This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /* |
||
4 | * This file is part of the Ivory Http Adapter package. |
||
5 | * |
||
6 | * (c) Eric GELOEN <[email protected]> |
||
7 | * |
||
8 | * For the full copyright and license information, please read the LICENSE |
||
9 | * file that was distributed with this source code. |
||
10 | */ |
||
11 | |||
12 | namespace Ivory\HttpAdapter; |
||
13 | |||
14 | use Ivory\HttpAdapter\Extractor\ProtocolVersionExtractor; |
||
15 | use Ivory\HttpAdapter\Extractor\StatusCodeExtractor; |
||
16 | use Ivory\HttpAdapter\Message\InternalRequestInterface; |
||
17 | use Ivory\HttpAdapter\Message\RequestInterface; |
||
18 | use Ivory\HttpAdapter\Message\ResponseInterface; |
||
19 | use Ivory\HttpAdapter\Normalizer\BodyNormalizer; |
||
20 | use Ivory\HttpAdapter\Normalizer\HeadersNormalizer; |
||
21 | |||
22 | /** |
||
23 | * @author GeLo <[email protected]> |
||
24 | */ |
||
25 | class CurlHttpAdapter extends AbstractCurlHttpAdapter |
||
26 | { |
||
27 | /** |
||
28 | * @param ConfigurationInterface|null $configuration |
||
29 | */ |
||
30 | 705 | public function __construct(ConfigurationInterface $configuration = null) |
|
31 | { |
||
32 | 705 | parent::__construct($configuration); |
|
33 | 704 | } |
|
34 | |||
35 | /** |
||
36 | * {@inheritdoc} |
||
37 | */ |
||
38 | 41 | public function getName() |
|
39 | { |
||
40 | 41 | return 'curl'; |
|
41 | } |
||
42 | |||
43 | /** |
||
44 | * {@inheritdoc} |
||
45 | */ |
||
46 | 656 | protected function sendInternalRequest(InternalRequestInterface $internalRequest) |
|
47 | { |
||
48 | 656 | $curl = $this->createCurl($internalRequest); |
|
49 | |||
50 | try { |
||
51 | 656 | $response = $this->createResponse($curl, curl_exec($curl), $internalRequest); |
|
52 | 498 | } catch (HttpAdapterException $e) { |
|
53 | 24 | curl_close($curl); |
|
54 | |||
55 | 24 | throw $e; |
|
56 | } |
||
57 | |||
58 | 632 | curl_close($curl); |
|
59 | |||
60 | 632 | return $response; |
|
61 | } |
||
62 | |||
63 | /** |
||
64 | * {@inheritdoc} |
||
65 | */ |
||
66 | 508 | protected function sendInternalRequests(array $internalRequests, $success, $error) |
|
67 | { |
||
68 | 16 | $curlMulti = curl_multi_init(); |
|
69 | |||
70 | 16 | $contexts = []; |
|
71 | 16 | foreach ($internalRequests as $internalRequest) { |
|
72 | 16 | $contexts[] = [ |
|
73 | 16 | 'curl' => $curl = $this->createCurl($internalRequest), |
|
74 | 16 | 'request' => $internalRequest, |
|
75 | 504 | ]; |
|
76 | |||
77 | 16 | curl_multi_add_handle($curlMulti, $curl); |
|
78 | 12 | } |
|
79 | |||
80 | do { |
||
81 | do { |
||
82 | 16 | $exec = curl_multi_exec($curlMulti, $running); |
|
83 | 16 | } while ($exec === CURLM_CALL_MULTI_PERFORM); |
|
84 | |||
85 | 16 | while ($done = curl_multi_info_read($curlMulti)) { |
|
86 | 16 | $curl = $done['handle']; |
|
87 | 16 | $internalRequest = $this->resolveInternalRequest($curl, $contexts); |
|
88 | |||
89 | try { |
||
90 | 16 | $response = $this->createResponse($curl, curl_multi_getcontent($curl), $internalRequest); |
|
91 | 16 | $response = $response->withParameter('request', $internalRequest); |
|
92 | 16 | call_user_func($success, $response); |
|
93 | 14 | } catch (HttpAdapterException $e) { |
|
94 | 8 | $e->setRequest($internalRequest); |
|
95 | 8 | call_user_func($error, $e); |
|
96 | } |
||
97 | |||
98 | 16 | curl_multi_remove_handle($curlMulti, $curl); |
|
99 | 16 | curl_close($curl); |
|
100 | 12 | } |
|
101 | 16 | } while ($running); |
|
102 | |||
103 | 16 | curl_multi_close($curlMulti); |
|
104 | 16 | } |
|
105 | |||
106 | /** |
||
107 | * @param InternalRequestInterface $internalRequest |
||
108 | * |
||
109 | * @return resource |
||
110 | */ |
||
111 | 672 | private function createCurl(InternalRequestInterface $internalRequest) |
|
112 | { |
||
113 | 672 | $curl = curl_init(); |
|
114 | |||
115 | 672 | curl_setopt($curl, CURLOPT_URL, (string) $internalRequest->getUri()); |
|
116 | 672 | curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false); |
|
117 | 672 | curl_setopt($curl, CURLOPT_HTTP_VERSION, $this->prepareProtocolVersion($internalRequest)); |
|
118 | 672 | curl_setopt($curl, CURLOPT_HEADER, true); |
