Fix some typos in the documentation spotted by some people on reddit ♥

author: jvoisin 2017-09-28 13:42:05 +0200
committer: jvoisin 2017-09-28 13:42:25 +0200
commit: a92612da7ed1ceecc907232c36ff99e7dd18630c (patch)
tree: 82f68856076a3dbbacc3af2cc8bc7d56bf33320f /doc/source/features.rst
parent: 7ac3b09b9303c517fe8af4fc8c5d98ec8bd26c8c (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/source/features.rst b/doc/source/features.rst
index 076e4e4..bf535e1 100644
--- a/doc/source/features.rst
+++ b/doc/source/features.rst
@@ -6,8 +6,8 @@ killers and virtual-patching. The first category provides primitives to kill var
 bug families (like arbitrary code execution via ``unserialize`` for example) or rise the 
 cost of exploitation, the second one is a highly configurable system to patch functions in php itself.
-Bug classes killed
+Bug classes killed or mitigated
------------------
+-------------------------------
 ``system`` injections
 ^^^^^^^^^^^^^^^^^^^^^
@@ -22,7 +22,7 @@ Unfortunately, passing user-controlled parameters to it often leads to an arbitr
  --- `The PHP documentation about system <https://secure.php.net/manual/en/function.system.php>`_
-We're kind of killing it by filtering the ``$``, ``|``, ``;``, ````` and ``&`` chars in our 
+We're mitigating it by filtering the ``$``, ``|``, ``;``, `````, ``\n`` and ``&`` chars in our
 default configuration, making it a lot harder for an attacker to inject arbitrary commands.
 This family of vulnerabilities lead to various CVE, like:
author	jvoisin	2017-09-28 13:42:05 +0200
committer	jvoisin	2017-09-28 13:42:25 +0200
commit	a92612da7ed1ceecc907232c36ff99e7dd18630c (patch)
tree	82f68856076a3dbbacc3af2cc8bc7d56bf33320f /doc/source/features.rst
parent	7ac3b09b9303c517fe8af4fc8c5d98ec8bd26c8c (diff)

diff --git a/doc/source/features.rst b/doc/source/features.rst index 076e4e4..bf535e1 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst
@@ -6,8 +6,8 @@ killers and virtual-patching. The first category provides primitives to kill var
6	bug families (like arbitrary code execution via ``unserialize`` for example) or rise the	6	bug families (like arbitrary code execution via ``unserialize`` for example) or rise the
7	cost of exploitation, the second one is a highly configurable system to patch functions in php itself.	7	cost of exploitation, the second one is a highly configurable system to patch functions in php itself.
8		8
9	Bug classes killed	9	Bug classes killed or mitigated
10	------------------	10	-------------------------------
11		11
12	``system`` injections	12	``system`` injections
13	^^^^^^^^^^^^^^^^^^^^^	13	^^^^^^^^^^^^^^^^^^^^^
@@ -22,7 +22,7 @@ Unfortunately, passing user-controlled parameters to it often leads to an arbitr
22		22
23	--- `The PHP documentation about system <https://secure.php.net/manual/en/function.system.php>`_	23	--- `The PHP documentation about system <https://secure.php.net/manual/en/function.system.php>`_
24		24
25	We're kind of killing it by filtering the ``$``, ``\|``, ``;``, ````` and ``&`` chars in our	25	We're mitigating it by filtering the ``$``, ``\|``, ``;``, `````, ``\n`` and ``&`` chars in our
26	default configuration, making it a lot harder for an attacker to inject arbitrary commands.	26	default configuration, making it a lot harder for an attacker to inject arbitrary commands.
27		27
28	This family of vulnerabilities lead to various CVE, like:	28	This family of vulnerabilities lead to various CVE, like: