Issues in Posix.php (master) - Issues in master - gcds/php-wrappers - Measure and Improve Code Quality continuously with Scrutinizer

Issues (265)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Posix.php (6 issues)

Labels

Unused Code 6

Severity

Minor 6

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace PHP\Wrappers;

/**
 * Class Posix
 *
 * @package PHP\Wrappers
 * @author  Aurimas Niekis <[email protected]>
 */
class Posix
{
    /**
     * Determine accessibility of a file
     *
     * @param string $file The name of the file to be tested.
     * @param int    $mode A mask consisting of one or more of POSIX_F_OK,
     *                     POSIX_R_OK, POSIX_W_OK and
     *                     POSIX_X_OK.
     *
     * @return bool
     */
    public function access(string $file, int $mode = null) : bool

    {
        return call_user_func_array('posix_access', func_get_args());
    }

    /**
     * Get path name of controlling terminal
     *
     * @return string
     */
    public function ctermid() : string
    {
        return posix_ctermid();
    }

    /**
     * Retrieve the error number set by the last posix function that failed
     *
     * @return int
     */
    public function getLastError() : int
    {
        return posix_get_last_error();
    }

    /**
     * Pathname of current directory
     *
     * @return string
     */
    public function getcwd() : string
    {
        return posix_getcwd();
    }

    /**
     * Return the effective group ID of the current process
     *
     * @return int
     */
    public function getegid() : int
    {
        return posix_getegid();
    }

    /**
     * Return the effective user ID of the current process
     *
     * @return int
     */
    public function geteuid() : int
    {
        return posix_geteuid();
    }

    /**
     * Return the real group ID of the current process
     *
     * @return int
     */
    public function getgid() : int
    {
        return posix_getgid();
    }

    /**
     * Return info about a group by group id
     *
     * @param int $gid The group id.
     *
     * @return array
     */
    public function getgrgid(int $gid) : array
    {
        return posix_getgrgid($gid);
    }

    /**
     * Return info about a group by name
     *
     * @param string $name The name of the group
     *
     * @return array
     */
    public function getgrnam(string $name) : array
    {
        return posix_getgrnam($name);
    }

    /**
     * Return the group set of the current process
     *
     * @return array
     */
    public function getgroups() : array
    {
        return posix_getgroups();
    }

    /**
     * Return login name
     *
     * @return string
     */
    public function getlogin() : string
    {
        return posix_getlogin();
    }

    /**
     * Get process group id for job control
     *
     * @param int $pid The process id.
     *
     * @return int
     */
    public function getpgid(int $pid) : int
    {
        return posix_getpgid($pid);
    }

    /**
     * Return the current process group identifier
     *
     * @return int
     */
    public function getpgrp() : int
    {
        return posix_getpgrp();
    }

    /**
     * Return the current process identifier
     *
     * @return int
     */
    public function getpid() : int
    {
        return posix_getpid();
    }

    /**
     * Return the parent process identifier
     *
     * @return int
     */
    public function getppid() : int
    {
        return posix_getppid();
    }

    /**
     * Return info about a user by username
     *
     * @param string $username An alphanumeric username.
     *
     * @return array
     */
    public function getpwnam(string $username) : array
    {
        return posix_getpwnam($username);
    }

    /**
     * Return info about a user by user id
     *
     * @param int $uid The user identifier.
     *
     * @return array
     */
    public function getpwuid(int $uid) : array
    {
        return posix_getpwuid($uid);
    }

    /**
     * Return info about system resource limits
     *
     * @return array
     */
    public function getrlimit() : array
    {
        return posix_getrlimit();
    }

    /**
     * Get the current sid of the process
     *
     * @param int $pid The process identifier. If set to 0, the current process is
     *                 assumed.  If an invalid pid is
     *                 specified, then  is returned and an error is set which
     *                 can be checked with posix_get_last_error.
     *
     * @return int
     */
    public function getsid(int $pid) : int
    {
        return posix_getsid($pid);
    }

    /**
     * Return the real user ID of the current process
     *
     * @return int
     */
    public function getuid() : int
    {
        return posix_getuid();
    }

    /**
     * Calculate the group access list
     *
     * @param string $name        The user to calculate the list for.
     * @param int    $baseGroupId Typically the group number from the password file.
     *
     * @return bool
     */
    public function initgroups(string $name, int $baseGroupId) : bool
    {
        return posix_initgroups($name, $baseGroupId);
    }

    /**
     * Determine if a file descriptor is an interactive terminal
     *
     * @param mixed $fd
     *
     * @return bool
     */
    public function isatty($fd) : bool
    {
        return posix_isatty($fd);
    }

