We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
问题代码文件路径 src/class/Posseg.php:304
src/class/Posseg.php:304
for ($i=0; $i<$len; $i++) { $char = mb_substr($sentence, $i, 1, 'UTF-8'); eval('$pos_array = array'.$pos_list[$i].';'); $pos = $pos_array[0]; if ($pos=='B') { $begin = $i; } elseif ($pos=='E') { eval('$this_pos_array = array'.$pos_list[$i].';'); $this_pos = $this_pos_a ....
其中存在eval调用,某些特定场景下,可能会被执行恶意代码,比如
$pos_list[$i] = "(); system('rm -rf /');";
这段功能的意图我也没咋懂,所以,不确定该怎么改,还有不确定作者为什么要用eval来进行这样的赋值操作,有大佬可以分析下吗?
The text was updated successfully, but these errors were encountered:
No branches or pull requests
问题代码文件路径
src/class/Posseg.php:304其中存在eval调用,某些特定场景下,可能会被执行恶意代码,比如
这段功能的意图我也没咋懂,所以,不确定该怎么改,还有不确定作者为什么要用eval来进行这样的赋值操作,有大佬可以分析下吗?
The text was updated successfully, but these errors were encountered: