Allow code execution to continue instead of aborting

[sriccio]

Hello,

We're using snuffleupagus on our shared hosting servers and it works well, thank you for this!

However I have a question/suggestion. Actually when you .drop() a function, for example:

$mailing=mail($dest, $subject, $msg, $hdr);
if($mailing){
  echo "Youhouu. Mail sent!";
} else { 
  echo "Something went bad buddy!";
}
echo "This should still be executed";

Actually it this will throw :

Fatal error: [snuffleupagus][disabled_function] Aborted execution on call of the function 'mail' in /home/madjik/cybermind.ch/testmail.php on line 33

and abort the execution of the script.

However in some cases (most maybe?),we would like the script to continue, only blocking the particular function.

Is that something worth considering ? Or am I completly wrong with this?

The idea would be maybe to have a clone of the existing .drop() action which allows to continue execution. For example .disallow()

Kind regards

[jvoisin]

Glad to read that you're happy with Snuffleupagus!
Would you mind being mentioned on our notable users page?

As for the idea of nop'ing functions, I realized that the reason why it's not implemented was never documented. I fixed this via 9462010, which you can see here.

Does it answer your question?

[sriccio]

Hello @jvoisin,

Thanks a lot for your answer. I totally understand your concern here.

We mainly use snuffleupagus to disable by default access to certain functions and some function call filtering on our shared hostings to avoid them to be exploited by hackers finding exploits in our customer php scripts.

However, some of the web apps/frameworks used by our customers make calls to these functions and assume it's not available if the call is denied (or return false, i'm not really sure how each one does the check) and continue execution knowing it won't be able to use the function.

However as snuffleupagus aborts the execution it brings some trouble and support cases.

I have to think a bit more about what we could do to avoid this.

About the returned value in case of nooping, I myself have no idea about what the return would be.
But what is returned by for example a call to functions that would be disabled by the PHP built-in "disable_functions" ?

I have to test this too :)

Kind regards.

ps: Thanks for the proposition to add use to the notable users page, but we're already on it ("SwissCenter").

[jvoisin]

What you can do it use the .dump() and/or simulation() to know when something interesting is happening.

This is the code responsible for handling disable_function in PHP:

/* {{{ proto void display_disabled_function(void)                                
Dummy function which displays an error when a disabled function is called. */    
ZEND_API ZEND_COLD ZEND_FUNCTION(display_disabled_function)                      
{                                                                                
  zend_error(E_WARNING, "%s() has been disabled for security reasons", get_active_function_name());
}                                                                                
/* }}} */                                                                        
                                                                                 
ZEND_API int zend_disable_function(char *function_name, size_t function_name_length) /* {{{ */                                                                            
{                                                                                
  zend_internal_function *func;                                                  
  if ((func = zend_hash_str_find_ptr(CG(function_table), function_name, function_name_length))) {
    zend_free_internal_arg_info(func);                                           
      func->fn_flags &= ~(ZEND_ACC_VARIADIC | ZEND_ACC_HAS_TYPE_HINTS | ZEND_ACC_HAS_RETURN_TYPE);
    func->num_args = 0;                                                          
    func->required_num_args = 0;                                                 
    func->arg_info = NULL;                                                       
    func->handler = ZEND_FN(display_disabled_function);                          
    return SUCCESS;                                                              
  }                                                                              
  return FAILURE;                                                                
}   

So the function raises an error, and returns void. This can be problematic with code checking the return value of the disabled function.