|
| 1 | +<?php |
| 2 | +/** |
| 3 | + * WordPressVIPMinimum Coding Standard. |
| 4 | + * |
| 5 | + * @package VIPCS\WordPressVIPMinimum |
| 6 | + */ |
| 7 | + |
| 8 | +namespace WordPressVIPMinimum\Sniffs\Functions; |
| 9 | + |
| 10 | +use WordPressVIPMinimum\Sniffs\Sniff; |
| 11 | +use PHP_CodeSniffer\Util\Tokens; |
| 12 | +use PHP_CodeSniffer\Files\File; |
| 13 | +use PHP_CodeSniffer\Sniffs\AbstractScopeSniff; |
| 14 | + |
| 15 | +/** |
| 16 | + * This sniff checks to see if the deletion of an option is immediately followed by an addition of the same option. |
| 17 | + */ |
| 18 | +class OptionsRaceConditionSniff extends AbstractScopeSniff { |
| 19 | + |
| 20 | + /** |
| 21 | + * Function name to delete option. |
| 22 | + * |
| 23 | + * @var string |
| 24 | + */ |
| 25 | + private $delete_option = 'delete_option'; |
| 26 | + |
| 27 | + /** |
| 28 | + * Function name to add option. |
| 29 | + * |
| 30 | + * @var string |
| 31 | + */ |
| 32 | + private $add_option = 'add_option'; |
| 33 | + |
| 34 | + /** |
| 35 | + * Constructs the test with the tokens it wishes to listen for. |
| 36 | + */ |
| 37 | + public function __construct() { |
| 38 | + parent::__construct( |
| 39 | + [ T_FUNCTION ], |
| 40 | + [ T_STRING ] |
| 41 | + ); |
| 42 | + } |
| 43 | + |
| 44 | + /** |
| 45 | + * Processes the function tokens within the class. |
| 46 | + * |
| 47 | + * @param \PHP_CodeSniffer\Files\File $phpcsFile The file where this token was found. |
| 48 | + * @param int $stackPtr The position where the token was found. |
| 49 | + * @param int $currScope The current scope opener token. |
| 50 | + * |
| 51 | + * @return void |
| 52 | + */ |
| 53 | + protected function processTokenWithinScope( File $phpcsFile, $stackPtr, $currScope ) { |
| 54 | + $tokens = $phpcsFile->getTokens(); |
| 55 | + |
| 56 | + if ( $tokens[ $stackPtr ]['content'] !== $this->delete_option ) { |
| 57 | + $stackPtr = $phpcsFile->findNext( |
| 58 | + [ T_STRING ], |
| 59 | + $stackPtr + 1, |
| 60 | + null, |
| 61 | + true, |
| 62 | + $this->delete_option |
| 63 | + ); |
| 64 | + |
| 65 | + if ( ! $stackPtr ) { |
| 66 | + return; // No delete_option found, bail. |
| 67 | + } |
| 68 | + } |
| 69 | + |
| 70 | + $delete_option_scope_start = $phpcsFile->findNext( |
| 71 | + Tokens::$emptyTokens, |
| 72 | + $stackPtr + 1, |
| 73 | + null, |
| 74 | + true |
| 75 | + ); |
| 76 | + |
| 77 | + if ( ! $delete_option_scope_start || $tokens[ $delete_option_scope_start ]['code'] !== T_OPEN_PARENTHESIS ) { |
| 78 | + return; // Not a function call, bail. |
| 79 | + } |
| 80 | + |
| 81 | + $delete_option_semicolon = $phpcsFile->findNext( |
| 82 | + [ T_SEMICOLON ], |
| 83 | + $tokens[ $delete_option_scope_start ]['parenthesis_closer'] + 1, |
| 84 | + null, |
| 85 | + false |
| 86 | + ); |
| 87 | + |
| 88 | + $delete_option_key = $phpcsFile->findNext( |
| 89 | + Tokens::$emptyTokens, |
| 90 | + $delete_option_scope_start + 1, |
| 91 | + null, |
| 92 | + true |
| 93 | + ); |
| 94 | + |
| 95 | + $add_option = $phpcsFile->findNext( |
| 96 | + Tokens::$emptyTokens, |
| 97 | + $delete_option_semicolon + 1, |
| 98 | + null, |
| 99 | + true |
| 100 | + ); |
| 101 | + |
| 102 | + $message = 'Concurrent calls to `delete_option()` and `add_option()` for %s may lead to race conditions in persistent object caching. Please consider using `update_option()` in place of both function calls, as it will also add the option if it does not exist.'; |
| 103 | + |
| 104 | + if ( $tokens[ $add_option ]['code'] === T_IF ) { |
| 105 | + // Check inside scope of first IF statement after for `add_option()` being called. |
| 106 | + $add_option_inside_if = $phpcsFile->findNext( |
| 107 | + [ T_STRING ], |
| 108 | + $tokens[ $add_option ]['scope_opener'] + 1, |
| 109 | + null, |
| 110 | + false, |
| 111 | + $this->add_option |
| 112 | + ); |
| 113 | + |
| 114 | + if ( ! $add_option_inside_if || $add_option_inside_if > $tokens[ $add_option ]['scope_closer'] ) { |
| 115 | + return; // No add_option() call inside first IF statement or add_option found not in IF scope. |