    /**
     * Send a signal to a process
     *
     * @param int $pid The process identifier.
     * @param int $sig One of the PCNTL signals constants.
     *
     * @return bool
     */
    public function kill(int $pid, int $sig) : bool
    {
        return posix_kill($pid, $sig);
    }

    /**
     * Create a fifo special file (a named pipe)
     *
     * @param string $pathname Path to the FIFO file.
     * @param int    $mode     The second parameter mode has to be given in
     *                         octal notation (e.g. 0644). The permission of the newly created
     *                         FIFO also depends on the setting of the current
     *                         umask. The permissions of the created file are
     *                         (mode  ~umask).
     *
     * @return bool
     */
    public function mkfifo(string $pathname, int $mode) : bool
    {
        return posix_mkfifo($pathname, $mode);
    }

    /**
     * Create a special or ordinary file (POSIX.1)
     *
     * @param string $pathname The file to create
     * @param int    $mode     This parameter is constructed by a bitwise OR between file type (one of
     *                         the following constants: POSIX_S_IFREG,
     *                         POSIX_S_IFCHR, POSIX_S_IFBLK,
     *                         POSIX_S_IFIFO or
     *                         POSIX_S_IFSOCK) and permissions.
     * @param int    $major    The major device kernel identifier (required to pass when using
     *                         S_IFCHR or S_IFBLK).
     * @param int    $minor    The minor device kernel identifier.
     *
     * @return bool
     */
    public function mknod(string $pathname, int $mode, int $major = null, int $minor = null) : bool

    {
        return call_user_func_array('posix_mknod', func_get_args());
    }

    /**
     * Set the effective GID of the current process
     *
     * @param int $gid The group id.
     *
     * @return bool
     */
    public function setegid(int $gid) : bool
    {
        return posix_setegid($gid);
    }

    /**
     * Set the effective UID of the current process
     *
     * @param int $uid The user id.
     *
     * @return bool
     */
    public function seteuid(int $uid) : bool
    {
        return posix_seteuid($uid);
    }

    /**
     * Set the GID of the current process
     *
     * @param int $gid The group id.
     *
     * @return bool
     */
    public function setgid(int $gid) : bool
    {
        return posix_setgid($gid);
    }

    /**
     * Set process group id for job control
     *
     * @param int $pid  The process id.
     * @param int $pgid The process group id.
     *
     * @return bool
     */
    public function setpgid(int $pid, int $pgid) : bool
    {
        return posix_setpgid($pid, $pgid);
    }

    /**
     * Set system resource limits
     *
     * @param int $resource  The
     *                       resource limit constant
     *                       corresponding to the limit that is being set.
     * @param int $softlimit The soft limit, in whatever unit the resource limit requires, or
     *                       POSIX_RLIMIT_INFINITY.
     * @param int $hardlimit The hard limit, in whatever unit the resource limit requires, or
     *                       POSIX_RLIMIT_INFINITY.
     *
     * @return bool
     */
    public function setrlimit(int $resource, int $softlimit, int $hardlimit) : bool
    {
        return posix_setrlimit($resource, $softlimit, $hardlimit);
    }

    /**
     * Make the current process a session leader
     *
     * @return int
     */
    public function setsid() : int
    {
        return posix_setsid();
    }

    /**
     * Set the UID of the current process
     *
     * @param int $uid The user id.
     *
     * @return bool
     */
    public function setuid(int $uid) : bool
    {
        return posix_setuid($uid);
    }

    /**
     * Retrieve the system error message associated with the given errno
     *
     * @param int $errno A POSIX error number, returned by
     *                   posix_get_last_error. If set to 0, then the
     *                   string "Success" is returned.
     *
     * @return string
     */
    public function strerror(int $errno) : string
    {
        return posix_strerror($errno);
    }

    /**
     * Get process times
     *
     * @return array
     */
    public function times() : array
    {
        return posix_times();
    }

    /**
     * Determine terminal device name
     *
     * @param mixed $fd
     *
     * @return string
     */
    public function ttyname($fd) : string
    {
        return posix_ttyname($fd);
    }

    /**
     * Get system name
     *
     * @return array
     */
    public function uname() : array
    {
        return posix_uname();
    }

