|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2012-09-17 15:06 UTC] laruence@php.net
-Assigned To:
+Assigned To: laruence
[2012-09-18 02:39 UTC] laruence@php.net
-Summary: 使用taint后,array_walk_recursive结果有误
+Summary: array_walk_recursive behavior wrongly when enable
taint
[2012-09-18 02:39 UTC] laruence@php.net
[2012-09-18 02:40 UTC] laruence@php.net
-Summary: array_walk_recursive behavior wrongly when enable
taint
+Summary: array_walk_recursive behaves wrongly when taint
enabled
[2012-09-21 06:28 UTC] laruence@php.net
[2012-09-21 06:28 UTC] laruence@php.net
[2012-09-21 06:28 UTC] laruence@php.net
-Status: Assigned
+Status: Closed
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Fri Dec 27 13:01:27 2024 UTC |
Description: ------------ 使用taint后,array_walk_recursive结果有误 Test script: --------------- $a = array(); $a[0] = "tainted string" . "<>"; taint($a[0]); array_walk_recursive($a, create_function('&$item', '$item = htmlspecialchars($item);')); echo $a[0]; Expected result: ---------------- tainted string<> Actual result: -------------- Warning: main(): Attempt to echo a string that might be tainted in /usr/local/taint-1.0.0/tests/012.php on line 8 tainted string<> (尖括号没有转义,而且输出了warning)