Fix wrong value of hidden node (which prints normal file instead of h…

…idden node)
dmknght · Oct 27, 2024 · 8044ba0 · 8044ba0
1 parent 93bd217
commit 8044ba0
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/src/engine/scan_file.nim b/src/engine/scan_file.nim
@@ -135,10 +135,10 @@ proc fscanner_scan_file*(scan_ctx: var FileScanCtx, scan_path: string, virname:
     1. If file name is too long, we can't parse the name of next node
     2. If 2 hidden nodes are next to each other, 1 node is not going to be detected
 ]#
-# proc fscanner_check_hidden_node(scan_ctx: var FileScanCtx, ptr_dir: ptr Dirent, current_node_name, full_node_path: string, next_node_name: var string) =
+# proc fscanner_check_hidden_node(scan_ctx: var FileScanCtx, ptr_dir: ptr Dirent, scan_dir, current_node_name: string, next_node_name: var string) =
 #   if not isEmptyOrWhiteSpace(next_node_name) and next_node_name != current_node_name:
 #     scan_ctx.file_infected += 1
-#     print_file_infected("Heur:Rootkit.HiddenOnDisk", full_node_path)
+#     print_file_infected("Heur:Rootkit.HiddenOnDisk", scan_dir & next_node_name)
 
 #   # Get name of the next node
 #   if ptr_dir.d_reclen >= 256:
@@ -183,7 +183,7 @@ proc fscanner_walk_dir_rec*(scan_ctx: var FileScanCtx, scan_dir: string, virname
 
     full_node_path = if scan_dir.endsWith("/"): scan_dir & current_node_name else: scan_dir & "/" & current_node_name
 
-    # fscanner_check_hidden_node(scan_ctx, ptr_dir, current_node_name, full_node_path, next_node_name)
+    # fscanner_check_hidden_node(scan_ctx, ptr_dir, scan_dir, current_node_name, next_node_name)
 
     case ptr_dir.d_type
       of DT_DIR: