From ce8151996f008c3f3577db30c5791d25deef78ee Mon Sep 17 00:00:00 2001
From: LoRexxar <lorexxar@gmail.com>
Date: Fri, 1 Dec 2017 16:48:53 +0800
Subject: [PATCH 1/2] fix class analysize for Vustomize-Match

---
 cobra/parser.py                      |  5 ++++
 rules/php/CVI_1001.py                |  2 +-
 tests/ast/test_class/test_class2.php | 42 ++++++++++++++++++++++++++++
 3 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 tests/ast/test_class/test_class2.php

diff --git a/cobra/parser.py b/cobra/parser.py
index fba9e6a6..4cc95728 100644
--- a/cobra/parser.py
+++ b/cobra/parser.py
@@ -695,6 +695,11 @@ def anlysis_params(param, code_content, file_path, lineno):
     """
     count = 0
     function_params = None
+    if type(param) is str and "->" in param:
+        param_left = php.Variable(param.split("->")[0])
+        param_right = param.split("->")[1]
+        param = php.ObjectProperty(param_left, param_right)
+
     param = php.Variable(param)
     parser = make_parser()
     all_nodes = parser.parse(code_content, debug=False, lexer=lexer.clone(), tracking=with_line)
diff --git a/rules/php/CVI_1001.py b/rules/php/CVI_1001.py
index fbd2986d..133a1157 100644
--- a/rules/php/CVI_1001.py
+++ b/rules/php/CVI_1001.py
@@ -41,7 +41,7 @@ def main(self, regex_string):
         :return: 
         """
         sql_sen = regex_string[0]
-        reg = "\$\w+"
+        reg = "\$[\w+\->]*"
         if re.search(reg, sql_sen, re.I):
 
             p = re.compile(reg)
diff --git a/tests/ast/test_class/test_class2.php b/tests/ast/test_class/test_class2.php
new file mode 100644
index 00000000..dd063b4e
--- /dev/null
+++ b/tests/ast/test_class/test_class2.php
@@ -0,0 +1,42 @@
+<?php
+class a2{
+
+    function __construct($test=1,$message="2333"){
+        $this->test = $test;
+        $this->message = $message;
+    }
+    function __toString(){
+    	$b = $_GET['b'];
+    	return $b;
+    }
+
+    function eval_function($a){
+        curl_setopt($curl, CURLOPT_URL, $a);
+    }
+
+    function eval_function2(){
+        $a = $_GET['a'];
+        curl_setopt($curl, CURLOPT_URL, $a);
+    }
+
+    function eval_function3(){
+        curl_setopt($curl, CURLOPT_URL, $this->test);
+    }
+
+    function eval_function4(){
+        curl_setopt($curl, CURLOPT_URL, $this->message);
+    }
+}
+
+
+$x = $_GET['a'];
+$y = "test";
+
+$A = new a2($x, $y);
+$A->eval_function($y);
+$A->eval_function2();
+$A->eval_function3();
+$A->eval_function4();
+
+$z = $A;
+curl_setopt($curl, CURLOPT_URL, $z);
\ No newline at end of file

From f161f027978f342257a8f12cbbe7483eb91f3210 Mon Sep 17 00:00:00 2001
From: LoRexxar <lorexxar@gmail.com>
Date: Fri, 1 Dec 2017 16:57:22 +0800
Subject: [PATCH 2/2] update to 0.7.1

---
 README.md            | 4 ++++
 cobra/__version__.py | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f727b450..abc02609 100644
--- a/README.md
+++ b/README.md
@@ -77,6 +77,10 @@ Cobra-W是从Cobra2.0发展而来的分支，着眼于白帽子使用的白盒
 - 2017-11-27
     - Cobra-W 0.7
     - 更新了全新的机制应用于类变量回溯，已完成大部分支持
+- 2017-12-1
+    - Cobra-W 0.7.1
+    - 修复类变量回溯的多个bug，对类变量回溯已经有比较完整的支持
+
 
 # README(开发文档)
 
diff --git a/cobra/__version__.py b/cobra/__version__.py
index 6b91e870..3e9216ab 100644
--- a/cobra/__version__.py
+++ b/cobra/__version__.py
@@ -7,7 +7,7 @@
 __issue_page__ = 'https://github.com/LoRexxar/Cobra-W/issues/new'
 __python_version__ = sys.version.split()[0]
 __platform__ = platform.platform()
-__version__ = '0.7'
+__version__ = '0.7.1'
 __author__ = 'LoRexxar'
 __author_email__ = 'LoRexxar@gmail.com'
 __license__ = 'MIT License'