Issues in ListTrait.php (master) - Issues in master - cebe/markdown - Measure and Improve Code Quality continuously with Scrutinizer

Issues (16)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

block/ListTrait.php (2 issues)

Labels

Severity

Informational 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @copyright Copyright (c) 2014 Carsten Brandt
 * @license https://github.com/cebe/markdown/blob/master/LICENSE
 * @link https://github.com/cebe/markdown#readme
 */

namespace cebe\markdown\block;

/**
 * Adds the list blocks
 */
trait ListTrait
{
	/**
	 * @var bool enable support `start` attribute of ordered lists. This means that lists
	 * will start with the number you actually type in markdown and not the HTML generated one.
	 * Defaults to `false` which means that numeration of all ordered lists(<ol>) starts with 1.
	 */
	public $keepListStartNumber = false;

	/**
	 * identify a line as the beginning of an ordered list.
	 */
	protected function identifyOl($line)
	{
		return (($l = $line[0]) > '0' && $l <= '9' || $l === ' ') && preg_match('/^ {0,3}\d+\.[ \t]/', $line);
	}

	/**
	 * identify a line as the beginning of an unordered list.
	 */
	protected function identifyUl($line)
	{
		$l = $line[0];
		return ($l === '-' || $l === '+' || $l === '*') && (isset($line[1]) && (($l1 = $line[1]) === ' ' || $l1 === "\t")) ||
		       ($l === ' ' && preg_match('/^ {0,3}[\-\+\*][ \t]/', $line));
	}

	/**
	 * Consume lines for an ordered list
	 */
	protected function consumeOl($lines, $current)

	{
		// consume until newline

		$block = [
			'list',
			'list' => 'ol',
			'attr' => [],
			'items' => [],
		];
		return $this->consumeList($lines, $current, $block, 'ol');
	}

	/**
	 * Consume lines for an unordered list
	 */
	protected function consumeUl($lines, $current)

	{
		// consume until newline

		$block = [
			'list',
			'list' => 'ul',
			'items' => [],
		];
		return $this->consumeList($lines, $current, $block, 'ul');
	}

	private function consumeList($lines, $current, $block, $type)
	{
		$item = 0;
		$indent = '';
		$len = 0;
		$lastLineEmpty = false;
		// track the indentation of list markers, if indented more than previous element
		// a list marker is considered to be long to a lower level
		$leadSpace = 3;
		$marker = $type === 'ul' ? ltrim($lines[$current])[0] : '';
		for ($i = $current, $count = count($lines); $i < $count; $i++) {
			$line = $lines[$i];
			// match list marker on the beginning of the line
			$pattern = ($type === 'ol') ? '/^( {0,'.$leadSpace.'})(\d+)\.[ \t]+/' : '/^( {0,'.$leadSpace.'})\\'.$marker.'[ \t]+/';
			if (preg_match($pattern, $line, $matches)) {
				if (($len = substr_count($matches[0], "\t")) > 0) {
					$indent = str_repeat("\t", $len);
					$line = substr($line, strlen($matches[0]));
				} else {
					$len = strlen($matches[0]);
					$indent = str_repeat(' ', $len);
					$line = substr($line, $len);
				}
				if ($i === $current) {
					$leadSpace = strlen($matches[1]) + 1;
				}

				if ($type === 'ol' && $this->keepListStartNumber) {
					// attr `start` for ol
					if (!isset($block['attr']['start']) && isset($matches[2])) {
						$block['attr']['start'] = $matches[2];
					}
				}

				$block['items'][++$item][] = $line;
				$block['lazyItems'][$item] = $lastLineEmpty;
				$lastLineEmpty = false;
			} elseif (ltrim($line) === '') {
				// line is empty, may be a lazy list
				$lastLineEmpty = true;

				// two empty lines will end the list
				if (!isset($lines[$i + 1][0])) {
					break;

				// next item is the continuation of this list -> lazy list
				} elseif (preg_match($pattern, $lines[$i + 1])) {
					$block['items'][$item][] = $line;
					$block['lazyItems'][$item] = true;

				// next item is indented as much as this list -> lazy list if it is not a reference
				} elseif (strncmp($lines[$i + 1], $indent, $len) === 0 || !empty($lines[$i + 1]) && $lines[$i + 1][0] == "\t") {
					$block['items'][$item][] = $line;
					$nextLine = $lines[$i + 1][0] === "\t" ? substr($lines[$i + 1], 1) : substr($lines[$i + 1], $len);
					$block['lazyItems'][$item] = empty($nextLine) || !method_exists($this, 'identifyReference') || !$this->identifyReference($nextLine);

				// everything else ends the list
				} else {
					break;
				}
			} else {
				if ($line[0] === "\t") {
					$line = substr($line, 1);
				} elseif (strncmp($line, $indent, $len) === 0) {
					$line = substr($line, $len);
				}
				$block['items'][$item][] = $line;
				$lastLineEmpty = false;
			}

