Fix bug #62397 - disable_functions does not work with eval.

2 files changed, 26 insertions, 0 deletions

diff --git a/Zend/tests/errmsg_046.phpt b/Zend/tests/errmsg_046.phpt
new file mode 100644
index 0000000000..0a4ec50183
--- /dev/null
+++ b/Zend/tests/errmsg_046.phpt
@@ -0,0 +1,14 @@
+--TEST--
+errmsg: disabled eval function
+--INI--
+disable_functions=eval
+--FILE--
+<?php
+
+eval('echo "Eval";');
+
+echo "Done\n";
+?>
+--EXPECTF--
+Warning: eval() has been disabled for security reasons in %s on line %d
+Done
diff --git a/Zend/zend_API.c b/Zend/zend_API.c
index a7a83185ad..a6115db38c 100644
--- a/Zend/zend_API.c
+++ b/Zend/zend_API.c
@@ -2757,6 +2757,12 @@ ZEND_API int zend_set_hash_symbol(zval *symbol, const char *name, int name_lengt
 
 /* Disabled functions support */
 
+zend_op_array *display_disabled_compile_string(zval *source_string, char *filename)
+{
+	zend_error(E_WARNING, "eval() has been disabled for security reasons");
+	return NULL;
+}
+
 /* {{{ proto void display_disabled_function(void)
 Dummy function which displays an error when a disabled function is called. */
 ZEND_API ZEND_FUNCTION(display_disabled_function)
@@ -2768,6 +2774,12 @@ ZEND_API ZEND_FUNCTION(display_disabled_function)
 ZEND_API int zend_disable_function(char *function_name, size_t function_name_length) /* {{{ */
 {
 	zend_internal_function *func;
+
+	if (strcmp(function_name, "eval") == 0) {
+		zend_compile_string = display_disabled_compile_string;
+		return SUCCESS;
+	}
+
 	if ((func = zend_hash_str_find_ptr(CG(function_table), function_name, function_name_length))) {
 	    func->fn_flags &= ~(ZEND_ACC_VARIADIC | ZEND_ACC_HAS_TYPE_HINTS);
 		func->num_args = 0;