This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Robo\Task\Development; |
||
4 | |||
5 | use Robo\Contract\ProgressIndicatorAwareInterface; |
||
6 | use Robo\Contract\PrintedInterface; |
||
7 | use Robo\Result; |
||
8 | use Robo\Task\BaseTask; |
||
9 | |||
10 | /** |
||
11 | * Creates Phar. |
||
12 | * |
||
13 | * ``` php |
||
14 | * <?php |
||
15 | * $pharTask = $this->taskPackPhar('package/codecept.phar') |
||
16 | * ->compress() |
||
17 | * ->stub('package/stub.php'); |
||
18 | * |
||
19 | * $finder = Finder::create() |
||
20 | * ->name('*.php') |
||
21 | * ->in('src'); |
||
22 | * |
||
23 | * foreach ($finder as $file) { |
||
24 | * $pharTask->addFile('src/'.$file->getRelativePathname(), $file->getRealPath()); |
||
25 | * } |
||
26 | * |
||
27 | * $finder = Finder::create()->files() |
||
28 | * ->name('*.php') |
||
29 | * ->in('vendor'); |
||
30 | * |
||
31 | * foreach ($finder as $file) { |
||
32 | * $pharTask->addStripped('vendor/'.$file->getRelativePathname(), $file->getRealPath()); |
||
33 | * } |
||
34 | * $pharTask->run(); |
||
35 | * |
||
36 | * // verify Phar is packed correctly |
||
37 | * $code = $this->_exec('php package/codecept.phar'); |
||
38 | * ?> |
||
39 | * ``` |
||
40 | */ |
||
41 | class PackPhar extends BaseTask implements PrintedInterface, ProgressIndicatorAwareInterface |
||
42 | { |
||
43 | /** |
||
44 | * @var \Phar |
||
45 | */ |
||
46 | protected $phar; |
||
47 | |||
48 | /** |
||
49 | * @var null|string |
||
50 | */ |
||
51 | protected $compileDir = null; |
||
52 | |||
53 | /** |
||
54 | * @var string |
||
55 | */ |
||
56 | protected $filename; |
||
57 | |||
58 | /** |
||
59 | * @var bool |
||
60 | */ |
||
61 | protected $compress = false; |
||
62 | |||
63 | protected $stub; |
||
64 | |||
65 | protected $bin; |
||
66 | |||
67 | /** |
||
68 | * @var string |
||
69 | */ |
||
70 | protected $stubTemplate = <<<EOF |
||
71 | #!/usr/bin/env php |
||
72 | <?php |
||
73 | Phar::mapPhar(); |
||
74 | %s |
||
75 | __HALT_COMPILER(); |
||
76 | EOF; |
||
77 | |||
78 | /** |
||
79 | * @var string[] |
||
80 | */ |
||
81 | protected $files = []; |
||
82 | |||
83 | /** |
||
84 | * {@inheritdoc} |
||
85 | */ |
||
86 | public function getPrinted() |
||
87 | { |
||
88 | return true; |
||
89 | } |
||
90 | |||
91 | /** |
||
92 | * @param string $filename |
||
93 | */ |
||
94 | public function __construct($filename) |
||
95 | { |
||
96 | $file = new \SplFileInfo($filename); |
||
97 | $this->filename = $filename; |
||
98 | if (file_exists($file->getRealPath())) { |
||
99 | @unlink($file->getRealPath()); |
||
100 | } |
||
101 | $this->phar = new \Phar($file->getPathname(), 0, $file->getFilename()); |
||
102 | } |
||
103 | |||
104 | /** |
||
105 | * @param bool $compress |
||
106 | * |
||
107 | * @return $this |
||
108 | */ |
||
109 | public function compress($compress = true) |
||
110 | { |
||
111 | $this->compress = $compress; |
||
112 | return $this; |
||
113 | } |
||
114 | |||
115 | /** |
||
116 | * @param string $stub |
||
117 | * |
||
118 | * @return $this |
||
119 | */ |
||
120 | public function stub($stub) |
||
121 | { |
||
122 | $this->phar->setStub(file_get_contents($stub)); |
||
123 | return $this; |
||
124 | } |
||
125 | |||
126 | /** |
||
127 | * {@inheritdoc} |
||
128 | */ |
||
129 | public function progressIndicatorSteps() |
||
130 | { |
||
131 | // run() will call advanceProgressIndicator() once for each |
||
132 | // file, one after calling stopBuffering, and again after compression. |
||
133 | return count($this->files) + 2; |
||
134 | } |
||
135 | |||
136 | /** |
||
137 | * {@inheritdoc} |
||
138 | */ |
||
139 | public function run() |
||
140 | { |
||
141 | $this->printTaskInfo('Creating {filename}', ['filename' => $this->filename]); |
||
142 | $this->phar->setSignatureAlgorithm(\Phar::SHA1); |
||
143 | $this->phar->startBuffering(); |
||
144 | |||
145 | $this->printTaskInfo('Packing {file-count} files into phar', ['file-count' => count($this->files)]); |
||
146 | |||
147 | $this->startProgressIndicator(); |
||
148 | foreach ($this->files as $path => $content) { |
||
149 | $this->phar->addFromString($path, $content); |
||
150 | $this->advanceProgressIndicator(); |
||
151 | } |
||
152 | $this->phar->stopBuffering(); |
||
153 | $this->advanceProgressIndicator(); |
||
154 | |||
155 | if ($this->compress and in_array('GZ', \Phar::getSupportedCompression())) { |
||
156 | if (count($this->files) > 1000) { |
||
157 | $this->printTaskInfo('Too many files. Compression DISABLED'); |
||
158 | } else { |
||
159 | $this->printTaskInfo('{filename} compressed', ['filename' => $this->filename]); |
||
160 | $this->phar = $this->phar->compressFiles(\Phar::GZ); |
||
0 ignored issues
–
show
|
|||
161 | } |
||
162 | } |
||
163 | $this->advanceProgressIndicator(); |
||
164 | $this->stopProgressIndicator(); |
||
165 | $this->printTaskSuccess('{filename} produced', ['filename' => $this->filename]); |
||
166 | return Result::success($this, '', ['time' => $this->getExecutionTime()]); |
||
167 | } |
||
168 | |||
169 | /** |
||
170 | * @param string $path |
||
171 | * @param string $file |
||
172 | * |
||
173 | * @return $this |
||
174 | */ |
||
175 | public function addStripped($path, $file) |
||
176 | { |
||
177 | $this->files[$path] = $this->stripWhitespace(file_get_contents($file)); |
||
178 | return $this; |
||
179 | } |
||
180 | |||
181 | /** |
||
182 | * @param string $path |
||
183 | * @param string $file |
||
184 | * |
||
185 | * @return $this |
||
186 | */ |
||
187 | public function addFile($path, $file) |
||
188 | { |
||
189 | $this->files[$path] = file_get_contents($file); |
||
190 | return $this; |
||
191 | } |
||
192 | |||
193 | /** |
||
194 | * @param \Symfony\Component\Finder\SplFileInfo[] $files |
||
195 | */ |
||
196 | public function addFiles($files) |
||
197 | { |
||
198 | foreach ($files as $file) { |
||
199 | $this->addFile($file->getRelativePathname(), $file->getRealPath()); |
||
200 | } |
||
201 | } |
||
202 | |||
203 | /** |
||
204 | * @param string $file |
||
205 | * |
||
206 | * @return $this |
||
207 | */ |
||
208 | public function executable($file) |
||
209 | { |
||
210 | $source = file_get_contents($file); |
||
211 | if (strpos($source, '#!/usr/bin/env php') === 0) { |
||
212 | $source = substr($source, strpos($source, '<?php') + 5); |
||
213 | } |
||
214 | $this->phar->setStub(sprintf($this->stubTemplate, $source)); |
||
215 | return $this; |
||
216 | } |
||
217 | |||
218 | /** |
||
219 | * Strips whitespace from source. Taken from composer |
||
220 | * |
||
221 | * @param string $source |
||
222 | * |
||
223 | * @return string |
||
224 | */ |
||
225 | private function stripWhitespace($source) |
||
226 | { |
||
227 | if (!function_exists('token_get_all')) { |
||
228 | return $source; |
||
229 | } |
||
230 | |||
231 | $output = ''; |
||
232 | foreach (token_get_all($source) as $token) { |
||
233 | if (is_string($token)) { |
||
234 | $output .= $token; |
||
235 | } elseif (in_array($token[0], array(T_COMMENT, T_DOC_COMMENT))) { |
||
236 | // $output .= $token[1]; |
||
237 | $output .= str_repeat("\n", substr_count($token[1], "\n")); |
||
238 | } elseif (T_WHITESPACE === $token[0]) { |
||
239 | // reduce wide spaces |
||
240 | $whitespace = preg_replace('{[ \t]+}', ' ', $token[1]); |
||
241 | // normalize newlines to \n |
||
242 | $whitespace = preg_replace('{(?:\r\n|\r|\n)}', "\n", $whitespace); |
||
243 | // trim leading spaces |
||
244 | $whitespace = preg_replace('{\n +}', "\n", $whitespace); |
||
245 | $output .= $whitespace; |
||
246 | } else { |
||
247 | $output .= $token[1]; |
||
248 | } |
||
249 | } |
||
250 | |||
251 | return $output; |
||
252 | } |
||
253 | } |
||
254 |
This check looks for function or method calls that always return null and whose return value is assigned to a variable.
The method
getObject()
can return nothing but null, so it makes no sense to assign that value to a variable.The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.