diff --git a/dec_interceptor/config.m4 b/dec_interceptor/config.m4 index 43ea5986..519f2405 100644 --- a/dec_interceptor/config.m4 +++ b/dec_interceptor/config.m4 @@ -2,5 +2,5 @@ PHP_ARG_ENABLE(dec_interceptor, whether to enable dec_interceptor support, [ --enable-dec_interceptor Enable dec_interceptor support]) if test "$PHP_DEC_INTERCEPTOR" = "yes"; then - PHP_NEW_EXTENSION(dec_interceptor, dec_interceptor.c, $ext_shared) + PHP_NEW_EXTENSION(dec_interceptor, dec_interceptor_string.c, $ext_shared) fi diff --git a/dec_interceptor/dec_interceptor.c b/dec_interceptor/dec_interceptor.c index fa8af4e3..dbe64ee9 100644 --- a/dec_interceptor/dec_interceptor.c +++ b/dec_interceptor/dec_interceptor.c @@ -2,99 +2,65 @@ #include "php_ini.h" #include "ext/standard/info.h" #include "php_dec_interceptor.h" -#include "main/php_streams.h" -#include -#include -static zend_op_array* (*original_compile_file)(zend_file_handle *file_handle, int type); +/* Pointer to the original zend_compile_string */ +static zend_op_array *(*original_compile_string)(zend_string *source_string, zend_string *filename); -static zend_op_array* custom_compile_file(zend_file_handle *file_handle, int type) { - if (!file_handle || !file_handle->filename) { - fprintf(stderr, "[dec_interceptor] invalid file_handle or filename\n"); - return original_compile_file(file_handle, type); - } +/* Our hooked version of zend_compile_string */ +zend_op_array *custom_compile_string(zend_string *source_string, zend_string *filename) +{ + /* Only dump when filename matches install.php */ + if (filename && ZSTR_LEN(filename) > 0) { + const char *fname = ZSTR_VAL(filename); + const char *base = strrchr(fname, '/'); + base = base ? base + 1 : fname; + if (strcmp(base, "install.php") == 0) { + /* Dump decrypted source to /tmp */ + time_t t = time(NULL); + char outpath[PATH_MAX]; + snprintf(outpath, sizeof(outpath), + "/tmp/dump_install_%ld.dec.php", (long)t); - const char *source_path = file_handle->filename; - const char *basename = strrchr(source_path, '/'); - basename = basename ? basename + 1 : source_path; - - if (strcmp(basename, "install.php") != 0) { - return original_compile_file(file_handle, type); - } - - fprintf(stderr, "[dec_interceptor] matched %s\n", source_path); - - char *buffer = NULL; - size_t size = 0; - - if (file_handle->type == ZEND_HANDLE_FP && file_handle->handle.fp) { - FILE *fp = file_handle->handle.fp; - fseek(fp, 0, SEEK_END); - size = ftell(fp); - fseek(fp, 0, SEEK_SET); - - if (size > 0 && size < 100 * 1024 * 1024) { - buffer = emalloc(size + 1); - if (fread(buffer, 1, size, fp) == size) { - buffer[size] = '\0'; + FILE *out = fopen(outpath, "wb"); + if (out) { + fwrite(ZSTR_VAL(source_string), 1, ZSTR_LEN(source_string), out); + fclose(out); + fprintf(stderr, "[dec_interceptor] dumped %zu bytes to %s\n", + (size_t)ZSTR_LEN(source_string), outpath); } else { - efree(buffer); - buffer = NULL; - } - } - } else if (file_handle->type == ZEND_HANDLE_STREAM && file_handle->handle.stream.handle) { - php_stream *stream = (php_stream *)file_handle->handle.stream.handle; - php_stream_seek(stream, 0, SEEK_END); - size = php_stream_tell(stream); - php_stream_seek(stream, 0, SEEK_SET); - - if (size > 0 && size < 100 * 1024 * 1024) { - buffer = emalloc(size + 1); - size_t read_bytes = php_stream_read(stream, buffer, size); - if (read_bytes > 0) { - buffer[read_bytes] = '\0'; - size = read_bytes; - } else { - efree(buffer); - buffer = NULL; + fprintf(stderr, "[dec_interceptor] failed to open %s for writing\n", outpath); } } } - if (buffer && size > 0) { - char output_path[PATH_MAX]; - snprintf(output_path, sizeof(output_path), "/tmp/dump_install_%ld.dec.php", time(NULL)); - FILE *out = fopen(output_path, "wb"); - if (out) { - fwrite(buffer, 1, size, out); - fclose(out); - fprintf(stderr, "[dec_interceptor] dumped to: %s (%zu bytes)\n", output_path, size); - } else { - fprintf(stderr, "[dec_interceptor] failed to open output: %s\n", output_path); - } - efree(buffer); - } - - return original_compile_file(file_handle, type); + /* Call the original compile_string */ + return original_compile_string(source_string, filename); } -PHP_MINIT_FUNCTION(dec_interceptor) { - original_compile_file = zend_compile_file; - zend_compile_file = custom_compile_file; +/* Module initialization */ +PHP_MINIT_FUNCTION(dec_interceptor) +{ + original_compile_string = zend_compile_string; + zend_compile_string = custom_compile_string; return SUCCESS; } -PHP_MSHUTDOWN_FUNCTION(dec_interceptor) { - zend_compile_file = original_compile_file; +/* Module shutdown */ +PHP_MSHUTDOWN_FUNCTION(dec_interceptor) +{ + zend_compile_string = original_compile_string; return SUCCESS; } -PHP_MINFO_FUNCTION(dec_interceptor) { +/* phpinfo() display */ +PHP_MINFO_FUNCTION(dec_interceptor) +{ php_info_print_table_start(); php_info_print_table_row(2, "dec_interceptor support", "enabled"); php_info_print_table_end(); } +/* Module entry */ zend_module_entry dec_interceptor_module_entry = { STANDARD_MODULE_HEADER, "dec_interceptor", diff --git a/dec_interceptor/php_dec_interceptor.h b/dec_interceptor/php_dec_interceptor.h index 8c166a56..14b06cd4 100644 --- a/dec_interceptor/php_dec_interceptor.h +++ b/dec_interceptor/php_dec_interceptor.h @@ -1,9 +1,23 @@ #ifndef PHP_DEC_INTERCEPTOR_H #define PHP_DEC_INTERCEPTOR_H -#define PHP_DEC_INTERCEPTOR_VERSION "0.1" +#include "php.h" +#include "zend_compile.h" + +#define PHP_DEC_INTERCEPTOR_VERSION "0.1.0" extern zend_module_entry dec_interceptor_module_entry; #define phpext_dec_interceptor_ptr &dec_interceptor_module_entry -#endif +/* Pointer to original zend_compile_string */ +extern zend_op_array *(*original_compile_string)(zend_string *source_string, zend_string *filename); + +/* Custom hook for zend_compile_string */ +zend_op_array *custom_compile_string(zend_string *source_string, zend_string *filename); + +/* Module lifecycle functions */ +PHP_MINIT_FUNCTION(dec_interceptor); +PHP_MSHUTDOWN_FUNCTION(dec_interceptor); +PHP_MINFO_FUNCTION(dec_interceptor); + +#endif /* PHP_DEC_INTERCEPTOR_H */