How to get a function args when I hooked it in a php7.0 exetension

Question

I tried to write a php extension to get function args. <?php system('ls');?> In this example is 'ls'. I hooked this function with zend_set_user_opcode_handler, and the function codes are.

PHP_MINIT_FUNCTION(hello)
{   
    zend_set_user_opcode_handler(ZEND_DO_ICALL, do_fcall_handle);
    return SUCCESS;
}

static int do_fcall_handle(ZEND_OPCODE_HANDLER_ARGS){

return ZEND_USER_OPCODE_DISPATCH;
}

The PHP version is 7.2.5.

score 2 · Accepted Answer · answered May 15 '18 at 12:53

In php7, use EG(current_execute_data)->call to get arg name and value.

static int do_fcall_handle(ZEND_OPCODE_HANDLER_ARGS){

    zend_string *funcName = EG(current_execute_data)->call->func->common.function_name;
    php_printf("[!] Hooked `%s`, ",ZSTR_VAL(funcName));

    int arg_count = EG(current_execute_data)->call->This.u2.num_args;
    for(int i=0; i<arg_count; i++){
        php_printf("arg%d is `%s`, ", i+1, ZSTR_VAL((EG(vm_stack_top)-(i+1))->value.str) ); 
    }
    php_printf("HOOK end;\n");
    return ZEND_USER_OPCODE_DISPATCH;
}

How to get a function args when I hooked it in a php7.0 exetension

1 Answers1