Issues in WorkerClass.php (master) - Issues in master - mikaelkael/GearmanBundle - Measure and Improve Code Quality continuously with Scrutinizer

Issues (57)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

Module/WorkerClass.php (5 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * Gearman Bundle for Symfony2 / Symfony3
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 *
 * Feel free to edit as you please, and have fun.
 *
 * @author Marc Morera <[email protected]>
 */

namespace Mkk\GearmanBundle\Module;

use Doctrine\Common\Annotations\Reader;
use Mkk\GearmanBundle\Driver\Gearman\Job as JobAnnotation;
use Mkk\GearmanBundle\Driver\Gearman\Work as WorkAnnotation;
use Mkk\GearmanBundle\Module\JobClass as Job;

/**
 * Worker class
 *
 * This class provide all worker definition.
 */
class WorkerClass
{
    /**
     * @var string
     *
     * Default description when is not defined
     */
    const DEFAULT_DESCRIPTION = 'No description is defined';

    /**
     * @var string
     *
     * Namespace of worker class
     */
    private $namespace;

    /**
     * @var string
     *
     * Class name of worker
     */
    private $className;

    /**
     * @var string
     *
     * Filename of worker
     */
    private $fileName;

    /**
     * @var string
     *
     * Callable name for this job.
     * If is setted on annotations, this value will be used.
     * Otherwise, natural method name will be used.
     */
    private $callableName;

    /**
     * @var string
     *
     * Service alias if this worker is wanted to be built by dependency injection
     */
    private $service;

    /**
     * @var string
     *
     * Description of Job
     */
    private $description;

    /**
     * @var integer
     *
     * Number of iterations this job will be alive before die
     */
    private $iterations;

    /**
     * @var string
     *
     * Default method this job will be call into Gearman client
     */
    private $defaultMethod;

    /**
     * @var int
     *
     * Job minimum execution time
     */
    private $minimumExecutionTime;

    /**
     * @var int
     *
     * Timeout for idle job
     */
    private $timeout;

    /**
     * @var array
     *
     * Collection of servers to connect
     */
    private $servers;

    /**
     * @var JobCollection
     *
     * All jobs inside Worker
     */
    private $jobCollection;

    /**
     * The prefix for all job names
     *
     * @var string $jobPrefix
     */
    private $jobPrefix = null;

    /**
     * Retrieves all jobs available from worker
     *
     * @param WorkAnnotation  $workAnnotation  workAnnotation class
     * @param \ReflectionClass $reflectionClass Reflexion class
     * @param Reader          $reader          Reader class
     * @param array           $servers         Array of servers defined for Worker
     * @param array           $defaultSettings Default settings for Worker
     */
    public function __construct(WorkAnnotation $workAnnotation, \ReflectionClass $reflectionClass, Reader $reader, array $servers, array $defaultSettings)
    {

        $this->namespace = $reflectionClass->getNamespaceName();

        /**
         * If WorkAnnotation name field is defined, workers_name_prepend_namespace value
         * in defaultSettings array must be checked.
         *
         * If true, namespace must be prepended to workAnnotation name for callableName
         * Otherwise, only workAnnotation value is set as callableName
         */
        $callableNameNamespace = $defaultSettings['workers_name_prepend_namespace']

            ? $this->namespace
            : '';

        /**
         * Setting worker callable name
         */
        $this->callableName = is_null($workAnnotation->name)
            ? $reflectionClass->getName()

            : $callableNameNamespace . $workAnnotation->name;

        $this->callableName = str_replace('\\', '', $this->callableName);

        /**
         * Setting worker description
         */
        $this->description = is_null($workAnnotation->description)
            ? self::DEFAULT_DESCRIPTION
            : $workAnnotation->description;

        $this->fileName = $reflectionClass->getFileName();
        $this->className = $reflectionClass->getName();

        $this->service = $workAnnotation->service;

        if (isset($defaultSettings['job_prefix'])) {

            $this->jobPrefix = $defaultSettings['job_prefix'];
        }

        $this->servers = $this->loadServers($workAnnotation, $servers);
        $this->iterations = $this->loadIterations($workAnnotation, $defaultSettings);
        $this->defaultMethod = $this->loadDefaultMethod($workAnnotation, $defaultSettings);
        $this->minimumExecutionTime = $this->loadMinimumExecutionTime($workAnnotation, $defaultSettings);
        $this->timeout = $this->loadTimeout($workAnnotation, $defaultSettings);
        $this->jobCollection = $this->createJobCollection($reflectionClass, $reader);
    }

