1 files changed, 45 insertions, 0 deletions
diff --git a/scripts/upload_validation.php b/scripts/upload_validation.php
new file mode 100755
index 0000000..6788d57
--- /dev/null
+++ b/scripts/upload_validation.php
@@ -0,0 +1,45 @@
+#!/usr/bin/env php
+<?php
+function check($filename) {
+        $whitelist = ['ECHO', 'RETURN', 'PHP', 'NOP'];
+        $out = [];
+        $ret = 0;
+        $cmd = [
+                PHP_BINARY,
+                "-d", "vld.active=1",
+                "-d", "vld.execute=0",
+                "-d", "extension=vld.so",
+                "-d", "vld.format=1",
+                "-d", "vld.col_sep=@",
+                "-d", "log_errors=0",
+                "-d", "error_log=/dev/null",
+                escapeshellarg($filename),
+                '2>&1',
+                ];
+        exec(implode(' ', $cmd), $out, $ret);
+        if ($ret) {
+        printf("Error: %d\n", $ret);
+                return 2;
+        }
+        foreach($out as $line) {
+                $sp = explode('@', $line);
+                if (count($sp) < 5) {
+                        continue;
+                }
+                $opcode = $sp[4]; // # ,line, #, EIO, op, fetch, ext, return, operands
+                if ($opcode && !in_array($opcode, $whitelist)) {
+                        printf("Upload_validation: Found an opcode: %s\n", $opcode);
+                        return 1;
+                }
+        }
+        return 0;
+}
+if ($_SERVER['argc'] != 2) {
+        die("Usage: {$_SERVER['argv']['0']} file_to_test.php\n");
+}
+exit(check($_SERVER['argv']['1']));

diff --git a/scripts/upload_validation.php b/scripts/upload_validation.php new file mode 100755 index 0000000..6788d57 --- /dev/null +++ b/scripts/upload_validation.php
@@ -0,0 +1,45 @@
	1	#!/usr/bin/env php
	2	<?php
	3
	4	function check($filename) {
	5
	6	$whitelist = ['ECHO', 'RETURN', 'PHP', 'NOP'];
	7
	8	$out = [];
	9	$ret = 0;
	10	$cmd = [
	11	PHP_BINARY,
	12	"-d", "vld.active=1",
	13	"-d", "vld.execute=0",
	14	"-d", "extension=vld.so",
	15	"-d", "vld.format=1",
	16	"-d", "vld.col_sep=@",
	17	"-d", "log_errors=0",
	18	"-d", "error_log=/dev/null",
	19	escapeshellarg($filename),
	20	'2>&1',
	21	];
	22	exec(implode(' ', $cmd), $out, $ret);
	23	if ($ret) {
	24	printf("Error: %d\n", $ret);
	25	return 2;
	26	}
	27	foreach($out as $line) {
	28	$sp = explode('@', $line);
	29	if (count($sp) < 5) {
	30	continue;
	31	}
	32	$opcode = $sp[4]; // # ,line, #, EIO, op, fetch, ext, return, operands
	33	if ($opcode && !in_array($opcode, $whitelist)) {
	34	printf("Upload_validation: Found an opcode: %s\n", $opcode);
	35	return 1;
	36	}
	37	}
	38	return 0;
	39	}
	40
	41	if ($_SERVER['argc'] != 2) {
	42	die("Usage: {$_SERVER['argv']['0']} file_to_test.php\n");
	43	}
	44	exit(check($_SERVER['argv']['1']));
	45