Merge pull request #454 from CleanTalk/malware_fies_inspection.ag

Fix. Cure stage. Correct cure if file is modified.
CleanTalk · Dec 19, 2024 · f80a071 · f80a071
2 parents 723fb5a + 57f889b
commit f80a071
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 13 deletions.
diff --git a/lib/CleantalkSP/SpbctWP/DB/SQLSchema.php b/lib/CleantalkSP/SpbctWP/DB/SQLSchema.php
@@ -249,6 +249,7 @@ class SQLSchema extends \CleantalkSP\Common\DB\SQLSchema
         'cure_log' => array(
             'columns' => array(
                 array('field' => 'fast_hash', 'type' => 'varchar(32)', 'null' => 'no'),
+                array('field' => 'full_hash', 'type' => 'char(32)', 'null' => 'no'),
                 array('field' => 'real_path', 'type' => 'varchar(512)', 'null' => 'no'),
                 array('field' => 'cured', 'type' => 'tinyint', 'null' => 'no',),
                 array('field' => 'has_backup', 'type' => 'tinyint', 'null' => 'no',),

diff --git a/lib/CleantalkSP/SpbctWP/Scanner/CureLog/CureLog.php b/lib/CleantalkSP/SpbctWP/Scanner/CureLog/CureLog.php
@@ -56,7 +56,7 @@ public function getDataToAccordion($offset = 0, $amount = 20)
     {
         $offset = intval($offset);
         $amount = intval($amount);
-        $query = 'SELECT fast_hash, real_path, cured, cci_cured, has_backup, fail_reason, last_cure_date FROM ' . SPBC_TBL_CURE_LOG . ' LIMIT ' . $offset . ',' . $amount . ';';
+        $query = 'SELECT fast_hash, real_path, cured, cci_cured, has_backup, fail_reason, last_cure_date FROM ' . SPBC_TBL_CURE_LOG . ' ORDER BY last_cure_date DESC LIMIT ' . $offset . ',' . $amount . ';';
         $result = $this->db->fetchAll($query, OBJECT);
 
         if ( empty($result) ) {
@@ -123,14 +123,15 @@ public function logCureResult(CureLogRecord $cure_log_record)
 
         $this->db->prepare(
             'INSERT INTO ' . SPBC_TBL_CURE_LOG
-                . ' (`fast_hash`, `real_path`, `cured`, `cci_cured`,`has_backup`,`fail_reason`, `last_cure_date`, `scanner_start_local_date`) VALUES'
-                . "(%s, %s, %d, %s, %d, %s, %d, %s)"
+                . ' (`fast_hash`, `full_hash`, `real_path`, `cured`, `cci_cured`,`has_backup`,`fail_reason`, `last_cure_date`, `scanner_start_local_date`) VALUES'
+                . "(%s, %s, %s, %d, %s, %d, %s, %d, %s)"
                 . 'ON DUPLICATE KEY UPDATE
                 cured = VALUES(`cured`),
                 last_cure_date = VALUES(`last_cure_date`),
                 fail_reason = VALUES(`fail_reason`),
                 scanner_start_local_date = VALUES(`scanner_start_local_date`)',
             array($cure_log_record->fast_hash,
+                $cure_log_record->full_hash,
                 $cure_log_record->real_path,
                 $cure_log_record->cured,
                 $cure_log_record->cci_cured,

diff --git a/lib/CleantalkSP/SpbctWP/Scanner/CureLog/CureLogRecord.php b/lib/CleantalkSP/SpbctWP/Scanner/CureLog/CureLogRecord.php
@@ -6,6 +6,10 @@
 
 class CureLogRecord extends DTO
 {
+    /**
+     * @var string
+     */
+    public $full_hash = '';
     /**
      * @var string
      */
@@ -46,6 +50,7 @@ class CureLogRecord extends DTO
 
     protected $obligatory_properties = [
         'fast_hash',
+        'full_hash',
         'real_path',
         'cured',
         'cci_cured',

diff --git a/lib/CleantalkSP/SpbctWP/Scanner/Stages/CureStage.php b/lib/CleantalkSP/SpbctWP/Scanner/Stages/CureStage.php
@@ -102,14 +102,19 @@ public function runStage($offset, $amount)
      */
     private function getFilesToCure($limit)
     {
-        $result = $this->db->fetchAll(
-            'SELECT * '
-            . ' FROM ' . SPBC_TBL_SCAN_FILES
-            . ' WHERE weak_spots LIKE "%\"SIGNATURES\":%"'
-            . ' AND fast_hash NOT IN '
-            . ' (SELECT fast_hash FROM ' . SPBC_TBL_CURE_LOG . ') '
-            . ' LIMIT ' . $limit . ';'
-        );
+        $query = '
+                SELECT * FROM ' . SPBC_TBL_SCAN_FILES . '
+                    WHERE weak_spots LIKE "%SIGNATURES%"
+                    AND
+                    (
+                        full_hash NOT IN (SELECT full_hash FROM ' . SPBC_TBL_CURE_LOG . ')
+                        OR
+                        fast_hash NOT IN (SELECT fast_hash FROM ' . SPBC_TBL_CURE_LOG . ')
+                    )
+                    LIMIT ' . $limit . ';
+            ';
+
+        $result = $this->db->fetchAll($query);
 
         if (is_null($result) || is_object($result)) {
             $result = array();
@@ -128,6 +133,7 @@ public function processCure($file)
         //init cure log item, this item is DTO, used during all the process
         $cure_log_record = new CureLogRecord(array(
             'fast_hash' => isset($file['fast_hash']) ? $file['fast_hash'] : '',
+            'full_hash' => isset($file['full_hash']) ? $file['full_hash'] : '',
             'real_path' => isset($file['path']) ? $file['path'] : '',
             'cured' => 0,
             'has_backup' => 0,
@@ -377,8 +383,12 @@ private function getCountOfFilesWereNotTriedToCure()
                 SELECT
                     COUNT(*) AS cnt FROM ' . SPBC_TBL_SCAN_FILES . '
                     WHERE weak_spots LIKE "%SIGNATURES%"
-                    AND fast_hash NOT IN 
-                        (SELECT fast_hash FROM ' . SPBC_TBL_CURE_LOG . ')
+                    AND
+                    (
+                        full_hash NOT IN (SELECT full_hash FROM ' . SPBC_TBL_CURE_LOG . ')
+                        OR
+                        fast_hash NOT IN (SELECT fast_hash FROM ' . SPBC_TBL_CURE_LOG . ')
+                    )
             ';
         $result = $this->db->fetch($query, OBJECT);
         if ( $result !== null && isset($result->cnt) ) {