    /**
     * Load servers
     *
     * If any server is defined in JobAnnotation, this one is used.
     * Otherwise is used servers set in Class
     *
     * @param WorkAnnotation $workAnnotation WorkAnnotation class
     * @param array          $servers        Array of servers defined for Worker
     *
     * @return array Servers
     */
    private function loadServers(WorkAnnotation $workAnnotation, array $servers)
    {
        /**
         * If is configured some servers definition in the worker, overwrites
         */
        if ($workAnnotation->servers) {

            $servers = (is_array($workAnnotation->servers) && !isset($workAnnotation->servers['host']))

                ? $workAnnotation->servers
                : array($workAnnotation->servers);
        }

        return $servers;
    }

    /**
     * Load iterations
     *
     * If iterations is defined in WorkAnnotation, this one is used.
     * Otherwise is used set in Class
     *
     * @param WorkAnnotation $workAnnotation  WorkAnnotation class
     * @param array          $defaultSettings Default settings for Worker
     *
     * @return integer Iteration
     */
    private function loadIterations(WorkAnnotation $workAnnotation, array $defaultSettings)
    {
        return is_null($workAnnotation->iterations)
            ? (int) $defaultSettings['iterations']
            : (int) $workAnnotation->iterations;
    }

    /**
     * Load defaultMethod
     *
     * If defaultMethod is defined in WorkAnnotation, this one is used.
     * Otherwise is used set in Class
     *
     * @param WorkAnnotation $workAnnotation  WorkAnnotation class
     * @param array          $defaultSettings Default settings for Worker
     *
     * @return string Default method
     */
    private function loadDefaultMethod(WorkAnnotation $workAnnotation, array $defaultSettings)
    {
        return is_null($workAnnotation->defaultMethod)
            ? $defaultSettings['method']
            : $workAnnotation->defaultMethod;
    }

    /**
     * Load minimumExecutionTime
     *
     * If minimumExecutionTime is defined in JobAnnotation, this one is used.
     * Otherwise is used set in Class
     *
     * @param WorkAnnotation $workAnnotation
     * @param array $defaultSettings
     *
     * @return int
     */
    private function loadMinimumExecutionTime(WorkAnnotation $workAnnotation, array $defaultSettings)
    {
        return is_null($workAnnotation->minimumExecutionTime)
            ? (int) $defaultSettings['minimum_execution_time']
            : (int) $workAnnotation->minimumExecutionTime;
    }

    /**
     * Load timeout
     *
     * If timeout is defined in JobAnnotation, this one is used.
     * Otherwise is used set in Class
     *
     * @param WorkAnnotation $workAnnotation
     * @param array $defaultSettings
     *
     * @return int
     */
    private function loadTimeout(WorkAnnotation $workAnnotation, array $defaultSettings)
    {
        return is_null($workAnnotation->timeout)
            ? (int) $defaultSettings['timeout']
            : (int) $workAnnotation->timeout;
    }

    /**
     * Creates job collection of worker
     *
     * @param \ReflectionClass $reflectionClass Reflexion class
     * @param Reader          $reader          ReaderAnnotation class
     *
     * @return JobCollection self Object
     */
    private function createJobCollection(\ReflectionClass $reflectionClass, Reader $reader)
    {
        $jobCollection = new JobCollection;

        /**
         * For each defined method, we parse it
         */
        foreach ($reflectionClass->getMethods() as $reflectionMethod) {

            $methodAnnotations = $reader->getMethodAnnotations($reflectionMethod);

            /**
             * Every annotation found is parsed
             */
            foreach ($methodAnnotations as $methodAnnotation) {

                /**
                 * Annotation is only loaded if is typeof JobAnnotation
                 */
                if ($methodAnnotation instanceof JobAnnotation) {
                    /**
                     * Creates new Job
                     */
                    $job = new Job($methodAnnotation, $reflectionMethod, $this->callableName, $this->servers, array(
                        'jobPrefix'            => $this->jobPrefix,
                        'iterations'           => $this->iterations,
                        'method'               => $this->defaultMethod,
                        'minimumExecutionTime' => $this->minimumExecutionTime,
                        'timeout'              => $this->timeout,
                    ));

