Fix some typos (courtesy of @sabban) and mention tests in the CONTRIBUTING.md file

author: jvoisin 2017-10-01 21:46:02 +0200
committer: jvoisin 2017-10-01 21:46:02 +0200
commit: 7418a0e1e9b02aef8535e33d30cfb8f082680f69 (patch)
tree: 28caaf2ecc25a5e2d4104ac7552176d9cf81c5d3 /doc/source/features.rst
parent: b5628fcc599919711171a5154f37ad90bd6b5065 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/doc/source/features.rst b/doc/source/features.rst
index bf535e1..fbb2a64 100644
--- a/doc/source/features.rst
+++ b/doc/source/features.rst
@@ -3,7 +3,7 @@ Features
 Snuffleupagus has a lot of features that can be divided in two main categories: bug-classes
 killers and virtual-patching. The first category provides primitives to kill various
-bug families (like arbitrary code execution via ``unserialize`` for example) or rise the 
+bug families (like arbitrary code execution via ``unserialize`` for example) or rise the
 cost of exploitation, the second one is a highly configurable system to patch functions in php itself.
 Bug classes killed or mitigated
@@ -171,7 +171,7 @@ It's worth noting that the PHP documentation contains the following warning:
  ``min`` ``max`` range must be within the range ``getrandmax()``. i.e. ``(max - min) <= getrandmax()``.
  Otherwise, ``rand()`` may return poor-quality random numbers.
-  
  --- `The PHP documentation about rand <https://secure.php.net/manual/en/function.rand.php>`_
 This is of course addressed as well by the ``harden_rand`` feature.
@@ -279,7 +279,7 @@ PHP7 introduced a **strict mode**, in which variables won't be coerced anymore,
 and a `TypeError <https://php.net/manual/en/class.typeerror.php>`_ exception will
 be raised if the types aren't matching.
 `Scalar type declarations <https://secure.php.net/manual/en/migration70.new-features.php#migration70.new-features.scalar-type-declarations>`_
-are optional, but you don't have to used them in your code to benefit from them,
+are optional, but you don't have to use them in your code to benefit from them,
 since every internal function from php has them.
 This option provide a switch to globally activate this strict mode,
@@ -307,7 +307,7 @@ and using this feature to lock this up.
 Dumping capabilities
 ^^^^^^^^^^^^^^^^^^^^
 It's possible to apply the ``dump()`` filter to any virtual-patching rule,
-to dump the complete web request, along with the filename and the corresponding 
+to dump the complete web request, along with the filename and the corresponding
 line number. By using the *right* set of restrictive rules (or by using the
 *overly* restrictives ones in ``simulation`` mode), you might be able
 to gather interesting vulnerabilities used against your website.
@@ -332,7 +332,7 @@ or ``is_callable`` with *suspicious* parameters.
 ``chmod`` hardening
 """""""""""""""""""
-Some PHP applications are using broad rights when using the ``chmod`` function, 
+Some PHP applications are using broad rights when using the ``chmod`` function,
 like the infamous ``chmod(777)`` command, effectively making the file writable by everyone.
 Snuffleupagus is preventing this kind of behaviour by restricting the parameters
 than can be passer to ``chmod``.
author	jvoisin	2017-10-01 21:46:02 +0200
committer	jvoisin	2017-10-01 21:46:02 +0200
commit	7418a0e1e9b02aef8535e33d30cfb8f082680f69 (patch)
tree	28caaf2ecc25a5e2d4104ac7552176d9cf81c5d3 /doc/source/features.rst
parent	b5628fcc599919711171a5154f37ad90bd6b5065 (diff)

diff --git a/doc/source/features.rst b/doc/source/features.rst index bf535e1..fbb2a64 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst
@@ -3,7 +3,7 @@ Features
3		3
4	Snuffleupagus has a lot of features that can be divided in two main categories: bug-classes	4	Snuffleupagus has a lot of features that can be divided in two main categories: bug-classes
5	killers and virtual-patching. The first category provides primitives to kill various	5	killers and virtual-patching. The first category provides primitives to kill various
6	bug families (like arbitrary code execution via ``unserialize`` for example) or rise the	6	bug families (like arbitrary code execution via ``unserialize`` for example) or rise the
7	cost of exploitation, the second one is a highly configurable system to patch functions in php itself.	7	cost of exploitation, the second one is a highly configurable system to patch functions in php itself.
8		8
9	Bug classes killed or mitigated	9	Bug classes killed or mitigated
@@ -171,7 +171,7 @@ It's worth noting that the PHP documentation contains the following warning:
171		171
172	``min`` ``max`` range must be within the range ``getrandmax()``. i.e. ``(max - min) <= getrandmax()``.	172	``min`` ``max`` range must be within the range ``getrandmax()``. i.e. ``(max - min) <= getrandmax()``.
173	Otherwise, ``rand()`` may return poor-quality random numbers.	173	Otherwise, ``rand()`` may return poor-quality random numbers.
174		174
175	--- `The PHP documentation about rand <https://secure.php.net/manual/en/function.rand.php>`_	175	--- `The PHP documentation about rand <https://secure.php.net/manual/en/function.rand.php>`_
176		176
177	This is of course addressed as well by the ``harden_rand`` feature.	177	This is of course addressed as well by the ``harden_rand`` feature.
@@ -279,7 +279,7 @@ PHP7 introduced a strict mode, in which variables won't be coerced anymore,
279	and a `TypeError <https://php.net/manual/en/class.typeerror.php>`_ exception will	279	and a `TypeError <https://php.net/manual/en/class.typeerror.php>`_ exception will
280	be raised if the types aren't matching.	280	be raised if the types aren't matching.
281	`Scalar type declarations <https://secure.php.net/manual/en/migration70.new-features.php#migration70.new-features.scalar-type-declarations>`_	281	`Scalar type declarations <https://secure.php.net/manual/en/migration70.new-features.php#migration70.new-features.scalar-type-declarations>`_
282	are optional, but you don't have to used them in your code to benefit from them,	282	are optional, but you don't have to use them in your code to benefit from them,
283	since every internal function from php has them.	283	since every internal function from php has them.
284		284
285	This option provide a switch to globally activate this strict mode,	285	This option provide a switch to globally activate this strict mode,
@@ -307,7 +307,7 @@ and using this feature to lock this up.
307	Dumping capabilities	307	Dumping capabilities
308	^^^^^^^^^^^^^^^^^^^^	308	^^^^^^^^^^^^^^^^^^^^
309	It's possible to apply the ``dump()`` filter to any virtual-patching rule,	309	It's possible to apply the ``dump()`` filter to any virtual-patching rule,
310	to dump the complete web request, along with the filename and the corresponding	310	to dump the complete web request, along with the filename and the corresponding
311	line number. By using the right set of restrictive rules (or by using the	311	line number. By using the right set of restrictive rules (or by using the
312	overly restrictives ones in ``simulation`` mode), you might be able	312	overly restrictives ones in ``simulation`` mode), you might be able
313	to gather interesting vulnerabilities used against your website.	313	to gather interesting vulnerabilities used against your website.
@@ -332,7 +332,7 @@ or ``is_callable`` with suspicious parameters.
332	``chmod`` hardening	332	``chmod`` hardening
333	"""""""""""""""""""	333	"""""""""""""""""""
334		334
335	Some PHP applications are using broad rights when using the ``chmod`` function,	335	Some PHP applications are using broad rights when using the ``chmod`` function,
336	like the infamous ``chmod(777)`` command, effectively making the file writable by everyone.	336	like the infamous ``chmod(777)`` command, effectively making the file writable by everyone.
337	Snuffleupagus is preventing this kind of behaviour by restricting the parameters	337	Snuffleupagus is preventing this kind of behaviour by restricting the parameters
338	than can be passer to ``chmod``.	338	than can be passer to ``chmod``.