Rewrite warning comment and remove useless whitespace in whitelist.yar.

author: Jody Frankowski 2016-05-11 12:50:06 +0200
committer: Jody Frankowski 2016-05-11 12:50:06 +0200
commit: 4ed8b5611b54829662d52e6cca87e7cab92f5141 (patch)
tree: 14a9341c5917c19e354790fd3a24f1739ea54e15
parent: 7b5c5fd07fc4ff832f3e104f0bc6689073295ba5 (diff)
1 files changed, 13 insertions, 14 deletions
diff --git a/php-malware-finder/whitelist.yar b/php-malware-finder/whitelist.yar
index 3aab9c5..3de4db9 100644
--- a/php-malware-finder/whitelist.yar
+++ b/php-malware-finder/whitelist.yar
@@ -1,12 +1,12 @@
 /*
-    Careful; those rules are pretty heavy on computation,
+    Careful. Those rules are pretty heavy on computation
-    since the sha1sum my be recomputed for every since test;
+    since the sha1sum may be recomputed for every test.
-    please make sure that you're calling them after every other ones.
+    Please make sure that you're calling those rules after all the others.
 */
-private rule Symfony : Blog                                                     
+private rule Symfony : Blog
-{                                                                               
+{
-    condition:                                                                  
+    condition:
       hash.sha1(0, filesize) ==  "3006ce2ddce200e1c66185b95065dc7f9d224465" or // vendor/twig/twig/lib/Twig/Node/Macro.php
       hash.sha1(0, filesize) ==  "39bae7f6aa0f4affe06a0d7b7d8306e1e27e441e" or // vendor/doctrine/common/lib/Doctrine/Common/Proxy/ProxyGenerator.php
       hash.sha1(0, filesize) ==  "4848d9582a2205c1b037a542faa5ed1b755d6620" or // vendor/phpoffice/phpword/src/PhpWord/Shared/PCLZip/pclzip.lib.php
@@ -18,7 +18,7 @@ private rule Symfony : Blog
       hash.sha1(0, filesize) ==  "beea13bcbd977cb7ee29fdf4bca36c9c19e5a562" or // vendor/dompdf/dompdf/include/cellmap.cls.php
       hash.sha1(0, filesize) ==  "da96d532cc2f930449a4e19a0e280d759366a8de" or // vendor/dompdf/dompdf/include/style.cls.php
       hash.sha1(0, filesize) ==  "e4b9be9277626f5377ecb3306fd4f2fb7a99508f" // vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/SimpleMailInvoker.php
-}                                                                               
+}
 private rule Wordpress : Blog
 {
@@ -32,8 +32,8 @@ private rule Wordpress : Blog
        hash.sha1(0, filesize)  == "e7caf1f66c38bb119fe709ade012a989d8610f07" or // wp-admin/includes/class-pclzip.php
        hash.sha1(0, filesize)  == "8ddb9eff06105b9699c6b03db54472291abcb823" or // wp-includes/taxonomy.php
        hash.sha1(0, filesize)  == "9dd666651f57ef6e704310fe37ffce7dfd2322e4" or // wp-includes/comment.php
-        
-        /* Wordpress 3.9 */                                                     
+        /* Wordpress 3.9 */
        hash.sha1(0, filesize)  == "b20e3d401b0ab935ed6401392233b36966523e20" or // wp-includes/class-pop3.php
        hash.sha1(0, filesize)  == "3748c7a2150a9da2d2dda10062b00d34982b3d87" or // wp-includes/taxonomy.php
        hash.sha1(0, filesize)  == "1a4e6932523c34d95f050960e7c3d082adb28156" or // wp-includes/ID3/getid3.php
@@ -41,7 +41,7 @@ private rule Wordpress : Blog
        hash.sha1(0, filesize)  == "c605d1224cf4b24ad2457dd87885de9030e20731" or // wp-includes/SimplePie/File.php
        hash.sha1(0, filesize)  == "005f02927a6904c4e7f3b88ebdd9feaa6221790b" or // wp-includes/class-phpmailer.php
        hash.sha1(0, filesize)  == "12b433cc24cca9747b1fcb1132ffb6b1e6ab75b0" or // wp-includes/comment.php
-        
        /* Wordpress 3.5.1 */
        hash.sha1(0, filesize)  == "833281b4d1113180e4d1ca026f5e85a680d52662" or // wp-includes/class-phpmailer.php
        hash.sha1(0, filesize)  == "b4e4b88f2be38ed9c3147b77c2f3a7f929caba2c" or // wp-admin/includes/menu.php
@@ -91,9 +91,8 @@ private rule Drupal : Blog
        /* Drupal 7.38 */
        hash.sha1(0, filesize) == "ad7587ce735352b6a55526005c05c280e9d41822" or // modules/system/system.admin.inc
        hash.sha1(0, filesize) == "dfa67a40daeb9c1dd28f3fab00097852243258ed" or // modules/system/system.module
-        
-        /* Drupal 7.33 */                                                       
+        /* Drupal 7.33 */
-                                                                                
        hash.sha1(0, filesize) == "19c45985dfee7dc27a3a275542dee7c8fc7ebd6d" or // modules/simpletest/drupal_web_test_case.php
        hash.sha1(0, filesize) == "e53ae29f02d7bd8667ce701b6d13ca71249e6598" or // modules/contrib/simplenews/tests/d6_simplenews_61.php
        hash.sha1(0, filesize) == "5e1093b4d8bcb438b07e8a428957bd3f79c1042c" or // modules/contrib/simplenews/tests/d6_simplenews_62.php
@@ -101,7 +100,7 @@ private rule Drupal : Blog
        hash.sha1(0, filesize) == "c748f376cccb982448e99dee184dfec3a1979f44" or // modules/socials/og/tests/drupal-7.og.update_7001.database.php
        hash.sha1(0, filesize) == "1335f535e2b20634fa8be3e95411921dfe47041d" or // modules/socials/og/tests/drupal-6.og.database.php
        hash.sha1(0, filesize) == "10aa23f49747970a204c5df98d4c36e64e354760" or // modules/socials/og/og_ui/tests/drupal-6.og-ui.database.php
-       
        /* Drupal 7.15 */
        hash.sha1(0, filesize)  == "23cc0e2c6eebe94fe189e258a3658b40b0005891" or // modules/simpletest/tests/upgrade/drupal-6.bare.database.php
        hash.sha1(0, filesize)  == "8cb36d865b951378c3266dca7d5173a303e8dcff" or // modules/simpletest/tests/upgrade/drupal-6.filled.database.php
author	Jody Frankowski	2016-05-11 12:50:06 +0200
committer	Jody Frankowski	2016-05-11 12:50:06 +0200
commit	4ed8b5611b54829662d52e6cca87e7cab92f5141 (patch)
tree	14a9341c5917c19e354790fd3a24f1739ea54e15
parent	7b5c5fd07fc4ff832f3e104f0bc6689073295ba5 (diff)

diff --git a/php-malware-finder/whitelist.yar b/php-malware-finder/whitelist.yar index 3aab9c5..3de4db9 100644 --- a/php-malware-finder/whitelist.yar +++ b/php-malware-finder/whitelist.yar
@@ -1,12 +1,12 @@
1	/*	1	/*
2	Careful; those rules are pretty heavy on computation,	2	Careful. Those rules are pretty heavy on computation
3	since the sha1sum my be recomputed for every since test;	3	since the sha1sum may be recomputed for every test.
4	please make sure that you're calling them after every other ones.	4	Please make sure that you're calling those rules after all the others.
5	*/	5	*/
6		6
7	private rule Symfony : Blog	7	private rule Symfony : Blog
8	{	8	{
9	condition:	9	condition:
10	hash.sha1(0, filesize) == "3006ce2ddce200e1c66185b95065dc7f9d224465" or // vendor/twig/twig/lib/Twig/Node/Macro.php	10	hash.sha1(0, filesize) == "3006ce2ddce200e1c66185b95065dc7f9d224465" or // vendor/twig/twig/lib/Twig/Node/Macro.php
11	hash.sha1(0, filesize) == "39bae7f6aa0f4affe06a0d7b7d8306e1e27e441e" or // vendor/doctrine/common/lib/Doctrine/Common/Proxy/ProxyGenerator.php	11	hash.sha1(0, filesize) == "39bae7f6aa0f4affe06a0d7b7d8306e1e27e441e" or // vendor/doctrine/common/lib/Doctrine/Common/Proxy/ProxyGenerator.php
12	hash.sha1(0, filesize) == "4848d9582a2205c1b037a542faa5ed1b755d6620" or // vendor/phpoffice/phpword/src/PhpWord/Shared/PCLZip/pclzip.lib.php	12	hash.sha1(0, filesize) == "4848d9582a2205c1b037a542faa5ed1b755d6620" or // vendor/phpoffice/phpword/src/PhpWord/Shared/PCLZip/pclzip.lib.php
@@ -18,7 +18,7 @@ private rule Symfony : Blog
18	hash.sha1(0, filesize) == "beea13bcbd977cb7ee29fdf4bca36c9c19e5a562" or // vendor/dompdf/dompdf/include/cellmap.cls.php	18	hash.sha1(0, filesize) == "beea13bcbd977cb7ee29fdf4bca36c9c19e5a562" or // vendor/dompdf/dompdf/include/cellmap.cls.php
19	hash.sha1(0, filesize) == "da96d532cc2f930449a4e19a0e280d759366a8de" or // vendor/dompdf/dompdf/include/style.cls.php	19	hash.sha1(0, filesize) == "da96d532cc2f930449a4e19a0e280d759366a8de" or // vendor/dompdf/dompdf/include/style.cls.php
20	hash.sha1(0, filesize) == "e4b9be9277626f5377ecb3306fd4f2fb7a99508f" // vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/SimpleMailInvoker.php	20	hash.sha1(0, filesize) == "e4b9be9277626f5377ecb3306fd4f2fb7a99508f" // vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/SimpleMailInvoker.php
21	}	21	}
22		22
23	private rule Wordpress : Blog	23	private rule Wordpress : Blog
24	{	24	{
@@ -32,8 +32,8 @@ private rule Wordpress : Blog
32	hash.sha1(0, filesize) == "e7caf1f66c38bb119fe709ade012a989d8610f07" or // wp-admin/includes/class-pclzip.php	32	hash.sha1(0, filesize) == "e7caf1f66c38bb119fe709ade012a989d8610f07" or // wp-admin/includes/class-pclzip.php
33	hash.sha1(0, filesize) == "8ddb9eff06105b9699c6b03db54472291abcb823" or // wp-includes/taxonomy.php	33	hash.sha1(0, filesize) == "8ddb9eff06105b9699c6b03db54472291abcb823" or // wp-includes/taxonomy.php
34	hash.sha1(0, filesize) == "9dd666651f57ef6e704310fe37ffce7dfd2322e4" or // wp-includes/comment.php	34	hash.sha1(0, filesize) == "9dd666651f57ef6e704310fe37ffce7dfd2322e4" or // wp-includes/comment.php
35		35
36	/* Wordpress 3.9 */	36	/* Wordpress 3.9 */
37	hash.sha1(0, filesize) == "b20e3d401b0ab935ed6401392233b36966523e20" or // wp-includes/class-pop3.php	37	hash.sha1(0, filesize) == "b20e3d401b0ab935ed6401392233b36966523e20" or // wp-includes/class-pop3.php
38	hash.sha1(0, filesize) == "3748c7a2150a9da2d2dda10062b00d34982b3d87" or // wp-includes/taxonomy.php	38	hash.sha1(0, filesize) == "3748c7a2150a9da2d2dda10062b00d34982b3d87" or // wp-includes/taxonomy.php
39	hash.sha1(0, filesize) == "1a4e6932523c34d95f050960e7c3d082adb28156" or // wp-includes/ID3/getid3.php	39	hash.sha1(0, filesize) == "1a4e6932523c34d95f050960e7c3d082adb28156" or // wp-includes/ID3/getid3.php
@@ -41,7 +41,7 @@ private rule Wordpress : Blog
41	hash.sha1(0, filesize) == "c605d1224cf4b24ad2457dd87885de9030e20731" or // wp-includes/SimplePie/File.php	41	hash.sha1(0, filesize) == "c605d1224cf4b24ad2457dd87885de9030e20731" or // wp-includes/SimplePie/File.php
42	hash.sha1(0, filesize) == "005f02927a6904c4e7f3b88ebdd9feaa6221790b" or // wp-includes/class-phpmailer.php	42	hash.sha1(0, filesize) == "005f02927a6904c4e7f3b88ebdd9feaa6221790b" or // wp-includes/class-phpmailer.php
43	hash.sha1(0, filesize) == "12b433cc24cca9747b1fcb1132ffb6b1e6ab75b0" or // wp-includes/comment.php	43	hash.sha1(0, filesize) == "12b433cc24cca9747b1fcb1132ffb6b1e6ab75b0" or // wp-includes/comment.php
44		44
45	/* Wordpress 3.5.1 */	45	/* Wordpress 3.5.1 */
46	hash.sha1(0, filesize) == "833281b4d1113180e4d1ca026f5e85a680d52662" or // wp-includes/class-phpmailer.php	46	hash.sha1(0, filesize) == "833281b4d1113180e4d1ca026f5e85a680d52662" or // wp-includes/class-phpmailer.php
47	hash.sha1(0, filesize) == "b4e4b88f2be38ed9c3147b77c2f3a7f929caba2c" or // wp-admin/includes/menu.php	47	hash.sha1(0, filesize) == "b4e4b88f2be38ed9c3147b77c2f3a7f929caba2c" or // wp-admin/includes/menu.php
@@ -91,9 +91,8 @@ private rule Drupal : Blog
91	/* Drupal 7.38 */	91	/* Drupal 7.38 */
92	hash.sha1(0, filesize) == "ad7587ce735352b6a55526005c05c280e9d41822" or // modules/system/system.admin.inc	92	hash.sha1(0, filesize) == "ad7587ce735352b6a55526005c05c280e9d41822" or // modules/system/system.admin.inc
93	hash.sha1(0, filesize) == "dfa67a40daeb9c1dd28f3fab00097852243258ed" or // modules/system/system.module	93	hash.sha1(0, filesize) == "dfa67a40daeb9c1dd28f3fab00097852243258ed" or // modules/system/system.module
94		94
95	/* Drupal 7.33 */	95	/* Drupal 7.33 */
96
97	hash.sha1(0, filesize) == "19c45985dfee7dc27a3a275542dee7c8fc7ebd6d" or // modules/simpletest/drupal_web_test_case.php	96	hash.sha1(0, filesize) == "19c45985dfee7dc27a3a275542dee7c8fc7ebd6d" or // modules/simpletest/drupal_web_test_case.php
98	hash.sha1(0, filesize) == "e53ae29f02d7bd8667ce701b6d13ca71249e6598" or // modules/contrib/simplenews/tests/d6_simplenews_61.php	97	hash.sha1(0, filesize) == "e53ae29f02d7bd8667ce701b6d13ca71249e6598" or // modules/contrib/simplenews/tests/d6_simplenews_61.php
99	hash.sha1(0, filesize) == "5e1093b4d8bcb438b07e8a428957bd3f79c1042c" or // modules/contrib/simplenews/tests/d6_simplenews_62.php	98	hash.sha1(0, filesize) == "5e1093b4d8bcb438b07e8a428957bd3f79c1042c" or // modules/contrib/simplenews/tests/d6_simplenews_62.php
@@ -101,7 +100,7 @@ private rule Drupal : Blog
101	hash.sha1(0, filesize) == "c748f376cccb982448e99dee184dfec3a1979f44" or // modules/socials/og/tests/drupal-7.og.update_7001.database.php	100	hash.sha1(0, filesize) == "c748f376cccb982448e99dee184dfec3a1979f44" or // modules/socials/og/tests/drupal-7.og.update_7001.database.php
102	hash.sha1(0, filesize) == "1335f535e2b20634fa8be3e95411921dfe47041d" or // modules/socials/og/tests/drupal-6.og.database.php	101	hash.sha1(0, filesize) == "1335f535e2b20634fa8be3e95411921dfe47041d" or // modules/socials/og/tests/drupal-6.og.database.php
103	hash.sha1(0, filesize) == "10aa23f49747970a204c5df98d4c36e64e354760" or // modules/socials/og/og_ui/tests/drupal-6.og-ui.database.php	102	hash.sha1(0, filesize) == "10aa23f49747970a204c5df98d4c36e64e354760" or // modules/socials/og/og_ui/tests/drupal-6.og-ui.database.php
104		103
105	/* Drupal 7.15 */	104	/* Drupal 7.15 */
106	hash.sha1(0, filesize) == "23cc0e2c6eebe94fe189e258a3658b40b0005891" or // modules/simpletest/tests/upgrade/drupal-6.bare.database.php	105	hash.sha1(0, filesize) == "23cc0e2c6eebe94fe189e258a3658b40b0005891" or // modules/simpletest/tests/upgrade/drupal-6.bare.database.php
107	hash.sha1(0, filesize) == "8cb36d865b951378c3266dca7d5173a303e8dcff" or // modules/simpletest/tests/upgrade/drupal-6.filled.database.php	106	hash.sha1(0, filesize) == "8cb36d865b951378c3266dca7d5173a303e8dcff" or // modules/simpletest/tests/upgrade/drupal-6.filled.database.php