Issues in syncFileBackend.php (master) - Issues in master - wikimedia/mediawiki - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4122)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

maintenance/syncFileBackend.php (7 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * Sync one file backend to another based on the journal of later.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 * @ingroup Maintenance
 */

require_once __DIR__ . '/Maintenance.php';

/**
 * Maintenance script that syncs one file backend to another based on
 * the journal of later.
 *
 * @ingroup Maintenance
 */
class SyncFileBackend extends Maintenance {
	public function __construct() {
		parent::__construct();
		$this->addDescription( 'Sync one file backend with another using the journal' );
		$this->addOption( 'src', 'Name of backend to sync from', true, true );
		$this->addOption( 'dst', 'Name of destination backend to sync', false, true );
		$this->addOption( 'start', 'Starting journal ID', false, true );
		$this->addOption( 'end', 'Ending journal ID', false, true );
		$this->addOption( 'posdir', 'Directory to read/record journal positions', false, true );
		$this->addOption( 'posdump', 'Just dump current journal position into the position dir.' );
		$this->addOption( 'postime', 'For position dumps, get the ID at this time', false, true );
		$this->addOption( 'backoff', 'Stop at entries younger than this age (sec).', false, true );
		$this->addOption( 'verbose', 'Verbose mode', false, false, 'v' );
		$this->setBatchSize( 50 );
	}

	public function execute() {
		$src = FileBackendGroup::singleton()->get( $this->getOption( 'src' ) );

		$posDir = $this->getOption( 'posdir' );
		$posFile = $posDir ? $posDir . '/' . wfWikiID() : false;

		if ( $this->hasOption( 'posdump' ) ) {
			// Just dump the current position into the specified position dir
			if ( !$this->hasOption( 'posdir' ) ) {
				$this->error( "Param posdir required!", 1 );
			}
			if ( $this->hasOption( 'postime' ) ) {
				$id = (int)$src->getJournal()->getPositionAtTime( $this->getOption( 'postime' ) );
				$this->output( "Requested journal position is $id.\n" );
			} else {
				$id = (int)$src->getJournal()->getCurrentPosition();
				$this->output( "Current journal position is $id.\n" );
			}
			if ( file_put_contents( $posFile, $id, LOCK_EX ) !== false ) {
				$this->output( "Saved journal position file.\n" );
			} else {
				$this->output( "Could not save journal position file.\n" );
			}
			if ( $this->isQuiet() ) {
				print $id; // give a single machine-readable number
			}

			return;
		}

		if ( !$this->hasOption( 'dst' ) ) {
			$this->error( "Param dst required!", 1 );
		}
		$dst = FileBackendGroup::singleton()->get( $this->getOption( 'dst' ) );

		$start = $this->getOption( 'start', 0 );
		if ( !$start && $posFile && is_dir( $posDir ) ) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
			$start = is_file( $posFile )
				? (int)trim( file_get_contents( $posFile ) )
				: 0;
			++$start; // we already did this ID, start with the next one
			$startFromPosFile = true;
		} else {
			$startFromPosFile = false;
		}

		if ( $this->hasOption( 'backoff' ) ) {
			$time = time() - $this->getOption( 'backoff', 0 );
			$end = (int)$src->getJournal()->getPositionAtTime( $time );
		} else {
			$end = $this->getOption( 'end', INF );
		}

		$this->output( "Synchronizing backend '{$dst->getName()}' to '{$src->getName()}'...\n" );
		$this->output( "Starting journal position is $start.\n" );
		if ( is_finite( $end ) ) {
			$this->output( "Ending journal position is $end.\n" );
		}

		// Periodically update the position file
		$callback = function ( $pos ) use ( $startFromPosFile, $posFile, $start ) {
			if ( $startFromPosFile && $pos >= $start ) { // successfully advanced
				file_put_contents( $posFile, $pos, LOCK_EX );
			}
		};

		// Actually sync the dest backend with the reference backend
		$lastOKPos = $this->syncBackends( $src, $dst, $start, $end, $callback );