                    $jobCollection->add($job);
                }
            }
        }

        return $jobCollection;
    }

    /**
     * Retrieve all Worker data in cache format
     *
     * @return array

     */
    public function toArray()
    {
        return array(

            'namespace'            => $this->namespace,
            'className'            => $this->className,
            'fileName'             => $this->fileName,
            'callableName'         => $this->callableName,
            'description'          => $this->description,
            'service'              => $this->service,
            'servers'              => $this->servers,
            'iterations'           => $this->iterations,
            'minimumExecutionTime' => $this->minimumExecutionTime,
            'timeout'              => $this->timeout,
            'jobs'                 => $this->jobCollection->toArray(),
        );
    }

}


1		<?php
2
3		/**
4		* Gearman Bundle for Symfony2 / Symfony3
5		*
6		* For the full copyright and license information, please view the LICENSE
7		* file that was distributed with this source code.
8		*
9		* Feel free to edit as you please, and have fun.
10		*
11		* @author Marc Morera <[email protected]>
12		*/
13
14		namespace Mkk\GearmanBundle\Module;
15
16		use Doctrine\Common\Annotations\Reader;
17		use Mkk\GearmanBundle\Driver\Gearman\Job as JobAnnotation;
18		use Mkk\GearmanBundle\Driver\Gearman\Work as WorkAnnotation;
19		use Mkk\GearmanBundle\Module\JobClass as Job;
20
21		/**
22		* Worker class
23		*
24		* This class provide all worker definition.
25		*/
26		class WorkerClass
27		{
28		/**
29		* @var string
30		*
31		* Default description when is not defined
32		*/
33		const DEFAULT_DESCRIPTION = 'No description is defined';
34
35		/**
36		* @var string
37		*
38		* Namespace of worker class
39		*/
40		private $namespace;
41
42		/**
43		* @var string
44		*
45		* Class name of worker
46		*/
47		private $className;
48
49		/**
50		* @var string
51		*
52		* Filename of worker
53		*/
54		private $fileName;
55
56		/**
57		* @var string
58		*
59		* Callable name for this job.
60		* If is setted on annotations, this value will be used.
61		* Otherwise, natural method name will be used.
62		*/
63		private $callableName;
64
65		/**
66		* @var string
67		*
68		* Service alias if this worker is wanted to be built by dependency injection
69		*/
70		private $service;
71
72		/**
73		* @var string
74		*
75		* Description of Job
76		*/
77		private $description;
78
79		/**
80		* @var integer
81		*
82		* Number of iterations this job will be alive before die
83		*/
84		private $iterations;
85
86		/**
87		* @var string
88		*
89		* Default method this job will be call into Gearman client
90		*/
91		private $defaultMethod;
92
93		/**
94		* @var int
95		*
96		* Job minimum execution time
97		*/
98		private $minimumExecutionTime;
99
100		/**
101		* @var int
102		*
103		* Timeout for idle job
104		*/
105		private $timeout;
106
107		/**
108		* @var array
109		*
110		* Collection of servers to connect
111		*/
112		private $servers;
113
114		/**
115		* @var JobCollection
116		*
117		* All jobs inside Worker
118		*/
119		private $jobCollection;
120
121		/**
122		* The prefix for all job names
123		*
124		* @var string $jobPrefix
125		*/
126		private $jobPrefix = null;
127
128		/**
129		* Retrieves all jobs available from worker
130		*
131		* @param WorkAnnotation $workAnnotation workAnnotation class
132		* @param \ReflectionClass $reflectionClass Reflexion class
133		* @param Reader $reader Reader class
134		* @param array $servers Array of servers defined for Worker
135		* @param array $defaultSettings Default settings for Worker
136		*/
137	3	public function __construct(WorkAnnotation $workAnnotation, \ReflectionClass $reflectionClass, Reader $reader, array $servers, array $defaultSettings)
138		{
139
140	3	$this->namespace = $reflectionClass->getNamespaceName();
141
142		/**
143		* If WorkAnnotation name field is defined, workers_name_prepend_namespace value
144		* in defaultSettings array must be checked.
