From 34ea02323b16f2e3ead063aa5622a43d85465c5a Mon Sep 17 00:00:00 2001
From: Gabor Gyorvari <scr34m@gmail.com>
Date: Thu, 1 Apr 2021 12:44:15 +0200
Subject: [PATCH] New flag to specify custom white list file

---
 README.md |  1 +
 scan.php  | 39 +++++++++++++++++++++++++++++----------
 2 files changed, 30 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index 31f30c5..ad2bc7d 100644
--- a/README.md
+++ b/README.md
@@ -36,6 +36,7 @@ Usage: php scan.php -d <directory>
     -o                   --output-format      Custom defined output format
     -j                   --wordpress-version  Version of wordpress to get md5 signatures
                          --combined-whitelist Combined whitelist
+                         --custom-whitelist   Loads whitelist from specified file and merge with existing
                          --disable-stats      Disable statistics output
 ```
 
diff --git a/scan.php b/scan.php
index 647ce94..33c0738 100644
--- a/scan.php
+++ b/scan.php
@@ -42,6 +42,7 @@ class MalwareScanner
     private $flagScanEverything = false;
     private $flagCombinedWhitelist = false;
     private $flagDisableStats = false;
+    private $customWhitelist = array();
     private $outputFormat = '';
     private $whitelist = array();
     private $ignore = array();
@@ -191,16 +192,21 @@ class MalwareScanner
         return $list;
     }
 
-    //Loads the whitelist file
-    public function loadWhitelist()
+    /**
+     * Loads the whitelist files
+     */
+    public function loadWhitelists()
     {
-        if (!is_file(__DIR__ . '/whitelist.txt')) {
-            return;
-        }
-        $fp = fopen(__DIR__ . '/whitelist.txt', 'r');
-        while (!feof($fp)) {
-            $line = fgets($fp);
-            $this->whitelist[] = substr($line, 0, 32);
+        $a = array_merge([__DIR__ . '/whitelist.txt'], $this->customWhitelist);
+        foreach ($a as $file) {
+            if (is_file($file)) {
+                $fp = fopen($file, 'r');
+                while (!feof($fp)) {
+                    $line = fgets($fp);
+                    $this->whitelist[] = substr($line, 0, 32);
+                }
+                fclose($fp);
+            }
         }
     }
 
@@ -248,6 +254,7 @@ class MalwareScanner
                 'wordpress-version:',
                 'scan-everything',
                 'combined-whitelist',
+                'custom-whitelist:',
                 'disable-stats'
             )
         );
@@ -334,6 +341,13 @@ class MalwareScanner
         if (isset($options['combined-whitelist'])) {
             $this->setFlagCombinedWhitelist(true);
         }
+        if (isset($options['custom-whitelist'])) {
+            $a = $options['custom-whitelist'];
+            if (!is_array($a)) {
+                $a = array($a);
+            }
+            $this->setCustomWhitelist(array_unique($a));
+        }
         if (isset($options['disable-stats'])) {
             $this->setFlagDisableStats(true);
         }
@@ -435,6 +449,11 @@ class MalwareScanner
         $this->flagDisableStats = $b;
     }
 
+    public function setCustomWhitelist($a)
+    {
+        $this->customWhitelist = $a;
+    }
+
     // @see http://stackoverflow.com/a/13914119
     private function pathMatches($path, $pattern, $ignoreCase = false)
     {
@@ -626,7 +645,7 @@ class MalwareScanner
     {
         $this->initializePatterns();
 
-        $this->loadWhitelist();
+        $this->loadWhitelists();
 
         if ($this->flagCombinedWhitelist && !$this->updateCombinedWhitelist()) {
             return false;