Issues in ReflectionClassFactory.php (master) - Issues in master - plvhx/dependency-injection - Measure and Improve Code Quality continuously with Scrutinizer

Issues (20)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Internal/ReflectionClassFactory.php (6 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * (c) Paulus Gandung Prakosa ([email protected])
 */

namespace DependencyInjection\Internal;

class ReflectionClassFactory implements ReflectionFactoryInterface
{
    /**
     * @var \ReflectionClass
     */
    private $reflection;

    public function __construct($instance)
    {
        if (!is_string($instance) && !class_exists($instance)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 1 of %s must be a string and exist class name.", __METHOD__)
            );
        }

        $this->reflection = new \ReflectionClass($instance);
    }

    public static function create($instance)
    {
        return new static($instance);
    }

    public function getConstant($name)
    {
        return $this->reflection->getConstant($name);
    }

    public function getConstants()
    {
        return $this->reflection->getConstants();
    }

    public function getConstructor()
    {
        return $this->reflection->getConstructor();
    }

    public function getDefaultProperties()
    {
        return $this->reflection->getDefaultProperties();
    }

    public function getDocComment()
    {
        return $this->reflection->getDocComment();
    }

    public function getEndLine()
    {
        return $this->reflection->getEndLine();
    }

    public function getExtension()
    {
        return $this->reflection->getExtension();
    }

    public function getExtensionName()
    {
        return $this->reflection->getExtensionName();
    }

    public function getFileName()
    {
        return $this->reflection->getFileName();
    }

    public function getInterfaceNames()
    {
        return $this->reflection->getInterfaceNames();
    }

    public function getInterfaces()
    {
        return $this->reflection->getInterfaces();
    }

    public function getMethod($name)
    {
        return $this->reflection->getMethod($name);
    }

    public function getMethods()
    {
        return $this->reflection->getMethods();
    }

    public function getModifiers()
    {
        return $this->reflection->getModifiers();
    }

    public function getName()
    {
        return $this->reflection->getName();

    }

    public function getNamespaceName()
    {
        return $this->reflection->getNamespaceName();
    }

    public function getParentClass()
    {
        return $this->reflection->getParentClass();
    }

    public function getProperties($filter = null)
    {
        return (!is_int($filter)
            ? $this->reflection->getProperties()
            : $this->reflection->getProperties($filter));
    }

    public function getProperty($name)
    {
        return $this->reflection->getProperty($name);
    }

    public function getShortName()
    {
        return $this->reflection->getShortName();
    }

    public function getStartLine()
    {
        return $this->reflection->getStartLine();
    }

    public function getStaticProperties()
    {
        return $this->reflection->getStaticProperties();
    }

    public function getStaticPropertyValue($name, &$def_value = null)
    {
        return (!isset($def_value)
            ? $this->reflection->getStaticPropertyValue($name)
            : $this->reflection->getStaticPropertyValue($name, $def_value));
    }

    public function getTraitAliases()
    {
        return $this->reflection->getTraitAliases();
    }

    public function getTraitNames()
    {
        return $this->reflection->getTraitNames();
    }

    public function getTraits()
    {
        return $this->reflection->getTraits();
    }

    public function hasConstant($name)

    {
        if (!is_string($name)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 1 of %s must be a string.", __METHOD__)
            );
        }

        return $this->reflection->hasConstant($name);
    }

    public function hasMethod($name)

    {
        if (!is_string($name)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 1 of %s must be a string.", __METHOD__)
            );
        }

        return $this->reflection->hasMethod($name);
    }

    public function hasProperty($name)

    {
        if (!is_string($name)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 1 of %s must be a string.", __METHOD__)
            );
        }

        return $this->reflection->hasProperty($name);
    }

    public function implementsInterface($interface)

    {
        if (!is_string($interface)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 1 of %s must be a string.", __METHOD__)
            );
        }

        return $this->reflection->implementsInterface($interface);
    }

    public function inNamespace()
    {
        return $this->reflection->inNamespace();
    }

    public function isAbstract()
    {
        return $this->reflection->isAbstract();
    }
    
    public function isCloneable()
    {
        return $this->reflection->isCloneable();
    }

    public function isFinal()
    {
        return $this->reflection->isFinal();
    }

    public function isInstance($object)
    {
        if (!is_object($object)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 1 of %s must be an object.", __METHOD__)
            );
        }

        return $this->reflection->isInstance($object);
    }

    public function isInstantiable()
    {
        return $this->reflection->isInstantiable();
    }

    public function isInterface()
    {
        return $this->reflection->isInterface();
    }

    public function isInternal()
    {
        return $this->reflection->isInternal();
    }

    public function isIterateable()
    {
        return $this->reflection->isIterateable();
    }

    public function isSubclassOf($class)

