Skip to content

Commit

Permalink
Upd. Code. Heuristic analyser common lib updated.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Glomberg
Glomberg committed Nov 2, 2024
1 parent 5e494a3 commit 906ddaf
Show file tree
Hide file tree
Showing 3 changed files with 68 additions and 2 deletions.
1 change: 1 addition & 0 deletions lib/CleantalkSP/Common/Scanner/HeuristicAnalyser/HeuristicAnalyser.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -378,6 +378,7 @@ public function processContent()
$this->strings->convertHexSymbolsToString($key);
$this->variables->updateVariablesEquation($key);
$this->variables->updateVariablesEquationWithConcatenation($key);
$this->variables->updateVariablesEquationByFakeSubstr($key);
$this->variables->updateArrayEquation($key);
$this->variables->updateArrayEquationShort($key);
$this->variables->updateArrayNewElement($key);
Expand Down
18 changes: 16 additions & 2 deletions lib/CleantalkSP/Common/Scanner/HeuristicAnalyser/Modules/Includes.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -154,10 +154,24 @@ public function process($include, $file_exists, $_key)
$properties['error_free'] = $this->tokens->prev1->value !== '@';
$properties['good'] = ! $this->variables_handler->isSetOfTokensHasBadVariables($include);

// Include is a single string, so we can continue to analise
$include_value = '';

if ( count($include) === 1 && $include[0]->type === 'T_CONSTANT_ENCAPSED_STRING' ) {
// Include is a single string like `include 'file.php';`
$include_value = $include[0]->value;
} elseif (
// Include is a single string within bracers like `include('file.php');`
count($include) === 3 &&
$include[0]->value === '(' &&
$include[1]->type === 'T_CONSTANT_ENCAPSED_STRING' &&
$include[2]->value === ')'
) {
$include_value = $include[1]->value;
}

if ( $include_value ) {
// Extracting path from the string token. Cutting quotes.
$properties['path'] = substr($include[0]->value, 1, -1);
$properties['path'] = substr($include_value, 1, -1);
$properties['not_url'] = ! filter_var($properties['path'], FILTER_VALIDATE_URL);

// If the filepath is absolute.
Expand Down
51 changes: 51 additions & 0 deletions lib/CleantalkSP/Common/Scanner/HeuristicAnalyser/Modules/Variables.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -355,6 +355,57 @@ public function updateVariablesEquationWithConcatenation($key)
return false;
}

/**
* Equation by unnecessary substr function
* $a = substr($string, 0);
*
* substr($string, 0) is equivalent to $string
*
* @param int $key
*
* @return false returns false if fake substr construct not found
* @psalm-suppress NullPropertyFetch
* @psalm-suppress TypeDoesNotContainType
* @psalm-suppress PossiblyUnusedReturnValue
*/
public function updateVariablesEquationByFakeSubstr($key)
{
if (
$this->tokens->current->type === 'T_VARIABLE' &&
$this->tokens->next1->value === '='
) {
$variable_start = $this->tokens->searchForward($key, '=') + 1;
$variable_end = $this->tokens->searchForward($key, ';') - 1;
if ( $variable_end ) {
$variable_tokens = $this->tokens->getRange($variable_start, $variable_end);

if (
count($variable_tokens) === 6 &&
$variable_tokens[0]->value === 'substr' &&
$variable_tokens[1]->value === '(' &&
$variable_tokens[2]->type === 'T_VARIABLE' &&
$variable_tokens[3]->value === ',' &&
($variable_tokens[4]->type === 'T_LNUMBER' && $variable_tokens[4]->value === '0') &&
$variable_tokens[5]->value === ')' &&
isset($this->variables[$variable_tokens[2]->value])
) {
$variable_token = $this->variables[$variable_tokens[2]->value];
$replace_variable_token = array(
new Token(
'T_CONSTANT_ENCAPSED_STRING',
'\'' . trim($variable_token[0]->value, '"\'') . '\'',
$variable_tokens[1]->line,
$variable_tokens[1]->key
)
);

$this->variables[$this->tokens->current->value] = $replace_variable_token;
}
}
}
return false;
}

/**
* Search and remember constants definition
* define('CONSTANT_NAME','CONSTANT_VALUE'
Expand Down

0 comments on commit 906ddaf

Please sign in to comment.