			// if next line is <hr>, end the list
			if (!empty($lines[$i + 1]) && method_exists($this, 'identifyHr') && $this->identifyHr($lines[$i + 1])) {
				break;
			}
		}

		foreach($block['items'] as $itemId => $itemLines) {
			$content = [];
			if (!$block['lazyItems'][$itemId]) {
				$firstPar = [];
				while (!empty($itemLines) && rtrim($itemLines[0]) !== '' && $this->detectLineType($itemLines, 0) === 'paragraph') {
					$firstPar[] = array_shift($itemLines);
				}
				$content = $this->parseInline(implode("\n", $firstPar));
			}
			if (!empty($itemLines)) {
				$content = array_merge($content, $this->parseBlocks($itemLines));
			}
			$block['items'][$itemId] = $content;
		}

		return [$block, $i];
	}

	/**
	 * Renders a list
	 */
	protected function renderList($block)
	{
		$type = $block['list'];

		if (!empty($block['attr'])) {
			$output = "<$type " . $this->generateHtmlAttributes($block['attr']) . ">\n";
		} else {
			$output = "<$type>\n";
		}

		foreach ($block['items'] as $item => $itemLines) {
			$output .= '<li>' . $this->renderAbsy($itemLines). "</li>\n";
		}
		return $output . "</$type>\n";
	}


	/**
	 * Return html attributes string from [attrName => attrValue] list
	 * @param array $attributes the attribute name-value pairs.
	 * @return string
	 */
	private function generateHtmlAttributes($attributes)
	{
		foreach ($attributes as $name => $value) {
			$attributes[$name] = "$name=\"$value\"";
		}
		return implode(' ', $attributes);
	}

	abstract protected function parseBlocks($lines);
	abstract protected function parseInline($text);
	abstract protected function renderAbsy($absy);
	abstract protected function detectLineType($lines, $current);
}