| 116 | + } |
| 117 | + |
| 118 | + $add_option_inside_if_scope_start = $phpcsFile->findNext( |
| 119 | + Tokens::$emptyTokens, |
| 120 | + $add_option_inside_if + 1, |
| 121 | + null, |
| 122 | + true |
| 123 | + ); |
| 124 | + |
| 125 | + if ( ! $add_option_inside_if_scope_start || $tokens[ $add_option_inside_if_scope_start ]['code'] !== T_OPEN_PARENTHESIS ) { |
| 126 | + return; // Not a function call, bail. |
| 127 | + } |
| 128 | + |
| 129 | + $add_option_inside_if_option_key = $phpcsFile->findNext( |
| 130 | + Tokens::$emptyTokens, |
| 131 | + $add_option_inside_if_scope_start + 1, |
| 132 | + null, |
| 133 | + true |
| 134 | + ); |
| 135 | + |
| 136 | + if ( $add_option_inside_if_option_key && $this->is_same_option_key( $tokens, $add_option_inside_if_option_key, $delete_option_key ) ) { |
| 137 | + $phpcsFile->addWarning( $message, $add_option_inside_if_option_key, 'OptionsRaceCondition' ); |
| 138 | + } |
| 139 | + |
| 140 | + // Walk ahead out of IF control structure. |
| 141 | + $add_option = $phpcsFile->findNext( |
| 142 | + Tokens::$emptyTokens, |
| 143 | + $tokens[ $add_option ]['scope_closer'] + 1, |
| 144 | + null, |
| 145 | + true |
| 146 | + ); |
| 147 | + } |
| 148 | + |
| 149 | + if ( $tokens[ $add_option ]['code'] === T_VARIABLE ) { |
| 150 | + // Account for variable assignments. |
| 151 | + $equals = $phpcsFile->findNext( |
| 152 | + Tokens::$emptyTokens, |
| 153 | + $add_option + 1, |
| 154 | + null, |
| 155 | + true |
| 156 | + ); |
| 157 | + |
| 158 | + if ( $tokens[ $equals ]['code'] === T_EQUAL ) { |
| 159 | + $add_option = $phpcsFile->findNext( |
| 160 | + Tokens::$emptyTokens, |
| 161 | + $equals + 1, |
| 162 | + null, |
| 163 | + true |
| 164 | + ); |
| 165 | + } |
| 166 | + } |
| 167 | + |
| 168 | + if ( $tokens[ $add_option ]['code'] !== T_STRING || $tokens[ $add_option ]['content'] !== $this->add_option ) { |
| 169 | + return; // add_option() isn't immediately following delete_option(), bail. |
| 170 | + } |
| 171 | + |
| 172 | + $add_option_scope_start = $phpcsFile->findNext( |
| 173 | + Tokens::$emptyTokens, |
| 174 | + $add_option + 1, |
| 175 | + null, |
| 176 | + true |
| 177 | + ); |
| 178 | + |
| 179 | + if ( ! $add_option_scope_start || $tokens[ $add_option_scope_start ]['code'] !== T_OPEN_PARENTHESIS ) { |
| 180 | + return; // Not a function call, bail. |
| 181 | + } |
| 182 | + |
| 183 | + // Check if it's the same option being deleted earlier. |
| 184 | + $add_option_key = $phpcsFile->findNext( |
| 185 | + Tokens::$emptyTokens, |
| 186 | + $add_option_scope_start + 1, |
| 187 | + null, |
| 188 | + true |
| 189 | + ); |
| 190 | + |
| 191 | + if ( $this->is_same_option_key( $tokens, $add_option_key, $delete_option_key ) ) { |
| 192 | + $phpcsFile->addWarning( $message, $add_option_key, 'OptionsRaceCondition' ); |
| 193 | + return; |
| 194 | + } |
| 195 | + } |
| 196 | + |
| 197 | + /** |
| 198 | + * Processes a token that is found within the scope that this test is |
| 199 | + * listening to. |
| 200 | + * |
| 201 | + * @param \PHP_CodeSniffer\Files\File $phpcsFile The file where this token was found. |
| 202 | + * @param int $stackPtr The position in the stack where this |
| 203 | + * token was found. |
| 204 | + * @return void |
| 205 | + */ |
| 206 | + protected function processTokenOutsideScope( File $phpcsFile, $stackPtr ) { |
| 207 | + } |
| 208 | + |
| 209 | + /** |
| 210 | + * Check if option is the same. |
| 211 | + * |
| 212 | + * @param array $tokens List of PHPCS tokens. |
| 213 | + * @param int $first_option Stack position of first option. |
| 214 | + * @param int $second_option Stack position of second option to match against. |
| 215 | + * |
| 216 | + * @return false |
| 217 | + */ |
| 218 | + private function is_same_option_key( $tokens, $first_option, $second_option ) { |
| 219 | + return $tokens[ $first_option ]['code'] === $tokens[ $second_option ]['code'] && |
| 220 | + $tokens[ $first_option ]['content'] === $tokens[ $second_option ]['content']; |
| 221 | + } |
| 222 | +} |
0 commit comments