Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- use warnings;
- use strict;
- use File::Copy;
- my $gcc = '/usr/bin/gcc';
- my $tempfile = "/var/tmp/$$.c";
- my $c = <<CPROG;
- /*
- * Small wrapper which strips all arguments to invocations
- * of php-cgi when it is called as a normal CGI handler.
- * This prevents attackers to pass arguments from the query
- * string as defined in RFC 3875. [1]
- *
- * [1] http://www.ietf.org/rfc/rfc3875
- *
- */
- #include <sys/socket.h>
- #include <sys/un.h>
- #include <netinet/in.h>
- #include <unistd.h>
- #include <errno.h>
- #define PHP_ORIG "REALPATH" /* Original binary */
- typedef union _sa_t {
- struct sockaddr sa;
- struct sockaddr_un sa_unix;
- struct sockaddr_in sa_inet;
- /* struct sockaddr_in6 should probably be here as well,
- * doesn't matter though, since struct sockaddr_un
- * is big.
- */
- } sa_t;
- int is_fastcgi(void)
- {
- sa_t sa;
- socklen_t len = sizeof(sa);
- return ( getpeername(0, (struct sockaddr *)&sa, &len) != 0 &&
- errno == ENOTCONN );
- }
- int main(int argc, char **argv)
- {
- /* mimic php's cgi detection */
- if ( !is_fastcgi() &&
- (getenv("SERVER_SOFTWARE") ||
- getenv("SERVER_NAME") ||
- getenv("GATEWAY_INTERFACE") ||
- getenv("REQUEST_METHOD") ) )
- argv[1] = NULL;
- execv(PHP_ORIG, argv);
- }
- CPROG
- #print $c;
- while (<STDIN>) {
- chomp;
- my $orig = $_;
- my $real = "${orig}.real";
- if ( -e $orig ) {
- my $prog = $c;
- $prog =~ s,REALPATH,$real,gs;
- if ( move( $orig, $real ) ) {
- open my $f, '>', $tempfile;
- print $f $prog;
- close $f;
- my $fh;
- if ( open( $fh, '-|', $gcc, '-o', $orig, $tempfile ) ) {
- #fine
- }
- else {
- print STDERR "problem compiling $orig, moving on.\n";
- next;
- }
- close $fh;
- }
- else {
- print STDERR "problem moving $orig, moving on.\n";
- next;
- }
- }
- else {
- print STDERR "$orig does not exist, moving on.\n";
- next;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement