| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2018-08-20 | Bump the changlogv0.3.1 | hamza (hes) ES SAHELY | |
| 2018-08-20 | Fix two minor issues | xXx-caillou-xXx | |
| - Fix an infinite loop on `echo` hook - Use the correct function to compare filenames internally | |||
| 2018-08-09 | Fix yet an other hang/crash | jvoisin | |
| There are valid reasons for `orig_zend_execute_internal` to be `NULL`, we we're not checking if it is, well, `NULL`. | |||
| 2018-08-09 | Fix a typo in the previous commits | jvoisin | |
| 2018-08-09 | Yet an other crash/hang fix | jvoisin | |
| Like the two previous commits | |||
| 2018-08-09 | Fix a possible crash/hang in floppy-comparison | jvoisin | |
| This is in the same spirit than the previous commit | |||
| 2018-08-09 | Fix a crash/hang when using fpm's pools | jvoisin | |
| We might have ended up in infinite loops when using php-fpm, if several different process hooked some functions twice. Thanks to @sriccio for reporting the issue | |||
| 2018-08-02 | fix #203 (#204) | crKontrol | |
| sp.disable_function.function().filename doesn't take phar:/// | |||
| 2018-07-24 | Remove two useless files | jvoisin | |
| 2018-07-19 | Fix the issue with rand hardening | xXx-caillou-xXx | |
| 2018-07-19 | Bump the changelog | kka | |
| 2018-07-18 | Remove an useless check in session handling | kka | |
| 2018-07-16 | Yet an other clang-format pass | jvoisin | |
| 2018-07-13 | Yet an other pass of clang-format | jvoisin | |
| 2018-07-13 | Fix an invalid read | xXx-caillou-xXx | |
| 2018-07-13 | Skip VLD for php7.3, as VLD is not compatible yet. | xXx-caillou-xXx | |
| 2018-07-13 | Reduce call to get_complete_function_path | xXx-caillou-xXx | |
| 2018-07-13 | Fix various possible integer overflows | xXx-caillou-xXx | |
| 2018-07-13 | Fix hooking on `print` | xXx-caillou-xXx | |
| 2018-07-13 | Allow rules matching on echo and print | xXx-caillou-xXx | |
| 2018-07-13 | Massively optimize how rules are handled | xXx-caillou-xXx | |
| This commit does a lot of things: - Use hashtables instead of lists to store the rules - Rules that can be applied at launch time won't be tried at runtime - Improve feedback when writing nonsensical rules - Make intensive use of `zend_string` instead of `char*` | |||
| 2018-07-10 | Fix #183 (#185) | Remi Collet | |
| * relax test to pass with 7.3 * skip test with 7.3 as samesite is broken + add TODO | |||
| 2018-07-09 | Trying to fix sloppy comparison (#186) | jvoisin | |
| * Trying to fix sloppy comparison https://github.com/nbs-system/snuffleupagus/issues/10 by modifying php's opcode | |||
| 2018-06-28 | Better handling of filters for builtins | kkadosh | |
| 2018-05-29 | Support session encryption | kkadosh | |
| Implement session encryption. | |||
| 2018-05-16 | Don't run some tests on `-dev` php versions | jvoisin | |
| 2018-05-16 | Improve the testsuite's robustness against php7.2 | jvoisin | |
| 2018-05-15 | Refactor the encryption process to extract encrypt/decrypt functions (#176) | kkadosh | |
| Refactor the encryption process to extract encrypt/decrypt functions | |||
| 2018-05-03 | Uniformise some logs | simon MAGNIN-FEYSOT | |
| This commit will make certain logs easier to parse. | |||
| 2018-03-19 | The filename filter is now matching on callsite instead of implemsite (#167) | kkadosh | |
| * Add match on the file where the function is called * Add the test * Constify some params * Fix potentiel null deref * Return more before if execute_data is NULL | |||
| 2018-03-19 | Add a failing test for callback function as parameter | kkadosh | |
| 2018-03-19 | Increase random number max for test | kka | |
| 2018-03-15 | Change a test to expected failed | kkadosh | |
| Apparently, we're not supporting hooking on `ret` for user-defined functions. | |||
| 2018-03-14 | Bump a bit the coverage | jvoisin | |
| 2018-03-12 | Bump the changelogv0.2.2 | jvoisin | |
| 2018-03-09 | Add an unit test for an edge-case | jvoisin | |
| 2018-03-08 | Make travis happy. | jvoisin | |
| 2018-03-08 | Minor code simplification | jvoisin | |
| 2018-03-08 | Remove some duplicate code | jvoisin | |
| 2018-03-08 | Marginally improve the performances when dealing with eval | jvoisin | |
| 2018-03-06 | Bump a bit the coverage | jvoisin | |
| 2018-03-06 | Fix a variadic-functions-related crash | jvoisin | |
| Currently, we're not supporting virtual-patching on variadic functions. The commit makes it clear, and fix the related crash. This should close #157 | |||
| 2018-03-05 | Improve performances by a significant factor | jvoisin | |
| Only check if a function should be disabled when we're after a `*CALL` opcode, end not on every single opcode. Based on @blotus ideas ♥ | |||
| 2018-03-05 | Improve a bit the performances (+10%) | jvoisin | |
| 2018-03-02 | Add .dump() for eval whitelist/blacklist + simulation mode for whitelist | kkadosh | |
| 2018-03-02 | Implement dump() for execution of writable PHP files | kkadosh | |
| 2018-03-02 | Fix a warning due to an unexported symbol | jvoisin | |
| 2018-03-02 | Add some rules for Typo3, courtesy of @kjojo | jvoisin | |
| 2018-02-27 | Implements .dump() for unserialize and fix some related tests | kkadosh | |
| 2018-02-27 | Improve the Readme file | jvoisin | |
 |
index : snuffleupagus | |
| Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest! |
| summaryrefslogtreecommitdiff |