JED checker rules Topic is solved
Moderator: JED Team
-
- Joomla! Apprentice
- Posts: 46
- Joined: Wed Oct 08, 2008 7:14 am
JED checker rules
hi,
I get a warning by JAMSS - Joomla! Anti-Malware Scan Script when calling method:
$plugin=PluginHelper::getPlugin('type', 'name');
Reason: "Pattern found#23 - shell command execution from POST/GET variables"
I think this should be corrected, as this is a well known and valid PluginHelper method and not a POST/GET variable issue.
I get a warning by JAMSS - Joomla! Anti-Malware Scan Script when calling method:
$plugin=PluginHelper::getPlugin('type', 'name');
Reason: "Pattern found#23 - shell command execution from POST/GET variables"
I think this should be corrected, as this is a well known and valid PluginHelper method and not a POST/GET variable issue.
Last edited by imanickam on Thu Oct 06, 2022 3:00 pm, edited 1 time in total.
Reason: Moved topic » from Extensions for Joomla! 4.x to extensions.joomla.org - Feedback/Information
Reason: Moved topic » from Extensions for Joomla! 4.x to extensions.joomla.org - Feedback/Information
-
- Joomla! Hero
- Posts: 2901
- Joined: Fri Jul 05, 2013 10:35 am
- Location: Parts Unknown
Re: JED checker rules
What is the exact code on the line?
- toivo
- Joomla! Master
- Posts: 17434
- Joined: Thu Feb 15, 2007 5:48 am
- Location: Sydney, Australia
Re: JED checker rules
The Joomla Anti Malware Scan Script (JAMSS) has not been updated for several years and "[t]his script is far from being 100% accurate". It detects patterns in ordinary code structures, for example Pattern found#17 - PHP: multiple encoded, most probably obfuscated code found #11 #27, but apparently it is only a warning and will be manually checked by the JED team.
Toivo Talikka, Global Moderator
-
- Joomla! Apprentice
- Posts: 46
- Joined: Wed Oct 08, 2008 7:14 am
Re: JED checker rules
hi,
still I suggest to correct this issue. Though it results only in a warning, it creates at least some unnecessary irritation and checks (which happened to me).
still I suggest to correct this issue. Though it results only in a warning, it creates at least some unnecessary irritation and checks (which happened to me).
-
- Joomla! Enthusiast
- Posts: 131
- Joined: Sat Apr 14, 2007 9:16 am
- Location: Armenia
- Contact:
Re: JED checker rules
@jschmi Could you send me (denis.ryabov at community.joomla.org) the full text of that file? The rule #23 finds execution command (exec, passthru, shell_exec, system, popen, proc_...) followed by $_GET or $_POST. The mentioned line doesn't match it, so the actual problem should be a few lines above or below.
-
- Joomla! Apprentice
- Posts: 46
- Joined: Wed Oct 08, 2008 7:14 am
Re: JED checker rules
hi,
You are right... in my code I'm doing some cleanup of $_GET and $_POST variables. If I remove this code part - the JAMSS warning disappears. Can you explain/clarify, why JAMSS does not point to this part of code?
You are right... in my code I'm doing some cleanup of $_GET and $_POST variables. If I remove this code part - the JAMSS warning disappears. Can you explain/clarify, why JAMSS does not point to this part of code?
-
- Joomla! Enthusiast
- Posts: 131
- Joined: Sat Apr 14, 2007 9:16 am
- Location: Armenia
- Contact:
Re: JED checker rules
Hmm, do you use the latest version of JEDChecker (v.2.4.1)? I'm unable to reproduce the issue with your file (though I tested it using dev snapshot, maybe there is a difference).
-
- Joomla! Apprentice
- Posts: 46
- Joined: Wed Oct 08, 2008 7:14 am
Re: JED checker rules
hi,
jed checker version is 2.4.1 - I get this using my code:
jed checker version is 2.4.1 - I get this using my code:
You do not have the required permissions to view the files attached to this post.
-
- Joomla! Apprentice
- Posts: 46
- Joined: Wed Oct 08, 2008 7:14 am
Re: JED checker rules
hi,
I reinstalled jedchecker with code from github - this tells me same version (and date) but the warning disappeared with this version. Seems that the code from JED is different and causing the issue.
I reinstalled jedchecker with code from github - this tells me same version (and date) but the warning disappeared with this version. Seems that the code from JED is different and causing the issue.
-
- I've been banned!
- Posts: 13639
- Joined: Sun Jul 05, 2009 3:30 am
- Location: Canberra, Australia
Re: JED checker rules
Interesting discussion!
I agree that there are differences between the JED Checker v2.4.1 downloaded from the JED and the files under development in GitHub, e.g. ../administrator/components/com_jedchecker/libraries/rules/jamss.php. I cannot confirm that JAMMS checking accurately reports issues with extensions one tests with JED Checker v2.4.1.
I raised it as an issue for the JED Checker developers: https://github.com/joomla-extensions/je ... issues/193
I agree that there are differences between the JED Checker v2.4.1 downloaded from the JED and the files under development in GitHub, e.g. ../administrator/components/com_jedchecker/libraries/rules/jamss.php. I cannot confirm that JAMMS checking accurately reports issues with extensions one tests with JED Checker v2.4.1.
I raised it as an issue for the JED Checker developers: https://github.com/joomla-extensions/je ... issues/193