From 696ebc4ae68f4c7c2b803c917de365b98621b3a8 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Mon, 12 Feb 2018 13:55:33 +0100
Subject: Provide a script for upload validation

The Python script is using vld (https://derickrethans.nl/projects.html#vld) to check for malicious opcodes.---
 scripts/upload_validation.py | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100755 scripts/upload_validation.py

(limited to 'scripts/upload_validation.py')

diff --git a/scripts/upload_validation.py b/scripts/upload_validation.py
new file mode 100755
index 0000000..fb1e05f
--- /dev/null
+++ b/scripts/upload_validation.py
@@ -0,0 +1,38 @@
+#!/usr/bin/python
+
+import sys
+import subprocess
+
+WHITELIST = ('ECHO', 'RETURN', 'PHP', 'NOP')
+
+def check(filename):
+    try:
+        output = subprocess.check_output(["php",
+            "-d", "vld.active=1",
+            "-d", "vld.execute=0",
+            "-d", "extension=vld.so",
+            "-d", "vld.format=1",
+            "-d", "vld.col_sep=@",
+            "-d", "log_errors=0",
+            filename],
+            stderr=subprocess.STDOUT)
+    except subprocess.CalledProcessError as e:
+        print("Error: %s" % e)
+        return 2
+
+    for line in output.splitlines()[8:]:
+        sp = line.split('@')
+        if len(sp) < 5:
+            continue
+        opcode = sp[4]  # ,line, #, EIO, op, fetch, ext, return, operands
+        if opcode not in WHITELIST:
+            print("Upload_validation: Found an opcode: %s" % opcode)
+            return 1
+    return 0
+
+
+if __name__ == '__main__':
+    if len(sys.argv) != 2:
+        print('Usage: %0 file_to_test.php', sys.argv[0])
+    else:
+        sys.exit(check(sys.argv[1]))
-- 
cgit v1.3