UnsafeUnserialize - Code Metrics - Inspection of "Feature: Now, We support only PHP >= 7.0 #346" - ovr/phpsa - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 8f0d0f...15736a )

by Дмитрий

created 2018-01-20 06:36 UTC

UnsafeUnserialize A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	35
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	4

Test Coverage

Coverage

100%

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
dl	0
loc	35
ccs	15
cts	15
cp	1
rs	10
c	1
b	0
f	0
wmc	4
lcom	1
cbo	4

2 Methods

Rating	Name	Duplication	Size	Complexity
A	getMetadata()	0	7	1
A	pass()	0	19	3

<?php

namespace PHPSA\Analyzer\Pass\Expression\FunctionCall;

use PhpParser\Node\Expr\FuncCall;
use PHPSA\Context;

class UnsafeUnserialize extends AbstractFunctionCallAnalyzer
{
    const DESCRIPTION = 'Checks for use of `unserialize()` without a 2nd parameter defining the allowed classes. Requires PHP 7.0+';

    public function pass(FuncCall $funcCall, Context $context)
    {
        $functionName = $this->resolveFunctionName($funcCall, $context);

        if ($functionName !== 'unserialize') {
            return false;
        }

        if (count($funcCall->args) < 2) {
            $context->notice(
                'unsafe.unserialize',
                sprintf('unserialize() should be used with a list of allowed classes or false as 2nd parameter.'),
                $funcCall
            );
            return true;
        }

        return false;
    }

    /**
     * {@inheritdoc}
     */
    public static function getMetadata()
    {
        $metaData = parent::getMetadata();
        $metaData->setRequiredPhpVersion('7.0');

        return $metaData;
    }
}


1		<?php
2
3		namespace PHPSA\Analyzer\Pass\Expression\FunctionCall;
4
5		use PhpParser\Node\Expr\FuncCall;
6		use PHPSA\Context;
7
8		class UnsafeUnserialize extends AbstractFunctionCallAnalyzer
9		{
10		const DESCRIPTION = 'Checks for use of `unserialize()` without a 2nd parameter defining the allowed classes. Requires PHP 7.0+';
11
12	4	public function pass(FuncCall $funcCall, Context $context)
13		{
14	4	$functionName = $this->resolveFunctionName($funcCall, $context);
15
16	4	if ($functionName !== 'unserialize') {
17	3	return false;
18		}
19
20	1	if (count($funcCall->args) < 2) {
21	1	$context->notice(
22	1	'unsafe.unserialize',
23	1	sprintf('unserialize() should be used with a list of allowed classes or false as 2nd parameter.'),
24	1	$funcCall
25		);
26	1	return true;
27		}
28
29	1	return false;
30		}
31
32		/**
33		* {@inheritdoc}
34		*/
35	57	public static function getMetadata()
36		{
37	57	$metaData = parent::getMetadata();
38	57	$metaData->setRequiredPhpVersion('7.0');
39
40	57	return $metaData;
41		}
42		}
43

ovr / phpsa

Push — master ( 8f0d0f...15736a )

UnsafeUnserialize A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

2 Methods

Duplication Side-by-Side

Filter issues like