From eed3612b0b5a7431316a84387ab887f455dc8379 Mon Sep 17 00:00:00 2001
From: jrfnl <github_nospam@adviesenzo.nl>
Date: Mon, 11 Jul 2016 15:20:59 +0200
Subject: [PATCH] Add runtime_configuration and path disclosure sections to the
 VIP.RestrictedFunctions sniff.

Fixes #460
---
 .../Sniffs/VIP/RestrictedFunctionsSniff.php   | 27 +++++++++++++++++++
 .../Tests/VIP/RestrictedFunctionsUnitTest.inc | 13 +++++++++
 .../Tests/VIP/RestrictedFunctionsUnitTest.php | 12 +++++++++
 3 files changed, 52 insertions(+)

diff --git a/WordPress/Sniffs/VIP/RestrictedFunctionsSniff.php b/WordPress/Sniffs/VIP/RestrictedFunctionsSniff.php
index 5a476025b9..b9a859f7a4 100644
--- a/WordPress/Sniffs/VIP/RestrictedFunctionsSniff.php
+++ b/WordPress/Sniffs/VIP/RestrictedFunctionsSniff.php
@@ -326,6 +326,33 @@ public function getGroups() {
 				),
 			),
 
+			'runtime_configuration' => array(
+				'type' => 'error',
+				'message' => '%s is prohibited, changing configuration at runtime is not allowed on VIP Production.',
+				'functions' => array(
+					'dl',
+					'error_reporting',
+					'ini_alter',
+					'ini_restore',
+					'ini_set',
+					'magic_quotes_runtime',
+					'set_magic_quotes_runtime',
+					'apache_setenv',
+					'putenv',
+					'set_include_path',
+					'restore_include_path',
+				),
+			),
+
+			'prevent_path_disclosure' => array(
+				'type' => 'error',
+				'message' => '%s is prohibited as it can lead to full path disclosure.',
+				'functions' => array(
+					'error_reporting',
+					'phpinfo',
+				),
+			),
+
 		);
 	}
 }//end class
diff --git a/WordPress/Tests/VIP/RestrictedFunctionsUnitTest.inc b/WordPress/Tests/VIP/RestrictedFunctionsUnitTest.inc
index 93d4c66816..35f86b5a6a 100644
--- a/WordPress/Tests/VIP/RestrictedFunctionsUnitTest.inc
+++ b/WordPress/Tests/VIP/RestrictedFunctionsUnitTest.inc
@@ -70,3 +70,16 @@ get_adjacent_post(); // error
 get_previous_post(); // error
 get_next_post(); // error
 parse_url( 'http://example.com/' ); // warning
+
+dl(); // error
+error_reporting(); // error
+ini_alter(); // error
+ini_restore(); // error
+ini_set(); // error
+magic_quotes_runtime(); // error
+set_magic_quotes_runtime(); // error
+apache_setenv(); // error
+putenv(); // error
+set_include_path(); // error
+restore_include_path(); // error
+phpinfo(); // error
diff --git a/WordPress/Tests/VIP/RestrictedFunctionsUnitTest.php b/WordPress/Tests/VIP/RestrictedFunctionsUnitTest.php
index a1778c1a8e..17ee7fa365 100644
--- a/WordPress/Tests/VIP/RestrictedFunctionsUnitTest.php
+++ b/WordPress/Tests/VIP/RestrictedFunctionsUnitTest.php
@@ -55,6 +55,18 @@ public function getErrorList()
             69 => 1,
             70 => 1,
             71 => 1,
+            74 => 1,
+            75 => 2,
+            76 => 1,
+            77 => 1,
+            78 => 1,
+            79 => 1,
+            80 => 1,
+            81 => 1,
+            82 => 1,
+            83 => 1,
+            84 => 1,
+            85 => 1,
         );
 
     }//end getErrorList()