From 4a65bf41f88ae4db5d1e503ec986b77ffdb0a951 Mon Sep 17 00:00:00 2001 From: alexandergull Date: Mon, 23 Dec 2024 19:22:57 +0500 Subject: [PATCH] Fix. Common libs. Signature analysis fixed on several equal signatures matches. --- lib/CleantalkSP/Common/Helpers/Helper.php | 9 +++++---- .../Scanner/SignaturesAnalyser/Controller.php | 14 ++++++++++---- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/lib/CleantalkSP/Common/Helpers/Helper.php b/lib/CleantalkSP/Common/Helpers/Helper.php index a36a9ed8d..aa000b682 100644 --- a/lib/CleantalkSP/Common/Helpers/Helper.php +++ b/lib/CleantalkSP/Common/Helpers/Helper.php @@ -92,12 +92,12 @@ public static function isRegexp($signature, $delimiters = '#/') * @param string $signature_body Character position * @param bool $is_regexp Flag. Is signature is regular expression? * - * @return int String number + * @return array Array of lines number with needle */ - public static function getNeedleStringNumberFromFile($file_path, $signature_body, $is_regexp = false) + public static function getNeedleStringsNumberFromFile($file_path, $signature_body, $is_regexp = false) { $file = file($file_path); - $out = 1; + $out_line_numbers = array(); foreach ( $file as $number => $line ) { if ( @@ -105,9 +105,10 @@ public static function getNeedleStringNumberFromFile($file_path, $signature_body ( ! $is_regexp && strripos($line, stripslashes($signature_body)) !== false) ) { $out = $number + 1; + $out_line_numbers[] = $out; } } - return $out; + return $out_line_numbers; } } diff --git a/lib/CleantalkSP/Common/Scanner/SignaturesAnalyser/Controller.php b/lib/CleantalkSP/Common/Scanner/SignaturesAnalyser/Controller.php index c1d9847de..c3f76a012 100644 --- a/lib/CleantalkSP/Common/Scanner/SignaturesAnalyser/Controller.php +++ b/lib/CleantalkSP/Common/Scanner/SignaturesAnalyser/Controller.php @@ -92,15 +92,20 @@ function_exists('md5') && if ( ( $is_regexp && preg_match($signature['body'], $file_content) ) || ( ! $is_regexp && - ( strripos($file_content, stripslashes($signature['body'])) !== false || - strripos($file_content, $signature['body']) !== false) ) + ( + strripos($file_content, stripslashes($signature['body'])) !== false || + strripos($file_content, $signature['body']) !== false + ) + ) ) { - $line_number = Helper::getNeedleStringNumberFromFile( + $line_numbers = Helper::getNeedleStringsNumberFromFile( $root_path . $file_info->path, $signature['body'], $is_regexp ); - $verdict['SIGNATURES'][$line_number][] = $signature['id']; + foreach ($line_numbers as $line_number) { + $verdict['SIGNATURES'][$line_number][] = $signature['id']; + } } } } @@ -109,6 +114,7 @@ function_exists('md5') && $file_info->weak_spots, true ) : array(); + if ( isset($file_info->weak_spots['SIGNATURES']) ) { unset($file_info->weak_spots['SIGNATURES']); }