swisskyrepo
/
Vulny-Code-Static-Analysis
mirror of https://github.com/swisskyrepo/Vulny-Code-Static-Analysis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Vulny-Code-Static-Analysis/vulns/tainted-filename.php

21 lines
316 B
PHP
Raw Permalink Blame History

<?php
$tainted = $_GET["tainted"];
// ruleid: tainted-filename
hash_file('sha1', $tainted);
// ruleid: tainted-filename
file($tainted);
// ok: tainted-filename
hash_file($tainted, 'file.txt');
// ruleid: tainted-filename
file(dirname($tainted));
// Sanitized
// ok: tainted-filename
file(basename($tainted));
Reference in New Issue View Git Blame Copy Permalink