165 lines
5.0 KiB
PHP
165 lines
5.0 KiB
PHP
<?php
|
|
/* Copyright (C) 2000-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
|
|
* Copyright (C) 2003 Jean-Louis Bergamo <jlb@j1b.org>
|
|
* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
|
|
* Copyright (C) 2005-2009 Regis Houssin <regis.houssin@inodbox.com>
|
|
* Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
* or see https://www.gnu.org/
|
|
*/
|
|
|
|
/**
|
|
* \file htdocs/core/class/antivir.class.php
|
|
* \brief File of class to scan viruses
|
|
*/
|
|
|
|
/**
|
|
* Class to scan for virus
|
|
*/
|
|
class AntiVir
|
|
{
|
|
/**
|
|
* @var string Error code (or message)
|
|
*/
|
|
public $error = '';
|
|
|
|
/**
|
|
* @var string[] Error codes (or messages)
|
|
*/
|
|
public $errors = array();
|
|
|
|
/**
|
|
* @var string Used to return message
|
|
*/
|
|
public $output;
|
|
|
|
/**
|
|
* @var DoliDB Database handler.
|
|
*/
|
|
public $db;
|
|
|
|
/**
|
|
* Constructor
|
|
*
|
|
* @param DoliDB $db Database handler
|
|
*/
|
|
public function __construct($db)
|
|
{
|
|
$this->db = $db;
|
|
}
|
|
|
|
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
|
|
/**
|
|
* Scan a file with antivirus.
|
|
* This function runs the command defined in setup. This antivirus command must return 0 if OK.
|
|
* Return also true (virus found) if file end with '.virus' (so we can make test safely).
|
|
*
|
|
* @param string $file File to scan
|
|
* @return int Return integer <0 if KO (-98 if error, -99 if virus), 0 if OK
|
|
*/
|
|
public function dol_avscan_file($file)
|
|
{
|
|
// phpcs:enable
|
|
global $conf;
|
|
|
|
if (preg_match('/\.virus$/i', $file)) {
|
|
$this->errors[] = 'File has an extension saying file is a virus';
|
|
return -97;
|
|
}
|
|
|
|
$fullcommand = $this->getCliCommand($file);
|
|
//$fullcommand="/usr/bin/clamdscan --fdpass '/tmp/phpuxoAEo'"
|
|
//$fullcommand='"c:\Program Files (x86)\ClamWin\bin\clamscan.exe" --database="C:\Program Files (x86)\ClamWin\lib" "c:\temp\aaa.txt"';
|
|
//var_dump($fullcommand);
|
|
|
|
$safemode = ini_get("safe_mode");
|
|
// Create a clean fullcommand
|
|
dol_syslog("AntiVir::dol_avscan_file Run command=".$fullcommand." with safe_mode ".($safemode ? "on" : "off"));
|
|
// Run CLI command.
|
|
include_once DOL_DOCUMENT_ROOT.'/core/class/utils.class.php';
|
|
$utils = new Utils($this->db);
|
|
$outputfile = $conf->user->dir_temp.'/antivir.tmp';
|
|
|
|
$result = $utils->executeCLI($fullcommand, $outputfile);
|
|
|
|
$return_var = $result['result'];
|
|
$output = $result['output'];
|
|
$errorstring = $result['error'];
|
|
|
|
if (is_null($output)) {
|
|
$output = array();
|
|
}
|
|
|
|
dol_syslog("AntiVir::dol_avscan_file Result return_var=".$return_var." output=".$output);
|
|
|
|
$returncodevirus = 1;
|
|
if ($return_var == $returncodevirus) { // Virus found
|
|
$this->errors = array($errorstring, $output);
|
|
return -99;
|
|
}
|
|
|
|
if ($return_var > 0) { // If other error
|
|
$this->errors = array($errorstring, $output);
|
|
return -98;
|
|
}
|
|
|
|
// If return code = 0
|
|
return 1;
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
* Get full Command Line to run
|
|
*
|
|
* @param string $file File to scan
|
|
* @return string Full command line to run
|
|
*/
|
|
public function getCliCommand($file)
|
|
{
|
|
$maxreclevel = 5; // maximal recursion level
|
|
$maxfiles = 1000; // maximal number of files to be scanned within archive
|
|
$maxratio = 200; // maximal compression ratio
|
|
$bz2archivememlim = 0; // limit memory usage for bzip2 (0/1)
|
|
$maxfilesize = 10485760; // archived files larger than this value (in bytes) will not be scanned
|
|
|
|
$command = getDolGlobalString('MAIN_ANTIVIRUS_COMMAND');
|
|
$param = getDolGlobalString('MAIN_ANTIVIRUS_PARAM');
|
|
|
|
$param = preg_replace('/%maxreclevel/', (string) $maxreclevel, $param);
|
|
$param = preg_replace('/%maxfiles/', (string) $maxfiles, $param);
|
|
$param = preg_replace('/%maxratio/', (string) $maxratio, $param);
|
|
$param = preg_replace('/%bz2archivememlim/', (string) $bz2archivememlim, $param);
|
|
$param = preg_replace('/%maxfilesize/', (string) $maxfilesize, $param);
|
|
$param = preg_replace('/%file/', trim($file), $param);
|
|
|
|
if (!preg_match('/%file/', getDolGlobalString('MAIN_ANTIVIRUS_PARAM'))) {
|
|
$param = $param." ".escapeshellarg(trim($file));
|
|
}
|
|
|
|
if (preg_match("/\s/", $command)) {
|
|
$command = escapeshellarg($command); // Force use of quotes on command. Using escapeshellcmd fails.
|
|
}
|
|
|
|
$forbidden_chars_to_replace = array("*", "?", "\"", "<", ">", "|", "[", "]", ";", '°', '$');
|
|
$ret = dol_sanitizePathName($command).' '.dol_string_nospecial($param, '_', $forbidden_chars_to_replace);
|
|
|
|
//$ret=$command.' '.$param.' 2>&1';
|
|
//print "xx".$ret."xx";exit;
|
|
|
|
return $ret;
|
|
}
|
|
}
|