		// Update the sync position file
		if ( $startFromPosFile && $lastOKPos >= $start ) { // successfully advanced
			if ( file_put_contents( $posFile, $lastOKPos, LOCK_EX ) !== false ) {
				$this->output( "Updated journal position file.\n" );
			} else {
				$this->output( "Could not update journal position file.\n" );
			}
		}

		if ( $lastOKPos === false ) {
			if ( !$start ) {
				$this->output( "No journal entries found.\n" );
			} else {
				$this->output( "No new journal entries found.\n" );
			}
		} else {
			$this->output( "Stopped synchronization at journal position $lastOKPos.\n" );
		}

		if ( $this->isQuiet() ) {
			print $lastOKPos; // give a single machine-readable number
		}
	}

	/**
	 * Sync $dst backend to $src backend based on the $src logs given after $start.
	 * Returns the journal entry ID this advanced to and handled (inclusive).
	 *
	 * @param FileBackend $src
	 * @param FileBackend $dst
	 * @param int $start Starting journal position
	 * @param int $end Starting journal position
	 * @param Closure $callback Callback to update any position file
	 * @return int|bool Journal entry ID or false if there are none
	 */
	protected function syncBackends(
		FileBackend $src, FileBackend $dst, $start, $end, Closure $callback
	) {
		$lastOKPos = 0; // failed
		$first = true; // first batch

		if ( $start > $end ) { // sanity
			$this->error( "Error: given starting ID greater than ending ID.", 1 );
		}

		$next = null;
		do {
			$limit = min( $this->mBatchSize, $end - $start + 1 ); // don't go pass ending ID
			$this->output( "Doing id $start to " . ( $start + $limit - 1 ) . "...\n" );

			$entries = $src->getJournal()->getChangeEntries( $start, $limit, $next );
			$start = $next; // start where we left off next time
			if ( $first && !count( $entries ) ) {
				return false; // nothing to do
			}
			$first = false;

			$lastPosInBatch = 0;
			$pathsInBatch = []; // changed paths
			foreach ( $entries as $entry ) {
				if ( $entry['op'] !== 'null' ) { // null ops are just for reference
					$pathsInBatch[$entry['path']] = 1; // remove duplicates
				}
				$lastPosInBatch = $entry['id'];
			}

			$status = $this->syncFileBatch( array_keys( $pathsInBatch ), $src, $dst );
			if ( $status->isOK() ) {
				$lastOKPos = max( $lastOKPos, $lastPosInBatch );
				$callback( $lastOKPos ); // update position file
			} else {
				$this->error( print_r( $status->getErrorsArray(), true ) );
				break; // no gaps; everything up to $lastPos must be OK
			}

			if ( !$start ) {
				$this->output( "End of journal entries.\n" );
			}
		} while ( $start && $start <= $end );

		return $lastOKPos;
	}

	/**
	 * Sync particular files of backend $src to the corresponding $dst backend files
	 *
	 * @param array $paths
	 * @param FileBackend $src
	 * @param FileBackend $dst
	 * @return Status
	 */
	protected function syncFileBatch( array $paths, FileBackend $src, FileBackend $dst ) {
		$status = Status::newGood();
		if ( !count( $paths ) ) {
			return $status; // nothing to do
		}

		// Source: convert internal backend names (FileBackendMultiWrite) to the public one
		$sPaths = $this->replaceNamePaths( $paths, $src );
		// Destination: get corresponding path name
		$dPaths = $this->replaceNamePaths( $paths, $dst );

		// Lock the live backend paths from modification
		$sLock = $src->getScopedFileLocks( $sPaths, LockManager::LOCK_UW, $status );
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
		$eLock = $dst->getScopedFileLocks( $dPaths, LockManager::LOCK_EX, $status );
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
		if ( !$status->isOK() ) {
			return $status;
		}

		$src->preloadFileStat( [ 'srcs' => $sPaths, 'latest' => 1 ] );
		$dst->preloadFileStat( [ 'srcs' => $dPaths, 'latest' => 1 ] );