|
119 | 672 | curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); |
|
120 | 672 | curl_setopt($curl, CURLOPT_HTTPHEADER, $this->prepareHeaders($internalRequest, false, false)); |
|
121 | |||
122 | 672 | $this->configureTimeout($curl, 'CURLOPT_TIMEOUT'); |
|
123 | 672 | $this->configureTimeout($curl, 'CURLOPT_CONNECTTIMEOUT'); |
|
124 | |||
125 | 672 | $files = $internalRequest->getFiles(); |
|
126 | |||
127 | 672 | if (!empty($files) && $this->isSafeUpload()) { |
|
128 | 60 | curl_setopt($curl, CURLOPT_SAFE_UPLOAD, true); |
|
129 | 40 | } |
|
130 | |||
131 | 672 | switch ($internalRequest->getMethod()) { |
|
132 | 672 | case RequestInterface::METHOD_HEAD: |
|
133 | 64 | curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $internalRequest->getMethod()); |
|
134 | 64 | curl_setopt($curl, CURLOPT_NOBODY, true); |
|
135 | 64 | break; |
|
136 | |||
137 | 624 | case RequestInterface::METHOD_TRACE: |
|
138 | 64 | curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $internalRequest->getMethod()); |
|
139 | 64 | break; |
|
140 | |||
141 | 576 | View Code Duplication | case RequestInterface::METHOD_POST: |
142 | 112 | curl_setopt($curl, CURLOPT_POST, true); |
|
143 | 112 | curl_setopt($curl, CURLOPT_POSTFIELDS, $this->prepareContent($internalRequest)); |
|
144 | 112 | break; |
|
145 | |||
146 | 480 | case RequestInterface::METHOD_PUT: |
|
147 | 458 | case RequestInterface::METHOD_PATCH: |
|
148 | 436 | case RequestInterface::METHOD_DELETE: |
|
149 | 414 | View Code Duplication | case RequestInterface::METHOD_OPTIONS: |
150 | 368 | curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $internalRequest->getMethod()); |
|
151 | 368 | curl_setopt($curl, CURLOPT_POSTFIELDS, $this->prepareContent($internalRequest)); |
|
152 | 368 | break; |
|
153 | 504 | } |
|
154 | |||
155 | 672 | return $curl; |
|
156 | } |
||
157 | |||
158 | /** |
||
159 | * @param resource $curl |
||
160 | * @param string $type |
||
161 | */ |
||
162 | 672 | private function configureTimeout($curl, $type) |
|
163 | { |
||
164 | 672 | if (defined($type.'_MS')) { |
|
165 | 672 | curl_setopt($curl, constant($type.'_MS'), $this->getConfiguration()->getTimeout() * 1000); |
|
166 | } else { // @codeCoverageIgnoreStart |
||
167 | curl_setopt($curl, constant($type), $this->getConfiguration()->getTimeout()); |
||
168 | } // @codeCoverageIgnoreEnd |
||
169 | 672 | } |
|
170 | |||
171 | /** |
||
172 | * @param resource $curl |
||
173 | * @param string|bool|null $data |
||
174 | * @param InternalRequestInterface $internalRequest |
||
175 | * |
||
176 | * @throws HttpAdapterException |
||
177 | * |
||
178 | * @return ResponseInterface |
||
179 | */ |
||
180 | 672 | private function createResponse($curl, $data, InternalRequestInterface $internalRequest) |
|
181 | { |
||
182 | 672 | if (empty($data)) { |
|
183 | 32 | throw HttpAdapterException::cannotFetchUri( |
|
184 | 32 | (string) $internalRequest->getUri(), |
|
185 | 32 | $this->getName(), |
|
186 | 24 | curl_error($curl) |
|
187 | 24 | ); |
|
188 | } |
||
189 | |||
190 | 648 | $headers = substr($data, 0, $headersSize = curl_getinfo($curl, CURLINFO_HEADER_SIZE)); |
|
191 | |||
192 | 648 | return $this->getConfiguration()->getMessageFactory()->createResponse( |
|
193 | 648 | StatusCodeExtractor::extract($headers), |
|
194 | 648 | ProtocolVersionExtractor::extract($headers), |
|
195 | 648 | HeadersNormalizer::normalize($headers), |
|
196 | 648 | BodyNormalizer::normalize(substr($data, $headersSize), $internalRequest->getMethod()) |
|
197 | 486 | ); |
|
198 | } |
||
199 | |||
200 | /** |
||
201 | * @param resource $curl |
||
202 | * @param array $contexts |
||
203 | * |
||
204 | * @return InternalRequestInterface |
||
205 | */ |
||
206 | 16 | private function resolveInternalRequest($curl, array $contexts) |
|
207 | { |
||
208 | 16 | foreach ($contexts as $context) { |
|
209 | 16 | if ($context['curl'] === $curl) { |
|
210 | 16 | break; |
|
211 | } |
||
212 | 12 | } |
|
213 | |||
214 | 16 | return $context['request']; |
|
0 ignored issues
–
show
|
|||
215 | } |
||
216 | } |
||
217 |
It seems like you are relying on a variable being defined by an iteration: