fix(log): systematically drop when .drop() is used - snuffleupagus - Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!

diff options

author	jvoisin	2025-10-02 15:22:08 +0200
committer	jvoisin	2025-10-02 15:22:08 +0200
commit	da8c7aebc5602c04b771ada71a098ccb23d83a48 (patch)
tree	c006dabc93a369c247334bc50985b78653f9eb60 /src/tests
parent	09bc3ffc8734cf2437e14ab123c7b732db53b836 (diff)

fix(log): systematically drop when .drop() is used

When the `php` logging facility is used, the error could have been caught by using `set_error_handler` and whatnot. This commit ensures that if the `.drop()` option is set, we're calling `zend_bailout()` that can't be caught. An attacker could have used this issue to silently perform some recon of the running environment. This isn't considered a vulnerability as an attacker with arbitrary php code execution can simply use the use-after-free of the day to gain arbitrary (native) code execution anyway, after detecting that Snuffleupagus is in use, to take little risks of detection.

Diffstat (limited to 'src/tests')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: