Mercurial > hg > isophonics-drupal-site

annotate vendor/psy/psysh/src/CodeCleaner/ValidClassNamePass.php @ 13:5fb285c0d0e3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update Drupal core to 8.4.7 via Composer. Security update; I *think* we've been lucky to get away with this so far, as we don't support self-registration which seems to be used by the so-called "drupalgeddon 2" attack that 8.4.5 was vulnerable to.
author Chris Cannam
date Mon, 23 Apr 2018 09:33:26 +0100
parents
children c2387f117808
rev   line source
Chris@13 1 <?php
Chris@13 2
Chris@13 3 /*
Chris@13 4 * This file is part of Psy Shell.
Chris@13 5 *
Chris@13 6 * (c) 2012-2018 Justin Hileman
Chris@13 7 *
Chris@13 8 * For the full copyright and license information, please view the LICENSE
Chris@13 9 * file that was distributed with this source code.
Chris@13 10 */
Chris@13 11
Chris@13 12 namespace Psy\CodeCleaner;
Chris@13 13
Chris@13 14 use PhpParser\Node;
Chris@13 15 use PhpParser\Node\Expr;
Chris@13 16 use PhpParser\Node\Expr\ClassConstFetch;
Chris@13 17 use PhpParser\Node\Expr\New_;
Chris@13 18 use PhpParser\Node\Expr\StaticCall;
Chris@13 19 use PhpParser\Node\Stmt;
Chris@13 20 use PhpParser\Node\Stmt\Class_;
Chris@13 21 use PhpParser\Node\Stmt\Do_;
Chris@13 22 use PhpParser\Node\Stmt\If_;
Chris@13 23 use PhpParser\Node\Stmt\Interface_;
Chris@13 24 use PhpParser\Node\Stmt\Switch_;
Chris@13 25 use PhpParser\Node\Stmt\Trait_;
Chris@13 26 use PhpParser\Node\Stmt\While_;
Chris@13 27 use Psy\Exception\FatalErrorException;
Chris@13 28
Chris@13 29 /**
Chris@13 30 * Validate that classes exist.
Chris@13 31 *
Chris@13 32 * This pass throws a FatalErrorException rather than letting PHP run
Chris@13 33 * headfirst into a real fatal error and die.
Chris@13 34 */
Chris@13 35 class ValidClassNamePass extends NamespaceAwarePass
Chris@13 36 {
Chris@13 37 const CLASS_TYPE = 'class';
Chris@13 38 const INTERFACE_TYPE = 'interface';
Chris@13 39 const TRAIT_TYPE = 'trait';
Chris@13 40
Chris@13 41 protected $checkTraits;
Chris@13 42 private $conditionalScopes = 0;
Chris@13 43 private $atLeastPhp55;
Chris@13 44
Chris@13 45 public function __construct()
Chris@13 46 {
Chris@13 47 $this->checkTraits = function_exists('trait_exists');
Chris@13 48 $this->atLeastPhp55 = version_compare(PHP_VERSION, '5.5', '>=');
Chris@13 49 }
Chris@13 50
Chris@13 51 /**
Chris@13 52 * Validate class, interface and trait definitions.
Chris@13 53 *
Chris@13 54 * Validate them upon entering the node, so that we know about their
Chris@13 55 * presence and can validate constant fetches and static calls in class or
Chris@13 56 * trait methods.
Chris@13 57 *
Chris@13 58 * @param Node $node
Chris@13 59 */
Chris@13 60 public function enterNode(Node $node)
Chris@13 61 {
Chris@13 62 parent::enterNode($node);
Chris@13 63
Chris@13 64 if (self::isConditional($node)) {
Chris@13 65 $this->conditionalScopes++;
Chris@13 66 } else {
Chris@13 67 // @todo add an "else" here which adds a runtime check for instances where we can't tell
Chris@13 68 // whether a class is being redefined by static analysis alone.
Chris@13 69 if ($this->conditionalScopes === 0) {
Chris@13 70 if ($node instanceof Class_) {
Chris@13 71 $this->validateClassStatement($node);
Chris@13 72 } elseif ($node instanceof Interface_) {
Chris@13 73 $this->validateInterfaceStatement($node);
Chris@13 74 } elseif ($node instanceof Trait_) {
Chris@13 75 $this->validateTraitStatement($node);
Chris@13 76 }
Chris@13 77 }
Chris@13 78 }
Chris@13 79 }
Chris@13 80
Chris@13 81 /**
Chris@13 82 * Validate `new` expressions, class constant fetches, and static calls.
