bugfix for isRecordExists

Author: exploit

CFGGenerator.php

@@ -1088,30 +1088,30 @@ public function sinkTracebackBlock($argName,$block,$flowsNum){
 	}
 }
 
-//扫描漏洞类型
-$scan_type = 'ALL';
-echo "<pre>" ;
-//从用户那接受项目路径
-// $project_path = 'C:/users/xyw55/Desktop/test/simple-log_v1.3.1/upload';
-// $allFiles = FileUtils::getPHPfile($project_path);
-// //初始化
-// $initModule = new InitModule() ;
-// $initModule->init($project_path) ;
+// //扫描漏洞类型
+// $scan_type = 'ALL';
+// echo "<pre>" ;
+// //从用户那接受项目路径
+// // $project_path = 'C:/users/xyw55/Desktop/test/simple-log_v1.3.1/upload';
+// // $allFiles = FileUtils::getPHPfile($project_path);
+// // //初始化
+// // $initModule = new InitModule() ;
+// // $initModule->init($project_path) ;
 
-$cfg = new CFGGenerator() ;
-$visitor = new MyVisitor() ;
-$parser = new PhpParser\Parser(new PhpParser\Lexer\Emulative) ;
-$traverser = new PhpParser\NodeTraverser ;
-$path = CURR_PATH . '/test/test.php';
-$cfg->getFileSummary()->setPath($path);
-$code = file_get_contents($path);
-$stmts = $parser->parse($code) ;
-$traverser->addVisitor($visitor) ;
-$traverser->traverse($stmts) ;
-$nodes = $visitor->getNodes() ;
-$pEntryBlock = new BasicBlock() ;
-$pEntryBlock->is_entry = true ;
-$ret = $cfg->CFGBuilder($nodes, NULL, NULL, NULL) ;
+// $cfg = new CFGGenerator() ;
+// $visitor = new MyVisitor() ;
+// $parser = new PhpParser\Parser(new PhpParser\Lexer\Emulative) ;
+// $traverser = new PhpParser\NodeTraverser ;
+// $path = CURR_PATH . '/test/test.php';
+// $cfg->getFileSummary()->setPath($path);
+// $code = file_get_contents($path);
+// $stmts = $parser->parse($code) ;
+// $traverser->addVisitor($visitor) ;
+// $traverser->traverse($stmts) ;
+// $nodes = $visitor->getNodes() ;
+// $pEntryBlock = new BasicBlock() ;
+// $pEntryBlock->is_entry = true ;
+// $ret = $cfg->CFGBuilder($nodes, NULL, NULL, NULL) ;
 
 
 ?>

analyser/TaintAnalyser.class.php

@@ -611,12 +611,12 @@ public function analysis($block, $node, $argName, $fileSummary){
 	 * @param string 漏洞的类型
 	 */
 	public function report($node_path, $var_path, $node, $var, $type){
-		echo "<pre>" ;
-		echo "有漏洞=====>". $type ."<br/>" ;
-		echo "漏洞变量：<br/>" ;
-		print_r($var) ;
-		echo "漏洞节点：<br/>" ;
-		print_r($node) ;
+// 		echo "<pre>" ;
+// 		echo "有漏洞=====>". $type ."<br/>" ;
+// 		echo "漏洞变量：<br/>" ;
+// 		print_r($var) ;
+// 		echo "漏洞节点：<br/>" ;
+// 		print_r($node) ;
 
 		//获取结果集上下文
 		$resultContext = ResultContext::getInstance() ;
@@ -630,9 +630,7 @@ public function report($node_path, $var_path, $node, $var, $type){
 		}else{
 			$resultContext->addResElement($record) ;
 		}
-
 	}
-	
-	
+
 }
 ?>

context/ResultContext.class.php

@@ -30,7 +30,7 @@ public function addResElement($ele){
     public function isRecordExists($record){
 		foreach ($this->resArr as $value){
 		    $value_record = $value->getRecord() ; 
-			if($value_record == $record){
+			if($value_record == $record->getRecord()){
 				return true ;
 			}
 		}

data/fileSummaryConetxtSerialData/D__MySoftware_wamp_www_code_phpvulhunter_test_test.php

@@ -0,0 +1 @@
+a:0:{}

data/resultConetxtSerialData/D__MySoftware_wamp_www_code_phpvulhunter_test_test.php

@@ -103,6 +103,7 @@ function convertResults($resContext){
     fclose($fileHandler);
 }
 
+$results = null;
 if(($serial_str = file_get_contents($serialPath)) != ''){
     $results = unserialize($serial_str) ;
 }else{
@@ -138,50 +139,9 @@ function convertResults($resContext){
 
 
 
-//2、初始化模块
-$allFiles = FileUtils::getPHPfile($project_path);
-$mainlFiles = FileUtils::mainFileFinder($project_path);
-$initModule = new InitModule() ;
-$initModule->init($project_path, $allFiles) ;
-
-
-//3、循环每个文件  进行分析工作
-if(is_file($project_path)){
-	load_file($project_path) ;
-}elseif (is_dir($project_path)){
-	$path_list = $mainlFiles;
-	foreach ($path_list as $path){
-		try{
-		    print_r($path.'<br/>');
-			load_file($path) ;
-		}catch(Exception $e){
-			continue ;
-		}	
-	}
-}else{
-	//请求不合法
-	echo "工程不存在!" ;
-	exit() ;
-}
-
-//4、获取ResultContext  序列化
-$results = ResultContext::getInstance() ;
-
-
-file_put_contents($serialPath, serialize($results)) ;
-
-//5、处理results 传给template
-$tempRes = array();
-foreach ($results->getResArr() as $result){
-    $record = $result->getRecord();
-    array_push($tempRes, $record);
-}
-
-$results = $tempRes;
-
 
 //5、处理results 传给template
-$template_res = convertResults(ResultContext::getInstance()) ;
+$template_res = convertResults($results) ;
 $smarty->assign('results',$template_res);
 $smarty->display('content.html');
 

data/serialdata/D__MySoftware_wamp_www_code_phpvulhunter_test_test.php

@@ -107,7 +107,6 @@ function sendCodeViewReq( tag_a )
 {
     var grandparent = tag_a.parentNode.parentNode;
     var codeFile = grandparent.getElementsByTagName('span');
-    if( cutstr($(codeFile[0]).html()) == cutstr($(codeFile[6]).html()) )
     $.ajax({
         type : "POST",
         url : "CodeViewer.php",