function AspisFindSourceGuard($function)
{
return AspisFindGuard($function, 2);
}
function AspisTainted_call_user_func_array($name, $params)
{
global $built_in_functions;
if (empty($built_in_functions)) {
load_functions();
}
global $aspis_taint_details;
if (empty($aspis_taint_details)) {
loadTaintDetails();
}
$name = deAspisCallback($name);
$class = "AspisFakeClass";
if (is_array($name)) {
$class = get_class($name[0]);
}
//untainted case
if (is_string($name) && (isset($built_in_functions[$name]) || !isset($aspis_taint_details[0][$name])) || $class === "AspisProxy") {
//TODO: Doesn't handle cases where the built in function uses callback
//I have to read all function definitions and call AspisInternalCallback
//TODO: This does not work with reference params (the else case does though)
$params = $params[0];
foreach ($params as &$param) {
//actually, just the name and the arg array
$param = deAspisRCO($param);
}
unset($param);
if ($class == "AspisProxy") {
$name[0] = $name[0]->obj;
}
array_unshift($params, $name);
$params[] = array();
//no ref parameters
$ret = call_user_func_array("AspisUntaintedFunctionCall", $params);
if ($ret === FALSE) {
$ret = array($ret, false);
}
return $ret;
} else {
/*
* If the called function expects objects, then an explicit refernce is not required by PHP.
* But, if, insted, I pass an array that contains the object, then the reference is required.
* To solve this, I always try to pass references. If I got references as input,
* then everything is ok. If I got copies, then I pass references to these copies: no harm done.
*/
$params_ref = array();
foreach ($params[0] as &$p) {
$params_ref[] =& $p;
}
$guard = AspisFindGuard($name);
if ($guard != "" && isset($params_ref[0])) {
$params_ref[0] =& $guard($params_ref[0]);
}
$ret = call_user_func_array($name, $params_ref);
if ($ret === FALSE) {
$ret = array($ret, false);
}
$i = AspisIsSanitiser($name);
if ($i != -1) {
$ret = AspisKillTaint($ret, $i);
}
return $ret;
}
}
