UnsafeUnserialize - Code Metrics - Inspection of "Add UnsafeUnserialize analyzer" - ovr/phpsa - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#274)

by Enrico

created 2016-11-18 16:46 UTC

UnsafeUnserialize A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	34
Duplicated Lines	0 %

Coupling/Cohesion

Components	0
Dependencies	4

Test Coverage

Coverage

26.67%

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
c	1
b	0
f	0
dl	0
loc	34
ccs	4
cts	15
cp	0.2667
rs	10
wmc	4
lcom	0
cbo	4

2 Methods

Rating	Name	Duplication	Size	Complexity
A	pass()	0	18	3
A	getMetadata()	0	7	1

<?php

namespace PHPSA\Analyzer\Pass\Expression\FunctionCall;

use PhpParser\Node\Expr\FuncCall;
use PHPSA\Context;

class UnsafeUnserialize extends AbstractFunctionCallAnalyzer
{
    const DESCRIPTION = 'Checks for use of `unserialize()` without a 2nd parameter defining the allowed classes. Requires PHP 7.0+';

    public function pass(FuncCall $funcCall, Context $context)
    {
        $functionName = $this->resolveFunctionName($funcCall, $context);

        if ($functionName !== 'unserialize') {
            return false;
        }

        if (count($funcCall->args) < 2) {
            $context->notice(
                'unsafe.unserialize',
                sprintf('unserialize() should be used with a list of allowed classes or false as 2nd parameter.'),
                $funcCall
            );
            return true;
        }
        return false;
    }

    /**
     * {@inheritdoc}
     */
    public static function getMetadata()
    {
        $metaData = parent::getMetadata();
        $metaData->setRequiredPhpVersion('7.0');

        return $metaData;
    }
}


1		<?php
2
3		namespace PHPSA\Analyzer\Pass\Expression\FunctionCall;
4
5		use PhpParser\Node\Expr\FuncCall;
6		use PHPSA\Context;
7
8		class UnsafeUnserialize extends AbstractFunctionCallAnalyzer
9		{
10		const DESCRIPTION = 'Checks for use of `unserialize()` without a 2nd parameter defining the allowed classes. Requires PHP 7.0+';
11
12		public function pass(FuncCall $funcCall, Context $context)
13		{
14		$functionName = $this->resolveFunctionName($funcCall, $context);
15
16		if ($functionName !== 'unserialize') {
17		return false;
18		}
19
20		if (count($funcCall->args) < 2) {
21		$context->notice(
22		'unsafe.unserialize',
23		sprintf('unserialize() should be used with a list of allowed classes or false as 2nd parameter.'),
24		$funcCall
25		);
26		return true;
27		}
28		return false;
29		}
30
31		/**
32		* {@inheritdoc}
33		*/
34	46	public static function getMetadata()
35		{
36	46	$metaData = parent::getMetadata();
37	46	$metaData->setRequiredPhpVersion('7.0');
38
39	46	return $metaData;
40		}
41		}
42

ovr / phpsa

Pull Request — master (#274)

UnsafeUnserialize A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

2 Methods

Duplication Side-by-Side

Filter issues like