RIPS 0.53 发布,静态PHP代码漏洞分析

释放双眼,带上耳机,听听看~!

文章转载开源中国

RIPS是一款不错的静态源代码分析工具,主要用来挖掘PHP程序的漏洞。

RIPS 0.53发布了,在代码分析方面修复了一些bug并且增加了一些新的特性,具体改变如下:

  fixed bug where RIPS hangs on includes building a loop 1->2->3->1->2->3->1… (thanks to Michael Hoffmann)
  fixed bug where RIPS string analyzer hangs on certain array keys coming from foreach statements (thanks to Ricky-Lee Birtles)
  fixed bug where RIPS hangs on certain switch statements (thanks to Jay Bonci)
  fixed bug with wrong brace wrapping for “case x;” instead of “case x:” statements
  fixed bug with wrong brace wrapping when if-clause contains only 1 token or in a try/catch block
  fixed bug with parameter count in interprocedural analysis
  fixed bug with register_globals implementation and constants
  fixed bug with tokenizing a do-while in a do-while
  fixed bug with wrong boundary detection when a function is declared in another function
  fixed bug with wrong file pointer of included files, improved include rate
  added auto_prepend/append_file support, improved include_path support (thanks to Jay Bonci)
  added support for func_get_args() and func_get_arg()
  added support for alternative syntax for control structures (while(): … endwhile;)
  added new sensitive sinks
  added experimental option SCAN_REGISTER_GLOBALS (/config/general.php)
  added parsing errors to verbosity level = debug, improved code stability

工具下载:http://sourceforge.net/projects/rips-scanner/files/

给TA打赏
共{{data.count}}人
人已打赏
安全漏洞

CSDN用户数据泄露案告破 嫌犯用网站漏洞入侵

2012-3-20 11:12:22

安全漏洞

计算机战争背后的死亡商人揭秘:漏洞高价出售

2012-3-23 11:12:22

个人中心
购物车
优惠劵
今日签到
有新私信 私信列表
搜索