1			<?php
2			/**
3			* @copyright Copyright (c) 2014 Carsten Brandt
4			* @license https://github.com/cebe/markdown/blob/master/LICENSE
5			* @link https://github.com/cebe/markdown#readme
6			*/
7
8			namespace cebe\markdown\block;
9
10			/**
11			* Adds the list blocks
12			*/
13			trait ListTrait
14			{
15			/**
16			* @var bool enable support `start` attribute of ordered lists. This means that lists
17			* will start with the number you actually type in markdown and not the HTML generated one.
18			* Defaults to `false` which means that numeration of all ordered lists(<ol>) starts with 1.
19			*/
20			public $keepListStartNumber = false;
21
22			/**
23			* identify a line as the beginning of an ordered list.
24			*/
25	205		protected function identifyOl($line)
26			{
27	205		return (($l = $line[0]) > '0' && $l <= '9' \|\| $l === ' ') && preg_match('/^ {0,3}\d+\.[ \t]/', $line);
28			}
29
30			/**
31			* identify a line as the beginning of an unordered list.
32			*/
33	206		protected function identifyUl($line)
34			{
35	206		$l = $line[0];
36	206		return ($l === '-' \|\| $l === '+' \|\| $l === '*') && (isset($line[1]) && (($l1 = $line[1]) === ' ' \|\| $l1 === "\t")) \|\|
37	206		($l === ' ' && preg_match('/^ {0,3}[\-\+\*][ \t]/', $line));
38			}
39
40			/**
41			* Consume lines for an ordered list
42			*/
43	24	View Code Duplication	protected function consumeOl($lines, $current)
			0 ignored issues – show Duplication introduced 2018-03-12 19:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
44			{
45			// consume until newline
46
47			$block = [
48	24		'list',
49			'list' => 'ol',
50			'attr' => [],
51			'items' => [],
52			];
53	24		return $this->consumeList($lines, $current, $block, 'ol');
54			}
55
56			/**
57			* Consume lines for an unordered list
58			*/
59	39	View Code Duplication	protected function consumeUl($lines, $current)
			0 ignored issues – show Duplication introduced 2018-03-12 19:50 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
60			{
61			// consume until newline
62
63			$block = [
64	39		'list',
65			'list' => 'ul',
66			'items' => [],
67			];
68	39		return $this->consumeList($lines, $current, $block, 'ul');
69			}
70
71	46		private function consumeList($lines, $current, $block, $type)
72			{
73	46		$item = 0;
74	46		$indent = '';
75	46		$len = 0;
76	46		$lastLineEmpty = false;
77			// track the indentation of list markers, if indented more than previous element
78			// a list marker is considered to be long to a lower level
79	46		$leadSpace = 3;
80	46		$marker = $type === 'ul' ? ltrim($lines[$current])[0] : '';
81	46		for ($i = $current, $count = count($lines); $i < $count; $i++) {
82	46		$line = $lines[$i];
83			// match list marker on the beginning of the line
84	46		$pattern = ($type === 'ol') ? '/^( {0,'.$leadSpace.'})(\d+)\.[ \t]+/' : '/^( {0,'.$leadSpace.'})\\'.$marker.'[ \t]+/';
85	46		if (preg_match($pattern, $line, $matches)) {
86	46		if (($len = substr_count($matches[0], "\t")) > 0) {
87	10		$indent = str_repeat("\t", $len);
88	10		$line = substr($line, strlen($matches[0]));
89			} else {
90	43		$len = strlen($matches[0]);
91	43		$indent = str_repeat(' ', $len);
92	43		$line = substr($line, $len);
93			}
94	46		if ($i === $current) {
95	46		$leadSpace = strlen($matches[1]) + 1;
96			}
97
98	46		if ($type === 'ol' && $this->keepListStartNumber) {
99			// attr `start` for ol
100	2		if (!isset($block['attr']['start']) && isset($matches[2])) {
101	2		$block['attr']['start'] = $matches[2];
102			}
103			}
104
105	46		$block['items'][++$item][] = $line;
106	46		$block['lazyItems'][$item] = $lastLineEmpty;
107	46		$lastLineEmpty = false;
108	40		} elseif (ltrim($line) === '') {
109			// line is empty, may be a lazy list
110	40		$lastLineEmpty = true;
111
112			// two empty lines will end the list
113	40		if (!isset($lines[$i + 1][0])) {
114	25		break;
115
116			// next item is the continuation of this list -> lazy list
117	40		} elseif (preg_match($pattern, $lines[$i + 1])) {
118	18		$block['items'][$item][] = $line;
119	18		$block['lazyItems'][$item] = true;
120
121			// next item is indented as much as this list -> lazy list if it is not a reference
122	37		} elseif (strncmp($lines[$i + 1], $indent, $len) === 0 \|\| !empty($lines[$i + 1]) && $lines[$i + 1][0] == "\t") {
123	20		$block['items'][$item][] = $line;
124	20		$nextLine = $lines[$i + 1][0] === "\t" ? substr($lines[$i + 1], 1) : substr($lines[$i + 1], $len);
125	20		$block['lazyItems'][$item] = empty($nextLine) \|\| !method_exists($this, 'identifyReference') \|\| !$this->identifyReference($nextLine);
126
127			// everything else ends the list
128			} else {
129	40		break;
130			}
131			} else {
132	30		if ($line[0] === "\t") {
133	7		$line = substr($line, 1);
134	26		} elseif (strncmp($line, $indent, $len) === 0) {
135	23		$line = substr($line, $len);
136			}
137	30		$block['items'][$item][] = $line;
138	30		$lastLineEmpty = false;
139			}
140
141			// if next line is <hr>, end the list
142	46		if (!empty($lines[$i + 1]) && method_exists($this, 'identifyHr') && $this->identifyHr($lines[$i + 1])) {
143	3		break;
144			}
145			}
146
147	46		foreach($block['items'] as $itemId => $itemLines) {
148	46		$content = [];
149	46		if (!$block['lazyItems'][$itemId]) {
150	41		$firstPar = [];
151	41		while (!empty($itemLines) && rtrim($itemLines[0]) !== '' && $this->detectLineType($itemLines, 0) === 'paragraph') {
152	41		$firstPar[] = array_shift($itemLines);
153			}
154	41		$content = $this->parseInline(implode("\n", $firstPar));
155			}
156	46		if (!empty($itemLines)) {
157	30		$content = array_merge($content, $this->parseBlocks($itemLines));
158			}
159	46		$block['items'][$itemId] = $content;
160			}
161
162	46		return [$block, $i];
163			}
164
165			/**
166			* Renders a list
167			*/
168	46		protected function renderList($block)
169			{
170	46		$type = $block['list'];
171
172	46		if (!empty($block['attr'])) {
173	2		$output = "<$type " . $this->generateHtmlAttributes($block['attr']) . ">\n";
174			} else {
175	45		$output = "<$type>\n";
176			}
177
178	46		foreach ($block['items'] as $item => $itemLines) {
179	46		$output .= '<li>' . $this->renderAbsy($itemLines). "</li>\n";
180			}
181	46		return $output . "</$type>\n";
182			}
183
184
185			/**
186			* Return html attributes string from [attrName => attrValue] list
187			* @param array $attributes the attribute name-value pairs.
188			* @return string
189			*/
190	2		private function generateHtmlAttributes($attributes)
191			{
192	2		foreach ($attributes as $name => $value) {
193	2		$attributes[$name] = "$name=\"$value\"";
194			}
195	2		return implode(' ', $attributes);
196			}
197
198			abstract protected function parseBlocks($lines);
199			abstract protected function parseInline($text);
200			abstract protected function renderAbsy($absy);
201			abstract protected function detectLineType($lines, $current);
202			}
203

cebe / markdown

Issues (16)

Security Analysis no request data

block/ListTrait.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like