Issues in Lexer.php (master) - Issues in master - hansott/graphql-language - Measure and Improve Code Quality continuously with Scrutinizer

Issues (98)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Query/Lexer.php (8 issues)

Labels

Duplication 8

Severity

Informational 8

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace HansOtt\GraphQL\Query;

use HansOtt\GraphQL\Shared\ScannerGeneric;
use HansOtt\GraphQL\Shared\ScannerWithLocation;
use HansOtt\GraphQL\Shared\Lexer as LexerShared;

final class Lexer implements LexerShared
{
    /**
     * @var ScannerWithLocation
     */
    private $scanner;
    private $tokens;

    private function emit($type, $value, $location)
    {
        $this->tokens[] = new Token($type, $value, $location);
    }

    private function getLocation()
    {
        $line = $this->scanner->getLine();
        $column = $this->scanner->getColumn();

        return new Location($line, $column);
    }

    private function getError($message)
    {
        $line = $this->scanner->getLine();
        $column = $this->scanner->getColumn();

        return new SyntaxError($message . " (line {$line}, column {$column})");
    }

    private function name()
    {
        $name = $this->scanner->next();
        $location = $this->getLocation();

        if ($this->scanner->eof()) {
            $this->emit(Token::T_NAME, $name, $location);
            return;
        }

        $next = $this->scanner->peek();
        while ($next === '_' || ctype_alpha($next) || ctype_digit($next)) {

            $name .= $this->scanner->next();
            if ($this->scanner->eof()) {
                break;
            }
            $next = $this->scanner->peek();
        }

        $type = Token::T_NAME;
        if ($name === 'query') {
            $type = Token::T_QUERY;
        } elseif ($name === 'mutation') {
            $type = Token::T_MUTATION;
        } elseif ($name === 'subscription') {
            $type = Token::T_SUBSCRIPTION;
        } elseif ($name === 'fragment') {
            $type = Token::T_FRAGMENT;
        } elseif ($name === 'true') {
            $type = Token::T_TRUE;
        } elseif ($name === 'false') {
            $type = Token::T_FALSE;
        } elseif ($name === 'null') {
            $type = Token::T_NULL;
        }

        $this->emit($type, $name, $location);
    }

    private function comment()

    {
        $this->scanner->next();
        $next = $this->scanner->peek();
        while ($this->scanner->eof() === false && $next !== "\n" && $next !== "\r") {
            $this->scanner->next();
            $next = $this->scanner->peek();
        }
    }

    private function spread()
    {
        $points = $this->scanner->next();
        $location = $this->getLocation();
        $next = $this->scanner->peek();

        if ($next !== '.') {
            throw $this->getError("Expected \".\" but instead found \"{$next}\"");
        }

        $points .= $this->scanner->next();
        $next = $this->scanner->peek();

        if ($next !== '.') {
            throw $this->getError("Expected \".\" but instead found \"{$next}\"");
        }

        $points .= $this->scanner->next();
        $this->emit(Token::T_SPREAD, $points, $location);
    }

    private function str()

    {
        $this->scanner->next();
        $location = $this->getLocation();
        $string = '';
        $previousChar = false;

        while (true) {
            if ($this->scanner->eof()) {
                throw $this->getError('Unclosed quote');
            }
            $next = $this->scanner->peek();
            if ($previousChar !== '\\' && $next === '"') {
                $this->scanner->next();
                break;
            }
            $previousChar = $this->scanner->next();
            $string .= $previousChar;
        }

        $string = json_decode('"' . $string . '"');
        $this->emit(Token::T_STRING, $string, $location);
    }

    private function integerPart()

    {
        $number = $this->scanner->next();
        $location = $this->getLocation();
        if ($number === '-') {
            if ($this->scanner->eof()) {
                throw $this->getError('Expected a digit but instead reached end');
            }
            $next = $this->scanner->peek();
            if (ctype_digit($next) === false) {
                throw $this->getError("Expected a digit but instead found \"{$next}\"");
            }
        }

        $next = $this->scanner->peek();
        if ($next === '0') {
            $number .= $this->scanner->next();
            return array($number, $location);
        }

        $next = $this->scanner->peek();
        while ($this->scanner->eof() === false && ctype_digit($next)) {
            $number .= $this->scanner->next();
            $next = $this->scanner->peek();
        }

        return array($number, $location);
    }

    private function fractionalPart()

    {
        $part = $this->scanner->next();

        if ($this->scanner->eof()) {
            throw $this->getError('Expected a digit but instead reached end');
        }

        $next = $this->scanner->peek();
        if (ctype_digit($next) === false) {
            throw $this->getError("Expected a digit but instead found \"{$next}\"");
        }

