isFileSafe($fileItem->getPath()); } /** * return false if its a malicious file * * @param string $filePath path of file * @param string $name original filename with extension * @return bool */ public function isFileSafe($filePath, $name = ""){ $ret = false; $process = new Process('clamdscan "' . $filePath . '"'); $process->setTimeout(10); $process->run(); $output = $process->getOutput(); preg_match_all('@Infected\sfiles\s{0,1}:\s{0,1}([0-9]{1,})@mi', $output, $output_array); if(isset($output_array[1][0])) $reported = (int)$output_array[1][0]; else $reported = 0; /** * https://hackerone.com/reports/148853 * https://imagetragick.com/ */ if(\str_contains('.svg',$name) || \mime_content_type($filePath) === 'image/svg+xml'){ $fc = file_get_contents($filePath); $rep = [ '##i', '#image\sxlink:href="(.+)"(\s|\n)#is' ]; foreach($rep as $regex){ preg_match($regex, $fc, $output_array); if(!empty($output_array)){ $reported++; } } } /** * https://imagetragick.com/ */ if(\str_contains('.mvg',$name)){ $fc = file_get_contents($filePath); $rep = [ '##i', "#'url\((.+)\)'#is", '#"|#is', '#:\/#i', '#:@\/#i', '#image\sxlink:href="(.+)"(\s|\n)#is' ]; foreach($rep as $regex){ preg_match($regex, $fc, $output_array); if(!empty($output_array)){ $reported++; } } } if($reported > 0) $ret = false; else $ret = true; return $ret; } }