public function filePatternsMatch($subject)
{
$request = $this->getWAF()->getRequest();
$files = $request->getFiles();
$patterns = $this->getWAF()->getMalwareSignatures();
if (!is_array($patterns) || !is_array($files)) {
return false;
}
foreach ($files as $file) {
if ($file['name'] == (string) $subject) {
$fh = @fopen($file['tmp_name'], 'r');
if (!$fh) {
return false;
}
$totalRead = 0;
$readsize = max(min(10 * 1024 * 1024, wfWAFUtils::iniSizeToBytes(ini_get('upload_max_filesize'))), 1 * 1024 * 1024);
while (!feof($fh)) {
$data = fread($fh, $readsize);
$totalRead += strlen($data);
if ($totalRead < 1) {
return false;
}
foreach ($patterns as $rule) {
if (preg_match('/(' . $rule . ')/i', $data, $matches)) {
return true;
}
}
}
}
}
return false;
}
