mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-31 20:00:37 +02:00
Code Issues Releases Wiki Activity

Validation bits improvement for e_file_inspector

Browse Source 
Now File Inspector detects old files regardless of their hash value.
This commit is contained in:
Nick Liu
2020-03-27 01:18:34 -05:00
parent 6095c94de3
commit 00d171473e
5 changed files with 41 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
e107_admin/core_image.php
View File

Binary file not shown.

22
e107_admin/fileinspector.php
View File

@@ -569,8 +569,8 @@ class file_inspector {
$fileSize = filesize($absolutePath);
$this->count[$category]['size'] += $fileSize;
if ($validationCode & e_file_inspector::VALIDATED_RELEVANCE &&
$validationCode & e_file_inspector::VALIDATED_PRESENCE)
if ($validationCode & e_file_inspector::VALIDATED_PATH_VERSION &&
$validationCode & e_file_inspector::VALIDATED_FILE_EXISTS)
$this->count['core']['size'] += $fileSize;
}
@@ -672,16 +672,18 @@ class file_inspector {
{
if ($validationCode & e_file_inspector::VALIDATED)
return 'check';
if (!($validationCode & e_file_inspector::VALIDATED_RELEVANCE))
if (!($validationCode & e_file_inspector::VALIDATED_PATH_KNOWN))
return 'unknown';
if (!($validationCode & e_file_inspector::VALIDATED_SECURITY))
if (!($validationCode & e_file_inspector::VALIDATED_PATH_VERSION))
return 'old';
if (!($validationCode & e_file_inspector::VALIDATED_FILE_SECURITY))
return 'warning';
if (!($validationCode & e_file_inspector::VALIDATED_PRESENCE))
if (!($validationCode & e_file_inspector::VALIDATED_FILE_EXISTS))
return 'missing';
if (!($validationCode & e_file_inspector::VALIDATED_DETERMINABLE))
if (!($validationCode & e_file_inspector::VALIDATED_HASH_CALCULABLE))
return 'uncalc';
if (!($validationCode & e_file_inspector::VALIDATED_UPTODATE))
if ($validationCode & e_file_inspector::VALIDATED_HASH)
if (!($validationCode & e_file_inspector::VALIDATED_HASH_CURRENT))
if ($validationCode & e_file_inspector::VALIDATED_HASH_EXISTS)
return 'old';
else
return 'fail';
@@ -829,8 +831,8 @@ class file_inspector {
$category = $this->statusToLegacyCountCategory($status);
$this->count[$category]['num']++;
if ($validationCode & e_file_inspector::VALIDATED_RELEVANCE &&
$validationCode & e_file_inspector::VALIDATED_PRESENCE)
if ($validationCode & e_file_inspector::VALIDATED_PATH_VERSION &&
$validationCode & e_file_inspector::VALIDATED_FILE_EXISTS)
$this->count['core']['num']++;
});

16
e107_handlers/e_file_inspector.php
View File

@@ -69,18 +69,20 @@ abstract class e_file_inspector implements e_file_inspector_interface
$bits = 0x0;
$absolutePath = realpath(e_BASE . $path);
$dbChecksums = $this->getChecksums($path);
$dbChecksum = $this->getChecksum($path, $version);
$actualChecksum = $dbChecksum ? $this->checksumPath($absolutePath) : null;
if ($dbChecksum !== false) $bits |= self::VALIDATED_RELEVANCE;
if (file_exists($absolutePath)) $bits |= self::VALIDATED_PRESENCE;
if (!$this->isInsecure($path)) $bits |= self::VALIDATED_SECURITY;
if ($this->isDeterminable($absolutePath)) $bits |= self::VALIDATED_DETERMINABLE;
if ($actualChecksum === $dbChecksum) $bits |= self::VALIDATED_UPTODATE;
if (!empty($dbChecksums)) $bits |= self::VALIDATED_PATH_KNOWN;
if ($dbChecksum !== false) $bits |= self::VALIDATED_PATH_VERSION;
if (file_exists($absolutePath)) $bits |= self::VALIDATED_FILE_EXISTS;
if (!$this->isInsecure($path)) $bits |= self::VALIDATED_FILE_SECURITY;
if ($this->isDeterminable($absolutePath)) $bits |= self::VALIDATED_HASH_CALCULABLE;
if ($actualChecksum === $dbChecksum) $bits |= self::VALIDATED_HASH_CURRENT;
foreach ($this->getChecksums($path) as $dbVersion => $dbChecksum)
foreach ($dbChecksums as $dbVersion => $dbChecksum)
{
if ($dbChecksum === $actualChecksum) $bits |= self::VALIDATED_HASH;
if ($dbChecksum === $actualChecksum) $bits |= self::VALIDATED_HASH_EXISTS;
}
if ($bits + self::VALIDATED === $this->getValidatedBitmask()) $bits |= self::VALIDATED;

19
e107_handlers/e_file_inspector_interface.php
View File

@@ -18,32 +18,37 @@ interface e_file_inspector_interface
* TRUE: The file path is known in this database, regardless of version.
* FALSE: The file path is not in this database.
*/
const VALIDATED_RELEVANCE = 1 << 1;
const VALIDATED_PATH_KNOWN = 1 << 1;
/**
* TRUE: The file path and specified version have a hash in this database.
* FALSE: There is no hash for the file path and specified version.
*/
const VALIDATED_PATH_VERSION = 1 << 2;
/**
* TRUE: The file exists.
* FALSE: The file doesn't exist.
*/
const VALIDATED_PRESENCE = 1 << 2;
const VALIDATED_FILE_EXISTS = 1 << 3;
/**
* TRUE: The file's hash matches a known version.
* TRUE: The file's hash matches any known version.
* FALSE: The file's hash does not match any known versions.
*/
const VALIDATED_HASH = 1 << 3;
const VALIDATED_HASH_EXISTS = 1 << 4;
/**
* TRUE: The file's hash matches the specified version.
* FALSE: The file's hash matches a newer or older version than the one specified.
*/
const VALIDATED_UPTODATE = 1 << 4;
const VALIDATED_HASH_CURRENT = 1 << 5;
/**
* TRUE: The file hash is calculable.
* FALSE: The file hash is not calculable (e.g. the core image itself, a user config file, a nonexistent file).
*/
const VALIDATED_DETERMINABLE = 1 << 5;
const VALIDATED_HASH_CALCULABLE = 1 << 6;
/**
* TRUE: The file is not known to be insecure.
* FALSE: The file should be deleted due to security concerns.
*/
const VALIDATED_SECURITY = 1 << 6;
const VALIDATED_FILE_SECURITY = 1 << 7;
/**
* Return an Iterator that can enumerate every path in the image database

15
e107_tests/tests/unit/e_file_inspectorTest.php
View File

@@ -53,15 +53,16 @@ class e_file_inspectorTest extends \Codeception\Test\Unit
{
$result = $this->e_integrity->validate("index.php");
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_RELEVANCE);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_PRESENCE);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_HASH);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_UPTODATE);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_DETERMINABLE);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_SECURITY);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_PATH_KNOWN);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_PATH_VERSION);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_FILE_EXISTS);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_HASH_EXISTS);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_HASH_CURRENT);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_HASH_CALCULABLE);
$this->assertGreaterThanOrEqual(1, $result & e_file_inspector::VALIDATED_FILE_SECURITY);
$result = $this->e_integrity->validate("file/does/not/exist.php");
$this->assertEquals(0, $result & e_file_inspector::VALIDATED_PRESENCE);
$this->assertEquals(0, $result & e_file_inspector::VALIDATED_FILE_EXISTS);
}
public function testCustomPathToDefaultPath()