hailin
/
php-8.0.30-src
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

.

This commit is contained in:
hailin 2025-07-31 15:24:08 +08:00
parent 00021d5bf2
commit 00d1238b09
1 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
dec_interceptor/dec_interceptor.c
View File

@ -7,6 +7,8 @@
zend_op_array *(*prev_compile_file)(zend_file_handle *file_handle, int type) = NULL; zend_op_array *(*prev_compile_file)(zend_file_handle *file_handle, int type) = NULL;
zend_op_array *(*prev_compile_string)(zval *source_string, const char *filename) = NULL; zend_op_array *(*prev_compile_string)(zval *source_string, const char *filename) = NULL;
void (*prev_execute_ex)(zend_execute_data *execute_data) = NULL; void (*prev_execute_ex)(zend_execute_data *execute_data) = NULL;
zend_op_array *(*prev_eval_stringl)(zend_string *code, const char *filename, int handle) = NULL;
zend_op_array *hook_compile_file(zend_file_handle *file_handle, int type) zend_op_array *hook_compile_file(zend_file_handle *file_handle, int type)
{ {
@ -56,10 +58,16 @@ void hook_execute_ex(zend_execute_data *execute_data)
const char *fname = func->common.function_name ? ZSTR_VAL(func->common.function_name) : "(no name)"; const char *fname = func->common.function_name ? ZSTR_VAL(func->common.function_name) : "(no name)";
const char *file = opa->filename ? ZSTR_VAL(opa->filename) : "(no file)"; const char *file = opa->filename ? ZSTR_VAL(opa->filename) : "(no file)";
fprintf(f, "[%ld] hook_execute_ex: %s (from %s)\n", (long)time(NULL), fname, file); fprintf(f, "[%ld] hook_execute_ex: %s (from %s)\n", (long)time(NULL), fname, file);
fprintf(f, " op_array dump: %d opcodes\n", opa->last);
for (int i = 0; i < opa->last; ++i) {
const zend_op *op = &opa->opcodes[i];
fprintf(f, " [%03d] opcode=%d op1_type=%d op2_type=%d result_type=%d\n",
i, op->opcode, op->op1_type, op->op2_type, op->result_type);
}
fclose(f); fclose(f);
} }
} else { } else {
// fallback logging for internal functions or missing info
FILE *f = fopen("/tmp/dec_interceptor.log", "a"); FILE *f = fopen("/tmp/dec_interceptor.log", "a");
if (f) { if (f) {
fprintf(f, "[%ld] hook_execute_ex: (internal or unknown function)\n", (long)time(NULL)); fprintf(f, "[%ld] hook_execute_ex: (internal or unknown function)\n", (long)time(NULL));
@ -73,6 +81,20 @@ void hook_execute_ex(zend_execute_data *execute_data)
} }
zend_op_array *hook_eval_stringl(zend_string *code, const char *filename, int handle)
{
FILE *f = fopen("/tmp/dec_interceptor.log", "a");
if (f) {
fprintf(f, "[%ld] hook_eval_stringl: filename = %s\n", (long)time(NULL), filename ? filename : "(null)");
fprintf(f, "[DECRYPTED-EVAL] %.*s\n", (int)(ZSTR_LEN(code) > 200 ? 200 : ZSTR_LEN(code)), ZSTR_VAL(code));
fclose(f);
}
return prev_eval_stringl ? prev_eval_stringl(code, filename, handle) : NULL;
}
PHP_RINIT_FUNCTION(dec_interceptor) PHP_RINIT_FUNCTION(dec_interceptor)
{ {
FILE *f = fopen("/tmp/dec_interceptor.log", "a"); FILE *f = fopen("/tmp/dec_interceptor.log", "a");
@ -94,6 +116,10 @@ PHP_MINIT_FUNCTION(dec_interceptor)
prev_execute_ex = zend_execute_ex; prev_execute_ex = zend_execute_ex;
zend_execute_ex = hook_execute_ex; zend_execute_ex = hook_execute_ex;
prev_eval_stringl = zend_eval_stringl;
zend_eval_stringl = hook_eval_stringl;
FILE *f = fopen("/tmp/dec_interceptor.log", "a"); FILE *f = fopen("/tmp/dec_interceptor.log", "a");
if (f) { if (f) {
fprintf(f, "[%ld] MINIT done\n", (long)time(NULL)); fprintf(f, "[%ld] MINIT done\n", (long)time(NULL));
@ -108,6 +134,7 @@ PHP_MSHUTDOWN_FUNCTION(dec_interceptor)
zend_compile_file = prev_compile_file; zend_compile_file = prev_compile_file;
zend_compile_string = prev_compile_string; zend_compile_string = prev_compile_string;
zend_execute_ex = prev_execute_ex; zend_execute_ex = prev_execute_ex;
zend_eval_stringl = prev_eval_stringl;
FILE *f = fopen("/tmp/dec_interceptor.log", "a"); FILE *f = fopen("/tmp/dec_interceptor.log", "a");
if (f) { if (f) {