From 9ecb36e81f703c5e7aae36c046f441e03f27cbdb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Fri, 30 Jan 2015 17:31:51 +0100 Subject: [PATCH] integrate code checker in the installer --- lib/private/app/codechecker.php | 23 ++++++-- ...heckervisitor.php => codecheckvisitor.php} | 0 lib/private/installer.php | 58 +++---------------- 3 files changed, 27 insertions(+), 54 deletions(-) rename lib/private/app/{codecheckervisitor.php => codecheckvisitor.php} (100%) diff --git a/lib/private/app/codechecker.php b/lib/private/app/codechecker.php index 28816a8fdc..dbec53579a 100644 --- a/lib/private/app/codechecker.php +++ b/lib/private/app/codechecker.php @@ -29,6 +29,12 @@ class CodeChecker extends BasicEmitter { const CLASS_CONST_FETCH_NOT_ALLOWED = 1003; const CLASS_NEW_FETCH_NOT_ALLOWED = 1004; + /** @var Parser */ + private $parser; + + /** @var string[] */ + private $blackListedClassNames; + public function __construct() { $this->parser = new Parser(new Lexer); $this->blackListedClassNames = [ @@ -67,14 +73,22 @@ class CodeChecker extends BasicEmitter { throw new \RuntimeException("No app with given id <$appId> known."); } + return $this->analyseFolder($appPath); + } + + /** + * @param string $folder + * @return array + */ + public function analyseFolder($folder) { $errors = []; - $excludes = array_map(function($item) use ($appPath) { - return $appPath . '/' . $item; + $excludes = array_map(function($item) use ($folder) { + return $folder . '/' . $item; }, ['vendor', '3rdparty', '.git', 'l10n']); - $iterator = new RecursiveDirectoryIterator($appPath, RecursiveDirectoryIterator::SKIP_DOTS); - $iterator = new RecursiveCallbackFilterIterator($iterator, function($item) use ($appPath, $excludes){ + $iterator = new RecursiveDirectoryIterator($folder, RecursiveDirectoryIterator::SKIP_DOTS); + $iterator = new RecursiveCallbackFilterIterator($iterator, function($item) use ($folder, $excludes){ /** @var SplFileInfo $item */ foreach($excludes as $exclude) { if (substr($item->getPath(), 0, strlen($exclude)) === $exclude) { @@ -96,6 +110,7 @@ class CodeChecker extends BasicEmitter { return $errors; } + /** * @param string $file * @return array diff --git a/lib/private/app/codecheckervisitor.php b/lib/private/app/codecheckvisitor.php similarity index 100% rename from lib/private/app/codecheckervisitor.php rename to lib/private/app/codecheckvisitor.php diff --git a/lib/private/installer.php b/lib/private/installer.php index e77504f4c1..e50b5cea45 100644 --- a/lib/private/installer.php +++ b/lib/private/installer.php @@ -308,7 +308,7 @@ class OC_Installer{ } $info=OC_App::getAppInfo($extractDir.'/appinfo/info.xml', true); // check the code for not allowed calls - if(!$isShipped && !OC_Installer::checkCode($info['id'], $extractDir)) { + if(!$isShipped && !OC_Installer::checkCode($extractDir)) { OC_Helper::rmdirr($extractDir); throw new \Exception($l->t("App can't be installed because of not allowed code in the App")); } @@ -529,58 +529,16 @@ class OC_Installer{ * @param string $folder the folder of the app to check * @return boolean true for app is o.k. and false for app is not o.k. */ - public static function checkCode($appname, $folder) { - $blacklist=array( - // classes replaced by the public api - 'OC_API::', - 'OC_App::', - 'OC_AppConfig::', - 'OC_Avatar', - 'OC_BackgroundJob::', - 'OC_Config::', - 'OC_DB::', - 'OC_Files::', - 'OC_Helper::', - 'OC_Hook::', - 'OC_Image::', - 'OC_JSON::', - 'OC_L10N::', - 'OC_Log::', - 'OC_Mail::', - 'OC_Request::', - 'OC_Response::', - 'OC_Template::', - 'OC_User::', - 'OC_Util::', - ); + public static function checkCode($folder) { // is the code checker enabled? - if(OC_Config::getValue('appcodechecker', false)) { - // check if grep is installed - $grep = \OC_Helper::findBinaryPath('grep'); - if (!$grep) { - OC_Log::write('core', - 'grep not installed. So checking the code of the app "'.$appname.'" was not possible', - OC_Log::ERROR); - return true; - } - - // iterate the bad patterns - foreach($blacklist as $bl) { - $cmd = 'grep --include \\*.php -ri '.escapeshellarg($bl).' '.$folder.''; - $result = exec($cmd); - // bad pattern found - if($result<>'') { - OC_Log::write('core', - 'App "'.$appname.'" is using a not allowed call "'.$bl.'". Installation refused.', - OC_Log::ERROR); - return false; - } - } - return true; - - }else{ + if(!OC_Config::getValue('appcodechecker', false)) { return true; } + + $codeChecker = new \OC\App\CodeChecker(); + $errors = $codeChecker->analyseFolder($folder); + + return empty($errors); } }