}



1			<?php
2
3			namespace PHP\Wrappers;
4
5			/**
6			* Class Posix
7			*
8			* @package PHP\Wrappers
9			* @author Aurimas Niekis <[email protected]>
10			*/
11			class Posix
12			{
13			/**
14			* Determine accessibility of a file
15			*
16			* @param string $file The name of the file to be tested.
17			* @param int $mode A mask consisting of one or more of POSIX_F_OK,
18			* POSIX_R_OK, POSIX_W_OK and
19			* POSIX_X_OK.
20			*
21			* @return bool
22			*/
23			public function access(string $file, int $mode = null) : bool
			0 ignored issues – show Unused Code introduced 2015-12-10 21:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$file` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2015-12-10 21:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$mode` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
24			{
25			return call_user_func_array('posix_access', func_get_args());
26			}
27
28			/**
29			* Get path name of controlling terminal
30			*
31			* @return string
32			*/
33			public function ctermid() : string
34			{
35			return posix_ctermid();
36			}
37
38			/**
39			* Retrieve the error number set by the last posix function that failed
40			*
41			* @return int
42			*/
43			public function getLastError() : int
44			{
45			return posix_get_last_error();
46			}
47
48			/**
49			* Pathname of current directory
50			*
51			* @return string
52			*/
53			public function getcwd() : string
54			{
55			return posix_getcwd();
56			}
57
58			/**
59			* Return the effective group ID of the current process
60			*
61			* @return int
62			*/
63			public function getegid() : int
64			{
65			return posix_getegid();
66			}
67
68			/**
69			* Return the effective user ID of the current process
70			*
71			* @return int
72			*/
73			public function geteuid() : int
74			{
75			return posix_geteuid();
76			}
77
78			/**
79			* Return the real group ID of the current process
80			*
81			* @return int
82			*/
83			public function getgid() : int
84			{
85			return posix_getgid();
86			}
87
88			/**
89			* Return info about a group by group id
90			*
91			* @param int $gid The group id.
92			*
93			* @return array
94			*/
95			public function getgrgid(int $gid) : array
96			{
97			return posix_getgrgid($gid);
98			}
99
100			/**
101			* Return info about a group by name
102			*
103			* @param string $name The name of the group
104			*
105			* @return array
106			*/
107			public function getgrnam(string $name) : array
108			{
109			return posix_getgrnam($name);
110			}
111
112			/**
113			* Return the group set of the current process
114			*
115			* @return array
116			*/
117			public function getgroups() : array
118			{
119			return posix_getgroups();
120			}
121
122			/**
123			* Return login name
124			*
125			* @return string
126			*/
127			public function getlogin() : string
128			{
129			return posix_getlogin();
130			}
131
132			/**
133			* Get process group id for job control
134			*
135			* @param int $pid The process id.
136			*
137			* @return int
138			*/
139			public function getpgid(int $pid) : int
140			{
141			return posix_getpgid($pid);
142			}
143
144			/**
145			* Return the current process group identifier
146			*
147			* @return int
148			*/
149			public function getpgrp() : int
150			{
151			return posix_getpgrp();
152			}
153
154			/**
155			* Return the current process identifier
156			*
157			* @return int
158			*/
159			public function getpid() : int
160			{
161			return posix_getpid();
162			}
163
164			/**
165			* Return the parent process identifier
166			*
167			* @return int
168			*/
169			public function getppid() : int
170			{
171			return posix_getppid();
172			}
173
174			/**
175			* Return info about a user by username
176			*
177			* @param string $username An alphanumeric username.
178			*
179			* @return array
180			*/
181			public function getpwnam(string $username) : array
182			{
183			return posix_getpwnam($username);
184			}
185
186			/**
187			* Return info about a user by user id
188			*
189			* @param int $uid The user identifier.
190			*
191			* @return array
192			*/
193			public function getpwuid(int $uid) : array
194			{
195			return posix_getpwuid($uid);
196			}
197
198			/**
199			* Return info about system resource limits
200			*
201			* @return array
202			*/
203			public function getrlimit() : array
204			{
205			return posix_getrlimit();
206			}
207
208			/**
209			* Get the current sid of the process
210			*
211			* @param int $pid The process identifier. If set to 0, the current process is
212			* assumed. If an invalid pid is
213			* specified, then is returned and an error is set which
214			* can be checked with posix_get_last_error.
215			*
216			* @return int
217			*/
218			public function getsid(int $pid) : int
219			{
220			return posix_getsid($pid);
221			}
222
223			/**
224			* Return the real user ID of the current process
225			*
226			* @return int
227			*/
228			public function getuid() : int
229			{
230			return posix_getuid();
231			}
232
233			/**
234			* Calculate the group access list
235			*
236			* @param string $name The user to calculate the list for.
237			* @param int $baseGroupId Typically the group number from the password file.
238			*
239			* @return bool
240			*/
241			public function initgroups(string $name, int $baseGroupId) : bool
242			{
243			return posix_initgroups($name, $baseGroupId);
244			}
245
246			/**
247			* Determine if a file descriptor is an interactive terminal
248			*
249			* @param mixed $fd
250			*
