|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2016-04-09 17:17 UTC] ab@php.net
-Status: Open
+Status: Verified
[2016-04-09 17:17 UTC] ab@php.net
[2018-04-30 14:27 UTC] ab@php.net
-Status: Verified
+Status: Closed
-Assigned To:
+Assigned To: ab
[2018-04-30 14:27 UTC] ab@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sun Dec 22 01:01:30 2024 UTC |
Description: ------------ Description: Spoofchecker::isSuspicious — Checks if a given text contains any suspicious characters public bool Spoofchecker::isSuspicious ( string $text [, string &$error ] ) This function is currently not documented; only its argument list is available. Test: cx@cx32:/test$ php c0poc.php 10000 cx@cx32:/test$ php c0poc.php 90000 Segmentation fault (core dumped) cx@cx32:/test$ gdb /cxsecurity/php/54/bin/php (gdb) r /test/c0poc.php 90000 Starting program: /cxsecurity/php/54/bin/php /test/c0poc.php 90000 Program received signal SIGSEGV, Segmentation fault. 0x08305230 in zend_hash_destroy (ht=0x92408e0) at /cxsecurity/php/54/Zend/zend_hash.c:560 560 ht->pDestructor(q->pData); (gdb) r -v PHP 5.4.10 (cli) (built: Jan 3 2013 00:08:09) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.4.0, Copyright (c) 1998-2012 Zend Technologies [Inferior 1 (process 7500) exited normally] Test script: --------------- <?php $eee=" \$nx = new Spoofchecker(); \$nx->isSuspicious(1,\$var".str_repeat("[]",$argv[1]).");"; eval($eee); ?> Expected result: ---------------- cx@cx32:/test$ php c0poc.php 90000 Actual result: -------------- cx@cx32:/test$ php c0poc.php 90000 Segmentation fault (core dumped)