From ad97333238033a801f38b2a55e86c165b85b4f74 Mon Sep 17 00:00:00 2001 From: jmarcil Date: Sun, 4 Aug 2019 15:31:44 -0700 Subject: [PATCH] fixes #35 --- Security/Sniffs/Drupal7/AdvisoriesContribSniff.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Security/Sniffs/Drupal7/AdvisoriesContribSniff.php b/Security/Sniffs/Drupal7/AdvisoriesContribSniff.php index 3ce9b86..9389c86 100644 --- a/Security/Sniffs/Drupal7/AdvisoriesContribSniff.php +++ b/Security/Sniffs/Drupal7/AdvisoriesContribSniff.php @@ -52,11 +52,13 @@ public function process(File $phpcsFile, $stackPtr) { if ($a != $info['core']) echo "WARNING Drupal core version inconsistence!!"; list ($a, $mversion) = explode('-', $info['version']); + $CVEversion = preg_replace('/^(\d+)\.(\d)$/','${1}.0${2}', $CVEversion); $CVEversion = (float) $CVEversion; if (preg_match('/dev/', $vcve[0])) $phpcsFile->addWarning("WARNING module " . $info['project'] . " does not have any release for the security fix, manual checking required. Details: " . $vcve[1], $stackPtr, 'D7WarnAdvisoriesContribDev'); if (preg_match('/rc|alpha|beta/', $vcve[0])) $phpcsFile->addWarning("WARNING module " . $info['project'] . " is using special version tagging around the security fix, manual checking recommanded. Details: " . $vcve[1], $stackPtr, 'D7WarnAdvisoriesContribrc'); + $mversion = preg_replace('/^(\d+)\.(\d)$/','${1}.0${2}', $mversion); $mversion = (float) $mversion; $diff = $CVEversion - $mversion; if ($diff > 0 && $diff < 1)