Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
98.09% |
257 / 262 |
|
89.47% |
34 / 38 |
CRAP | |
0.00% |
0 / 1 |
Taintedness | |
98.09% |
257 / 262 |
|
89.47% |
34 / 38 |
123 | |
0.00% |
0 / 1 |
__construct | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
safeSingleton | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
2 | |||
unknownSingleton | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
2 | |||
newTainted | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
newFromArray | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
2 | |||
get | |
100.00% |
2 / 2 |
|
100.00% |
1 / 1 |
2 | |||
asCollapsed | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
asKnownKeysMadeUnknown | |
100.00% |
8 / 8 |
|
100.00% |
1 / 1 |
3 | |||
getAllKeysTaint | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
2 | |||
with | |
100.00% |
3 / 3 |
|
100.00% |
1 / 1 |
1 | |||
without | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
has | |
100.00% |
10 / 10 |
|
100.00% |
1 / 1 |
7 | |||
withOnly | |
100.00% |
8 / 8 |
|
100.00% |
1 / 1 |
3 | |||
intersectForSink | |
100.00% |
24 / 24 |
|
100.00% |
1 / 1 |
7 | |||
withoutKnownKeysFrom | |
85.71% |
6 / 7 |
|
0.00% |
0 / 1 |
4.05 | |||
asMergedWith | |
100.00% |
12 / 12 |
|
100.00% |
1 / 1 |
6 | |||
withAddedOffsetTaintedness | |
100.00% |
6 / 6 |
|
100.00% |
1 / 1 |
2 | |||
withAddedKeysTaintedness | |
100.00% |
3 / 3 |
|
100.00% |
1 / 1 |
1 | |||
asMergedForAssignment | |
100.00% |
14 / 14 |
|
100.00% |
1 / 1 |
6 | |||
asArrayPlusWith | |
100.00% |
9 / 9 |
|
100.00% |
1 / 1 |
4 | |||
getTaintednessForOffsetOrWhole | |
100.00% |
11 / 11 |
|
100.00% |
1 / 1 |
5 | |||
asMaybeMovedAtOffset | |
100.00% |
7 / 7 |
|
100.00% |
1 / 1 |
4 | |||
asMovedToKeys | |
100.00% |
3 / 3 |
|
100.00% |
1 / 1 |
1 | |||
asValueFirstLevel | |
100.00% |
6 / 6 |
|
100.00% |
1 / 1 |
3 | |||
withoutKey | |
100.00% |
6 / 6 |
|
100.00% |
1 / 1 |
3 | |||
withoutKeys | |
100.00% |
9 / 9 |
|
100.00% |
1 / 1 |
3 | |||
asKeyForForeach | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
asArrayReplaceWith | |
87.50% |
7 / 8 |
|
0.00% |
0 / 1 |
3.02 | |||
asArrayMergeWith | |
100.00% |
12 / 12 |
|
100.00% |
1 / 1 |
4 | |||
isSafe | |
100.00% |
10 / 10 |
|
100.00% |
1 / 1 |
7 | |||
asExecToYesTaint | |
100.00% |
7 / 7 |
|
100.00% |
1 / 1 |
3 | |||
asYesToExecTaint | |
100.00% |
7 / 7 |
|
100.00% |
1 / 1 |
3 | |||
flagsAsExecToYesTaint | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
flagsAsYesToExecTaint | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
asPreservedTaintedness | |
75.00% |
6 / 8 |
|
0.00% |
0 / 1 |
4.25 | |||
appliedToLinksForBackprop | |
100.00% |
16 / 16 |
|
100.00% |
1 / 1 |
4 | |||
withSQLExecAddedToNumkeyExec | |
88.89% |
8 / 9 |
|
0.00% |
0 / 1 |
5.03 | |||
toString | n/a |
0 / 0 |
n/a |
0 / 0 |
3 | |||||
toShortString | |
100.00% |
14 / 14 |
|
100.00% |
1 / 1 |
6 | |||
__toString | n/a |
0 / 0 |
n/a |
0 / 0 |
1 |
1 | <?php declare( strict_types=1 ); |
2 | |
3 | namespace SecurityCheckPlugin; |
4 | |
5 | use ast\Node; |
6 | use Phan\Language\Element\FunctionInterface; |
7 | |
8 | /** |
9 | * Value object used to store taintedness. This should always be used to manipulate taintedness values, |
10 | * instead of directly using taint constants directly (except for comparisons etc.). |
11 | * |
12 | * Note that this class should be used as copy-on-write (like phan's UnionType), so in-place |
13 | * manipulation should never be done on phan objects. |
14 | */ |
15 | class Taintedness { |
16 | /** @var int Combination of the class constants */ |
17 | private $flags; |
18 | |
19 | /** @var self[] Taintedness for each possible array element */ |
20 | private $dimTaint = []; |
21 | |
22 | /** @var int Taintedness of the array keys */ |
23 | private $keysTaint = SecurityCheckPlugin::NO_TAINT; |
24 | |
25 | /** |
26 | * @var self|null Taintedness for array elements that we couldn't attribute to any key |
27 | */ |
28 | private $unknownDimsTaint; |
29 | |
30 | /** |
31 | * @param int $val One of the class constants |
32 | */ |
33 | public function __construct( int $val ) { |
34 | $this->flags = $val; |
35 | } |
36 | |
37 | // Common creation shortcuts |
38 | |
39 | /** |
40 | * @return self |
41 | */ |
42 | public static function safeSingleton(): self { |
43 | static $singleton; |
44 | if ( !$singleton ) { |
45 | $singleton = new self( SecurityCheckPlugin::NO_TAINT ); |
46 | } |
47 | return $singleton; |
48 | } |
49 | |
50 | /** |
51 | * @return self |
52 | */ |
53 | public static function unknownSingleton(): self { |
54 | static $singleton; |
55 | if ( !$singleton ) { |
56 | $singleton = new self( SecurityCheckPlugin::UNKNOWN_TAINT ); |
57 | } |
58 | return $singleton; |
59 | } |
60 | |
61 | /** |
62 | * @return self |
63 | */ |
64 | public static function newTainted(): self { |
65 | return new self( SecurityCheckPlugin::YES_TAINT ); |
66 | } |
67 | |
68 | /** |
69 | * @param Taintedness[] $values |
70 | * @return self |
71 | */ |
72 | public static function newFromArray( array $values ): self { |
73 | $ret = self::safeSingleton(); |
74 | foreach ( $values as $key => $value ) { |
75 | assert( $value instanceof self ); |
76 | $ret = $ret->withAddedOffsetTaintedness( $key, $value ); |
77 | } |
78 | return $ret; |
79 | } |
80 | |
81 | /** |
82 | * Get a numeric representation of the taint stored in this object. This includes own taint, |
83 | * array keys and whatnot. |
84 | * @note This should almost NEVER be used outside of this class! Use accessors as much as possible! |
85 | * |
86 | * @return int |
87 | */ |
88 | public function get(): int { |
89 | $ret = $this->flags | $this->getAllKeysTaint() | $this->keysTaint; |
90 | return $this->unknownDimsTaint ? ( $ret | $this->unknownDimsTaint->get() ) : $ret; |
91 | } |
92 | |
93 |