Merge pull request #9203 from nextcloud/declare-func-as-safe
Declare func() as safe method in phan
This commit is contained in:
Morris Jobke
GitHub
commit
1bc192fbd4
|
|
@ -20,17 +20,17 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
$expected = <<<EOT
|
$expected = <<<EOT
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:23 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:23 SqlInjectionChecker Potential SQL injection detected - neither a parameter nor a string
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:35 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:35 SqlInjectionChecker Potential SQL injection detected - neither a parameter nor a string
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:37 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:37 SqlInjectionChecker Potential SQL injection detected - neither a parameter nor a string
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:39 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:39 SqlInjectionChecker Potential SQL injection detected - neither a parameter nor a string
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:41 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:41 SqlInjectionChecker Potential SQL injection detected - neither a parameter nor a string
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:43 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:43 SqlInjectionChecker Potential SQL injection detected - neither a parameter nor a string
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:54 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:54 SqlInjectionChecker Potential SQL injection detected - neither a parameter nor a string
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:61 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:61 SqlInjectionChecker Potential SQL injection detected - method: no child method
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:62 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:62 SqlInjectionChecker Potential SQL injection detected - method: no child method
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:69 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:69 SqlInjectionChecker Potential SQL injection detected - method: no child method
|
||||||
build/.phan/tests/SqlInjectionCheckerTest.php:70 SqlInjectionChecker Potential SQL injection detected
|
build/.phan/tests/SqlInjectionCheckerTest.php:70 SqlInjectionChecker Potential SQL injection detected - method: no child method
|
||||||
|
|
||||||
EOT;
|
EOT;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -33,10 +33,10 @@ class SqlInjectionCheckerPlugin extends PluginV2 implements AnalyzeNodeCapabili
|
||||||
|
|
||||||
class SqlInjectionCheckerVisitor extends PluginAwareAnalysisVisitor {
|
class SqlInjectionCheckerVisitor extends PluginAwareAnalysisVisitor {
|
||||||
|
|
||||||
private function throwError() {
|
private function throwError(string $hint) {
|
||||||
$this->emit(
|
$this->emit(
|
||||||
'SqlInjectionChecker',
|
'SqlInjectionChecker',
|
||||||
'Potential SQL injection detected',
|
'Potential SQL injection detected - ' . $hint,
|
||||||
[],
|
[],
|
||||||
\Phan\Issue::SEVERITY_CRITICAL
|
\Phan\Issue::SEVERITY_CRITICAL
|
||||||
);
|
);
|
||||||
|
|
@ -64,6 +64,8 @@ class SqlInjectionCheckerVisitor extends PluginAwareAnalysisVisitor {
|
||||||
'createNamedParameter',
|
'createNamedParameter',
|
||||||
'createPositionalParameter',
|
'createPositionalParameter',
|
||||||
'createParameter',
|
'createParameter',
|
||||||
|
'createFunction',
|
||||||
|
'func',
|
||||||
];
|
];
|
||||||
|
|
||||||
$functionsToSearch = [
|
$functionsToSearch = [
|
||||||
|
|
@ -84,7 +86,7 @@ class SqlInjectionCheckerVisitor extends PluginAwareAnalysisVisitor {
|
||||||
// For set actions
|
// For set actions
|
||||||
if(isset($node->children['method']) && in_array($node->children['method'], $functionsToSearch, true) && !is_string($subChild)) {
|
if(isset($node->children['method']) && in_array($node->children['method'], $functionsToSearch, true) && !is_string($subChild)) {
|
||||||
if(!isset($subChild->children['method']) || !in_array($subChild->children['method'], $safeFunctions, true)) {
|
if(!isset($subChild->children['method']) || !in_array($subChild->children['method'], $safeFunctions, true)) {
|
||||||
$this->throwError();
|
$this->throwError('method: ' . ($subChild->children['method'] ?? 'no child method'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -115,7 +117,7 @@ class SqlInjectionCheckerVisitor extends PluginAwareAnalysisVisitor {
|
||||||
|
|
||||||
// If it is an IParameter or a pure string no error is thrown
|
// If it is an IParameter or a pure string no error is thrown
|
||||||
if((string)$expandedNode !== '\OCP\DB\QueryBuilder\IParameter' && !is_string($secondParameterNode)) {
|
if((string)$expandedNode !== '\OCP\DB\QueryBuilder\IParameter' && !is_string($secondParameterNode)) {
|
||||||
$this->throwError();
|
$this->throwError('neither a parameter nor a string');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue