Re: Stock by Attribute v4.0 for Zen Cart 1.3.5
Quote:
Originally Posted by
cefyn
I’m afraid I can’t get the latest clamav to run on my computer, out of date OS, sorry. Just in case you’re interested, the file is Stock_By_Attributes_Combined- master\admin\products_with_attributes_stock.php from
https://github.com/mc12345678/Stock_...butes_Combined
Went through the process to install the latest version (1.4.3 windows x64) and though I didn't set it up on a "server" where it could possibly monitor file operation and/or routinely test, I went ahead and took the questionable file by itself, placed it in a directory and ran the clamscan on the file. No issues identified, so the next question is how to "open it up" to possibly detect the issue that has been reported so that I can figure out how to ensure even for false positives that it isn't identified as an issue... I thought I modified settings to try to use all possible means of review, but not sure...
I'm not aware of any/much difference in how this file collects/receives information as compared to other admin style/type files. Unfortunately, as stated above, this isn't the first time the file has been "identified".
Sure, can report as a false negative, and probably is a really great idea, but I'd rather the code not meet some condition that needs bypassing than to report a particular file name as being ok... Really kind of just makes it possible for others to take advantage. In the little searching I did on this, it appears there may be a (perceived?) issue with $_POST processing...
I may try the other scanner; however, sounds like that one doesn't report the same issue with that file... IF anyone is able to call out a line or code segment that is causing the false positive report, I'd be glad to correct/fix it.
