Issues in MathEnv.php (master) - Issues in master - mattwellss/sphpeme - Measure and Improve Code Quality continuously with Scrutinizer

Issues (14)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

Sphpeme/Env/MathEnv.php (4 issues)

Labels

Unused Code 4

Severity

Minor 4

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
declare(strict_types=1);

namespace Sphpeme\Env;

/**
 * @SuppressWarnings(PHPMD.ShortVariableName)
 */
class MathEnv implements EnvInterface
{
    use MappedEnvTrait;

    const INVALID_ARG_REQUIRES_NUMERIC = 'All arguments must be numeric';
    const INVALID_ARG_TYPE_PRED_MATCH = 'Supplied arguments do not match the first';

    const MAPPING = [
        '+' => 'add',
        '-' => 'subtract',
        '*' => 'multiply',
        '/' => 'divide',
        '>' => 'isGreaterThan',
        '>=' => 'isGreaterThanOrEqual',
        '<' => 'isSmallerThan',
        '<=' => 'isSmallerThanOrEqual',
        '=' => 'isEqual',
        'number?' => 'isNumber',
        'integer?' => 'isInteger',
        'real?' => 'isReal',
        'complex?' => 'isComplex',
        'exact?' => 'isExact',
        'inexact?' => 'isInexact',
        'positive?' => 'isPositive',
        'negative?' => 'isNegative',
        'odd?' => 'isOdd',
        'even?' => 'isEven',
    ];

    /** @var float */
    public $pi = M_PI;

    /**
     * Sum the args
     *
     * @param int[]|float[] $args
     * @return int|float
     * @throws \InvalidArgumentException
     */
    public function add(...$args)
    {
        array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);
        return array_sum($args);
    }

    /**
     * Subtract the args
     *
     * @param int[]|float[] $args
     * @return int|float
     * @throws \InvalidArgumentException
     */
    public function subtract(...$args)
    {
        array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);

        $arg = $args[0];
        $args = \array_slice($args, 1);

        return $arg - array_sum($args);
    }

    /**
     * Multiply the args
     *
     * @param int[]|float[] $args
     * @return int|float
     * @throws \InvalidArgumentException
     */
    public function multiply(...$args)
    {
        array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);
        return array_product($args);
    }

    /**
     * Divide the args
     *
     * @param int[]|float[] $args
     * @return int|float
     * @throws \InvalidArgumentException
     */
    public function divide(...$args)
    {
        array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);

        $arg = $args[0];
        $args = \array_slice($args, 1);

        return $arg / array_product($args);
    }

    /**
     * Returns true if $a is greater than $b, otherwise false
     *
     * @SuppressWarnings(PHPMD.ShortVariable)
     * @param int|float $a
     * @param int|float $b
     * @return bool
     */
    public function isGreaterThan($a, $b): bool
    {
        array_reduce([$a, $b], [$this, 'enforcePredicate'], [$this, 'isNumber']);
        return $a > $b;
    }

    /**
     * Returns true if $a is greater than or equal to $b, otherwise false
     *
     * @SuppressWarnings(PHPMD.ShortVariable)
     * @param int|float $a
     * @param int|float $b
     * @return bool
     */
    public function isGreaterThanOrEqual($a, $b): bool
    {
        array_reduce([$a, $b], [$this, 'enforcePredicate'], [$this, 'isNumber']);
        return $a >= $b;
    }

    /**
     * Returns true if $a is smaller than or equal to $b, otherwise false
     *
     * @SuppressWarnings(PHPMD.ShortVariable)
     * @param int|float $a
     * @param int|float $b
     * @return bool
     */
    public function isSmallerThanOrEqual($a, $b): bool
    {
        array_reduce([$a, $b], [$this, 'enforcePredicate'], [$this, 'isNumber']);
        return $a <= $b;
    }

    /**
     * Returns true if $a is smaller than $b, otherwise false
     *
     * @SuppressWarnings(PHPMD.ShortVariable)
     * @param int|float $a
     * @param int|float $b
     * @return bool
     */
    public function isSmallerThan($a, $b): bool
    {
        array_reduce([$a, $b], [$this, 'enforcePredicate'], [$this, 'isNumber']);
        return $a < $b;
    }

    /**
     * @param int[]|float[] ...$args
     * @return bool
     * @throws \InvalidArgumentException
     */
    public function isEqual(...$args): bool
    {
        array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);

        $arg = $args[0];
        $args = \array_slice($args, 1);

        foreach ($args as $other) {
            if ($arg != $other) {
                return false;
            }
        }

        return true;
    }

    /**
     * @param mixed $num
     * @return bool
     */
    public function isNumber($num): bool
    {
        return !\is_string($num) && is_numeric($num);
    }

