These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php namespace Sunspikes\ClamavValidator; |
||
2 | |||
3 | use Illuminate\Validation\Validator; |
||
4 | use Xenolope\Quahog\Client; |
||
5 | use Socket\Raw\Factory; |
||
6 | use Symfony\Component\HttpFoundation\File\UploadedFile; |
||
7 | |||
8 | class ClamavValidator extends Validator |
||
9 | { |
||
10 | /** |
||
11 | * @const string CLAMAV_STATUS_OK |
||
12 | */ |
||
13 | const CLAMAV_STATUS_OK = 'OK'; |
||
14 | |||
15 | /** |
||
16 | * @const string CLAMAV_STATUS_ERROR |
||
17 | */ |
||
18 | const CLAMAV_STATUS_ERROR = 'ERROR'; |
||
19 | |||
20 | /** |
||
21 | * @const string CLAMAV_UNIX_SOCKET |
||
22 | */ |
||
23 | const CLAMAV_UNIX_SOCKET = '/var/run/clamav/clamd.ctl'; |
||
24 | |||
25 | /** |
||
26 | * @const string CLAMAV_LOCAL_TCP_SOCKET |
||
27 | */ |
||
28 | const CLAMAV_LOCAL_TCP_SOCKET = 'tcp://127.0.0.1:3310'; |
||
29 | |||
30 | /** |
||
31 | * @const string CLAMAV_SOCKET_READ_TIMEOUT |
||
32 | */ |
||
33 | const CLAMAV_SOCKET_READ_TIMEOUT = 30; |
||
34 | |||
35 | /** |
||
36 | * Creates a new instance of ClamavValidator |
||
37 | */ |
||
38 | 4 | public function __construct($translator, $data, $rules, $messages) |
|
39 | { |
||
40 | 4 | parent::__construct($translator, $data, $rules, $messages); |
|
41 | 4 | } |
|
42 | |||
43 | /** |
||
44 | * Validate the uploaded file for virus/malware with ClamAV |
||
45 | * |
||
46 | * @param $attribute string |
||
47 | * @param $value mixed |
||
48 | * @param $parameters array |
||
49 | * |
||
50 | * @return boolean |
||
51 | * @throws ClamavValidatorException |
||
52 | */ |
||
53 | 3 | public function validateClamav($attribute, $value, $parameters) |
|
54 | { |
||
55 | 3 | $file = $this->getFilePath($value); |
|
56 | 3 | $clamavSocket = $this->getClamavSocket(); |
|
57 | |||
58 | // Create a new socket instance |
||
59 | 3 | $socket = (new Factory())->createClient($clamavSocket); |
|
60 | |||
61 | // Create a new instance of the Client |
||
62 | 3 | $quahog = new Client($socket, self::CLAMAV_SOCKET_READ_TIMEOUT, PHP_NORMAL_READ); |
|
63 | |||
64 | // Scan the file |
||
65 | 3 | $result = $quahog->scanFile($file); |
|
66 | 3 | var_dump([$file, $result]); |
|
0 ignored issues
–
show
Security
Debugging Code
introduced
by
Loading history...
|
|||
67 | |||
68 | 3 | if (self::CLAMAV_STATUS_ERROR === $result['status']) { |
|
69 | 1 | throw new ClamavValidatorException($result['reason']); |
|
70 | } |
||
71 | |||
72 | // Check if scan result is not clean |
||
73 | 2 | return !(self::CLAMAV_STATUS_OK !== $result['status']); |
|
74 | } |
||
75 | |||
76 | /** |
||
77 | * Guess the ClamAV socket |
||
78 | * |
||
79 | * @return string |
||
80 | */ |
||
81 | 3 | protected function getClamavSocket() |
|
82 | { |
||
83 | 3 | if (file_exists(env('CLAMAV_UNIX_SOCKET', self::CLAMAV_UNIX_SOCKET))) { |
|
84 | 3 | return 'unix://' . env('CLAMAV_UNIX_SOCKET', self::CLAMAV_UNIX_SOCKET); |
|
85 | } |
||
86 | |||
87 | return env('CLAMAV_TCP_SOCKET', self::CLAMAV_LOCAL_TCP_SOCKET); |
||
88 | } |
||
89 | |||
90 | /** |
||
91 | * Return the file path from the passed object |
||
92 | * |
||
93 | * @param $file mixed |
||
94 | * @return string |
||
95 | */ |
||
96 | 3 | protected function getFilePath($file) |
|
97 | { |
||
98 | // if were passed an instance of UploadedFile, return the path |
||
99 | 3 | if ($file instanceof UploadedFile) { |
|
100 | return $file->getPathname(); |
||
101 | } |
||
102 | |||
103 | // if we're passed a PHP file upload array, return the "tmp_name" |
||
104 | 3 | if (is_array($file) && null !== array_get($file, 'tmp_name')) { |
|
105 | return $file['tmp_name']; |
||
106 | } |
||
107 | |||
108 | // fallback: we were likely passed a path already |
||
109 | 3 | return $file; |
|
110 | } |
||
111 | } |
||
112 |