        $next = $this->scanner->peek();
        while ($this->scanner->eof() === false && ctype_digit($next)) {
            $part .= $this->scanner->next();
            $next = $this->scanner->peek();
        }

        return $part;
    }

    private function exponentPart()

    {
        $part = $this->scanner->next();

        if ($this->scanner->eof()) {
            throw $this->getError('Expected a digit but instead reached end');
        }

        $next = $this->scanner->peek();
        if ($next === '+' || $next === '-') {
            $part .= $this->scanner->next();
        }

        $next = $this->scanner->peek();
        if (ctype_digit($next) === false) {
            throw $this->getError("Expected a digit but instead found \"{$next}\"");
        }

        $next = $this->scanner->peek();
        while ($this->scanner->eof() === false && ctype_digit($next)) {
            $part .= $this->scanner->next();
            $next = $this->scanner->peek();
        }

        return $part;
    }

    private function number()

    {
        list ($integerPart, $location) = $this->integerPart();
        if ($this->scanner->eof()) {
            $this->emit(Token::T_INT, $integerPart, $location);
            return;
        }

        $next = $this->scanner->peek();
        if ($next !== '.' && $next !== 'e' && $next !== 'E') {
            $this->emit(Token::T_INT, $integerPart, $location);
            return;
        }

        $number = $integerPart;
        if ($next === '.') {
            $number .= $this->fractionalPart();
        }

        $next = $this->scanner->peek();
        if ($next === 'e' || $next === 'E') {
            $number .= $this->exponentPart();
        }

        $this->emit(Token::T_FLOAT, $number, $location);
    }

    /**
     * @param string $query
     *
     * @throws SyntaxError
     *
     * @return Token[]
     */
    public function lex($query)
    {
        $flags = PREG_SPLIT_NO_EMPTY;
        $chars = preg_split('//u', $query, -1, $flags);
        $scanner = new ScannerGeneric($chars);
        $this->scanner = new ScannerWithLocation($scanner);
        $this->tokens = array();
        $punctuators = array(
            '!' => Token::T_EXCLAMATION,
            '$' => Token::T_DOLLAR,
            '(' => Token::T_PAREN_LEFT,
            ')' => Token::T_PAREN_RIGHT,
            '{' => Token::T_BRACE_LEFT,
            '}' => Token::T_BRACE_RIGHT,
            ':' => Token::T_COLON,
            ',' => Token::T_COMMA,
            '[' => Token::T_BRACKET_LEFT,
            ']' => Token::T_BRACKET_RIGHT,
            '=' => Token::T_EQUAL,
            '@' => Token::T_AT,
        );

        while ($this->scanner->eof() === false) {

            $next = $this->scanner->peek();

            if (ctype_space($next)) {
                $this->scanner->next();
                continue;
            }

            if ($next === '#') {
                $this->comment();
                continue;
            }

            if ($next === '_' || ctype_alpha($next)) {
                $this->name();
                continue;
            }

            if ($next === '.') {
                $this->spread();
                continue;
            }

            if ($next === '"') {
                $this->str();
                continue;
            }

            if ($next === '-' || ctype_digit($next)) {
                $this->number();
                continue;
            }

            if (isset($punctuators[$next])) {
                $this->emit($punctuators[$next], $this->scanner->next(), $this->getLocation());
                continue;
            }