    /**
     * Scheme's rules for integerness are slightly different than PHP's:
     *  An integer can be a "float" but it must have `.0`
     *
     * @param mixed $num
     * @return bool
     */
    public function isInteger($num): bool
    {
        return \is_int($num) ?: $this->isNumber($num) && $num == (int)$num;
    }

    /**
     * Not implemented yet.
     * Requires complex number support
     *
     * @param $num
     * @return bool
     * @throws \Error
     * @SuppressWarnings(PHPMD)
     */
    public function isComplex($num): bool

    {
        throw new \Error('Not implemented');

    }

    /**
     * Not implemented yet.
     * Requires complex number support
     *
     * @param $num
     * @return bool
     * @throws \Error
     * @SuppressWarnings(PHPMD)
     */
    public function isReal($num): bool

    {
        throw new \Error('Not implemented');

    }

    /**
     * @param $num
     * @return bool
     * @throws \InvalidArgumentException
     */
    public function isExact($num): bool
    {
        $this->enforcePredicate([$this, 'isNumber'], $num);

        return !\is_float($num);
    }

    /**
     * @param $num
     * @return bool
     * @throws \InvalidArgumentException
     */
    public function isInexact($num): bool
    {
        return !$this->isExact($num);
    }

    /**
     * @param $num
     * @return bool
     * @throws \InvalidArgumentException
     */
    public function isZero($num): bool
    {
        $this->enforcePredicate([$this, 'isNumber'], $num);

        return $num == 0;
    }

    /**
     * @param $num
     * @return bool
     * @throws \InvalidArgumentException
     */
    public function isPositive($num): bool
    {
        $this->enforcePredicate([$this, 'isNumber'], $num);

        return $num > 0;
    }

    /**
     * @param $num
     * @return bool
     * @throws \InvalidArgumentException
     */
    public function isNegative($num): bool
    {
        return !$this->isPositive($num);
    }

    /**
     * @param $num
     * @return bool
     * @throws \InvalidArgumentException
     */
    public function isOdd($num): bool
    {
        $this->enforcePredicate([$this, 'isNumber'], $num);

        return $num % 2 != 0;
    }

    /**
     * @param $num
     * @return bool
     * @throws \InvalidArgumentException
     */
    public function isEven($num): bool
    {
        return !$this->isOdd($num);
    }

    /**
     * @param int[]|float[] ...$args
     * @return int|float
     * @throws \InvalidArgumentException
     */
    public function max(...$args)
    {
        array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);

        return max(...$args);
    }

    /**
     * @param int[]|float[] ...$args
     * @return int|float
     * @throws \InvalidArgumentException
     */
    public function min(...$args)
    {
        array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);

        return min(...$args);
    }

    /**
     * @param int|float $arg
     * @return int|float
     */
    public function abs($arg)
    {
        $this->enforcePredicate([$this, 'isNumber'], $arg);

        return abs($arg);
    }

    /**
     * Used as the callback to array_reduce, with the "carry" argument being the predicate to enforce
     *
     * @param callable $pred
     * @param $thingToCheck
     * @return callable
     * @throws \InvalidArgumentException
     * @SuppressWarnings(PHPMD.UnusedPrivateMethod)
     */
    private function enforcePredicate(callable $pred, $thingToCheck): callable
    {
        if (!$pred($thingToCheck)) {
            throw new \InvalidArgumentException(static::INVALID_ARG_REQUIRES_NUMERIC);
        }

        return $pred;
    }
}


GitHub Access Token became invalid

Issues (14)

