This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Robo\Task\Filesystem; |
||
4 | |||
5 | use Robo\Task\StackBasedTask; |
||
6 | use Symfony\Component\Filesystem\Filesystem as sfFilesystem; |
||
7 | use Symfony\Component\Filesystem\Exception\IOException; |
||
8 | use Robo\Contract\BuilderAwareInterface; |
||
9 | use Robo\Common\BuilderAwareTrait; |
||
10 | |||
11 | /** |
||
12 | * Wrapper for [Symfony Filesystem](http://symfony.com/doc/current/components/filesystem.html) Component. |
||
13 | * Comands are executed in stack and can be stopped on first fail with `stopOnFail` option. |
||
14 | * |
||
15 | * ``` php |
||
16 | * <?php |
||
17 | * $this->taskFilesystemStack() |
||
18 | * ->mkdir('logs') |
||
19 | * ->touch('logs/.gitignore') |
||
20 | * ->chgrp('www', 'www-data') |
||
21 | * ->symlink('/var/log/nginx/error.log', 'logs/error.log') |
||
22 | * ->run(); |
||
23 | * |
||
24 | * // one line |
||
25 | * $this->_touch('.gitignore'); |
||
26 | * $this->_mkdir('logs'); |
||
27 | * |
||
28 | * ?> |
||
29 | * ``` |
||
30 | * |
||
31 | * @method $this mkdir(string|array|\Traversable $dir, int $mode = 0777) |
||
32 | * @method $this touch(string|array|\Traversable $file, int $time = null, int $atime = null) |
||
33 | * @method $this copy(string $from, string $to, bool $force = false) |
||
34 | * @method $this chmod(string|array|\Traversable $file, int $permissions, int $umask = 0000, bool $recursive = false) |
||
35 | * @method $this chgrp(string|array|\Traversable $file, string $group, bool $recursive = false) |
||
36 | * @method $this chown(string|array|\Traversable $file, string $user, bool $recursive = false) |
||
37 | * @method $this remove(string|array|\Traversable $file) |
||
38 | * @method $this rename(string $from, string $to, bool $force = false) |
||
39 | * @method $this symlink(string $from, string $to, bool $copyOnWindows = false) |
||
40 | * @method $this mirror(string $from, string $to, \Traversable $iterator = null, array $options = []) |
||
41 | */ |
||
42 | class FilesystemStack extends StackBasedTask implements BuilderAwareInterface |
||
43 | { |
||
44 | use BuilderAwareTrait; |
||
45 | |||
46 | /** |
||
47 | * @var \Symfony\Component\Filesystem\Filesystem |
||
48 | */ |
||
49 | protected $fs; |
||
50 | |||
51 | public function __construct() |
||
52 | { |
||
53 | $this->fs = new sfFilesystem(); |
||
54 | } |
||
55 | |||
56 | /** |
||
57 | * @return \Symfony\Component\Filesystem\Filesystem |
||
58 | */ |
||
59 | protected function getDelegate() |
||
60 | { |
||
61 | return $this->fs; |
||
62 | } |
||
63 | |||
64 | /** |
||
65 | * @param string $from |
||
66 | * @param string $to |
||
67 | * @param bool $force |
||
68 | */ |
||
69 | protected function _copy($from, $to, $force = false) |
||
70 | { |
||
71 | $this->fs->copy($from, $to, $force); |
||
72 | } |
||
73 | |||
74 | /** |
||
75 | * @param string|string[]|\Traversable $file |
||
76 | * @param int $permissions |
||
77 | * @param int $umask |
||
78 | * @param bool $recursive |
||
79 | */ |
||
80 | protected function _chmod($file, $permissions, $umask = 0000, $recursive = false) |
||
81 | { |
||
82 | $this->fs->chmod($file, $permissions, $umask, $recursive); |
||
83 | } |
||
84 | |||
85 | /** |
||
86 | * @param string|string[]|\Traversable $file |
||
87 | * @param string $group |
||
88 | * @param bool $recursive |
||
89 | */ |
||
90 | protected function _chgrp($file, $group, $recursive = null) |
||
91 | { |
||
92 | $this->fs->chgrp($file, $group, $recursive); |
||
0 ignored issues
–
show
|
|||
93 | } |
||
94 | |||
95 | /** |
||
96 | * @param string|string[]|\Traversable $file |
||
97 | * @param string $user |
||
98 | * @param bool $recursive |
||
99 | */ |
||
100 | protected function _chown($file, $user, $recursive = null) |
||
101 | { |
||
102 | $this->fs->chown($file, $user, $recursive); |
||
0 ignored issues
–
show
It seems like
$recursive defined by parameter $recursive on line 100 can also be of type null ; however, Symfony\Component\Filesystem\Filesystem::chown() does only seem to accept boolean , maybe add an additional type check?