            throw $this->getError("Unknown character: \"{$next}\"");
        }

        return $this->tokens;
    }
}


1			<?php
2
3			namespace HansOtt\GraphQL\Query;
4
5			use HansOtt\GraphQL\Shared\ScannerGeneric;
6			use HansOtt\GraphQL\Shared\ScannerWithLocation;
7			use HansOtt\GraphQL\Shared\Lexer as LexerShared;
8
9			final class Lexer implements LexerShared
10			{
11			/**
12			* @var ScannerWithLocation
13			*/
14			private $scanner;
15			private $tokens;
16
17	66		private function emit($type, $value, $location)
18			{
19	66		$this->tokens[] = new Token($type, $value, $location);
20	66		}
21
22	93		private function getLocation()
23			{
24	93		$line = $this->scanner->getLine();
25	93		$column = $this->scanner->getColumn();
26
27	93		return new Location($line, $column);
28			}
29
30	27		private function getError($message)
31			{
32	27		$line = $this->scanner->getLine();
33	27		$column = $this->scanner->getColumn();
34
35	27		return new SyntaxError($message . " (line {$line}, column {$column})");
36			}
37
38	63		private function name()
39			{
40	63		$name = $this->scanner->next();
41	63		$location = $this->getLocation();
42
43	63		if ($this->scanner->eof()) {
44			$this->emit(Token::T_NAME, $name, $location);
45			return;
46			}
47
48	63		$next = $this->scanner->peek();
49	63	View Code Duplication	while ($next === '_' \|\| ctype_alpha($next) \|\| ctype_digit($next)) {
			0 ignored issues – show Duplication introduced 2017-09-23 18:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
50	63		$name .= $this->scanner->next();
51	63		if ($this->scanner->eof()) {
52	3		break;
53			}
54	63		$next = $this->scanner->peek();
55	63		}
56
57	63		$type = Token::T_NAME;
58	63		if ($name === 'query') {
59	18		$type = Token::T_QUERY;
60	63		} elseif ($name === 'mutation') {
61			$type = Token::T_MUTATION;
62	63		} elseif ($name === 'subscription') {
63			$type = Token::T_SUBSCRIPTION;
64	63		} elseif ($name === 'fragment') {
65	6		$type = Token::T_FRAGMENT;
66	63		} elseif ($name === 'true') {
67	3		$type = Token::T_TRUE;
68	63		} elseif ($name === 'false') {
69	3		$type = Token::T_FALSE;
70	63		} elseif ($name === 'null') {
71	3		$type = Token::T_NULL;
72	3		}
73
74	63		$this->emit($type, $name, $location);
75	63		}
76
77		View Code Duplication	private function comment()
			0 ignored issues – show Duplication introduced 2017-09-23 18:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
78			{
79			$this->scanner->next();
80			$next = $this->scanner->peek();
81			while ($this->scanner->eof() === false && $next !== "\n" && $next !== "\r") {
82			$this->scanner->next();
83			$next = $this->scanner->peek();
84			}
85			}
86
87	6		private function spread()
88			{
89	6		$points = $this->scanner->next();
90	6		$location = $this->getLocation();
91	6		$next = $this->scanner->peek();
92
93	6		if ($next !== '.') {
94			throw $this->getError("Expected \".\" but instead found \"{$next}\"");
95			}
96
97	6		$points .= $this->scanner->next();
98	6		$next = $this->scanner->peek();
99
100	6		if ($next !== '.') {
101			throw $this->getError("Expected \".\" but instead found \"{$next}\"");
102			}
103
104	6		$points .= $this->scanner->next();
105	6		$this->emit(Token::T_SPREAD, $points, $location);
106	6		}
107
108	24	View Code Duplication	private function str()
			0 ignored issues – show Duplication introduced 2017-09-23 18:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
109			{
110	24		$this->scanner->next();
111	24		$location = $this->getLocation();
112	24		$string = '';
113	24		$previousChar = false;
114
115	24		while (true) {
116	24		if ($this->scanner->eof()) {
117	3		throw $this->getError('Unclosed quote');
118			}
119	21		$next = $this->scanner->peek();
120	21		if ($previousChar !== '\\' && $next === '"') {
121	21		$this->scanner->next();
122	21		break;
123			}
124	21		$previousChar = $this->scanner->next();
125	21		$string .= $previousChar;
126	21		}
127
128	21		$string = json_decode('"' . $string . '"');
129	21		$this->emit(Token::T_STRING, $string, $location);
130	21		}
131
132	48	View Code Duplication	private function integerPart()
			0 ignored issues – show Duplication introduced 2017-09-16 10:48 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
133			{
134	48		$number = $this->scanner->next();
135	48		$location = $this->getLocation();
136	48		if ($number === '-') {
137	12		if ($this->scanner->eof()) {
138	3		throw $this->getError('Expected a digit but instead reached end');
139			}
140	9		$next = $this->scanner->peek();
141	9		if (ctype_digit($next) === false) {
142			throw $this->getError("Expected a digit but instead found \"{$next}\"");
143			}
144	9		}
145
146	45		$next = $this->scanner->peek();
147	45		if ($next === '0') {
148	9		$number .= $this->scanner->next();
149	9		return array($number, $location);
150			}
151
152	36		$next = $this->scanner->peek();
