Issues in ObjectManagerWrapper.php (master) - Issues in master - appserver-io-psr/di - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/ObjectManagerWrapper.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * AppserverIo\Psr\Di\ObjectManagerWrapper
*
* NOTICE OF LICENSE
*
* This source file is subject to the Open Software License (OSL 3.0)
* that is available through the world-wide-web at this URL:
* http://opensource.org/licenses/osl-3.0.php
*
* PHP version 5
*
* @author    Tim Wagner <[email protected]>
* @copyright 2016 TechDivision GmbH <[email protected]>
* @license   http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
* @link      https://github.com/appserver-io-psr/di
* @link      http://www.appserver.io
*/

namespace AppserverIo\Psr\Di;

use AppserverIo\Psr\Deployment\DescriptorInterface;

/**
 * Wrapper implementation for a object manager implementation.
 *
 * @author    Tim Wagner <[email protected]>
 * @copyright 2016 TechDivision GmbH <[email protected]>
 * @license   http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
 * @link      https://github.com/appserver-io-psr/di
 * @link      http://www.appserver.io
 */
class ObjectManagerWrapper implements ObjectManagerInterface
{

    /**
     * The object manager instance to be wrapped.
     *
     * @var \AppserverIo\Psr\Di\ObjectManagerInterface
     */
    protected $objectManager;

    /**
     * Injects the passed object manager instance into this wrapper.
     *
     * @param \AppserverIo\Psr\Di\ObjectManagerInterface $objectManager The object manager instance used for initialization
     *
     * @return void
     */
    public function injectObjectManager(ObjectManagerInterface $objectManager)
    {
        $this->objectManager = $objectManager;
    }

    /**
     * Return's the object manager instance.
     *
     * @return \AppserverIo\Psr\Di\ObjectManagerInterface The object manager instance
     */
    public function getObjectManager()
    {
        return $this->objectManager;
    }

    /**
     * Adds the passed object descriptor to the object manager. If the merge flag is TRUE, then
     * we check if already an object descriptor for the class exists before they will be merged.
     *
     * When we merge object descriptors this means, that the values of the passed descriptor
     * will override the existing ones.
     *
     * @param \AppserverIo\Psr\Deployment\DescriptorInterface $objectDescriptor The object descriptor to add
     * @param boolean                                         $merge            TRUE if we want to merge with an existing object descriptor
     *
     * @return void
     */
    public function addObjectDescriptor(DescriptorInterface $objectDescriptor, $merge = false)
    {
        $this->getObjectManager()->addObjectDescriptor($objectDescriptor, $merge);
    }

    /**
     * Returns the object descriptor if we've registered it.
     *
     * @param string $className The class name we want to return the object descriptor for
     *
     * @return \AppserverIo\Psr\Deployment\DescriptorInterface|null The requested object descriptor instance
     * @throws \AppserverIo\Psr\Di\UnknownObjectDescriptorException Is thrown if someone tries to access an unknown object desciptor
     */
    public function getObjectDescriptor($className)
    {
        return $this->getObjectManager()->getObjectDescriptor($className);
    }

    /**
     * Returns the storage with the object descriptors.
     *
     * @return \AppserverIo\Storage\StorageInterface The storage with the object descriptors
     */
    public function getObjectDescriptors()
    {
        return $this->getObjectManager()->getObjectDescriptors();
    }

    /**
     * Query if we've an object descriptor for the passed class name.
     *
     * @param string $className The class name we query for a object descriptor
     *
     * @return boolean TRUE if an object descriptor has been registered, else FALSE
     */
    public function hasObjectDescriptor($className)
    {
        return $this->getObjectManager()->hastObjectDescriptor($className);

    }

    /**
     * Registers the passed object descriptor under its class name.
     *
     * @param \AppserverIo\Psr\Deployment\DescriptorInterface $objectDescriptor The object descriptor to set
     *
     * @return void
     */
    public function setObjectDescriptor(DescriptorInterface $objectDescriptor)
    {
        $this->getObjectManager()->setObjectDescriptor($objectDescriptor);
    }

    /**
     * Adds the passed object descriptor to the object manager. If the merge flag is TRUE, then
     * we check if already an object descriptor for the class exists before they will be merged.
     *
     * When we merge object descriptors this means, that the values of the passed descriptor
     * will override the existing ones.
     *
     * @param \AppserverIo\Psr\Deployment\DescriptorInterface $objectDescriptor The object descriptor to add
     * @param boolean                                         $merge            TRUE if we want to merge with an existing object descriptor
     *
     * @return void
     */
    public function addPreference(DescriptorInterface $objectDescriptor, $merge = false)
    {
        $this->getObjectManager()->addPreference($objectDescriptor);
    }

    /**
     * Return's the preference for the passed class name.
     *
     * @param string $className The class name to return the preference for
     *
     * @return string The preference or the original class name
     */
    public function getPreference($className)
    {
        return $this->getObjectManager()->getPreference($className);
    }
}


