Esempio n. 1
0
 /**
  * 查看净化栈中是否有可以抵消的元素
  *	[+]'html_entity_decode',
  *	[+]'stripslashes',
  * @param string $funcName
  * @param Node $node
  * @param DataFlow $dataFlow
  */
 public static function clearSantiInfo($funcName, $node, $dataFlow)
 {
     global $F_INSECURING_STRING;
     //判断$funcName相反的函数是否在净化Map中
     //比如调用stripslashes($funcName=stripslashes)
     if (in_array($funcName, $F_INSECURING_STRING)) {
         switch ($funcName) {
             case 'stripslashes':
                 //去除净化Map中最近的addslashes净化
                 $map = $dataFlow->getLocation()->getSanitization();
                 foreach ($map as $position => $oneFunction) {
                     if ($oneFunction['funcName'] == 'addslashes') {
                         array_splice($map, $position, 1);
                     }
                 }
                 break;
             case 'html_entity_decode':
                 //去除htmlentities净化
                 $map = $dataFlow->getLocation()->getSanitization();
                 foreach ($map as $position => $oneFunction) {
                     if ($oneFunction['funcName'] == 'htmlentities') {
                         array_splice($map, $position, 1);
                     }
                 }
                 break;
             case 'htmlspecialchars_decode':
                 //去除htmlspecialchars净化
                 $map = $dataFlow->getLocation()->getSanitization();
                 foreach ($map as $position => $oneFunction) {
                     if ($oneFunction['funcName'] == 'htmlspecialchars') {
                         array_splice($map, $position, 1);
                     }
                 }
                 break;
         }
     }
 }
Esempio n. 2
0
 /**
  * 清除相应的编码效果
  * 	[+]'rawurldecode', - rawurlencode
  *	[+]'urldecode', - urlencode
  *	[+]'base64_decode', - base64_encode
  * @param string $funcName
  * @param Node $node
  * @param DataFlow $dataFlow
  */
 public static function clearEncodeInfo($funcName, $node, $dataFlow)
 {
     global $F_DECODING_STRING;
     if (in_array($funcName, $F_DECODING_STRING)) {
         switch ($funcName) {
             case 'rawurldecode' or 'urldecode':
                 //去除净化Map中最近的addslashes净化
                 $map = $dataFlow->getLocation()->getEncoding();
                 $position = array_search('urlencode', $map);
                 array_splice($map, $position, 1);
                 break;
             case 'base64_decode':
                 //去除Map中最近的base64编码操作
                 $map = $dataFlow->getLocation()->getEncoding();
                 $position = array_search('base64_encode', $map);
                 array_splice($map, $position, 1);
                 break;
             case 'html_entity_decode':
                 //去除Map中最近的base64编码操作
                 $map = $dataFlow->getLocation()->getEncoding();
                 $position = array_search('html_entity_decode', $map);
                 array_splice($map, $position, 1);
                 break;
         }
     }
 }