Issues in BuilderFactory.php (master) - Issues in master - nikic/PHP-Parser - Measure and Improve Code Quality continuously with Scrutinizer

Issues (110)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

lib/PhpParser/BuilderFactory.php (1 issue)

Labels

Duplication 1

Severity

Informational 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace PhpParser;

use PhpParser\Builder;
use PhpParser\Node\Stmt\Use_;

/**
 * The following methods use reserved keywords, so their implementation is defined with an underscore and made available
 * with the reserved name through __call() magic.
 *
 * @method Builder\Namespace_ namespace(string $name) Creates a namespace builder.
 * @method Builder\Class_     class(string $name)     Creates a class builder.
 * @method Builder\Interface_ interface(string $name) Creates an interface builder.
 * @method Builder\Trait_     trait(string $name)     Creates a trait builder.
 * @method Builder\Function_  function(string $name)  Creates a function builder.
 * @method Builder\Use_       use(string $name)       Creates a namespace/class use builder.
 */
class BuilderFactory
{
    /**
     * Creates a namespace builder.
     * 
     * @param null|string|Node\Name $name Name of the namespace
     *
     * @return Builder\Namespace_ The created namespace builder
     */
    protected function _namespace($name) {
        return new Builder\Namespace_($name);
    }

    /**
     * Creates a class builder.
     *
     * @param string $name Name of the class
     *
     * @return Builder\Class_ The created class builder
     */
    protected function _class($name) {
        return new Builder\Class_($name);
    }

    /**
     * Creates an interface builder.
     *
     * @param string $name Name of the interface
     *
     * @return Builder\Interface_ The created interface builder
     */
    protected function _interface($name) {
        return new Builder\Interface_($name);
    }

    /**
     * Creates a trait builder.
     *
     * @param string $name Name of the trait
     *
     * @return Builder\Trait_ The created trait builder
     */
    protected function _trait($name) {
        return new Builder\Trait_($name);
    }

    /**
     * Creates a method builder.
     *
     * @param string $name Name of the method
     *
     * @return Builder\Method The created method builder
     */
    public function method($name) {
        return new Builder\Method($name);
    }

    /**
     * Creates a parameter builder.
     *
     * @param string $name Name of the parameter
     *
     * @return Builder\Param The created parameter builder
     */
    public function param($name) {
        return new Builder\Param($name);
    }

    /**
     * Creates a property builder.
     *
     * @param string $name Name of the property
     *
     * @return Builder\Property The created property builder
     */
    public function property($name) {
        return new Builder\Property($name);
    }

    /**
     * Creates a function builder.
     *
     * @param string $name Name of the function
     *
     * @return Builder\Function_ The created function builder
     */
    protected function _function($name) {
        return new Builder\Function_($name);
    }

    /**
     * Creates a namespace/class use builder.
     *
     * @param string|Node\Name Name to alias
     *
     * @return Builder\Use_ The create use builder
     */
    protected function _use($name) {
        return new Builder\Use_($name, Use_::TYPE_NORMAL);
    }

    public function __call($name, array $args) {

        if (method_exists($this, '_' . $name)) {
            return call_user_func_array(array($this, '_' . $name), $args);
        }

        throw new \LogicException(sprintf('Method "%s" does not exist', $name));
    }
}


1		<?php
2
3		namespace PhpParser;
4
5		use PhpParser\Builder;
6		use PhpParser\Node\Stmt\Use_;
7
8		/**
9		* The following methods use reserved keywords, so their implementation is defined with an underscore and made available
10		* with the reserved name through __call() magic.
11		*
12		* @method Builder\Namespace_ namespace(string $name) Creates a namespace builder.
13		* @method Builder\Class_ class(string $name) Creates a class builder.
14		* @method Builder\Interface_ interface(string $name) Creates an interface builder.
15		* @method Builder\Trait_ trait(string $name) Creates a trait builder.
16		* @method Builder\Function_ function(string $name) Creates a function builder.
17		* @method Builder\Use_ use(string $name) Creates a namespace/class use builder.
18		*/
19		class BuilderFactory
20		{
21		/**
22		* Creates a namespace builder.
23		*
24		* @param null\|string\|Node\Name $name Name of the namespace
25		*
26		* @return Builder\Namespace_ The created namespace builder
27		*/
28		protected function _namespace($name) {
29		return new Builder\Namespace_($name);
30		}
31
32		/**
33		* Creates a class builder.
34		*
35		* @param string $name Name of the class
36		*
37		* @return Builder\Class_ The created class builder
38		*/
39		protected function _class($name) {
40		return new Builder\Class_($name);
41		}
42
43		/**
44		* Creates an interface builder.
45		*
46		* @param string $name Name of the interface
47		*
48		* @return Builder\Interface_ The created interface builder
49		*/
50		protected function _interface($name) {
51		return new Builder\Interface_($name);
52		}
53
54		/**
55		* Creates a trait builder.
56		*
57		* @param string $name Name of the trait
58		*
59		* @return Builder\Trait_ The created trait builder
60		*/
61		protected function _trait($name) {
62		return new Builder\Trait_($name);
63		}
64
65		/**
66		* Creates a method builder.
67		*
68		* @param string $name Name of the method
69		*
70		* @return Builder\Method The created method builder
71		*/
72		public function method($name) {
73		return new Builder\Method($name);
74		}
75
76		/**
77		* Creates a parameter builder.
78		*
79		* @param string $name Name of the parameter
80		*
81		* @return Builder\Param The created parameter builder
82		*/
83		public function param($name) {
84		return new Builder\Param($name);
85		}
86
87		/**
88		* Creates a property builder.
89		*
90		* @param string $name Name of the property
91		*
92		* @return Builder\Property The created property builder
93		*/
94		public function property($name) {
95		return new Builder\Property($name);
96		}
97
98		/**
99		* Creates a function builder.
100		*
101		* @param string $name Name of the function
102		*
103		* @return Builder\Function_ The created function builder
104		*/
105		protected function _function($name) {
106		return new Builder\Function_($name);
107		}
108
109		/**
110		* Creates a namespace/class use builder.
111		*
112		* @param string\|Node\Name Name to alias
113		*
114		* @return Builder\Use_ The create use builder
115		*/
116		protected function _use($name) {
117		return new Builder\Use_($name, Use_::TYPE_NORMAL);
118		}
119
120	View Code Duplication	public function __call($name, array $args) {
		0 ignored issues – show Duplication introduced 2015-11-21 21:34 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
121		if (method_exists($this, '_' . $name)) {
122		return call_user_func_array(array($this, '_' . $name), $args);
123		}
124
125		throw new \LogicException(sprintf('Method "%s" does not exist', $name));
126		}
127		}
128

nikic / PHP-Parser

Issues (110)

Security Analysis no request data

lib/PhpParser/BuilderFactory.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like