Disallow escapeshellcmd, prefer escapeshellarg
This commit is contained in:
parent
280bb553b8
commit
8018f7309a
|
@ -177,7 +177,7 @@
|
||||||
<element key="sizeof" value="count"/>
|
<element key="sizeof" value="count"/>
|
||||||
</property>
|
</property>
|
||||||
-->
|
-->
|
||||||
<property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count,mysql_query=>mysqli_query,mysqli_query=>null,mysql_num_rows=>mysqli_num_rows,mysqli_num_rows=>null,mysql_error=>mysqli_error,mysqli_stmt_init=>null,mysqli_stmt_close=>null,mysqli_real_escape_string=>null,mysqli_fetch_array=>mysqli_fetch_assoc,mysqli_fetch_assoc=>null,session_id=>null,print_r=>null,var_dump=>null" />
|
<property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count,mysql_query=>mysqli_query,mysqli_query=>null,mysql_num_rows=>mysqli_num_rows,mysqli_num_rows=>null,mysql_error=>mysqli_error,mysqli_stmt_init=>null,mysqli_stmt_close=>null,mysqli_real_escape_string=>null,mysqli_fetch_array=>mysqli_fetch_assoc,mysqli_fetch_assoc=>null,session_id=>null,print_r=>null,var_dump=>null,escapeshellcmd=>escapeshellarg" />
|
||||||
</properties>
|
</properties>
|
||||||
</rule>
|
</rule>
|
||||||
|
|
||||||
|
|
|
@ -126,7 +126,7 @@
|
||||||
<element key="sizeof" value="count"/>
|
<element key="sizeof" value="count"/>
|
||||||
</property>
|
</property>
|
||||||
-->
|
-->
|
||||||
<property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count" />
|
<property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count,escapeshellcmd=>escapeshellarg" />
|
||||||
</properties>
|
</properties>
|
||||||
</rule>
|
</rule>
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user