145		*
146		* If true, namespace must be prepended to workAnnotation name for callableName
147		* Otherwise, only workAnnotation value is set as callableName
148		*/
149	3	$callableNameNamespace = $defaultSettings['workers_name_prepend_namespace']
		0 ignored issues – show Comprehensibility Naming introduced 2016-11-11 12:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable name `$callableNameNamespace` exceeds the maximum configured length of `20`. Very long variable names usually make code harder to read. It is therefore recommended not to make variable names too verbose. Loading history...
150	3	? $this->namespace
151	3	: '';
152
153		/**
154		* Setting worker callable name
155		*/
156	3	$this->callableName = is_null($workAnnotation->name)
157	2	? $reflectionClass->getName()
		0 ignored issues – show Bug introduced 2018-07-30 19:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider using `$reflectionClass->name`. There is an issue with `getName()` and APC-enabled PHP versions. Loading history...
158	1	: $callableNameNamespace . $workAnnotation->name;
159
160	3	$this->callableName = str_replace('\\', '', $this->callableName);
161
162		/**
163		* Setting worker description
164		*/
165	3	$this->description = is_null($workAnnotation->description)
166	2	? self::DEFAULT_DESCRIPTION
167	1	: $workAnnotation->description;
168
169	3	$this->fileName = $reflectionClass->getFileName();
170	3	$this->className = $reflectionClass->getName();
		0 ignored issues – show Bug introduced 2018-07-30 19:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider using `$reflectionClass->name`. There is an issue with `getName()` and APC-enabled PHP versions. Loading history...
171	3	$this->service = $workAnnotation->service;
172
173	3	if (isset($defaultSettings['job_prefix'])) {
174
175		$this->jobPrefix = $defaultSettings['job_prefix'];
176		}
177
178	3	$this->servers = $this->loadServers($workAnnotation, $servers);
179	3	$this->iterations = $this->loadIterations($workAnnotation, $defaultSettings);
180	3	$this->defaultMethod = $this->loadDefaultMethod($workAnnotation, $defaultSettings);
181	3	$this->minimumExecutionTime = $this->loadMinimumExecutionTime($workAnnotation, $defaultSettings);
182	3	$this->timeout = $this->loadTimeout($workAnnotation, $defaultSettings);
183	3	$this->jobCollection = $this->createJobCollection($reflectionClass, $reader);
184	3	}
185
186		/**
187		* Load servers
188		*
189		* If any server is defined in JobAnnotation, this one is used.
190		* Otherwise is used servers set in Class
191		*
192		* @param WorkAnnotation $workAnnotation WorkAnnotation class
193		* @param array $servers Array of servers defined for Worker
194		*
195		* @return array Servers
196		*/
197	3	private function loadServers(WorkAnnotation $workAnnotation, array $servers)
198		{
199		/**
200		* If is configured some servers definition in the worker, overwrites
201		*/
202	3	if ($workAnnotation->servers) {
203
204	2	$servers = (is_array($workAnnotation->servers) && !isset($workAnnotation->servers['host']))
		0 ignored issues – show Coding Style introduced 2016-11-11 12:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider using a different name than the parameter `$servers`. This often makes code more readable. Loading history...
205	1	? $workAnnotation->servers
206	2	: array($workAnnotation->servers);
207		}
208
209	3	return $servers;
210		}
211
212		/**
213		* Load iterations
214		*
215		* If iterations is defined in WorkAnnotation, this one is used.
216		* Otherwise is used set in Class
217		*
218		* @param WorkAnnotation $workAnnotation WorkAnnotation class
219		* @param array $defaultSettings Default settings for Worker
220		*
221		* @return integer Iteration
222		*/
223	3	private function loadIterations(WorkAnnotation $workAnnotation, array $defaultSettings)
224		{
225	3	return is_null($workAnnotation->iterations)
226	2	? (int) $defaultSettings['iterations']
227	3	: (int) $workAnnotation->iterations;
228		}
229
230		/**
231		* Load defaultMethod
232		*
