1.2.392. Dynamic Library Loading

Loading a variable dynamically requires a lot of care in the preparation of the library name.

In case of injection in the variable, the dynamic loading of a library gives a lot of power to an intruder.

<?php

    // dynamically loading a library
     dl($library. PHP_SHLIB_SUFFIX);

    // dynamically loading ext/vips
     dl('vips.' . PHP_SHLIB_SUFFIX);

    // static loading ext/vips (unix only)
     dl('vips.so');

?>

See also dl.

1.2.392.1. Suggestions

  • Use a switch structure, to make the dl() calls static.

  • Avoid using dl() and make the needed extension always available in PHP binary.

1.2.392.2. Specs

Short name

Security/DynamicDl

Rulesets

All, Changed Behavior, Security

Exakat since

1.1.7

PHP Version

All

Severity

Major

Time To Fix

Slow (1 hour)

Precision

Very high

Features

library-loading

Available in

Entreprise Edition, Exakat Cloud