zombie
commented
9 years ago i tested this, and it doesn't match any rule for me. what rule is it supposed to match (or not, as the case may be?)
Closed pwnetrationguru closed 9 years ago
zombie
commented
9 years ago i tested this, and it doesn't match any rule for me. what rule is it supposed to match (or not, as the case may be?)
pauljt
commented
9 years ago Im closing this as invalid as its too generic - I think what rob meant here was that we should match something like $_any.data. But that I think that is too generic to be useful in the default ruleset - people can always add this rule if they feel its helpful
zombie
commented
9 years ago i don't think this is right. he marked it as [false positive], and says the rule flags the input, not that it should flag it..
pauljt
commented
9 years ago We used to have a rule which matched .data. I removed it for the above reasons.
zombie
commented
9 years ago oh, ok, that makes a bit more sense..
pauljt
commented
9 years ago Yes sorry - there is a lot of cruft in these issues. You on mozilla irc? Come find me (pauljt in #security) and say hello!
Currently, the rule flags the following safe input:
It should ignore this case, as we do not care about assignments to data. We care about using data, which could be untrusted, in unsafe ways.