Skip to content
This repository was archived by the owner on Mar 3, 2024. It is now read-only.

Commit

Permalink
typos and Complex (curly) syntax fixed
Browse files Browse the repository at this point in the history 
fixed typos.(Secend param of substr function "," by ".")
fixed checklist with complex curly syntax. thanks to
https://github.com/chinurho to report it.
  • Loading branch information
@cfc4n
cfc4n committed May 27, 2014
1 parent 16de581 commit 9383a4a
Show file tree
Hide file tree
Showing 3 changed files with 74 additions and 28 deletions.
48 changes: 35 additions & 13 deletions Pecker/Scanner.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
* @license http://www.fsf.org/copyleft/gpl.html GNU public license
* @author CFC4N <cfc4n@cnxct.com>
* @package Scanner
* @version $Id: Scanner.php 29 2014-03-06 12:55:31Z cfc4n $
* @version $Id: Scanner.php 31 2014-05-27 08:09:52Z cfc4n $
*/
class Pecker_Scanner
{
Expand Down Expand Up @@ -56,7 +56,7 @@ public function setPath($path)
{
if (substr($path,-1) == '/' || substr($path,-1) == '\\')
{
$path = substr($path, 0.-1);
$path = substr($path, 0,-1);
}
if (!is_dir($path))
{
Expand Down Expand Up @@ -169,9 +169,12 @@ public function ScanCode($code)
private function checkTokens(array $tokens)
{
$i = 0;
$curly = false;
$curly_str = '';
$curly_num = 0;
foreach ($tokens as $k => $token)
{
if (is_array($token))
if (!$curly && is_array($token))
{
switch ($token[0])
{
Expand All @@ -186,7 +189,6 @@ private function checkTokens(array $tokens)
break;
case T_VARIABLE:
$ntoken = $this->parser->getNextToken($k);
// var_dump($token,$ntoken);exit();
$ptoken = $this->parser->getPreToken($k);
if ($ntoken === '(' && $ptoken != '->' && $ptoken !== '::' && $ptoken !== 'function' && $ptoken !== 'new')
{
Expand Down Expand Up @@ -240,6 +242,32 @@ private function checkTokens(array $tokens)
default:
}
}
elseif ($curly)
{
//Complex (curly) syntax
if (!is_array($token))
{
if ($token === '{')
{
$curly_str .= '{';
$curly_num ++;
}
elseif($token === '}')
{
$curly_str .= '}';
$curly_num --;
}
}
else
{
$curly_str .= $token[1];
}
if ($curly_num == 0)
{
$curly = false;
$this->report->catchLog($curly_str, 0,$this->parser->getPieceTokenAll($k));
}
}
elseif($token === '$')
{
/**
Expand All @@ -260,15 +288,9 @@ private function checkTokens(array $tokens)
$nt = $this->parser->getVariableToken($k);
if ($nt['token'] === '{')
{
$nt1 = $this->parser->getVariableToken($k+$nt['key']+1);
if ($nt1['token'] === '}' && $this->parser->getNextToken($k+$nt['key']+$nt1['key']+2) === '(')
{
$this->report->catchLog('${'.$nt1['func'].'}', 0,$this->parser->getPieceTokenAll($nt1['key']+$k+1));
}
}
elseif($nt['token'] === '(')
{
$this->report->catchLog('$'.$nt['func'], 0,$this->parser->getPieceTokenAll($nt['key']+$k));
$curly = true;
$curly_str = '$';
$curly_num = 0;
}
}
}
Expand Down
47 changes: 35 additions & 12 deletions PeckerLite/PeckerScanner.lite.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
* @license http://www.fsf.org/copyleft/gpl.html GNU public license
* @author CFC4N <cfc4n@cnxct.com>
* @package Lexer All
* @version $Id: PeckerScanner.lite.php 29 2014-03-06 12:55:31Z cfc4n $
* @version $Id: PeckerScanner.lite.php 31 2014-05-27 08:09:52Z cfc4n $
*/

class Pecker_Scanner
Expand Down Expand Up @@ -59,7 +59,7 @@ public function setPath($path)
{
if (substr($path,-1) == '/' || substr($path,-1) == '\\')
{
$path = substr($path, 0.-1);
$path = substr($path, 0,-1);
}
if (!is_dir($path))
{
Expand Down Expand Up @@ -172,9 +172,12 @@ public function ScanCode($code)
private function checkTokens(array $tokens)
{
$i = 0;
$curly = false;
$curly_str = '';
$curly_num = 0;
foreach ($tokens as $k => $token)
{
if (is_array($token))
if (!$curly && is_array($token))
{
switch ($token[0])
{
Expand Down Expand Up @@ -243,6 +246,32 @@ private function checkTokens(array $tokens)
default:
}
}
elseif ($curly)
{
//Complex (curly) syntax
if (!is_array($token))
{
if ($token === '{')
{
$curly_str .= '{';
$curly_num ++;
}
elseif($token === '}')
{
$curly_str .= '}';
$curly_num --;
}
}
else
{
$curly_str .= $token[1];
}
if ($curly_num == 0)
{
$curly = false;
$this->report->catchLog($curly_str, 0,$this->parser->getPieceTokenAll($k));
}
}
elseif($token === '$')
{
/**
Expand All @@ -263,15 +292,9 @@ private function checkTokens(array $tokens)
$nt = $this->parser->getVariableToken($k);
if ($nt['token'] === '{')
{
$nt1 = $this->parser->getVariableToken($k+$nt['key']+1);
if ($nt1['token'] === '}' && $this->parser->getNextToken($k+$nt['key']+$nt1['key']+2) === '(')
{
$this->report->catchLog('${'.$nt1['func'].'}', 0,$this->parser->getPieceTokenAll($nt1['key']+$k+1));
}
}
elseif($nt['token'] === '(')
{
$this->report->catchLog('$'.$nt['func'], 0,$this->parser->getPieceTokenAll($nt['key']+$k));
$curly = true;
$curly_str = '$';
$curly_num = 0;
}
}
}
Expand Down
7 changes: 4 additions & 3 deletions test/1.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
* @license http://www.fsf.org/copyleft/gpl.html GNU public license
* @author CFC4N <cfc4n@cnxct.com>
* @package demo
* @version $Id: 1.php 29 2014-03-06 12:55:31Z cfc4n $
* @version $Id: 1.php 31 2014-05-27 08:09:52Z cfc4n $
*/

$str = 'base64_decode';
Expand Down Expand Up @@ -65,8 +65,9 @@ function exec() //pass
${2+1}(); //get it
${2+1}; //pass
${@func}; //pass


$evil = '';
${ $ {func}}($evil); //get it
${(array)function(){}}($evil); //get it
@preg_replace("/[pageerror]/e",$_POST['error'],"cfc"); //get it
header('HTTP/1.1 404 Not Found');

Expand Down

0 comments on commit 9383a4a

Please sign in to comment.