233		* If defaultMethod is defined in WorkAnnotation, this one is used.
234		* Otherwise is used set in Class
235		*
236		* @param WorkAnnotation $workAnnotation WorkAnnotation class
237		* @param array $defaultSettings Default settings for Worker
238		*
239		* @return string Default method
240		*/
241	3	private function loadDefaultMethod(WorkAnnotation $workAnnotation, array $defaultSettings)
242		{
243	3	return is_null($workAnnotation->defaultMethod)
244	2	? $defaultSettings['method']
245	3	: $workAnnotation->defaultMethod;
246		}
247
248		/**
249		* Load minimumExecutionTime
250		*
251		* If minimumExecutionTime is defined in JobAnnotation, this one is used.
252		* Otherwise is used set in Class
253		*
254		* @param WorkAnnotation $workAnnotation
255		* @param array $defaultSettings
256		*
257		* @return int
258		*/
259	3	private function loadMinimumExecutionTime(WorkAnnotation $workAnnotation, array $defaultSettings)
260		{
261	3	return is_null($workAnnotation->minimumExecutionTime)
262	3	? (int) $defaultSettings['minimum_execution_time']
263	3	: (int) $workAnnotation->minimumExecutionTime;
264		}
265
266		/**
267		* Load timeout
268		*
269		* If timeout is defined in JobAnnotation, this one is used.
270		* Otherwise is used set in Class
271		*
272		* @param WorkAnnotation $workAnnotation
273		* @param array $defaultSettings
274		*
275		* @return int
276		*/
277	3	private function loadTimeout(WorkAnnotation $workAnnotation, array $defaultSettings)
278		{
279	3	return is_null($workAnnotation->timeout)
280	3	? (int) $defaultSettings['timeout']
281	3	: (int) $workAnnotation->timeout;
282		}
283
284		/**
285		* Creates job collection of worker
286		*
287		* @param \ReflectionClass $reflectionClass Reflexion class
288		* @param Reader $reader ReaderAnnotation class
289		*
290		* @return JobCollection self Object
291		*/
292	3	private function createJobCollection(\ReflectionClass $reflectionClass, Reader $reader)
293		{
294	3	$jobCollection = new JobCollection;
295
296		/**
297		* For each defined method, we parse it
298		*/
299	3	foreach ($reflectionClass->getMethods() as $reflectionMethod) {
300
301		$methodAnnotations = $reader->getMethodAnnotations($reflectionMethod);
302
303		/**
304		* Every annotation found is parsed
305		*/
306		foreach ($methodAnnotations as $methodAnnotation) {
307
308		/**
309		* Annotation is only loaded if is typeof JobAnnotation
310		*/
311		if ($methodAnnotation instanceof JobAnnotation) {
312		/**
313		* Creates new Job
314		*/
315		$job = new Job($methodAnnotation, $reflectionMethod, $this->callableName, $this->servers, array(
316		'jobPrefix' => $this->jobPrefix,
317		'iterations' => $this->iterations,
318		'method' => $this->defaultMethod,
319		'minimumExecutionTime' => $this->minimumExecutionTime,
320		'timeout' => $this->timeout,
321		));
322
323		$jobCollection->add($job);
324		}
325		}
326		}
327
328	3	return $jobCollection;
329		}
330
331		/**
332		* Retrieve all Worker data in cache format
333		*
334		* @return array
		0 ignored issues – show Documentation introduced 2016-11-11 12:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider making the return type a bit more specific; maybe use `array<string,string\|array\|integer>`. This check looks for the generic type `array` as a return type and suggests a more specific type. This type is inferred from the actual code. Loading history...
335		*/
336	3	public function toArray()
337		{
338		return array(
339
340	3	'namespace' => $this->namespace,
341	3	'className' => $this->className,
342	3	'fileName' => $this->fileName,
343	3	'callableName' => $this->callableName,
344	3	'description' => $this->description,
345	3	'service' => $this->service,
346	3	'servers' => $this->servers,
347	3	'iterations' => $this->iterations,
348	3	'minimumExecutionTime' => $this->minimumExecutionTime,
349	3	'timeout' => $this->timeout,
350	3	'jobs' => $this->jobCollection->toArray(),
351		);
352		}
353
354		}
355

mikaelkael / GearmanBundle

Issues (57)

Security Analysis no request data

Module/WorkerClass.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like