1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace Sunspikes\ClamavValidator; |
4
|
|
|
|
5
|
|
|
use Illuminate\Contracts\Translation\Translator; |
6
|
|
|
use Illuminate\Support\Arr; |
7
|
|
|
use Illuminate\Support\Facades\Config; |
8
|
|
|
use Illuminate\Validation\Validator; |
9
|
|
|
use Xenolope\Quahog\Client as QuahogClient; |
10
|
|
|
use Socket\Raw\Factory as SocketFactory; |
11
|
|
|
use Symfony\Component\HttpFoundation\File\UploadedFile; |
12
|
|
|
|
13
|
|
|
class ClamavValidator extends Validator |
14
|
|
|
{ |
15
|
|
|
/** |
16
|
|
|
* Creates a new instance of ClamavValidator. |
17
|
|
|
* |
18
|
|
|
* ClamavValidator constructor. |
19
|
|
|
* @param Translator $translator |
20
|
|
|
* @param array $data |
21
|
|
|
* @param array $rules |
22
|
|
|
* @param array $messages |
23
|
|
|
* @param array $customAttributes |
24
|
|
|
*/ |
25
|
6 |
|
public function __construct( |
26
|
|
|
Translator $translator, |
27
|
|
|
array $data, |
28
|
|
|
array $rules, |
29
|
|
|
array $messages = [], |
30
|
|
|
array $customAttributes = [] |
31
|
|
|
) { |
32
|
6 |
|
parent::__construct($translator, $data, $rules, $messages, $customAttributes); |
33
|
6 |
|
} |
34
|
|
|
|
35
|
|
|
/** |
36
|
|
|
* Validate the uploaded file for virus/malware with ClamAV. |
37
|
|
|
* |
38
|
|
|
* @param $attribute string |
39
|
|
|
* @param $value mixed |
40
|
|
|
* @param $parameters array |
41
|
|
|
* |
42
|
|
|
* @return boolean |
43
|
|
|
* @throws ClamavValidatorException |
44
|
|
|
*/ |
45
|
5 |
|
public function validateClamav($attribute, $value, $parameters) |
|
|
|
|
46
|
|
|
{ |
47
|
5 |
|
if (true === Config::get('clamav.skip_validation')) { |
48
|
|
|
return true; |
49
|
|
|
} |
50
|
|
|
|
51
|
5 |
|
if(is_array($value)) { |
52
|
2 |
|
$result = true; |
53
|
2 |
|
foreach($value as $file) { |
54
|
2 |
|
$result &= $this->validateFileWithClamAv($file); |
55
|
2 |
|
} |
56
|
|
|
|
57
|
2 |
|
return $result; |
58
|
|
|
} |
59
|
|
|
|
60
|
3 |
|
return $this->validateFileWithClamAv($value); |
61
|
|
|
} |
62
|
|
|
|
63
|
|
|
/** |
64
|
|
|
* Validate the single uploaded file for virus/malware with ClamAV. |
65
|
|
|
* |
66
|
|
|
* @param $value mixed |
67
|
|
|
* |
68
|
|
|
* @return bool |
69
|
|
|
* @throws ClamavValidatorException |
70
|
|
|
*/ |
71
|
5 |
|
protected function validateFileWithClamAv($value) |
72
|
|
|
{ |
73
|
5 |
|
$file = $this->getFilePath($value); |
74
|
5 |
|
if (! is_readable($file)) { |
75
|
1 |
|
throw ClamavValidatorException::forNonReadableFile($file); |
76
|
|
|
} |
77
|
|
|
|
78
|
|
|
try { |
79
|
4 |
|
$socket = $this->getClamavSocket(); |
80
|
4 |
|
$scanner = $this->createQuahogScannerClient($socket); |
81
|
4 |
|
$result = $scanner->scanResourceStream(fopen($file, 'rb')); |
82
|
4 |
|
} catch (\Exception $exception) { |
83
|
|
|
throw ClamavValidatorException::forClientException($exception); |
84
|
|
|
} |
85
|
|
|
|
86
|
4 |
|
if (QuahogClient::RESULT_ERROR === $result['status']) { |
87
|
|
|
throw ClamavValidatorException::forScanResult($result); |
88
|
|
|
} |
89
|
|
|
|
90
|
|
|
// Check if scan result is clean |
91
|
4 |
|
return QuahogClient::RESULT_OK === $result['status']; |
92
|
|
|
} |
93
|
|
|
|
94
|
|
|
/** |
95
|
|
|
* Guess the ClamAV socket. |
96
|
|
|
* |
97
|
|
|
* @return string |
98
|
|
|
*/ |
99
|
4 |
|
protected function getClamavSocket() |
100
|
|
|
{ |
101
|
4 |
|
$preferredSocket = Config::get('clamav.preferred_socket'); |
102
|
|
|
|
103
|
4 |
|
if ($preferredSocket === 'unix_socket') { |
104
|
4 |
|
$unixSocket = Config::get('clamav.unix_socket'); |
105
|
4 |
|
if (file_exists($unixSocket)) { |
106
|
4 |
|
return 'unix://' . $unixSocket; |
107
|
|
|
} |
108
|
|
|
} |
109
|
|
|
|
110
|
|
|
// We use the tcp_socket as fallback as well |
111
|
|
|
return Config::get('clamav.tcp_socket'); |
112
|
|
|
} |
113
|
|
|
|
114
|
|
|
/** |
115
|
|
|
* Return the file path from the passed object. |
116
|
|
|
* |
117
|
|
|
* @param mixed $file |
118
|
|
|
* @return string |
119
|
|
|
*/ |
120
|
5 |
|
protected function getFilePath($file) |
121
|
|
|
{ |
122
|
|
|
// if were passed an instance of UploadedFile, return the path |
123
|
5 |
|
if ($file instanceof UploadedFile) { |
124
|
|
|
return $file->getPathname(); |
125
|
|
|
} |
126
|
|
|
|
127
|
|
|
// if we're passed a PHP file upload array, return the "tmp_name" |
128
|
5 |
|
if (is_array($file) && null !== Arr::get($file, 'tmp_name')) { |
129
|
|
|
return $file['tmp_name']; |
130
|
|
|
} |
131
|
|
|
|
132
|
|
|
// fallback: we were likely passed a path already |
133
|
5 |
|
return $file; |
|
|
|
|
134
|
|
|
} |
135
|
|
|
|
136
|
|
|
/** |
137
|
|
|
* Create a new quahog ClamAV scanner client. |
138
|
|
|
* |
139
|
|
|
* @param string $socket |
140
|
|
|
* @return QuahogClient |
141
|
|
|
*/ |
142
|
4 |
|
protected function createQuahogScannerClient($socket) |
143
|
|
|
{ |
144
|
|
|
// Create a new client socket instance |
145
|
4 |
|
$client = (new SocketFactory())->createClient($socket); |
146
|
|
|
|
147
|
4 |
|
return new QuahogClient($client, Config::get('clamav.socket_read_timeout'), PHP_NORMAL_READ); |
148
|
|
|
} |
149
|
|
|
} |
150
|
|
|
|
This check looks from parameters that have been defined for a function or method, but which are not used in the method body.