Fix the include family of "functions" in stack trace sanitization

`include` et al are not actual functions, but language constructs. For this
reason they cannot be reflected, causing their arguments to show as
`[error_during_sanitization]`. Fix this by special casing them to not run the
sanitization, they do not contain sensitive arguments (apart from the path
which is redacted independently later).

diff --git a/wcfsetup/install/files/lib/core.functions.php b/wcfsetup/install/files/lib/core.functions.php
index 848417b840ef9841157521480cb0515af94d1610..76a61eaf4cc0269d44e0a4dd92ceee10085f86ce 100644 (file)
--- a/wcfsetup/install/files/lib/core.functions.php
+++ b/wcfsetup/install/files/lib/core.functions.php
@@ -717,7 +717,14 @@ EXPLANATION;
                        if (!isset($item['args'])) $item['args'] = [];
 
                        try {
-                               if (!empty($item['args'])) {
+                               $cannotBeReflected = !$item['class'] && \in_array($item['function'], [
+                                       'include',
+                                       'include_once',
+                                       'require',
+                                       'require_once',
+                               ]);
+
+                               if (!empty($item['args']) && !$cannotBeReflected) {
                                        if ($item['class']) {
                                                $function = new \ReflectionMethod($item['class'], $item['function']);
                                        }