Update php-scanner.yaml

Fixed the GLOBALS matchers, so that a case like https://srcincite.io/blog/2021/09/30/chasing-a-dream-pwning-the-biggest-cms-in-china.html wouldn't be missed.
patch-1
Geeknik Labs 2021-09-30 17:43:42 -05:00 committed by GitHub
parent 93c2fafc77
commit aeba0ba1cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 4 deletions

View File

@ -105,15 +105,21 @@ file:
regex: regex:
- 'import_request_variables' - 'import_request_variables'
- type: regex - type: regex
# Avoid use of $GLOBALS # Avoid use of GLOBALS
regex: regex:
- '\\$GLOBALS' - 'GLOBALS'
- type: regex - type: regex
regex: regex:
- '\\$_GET' - '_GET'
- type: regex - type: regex
regex: regex:
- '\\$_POST' - '_POST'
- type: regex
regex:
- '_COOKIE'
- type: regex
regex:
- '_SESSION'
- type: regex - type: regex
# Ensure the use of type checking validating against booleans (===) # Ensure the use of type checking validating against booleans (===)
regex: regex: