From e1084dd1ca6b113918774ba50dcea09316c9aaac Mon Sep 17 00:00:00 2001 From: David Roe Date: Wed, 18 Oct 2023 15:39:48 +0100 Subject: [PATCH] fix(php): add missing cases to object detector --- .../.snapshots/TestPHPObjects-object_no_class | 310 ++++++++++++++++-- .../php/detectors/object/projection.go | 7 + .../php/detectors/testdata/no_class.php | 6 +- 3 files changed, 290 insertions(+), 33 deletions(-) diff --git a/internal/languages/php/detectors/.snapshots/TestPHPObjects-object_no_class b/internal/languages/php/detectors/.snapshots/TestPHPObjects-object_no_class index 4020c8b36..da20a4b39 100644 --- a/internal/languages/php/detectors/.snapshots/TestPHPObjects-object_no_class +++ b/internal/languages/php/detectors/.snapshots/TestPHPObjects-object_no_class @@ -1,10 +1,12 @@ type: program id: 0 -range: 1:1 - 3:3 +range: 1:1 - 6:1 dataflow_sources: - 1 - 2 - - 14 + - 13 + - 27 + - 41 children: - type: php_tag id: 1 @@ -12,15 +14,15 @@ children: content: "' id: 7 - range: 2:6 - 2:7 - - type: function_call_expression + range: 2:6 - 2:8 + - type: name id: 8 - range: 2:7 - 2:13 + range: 2:8 - 2:12 + content: name + - type: arguments + id: 9 + range: 2:12 - 2:14 dataflow_sources: - 10 + - 11 children: + - type: '"("' + id: 10 + range: 2:12 - 2:13 + - type: '")"' + id: 11 + range: 2:13 - 2:14 + - type: '";"' + id: 12 + range: 2:14 - 2:15 + - type: expression_statement + id: 13 + range: 3:1 - 3:21 + children: + - type: member_call_expression + id: 14 + range: 3:1 - 3:20 + dataflow_sources: + - 23 + queries: + - 2 + children: + - type: member_access_expression + id: 15 + range: 3:1 - 3:12 + queries: + - 2 + children: + - type: variable_name + id: 16 + range: 3:1 - 3:6 + children: + - type: '"$"' + id: 17 + range: 3:1 - 3:2 + - type: name + id: 18 + range: 3:2 - 3:6 + content: this + - type: '"->"' + id: 19 + range: 3:6 - 3:8 - type: name - id: 9 - range: 2:7 - 2:11 - content: name + id: 20 + range: 3:8 - 3:12 + content: user + - type: '"->"' + id: 21 + range: 3:12 - 3:14 + - type: name + id: 22 + range: 3:14 - 3:18 + content: name + - type: arguments + id: 23 + range: 3:18 - 3:20 + dataflow_sources: + - 24 + - 25 + children: + - type: '"("' + id: 24 + range: 3:18 - 3:19 + - type: '")"' + id: 25 + range: 3:19 - 3:20 + - type: '";"' + id: 26 + range: 3:20 - 3:21 + - type: expression_statement + id: 27 + range: 4:1 - 4:21 + children: + - type: member_access_expression + id: 28 + range: 4:1 - 4:20 + queries: + - 2 + children: + - type: member_call_expression + id: 29 + range: 4:1 - 4:14 + dataflow_sources: + - 35 + queries: + - 2 + children: + - type: variable_name + id: 30 + range: 4:1 - 4:6 + children: + - type: '"$"' + id: 31 + range: 4:1 - 4:2 + - type: name + id: 32 + range: 4:2 - 4:6 + content: this + - type: '"->"' + id: 33 + range: 4:6 - 4:8 + - type: name + id: 34 + range: 4:8 - 4:12 + content: user - type: arguments - id: 10 - range: 2:11 - 2:13 + id: 35 + range: 4:12 - 4:14 dataflow_sources: - - 11 - - 12 + - 36 + - 37 children: - type: '"("' - id: 11 - range: 2:11 - 2:12 + id: 36 + range: 4:12 - 4:13 - type: '")"' - id: 12 - range: 2:12 - 2:13 + id: 37 + range: 4:13 - 4:14 + - type: '"->"' + id: 38 + range: 4:14 - 4:16 + - type: name + id: 39 + range: 4:16 - 4:20 + content: name - type: '";"' - id: 13 - range: 2:13 - 2:14 + id: 40 + range: 4:20 - 4:21 - type: text_interpolation - id: 14 - range: 3:1 - 3:3 + id: 41 + range: 5:1 - 5:3 dataflow_sources: - - 15 + - 42 children: - type: '"?>"' - id: 15 - range: 3:1 - 3:3 + id: 42 + range: 5:1 - 5:3 -[] +- node: 3 + content: $user->name() + data: + properties: + - name: $user + node: null + object: + ruleid: object + matchnode: + id: 3 + typeid: 3 + contentstart: + byte: 6 + line: 2 + column: 1 + contentend: + byte: 19 + line: 2 + column: 14 + executingdetectors: [] + data: + properties: + - name: name + node: null + object: null + isvirtual: true + isvirtual: true +- node: 14 + content: $this->user->name() + data: + properties: + - name: user + node: null + object: + ruleid: object + matchnode: + id: 14 + typeid: 3 + contentstart: + byte: 21 + line: 3 + column: 1 + contentend: + byte: 40 + line: 3 + column: 20 + executingdetectors: [] + data: + properties: + - name: name + node: null + object: null + isvirtual: true + isvirtual: true +- node: 28 + content: $this->user()->name + data: + properties: + - name: user + node: null + object: + ruleid: object + matchnode: + id: 28 + typeid: 12 + contentstart: + byte: 42 + line: 4 + column: 1 + contentend: + byte: 61 + line: 4 + column: 20 + executingdetectors: [] + data: + properties: + - name: name + node: null + object: null + isvirtual: true + isvirtual: true +- node: 15 + content: $this->user + data: + properties: + - name: $this + node: null + object: + ruleid: object + matchnode: + id: 15 + typeid: 12 + contentstart: + byte: 21 + line: 3 + column: 1 + contentend: + byte: 32 + line: 3 + column: 12 + executingdetectors: [] + data: + properties: + - name: user + node: null + object: null + isvirtual: true + isvirtual: true +- node: 29 + content: $this->user() + data: + properties: + - name: $this + node: null + object: + ruleid: object + matchnode: + id: 29 + typeid: 3 + contentstart: + byte: 42 + line: 4 + column: 1 + contentend: + byte: 55 + line: 4 + column: 14 + executingdetectors: [] + data: + properties: + - name: user + node: null + object: null + isvirtual: true + isvirtual: true diff --git a/internal/languages/php/detectors/object/projection.go b/internal/languages/php/detectors/object/projection.go index 3d932e0c0..fec4e4190 100644 --- a/internal/languages/php/detectors/object/projection.go +++ b/internal/languages/php/detectors/object/projection.go @@ -72,6 +72,13 @@ func getObjectName(objectNode *tree.Node) string { return objectNode.Content() } + // $user->foo->name + // $user->foo()->name + switch objectNode.Type() { + case "member_access_expression", "member_call_expression": + return objectNode.ChildByFieldName("name").Content() + } + return "" } diff --git a/internal/languages/php/detectors/testdata/no_class.php b/internal/languages/php/detectors/testdata/no_class.php index 97c2fe56e..93e8e9845 100644 --- a/internal/languages/php/detectors/testdata/no_class.php +++ b/internal/languages/php/detectors/testdata/no_class.php @@ -1,3 +1,5 @@ \ No newline at end of file +$user->name(); +$this->user->name(); +$this->user()->name; +?>