Chris@13 83 *
Chris@13 84 * @throws FatalErrorException if a class, interface or trait is referenced which does not exist
Chris@13 85 * @throws FatalErrorException if a class extends something that is not a class
Chris@13 86 * @throws FatalErrorException if a class implements something that is not an interface
Chris@13 87 * @throws FatalErrorException if an interface extends something that is not an interface
Chris@13 88 * @throws FatalErrorException if a class, interface or trait redefines an existing class, interface or trait name
Chris@13 89 *
Chris@13 90 * @param Node $node
Chris@13 91 */
Chris@13 92 public function leaveNode(Node $node)
Chris@13 93 {
Chris@13 94 if (self::isConditional($node)) {
Chris@13 95 $this->conditionalScopes--;
Chris@13 96 } elseif ($node instanceof New_) {
Chris@13 97 $this->validateNewExpression($node);
Chris@13 98 } elseif ($node instanceof ClassConstFetch) {
Chris@13 99 $this->validateClassConstFetchExpression($node);
Chris@13 100 } elseif ($node instanceof StaticCall) {
Chris@13 101 $this->validateStaticCallExpression($node);
Chris@13 102 }
Chris@13 103 }
Chris@13 104
Chris@13 105 private static function isConditional(Node $node)
Chris@13 106 {
Chris@13 107 return $node instanceof If_ ||
Chris@13 108 $node instanceof While_ ||
Chris@13 109 $node instanceof Do_ ||
Chris@13 110 $node instanceof Switch_;
Chris@13 111 }
Chris@13 112
Chris@13 113 /**
Chris@13 114 * Validate a class definition statement.
Chris@13 115 *
Chris@13 116 * @param Class_ $stmt
Chris@13 117 */
Chris@13 118 protected function validateClassStatement(Class_ $stmt)
Chris@13 119 {
Chris@13 120 $this->ensureCanDefine($stmt);
Chris@13 121 if (isset($stmt->extends)) {
Chris@13 122 $this->ensureClassExists($this->getFullyQualifiedName($stmt->extends), $stmt);
Chris@13 123 }
Chris@13 124 $this->ensureInterfacesExist($stmt->implements, $stmt);
Chris@13 125 }
Chris@13 126
Chris@13 127 /**
Chris@13 128 * Validate an interface definition statement.
Chris@13 129 *
Chris@13 130 * @param Interface_ $stmt
Chris@13 131 */
Chris@13 132 protected function validateInterfaceStatement(Interface_ $stmt)
Chris@13 133 {
Chris@13 134 $this->ensureCanDefine($stmt);
Chris@13 135 $this->ensureInterfacesExist($stmt->extends, $stmt);
Chris@13 136 }
Chris@13 137
Chris@13 138 /**
Chris@13 139 * Validate a trait definition statement.
Chris@13 140 *
Chris@13 141 * @param Trait_ $stmt
Chris@13 142 */
Chris@13 143 protected function validateTraitStatement(Trait_ $stmt)
Chris@13 144 {
Chris@13 145 $this->ensureCanDefine($stmt);
Chris@13 146 }
Chris@13 147
Chris@13 148 /**
Chris@13 149 * Validate a `new` expression.
Chris@13 150 *
Chris@13 151 * @param New_ $stmt
Chris@13 152 */
Chris@13 153 protected function validateNewExpression(New_ $stmt)
Chris@13 154 {
Chris@13 155 // if class name is an expression or an anonymous class, give it a pass for now
Chris@13 156 if (!$stmt->class instanceof Expr && !$stmt->class instanceof Class_) {
Chris@13 157 $this->ensureClassExists($this->getFullyQualifiedName($stmt->class), $stmt);
Chris@13 158 }
Chris@13 159 }
Chris@13 160
Chris@13 161 /**
Chris@13 162 * Validate a class constant fetch expression's class.
Chris@13 163 *
Chris@13 164 * @param ClassConstFetch $stmt
Chris@13 165 */
Chris@13 166 protected function validateClassConstFetchExpression(ClassConstFetch $stmt)
Chris@13 167 {
Chris@13 168 // there is no need to check exists for ::class const for php 5.5 or newer
Chris@13 169 if (strtolower($stmt->name) === 'class' && $this->atLeastPhp55) {
Chris@13 170 return;
Chris@13 171 }
Chris@13 172
Chris@13 173 // if class name is an expression, give it a pass for now
Chris@13 174 if (!$stmt->class instanceof Expr) {
Chris@13 175 $this->ensureClassOrInterfaceExists($this->getFullyQualifiedName($stmt->class), $stmt);
Chris@13 176 }
Chris@13 177 }
Chris@13 178
Chris@13 179 /**
Chris@13 180 * Validate a class constant fetch expression's class.