		$ops = [];
		$fsFiles = [];
		foreach ( $sPaths as $i => $sPath ) {
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
			$dPath = $dPaths[$i]; // destination
			$sExists = $src->fileExists( [ 'src' => $sPath, 'latest' => 1 ] );
			if ( $sExists === true ) { // exists in source
				if ( $this->filesAreSame( $src, $dst, $sPath, $dPath ) ) {
					continue; // avoid local copies for non-FS backends
				}
				// Note: getLocalReference() is fast for FS backends
				$fsFile = $src->getLocalReference( [ 'src' => $sPath, 'latest' => 1 ] );
				if ( !$fsFile ) {
					$this->error( "Unable to sync '$dPath': could not get local copy." );
					$status->fatal( 'backend-fail-internal', $src->getName() );

					return $status;
				}
				$fsFiles[] = $fsFile; // keep TempFSFile objects alive as needed
				// Note: prepare() is usually fast for key/value backends
				$status->merge( $dst->prepare( [
					'dir' => dirname( $dPath ), 'bypassReadOnly' => 1 ] ) );
				if ( !$status->isOK() ) {
					return $status;
				}
				$ops[] = [ 'op' => 'store',
					'src' => $fsFile->getPath(), 'dst' => $dPath, 'overwrite' => 1 ];
			} elseif ( $sExists === false ) { // does not exist in source
				$ops[] = [ 'op' => 'delete', 'src' => $dPath, 'ignoreMissingSource' => 1 ];
			} else { // error
				$this->error( "Unable to sync '$dPath': could not stat file." );
				$status->fatal( 'backend-fail-internal', $src->getName() );

				return $status;
			}
		}

		$t_start = microtime( true );
		$status = $dst->doQuickOperations( $ops, [ 'bypassReadOnly' => 1 ] );
		if ( !$status->isOK() ) {
			sleep( 10 ); // wait and retry copy again
			$status = $dst->doQuickOperations( $ops, [ 'bypassReadOnly' => 1 ] );
		}
		$elapsed_ms = floor( ( microtime( true ) - $t_start ) * 1000 );
		if ( $status->isOK() && $this->getOption( 'verbose' ) ) {
			$this->output( "Synchronized these file(s) [{$elapsed_ms}ms]:\n" .
				implode( "\n", $dPaths ) . "\n" );
		}

		return $status;
	}

	/**
	 * Substitute the backend name of storage paths with that of a given one
	 *
	 * @param array|string $paths List of paths or single string path
	 * @param FileBackend $backend
	 * @return array|string
	 */
	protected function replaceNamePaths( $paths, FileBackend $backend ) {
		return preg_replace(
			'!^mwstore://([^/]+)!',
			StringUtils::escapeRegexReplacement( "mwstore://" . $backend->getName() ),
			$paths // string or array
		);
	}

	protected function filesAreSame( FileBackend $src, FileBackend $dst, $sPath, $dPath ) {
		return (
			( $src->getFileSize( [ 'src' => $sPath ] )
				=== $dst->getFileSize( [ 'src' => $dPath ] ) // short-circuit
			) && ( $src->getFileSha1Base36( [ 'src' => $sPath ] )
				=== $dst->getFileSha1Base36( [ 'src' => $dPath ] )
			)
		);
	}
}

$maintClass = "SyncFileBackend";
require_once RUN_MAINTENANCE_IF_MAIN;


