public function filePatternsMatch($subject) { $request = $this->getWAF()->getRequest(); $files = $request->getFiles(); $patterns = $this->getWAF()->getMalwareSignatures(); if (!is_array($patterns) || !is_array($files)) { return false; } foreach ($files as $file) { if ($file['name'] == (string) $subject) { $fh = @fopen($file['tmp_name'], 'r'); if (!$fh) { return false; } $totalRead = 0; $readsize = max(min(10 * 1024 * 1024, wfWAFUtils::iniSizeToBytes(ini_get('upload_max_filesize'))), 1 * 1024 * 1024); while (!feof($fh)) { $data = fread($fh, $readsize); $totalRead += strlen($data); if ($totalRead < 1) { return false; } foreach ($patterns as $rule) { if (preg_match('/(' . $rule . ')/i', $data, $matches)) { return true; } } } } } return false; }