Issues in MemcachedBagOStuff.php (master) - Issues in master - wikimedia/mediawiki - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4122)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/libs/objectcache/MemcachedBagOStuff.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Base class for memcached clients.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 * @ingroup Cache
 */

/**
 * Base class for memcached clients.
 *
 * @ingroup Cache
 */
class MemcachedBagOStuff extends BagOStuff {
	/** @var MemcachedClient|Memcached */
	protected $client;

	function __construct( array $params ) {
		parent::__construct( $params );

		$this->attrMap[self::ATTR_SYNCWRITES] = self::QOS_SYNCWRITES_BE; // unreliable
	}

	/**
	 * Fill in some defaults for missing keys in $params.
	 *
	 * @param array $params
	 * @return array
	 */
	protected function applyDefaultParams( $params ) {
		return $params + [
			'compress_threshold' => 1500,
			'connect_timeout' => .5,
			'debug' => false
		];
	}

	protected function doGet( $key, $flags = 0 ) {
		$casToken = null;

		return $this->getWithToken( $key, $casToken, $flags );
	}

	protected function getWithToken( $key, &$casToken, $flags = 0 ) {
		return $this->client->get( $this->validateKeyEncoding( $key ), $casToken );
	}

	public function set( $key, $value, $exptime = 0, $flags = 0 ) {
		return $this->client->set( $this->validateKeyEncoding( $key ), $value,
			$this->fixExpiry( $exptime ) );
	}

	protected function cas( $casToken, $key, $value, $exptime = 0 ) {
		return $this->client->cas( $casToken, $this->validateKeyEncoding( $key ),
			$value, $this->fixExpiry( $exptime ) );
	}

	public function delete( $key ) {
		return $this->client->delete( $this->validateKeyEncoding( $key ) );
	}

	public function add( $key, $value, $exptime = 0 ) {
		return $this->client->add( $this->validateKeyEncoding( $key ), $value,
			$this->fixExpiry( $exptime ) );
	}

	public function merge( $key, callable $callback, $exptime = 0, $attempts = 10, $flags = 0 ) {
		return $this->mergeViaCas( $key, $callback, $exptime, $attempts );
	}

	public function changeTTL( $key, $exptime = 0 ) {
		return $this->client->touch( $this->validateKeyEncoding( $key ),
class A
{
    public function foo() { }
}

class B extends A
{
    public function bar() { }
}

/**
 * @param A|B $x
 */
function someFunction($x)
{
    $x->foo(); // This call is fine as the method exists in A and B.
    $x->bar(); // This method only exists in B and might cause an error.
}
			$this->fixExpiry( $exptime ) );
	}

	/**
	 * Get the underlying client object. This is provided for debugging
	 * purposes.
	 * @return MemcachedClient|Memcached
	 */
	public function getClient() {
		return $this->client;
	}

	/**
	 * Construct a cache key.
	 *
	 * @since 1.27
	 * @param string $keyspace
	 * @param array $args
	 * @return string
	 */
	public function makeKeyInternal( $keyspace, $args ) {
		// Memcached keys have a maximum length of 255 characters. From that,
		// subtract the number of characters we need for the keyspace and for
		// the separator character needed for each argument. To handle some
		// custom prefixes used by thing like WANObjectCache, limit to 205.
		$charsLeft = 205 - strlen( $keyspace ) - count( $args );

		$args = array_map(
			function ( $arg ) use ( &$charsLeft ) {
				$arg = strtr( $arg, ' ', '_' );

				// Make sure %, #, and non-ASCII chars are escaped
				$arg = preg_replace_callback(
					'/[^\x21-\x22\x24\x26-\x39\x3b-\x7e]+/',
					function ( $m ) {
						return rawurlencode( $m[0] );
					},
					$arg
				);

				// 33 = 32 characters for the MD5 + 1 for the '#' prefix.
				if ( $charsLeft > 33 && strlen( $arg ) > $charsLeft ) {
					$arg = '#' . md5( $arg );
				}

				$charsLeft -= strlen( $arg );
				return $arg;
			},
			$args
		);

		if ( $charsLeft < 0 ) {
			return $keyspace . ':##' . md5( implode( ':', $args ) );
		}

		return $keyspace . ':' . implode( ':', $args );
	}

	/**
	 * Ensure that a key is safe to use (contains no control characters and no
	 * characters above the ASCII range.)
	 *
	 * @param string $key
	 * @return string
	 * @throws Exception
	 */
	public function validateKeyEncoding( $key ) {
		if ( preg_match( '/[^\x21-\x7e]+/', $key ) ) {
			throw new Exception( "Key contains invalid characters: $key" );
		}
		return $key;
	}

	/**
	 * TTLs higher than 30 days will be detected as absolute TTLs
	 * (UNIX timestamps), and will result in the cache entry being
	 * discarded immediately because the expiry is in the past.
	 * Clamp expires >30d at 30d, unless they're >=1e9 in which
	 * case they are likely to really be absolute (1e9 = 2011-09-09)
	 * @param int $expiry
	 * @return int
	 */
	function fixExpiry( $expiry ) {
		if ( $expiry > 2592000 && $expiry < 1000000000 ) {
			$expiry = 2592000;
		}
		return (int)$expiry;
	}

	/**
	 * Send a debug message to the log
	 * @param string $text
	 */
	protected function debugLog( $text ) {
		$this->logger->debug( $text );
	}

	public function modifySimpleRelayEvent( array $event ) {
		if ( array_key_exists( 'val', $event ) ) {
			$event['flg'] = 0; // data is not serialized nor gzipped (for memcached driver)
		}

		return $event;
	}
}


Issues (4122)

Security Analysis not enabled

includes/libs/objectcache/MemcachedBagOStuff.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

1			<?php
2			/**
3			* Base class for memcached clients.
4			*
5			* This program is free software; you can redistribute it and/or modify
6			* it under the terms of the GNU General Public License as published by
7			* the Free Software Foundation; either version 2 of the License, or
8			* (at your option) any later version.
9			*
10			* This program is distributed in the hope that it will be useful,
11			* but WITHOUT ANY WARRANTY; without even the implied warranty of
12			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13			* GNU General Public License for more details.
14			*
15			* You should have received a copy of the GNU General Public License along
16			* with this program; if not, write to the Free Software Foundation, Inc.,
17			* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18			* http://www.gnu.org/copyleft/gpl.html
19			*
20			* @file
21			* @ingroup Cache
22			*/
23
24			/**
25			* Base class for memcached clients.
26			*
27			* @ingroup Cache
28			*/
29			class MemcachedBagOStuff extends BagOStuff {
30			/** @var MemcachedClient\|Memcached */
31			protected $client;
32
33			function __construct( array $params ) {
34			parent::__construct( $params );
35
36			$this->attrMap[self::ATTR_SYNCWRITES] = self::QOS_SYNCWRITES_BE; // unreliable
37			}
38
39			/**
40			* Fill in some defaults for missing keys in $params.
41			*
42			* @param array $params
43			* @return array
44			*/
45			protected function applyDefaultParams( $params ) {
46			return $params + [
47			'compress_threshold' => 1500,
48			'connect_timeout' => .5,
49			'debug' => false
50			];
51			}
52
53			protected function doGet( $key, $flags = 0 ) {
54			$casToken = null;
55
56			return $this->getWithToken( $key, $casToken, $flags );
57			}
58
59			protected function getWithToken( $key, &$casToken, $flags = 0 ) {
60			return $this->client->get( $this->validateKeyEncoding( $key ), $casToken );
61			}
62
63			public function set( $key, $value, $exptime = 0, $flags = 0 ) {
64			return $this->client->set( $this->validateKeyEncoding( $key ), $value,
65			$this->fixExpiry( $exptime ) );
66			}
67
68			protected function cas( $casToken, $key, $value, $exptime = 0 ) {
69			return $this->client->cas( $casToken, $this->validateKeyEncoding( $key ),
70			$value, $this->fixExpiry( $exptime ) );
71			}
72
73			public function delete( $key ) {
74			return $this->client->delete( $this->validateKeyEncoding( $key ) );
75			}
76
77			public function add( $key, $value, $exptime = 0 ) {
78			return $this->client->add( $this->validateKeyEncoding( $key ), $value,
79			$this->fixExpiry( $exptime ) );
80			}
81
82			public function merge( $key, callable $callback, $exptime = 0, $attempts = 10, $flags = 0 ) {
83			return $this->mergeViaCas( $key, $callback, $exptime, $attempts );
84			}
85
86			public function changeTTL( $key, $exptime = 0 ) {
87			return $this->client->touch( $this->validateKeyEncoding( $key ),
			0 ignored issues – show Bug introduced 2016-08-12 17:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `touch` does only exist in `MemcachedClient`, but not in `Memcached`. It seems like the method you are trying to call exists only in some of the possible types. Let’s take a look at an example: class A { public function foo() { } } class B extends A { public function bar() { } } /** * @param A\|B $x / function someFunction($x) { $x->foo(); // This call is fine as the method exists in A and B. $x->bar(); // This method only exists in B and might cause an error. } Available Fixes Add an additional type-check: /* * @param A\|B $x / function someFunction($x) { $x->foo(); if ($x instanceof B) { $x->bar(); } } Only allow a single type to be passed if the variable comes from a parameter: function someFunction(B $x) { /* ... */ } Loading history...
88			$this->fixExpiry( $exptime ) );
89			}
90
91			/**
92			* Get the underlying client object. This is provided for debugging
93			* purposes.
94			* @return MemcachedClient\|Memcached
95			*/
96			public function getClient() {
97			return $this->client;
98			}
99
100			/**
101			* Construct a cache key.
102			*
103			* @since 1.27
104			* @param string $keyspace
105			* @param array $args
106			* @return string
107			*/
108			public function makeKeyInternal( $keyspace, $args ) {
109			// Memcached keys have a maximum length of 255 characters. From that,
110			// subtract the number of characters we need for the keyspace and for
111			// the separator character needed for each argument. To handle some
112			// custom prefixes used by thing like WANObjectCache, limit to 205.
113			$charsLeft = 205 - strlen( $keyspace ) - count( $args );
114
115			$args = array_map(
116			function ( $arg ) use ( &$charsLeft ) {
117			$arg = strtr( $arg, ' ', '_' );
118
119			// Make sure %, #, and non-ASCII chars are escaped
120			$arg = preg_replace_callback(
121			'/[^\x21-\x22\x24\x26-\x39\x3b-\x7e]+/',
122			function ( $m ) {
123			return rawurlencode( $m[0] );
124			},
125			$arg
126			);
127
128			// 33 = 32 characters for the MD5 + 1 for the '#' prefix.
129			if ( $charsLeft > 33 && strlen( $arg ) > $charsLeft ) {
130			$arg = '#' . md5( $arg );
131			}
132
133			$charsLeft -= strlen( $arg );
134			return $arg;
135			},
136			$args
137			);
138
139			if ( $charsLeft < 0 ) {
140			return $keyspace . ':##' . md5( implode( ':', $args ) );
141			}
142
143			return $keyspace . ':' . implode( ':', $args );
144			}
145
146			/**
147			* Ensure that a key is safe to use (contains no control characters and no
148			* characters above the ASCII range.)
149			*
150			* @param string $key
151			* @return string
152			* @throws Exception
153			*/
154			public function validateKeyEncoding( $key ) {
155			if ( preg_match( '/[^\x21-\x7e]+/', $key ) ) {
156			throw new Exception( "Key contains invalid characters: $key" );
157			}
158			return $key;
159			}
160
161			/**
162			* TTLs higher than 30 days will be detected as absolute TTLs
163			* (UNIX timestamps), and will result in the cache entry being
164			* discarded immediately because the expiry is in the past.
165			* Clamp expires >30d at 30d, unless they're >=1e9 in which
166			* case they are likely to really be absolute (1e9 = 2011-09-09)
167			* @param int $expiry
168			* @return int
169			*/
170			function fixExpiry( $expiry ) {
171			if ( $expiry > 2592000 && $expiry < 1000000000 ) {
172			$expiry = 2592000;
173			}
174			return (int)$expiry;
175			}
176
177			/**
178			* Send a debug message to the log
179			* @param string $text
180			*/
181			protected function debugLog( $text ) {
182			$this->logger->debug( $text );
183			}
184
185			public function modifySimpleRelayEvent( array $event ) {
186			if ( array_key_exists( 'val', $event ) ) {
187			$event['flg'] = 0; // data is not serialized nor gzipped (for memcached driver)
188			}
189
190			return $event;
191			}
192			}
193

wikimedia / mediawiki

Issues (4122)

Security Analysis not enabled

includes/libs/objectcache/MemcachedBagOStuff.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

Duplication Side-by-Side

Filter issues like