Rowan Collins wrote:

> On 28 July 2015 18:33:31 BST, Matt Tait <matt.t...@gmail.com> wrote:
>> Hi all,
>>
>> I've written an RFC (and PoC) about automatic detection and blocking of
>> SQL
>> injection vulnerabilities directly from inside PHP via automated taint
>> analysis.
>>
>> https://wiki.php.net/rfc/sql_injection_protection
>  
> Have you searched the list archive and wiki for previous discussions and 
> prototypes of variable tainting? The idea may well have some legs, but there 
> might be some interesting points from previous discussions to note in your 
> RFC.

FWIW, there is the inactive "Taint support for PHP"[1] RFC.

[1] <https://wiki.php.net/rfc/taint>

-- 
Christoph M. Becker


-- 
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to