Issues in GeoRSS.class.php (master) - Issues in master - Ysurac/FlightAirMap - Measure and Improve Code Quality continuously with Scrutinizer

Issues (843)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

require/libs/geoPHP/lib/adapters/GeoRSS.class.php (11 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/*
 * Copyright (c) Patrick Hayes
 *
 * This code is open-source and licenced under the Modified BSD License.
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

/**
 * PHP Geometry/GeoRSS encoder/decoder
 */
class GeoRSS extends GeoAdapter
{
  private $namespace = FALSE;
  private $nss = ''; // Name-space string. eg 'georss:'
  
  /**
   * Read GeoRSS string into geometry objects
   *
   * @param string $georss - an XML feed containing geoRSS
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
   *
   * @return Geometry|GeometryCollection
   */
  public function read($gpx) {
    return $this->geomFromText($gpx);
  }

  /**
   * Serialize geometries into a GeoRSS string.
   *
   * @param Geometry $geometry
   *
   * @return string The georss string representation of the input geometries
   */
  public function write(Geometry $geometry, $namespace = FALSE) {
    if ($namespace) {
      $this->namespace = $namespace;
      $this->nss = $namespace.':';    
    }
    return $this->geometryToGeoRSS($geometry);
  }
  
  public function geomFromText($text) {
    // Change to lower-case, strip all CDATA, and de-namespace
    $text = strtolower($text);
    $text = preg_replace('/<!\[cdata\[(.*?)\]\]>/s','',$text);
        
    // Load into DOMDOcument
    $xmlobj = new DOMDocument();
    @$xmlobj->loadXML($text);
// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
    if ($xmlobj === false) {
      throw new Exception("Invalid GeoRSS: ". $text);
    }
    
    $this->xmlobj = $xmlobj;
class MyClass { }

$x = new MyClass();
$x->foo = true;
    try {
      $geom = $this->geomFromXML();
    } catch(InvalidText $e) {

        throw new Exception("Cannot Read Geometry From GeoRSS: ". $text);
    } catch(Exception $e) {
        throw $e;
    }

    return $geom;
  }
  
  protected function geomFromXML() {
    $geometries = array();
    $geometries = array_merge($geometries, $this->parsePoints());
    $geometries = array_merge($geometries, $this->parseLines());
    $geometries = array_merge($geometries, $this->parsePolygons());
    $geometries = array_merge($geometries, $this->parseBoxes());
    $geometries = array_merge($geometries, $this->parseCircles());
    
    if (empty($geometries)) {
      throw new Exception("Invalid / Empty GeoRSS");
    }
    
    return geoPHP::geometryReduce($geometries); 
  }
  
  protected function getPointsFromCoords($string) {
    $coords = array();
    $latlon = explode(' ',$string);
    foreach ($latlon as $key => $item) {
      if (!($key % 2)) {
        // It's a latitude
        $lat = $item;
      }
      else {
        // It's a longitude
        $lon = $item;
        $coords[] = new Point($lon, $lat);
function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}
      }
    }
    return $coords;
  }
  
  protected function parsePoints() {
    $points = array();
    $pt_elements = $this->xmlobj->getElementsByTagName('point');
    foreach ($pt_elements as $pt) {
      $point_array = $this->getPointsFromCoords(trim($pt->firstChild->nodeValue));
      $points[] = $point_array[0];
    }
    return $points;
  }
  
  protected function parseLines() {
    $lines = array();
    $line_elements = $this->xmlobj->getElementsByTagName('line');
    foreach ($line_elements as $line) {
      $components = $this->getPointsFromCoords(trim($line->firstChild->nodeValue));
      $lines[] = new LineString($components);
    }
    return $lines;
  }
  
  protected function parsePolygons() {
    $polygons = array();
    $poly_elements = $this->xmlobj->getElementsByTagName('polygon');
    foreach ($poly_elements as $poly) {
      if ($poly->hasChildNodes()) {
        $points = $this->getPointsFromCoords(trim($poly->firstChild->nodeValue));
        $exterior_ring = new LineString($points);
        $polygons[] = new Polygon(array($exterior_ring));
      }
      else {
        // It's an EMPTY polygon
        $polygons[] = new Polygon(); 
      }
    }
    return $polygons;
  }
  
  // Boxes are rendered into polygons
  protected function parseBoxes() {
    $polygons = array();
    $box_elements = $this->xmlobj->getElementsByTagName('box');
    foreach ($box_elements as $box) {
      $parts = explode(' ',trim($box->firstChild->nodeValue));
      $components = array(
        new Point($parts[3], $parts[2]),
        new Point($parts[3], $parts[0]),
        new Point($parts[1], $parts[0]),
        new Point($parts[1], $parts[2]),
        new Point($parts[3], $parts[2]),
      );
      $exterior_ring = new LineString($components);
      $polygons[] = new Polygon(array($exterior_ring));
    }
    return $polygons;
  }

