Issues in LoadedCollector.php (master) - Issues in master - steevanb/dev-bundle - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

DataCollector/LoadedCollector.php (4 issues)

Labels

Duplication 4

Severity

Informational 4

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

declare(strict_types=1);

namespace steevanb\DevBundle\DataCollector;

use Symfony\Component\DependencyInjection\Container;
use Symfony\Component\HttpFoundation\{
    Request,
    Response
};
use Symfony\Component\HttpKernel\DataCollector\DataCollector;

class LoadedCollector extends DataCollector
{
    /**
     * I know we should try to not have Container as dependency
     * But i need it to get fresh data in collect()
     * I need Container, not ContainerInterface
     * @var Container
     */
    protected $container;

    public function __construct(Container $container)
    {
        $this->container = $container;
    }

    public function getName(): string
    {
        return 'loaded_data_collector';
    }

    public function collect(Request $request, Response $response, \Exception $exception = null): void
    {
        $this->data = [
            'declaredClasses' => get_declared_classes(),
            'declaredInterfaces' => get_declared_interfaces(),
            'declaredTraits' => get_declared_traits(),
            'definedConstants' => get_defined_constants(),
            'definedFunctions' => get_defined_functions()['user'],
            'services' => $this->container->getServiceIds(),
            'instantiatedServices' => $this->getInstantiatedServicesData(),
            'parameters' => $this->container->getParameterBag()->all(),
            'listeners' => $this->getListenersData()
        ];
    }

    public function reset(): void
    {
        $this->data = [];
    }

    public function getDeclaredClasses(): array
    {
        static $sorted = false;
        if ($sorted === false) {
            $sorted = true;
            sort($this->data['declaredClasses']);
        }

        return $this->data['declaredClasses'];
    }

    public function countDeclaredClasses(): int
    {
        return count($this->data['declaredClasses']);
    }

    public function getDeclaredInterfaces(): array
    {
        static $sorted = false;
        if ($sorted === false) {
            $sorted = true;
            sort($this->data['declaredInterfaces']);
        }

        return $this->data['declaredInterfaces'];
    }

    public function countDeclaredInterfaces(): int
    {
        return count($this->data['declaredInterfaces']);
    }

    public function getDeclaredTraits(): array
    {
        static $sorted = false;
        if ($sorted === false) {
            $sorted = true;
            sort($this->data['declaredTraits']);
        }

        return $this->data['declaredTraits'];
    }

    public function countDeclaredTraits(): int
    {
        return count($this->data['declaredTraits']);
    }

    public function getDefinedConstants(): array

    {
        static $sorted = false;
        if ($sorted === false) {
            $sorted = true;
            ksort($this->data['definedConstants']);
        }

        return $this->data['definedConstants'];
    }

    public function countDefinedConstants(): int
    {
        return count($this->data['definedConstants']);
    }

    public function getDefinedFunctions(): array
    {
        static $sorted = false;
        if ($sorted === false) {
            $sorted = true;
            sort($this->data['definedFunctions']);
        }

        return $this->data['definedFunctions'];
    }

    public function countDefinedFunctions(): int
    {
        return count($this->data['definedFunctions']);
    }

    public function getServiceIds(): array
    {
        static $sorted = false;
        if ($sorted === false) {
            $sorted = true;
            sort($this->data['services']);
        }

        return $this->data['services'];
    }

    public function countServiceIds(): int
    {
        return count($this->data['services']);
    }

    public function getParameters(): array

    {
        static $sorted = false;
        if ($sorted === false) {
            $sorted = true;
            ksort($this->data['parameters']);
        }

        return $this->data['parameters'];
    }

    public function countParameters(): int
    {
        return count($this->data['parameters']);
    }

    public function getListeners(): array

    {
        static $sorted = false;
        if ($sorted === false) {
            $sorted = true;
            ksort($this->data['listeners']);
        }

        return $this->data['listeners'];
    }

    public function countListeners(): int
    {
        $return = 0;
        foreach ($this->getListeners() as $listeners) {
            $return += count($listeners);
        }

        return $return;
    }

    public function getInstantiatedServices(): array

    {
        static $sorted = false;
        if ($sorted === false) {
            $sorted = true;
            ksort($this->data['instantiatedServices']);
        }

        return $this->data['instantiatedServices'];
    }

    public function countInstantiatedServices(): int
    {
        return count($this->data['instantiatedServices']);
    }

    protected function getListenersData(): array
    {
        $return = [];
        foreach ($this->container->get('event_dispatcher')->getListeners() as $eventId => $listeners) {
            $return[$eventId] = [];
            if (is_array($listeners[0])) {
                foreach ($listeners as $listener) {
                    $return[$eventId][] = get_class($listener[0]);
                }
            } else {
                foreach ($listeners as $listener) {
                    $return[$eventId][] = get_class($listener);
                }
            }
        }

        return $return;
    }

    protected function getInstantiatedServicesData(): array
    {
        $reflectionProperty = new \ReflectionProperty(get_class($this->container), 'services');
        $reflectionProperty->setAccessible(true);
        $return = [];
        foreach ($reflectionProperty->getValue($this->container) as $id => $service) {
            $return[$id] = get_class($service);
        }
        $reflectionProperty->setAccessible(false);