Chris@13 181 *
Chris@13 182 * @param StaticCall $stmt
Chris@13 183 */
Chris@13 184 protected function validateStaticCallExpression(StaticCall $stmt)
Chris@13 185 {
Chris@13 186 // if class name is an expression, give it a pass for now
Chris@13 187 if (!$stmt->class instanceof Expr) {
Chris@13 188 $this->ensureMethodExists($this->getFullyQualifiedName($stmt->class), $stmt->name, $stmt);
Chris@13 189 }
Chris@13 190 }
Chris@13 191
Chris@13 192 /**
Chris@13 193 * Ensure that no class, interface or trait name collides with a new definition.
Chris@13 194 *
Chris@13 195 * @throws FatalErrorException
Chris@13 196 *
Chris@13 197 * @param Stmt $stmt
Chris@13 198 */
Chris@13 199 protected function ensureCanDefine(Stmt $stmt)
Chris@13 200 {
Chris@13 201 $name = $this->getFullyQualifiedName($stmt->name);
Chris@13 202
Chris@13 203 // check for name collisions
Chris@13 204 $errorType = null;
Chris@13 205 if ($this->classExists($name)) {
Chris@13 206 $errorType = self::CLASS_TYPE;
Chris@13 207 } elseif ($this->interfaceExists($name)) {
Chris@13 208 $errorType = self::INTERFACE_TYPE;
Chris@13 209 } elseif ($this->traitExists($name)) {
Chris@13 210 $errorType = self::TRAIT_TYPE;
Chris@13 211 }
Chris@13 212
Chris@13 213 if ($errorType !== null) {
Chris@13 214 throw $this->createError(sprintf('%s named %s already exists', ucfirst($errorType), $name), $stmt);
Chris@13 215 }
Chris@13 216
Chris@13 217 // Store creation for the rest of this code snippet so we can find local
Chris@13 218 // issue too
Chris@13 219 $this->currentScope[strtolower($name)] = $this->getScopeType($stmt);
Chris@13 220 }
Chris@13 221
Chris@13 222 /**
Chris@13 223 * Ensure that a referenced class exists.
Chris@13 224 *
Chris@13 225 * @throws FatalErrorException
Chris@13 226 *
Chris@13 227 * @param string $name
Chris@13 228 * @param Stmt $stmt
Chris@13 229 */
Chris@13 230 protected function ensureClassExists($name, $stmt)
Chris@13 231 {
Chris@13 232 if (!$this->classExists($name)) {
Chris@13 233 throw $this->createError(sprintf('Class \'%s\' not found', $name), $stmt);
Chris@13 234 }
Chris@13 235 }
Chris@13 236
Chris@13 237 /**
Chris@13 238 * Ensure that a referenced class _or interface_ exists.
Chris@13 239 *
Chris@13 240 * @throws FatalErrorException
Chris@13 241 *
Chris@13 242 * @param string $name
Chris@13 243 * @param Stmt $stmt
Chris@13 244 */
Chris@13 245 protected function ensureClassOrInterfaceExists($name, $stmt)
Chris@13 246 {
Chris@13 247 if (!$this->classExists($name) && !$this->interfaceExists($name)) {
Chris@13 248 throw $this->createError(sprintf('Class \'%s\' not found', $name), $stmt);
Chris@13 249 }
Chris@13 250 }
Chris@13 251
Chris@13 252 /**
Chris@13 253 * Ensure that a statically called method exists.
Chris@13 254 *
Chris@13 255 * @throws FatalErrorException
Chris@13 256 *
Chris@13 257 * @param string $class
Chris@13 258 * @param string $name
Chris@13 259 * @param Stmt $stmt
Chris@13 260 */
Chris@13 261 protected function ensureMethodExists($class, $name, $stmt)
Chris@13 262 {
Chris@13 263 $this->ensureClassExists($class, $stmt);
Chris@13 264
Chris@13 265 // let's pretend all calls to self, parent and static are valid
Chris@13 266 if (in_array(strtolower($class), ['self', 'parent', 'static'])) {
Chris@13 267 return;
Chris@13 268 }
Chris@13 269
Chris@13 270 // ... and all calls to classes defined right now
Chris@13 271 if ($this->findInScope($class) === self::CLASS_TYPE) {
Chris@13 272 return;
Chris@13 273 }
Chris@13 274
Chris@13 275 // if method name is an expression, give it a pass for now
Chris@13 276 if ($name instanceof Expr) {
Chris@13 277 return;
Chris@13 278 }
Chris@13 279
Chris@13 280 if (!method_exists($class, $name) && !method_exists($class, '__callStatic')) {
Chris@13 281 throw $this->createError(sprintf('Call to undefined method %s::%s()', $class, $name), $stmt);
Chris@13 282 }
Chris@13 283 }
Chris@13 284
Chris@13 285 /**
Chris@13 286 * Ensure that a referenced interface exists.
