locutus icon indicating copy to clipboard operation
locutus copied to clipboard

Published 20 hours ago verified publisher icon locutusjs

Malware detected

Open withremote opened this issue 9 years ago • 5 comments

Our server scan detected malware in one of the files in your repo:

malware detect scan report for xxxxxxx:
SCAN ID: 062715-0339.46173
TIME: Jun 27 03:43:46 -0500
PATH: /home*/*/public_html
RANGE: 2 days
TOTAL FILES: 9753
TOTAL HITS: 1
TOTAL CLEANED: 0

NOTE: quarantine is disabled! set quar_hits=1 in conf.maldet or to quarantine results run: maldet -q 062715-0339.46173
FILE HIT LIST:
{HEX}gzbase64.inject.unclassed.15 : /home/xxxxxx/public_html/bower_components/phpjs/_octopress/source/functions/utf8_decode/_comments.html
===============================================
Linux Malware Detect v1.4.2 < [email protected] >

withremote avatar Jun 30 '15 13:06 withremote

Just a legacy spammy comment I think. removed it in https://github.com/kvz/phpjs/commit/ead6d1a542a0ce0b3969e2c1ea42e9213d12214d

That said, I would not include phpjs in its entirety with your products

kvz avatar Jun 30 '15 15:06 kvz

Ok. I pull it in via Bower but only use a few functions.

On Tue, Jun 30, 2015 at 10:26 AM Kevin van Zonneveld < [email protected]> wrote:

Just a legacy spammy comment I think. removed it in ead6d1a https://github.com/kvz/phpjs/commit/ead6d1a542a0ce0b3969e2c1ea42e9213d12214d

That said, I would not include phpjs in its entirety with your products

— Reply to this email directly or view it on GitHub https://github.com/kvz/phpjs/issues/231#issuecomment-117228111.

withremote avatar Jul 01 '15 02:07 withremote

There still is an unwanted eval code block in there, that should be removed as well.

kevinsandow avatar Dec 17 '15 08:12 kevinsandow

I did a big upgrade of this project (http://locutus.io/2016/05/announcing-locutus/) removing many evals. The ones that remain are in these functions:

  • http://locutus.io/php/funchand/call_user_func
  • http://locutus.io/php/funchand/call_user_func_array
  • http://locutus.io/php/var/is_callable
  • http://locutus.io/php/json/json_decode

I don't really see an easy way around these, besides maybe completely deprecating the functions. I think for the first three cases we made it safe. The fourth I'm not sure.

Welcoming input on this one

kvz avatar May 21 '16 20:05 kvz

My team uses both call_user_func and call_user_func_array in a framework that we've developed for a browser extension. It'd break without them. Granted we could just copy them if we had to, but I'm just saying that they're useful.

KnightYoshi avatar Feb 09 '17 13:02 KnightYoshi