153	36		while ($this->scanner->eof() === false && ctype_digit($next)) {
154			$number .= $this->scanner->next();
155			$next = $this->scanner->peek();
156			}
157
158	36		return array($number, $location);
159			}
160
161	21	View Code Duplication	private function fractionalPart()
			0 ignored issues – show Duplication introduced 2017-09-23 18:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
162			{
163	21		$part = $this->scanner->next();
164
165	21		if ($this->scanner->eof()) {
166	6		throw $this->getError('Expected a digit but instead reached end');
167			}
168
169	15		$next = $this->scanner->peek();
170	15		if (ctype_digit($next) === false) {
171			throw $this->getError("Expected a digit but instead found \"{$next}\"");
172			}
173
174	15		$next = $this->scanner->peek();
175	15		while ($this->scanner->eof() === false && ctype_digit($next)) {
176	15		$part .= $this->scanner->next();
177	15		$next = $this->scanner->peek();
178	15		}
179
180	15		return $part;
181			}
182
183	15	View Code Duplication	private function exponentPart()
			0 ignored issues – show Duplication introduced 2017-09-16 10:48 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
184			{
185	15		$part = $this->scanner->next();
186
187	15		if ($this->scanner->eof()) {
188	9		throw $this->getError('Expected a digit but instead reached end');
189			}
190
191	6		$next = $this->scanner->peek();
192	6		if ($next === '+' \|\| $next === '-') {
193			$part .= $this->scanner->next();
194			}
195
196	6		$next = $this->scanner->peek();
197	6		if (ctype_digit($next) === false) {
198	6		throw $this->getError("Expected a digit but instead found \"{$next}\"");
199			}
200
201			$next = $this->scanner->peek();
202			while ($this->scanner->eof() === false && ctype_digit($next)) {
203			$part .= $this->scanner->next();
204			$next = $this->scanner->peek();
205			}
206
207			return $part;
208			}
209
210	48	View Code Duplication	private function number()
			0 ignored issues – show Duplication introduced 2017-09-23 18:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
211			{
212	48		list ($integerPart, $location) = $this->integerPart();
213	45		if ($this->scanner->eof()) {
214			$this->emit(Token::T_INT, $integerPart, $location);
215			return;
216			}
217
218	45		$next = $this->scanner->peek();
219	45		if ($next !== '.' && $next !== 'e' && $next !== 'E') {
220	24		$this->emit(Token::T_INT, $integerPart, $location);
221	24		return;
222			}
223
224	24		$number = $integerPart;
225	24		if ($next === '.') {
226	21		$number .= $this->fractionalPart();
227	15		}
228
229	18		$next = $this->scanner->peek();
230	18		if ($next === 'e' \|\| $next === 'E') {
231	15		$number .= $this->exponentPart();
232			}
233
234	3		$this->emit(Token::T_FLOAT, $number, $location);
235	3		}
236
237			/**
238			* @param string $query
239			*
240			* @throws SyntaxError
241			*
242			* @return Token[]
243			*/
244	96		public function lex($query)
245			{
246	96		$flags = PREG_SPLIT_NO_EMPTY;
247	96		$chars = preg_split('//u', $query, -1, $flags);
248	96		$scanner = new ScannerGeneric($chars);
249	96		$this->scanner = new ScannerWithLocation($scanner);
250	96		$this->tokens = array();
251			$punctuators = array(
252	96		'!' => Token::T_EXCLAMATION,
253	96		'$' => Token::T_DOLLAR,
254	96		'(' => Token::T_PAREN_LEFT,
255	96		')' => Token::T_PAREN_RIGHT,
256	96		'{' => Token::T_BRACE_LEFT,
257	96		'}' => Token::T_BRACE_RIGHT,
258	96		':' => Token::T_COLON,
259	96		',' => Token::T_COMMA,
260	96		'[' => Token::T_BRACKET_LEFT,
261	96		']' => Token::T_BRACKET_RIGHT,
262	96		'=' => Token::T_EQUAL,
263	96		'@' => Token::T_AT,
264	96		);
265
266	96	View Code Duplication	while ($this->scanner->eof() === false) {
			0 ignored issues – show Duplication introduced 2017-09-23 18:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
267	93		$next = $this->scanner->peek();
268
269	93		if (ctype_space($next)) {
270	63		$this->scanner->next();
271	63		continue;
272			}
273
274	93		if ($next === '#') {
275			$this->comment();
276			continue;
277			}
278
279	93		if ($next === '_' \|\| ctype_alpha($next)) {
280	63		$this->name();
281	63		continue;
282			}
283
284	93		if ($next === '.') {
285	6		$this->spread();
286	6		continue;
287			}
288
289	93		if ($next === '"') {
290	24		$this->str();
291	21		continue;
292			}
293
294	90		if ($next === '-' \|\| ctype_digit($next)) {
295	48		$this->number();
296	24		continue;
297			}
298
299	66		if (isset($punctuators[$next])) {
300	66		$this->emit($punctuators[$next], $this->scanner->next(), $this->getLocation());
301	66		continue;
302			}
303
304			throw $this->getError("Unknown character: \"{$next}\"");
305			}
306
307	69		return $this->tokens;
308			}
309			}
310

hansott / graphql-language

Issues (98)

Security Analysis no request data

src/Query/Lexer.php (8 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like