Security Analysis no request data

Sphpeme/Env/MathEnv.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1			<?php
2			declare(strict_types=1);
3
4			namespace Sphpeme\Env;
5
6			/**
7			* @SuppressWarnings(PHPMD.ShortVariableName)
8			*/
9			class MathEnv implements EnvInterface
10			{
11			use MappedEnvTrait;
12
13			const INVALID_ARG_REQUIRES_NUMERIC = 'All arguments must be numeric';
14			const INVALID_ARG_TYPE_PRED_MATCH = 'Supplied arguments do not match the first';
15
16			const MAPPING = [
17			'+' => 'add',
18			'-' => 'subtract',
19			'*' => 'multiply',
20			'/' => 'divide',
21			'>' => 'isGreaterThan',
22			'>=' => 'isGreaterThanOrEqual',
23			'<' => 'isSmallerThan',
24			'<=' => 'isSmallerThanOrEqual',
25			'=' => 'isEqual',
26			'number?' => 'isNumber',
27			'integer?' => 'isInteger',
28			'real?' => 'isReal',
29			'complex?' => 'isComplex',
30			'exact?' => 'isExact',
31			'inexact?' => 'isInexact',
32			'positive?' => 'isPositive',
33			'negative?' => 'isNegative',
34			'odd?' => 'isOdd',
35			'even?' => 'isEven',
36			];
37
38			/** @var float */
39			public $pi = M_PI;
40
41			/**
42			* Sum the args
43			*
44			* @param int[]\|float[] $args
45			* @return int\|float
46			* @throws \InvalidArgumentException
47			*/
48	1		public function add(...$args)
49			{
50	1		array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);
51	1		return array_sum($args);
52			}
53
54			/**
55			* Subtract the args
56			*
57			* @param int[]\|float[] $args
58			* @return int\|float
59			* @throws \InvalidArgumentException
60			*/
61	1	View Code Duplication	public function subtract(...$args)
62			{
63	1		array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);
64
65	1		$arg = $args[0];
66	1		$args = \array_slice($args, 1);
67
68	1		return $arg - array_sum($args);
69			}
70
71			/**
72			* Multiply the args
73			*
74			* @param int[]\|float[] $args
75			* @return int\|float
76			* @throws \InvalidArgumentException
77			*/
78	1		public function multiply(...$args)
79			{
80	1		array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);
81	1		return array_product($args);
82			}
83
84			/**
85			* Divide the args
86			*
87			* @param int[]\|float[] $args
88			* @return int\|float
89			* @throws \InvalidArgumentException
90			*/
91	1	View Code Duplication	public function divide(...$args)
92			{
93	1		array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);
94
95	1		$arg = $args[0];
96	1		$args = \array_slice($args, 1);
97
98	1		return $arg / array_product($args);
99			}
100
101			/**
102			* Returns true if $a is greater than $b, otherwise false
103			*
104			* @SuppressWarnings(PHPMD.ShortVariable)
105			* @param int\|float $a
106			* @param int\|float $b
107			* @return bool
108			*/
109	1		public function isGreaterThan($a, $b): bool
110			{
111	1		array_reduce([$a, $b], [$this, 'enforcePredicate'], [$this, 'isNumber']);
112	1		return $a > $b;
113			}
114
115			/**
116			* Returns true if $a is greater than or equal to $b, otherwise false
117			*
118			* @SuppressWarnings(PHPMD.ShortVariable)
119			* @param int\|float $a
120			* @param int\|float $b
121			* @return bool
122			*/
123	1		public function isGreaterThanOrEqual($a, $b): bool
124			{
125	1		array_reduce([$a, $b], [$this, 'enforcePredicate'], [$this, 'isNumber']);
126	1		return $a >= $b;
127			}
128
129			/**
130			* Returns true if $a is smaller than or equal to $b, otherwise false
131			*
132			* @SuppressWarnings(PHPMD.ShortVariable)
133			* @param int\|float $a
134			* @param int\|float $b
135			* @return bool
136			*/
137	1		public function isSmallerThanOrEqual($a, $b): bool
138			{
139	1		array_reduce([$a, $b], [$this, 'enforcePredicate'], [$this, 'isNumber']);
140	1		return $a <= $b;
141			}
142
143			/**
144			* Returns true if $a is smaller than $b, otherwise false
145			*
146			* @SuppressWarnings(PHPMD.ShortVariable)
147			* @param int\|float $a
148			* @param int\|float $b
149			* @return bool
150			*/
151	1		public function isSmallerThan($a, $b): bool
152			{
153	1		array_reduce([$a, $b], [$this, 'enforcePredicate'], [$this, 'isNumber']);
154	1		return $a < $b;
155			}
156
157			/**
158			* @param int[]\|float[] ...$args
159			* @return bool
160			* @throws \InvalidArgumentException
161			*/
162	1		public function isEqual(...$args): bool
163			{
164	1		array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);
165
166	1		$arg = $args[0];
167	1		$args = \array_slice($args, 1);
168
169	1		foreach ($args as $other) {
170	1		if ($arg != $other) {
171	1		return false;
172			}
173			}
174
175	1		return true;
176			}
177
178			/**
179			* @param mixed $num
180			* @return bool
181			*/
182	21		public function isNumber($num): bool
183			{
184	21		return !\is_string($num) && is_numeric($num);
185			}
186
187			/**
188			* Scheme's rules for integerness are slightly different than PHP's:
189			* An integer can be a "float" but it must have `.0`
