2013-01-28 22:03:03 -08:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @group linter
|
|
|
|
*/
|
|
|
|
final class ArcanistPhutilXHPASTLinter extends ArcanistBaseXHPASTLinter {
|
|
|
|
|
|
|
|
const LINT_PHT_WITH_DYNAMIC_STRING = 1;
|
|
|
|
const LINT_ARRAY_COMBINE = 2;
|
2013-02-02 12:33:22 -08:00
|
|
|
const LINT_UNSAFE_DYNAMIC_STRING = 4;
|
2013-01-28 22:03:03 -08:00
|
|
|
|
|
|
|
private $xhpastLinter;
|
|
|
|
|
|
|
|
public function setXHPASTLinter(ArcanistXHPASTLinter $linter) {
|
|
|
|
$this->xhpastLinter = $linter;
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function setEngine(ArcanistLintEngine $engine) {
|
|
|
|
if (!$this->xhpastLinter) {
|
|
|
|
throw new Exception(
|
|
|
|
'Call setXHPASTLinter() before using ArcanistPhutilXHPASTLinter.');
|
|
|
|
}
|
|
|
|
$this->xhpastLinter->setEngine($engine);
|
|
|
|
return parent::setEngine($engine);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getLintNameMap() {
|
|
|
|
return array(
|
|
|
|
self::LINT_PHT_WITH_DYNAMIC_STRING => 'Use of pht() on Dynamic String',
|
|
|
|
self::LINT_ARRAY_COMBINE => 'array_combine() Unreliable',
|
2013-02-02 12:33:22 -08:00
|
|
|
self::LINT_UNSAFE_DYNAMIC_STRING => 'Unsafe Usage of Dynamic String',
|
2013-01-28 22:03:03 -08:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getLintSeverityMap() {
|
2013-02-02 12:33:22 -08:00
|
|
|
$warning = ArcanistLintSeverity::SEVERITY_WARNING;
|
|
|
|
|
2013-01-28 22:03:03 -08:00
|
|
|
return array(
|
2013-02-02 12:33:22 -08:00
|
|
|
self::LINT_ARRAY_COMBINE => $warning,
|
|
|
|
self::LINT_UNSAFE_DYNAMIC_STRING => $warning,
|
2013-01-28 22:03:03 -08:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getLinterName() {
|
|
|
|
return 'PHLXHP';
|
|
|
|
}
|
|
|
|
|
2013-02-02 12:33:22 -08:00
|
|
|
public function getCacheVersion() {
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2013-01-28 22:03:03 -08:00
|
|
|
public function willLintPaths(array $paths) {
|
|
|
|
$this->xhpastLinter->willLintPaths($paths);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function lintPath($path) {
|
|
|
|
$tree = $this->xhpastLinter->getXHPASTTreeForPath($path);
|
|
|
|
if (!$tree) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
$root = $tree->getRootNode();
|
|
|
|
|
|
|
|
$this->lintPHT($root);
|
|
|
|
$this->lintArrayCombine($root);
|
2013-02-02 12:33:22 -08:00
|
|
|
$this->lintUnsafeDynamicString($root);
|
2013-01-28 22:03:03 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private function lintPHT($root) {
|
|
|
|
$calls = $root->selectDescendantsOfType('n_FUNCTION_CALL');
|
|
|
|
foreach ($calls as $call) {
|
|
|
|
$name = $call->getChildByIndex(0)->getConcreteString();
|
|
|
|
if (strcasecmp($name, 'pht') != 0) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
$parameters = $call->getChildOfType(1, 'n_CALL_PARAMETER_LIST');
|
|
|
|
if (!$parameters->getChildren()) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
$identifier = $parameters->getChildByIndex(0);
|
2013-01-30 12:24:41 -08:00
|
|
|
if ($identifier->isConstantString()) {
|
2013-01-28 22:03:03 -08:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->raiseLintAtNode(
|
|
|
|
$call,
|
|
|
|
self::LINT_PHT_WITH_DYNAMIC_STRING,
|
|
|
|
"The first parameter of pht() can be only a scalar string, ".
|
|
|
|
"otherwise it can't be extracted.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2013-02-02 12:33:22 -08:00
|
|
|
private function lintUnsafeDynamicString($root) {
|
|
|
|
$safe = array(
|
|
|
|
'hsprintf' => 0,
|
|
|
|
|
|
|
|
'csprintf' => 0,
|
|
|
|
'vcsprintf' => 0,
|
|
|
|
'execx' => 0,
|
|
|
|
'exec_manual' => 0,
|
|
|
|
'phutil_passthru' => 0,
|
|
|
|
|
|
|
|
'qsprintf' => 1,
|
|
|
|
'vqsprintf' => 1,
|
|
|
|
'queryfx' => 1,
|
|
|
|
'vqueryfx' => 1,
|
|
|
|
'queryfx_all' => 1,
|
|
|
|
'vqueryfx_all' => 1,
|
|
|
|
'queryfx_one' => 1,
|
|
|
|
);
|
|
|
|
|
|
|
|
$calls = $root->selectDescendantsOfType('n_FUNCTION_CALL');
|
|
|
|
$this->lintUnsafeDynamicStringCall($calls, $safe);
|
|
|
|
|
|
|
|
$safe = array(
|
|
|
|
'execfuture' => 0,
|
|
|
|
);
|
|
|
|
|
|
|
|
$news = $root->selectDescendantsOfType('n_NEW');
|
|
|
|
$this->lintUnsafeDynamicStringCall($news, $safe);
|
|
|
|
}
|
|
|
|
|
|
|
|
private function lintUnsafeDynamicStringCall(
|
|
|
|
AASTNodeList $calls,
|
|
|
|
array $safe) {
|
|
|
|
|
|
|
|
foreach ($calls as $call) {
|
|
|
|
$name = $call->getChildByIndex(0)->getConcreteString();
|
|
|
|
$param = idx($safe, strtolower($name));
|
|
|
|
|
|
|
|
if ($param === null) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
$parameters = $call->getChildByIndex(1);
|
|
|
|
if (count($parameters->getChildren()) <= $param) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
$identifier = $parameters->getChildByIndex($param);
|
|
|
|
if (!$identifier->isConstantString()) {
|
|
|
|
$this->raiseLintAtNode(
|
|
|
|
$call,
|
|
|
|
self::LINT_UNSAFE_DYNAMIC_STRING,
|
|
|
|
"Parameter ".($param + 1)." of {$name}() should be a scalar string, ".
|
|
|
|
"otherwise it's not safe.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2013-01-28 22:03:03 -08:00
|
|
|
private function lintArrayCombine($root) {
|
|
|
|
$function_calls = $root->selectDescendantsOfType('n_FUNCTION_CALL');
|
|
|
|
foreach ($function_calls as $call) {
|
|
|
|
$name = $call->getChildByIndex(0)->getConcreteString();
|
|
|
|
if (strcasecmp($name, 'array_combine') == 0) {
|
|
|
|
$parameter_list = $call->getChildOfType(1, 'n_CALL_PARAMETER_LIST');
|
|
|
|
if (count($parameter_list->getChildren()) !== 2) {
|
|
|
|
// Wrong number of parameters, but raise that elsewhere if we want.
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
$first = $parameter_list->getChildByIndex(0);
|
|
|
|
$second = $parameter_list->getChildByIndex(1);
|
|
|
|
|
|
|
|
if ($first->getConcreteString() == $second->getConcreteString()) {
|
|
|
|
$this->raiseLintAtNode(
|
|
|
|
$call,
|
|
|
|
self::LINT_ARRAY_COMBINE,
|
|
|
|
'Prior to PHP 5.4, array_combine() fails when given empty '.
|
|
|
|
'arrays. Prefer to write array_combine(x, x) as array_fuse(x).');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|