1		<?php
		0 ignored issues – show Coding Style Compatibility introduced 2016-02-23 18:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 32 and the first side effect is on line 24. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2		/**
3		* Sync one file backend to another based on the journal of later.
4		*
5		* This program is free software; you can redistribute it and/or modify
6		* it under the terms of the GNU General Public License as published by
7		* the Free Software Foundation; either version 2 of the License, or
8		* (at your option) any later version.
9		*
10		* This program is distributed in the hope that it will be useful,
11		* but WITHOUT ANY WARRANTY; without even the implied warranty of
12		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13		* GNU General Public License for more details.
14		*
15		* You should have received a copy of the GNU General Public License along
16		* with this program; if not, write to the Free Software Foundation, Inc.,
17		* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18		* http://www.gnu.org/copyleft/gpl.html
19		*
20		* @file
21		* @ingroup Maintenance
22		*/
23
24		require_once __DIR__ . '/Maintenance.php';
25
26		/**
27		* Maintenance script that syncs one file backend to another based on
28		* the journal of later.
29		*
30		* @ingroup Maintenance
31		*/
32		class SyncFileBackend extends Maintenance {
33		public function __construct() {
34		parent::__construct();
35		$this->addDescription( 'Sync one file backend with another using the journal' );
36		$this->addOption( 'src', 'Name of backend to sync from', true, true );
37		$this->addOption( 'dst', 'Name of destination backend to sync', false, true );
38		$this->addOption( 'start', 'Starting journal ID', false, true );
39		$this->addOption( 'end', 'Ending journal ID', false, true );
40		$this->addOption( 'posdir', 'Directory to read/record journal positions', false, true );
41		$this->addOption( 'posdump', 'Just dump current journal position into the position dir.' );
42		$this->addOption( 'postime', 'For position dumps, get the ID at this time', false, true );
43		$this->addOption( 'backoff', 'Stop at entries younger than this age (sec).', false, true );
44		$this->addOption( 'verbose', 'Verbose mode', false, false, 'v' );
45		$this->setBatchSize( 50 );
46		}
47
48		public function execute() {
49		$src = FileBackendGroup::singleton()->get( $this->getOption( 'src' ) );
50
51		$posDir = $this->getOption( 'posdir' );
52		$posFile = $posDir ? $posDir . '/' . wfWikiID() : false;
53
54		if ( $this->hasOption( 'posdump' ) ) {
55		// Just dump the current position into the specified position dir
56		if ( !$this->hasOption( 'posdir' ) ) {
57		$this->error( "Param posdir required!", 1 );
58		}
59		if ( $this->hasOption( 'postime' ) ) {
60		$id = (int)$src->getJournal()->getPositionAtTime( $this->getOption( 'postime' ) );
61		$this->output( "Requested journal position is $id.\n" );
62		} else {
63		$id = (int)$src->getJournal()->getCurrentPosition();
64		$this->output( "Current journal position is $id.\n" );
65		}
66	View Code Duplication	if ( file_put_contents( $posFile, $id, LOCK_EX ) !== false ) {
67		$this->output( "Saved journal position file.\n" );
68		} else {
69		$this->output( "Could not save journal position file.\n" );
70		}
71		if ( $this->isQuiet() ) {
72		print $id; // give a single machine-readable number
73		}
74
75		return;
76		}
77
78		if ( !$this->hasOption( 'dst' ) ) {
79		$this->error( "Param dst required!", 1 );
80		}
81		$dst = FileBackendGroup::singleton()->get( $this->getOption( 'dst' ) );
82
83		$start = $this->getOption( 'start', 0 );
84		if ( !$start && $posFile && is_dir( $posDir ) ) {
		0 ignored issues – show Bug Best Practice introduced 2016-01-16 18:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$posFile` of type `string\|false` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== false` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
85		$start = is_file( $posFile )
86		? (int)trim( file_get_contents( $posFile ) )
87		: 0;
88		++$start; // we already did this ID, start with the next one
89		$startFromPosFile = true;
90		} else {
91		$startFromPosFile = false;
92		}
93
94		if ( $this->hasOption( 'backoff' ) ) {
95		$time = time() - $this->getOption( 'backoff', 0 );
96		$end = (int)$src->getJournal()->getPositionAtTime( $time );
97		} else {
98		$end = $this->getOption( 'end', INF );
99		}
100
101		$this->output( "Synchronizing backend '{$dst->getName()}' to '{$src->getName()}'...\n" );
102		$this->output( "Starting journal position is $start.\n" );
103		if ( is_finite( $end ) ) {
104		$this->output( "Ending journal position is $end.\n" );
105		}
106