  // Circles are rendered into points
  // @@TODO: Add good support once we have circular-string geometry support
  protected function parseCircles() {
    $points = array();
    $circle_elements = $this->xmlobj->getElementsByTagName('circle');
    foreach ($circle_elements as $circle) {
      $parts = explode(' ',trim($circle->firstChild->nodeValue));
      $points[] = new Point($parts[1], $parts[0]);
    }
    return $points;
  }
  
  protected function geometryToGeoRSS($geom) {
    $type = strtolower($geom->getGeomType());
    switch ($type) {
      case 'point':
        return $this->pointToGeoRSS($geom);
        break;
switch ($x) {
    case 1:
        return 'foo';
        break; // This break is not necessary and can be left off.
}
      case 'linestring':
        return $this->linestringToGeoRSS($geom);
        break;
switch ($x) {
    case 1:
        return 'foo';
        break; // This break is not necessary and can be left off.
}
      case 'polygon':
        return $this->PolygonToGeoRSS($geom);
        break;
switch ($x) {
    case 1:
        return 'foo';
        break; // This break is not necessary and can be left off.
}
      case 'multipoint':
      case 'multilinestring':
      case 'multipolygon':
      case 'geometrycollection':
        return $this->collectionToGeoRSS($geom);
        break;
switch ($x) {
    case 1:
        return 'foo';
        break; // This break is not necessary and can be left off.
}
    }
    return $output;

  }
  
  private function pointToGeoRSS($geom) {
    return '<'.$this->nss.'point>'.$geom->getY().' '.$geom->getX().'</'.$this->nss.'point>';
  }
  

  private function linestringToGeoRSS($geom) {
    $output = '<'.$this->nss.'line>';
    foreach ($geom->getComponents() as $k => $point) {
      $output .= $point->getY().' '.$point->getX();
      if ($k < ($geom->numGeometries() -1)) $output .= ' ';
    }
    $output .= '</'.$this->nss.'line>';
    return $output;
  }

  private function polygonToGeoRSS($geom) {
    $output = '<'.$this->nss.'polygon>';
    $exterior_ring = $geom->exteriorRing();
    foreach ($exterior_ring->getComponents() as $k => $point) {
      $output .= $point->getY().' '.$point->getX();
      if ($k < ($exterior_ring->numGeometries() -1)) $output .= ' ';
    }
    $output .= '</'.$this->nss.'polygon>';
    return $output;
  }
  
  public function collectionToGeoRSS($geom) {
    $georss = '<'.$this->nss.'where>';
    $components = $geom->getComponents();
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
    foreach ($geom->getComponents() as $comp) {
      $georss .= $this->geometryToGeoRSS($comp);
    }
    
    $georss .= '</'.$this->nss.'where>';
    
    return $georss;
  }

}


Issues (843)

Security Analysis not enabled

require/libs/geoPHP/lib/adapters/GeoRSS.class.php (11 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

