Feature - check declaration for false positive

pull/3/head
Swissky 2017-05-27 03:15:49 +02:00
parent df57a15b1f
commit 07b302e184
1 changed files with 3 additions and 0 deletions

View File

@ -37,6 +37,9 @@ def analysis(path):
# Look for the declaration of $something = xxxxx # Look for the declaration of $something = xxxxx
false_positive, declaration_text, line_declaration = check_declaration(content, vulnerable_var[1], path) false_positive, declaration_text, line_declaration = check_declaration(content, vulnerable_var[1], path)
# Set false positive if protection is in the variable's declaration
false_positive = false_positive or check_protection(payload[2], declaration_text)==True
# Display all the vuln # Display all the vuln
line_vuln = find_line_vuln(path, payload, vuln_content, content) line_vuln = find_line_vuln(path, payload, vuln_content, content)
if not false_positive: if not false_positive: