Skip to content

Commit

Permalink
Merge pull request #34 from moufmouf/false_positives
Browse files Browse the repository at this point in the history
Removing false positives
  • Loading branch information
moufmouf authored Sep 14, 2018
2 parents 0fe27e0 + f3ccd04 commit 1427a4e
Show file tree
Hide file tree
Showing 6 changed files with 19 additions and 69 deletions.
7 changes: 7 additions & 0 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,13 @@ before_script:
else
cd generator/doc/doc-en
svn update
if [ $? -ne 0 ];
then
cd ..
rm -rf doc-en
svn co https://svn.php.net/repository/phpdoc/modules/doc-en doc-en
cd doc-en
fi
cd ../../..
fi
- composer update
Expand Down
11 changes: 9 additions & 2 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

Safe-PHP code is generated automatically from the PHP doc.

## How to generate Safe-PHP code
## How to install Safe-PHP development environment

The first step is to download the PHP documentation project locally.
You will need Subversion (svn) installed on your computer.
Expand All @@ -20,7 +20,6 @@ $ cd generator/doc/doc-en
$ svn update
```


### Generating the functions

Generating the functions can be done with a simple command.
Expand All @@ -29,3 +28,11 @@ Generating the functions can be done with a simple command.
$ cd generator
$ php ./safe.php generate
```

### Submitting a PR

The continuous integration hooks will regenerate all the functions and check that the result is exactly what has been
committed. Therefore, before submitting a PR, please:

- Perform a "svn update"
- Regenerate the files using `php ./safe.php generate`
47 changes: 0 additions & 47 deletions generated/filesystem.php
Original file line number Diff line number Diff line change
Expand Up @@ -877,53 +877,6 @@ function glob(string $pattern, int $flags = 0): array
}


/**
* Tells whether the filename is executable.
*
* @param string $filename Path to the file.
* @throws FilesystemException
*
*/
function is_executable(string $filename): void
{
error_clear_last();
$result = \is_executable($filename);
if ($result === false) {
throw FilesystemException::createFromPhpError();
}
}


/**
* Returns TRUE if the file named by filename was
* uploaded via HTTP POST. This is useful to help ensure that a
* malicious user hasn't tried to trick the script into working on
* files upon which it should not be working--for instance,
* /etc/passwd.
*
* This sort of check is especially important if there is any chance
* that anything done with uploaded files could reveal their
* contents to the user, or even to other users on the same
* system.
*
* For proper working, the function is_uploaded_file needs
* an argument like $_FILES['userfile']['tmp_name'], - the name of the uploaded
* file on the client's machine $_FILES['userfile']['name'] does not work.
*
* @param string $filename The filename being checked.
* @throws FilesystemException
*
*/
function is_uploaded_file(string $filename): void
{
error_clear_last();
$result = \is_uploaded_file($filename);
if ($result === false) {
throw FilesystemException::createFromPhpError();
}
}


/**
* Attempts to change the group of the symlink filename
* to group.
Expand Down
3 changes: 0 additions & 3 deletions generated/functionsList.php
Original file line number Diff line number Diff line change
Expand Up @@ -145,8 +145,6 @@
'ftruncate',
'fwrite',
'glob',
'is_executable',
'is_uploaded_file',
'lchgrp',
'lchown',
'link',
Expand Down Expand Up @@ -907,7 +905,6 @@
'stream_filter_register',
'stream_filter_remove',
'stream_get_contents',
'stream_is_local',
'stream_isatty',
'stream_resolve_include_path',
'stream_set_blocking',
Expand Down
17 changes: 0 additions & 17 deletions generated/stream.php
Original file line number Diff line number Diff line change
Expand Up @@ -225,23 +225,6 @@ function stream_get_contents($handle, int $maxlength = -1, int $offset = -1): st
}


/**
* Checks if a stream, or a URL, is a local one or not.
*
* @param mixed $stream_or_url The stream resource or URL to check.
* @throws StreamException
*
*/
function stream_is_local($stream_or_url): void
{
error_clear_last();
$result = \stream_is_local($stream_or_url);
if ($result === false) {
throw StreamException::createFromPhpError();
}
}


/**
* Determines if stream stream refers to a valid terminal type device.
* This is a more portable version of posix_isatty, since it works on Windows systems too.
Expand Down
3 changes: 3 additions & 0 deletions generator/config/ignoredFunctions.php
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
<?php
return [
'array_key_exists',
'is_executable',
'is_uploaded_file',
'stream_is_local',
];

0 comments on commit 1427a4e

Please # to comment.