190			*
191			* @param mixed $num
192			* @return bool
193			*/
194	1		public function isInteger($num): bool
195			{
196	1		return \is_int($num) ?: $this->isNumber($num) && $num == (int)$num;
197			}
198
199			/**
200			* Not implemented yet.
201			* Requires complex number support
202			*
203			* @param $num
204			* @return bool
205			* @throws \Error
206			* @SuppressWarnings(PHPMD)
207			*/
208	1		public function isComplex($num): bool
			0 ignored issues – show Unused Code introduced 2017-12-27 04:28 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$num` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
209			{
210	1		throw new \Error('Not implemented');
			0 ignored issues – show Unused Code introduced 2017-12-27 04:28 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to `Error::__construct()` has too many arguments starting with `'Not implemented'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
211			}
212
213			/**
214			* Not implemented yet.
215			* Requires complex number support
216			*
217			* @param $num
218			* @return bool
219			* @throws \Error
220			* @SuppressWarnings(PHPMD)
221			*/
222	1		public function isReal($num): bool
			0 ignored issues – show Unused Code introduced 2017-12-27 04:28 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$num` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
223			{
224	1		throw new \Error('Not implemented');
			0 ignored issues – show Unused Code introduced 2017-12-27 04:28 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to `Error::__construct()` has too many arguments starting with `'Not implemented'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
225			}
226
227			/**
228			* @param $num
229			* @return bool
230			* @throws \InvalidArgumentException
231			*/
232	2		public function isExact($num): bool
233			{
234	2		$this->enforcePredicate([$this, 'isNumber'], $num);
235
236	2		return !\is_float($num);
237			}
238
239			/**
240			* @param $num
241			* @return bool
242			* @throws \InvalidArgumentException
243			*/
244	1		public function isInexact($num): bool
245			{
246	1		return !$this->isExact($num);
247			}
248
249			/**
250			* @param $num
251			* @return bool
252			* @throws \InvalidArgumentException
253			*/
254	1		public function isZero($num): bool
255			{
256	1		$this->enforcePredicate([$this, 'isNumber'], $num);
257
258	1		return $num == 0;
259			}
260
261			/**
262			* @param $num
263			* @return bool
264			* @throws \InvalidArgumentException
265			*/
266	2		public function isPositive($num): bool
267			{
268	2		$this->enforcePredicate([$this, 'isNumber'], $num);
269
270	2		return $num > 0;
271			}
272
273			/**
274			* @param $num
275			* @return bool
276			* @throws \InvalidArgumentException
277			*/
278	1		public function isNegative($num): bool
279			{
280	1		return !$this->isPositive($num);
281			}
282
283			/**
284			* @param $num
285			* @return bool
286			* @throws \InvalidArgumentException
287			*/
288	2		public function isOdd($num): bool
289			{
290	2		$this->enforcePredicate([$this, 'isNumber'], $num);
291
292	2		return $num % 2 != 0;
293			}
294
295			/**
296			* @param $num
297			* @return bool
298			* @throws \InvalidArgumentException
299			*/
300	1		public function isEven($num): bool
301			{
302	1		return !$this->isOdd($num);
303			}
304
305			/**
306			* @param int[]\|float[] ...$args
307			* @return int\|float
308			* @throws \InvalidArgumentException
309			*/
310	1		public function max(...$args)
311			{
312	1		array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);
313
314	1		return max(...$args);
315			}
316
317			/**
318			* @param int[]\|float[] ...$args
319			* @return int\|float
320			* @throws \InvalidArgumentException
321			*/
322	1		public function min(...$args)
323			{
324	1		array_reduce($args, [$this, 'enforcePredicate'], [$this, 'isNumber']);
325
326	1		return min(...$args);
327			}
328
329			/**
330			* @param int\|float $arg
331			* @return int\|float
332			*/
333	1		public function abs($arg)
334			{
335	1		$this->enforcePredicate([$this, 'isNumber'], $arg);
336
337	1		return abs($arg);
338			}
339
340			/**
341			* Used as the callback to array_reduce, with the "carry" argument being the predicate to enforce
342			*
343			* @param callable $pred
344			* @param $thingToCheck
345			* @return callable
346			* @throws \InvalidArgumentException
347			* @SuppressWarnings(PHPMD.UnusedPrivateMethod)
348			*/
349	19		private function enforcePredicate(callable $pred, $thingToCheck): callable
350			{
351	19		if (!$pred($thingToCheck)) {
352	16		throw new \InvalidArgumentException(static::INVALID_ARG_REQUIRES_NUMERIC);
353			}
354
355	19		return $pred;
356			}
357			}
358

mattwellss / sphpeme

GitHub Access Token became invalid

Issues (14)

Security Analysis no request data

Sphpeme/Env/MathEnv.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like