        return $return;
    }
}


1		<?php
2
3		declare(strict_types=1);
4
5		namespace steevanb\DevBundle\DataCollector;
6
7		use Symfony\Component\DependencyInjection\Container;
8		use Symfony\Component\HttpFoundation\{
9		Request,
10		Response
11		};
12		use Symfony\Component\HttpKernel\DataCollector\DataCollector;
13
14		class LoadedCollector extends DataCollector
15		{
16		/**
17		* I know we should try to not have Container as dependency
18		* But i need it to get fresh data in collect()
19		* I need Container, not ContainerInterface
20		* @var Container
21		*/
22		protected $container;
23
24		public function __construct(Container $container)
25		{
26		$this->container = $container;
27		}
28
29		public function getName(): string
30		{
31		return 'loaded_data_collector';
32		}
33
34		public function collect(Request $request, Response $response, \Exception $exception = null): void
35		{
36		$this->data = [
37		'declaredClasses' => get_declared_classes(),
38		'declaredInterfaces' => get_declared_interfaces(),
39		'declaredTraits' => get_declared_traits(),
40		'definedConstants' => get_defined_constants(),
41		'definedFunctions' => get_defined_functions()['user'],
42		'services' => $this->container->getServiceIds(),
43		'instantiatedServices' => $this->getInstantiatedServicesData(),
44		'parameters' => $this->container->getParameterBag()->all(),
45		'listeners' => $this->getListenersData()
46		];
47		}
48
49		public function reset(): void
50		{
51		$this->data = [];
52		}
53
54		public function getDeclaredClasses(): array
55		{
56		static $sorted = false;
57		if ($sorted === false) {
58		$sorted = true;
59		sort($this->data['declaredClasses']);
60		}
61
62		return $this->data['declaredClasses'];
63		}
64
65		public function countDeclaredClasses(): int
66		{
67		return count($this->data['declaredClasses']);
68		}
69
70		public function getDeclaredInterfaces(): array
71		{
72		static $sorted = false;
73		if ($sorted === false) {
74		$sorted = true;
75		sort($this->data['declaredInterfaces']);
76		}
77
78		return $this->data['declaredInterfaces'];
79		}
80
81		public function countDeclaredInterfaces(): int
82		{
83		return count($this->data['declaredInterfaces']);
84		}
85
86		public function getDeclaredTraits(): array
87		{
88		static $sorted = false;
89		if ($sorted === false) {
90		$sorted = true;
91		sort($this->data['declaredTraits']);
92		}
93
94		return $this->data['declaredTraits'];
95		}
96
97		public function countDeclaredTraits(): int
98		{
99		return count($this->data['declaredTraits']);
100		}
101
102	View Code Duplication	public function getDefinedConstants(): array
		0 ignored issues – show Duplication introduced 2018-08-28 09:03 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
103		{
104		static $sorted = false;
105		if ($sorted === false) {
106		$sorted = true;
107		ksort($this->data['definedConstants']);
108		}
109
110		return $this->data['definedConstants'];
111		}
112
113		public function countDefinedConstants(): int
114		{
115		return count($this->data['definedConstants']);
116		}
117
118		public function getDefinedFunctions(): array
119		{
120		static $sorted = false;
121		if ($sorted === false) {
122		$sorted = true;
123		sort($this->data['definedFunctions']);
124		}
125
126		return $this->data['definedFunctions'];
127		}
128
129		public function countDefinedFunctions(): int
130		{
131		return count($this->data['definedFunctions']);
132		}
133
134		public function getServiceIds(): array
135		{
136		static $sorted = false;
137		if ($sorted === false) {
138		$sorted = true;
139		sort($this->data['services']);
140		}
141
142		return $this->data['services'];
143		}
144
145		public function countServiceIds(): int
146		{
147		return count($this->data['services']);
148		}
149
150	View Code Duplication	public function getParameters(): array
		0 ignored issues – show Duplication introduced 2018-08-28 09:03 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
151		{
152		static $sorted = false;
153		if ($sorted === false) {
154		$sorted = true;
155		ksort($this->data['parameters']);
156		}
157
158		return $this->data['parameters'];
159		}
160
161		public function countParameters(): int
162		{
163		return count($this->data['parameters']);
164		}
165
166	View Code Duplication	public function getListeners(): array
		0 ignored issues – show Duplication introduced 2018-08-28 09:03 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
167		{
168		static $sorted = false;
169		if ($sorted === false) {
170		$sorted = true;
171		ksort($this->data['listeners']);
172		}
173
174		return $this->data['listeners'];
175		}
176
177		public function countListeners(): int
178		{
179		$return = 0;
180		foreach ($this->getListeners() as $listeners) {
181		$return += count($listeners);
182		}
183
184		return $return;
185		}
186
187	View Code Duplication	public function getInstantiatedServices(): array
		0 ignored issues – show Duplication introduced 2018-08-28 09:03 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
188		{
189		static $sorted = false;
190		if ($sorted === false) {
191		$sorted = true;
192		ksort($this->data['instantiatedServices']);
193		}
194
195		return $this->data['instantiatedServices'];
196		}
197
198		public function countInstantiatedServices(): int
199		{
200		return count($this->data['instantiatedServices']);
201		}
202
203		protected function getListenersData(): array
204		{
205		$return = [];
206		foreach ($this->container->get('event_dispatcher')->getListeners() as $eventId => $listeners) {
207		$return[$eventId] = [];
208		if (is_array($listeners[0])) {
209		foreach ($listeners as $listener) {
210		$return[$eventId][] = get_class($listener[0]);
211		}
212		} else {
213		foreach ($listeners as $listener) {
214		$return[$eventId][] = get_class($listener);
215		}
216		}
217		}
218
219		return $return;
220		}
221
222		protected function getInstantiatedServicesData(): array
223		{
224		$reflectionProperty = new \ReflectionProperty(get_class($this->container), 'services');
225		$reflectionProperty->setAccessible(true);
226		$return = [];
227		foreach ($reflectionProperty->getValue($this->container) as $id => $service) {
228		$return[$id] = get_class($service);
229		}
230		$reflectionProperty->setAccessible(false);
231
232		return $return;
233		}
234		}
235

steevanb / dev-bundle

Issues (4)

Security Analysis not enabled

DataCollector/LoadedCollector.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like