fix: 修改正则匹配逻辑

2024-06-06 16:05:25 +08:00
parent 167bbe0a14
commit 752e774714
2 changed files with 13 additions and 15 deletions
--- a/detection/Regexdetection.py
+++ b/detection/Regexdetection.py
@@ -34,6 +34,7 @@ def find_dangerous_functions(
            r"\bos\.kill\b": "high",
            r"\bos\.popen\b": "medium",
            r"\bos\.spawn\b": "medium",
+            r"\bsubprocess": "medium",
        },
    }
    risk_patterns = patterns.get(file_extension, {})
@@ -43,7 +44,9 @@ def find_dangerous_functions(
            clean_line = remove_comments(line, file_extension)
            if not clean_line:
                continue
+            # 消除换行符，避免影响正则匹配
+            clean_line = clean_line.replace("\\n", "")
            for pattern, risk_level in risk_patterns.items():
-                if re.search(pattern, clean_line):
+                if re.search(pattern, clean_line, re.MULTILINE | re.DOTALL):
                    classified_results[risk_level].append((line_number, clean_line))
    return classified_results