref(NULL, E_WARNING, "Can only process string or stream arguments");
RETURN_FALSE;
}
magic = magic_open(MAGIC_MIME_TYPE);
if (magic_load(magic, NULL) == -1) {
php_error_docref(NULL, E_WARNING, "Failed to load magic database.");
goto common;
}
} else if (object) {
if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|lr", &buffer, &buffer_len, &options, &zcontext) == FAILURE) {
RETURN_FALSE;
}
FILEINFO_FROM_OBJECT(finfo, object);
magic = finfo->magic;
} else {
if (zend_parse_parameters(ZEND_NUM_ARGS(), "rs|lr", &zfinfo, &buffer, &buffer_len, &options, &zcontext) == FAILURE) {
RETURN_FALSE;
}
if ((finfo = (php_fileinfo *)zend_fetch_resource(Z_RES_P(zfinfo), "file_info", le_fileinfo)) == NULL) {
RETURN_FALSE;
}
magic = finfo->magic;
}
/* Set options for the current file/buffer. */
if (options) {
FINFO_SET_OPTION(magic, options)
}
switch (mode) {
case FILEINFO_MODE_BUFFER:
{
ret_val = (char *) magic_buffer(magic, buffer, buffer_len);
break;
}
case FILEINFO_MODE_STREAM:
{
php_stream *stream;
zend_off_t streampos;
php_stream_from_zval_no_verify(stream, what);
if (!stream) {
goto common;
}
streampos = php_stream_tell(stream); /* remember stream position for restoration */
php_stream_seek(stream, 0, SEEK_SET);
ret_val = (char *) magic_stream(magic, stream);
php_stream_seek(stream, streampos, SEEK_SET);
break;
}
case FILEINFO_MODE_FILE:
{
/* determine if the file is a local file or remote URL */
const char *tmp2;
php_stream_wrapper *wrap;
php_stream_statbuf ssb;
if (buffer == NULL || !*buffer) {
php_error_docref(NULL, E_WARNING, "Empty filename or path");
RETVAL_FALSE;
goto clean;
}
if (CHECK_NULL_PATH(buffer, buffer_len)) {
php_error_docref(NULL, E_WARNING, "Invalid path");
RETVAL_FALSE;
goto clean;
}
wrap = php_stream_locate_url_wrapper(buffer, &tmp2, 0);
if (wrap) {
php_stream *stream;
php_stream_context *context = php_stream_context_from_zval(zcontext, 0);
#ifdef PHP_WIN32
if (php_stream_stat_path_ex(buffer, 0, &ssb, context) == SUCCESS) {
if (ssb.sb.st_mode & S_IFDIR) {
ret_val = mime_directory;
goto common;
}
}
#endif
#if PHP_API_VERSION < 20100412
stream = php_stream_open_wrapper_ex(buffer, "rb", ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context);
#else
stream = php_stream_open_wrapper_ex(buffer, "rb", REPORT_ERRORS, NULL, context);
#endif
if (!stream) {
RETVAL_FALSE;
goto clean;
}
if (php_stream_stat(stream, &ssb) == SUCCESS) {
if (ssb.sb.st_mode & S_IFDIR) {
ret_val = mime_directory;
} else {
ret_val = (char *)magic_stream(magic, stream);
}
}
php_stream_close(stream);
}
break;
}
default:
php_error_docref(NULL, E_WARNING, "Can only process string or stream arguments");
}
common:
if (ret_val) {
RETVAL_STRING(ret_val);
} else {
php_error_docref(NULL, E_WARNING, "Failed identify data %d:%s", magic_errno(magic), magic_error(magic));
RETVAL_FALSE;
}
clean:
if (mimetype_emu) {
magic_close(magic);
}
/* Restore options */
if (options) {
FINFO_SET_OPTION(magic, finfo->options)
}
return;
}
static void php_hash_do_hash_hmac(INTERNAL_FUNCTION_PARAMETERS, int isfilename, zend_bool raw_output_default) /* {{{ */
{
char *algo, *data, *digest, *key, *K;
int algo_len, data_len, key_len, i;
zend_bool raw_output = raw_output_default;
const php_hash_ops *ops;
void *context;
php_stream *stream = NULL;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|b", &algo, &algo_len, &data, &data_len,
&key, &key_len, &raw_output) == FAILURE) {
return;
}
ops = php_hash_fetch_ops(algo, algo_len);
if (!ops) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown hashing algorithm: %s", algo);
RETURN_FALSE;
}
if (isfilename) {
if (CHECK_NULL_PATH(data, data_len)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid path");
RETURN_FALSE;
}
stream = php_stream_open_wrapper_ex(data, "rb", REPORT_ERRORS, NULL, DEFAULT_CONTEXT);
if (!stream) {
/* Stream will report errors opening file */
RETURN_FALSE;
}
}
context = emalloc(ops->context_size);
ops->hash_init(context);
K = emalloc(ops->block_size);
memset(K, 0, ops->block_size);
if (key_len > ops->block_size) {
/* Reduce the key first */
ops->hash_update(context, (unsigned char *) key, key_len);
ops->hash_final((unsigned char *) K, context);
/* Make the context ready to start over */
ops->hash_init(context);
} else {
memcpy(K, key, key_len);
}
/* XOR ipad */
for(i=0; i < ops->block_size; i++) {
K[i] ^= 0x36;
}
ops->hash_update(context, (unsigned char *) K, ops->block_size);
if (isfilename) {
char buf[1024];
int n;
while ((n = php_stream_read(stream, buf, sizeof(buf))) > 0) {
ops->hash_update(context, (unsigned char *) buf, n);
}
php_stream_close(stream);
} else {
ops->hash_update(context, (unsigned char *) data, data_len);
}
digest = emalloc(ops->digest_size + 1);
ops->hash_final((unsigned char *) digest, context);
/* Convert K to opad -- 0x6A = 0x36 ^ 0x5C */
for(i=0; i < ops->block_size; i++) {
K[i] ^= 0x6A;
}
/* Feed this result into the outter hash */
ops->hash_init(context);
ops->hash_update(context, (unsigned char *) K, ops->block_size);
ops->hash_update(context, (unsigned char *) digest, ops->digest_size);
ops->hash_final((unsigned char *) digest, context);
/* Zero the key */
memset(K, 0, ops->block_size);
efree(K);
efree(context);
if (raw_output) {
digest[ops->digest_size] = 0;
RETURN_STRINGL(digest, ops->digest_size, 0);
} else {
char *hex_digest = safe_emalloc(ops->digest_size, 2, 1);
php_hash_bin2hex(hex_digest, (unsigned char *) digest, ops->digest_size);
hex_digest[2 * ops->digest_size] = 0;
efree(digest);
RETURN_STRINGL(hex_digest, 2 * ops->digest_size, 0);
}
}