1			<?php
2
3			/**
4			* AppserverIo\Psr\Di\ObjectManagerWrapper
5			*
6			* NOTICE OF LICENSE
7			*
8			* This source file is subject to the Open Software License (OSL 3.0)
9			* that is available through the world-wide-web at this URL:
10			* http://opensource.org/licenses/osl-3.0.php
11			*
12			* PHP version 5
13			*
14			* @author Tim Wagner <[email protected]>
15			* @copyright 2016 TechDivision GmbH <[email protected]>
16			* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
17			* @link https://github.com/appserver-io-psr/di
18			* @link http://www.appserver.io
19			*/
20
21			namespace AppserverIo\Psr\Di;
22
23			use AppserverIo\Psr\Deployment\DescriptorInterface;
24
25			/**
26			* Wrapper implementation for a object manager implementation.
27			*
28			* @author Tim Wagner <[email protected]>
29			* @copyright 2016 TechDivision GmbH <[email protected]>
30			* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
31			* @link https://github.com/appserver-io-psr/di
32			* @link http://www.appserver.io
33			*/
34			class ObjectManagerWrapper implements ObjectManagerInterface
35			{
36
37			/**
38			* The object manager instance to be wrapped.
39			*
40			* @var \AppserverIo\Psr\Di\ObjectManagerInterface
41			*/
42			protected $objectManager;
43
44			/**
45			* Injects the passed object manager instance into this wrapper.
46			*
47			* @param \AppserverIo\Psr\Di\ObjectManagerInterface $objectManager The object manager instance used for initialization
48			*
49			* @return void
50			*/
51			public function injectObjectManager(ObjectManagerInterface $objectManager)
52			{
53			$this->objectManager = $objectManager;
54			}
55
56			/**
57			* Return's the object manager instance.
58			*
59			* @return \AppserverIo\Psr\Di\ObjectManagerInterface The object manager instance
60			*/
61			public function getObjectManager()
62			{
63			return $this->objectManager;
64			}
65
66			/**
67			* Adds the passed object descriptor to the object manager. If the merge flag is TRUE, then
68			* we check if already an object descriptor for the class exists before they will be merged.
69			*
70			* When we merge object descriptors this means, that the values of the passed descriptor
71			* will override the existing ones.
72			*
73			* @param \AppserverIo\Psr\Deployment\DescriptorInterface $objectDescriptor The object descriptor to add
74			* @param boolean $merge TRUE if we want to merge with an existing object descriptor
75			*
76			* @return void
77			*/
78			public function addObjectDescriptor(DescriptorInterface $objectDescriptor, $merge = false)
79			{
80			$this->getObjectManager()->addObjectDescriptor($objectDescriptor, $merge);
81			}
82
83			/**
84			* Returns the object descriptor if we've registered it.
85			*
86			* @param string $className The class name we want to return the object descriptor for
87			*
88			* @return \AppserverIo\Psr\Deployment\DescriptorInterface\|null The requested object descriptor instance
89			* @throws \AppserverIo\Psr\Di\UnknownObjectDescriptorException Is thrown if someone tries to access an unknown object desciptor
90			*/
91			public function getObjectDescriptor($className)
92			{
93			return $this->getObjectManager()->getObjectDescriptor($className);
94			}
95
96			/**
97			* Returns the storage with the object descriptors.
98			*
99			* @return \AppserverIo\Storage\StorageInterface The storage with the object descriptors
100			*/
101			public function getObjectDescriptors()
102			{
103			return $this->getObjectManager()->getObjectDescriptors();
104			}
105
106			/**
107			* Query if we've an object descriptor for the passed class name.
108			*
109			* @param string $className The class name we query for a object descriptor
110			*
111			* @return boolean TRUE if an object descriptor has been registered, else FALSE
112			*/
113			public function hasObjectDescriptor($className)
114			{
115			return $this->getObjectManager()->hastObjectDescriptor($className);
			0 ignored issues – show Bug introduced 2018-04-11 11:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `hastObjectDescriptor()` does not exist on `AppserverIo\Psr\Di\ObjectManagerInterface`. Did you maybe mean `hasObjectDescriptor()`? This check marks calls to methods that do not seem to exist on an object. This is most likely the result of a method being renamed without all references to it being renamed likewise. Loading history...
116			}
117
118			/**
119			* Registers the passed object descriptor under its class name.
120			*
121			* @param \AppserverIo\Psr\Deployment\DescriptorInterface $objectDescriptor The object descriptor to set
122			*
123			* @return void
124			*/
125			public function setObjectDescriptor(DescriptorInterface $objectDescriptor)
126			{
127			$this->getObjectManager()->setObjectDescriptor($objectDescriptor);
128			}
129
130			/**
131			* Adds the passed object descriptor to the object manager. If the merge flag is TRUE, then
132			* we check if already an object descriptor for the class exists before they will be merged.
133			*
134			* When we merge object descriptors this means, that the values of the passed descriptor
135			* will override the existing ones.
136			*
137			* @param \AppserverIo\Psr\Deployment\DescriptorInterface $objectDescriptor The object descriptor to add
138			* @param boolean $merge TRUE if we want to merge with an existing object descriptor
139			*
140			* @return void
141			*/
142			public function addPreference(DescriptorInterface $objectDescriptor, $merge = false)
143			{
144			$this->getObjectManager()->addPreference($objectDescriptor);
145			}
146
147			/**
148			* Return's the preference for the passed class name.
149			*
150			* @param string $className The class name to return the preference for
151			*
152			* @return string The preference or the original class name
153			*/
154			public function getPreference($className)
155			{
156			return $this->getObjectManager()->getPreference($className);
157			}
158			}
159

appserver-io-psr / di

Issues (2)

Security Analysis no request data

src/ObjectManagerWrapper.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like