Chris@13 287 *
Chris@13 288 * @throws FatalErrorException
Chris@13 289 *
Chris@13 290 * @param Interface_[] $interfaces
Chris@13 291 * @param Stmt $stmt
Chris@13 292 */
Chris@13 293 protected function ensureInterfacesExist($interfaces, $stmt)
Chris@13 294 {
Chris@13 295 foreach ($interfaces as $interface) {
Chris@13 296 /** @var string $name */
Chris@13 297 $name = $this->getFullyQualifiedName($interface);
Chris@13 298 if (!$this->interfaceExists($name)) {
Chris@13 299 throw $this->createError(sprintf('Interface \'%s\' not found', $name), $stmt);
Chris@13 300 }
Chris@13 301 }
Chris@13 302 }
Chris@13 303
Chris@13 304 /**
Chris@13 305 * Get a symbol type key for storing in the scope name cache.
Chris@13 306 *
Chris@13 307 * @param Stmt $stmt
Chris@13 308 *
Chris@13 309 * @return string
Chris@13 310 */
Chris@13 311 protected function getScopeType(Stmt $stmt)
Chris@13 312 {
Chris@13 313 if ($stmt instanceof Class_) {
Chris@13 314 return self::CLASS_TYPE;
Chris@13 315 } elseif ($stmt instanceof Interface_) {
Chris@13 316 return self::INTERFACE_TYPE;
Chris@13 317 } elseif ($stmt instanceof Trait_) {
Chris@13 318 return self::TRAIT_TYPE;
Chris@13 319 }
Chris@13 320 }
Chris@13 321
Chris@13 322 /**
Chris@13 323 * Check whether a class exists, or has been defined in the current code snippet.
Chris@13 324 *
Chris@13 325 * Gives `self`, `static` and `parent` a free pass.
Chris@13 326 *
Chris@13 327 * @param string $name
Chris@13 328 *
Chris@13 329 * @return bool
Chris@13 330 */
Chris@13 331 protected function classExists($name)
Chris@13 332 {
Chris@13 333 // Give `self`, `static` and `parent` a pass. This will actually let
Chris@13 334 // some errors through, since we're not checking whether the keyword is
Chris@13 335 // being used in a class scope.
Chris@13 336 if (in_array(strtolower($name), ['self', 'static', 'parent'])) {
Chris@13 337 return true;
Chris@13 338 }
Chris@13 339
Chris@13 340 return class_exists($name) || $this->findInScope($name) === self::CLASS_TYPE;
Chris@13 341 }
Chris@13 342
Chris@13 343 /**
Chris@13 344 * Check whether an interface exists, or has been defined in the current code snippet.
Chris@13 345 *
Chris@13 346 * @param string $name
Chris@13 347 *
Chris@13 348 * @return bool
Chris@13 349 */
Chris@13 350 protected function interfaceExists($name)
Chris@13 351 {
Chris@13 352 return interface_exists($name) || $this->findInScope($name) === self::INTERFACE_TYPE;
Chris@13 353 }
Chris@13 354
Chris@13 355 /**
Chris@13 356 * Check whether a trait exists, or has been defined in the current code snippet.
Chris@13 357 *
Chris@13 358 * @param string $name
Chris@13 359 *
Chris@13 360 * @return bool
Chris@13 361 */
Chris@13 362 protected function traitExists($name)
Chris@13 363 {
Chris@13 364 return $this->checkTraits && (trait_exists($name) || $this->findInScope($name) === self::TRAIT_TYPE);
Chris@13 365 }
Chris@13 366
Chris@13 367 /**
Chris@13 368 * Find a symbol in the current code snippet scope.
Chris@13 369 *
Chris@13 370 * @param string $name
Chris@13 371 *
Chris@13 372 * @return string|null
Chris@13 373 */
Chris@13 374 protected function findInScope($name)
Chris@13 375 {
Chris@13 376 $name = strtolower($name);
Chris@13 377 if (isset($this->currentScope[$name])) {
Chris@13 378 return $this->currentScope[$name];
Chris@13 379 }
Chris@13 380 }
Chris@13 381
Chris@13 382 /**
Chris@13 383 * Error creation factory.
Chris@13 384 *
Chris@13 385 * @param string $msg
Chris@13 386 * @param Stmt $stmt
Chris@13 387 *
Chris@13 388 * @return FatalErrorException
Chris@13 389 */
Chris@13 390 protected function createError($msg, $stmt)
Chris@13 391 {
Chris@13 392 return new FatalErrorException($msg, 0, E_ERROR, null, $stmt->getLine());
Chris@13 393 }
Chris@13 394 }