orklah
|
2966f1c9d4
|
Merge pull request #7107 from AndrolGenhald/feature/5482-load-extensions-based-on-composer-config
Enable extensions based on composer.json instead of those loaded at runtime (fixes #5482).
|
2022-01-28 18:45:52 +01:00 |
|
mal-tee
|
ee990ebff6
|
InternalTaintSinkMap: Add getimagesize as SSRF sink
|
2022-01-28 12:29:26 +01:00 |
|
AndrolGenhald
|
2fe4fc397c
|
Enable extensions based on composer.json instead of those loaded at runtime (fixes #5482).
|
2022-01-27 16:30:14 -06:00 |
|
rarila
|
1c298c4605
|
Conversion of Psalm\Type
|
2021-12-14 02:31:22 +01:00 |
|
LeSuisse
|
e32ed43253
|
Fix incorrect taint sink map for \rmdir (#4703)
Closes #4690
|
2020-11-25 16:45:53 -05:00 |
|
Matt Brown
|
ea9cb72143
|
First creation_function param isnÆt really a sink
|
2020-11-20 09:56:53 -05:00 |
|
Markus Staab
|
acb4bb42e1
|
documented type in InternalTaintSinkMap (#4627)
|
2020-11-19 19:27:40 -05:00 |
|
Lukas Reschke
|
78f4a0691c
|
Add dedicated types for 'file', 'header' and 'cookie' (#4630)
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'
* Add documentation
* Add mapping for taint flows
* Add tests
* Fix test
|
2020-11-19 17:47:29 -05:00 |
|
Lukas Reschke
|
ddbfbb28e6
|
Split LDAP into custom category (#4604)
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
|
2020-11-18 11:39:36 -05:00 |
|
Lukas Reschke
|
5ba4681c17
|
Add SSRF sinks (#4592)
|
2020-11-18 00:52:48 -05:00 |
|
Matt Brown
|
43af3b1a57
|
Break out TaintedInput issues into a lot of separate ones
|
2020-11-17 12:44:31 -05:00 |
|
Lukas Reschke
|
09abcfb650
|
Add sinks for popen and proc_open (#4572)
User input in those two functions could lead to a RCE.
popen: https://www.php.net/manual/en/function.popen.php
proc_open: https://www.php.net/manual/en/function.proc-open.php
|
2020-11-16 15:04:22 -05:00 |
|
Matt Brown
|
f3b05f5ab5
|
Move static code out of src
|
2020-10-12 00:59:19 -04:00 |
|