function logProgress($str) { $res = true; $fp = fopen(PROGRESS_FILE, "a"); if ($fp === false) { logTrace('ERROR: logProgress(): fopen() failed'); return false; } if (flock($fp, LOCK_EX)) { // adquirir un bloqueo exclusivo fwrite($fp, $str . "\n"); fflush($fp); // volcar la salida antes de liberar el bloqueo flock($fp, LOCK_UN); // libera el bloqueo logTrace($str); } else { $res = false; logTrace('ERROR: logProgress(): flock() failed'); } fclose($fp); return $res; }
foreach ($file as $t) { $parts = explode("\t", $t); $parts[1] = filter(unserialize($parts[1]), $folder); $traces[] = $parts; } //Now, let's do the actual logging of what treats tainted data. $source_functions = array(); //these 4 keep just the name of the functions $sink_functions = array(); $global_functions = array(); $parameter_functions = array(); $traces_functions = array(); //this one stores arrays of traces, indexed per function name foreach ($traces as $trace) { // print_r($trace); logTrace($trace); } $source_functions = arrayUnique($source_functions); $sink_functions = arrayUnique($sink_functions); $global_functions = arrayUnique($global_functions); $parameter_functions = arrayUnique($parameter_functions); echo "\n=================\n"; echo "Sources of taint:\n"; usort($source_functions, "compareFunctions"); foreach ($source_functions as $f) { printf("%s\n", $f[0] . "/" . $f[1]); } echo "\n===============\n"; echo "Sinks of taint:\n"; usort($sink_functions, "compareFunctions"); foreach ($sink_functions as $f) {