I've uploaded a new version of taint support for PHP. You can find
all the files via:
ftp://ftp.porcupine.org/pub/php/index.html
This version supports PHP 5.2.5, and fixes one typo in mysqli
support (thanks Adam Gundy). Little has changed because I wanted
to catch up with the current PHP release first.
What is taint support for PHP about?
This is a preliminary implementation of support for tainted variables
in PHP. The goal is to help PHP application programmers find and
eliminate opportunities for HTML script injection, SQL or shell
code injection, or PHP control hijacking, before other people can
exploit them. The implementation provides taint support for basic
operators and for a selection of built-functions and extensions.
For examples and details, see the README file, also on-line at:
ftp://ftp.porcupine.org/pub/php/php-5.2.5-taint-20080130.README.html
I need your feedback to make this code complete. I hope to do
several quick 1-2 month release cycles in which I collect feedback,
fill in missing things, and adjust course until things stabilize.
Wietse
Wietse Venema wrote:
I've uploaded a new version of taint support for PHP. You can find
all the files via:ftp://ftp.porcupine.org/pub/php/index.html[..]
For examples and details, see the README file, also on-line at:
ftp://ftp.porcupine.org/pub/php/php-5.2.5-taint-20080130.README.htmlI need your feedback to make this code complete. I hope to do
several quick 1-2 month release cycles in which I collect feedback,
fill in missing things, and adjust course until things stabilize.
I must say I like the idea, but I'm not too fond about the error handling.
For it to help with (especially) the unexperienced programmers it should
be enabled by default, which automatically is going to break a lot of
websites if put in production environments.
However turning it off by default isn't going to help, most people don't
even set their error_reporting() to a respectable setting, let alone a
new setting.
And how does this work with the Filter ( http://docs.php.net/filter )
extension ?
Wietse
- Mark