    {
        if (!is_string($class)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 1 of %s must be a string.", __METHOD__)
            );
        }

        return $this->reflection->isSubclassOf($class);
    }

    public function isTrait()
    {
        return $this->reflection->isTrait();
    }

    public function isUserDefined()
    {
        return $this->reflection->isUserDefined();
    }

    public function newInstance()
    {
        return call_user_func_array([$this->reflection, 'newInstance'], func_get_args());
    }

    public function newInstanceArgs($args)
    {
        if (!is_array($args)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 1 of %s must be an array.", __METHOD__)
            );
        }

        return $this->reflection->newInstanceArgs($args);
    }

    public function newInstanceWithoutConstructor()
    {
        return $this->reflection->newInstanceWithoutConstructor();
    }

    public function setStaticPropertyValue($name, $value)
    {
        if (!is_string($name)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 1 of %s must be a string.", __METHOD__)
            );
        }

        if (!isset($value)) {
            throw Exception\ReflectionExceptionFactory::invalidArgument(
                sprintf("Parameter 2 of %s must be set.", __METHOD__)
            );
        }

        $this->reflection->setStaticPropertyValue($name, $value);
    }
    
    public function __toString()
    {
        return call_user_func([$this->reflection, '__toString']);
    }

    public function getReflector()
    {
        return $this->reflection;
    }
}


1		<?php
2
3		/**
4		* (c) Paulus Gandung Prakosa ([email protected])
5		*/
6
7		namespace DependencyInjection\Internal;
8
9		class ReflectionClassFactory implements ReflectionFactoryInterface
10		{
11		/**
12		* @var \ReflectionClass
13		*/
14		private $reflection;
15
16		public function __construct($instance)
17		{
18		if (!is_string($instance) && !class_exists($instance)) {
19		throw Exception\ReflectionExceptionFactory::invalidArgument(
20		sprintf("Parameter 1 of %s must be a string and exist class name.", __METHOD__)
21		);
22		}
23
24		$this->reflection = new \ReflectionClass($instance);
25		}
26
27		public static function create($instance)
28		{
29		return new static($instance);
30		}
31
32		public function getConstant($name)
33		{
34		return $this->reflection->getConstant($name);
35		}
36
37		public function getConstants()
38		{
39		return $this->reflection->getConstants();
40		}
41
42		public function getConstructor()
43		{
44		return $this->reflection->getConstructor();
45		}
46
47		public function getDefaultProperties()
48		{
49		return $this->reflection->getDefaultProperties();
50		}
51
52		public function getDocComment()
53		{
54		return $this->reflection->getDocComment();
55		}
56
57		public function getEndLine()
58		{
59		return $this->reflection->getEndLine();
60		}
61
62		public function getExtension()
63		{
64		return $this->reflection->getExtension();
65		}
66
67		public function getExtensionName()
68		{
69		return $this->reflection->getExtensionName();
70		}
71
72		public function getFileName()
73		{
74		return $this->reflection->getFileName();
75		}
76
77		public function getInterfaceNames()
78		{
79		return $this->reflection->getInterfaceNames();
80		}
81
82		public function getInterfaces()
83		{
84		return $this->reflection->getInterfaces();
85		}
86
87		public function getMethod($name)
88		{
89		return $this->reflection->getMethod($name);
90		}
91
92		public function getMethods()
93		{
94		return $this->reflection->getMethods();
95		}
96
97		public function getModifiers()
98		{
99		return $this->reflection->getModifiers();
100		}
101
102		public function getName()
103		{
104		return $this->reflection->getName();
		0 ignored issues – show Bug introduced 2017-05-31 02:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this Consider using `$this->reflection->name`. There is an issue with `getName()` and APC-enabled PHP versions. Loading history...
105		}
106
107		public function getNamespaceName()
108		{
109		return $this->reflection->getNamespaceName();
110		}
111
112		public function getParentClass()
113		{
114		return $this->reflection->getParentClass();
115		}
116
117		public function getProperties($filter = null)
118		{
119		return (!is_int($filter)
120		? $this->reflection->getProperties()
121		: $this->reflection->getProperties($filter));
122		}
123
124		public function getProperty($name)
125		{
126		return $this->reflection->getProperty($name);
127		}
128
129		public function getShortName()
130		{
131		return $this->reflection->getShortName();
132		}
133
134		public function getStartLine()
135		{
136		return $this->reflection->getStartLine();
137		}
138
139		public function getStaticProperties()
140		{
141		return $this->reflection->getStaticProperties();
142		}
143
144		public function getStaticPropertyValue($name, &$def_value = null)
145		{
146		return (!isset($def_value)
147		? $this->reflection->getStaticPropertyValue($name)
148		: $this->reflection->getStaticPropertyValue($name, $def_value));
149		}
150
151		public function getTraitAliases()
