swisskyrepo
/
Vulny-Code-Static-Analysis
mirror of https://github.com/swisskyrepo/Vulny-Code-Static-Analysis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Vulny-Code-Static-Analysis/semgrep/eval-use.yaml

17 lines
507 B
YAML
Raw Permalink Blame History

rules:
- id: eval-use
patterns:
- pattern: eval(...);
- pattern-not: eval('...');
message: >-
Evaluating non-constant commands. This can lead to command injection.
metadata:
references:
- https://www.php.net/manual/en/function.eval
- https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/NoEvalsSniff.php
category: security
technology:
- php
languages: [php]
severity: ERROR
Reference in New Issue View Git Blame Copy Permalink