UnsafeUnserialize::getMetadata() - Code Metrics - Inspection of "Add UnsafeUnserialize analyzer" - ovr/phpsa - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#274)

by Enrico

created 2016-11-18 16:46 UTC

UnsafeUnserialize::getMetadata() A

↳ Parent: UnsafeUnserialize

Complexity

Conditions	1
Paths	1

Size

Total Lines	7
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	4
CRAP Score	1

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	1
eloc	4
c	1
b	0
f	0
nc	1
nop	0
dl	0
loc	7
ccs	4
cts	4
cp	1
crap	1
rs	9.4285

<?php

namespace PHPSA\Analyzer\Pass\Expression\FunctionCall;

use PhpParser\Node\Expr\FuncCall;
use PHPSA\Context;

class UnsafeUnserialize extends AbstractFunctionCallAnalyzer
{
    const DESCRIPTION = 'Checks for use of `unserialize()` without a 2nd parameter defining the allowed classes. Requires PHP 7.0+';

    public function pass(FuncCall $funcCall, Context $context)
    {
        $functionName = $this->resolveFunctionName($funcCall, $context);

        if ($functionName !== 'unserialize') {
            return false;
        }

        if (count($funcCall->args) < 2) {
            $context->notice(
                'unsafe.unserialize',
                sprintf('unserialize() should be used with a list of allowed classes or false as 2nd parameter.'),
                $funcCall
            );
            return true;
        }
        return false;
    }

    /**
     * {@inheritdoc}
     */
    public static function getMetadata()
    {
        $metaData = parent::getMetadata();
        $metaData->setRequiredPhpVersion('7.0');

        return $metaData;
    }
}


1		<?php
2
3		namespace PHPSA\Analyzer\Pass\Expression\FunctionCall;
4
5		use PhpParser\Node\Expr\FuncCall;
6		use PHPSA\Context;
7
8		class UnsafeUnserialize extends AbstractFunctionCallAnalyzer
9		{
10		const DESCRIPTION = 'Checks for use of `unserialize()` without a 2nd parameter defining the allowed classes. Requires PHP 7.0+';
11
12		public function pass(FuncCall $funcCall, Context $context)
13		{
14		$functionName = $this->resolveFunctionName($funcCall, $context);
15
16		if ($functionName !== 'unserialize') {
17		return false;
18		}
19
20		if (count($funcCall->args) < 2) {
21		$context->notice(
22		'unsafe.unserialize',
23		sprintf('unserialize() should be used with a list of allowed classes or false as 2nd parameter.'),
24		$funcCall
25		);
26		return true;
27		}
28		return false;
29		}
30
31		/**
32		* {@inheritdoc}
33		*/
34	46	public static function getMetadata()
35		{
36	46	$metaData = parent::getMetadata();
37	46	$metaData->setRequiredPhpVersion('7.0');
38
39	46	return $metaData;
40		}
41		}
42

ovr / phpsa

Pull Request — master (#274)

UnsafeUnserialize::getMetadata() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like