This check looks at variables that have been passed in as parameters and are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.
Loading history...
|
|||
103 | } |
||
104 | |||
105 | /** |
||
106 | * @param string $origin |
||
107 | * @param string $target |
||
108 | * @param bool $overwrite |
||
109 | * |
||
110 | * @return null|true|\Robo\Result |
||
111 | */ |
||
112 | protected function _rename($origin, $target, $overwrite = false) |
||
113 | { |
||
114 | // we check that target does not exist |
||
115 | if ((!$overwrite && is_readable($target)) || (file_exists($target) && !is_writable($target))) { |
||
116 | throw new IOException(sprintf('Cannot rename because the target "%s" already exists.', $target), 0, null, $target); |
||
117 | } |
||
118 | |||
119 | // Due to a bug (limitation) in PHP, cross-volume renames do not work. |
||
120 | // See: https://bugs.php.net/bug.php?id=54097 |
||
121 | if (true !== @rename($origin, $target)) { |
||
122 | return $this->crossVolumeRename($origin, $target); |
||
123 | } |
||
124 | return true; |
||
125 | } |
||
126 | |||
127 | /** |
||
128 | * @param string $origin |
||
129 | * @param string $target |
||
130 | * |
||
131 | * @return null|\Robo\Result |
||
132 | */ |
||
133 | protected function crossVolumeRename($origin, $target) |
||
134 | { |
||
135 | // First step is to try to get rid of the target. If there |
||
136 | // is a single, deletable file, then we will just unlink it. |
||
137 | if (is_file($target)) { |
||
138 | unlink($target); |
||
139 | } |
||
140 | // If the target still exists, we will try to delete it. |
||
141 | // TODO: Note that if this fails partway through, then we cannot |
||
142 | // adequately rollback. Perhaps we need to preflight the operation |
||
143 | // and determine if everything inside of $target is writable. |
||
144 | if (file_exists($target)) { |
||
145 | $this->fs->remove($target); |
||
146 | } |
||
147 | |||
148 | /** @var \Robo\Result $result */ |
||
149 | $result = $this->collectionBuilder()->taskCopyDir([$origin => $target])->run(); |
||
0 ignored issues
–
show
The method
taskCopyDir does not exist on object<Robo\Collection\CollectionBuilder> ? Since you implemented __call , maybe consider adding a @method annotation.
If you implement This is often the case, when class ParentClass {
private $data = array();
public function __call($method, array $args) {
if (0 === strpos($method, 'get')) {
return $this->data[strtolower(substr($method, 3))];
}
throw new \LogicException(sprintf('Unsupported method: %s', $method));
}
}
/**
* If this class knows which fields exist, you can specify the methods here:
*
* @method string getName()
*/
class SomeClass extends ParentClass { }
Loading history...
|
|||
150 | if (!$result->wasSuccessful()) { |
||
151 | return $result; |
||
152 | } |
||
153 | $this->fs->remove($origin); |
||
154 | } |
||
155 | } |
||
156 |
This check looks at variables that have been passed in as parameters and are passed out again to other methods.
If the outgoing method call has stricter type requirements than the method itself, an issue is raised.
An additional type check may prevent trouble.