1.2.443. Extensions/Exttaint

Taint is a extension used to detect and track tainted string. It follows each assignation of the code and keeps track of its taint. And also can be used to spot sql injection vulnerabilities, shell inject, etc.

<?php
$a = trim($_GET['a']);

$file_name = '/tmp' .  $a;
$output    = "Welcome, {$a} !!!";

//Warning: main() [function.echo]: Attempt to echo a string that might be tainted

?>

See also taint and taint on github.

1.2.443.1. Connex PHP features

1.2.443.1.1. Specs

Short name

Extensions/Exttaint

Rulesets

All, Appinfo, Changed Behavior

Exakat since

2.4.4

PHP Version

With PHP 7.4 and older

Severity

Minor

Time To Fix

Quick (30 mins)

Precision

Very high

Available in

Entreprise Edition, Exakat Cloud