1			<?php
2			/*
3			* Copyright (c) Patrick Hayes
4			*
5			* This code is open-source and licenced under the Modified BSD License.
6			* For the full copyright and license information, please view the LICENSE
7			* file that was distributed with this source code.
8			*/
9
10			/**
11			* PHP Geometry/GeoRSS encoder/decoder
12			*/
13			class GeoRSS extends GeoAdapter
14			{
15			private $namespace = FALSE;
16			private $nss = ''; // Name-space string. eg 'georss:'
17
18			/**
19			* Read GeoRSS string into geometry objects
20			*
21			* @param string $georss - an XML feed containing geoRSS
			0 ignored issues – show Bug introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no parameter named `$georss`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
22			*
23			* @return Geometry\|GeometryCollection
24			*/
25			public function read($gpx) {
26			return $this->geomFromText($gpx);
27			}
28
29			/**
30			* Serialize geometries into a GeoRSS string.
31			*
32			* @param Geometry $geometry
33			*
34			* @return string The georss string representation of the input geometries
35			*/
36			public function write(Geometry $geometry, $namespace = FALSE) {
37			if ($namespace) {
38			$this->namespace = $namespace;
39			$this->nss = $namespace.':';
40			}
41			return $this->geometryToGeoRSS($geometry);
42			}
43
44			public function geomFromText($text) {
45			// Change to lower-case, strip all CDATA, and de-namespace
46			$text = strtolower($text);
47			$text = preg_replace('/<!\[cdata\[(.*?)\]\]>/s','',$text);
48
49			// Load into DOMDOcument
50			$xmlobj = new DOMDocument();
51			@$xmlobj->loadXML($text);
			0 ignored issues – show Security Best Practice introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended. If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of @mkdir($dir); // Better use if (@mkdir($dir) === false) { throw new \RuntimeException('The directory '.$dir.' could not be created.'); } Loading history...
52			if ($xmlobj === false) {
53			throw new Exception("Invalid GeoRSS: ". $text);
54			}
55
56			$this->xmlobj = $xmlobj;
			0 ignored issues – show Bug introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `xmlobj` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
57			try {
58			$geom = $this->geomFromXML();
59			} catch(InvalidText $e) {
			0 ignored issues – show Bug introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The class `InvalidText` does not exist. Did you forget a USE statement, or did you not list all dependencies? Scrutinizer analyzes your `composer.json`/`composer.lock` file if available to determine the classes, and functions that are defined by your dependencies. It seems like the listed class was neither found in your dependencies, nor was it found in the analyzed files in your repository. If you are using some other form of dependency management, you might want to disable this analysis. Loading history...
60			throw new Exception("Cannot Read Geometry From GeoRSS: ". $text);
61			} catch(Exception $e) {
62			throw $e;
63			}
64
65			return $geom;
66			}
67
68			protected function geomFromXML() {
69			$geometries = array();
70			$geometries = array_merge($geometries, $this->parsePoints());
71			$geometries = array_merge($geometries, $this->parseLines());
72			$geometries = array_merge($geometries, $this->parsePolygons());
73			$geometries = array_merge($geometries, $this->parseBoxes());
74			$geometries = array_merge($geometries, $this->parseCircles());
75
76			if (empty($geometries)) {
77			throw new Exception("Invalid / Empty GeoRSS");
78			}
79
80			return geoPHP::geometryReduce($geometries);
81			}
82
83			protected function getPointsFromCoords($string) {
84			$coords = array();
85			$latlon = explode(' ',$string);
86			foreach ($latlon as $key => $item) {
87			if (!($key % 2)) {
88			// It's a latitude
89			$lat = $item;
90			}
91			else {
92			// It's a longitude
93			$lon = $item;
94			$coords[] = new Point($lon, $lat);
			0 ignored issues – show Bug introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$lat` does not seem to be defined for all execution paths leading up to this point. If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } // $x is potentially undefined here. echo $x; } In the above example, the variable `$x` is defined if you pass “foo” or “bar” as argument for `$a`. However, since the `switch` statement has no default case statement, if you pass any other value, the variable `$x` would be undefined. Available Fixes Check for existence of the variable explicitly: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } if (isset($x)) { // Make sure it's always set. echo $x; } } Define a default value for the variable: function myFunction($a) { $x = ''; // Set a default which gets overridden for certain paths. switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } echo $x; } Add a value for the missing path: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; // We add support for the missing case. default: $x = ''; break; } echo $x; } Loading history...
95			}
96			}
97			return $coords;
98			}
99
100			protected function parsePoints() {
101			$points = array();
102			$pt_elements = $this->xmlobj->getElementsByTagName('point');
103			foreach ($pt_elements as $pt) {
104			$point_array = $this->getPointsFromCoords(trim($pt->firstChild->nodeValue));
105			$points[] = $point_array[0];
106			}
107			return $points;
108			}
109
110			protected function parseLines() {
111			$lines = array();
112			$line_elements = $this->xmlobj->getElementsByTagName('line');
113			foreach ($line_elements as $line) {
114			$components = $this->getPointsFromCoords(trim($line->firstChild->nodeValue));
115			$lines[] = new LineString($components);
116			}
117			return $lines;
118			}
119
120			protected function parsePolygons() {
121			$polygons = array();
122			$poly_elements = $this->xmlobj->getElementsByTagName('polygon');
123			foreach ($poly_elements as $poly) {
