11<?php
22/**
3- * SigTool v0.2.1 (last modified: 2018.06.28 ).
3+ * SigTool v0.2.1 (last modified: 2018.10.20 ).
44 * Generates signatures for phpMussel using main.cvd and daily.cvd from ClamAV.
55 *
66 * Package location: GitHub <https://github.com/phpMussel/SigTool>.
@@ -19,7 +19,7 @@ class SigTool
1919 public $ Ver'0.2.1 ' ;
2020
2121 /** Last modified date. */
22- public $ Modified'2018.06.28 ' ;
22+ public $ Modified'2018.10.20 ' ;
2323
2424 /** Script user agent. */
2525 public $ UA 'SigTool v%s (https://github.com/phpMussel/SigTool) ' ;
@@ -368,14 +368,25 @@ public function shorthand(&$Data) {
368368 ], $ Data
369369 }
370370 $ Datapreg_replace ([
371- '~([^a-z0-9])(?:Agent|General|Generic)([.-])~i ' , /** Let's reduce our footprint. :-) */
372- '~([^a-z0-9])Downloader([.-])~i ' , /** CVDs use both; Let's normalise it. */
373- '~^[^\:\n]+\:[^\n]+[\[\]][^\n]*$~m ' , /** ClamAV signature format documentation is unclear about what "[]" means. */
374- '~^.*This ClamAV version has reached End of Life.*$\n~im ' /** Don't need these in phpMussel signatures! */
371+ /** Let's reduce our footprint. :-) */
372+ '~([^a-z0-9])(?:Agent|General|Generic)([.-])~i ' ,
373+
374+ /** CVDs use both; Let's normalise it. */
375+ '~([^a-z0-9])Downloader([.-])~i ' ,
376+
377+ /** ClamAV signature format documentation is unclear about what "[]" means. */
378+ '~^[^\:\n]+\:[^\n]+[\[\]][^\n]*$~m ' ,
379+
380+ /** PCRE trips over capture groups at this range sometimes. Let's play it safe and ditch the affected signatures. */
381+ '~^.*\{-?(?:\d{4,})\}.*$\n~m ' ,
382+
383+ /** Not needed in the final generated signature files. */
384+ '~^.*This ClamAV version has reached End of Life.*$\n~im '
375385 ], [
376386 '\1X\2 ' ,
377387 '\1Dldr\2 ' ,
378388 '' ,
389+ '' ,
379390 ''
380391 ], $ Data
381392 if (md5 ($ Data': ' . strlen ($ Data$ Check
@@ -817,6 +828,7 @@ public function fixPath($Path) {
817828 "\x26" => 11
818829 ];
819830
831+ /** Begin working through individual signatures. */
820832 while (($ Posstrpos ($ FileData"\n" , $ Offsetfalse ) {
821833 $ Last$ Percent
822834 $ Percentnumber_format (($ SigsThis$ SigsNDB100 , 2 ) . '% ' ;
@@ -877,21 +889,17 @@ public function fixPath($Path) {
877889 /** Assign to the appropriate signature file (regex). */
878890 if (preg_match ('/[^a-f\d*]/i ' , $ SigHex
879891
880- /**
881- * Handle PCRE conversion here (ClamAV to phpMussel formats).
882- * Note that this may need to be changed/adapted in the future upon
883- * relevant changes in the source file occurring (currently accounts
884- * for what we already know about the present, but not for what may
885- * occur in or may be planned for the future).
886- */
892+ /** Convert from ClamAV's pattern syntax to PCRE syntax. */
887893 $ SigHexpreg_replace ([
888- '~\{([0-9]+)-([0-9]+)\}~ ' ,
889- '~\{([0-9]+)-\}~ ' ,
890- '~\{-([0-9]+)\}~ ' ,
891- '~\{([0-9]+)\}~ ' ,
894+ '~^.*\{-?(?:\d{4,})\}.*$~ ' ,
895+ '~\{(\d+)-(?:\d{4,})?\}~ ' ,
896+ '~\{(\d+)-(\d+)\}~ ' ,
897+ '~\{-(\d+)\}~ ' ,
898+ '~\{(\d+)\}~ ' ,
892899 ], [
893- '(?:..){\1,\2} ' ,
900+ '' ,
894901 '(?:..){\1,} ' ,
902+ '(?:..){\1,\2} ' ,
895903 '(?:..){0,\1} ' ,
896904 '(?:..){\1} ' ,
897905 ], str_replace ([
@@ -901,8 +909,6 @@ public function fixPath($Path) {
901909 '{0-1} ' ,
902910 '{0-} ' ,
903911 '{1-} ' ,
904- '(30|31|32|33|34|35|36|37|38|39) ' ,
905- '(31|32|33|34|35|36|37|38|39) ' ,
906912 '(22|27) ' ,
907913 '(27|22) ' ,
908914 ], [
@@ -912,12 +918,61 @@ public function fixPath($Path) {
912918 '.? ' ,
913919 '.* ' ,
914920 '.+ ' ,
915- '3[0-9] ' ,
916- '3[1-9] ' ,
917921 '2[27] ' ,
918922 '2[27] ' ,
919923 ], $ SigHex
920924
925+ /** Possible character range. */
926+ $ CharRange'0 ' , 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 'a ' , 'b ' , 'c ' , 'd ' , 'e ' , 'f ' ];
927+
928+ /** Simplify all the (xx|xx|xx|xx...) stuff into something smaller and more readable. */
929+ foreach ($ CharRangeas $ Char
930+ $ InnerCharRange$ CharRange
931+ while (true ) {
932+ $ Replacer'( ' ;
933+ foreach ($ InnerCharRangeas $ InnerChar
934+ $ Replacer$ Char$ InnerChar'| ' ;
935+ }
936+ $ Replacersubstr ($ Replacer0 , -1 ) . ') ' ;
937+ $ FinalLastarray_pop ($ InnerCharRange'' ;
938+ $ InnerCharCountcount ($ InnerCharRange
939+ if (!$ InnerCharCount
940+ break ;
941+ }
942+ if ($ InnerCharCount9 ) {
943+ $ Replacement$ Char'\d ' ;
944+ } elseif ($ InnerCharCount9 ) {
945+ $ Replacement$ Char'[0- ' . $ FinalLast'] ' ;
946+ } else {
947+ $ Replacement$ InnerCharCount10 ? $ Char'[\da] ' : $ Char'[\da- ' . $ FinalLast'] ' ;
948+ }
949+ $ SigHexstr_replace ($ Replacer$ Replacement$ SigHex
950+ }
951+ }
952+
953+ /** Upper-lower case stuff, and further simplification. */
954+ foreach ($ CharRangeas $ Char
955+ $ SigHexstr_replace ([
956+ '(4 ' . $ Char'|6 ' . $ Char') ' ,
957+ '(6 ' . $ Char'|4 ' . $ Char') ' ,
958+ '(5 ' . $ Char'|7 ' . $ Char') ' ,
959+ '(7 ' . $ Char'|5 ' . $ Char') ' ,
960+ '(?:..){4} ' ,
961+ '(?:..){3} ' ,
962+ '(?:..){2} ' ,
963+ '(?:..){1} '
964+ ], [
965+ '[46] ' . $ Char
966+ '[46] ' . $ Char
967+ '[57] ' . $ Char
968+ '[57] ' . $ Char
969+ '.{8} ' ,
970+ '.{6} ' ,
971+ '.... ' ,
972+ '.. '
973+ ], $ SigHex
974+ }
975+
921976 /** Newly formatted signature line. */
922977 $ ThisLine$ SigName': ' . $ SigHex$ StartStop"\n" ;
923978
0 commit comments