152		{
153		return $this->reflection->getTraitAliases();
154		}
155
156		public function getTraitNames()
157		{
158		return $this->reflection->getTraitNames();
159		}
160
161		public function getTraits()
162		{
163		return $this->reflection->getTraits();
164		}
165
166	View Code Duplication	public function hasConstant($name)
		0 ignored issues – show Duplication introduced 2017-05-31 02:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
167		{
168		if (!is_string($name)) {
169		throw Exception\ReflectionExceptionFactory::invalidArgument(
170		sprintf("Parameter 1 of %s must be a string.", __METHOD__)
171		);
172		}
173
174		return $this->reflection->hasConstant($name);
175		}
176
177	View Code Duplication	public function hasMethod($name)
		0 ignored issues – show Duplication introduced 2017-05-31 02:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
178		{
179		if (!is_string($name)) {
180		throw Exception\ReflectionExceptionFactory::invalidArgument(
181		sprintf("Parameter 1 of %s must be a string.", __METHOD__)
182		);
183		}
184
185		return $this->reflection->hasMethod($name);
186		}
187
188	View Code Duplication	public function hasProperty($name)
		0 ignored issues – show Duplication introduced 2017-05-31 02:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
189		{
190		if (!is_string($name)) {
191		throw Exception\ReflectionExceptionFactory::invalidArgument(
192		sprintf("Parameter 1 of %s must be a string.", __METHOD__)
193		);
194		}
195
196		return $this->reflection->hasProperty($name);
197		}
198
199	View Code Duplication	public function implementsInterface($interface)
		0 ignored issues – show Duplication introduced 2017-05-31 02:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
200		{
201		if (!is_string($interface)) {
202		throw Exception\ReflectionExceptionFactory::invalidArgument(
203		sprintf("Parameter 1 of %s must be a string.", __METHOD__)
204		);
205		}
206
207		return $this->reflection->implementsInterface($interface);
208		}
209
210		public function inNamespace()
211		{
212		return $this->reflection->inNamespace();
213		}
214
215		public function isAbstract()
216		{
217		return $this->reflection->isAbstract();
218		}
219
220		public function isCloneable()
221		{
222		return $this->reflection->isCloneable();
223		}
224
225		public function isFinal()
226		{
227		return $this->reflection->isFinal();
228		}
229
230		public function isInstance($object)
231		{
232		if (!is_object($object)) {
233		throw Exception\ReflectionExceptionFactory::invalidArgument(
234		sprintf("Parameter 1 of %s must be an object.", __METHOD__)
235		);
236		}
237
238		return $this->reflection->isInstance($object);
239		}
240
241		public function isInstantiable()
242		{
243		return $this->reflection->isInstantiable();
244		}
245
246		public function isInterface()
247		{
248		return $this->reflection->isInterface();
249		}
250
251		public function isInternal()
252		{
253		return $this->reflection->isInternal();
254		}
255
256		public function isIterateable()
257		{
258		return $this->reflection->isIterateable();
259		}
260
261	View Code Duplication	public function isSubclassOf($class)
		0 ignored issues – show Duplication introduced 2017-05-31 02:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
262		{
263		if (!is_string($class)) {
264		throw Exception\ReflectionExceptionFactory::invalidArgument(
265		sprintf("Parameter 1 of %s must be a string.", __METHOD__)
266		);
267		}
268
269		return $this->reflection->isSubclassOf($class);
270		}
271
272		public function isTrait()
273		{
274		return $this->reflection->isTrait();
275		}
276
277		public function isUserDefined()
278		{
279		return $this->reflection->isUserDefined();
280		}
281
282		public function newInstance()
283		{
284		return call_user_func_array([$this->reflection, 'newInstance'], func_get_args());
285		}
286
287		public function newInstanceArgs($args)
288		{
289		if (!is_array($args)) {
290		throw Exception\ReflectionExceptionFactory::invalidArgument(
291		sprintf("Parameter 1 of %s must be an array.", __METHOD__)
292		);
293		}
294
295		return $this->reflection->newInstanceArgs($args);
296		}
297
298		public function newInstanceWithoutConstructor()
299		{
300		return $this->reflection->newInstanceWithoutConstructor();
301		}
302
303		public function setStaticPropertyValue($name, $value)
304		{
305		if (!is_string($name)) {
306		throw Exception\ReflectionExceptionFactory::invalidArgument(
307		sprintf("Parameter 1 of %s must be a string.", __METHOD__)
308		);
309		}
310
311		if (!isset($value)) {
312		throw Exception\ReflectionExceptionFactory::invalidArgument(
313		sprintf("Parameter 2 of %s must be set.", __METHOD__)
314		);
315		}
316
317		$this->reflection->setStaticPropertyValue($name, $value);
318		}
319
320		public function __toString()
321		{
322		return call_user_func([$this->reflection, '__toString']);
323		}
324
325		public function getReflector()
326		{
327		return $this->reflection;
328		}
329		}
330

plvhx / dependency-injection

Issues (20)

Security Analysis no request data

src/Internal/ReflectionClassFactory.php (6 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like