107		// Periodically update the position file
108		$callback = function ( $pos ) use ( $startFromPosFile, $posFile, $start ) {
109		if ( $startFromPosFile && $pos >= $start ) { // successfully advanced
110		file_put_contents( $posFile, $pos, LOCK_EX );
111		}
112		};
113
114		// Actually sync the dest backend with the reference backend
115		$lastOKPos = $this->syncBackends( $src, $dst, $start, $end, $callback );
116
117		// Update the sync position file
118		if ( $startFromPosFile && $lastOKPos >= $start ) { // successfully advanced
119	View Code Duplication	if ( file_put_contents( $posFile, $lastOKPos, LOCK_EX ) !== false ) {
120		$this->output( "Updated journal position file.\n" );
121		} else {
122		$this->output( "Could not update journal position file.\n" );
123		}
124		}
125
126		if ( $lastOKPos === false ) {
127		if ( !$start ) {
128		$this->output( "No journal entries found.\n" );
129		} else {
130		$this->output( "No new journal entries found.\n" );
131		}
132		} else {
133		$this->output( "Stopped synchronization at journal position $lastOKPos.\n" );
134		}
135
136		if ( $this->isQuiet() ) {
137		print $lastOKPos; // give a single machine-readable number
138		}
139		}
140
141		/**
142		* Sync $dst backend to $src backend based on the $src logs given after $start.
143		* Returns the journal entry ID this advanced to and handled (inclusive).
144		*
145		* @param FileBackend $src
146		* @param FileBackend $dst
147		* @param int $start Starting journal position
148		* @param int $end Starting journal position
149		* @param Closure $callback Callback to update any position file
150		* @return int\|bool Journal entry ID or false if there are none
151		*/
152		protected function syncBackends(
153		FileBackend $src, FileBackend $dst, $start, $end, Closure $callback
154		) {
155		$lastOKPos = 0; // failed
156		$first = true; // first batch
157
158		if ( $start > $end ) { // sanity
159		$this->error( "Error: given starting ID greater than ending ID.", 1 );
160		}
161
162		$next = null;
163		do {
164		$limit = min( $this->mBatchSize, $end - $start + 1 ); // don't go pass ending ID
165		$this->output( "Doing id $start to " . ( $start + $limit - 1 ) . "...\n" );
166
167		$entries = $src->getJournal()->getChangeEntries( $start, $limit, $next );
168		$start = $next; // start where we left off next time
169		if ( $first && !count( $entries ) ) {
170		return false; // nothing to do
171		}
172		$first = false;
173
174		$lastPosInBatch = 0;
175		$pathsInBatch = []; // changed paths
176		foreach ( $entries as $entry ) {
177		if ( $entry['op'] !== 'null' ) { // null ops are just for reference
178		$pathsInBatch[$entry['path']] = 1; // remove duplicates
179		}
180		$lastPosInBatch = $entry['id'];
181		}
182
183		$status = $this->syncFileBatch( array_keys( $pathsInBatch ), $src, $dst );
184		if ( $status->isOK() ) {
185		$lastOKPos = max( $lastOKPos, $lastPosInBatch );
186		$callback( $lastOKPos ); // update position file
187		} else {
188		$this->error( print_r( $status->getErrorsArray(), true ) );
189		break; // no gaps; everything up to $lastPos must be OK
190		}
191
192		if ( !$start ) {
193		$this->output( "End of journal entries.\n" );
194		}
195		} while ( $start && $start <= $end );
196
197		return $lastOKPos;
198		}
199
200		/**
201		* Sync particular files of backend $src to the corresponding $dst backend files
202		*
203		* @param array $paths
204		* @param FileBackend $src
205		* @param FileBackend $dst
206		* @return Status
207		*/
208		protected function syncFileBatch( array $paths, FileBackend $src, FileBackend $dst ) {
209		$status = Status::newGood();
210		if ( !count( $paths ) ) {
211		return $status; // nothing to do
212		}
213
214		// Source: convert internal backend names (FileBackendMultiWrite) to the public one
215		$sPaths = $this->replaceNamePaths( $paths, $src );
216		// Destination: get corresponding path name
217		$dPaths = $this->replaceNamePaths( $paths, $dst );
218
219		// Lock the live backend paths from modification
220		$sLock = $src->getScopedFileLocks( $sPaths, LockManager::LOCK_UW, $status );
		0 ignored issues – show Unused Code introduced 2016-01-16 18:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$sLock` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history... Bug introduced 2016-02-23 18:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$sPaths` defined by `$this->replaceNamePaths($paths, $src)` on line `215` can also be of type `string`; however, `FileBackend::getScopedFileLocks()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
221		$eLock = $dst->getScopedFileLocks( $dPaths, LockManager::LOCK_EX, $status );
