summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-10-23Add a test for non-existent configuration filejvoisin
2017-10-23Implement the .line filterjvoisin
Close #48
2017-10-22Add a testcase, bumping the coveragejvoisin
2017-10-22Improve an error messagejvoisin
2017-10-20Add a test to demonstrate the behaviour wrt. call_user_funcjvoisin
2017-10-20Add support for multiple files in sp.configuration_file directiveblotus
This should close (#45
2017-10-19Merge pull request #46 from nbs-system/speed-up-ciblotus
Speed up the CI by not running the whole Joomla testsuite on travis
2017-10-19Speed up the CI by not running the whole Joomla testsuite on travisjvoisin
2017-10-19Merge pull request #33 from nbs-system/4-match-on-arg-posThibault "bui" Koechlin
Implement match on arguments position
2017-10-18`.pos` is mutuaally exclusive with .param and .paran_rjvoisin
2017-10-18Fix the testsjvoisin
2017-10-18Add some debugjvoisin
2017-10-18Fix a possible mistakejvoisin
2017-10-18Improve the strtol dancejvoisin
2017-10-18extra testsbui
2017-10-18strtol dancebui
2017-10-18do the strtol dance to make jvoisin happybui
2017-10-18Implement match on arguments positionjvoisin
2017-10-18Improve the propaganda pagejvoisin
2017-10-18.drop() is not a `nop` anymoreThibault "bui" Koechlin
`.drop()` is now baillout out, instead of nop'ing the call. This closes #13
2017-10-17Use assert instead of sp_log_err for something that shouldn't happenjvoisin
2017-10-17Add an expected failure for `eval` hookingjvoisin
2017-10-17Add a note about our hack.lu talkjvoisin
2017-10-17Add the hacklu2017 slidesjvoisin
2017-10-13Add more data to `phpinfo()`jvoisin
- The version - The git commit
2017-10-13Rename a confusing structure memberjvoisin
`regexp` is more confusing than `value_r`
2017-10-13Maybe this will address #35jvoisin
- We shouldn't assume that people are only using regexps - Make an internal function a bit more obvious
2017-10-13Improve the doc wrt. the Debian packagejvoisin
- Fix two minor warnings - Improve the documentation
2017-10-13ghetto debian packagingSebastien Blot
2017-10-13Partially revert d8ac163 because php.jvoisin
2017-10-13Show some data in the phpinfo();jvoisin
2017-10-13Fix some pedantic warningsjvoisin
2017-10-13Fix the documentation about compilingjvoisin
2017-10-13Add some debug to the harden-rand tests, just in caseā„¢jvoisin
2017-10-13Fix the size of the output vector in our usage of pcrejvoisin
2017-10-12Minor refactoringjvoisin
- use the `is_regexp_matching` function when possible - check parameters before passing it to `pcre_exec` - improve error messages wrt. regexp
2017-10-12Add `curl_multi_exec` to the magic php scriptjvoisin
2017-10-12Add a missing function to the generator scriptjvoisin
2017-10-12Fix minor gcc warnings with experimental optionsjvoisin
`CFLAGS='-Wnull-dereference -Wlogical-op -Wshadow -Wjump-misses-init' make clean coverage`
2017-10-11Hopefully fix an unreproductible NULL-deref in regexp matchingjvoisin
Reported by @fr33tux
2017-10-11Add some more debug to the regexp thingyjvoisin
2017-10-11Cheat a bit with the coveragejvoisin
2017-10-11Cache checksum calculation for the current filejvoisin
Close #34
2017-10-11s/disable_functions/disable_function/gjvoisin
This should close #36 and #30
2017-10-11Add some info when a regexp failsjvoisin
2017-10-10Improve the layout of the related vulns in the documentationjvoisin
2017-10-10.allow() is now working for requirejvoisin
2017-10-10Bump coverage, and fix a segfault on trace matchingjvoisin
2017-10-10Increase a bit the coveragejvoisin
2017-10-10Remove a useless ile for nowjvoisin
This should close #31