<?php /** ----------------------------------------------------------------------+ * @desc Issue 2 * @flag I2 L14 * @flag I2 L27 * @score 10.00 ----------------------------------------------------------------------+ */ defined('SYSPATH') or die('No direct script access.'); echo "Reachable"; file_exists('somefile') || exit; echo "Reachable"; some_random_function() or die; echo "Reachable"; some_random_function() or die; file_exists('somefile') || die;
<?php function some_random_function() { } // Verify sniff doesn't flag this line some_random_function(); // Verify sniff doesn't flag this line ini_set('display_errors', 1); // Verify sniff doesn't flag this ini directive ini_set('allow_url_include', 1); $test = ini_get('allow_url_include'); ini_set("allow_url_include", 1); ini_set('pcre.backtrack_limit', 1); $test = ini_get('pcre.backtrack_limit'); ini_set('pcre.recursion_limit', 1); $test = ini_get('pcre.recursion_limit'); ini_set('session.cookie_httponly', 1); $test = ini_get('session.cookie_httponly'); ini_set('max_input_nesting_level', 1); $test = ini_get('max_input_nesting_level'); ini_set('user_ini.filename', 1); $test = ini_get('user_ini.filename'); ini_set('user_ini.cache_ttl', 1); $test = ini_get('user_ini.cache_ttl'); ini_set('exit_on_timeout', 1); $test = ini_get('exit_on_timeout'); ini_set('mbstring.http_output_conv_mimetype', 1); $test = ini_get('mbstring.http_output_conv_mimetype'); ini_set('request_order', 1); $test = ini_get('request_order');