D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
opt
/
alt
/
php53
/
usr
/
share
/
pear
/
Bytekit
/
Scanner
/
Rule
/
Filename :
ZendView.php
back
Copy
<?php /** * bytekit-cli * * Copyright (c) 2009-2012, Sebastian Bergmann <sb@sebastian-bergmann.de>. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * * Neither the name of Sebastian Bergmann nor the names of his * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * * @package Bytekit * @author Sebastian Bergmann <sb@sebastian-bergmann.de>, Lars Strojny <lstrojny@php.net> * @author Lars Strojny <lstrojny@php.net> * @copyright 2009-2012 Sebastian Bergmann <sb@sebastian-bergmann.de> * @license http://www.opensource.org/licenses/BSD-3-Clause The BSD 3-Clause License * @since File available since Release 1.0.0 */ /** * Scans for attributes that are not safe-guarded by Zend_View::escape(). * * @author Sebastian Bergmann <sb@sebastian-bergmann.de>, Lars Strojny <lstrojny@php.net> * @author Lars Strojny <lstrojny@php.net> * @copyright 2009-2012 Sebastian Bergmann <sb@sebastian-bergmann.de> * @license http://www.opensource.org/licenses/BSD-3-Clause The BSD 3-Clause License * @version Release: 1.1.3 * @link http://github.com/sebastianbergmann/bytekit-cli/tree * @since Class available since Release 1.0.0 */ class Bytekit_Scanner_Rule_ZendView extends Bytekit_Scanner_Rule { /** * Scan an oparray for attributes that are not safe-guarded by * Zend_View::escape(). * * @param array $oparray * @param string $file * @param string $function * @param array $result */ public function process(array $oparray, $file, $function, array &$result) { $opArraySize = count($oparray); foreach ($oparray['code'] as $n => $opline) { $violation = FALSE; if ($opline['mnemonic'] == 'ECHO' || $opline['mnemonic'] == 'PRINT') { if ($this->lastOpCodeIs('FETCH_OBJ_R', $oparray, $n) || $this->lastOpCodeIs('FETCH_DIM_R', $oparray, $n)) { $c = $n; $propertyChain = array(); $violation = TRUE; while ($c >= 0 && ($this->lastOpCodeIs('FETCH_OBJ_R', $oparray, $c) || $this->lastOpCodeIs('FETCH_DIM_R', $oparray, $c))) { $operand = array_pop( $oparray['code'][--$c]['operands'] ); if ($this->lastOpCodeIs('FETCH_DIM_R', $oparray, $c + 1)) { $propertyChain[] = array( 'name' => $operand['value'], 'type' => 'FETCH_DIM_R', ); } else { $propertyChain[] = array( 'name' => $operand['value'], 'type' => 'FETCH_OBJ_R', ); } } $searchPosition = $n; $variableName = 'this'; while ($searchPosition <= $opArraySize && isset($oparray['code'][$searchPosition]['operands'])) { foreach ($oparray['code'][$searchPosition]['operands'] as $operand) { if ($operand['string'][0] == '!') { $cvPos = str_replace('!', '', $operand['string']); $variableName = $oparray['raw']['cv'][$cvPos]; break 2; } } ++$searchPosition; } $propertyChain[] = array( 'name' => $variableName, 'type' => 'FETCH_OBJ_R', ); } } if ($violation !== FALSE) { $formattedProperty = NULL; foreach (array_values(array_reverse($propertyChain)) as $position => $property) { if ($formattedProperty === NULL) { $formattedProperty = sprintf('$%s', $property['name']); continue; } if ($property['type'] == 'FETCH_DIM_R') { $formattedProperty .= sprintf('["%s"]', $property['name']); continue; } if ($property['type'] == 'FETCH_OBJ_R') { $formattedProperty .= sprintf('->%s', $property['name']); } } $this->addViolation( sprintf( 'Attribute %s is not safe-guarded by Zend_View::escape()', $formattedProperty ), $oparray, $file, $oparray['raw']['opcodes'][$opline['opline']]['lineno'], $function, $result ); } } } }