- Addressed issue #18 where arrays may potentially allow for compromising the sandbox by encapsulating unsandboxed callables

fieryprophet · fieryprophet · commit 4a30e96e1a52 · 2015-02-27T15:09:02.000-05:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,8 @@
 #CHANGELOG
 
+##02/27/2015
+- Addressed issue #18 where arrays may potentially allow for compromising the sandbox by encapsulating unsandboxed callables
+
 ##07/24/2014
 - Fixed bug with prepare_vars()
 
diff --git a/src/Error.php b/src/Error.php
@@ -11,7 +11,7 @@
      * @namespace PHPSandbox
      *
      * @author  Elijah Horton <fieryprophet@yahoo.com>
-     * @version 1.3.9
+     * @version 1.3.10
      */
     class Error extends \Exception {
         /* START ERROR CODES */
diff --git a/src/PHPSandbox.php b/src/PHPSandbox.php
@@ -14,7 +14,7 @@
      * @namespace PHPSandbox
      *
      * @author  Elijah Horton <fieryprophet@yahoo.com>
-     * @version 1.3.9
+     * @version 1.3.10
      */
     class PHPSandbox implements \IteratorAggregate {
         /**
diff --git a/src/SandboxWhitelistVisitor.php b/src/SandboxWhitelistVisitor.php
@@ -13,7 +13,7 @@
      * @namespace PHPSandbox
      *
      * @author  Elijah Horton <fieryprophet@yahoo.com>
-     * @version 1.3.9
+     * @version 1.3.10
      */
     class SandboxWhitelistVisitor extends \PHPParser_NodeVisitorAbstract {
         /** The PHPSandbox instance to check against
diff --git a/src/SandboxedString.php b/src/SandboxedString.php
@@ -11,7 +11,7 @@
      * @namespace PHPSandbox
      *
      * @author  Elijah Horton <fieryprophet@yahoo.com>
-     * @version 1.3.9
+     * @version 1.3.10
      */
     class SandboxedString implements \ArrayAccess, \IteratorAggregate {
         /**
diff --git a/src/ValidatorVisitor.php b/src/ValidatorVisitor.php
@@ -13,7 +13,7 @@
      * @namespace PHPSandbox
      *
      * @author  Elijah Horton <fieryprophet@yahoo.com>
-     * @version 1.3.9
+     * @version 1.3.10
      */
     class ValidatorVisitor extends \PHPParser_NodeVisitorAbstract {
         /** The PHPSandbox instance to check against
diff --git a/src/WhitelistVisitor.php b/src/WhitelistVisitor.php
@@ -13,7 +13,7 @@
      * @namespace PHPSandbox
      *
      * @author  Elijah Horton <fieryprophet@yahoo.com>
-     * @version 1.3.9
+     * @version 1.3.10
      */
     class WhitelistVisitor extends \PHPParser_NodeVisitorAbstract {
         /** The PHPSandbox instance to check against
diff --git a/src/functions.php b/src/functions.php
@@ -12,6 +12,19 @@ function wrap($value, $sandbox){
         if(!($value instanceof SandboxedString) && is_object($value) && method_exists($value, '__toString')){
             $strval = $value->__toString();
             return is_callable($strval) ? new SandboxedString($strval, $sandbox) : $value;
+        } else if(is_array($value) && count($value)){
+            //save current array pointer
+            $current_key = key($value);
+            foreach($value as $key => &$_value) {
+                $value[$key] = wrap($_value, $sandbox);
+            }
+            //rewind array pointer
+            reset($value);
+            //advance array to previous array key
+            while(key($value) !== $current_key){
+                next($value);
+            }
+            return $value;
         } else if(is_string($value) && is_callable($value)){
             return new SandboxedString($value, $sandbox);
         }
@@ -29,6 +42,19 @@ function &wrapByRef(&$value, $sandbox){
         if(!($value instanceof SandboxedString) && is_object($value) && method_exists($value, '__toString')){
             $strval = $value->__toString();
             return is_callable($strval) ? new SandboxedString($strval, $sandbox) : $value;
+        } else if(is_array($value) && count($value)){
+            //save current array pointer
+            $current_key = key($value);
+            foreach($value as $key => &$_value) {
+                $value[$key] = wrap($_value, $sandbox);
+            }
+            //rewind array pointer
+            reset($value);
+            //advance array to saved array pointer
+            while(key($value) !== $current_key){
+                next($value);
+            }
+            return $value;
         } else if(is_string($value) && is_callable($value)){
             return new SandboxedString($value, $sandbox);
         }

Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,7 @@`
`11`	`11`	`* @namespace PHPSandbox`
`12`	`12`	`*`
`13`	`13`	`* @author Elijah Horton <fieryprophet@yahoo.com>`
`14`		`- * @version 1.3.9`
	`14`	`+ * @version 1.3.10`
`15`	`15`	`*/`
`16`	`16`	`class Error extends \Exception {`
`17`	`17`	`/* START ERROR CODES */`
Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@`
`14`	`14`	`* @namespace PHPSandbox`
`15`	`15`	`*`
`16`	`16`	`* @author Elijah Horton <fieryprophet@yahoo.com>`
`17`		`- * @version 1.3.9`
	`17`	`+ * @version 1.3.10`
`18`	`18`	`*/`
`19`	`19`	`class PHPSandbox implements \IteratorAggregate {`
`20`	`20`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,7 @@`
`13`	`13`	`* @namespace PHPSandbox`
`14`	`14`	`*`
`15`	`15`	`* @author Elijah Horton <fieryprophet@yahoo.com>`
`16`		`- * @version 1.3.9`
	`16`	`+ * @version 1.3.10`
`17`	`17`	`*/`
`18`	`18`	`class SandboxWhitelistVisitor extends \PHPParser_NodeVisitorAbstract {`
`19`	`19`	`/** The PHPSandbox instance to check against`