Disallow escapeshellcmd, prefer escapeshellarg

This commit is contained in:
Joshua Ramon Enslin 2022-02-25 18:56:15 +01:00
parent 280bb553b8
commit 8018f7309a
Signed by: jrenslin
GPG Key ID: 46016F84501B70AE
2 changed files with 2 additions and 2 deletions

View File

@ -177,7 +177,7 @@
<element key="sizeof" value="count"/>
</property>
-->
<property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count,mysql_query=>mysqli_query,mysqli_query=>null,mysql_num_rows=>mysqli_num_rows,mysqli_num_rows=>null,mysql_error=>mysqli_error,mysqli_stmt_init=>null,mysqli_stmt_close=>null,mysqli_real_escape_string=>null,mysqli_fetch_array=>mysqli_fetch_assoc,mysqli_fetch_assoc=>null,session_id=>null,print_r=>null,var_dump=>null" />
<property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count,mysql_query=>mysqli_query,mysqli_query=>null,mysql_num_rows=>mysqli_num_rows,mysqli_num_rows=>null,mysql_error=>mysqli_error,mysqli_stmt_init=>null,mysqli_stmt_close=>null,mysqli_real_escape_string=>null,mysqli_fetch_array=>mysqli_fetch_assoc,mysqli_fetch_assoc=>null,session_id=>null,print_r=>null,var_dump=>null,escapeshellcmd=>escapeshellarg" />
</properties>
</rule>

View File

@ -126,7 +126,7 @@
<element key="sizeof" value="count"/>
</property>
-->
<property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count" />
<property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count,escapeshellcmd=>escapeshellarg" />
</properties>
</rule>