251			* @return bool
252			*/
253			public function isatty($fd) : bool
254			{
255			return posix_isatty($fd);
256			}
257
258			/**
259			* Send a signal to a process
260			*
261			* @param int $pid The process identifier.
262			* @param int $sig One of the PCNTL signals constants.
263			*
264			* @return bool
265			*/
266			public function kill(int $pid, int $sig) : bool
267			{
268			return posix_kill($pid, $sig);
269			}
270
271			/**
272			* Create a fifo special file (a named pipe)
273			*
274			* @param string $pathname Path to the FIFO file.
275			* @param int $mode The second parameter mode has to be given in
276			* octal notation (e.g. 0644). The permission of the newly created
277			* FIFO also depends on the setting of the current
278			* umask. The permissions of the created file are
279			* (mode ~umask).
280			*
281			* @return bool
282			*/
283			public function mkfifo(string $pathname, int $mode) : bool
284			{
285			return posix_mkfifo($pathname, $mode);
286			}
287
288			/**
289			* Create a special or ordinary file (POSIX.1)
290			*
291			* @param string $pathname The file to create
292			* @param int $mode This parameter is constructed by a bitwise OR between file type (one of
293			* the following constants: POSIX_S_IFREG,
294			* POSIX_S_IFCHR, POSIX_S_IFBLK,
295			* POSIX_S_IFIFO or
296			* POSIX_S_IFSOCK) and permissions.
297			* @param int $major The major device kernel identifier (required to pass when using
298			* S_IFCHR or S_IFBLK).
299			* @param int $minor The minor device kernel identifier.
300			*
301			* @return bool
302			*/
303			public function mknod(string $pathname, int $mode, int $major = null, int $minor = null) : bool
			0 ignored issues – show Unused Code introduced 2015-12-10 21:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$pathname` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2015-12-10 21:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$mode` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2015-12-10 21:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$major` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2015-12-10 21:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$minor` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
304			{
305			return call_user_func_array('posix_mknod', func_get_args());
306			}
307
308			/**
309			* Set the effective GID of the current process
310			*
311			* @param int $gid The group id.
312			*
313			* @return bool
314			*/
315			public function setegid(int $gid) : bool
316			{
317			return posix_setegid($gid);
318			}
319
320			/**
321			* Set the effective UID of the current process
322			*
323			* @param int $uid The user id.
324			*
325			* @return bool
326			*/
327			public function seteuid(int $uid) : bool
328			{
329			return posix_seteuid($uid);
330			}
331
332			/**
333			* Set the GID of the current process
334			*
335			* @param int $gid The group id.
336			*
337			* @return bool
338			*/
339			public function setgid(int $gid) : bool
340			{
341			return posix_setgid($gid);
342			}
343
344			/**
345			* Set process group id for job control
346			*
347			* @param int $pid The process id.
348			* @param int $pgid The process group id.
349			*
350			* @return bool
351			*/
352			public function setpgid(int $pid, int $pgid) : bool
353			{
354			return posix_setpgid($pid, $pgid);
355			}
356
357			/**
358			* Set system resource limits
359			*
360			* @param int $resource The
361			* resource limit constant
362			* corresponding to the limit that is being set.
363			* @param int $softlimit The soft limit, in whatever unit the resource limit requires, or
364			* POSIX_RLIMIT_INFINITY.
365			* @param int $hardlimit The hard limit, in whatever unit the resource limit requires, or
366			* POSIX_RLIMIT_INFINITY.
367			*
368			* @return bool
369			*/
370			public function setrlimit(int $resource, int $softlimit, int $hardlimit) : bool
371			{
372			return posix_setrlimit($resource, $softlimit, $hardlimit);
373			}
374
375			/**
376			* Make the current process a session leader
377			*
378			* @return int
379			*/
380			public function setsid() : int
381			{
382			return posix_setsid();
383			}
384
385			/**
386			* Set the UID of the current process
387			*
388			* @param int $uid The user id.
389			*
390			* @return bool
391			*/
392			public function setuid(int $uid) : bool
393			{
394			return posix_setuid($uid);
395			}
396
397			/**
398			* Retrieve the system error message associated with the given errno
399			*
400			* @param int $errno A POSIX error number, returned by
401			* posix_get_last_error. If set to 0, then the
402			* string "Success" is returned.
403			*
404			* @return string
405			*/
406			public function strerror(int $errno) : string
407			{
408			return posix_strerror($errno);
409			}
410
411			/**
412			* Get process times
413			*
414			* @return array
415			*/
416			public function times() : array
417			{
418			return posix_times();
419			}
420
421			/**
422			* Determine terminal device name
423			*
424			* @param mixed $fd
425			*
426			* @return string
427			*/
428			public function ttyname($fd) : string
429			{
430			return posix_ttyname($fd);
431			}
432
433			/**
434			* Get system name
435			*
436			* @return array
437			*/
438			public function uname() : array
439			{
440			return posix_uname();
441			}
442
443			}
444
445

gcds / php-wrappers

Issues (265)

Security Analysis no request data

src/Posix.php (6 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like