		0 ignored issues – show Unused Code introduced 2016-01-16 18:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$eLock` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history... Bug introduced 2016-02-23 18:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$dPaths` defined by `$this->replaceNamePaths($paths, $dst)` on line `217` can also be of type `string`; however, `FileBackend::getScopedFileLocks()` does only seem to accept `array`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
222		if ( !$status->isOK() ) {
223		return $status;
224		}
225
226		$src->preloadFileStat( [ 'srcs' => $sPaths, 'latest' => 1 ] );
227		$dst->preloadFileStat( [ 'srcs' => $dPaths, 'latest' => 1 ] );
228
229		$ops = [];
230		$fsFiles = [];
231		foreach ( $sPaths as $i => $sPath ) {
		0 ignored issues – show Bug introduced 2016-02-23 18:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$sPaths` of type `string\|array<integer,string>` is not guaranteed to be traversable. How about adding an additional type check? There are different options of fixing this problem. If you want to be on the safe side, you can add an additional type-check: $collection = json_decode($data, true); if ( ! is_array($collection)) { throw new \RuntimeException('$collection must be an array.'); } foreach ($collection as $item) { /** ... / } If you are sure that the expression is traversable, you might want to add a doc comment cast* to improve IDE auto-completion and static analysis: /** @var array $collection / $collection = json_decode($data, true); foreach ($collection as $item) { /* .. / } Mark the issue as a false-positive*: Just hover the remove button, in the top-right corner of this issue for more options. Loading history...
232		$dPath = $dPaths[$i]; // destination
233		$sExists = $src->fileExists( [ 'src' => $sPath, 'latest' => 1 ] );
234		if ( $sExists === true ) { // exists in source
235		if ( $this->filesAreSame( $src, $dst, $sPath, $dPath ) ) {
236		continue; // avoid local copies for non-FS backends
237		}
238		// Note: getLocalReference() is fast for FS backends
239		$fsFile = $src->getLocalReference( [ 'src' => $sPath, 'latest' => 1 ] );
240		if ( !$fsFile ) {
241		$this->error( "Unable to sync '$dPath': could not get local copy." );
242		$status->fatal( 'backend-fail-internal', $src->getName() );
243
244		return $status;
245		}
246		$fsFiles[] = $fsFile; // keep TempFSFile objects alive as needed
247		// Note: prepare() is usually fast for key/value backends
248		$status->merge( $dst->prepare( [
249		'dir' => dirname( $dPath ), 'bypassReadOnly' => 1 ] ) );
250		if ( !$status->isOK() ) {
251		return $status;
252		}
253		$ops[] = [ 'op' => 'store',
254		'src' => $fsFile->getPath(), 'dst' => $dPath, 'overwrite' => 1 ];
255		} elseif ( $sExists === false ) { // does not exist in source
256		$ops[] = [ 'op' => 'delete', 'src' => $dPath, 'ignoreMissingSource' => 1 ];
257		} else { // error
258		$this->error( "Unable to sync '$dPath': could not stat file." );
259		$status->fatal( 'backend-fail-internal', $src->getName() );
260
261		return $status;
262		}
263		}
264
265		$t_start = microtime( true );
266		$status = $dst->doQuickOperations( $ops, [ 'bypassReadOnly' => 1 ] );
267	View Code Duplication	if ( !$status->isOK() ) {
268		sleep( 10 ); // wait and retry copy again
269		$status = $dst->doQuickOperations( $ops, [ 'bypassReadOnly' => 1 ] );
270		}
271		$elapsed_ms = floor( ( microtime( true ) - $t_start ) * 1000 );
272		if ( $status->isOK() && $this->getOption( 'verbose' ) ) {
273		$this->output( "Synchronized these file(s) [{$elapsed_ms}ms]:\n" .
274		implode( "\n", $dPaths ) . "\n" );
275		}
276
277		return $status;
278		}
279
280		/**
281		* Substitute the backend name of storage paths with that of a given one
282		*
283		* @param array\|string $paths List of paths or single string path
284		* @param FileBackend $backend
285		* @return array\|string
286		*/
287		protected function replaceNamePaths( $paths, FileBackend $backend ) {
288		return preg_replace(
289		'!^mwstore://([^/]+)!',
290		StringUtils::escapeRegexReplacement( "mwstore://" . $backend->getName() ),
291		$paths // string or array
292		);
293		}
294
295		protected function filesAreSame( FileBackend $src, FileBackend $dst, $sPath, $dPath ) {
296		return (
297		( $src->getFileSize( [ 'src' => $sPath ] )
298		=== $dst->getFileSize( [ 'src' => $dPath ] ) // short-circuit
299		) && ( $src->getFileSha1Base36( [ 'src' => $sPath ] )
300		=== $dst->getFileSha1Base36( [ 'src' => $dPath ] )
301		)
302		);
303		}
304		}
305
306		$maintClass = "SyncFileBackend";
307		require_once RUN_MAINTENANCE_IF_MAIN;
308

wikimedia / mediawiki

Issues (4122)

Security Analysis not enabled

maintenance/syncFileBackend.php (7 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like