124			if ($poly->hasChildNodes()) {
125			$points = $this->getPointsFromCoords(trim($poly->firstChild->nodeValue));
126			$exterior_ring = new LineString($points);
127			$polygons[] = new Polygon(array($exterior_ring));
128			}
129			else {
130			// It's an EMPTY polygon
131			$polygons[] = new Polygon();
132			}
133			}
134			return $polygons;
135			}
136
137			// Boxes are rendered into polygons
138			protected function parseBoxes() {
139			$polygons = array();
140			$box_elements = $this->xmlobj->getElementsByTagName('box');
141			foreach ($box_elements as $box) {
142			$parts = explode(' ',trim($box->firstChild->nodeValue));
143			$components = array(
144			new Point($parts[3], $parts[2]),
145			new Point($parts[3], $parts[0]),
146			new Point($parts[1], $parts[0]),
147			new Point($parts[1], $parts[2]),
148			new Point($parts[3], $parts[2]),
149			);
150			$exterior_ring = new LineString($components);
151			$polygons[] = new Polygon(array($exterior_ring));
152			}
153			return $polygons;
154			}
155
156			// Circles are rendered into points
157			// @@TODO: Add good support once we have circular-string geometry support
158			protected function parseCircles() {
159			$points = array();
160			$circle_elements = $this->xmlobj->getElementsByTagName('circle');
161			foreach ($circle_elements as $circle) {
162			$parts = explode(' ',trim($circle->firstChild->nodeValue));
163			$points[] = new Point($parts[1], $parts[0]);
164			}
165			return $points;
166			}
167
168			protected function geometryToGeoRSS($geom) {
169			$type = strtolower($geom->getGeomType());
170			switch ($type) {
171			case 'point':
172			return $this->pointToGeoRSS($geom);
173			break;
			0 ignored issues – show Unused Code introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this `break` is not strictly necessary here and could be removed. The `break` statement is not necessary if it is preceded for example by a `return` statement: switch ($x) { case 1: return 'foo'; break; // This break is not necessary and can be left off. } If you would like to keep this construct to be consistent with other `case` statements, you can safely mark this issue as a false-positive. Loading history...
174			case 'linestring':
175			return $this->linestringToGeoRSS($geom);
176			break;
			0 ignored issues – show Unused Code introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this `break` is not strictly necessary here and could be removed. The `break` statement is not necessary if it is preceded for example by a `return` statement: switch ($x) { case 1: return 'foo'; break; // This break is not necessary and can be left off. } If you would like to keep this construct to be consistent with other `case` statements, you can safely mark this issue as a false-positive. Loading history...
177			case 'polygon':
178			return $this->PolygonToGeoRSS($geom);
179			break;
			0 ignored issues – show Unused Code introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this `break` is not strictly necessary here and could be removed. The `break` statement is not necessary if it is preceded for example by a `return` statement: switch ($x) { case 1: return 'foo'; break; // This break is not necessary and can be left off. } If you would like to keep this construct to be consistent with other `case` statements, you can safely mark this issue as a false-positive. Loading history...
180			case 'multipoint':
181			case 'multilinestring':
182			case 'multipolygon':
183			case 'geometrycollection':
184			return $this->collectionToGeoRSS($geom);
185			break;
			0 ignored issues – show Unused Code introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this `break` is not strictly necessary here and could be removed. The `break` statement is not necessary if it is preceded for example by a `return` statement: switch ($x) { case 1: return 'foo'; break; // This break is not necessary and can be left off. } If you would like to keep this construct to be consistent with other `case` statements, you can safely mark this issue as a false-positive. Loading history...
186			}
187			return $output;
			0 ignored issues – show Bug introduced 2017-07-31 11:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$output` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
188			}
189
190			private function pointToGeoRSS($geom) {
191			return '<'.$this->nss.'point>'.$geom->getY().' '.$geom->getX().'</'.$this->nss.'point>';
192			}
193
194
195			private function linestringToGeoRSS($geom) {
196			$output = '<'.$this->nss.'line>';
197			foreach ($geom->getComponents() as $k => $point) {
198			$output .= $point->getY().' '.$point->getX();
199			if ($k < ($geom->numGeometries() -1)) $output .= ' ';
200			}
201			$output .= '</'.$this->nss.'line>';
202			return $output;
203			}
204
205			private function polygonToGeoRSS($geom) {
206			$output = '<'.$this->nss.'polygon>';
207			$exterior_ring = $geom->exteriorRing();
208			foreach ($exterior_ring->getComponents() as $k => $point) {
209			$output .= $point->getY().' '.$point->getX();
210			if ($k < ($exterior_ring->numGeometries() -1)) $output .= ' ';
211			}
212			$output .= '</'.$this->nss.'polygon>';
213			return $output;
214			}
215
216			public function collectionToGeoRSS($geom) {
217			$georss = '<'.$this->nss.'where>';
218			$components = $geom->getComponents();
			0 ignored issues – show Unused Code introduced 2016-08-01 12:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$components` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
219			foreach ($geom->getComponents() as $comp) {
220			$georss .= $this->geometryToGeoRSS($comp);
221			}
222
223			$georss .= '</'.$this->nss.'where>';
224
225			return $georss;
226			}
227
228			}
229

Ysurac / FlightAirMap

Issues (843)

Security Analysis not enabled

require/libs/geoPHP/lib/adapters/GeoRSS.class.php (11 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

Duplication Side-by-Side

Filter issues like