Merge pull request #40 from angelej/link-sink

Add link() sink

README.md

@@ -82,6 +82,7 @@ The higher the level, the more selective the analysis.
 ### File Write
 - [`copy()`](https://www.php.net/manual/en/function.copy)
 - [`file_put_contents()`](https://www.php.net/manual/en/function.file-put-contents)
+- [`link()`](https://www.php.net/manual/en/function.link)
 - [`move_uploaded_file()`](https://www.php.net/manual/en/function.move-uploaded-file)
 - [`symlink()`](https://www.php.net/manual/en/function.symlink)
 

src/SinkDetector.php

@@ -26,6 +26,7 @@ class SinkDetector extends NodeVisitorAbstract {
         Sinks\FileRead\ReadfileSink::class,
         Sinks\FileWrite\CopySink::class,
         Sinks\FileWrite\FilePutContentsSink::class,
+        Sinks\FileWrite\LinkSink::class,
         Sinks\FileWrite\MoveUploadedFileSink::class,
         Sinks\FileWrite\SymlinkSink::class,
         Sinks\InformationDisclosure\PhpinfoSink::class

src/Sinks/FileWrite/LinkSink.php

@@ -0,0 +1,31 @@
+<?php declare(strict_types=1);
+
+namespace Angelej\PhpInsider\Sinks\FileWrite;
+
+use PhpParser\Node;
+use Angelej\PhpInsider\Level;
+use Angelej\PhpInsider\Sinks\Sink;
+use Angelej\PhpInsider\NodeHelper;
+
+class LinkSink extends Sink {
+
+    /**
+     * @param  \PhpParser\Node $node
+     * @return \Angelej\PhpInsider\Level|null
+     */
+    public static function is(Node $node): ?Level {
+
+        $level = null;
+
+        if(NodeHelper::isFunctionCall($node, 'link')){
+
+            $level = Level::ZERO;
+
+            if(NodeHelper::isDynamic($node->args[0] ?? null)
+                || NodeHelper::isDynamic($node->args[1] ?? null)){
+                $level = Level::ONE;
+            }
+        }
+        return $level;
+    }
+}

tests/Unit/Sinks/FileWrite/LinkTest.php

@@ -0,0 +1,36 @@
+<?php declare(strict_types=1);
+
+use Angelej\PhpInsider\File;
+use Angelej\PhpInsider\Level;
+use Angelej\PhpInsider\Analyser;
+use Angelej\PhpInsider\Sinks\FileWrite\LinkSink;
+
+it('detects "link()" tokens (file write)', function(){
+
+    $file = new File(__DIR__ . '/../../files/Sinks/FileWrite/LinkFile.php');
+    $sinks = (new Analyser())->analyse($file);
+
+    expect($sinks->inFile($file)
+        ->inLine(5)
+        ->ofLevel(Level::ONE)
+        ->first()
+    )->toBeInstanceOf(LinkSink::class);
+
+    expect($sinks->inFile($file)
+        ->inLine(6)
+        ->ofLevel(Level::ONE)
+        ->first()
+    )->toBeInstanceOf(LinkSink::class);
+
+    expect($sinks->inFile($file)
+        ->inLine(7)
+        ->ofLevel(Level::ONE)
+        ->first()
+    )->toBeInstanceOf(LinkSink::class);
+
+    expect($sinks->inFile($file)
+        ->inLine(8)
+        ->ofLevel(Level::ZERO)
+        ->first()
+    )->toBeInstanceOf(LinkSink::class);
+});

tests/Unit/files/Sinks/FileWrite/LinkFile.php

@@ -0,0 +1,8 @@
+<?php declare(strict_types=1);
+
+$link = 'link';
+$target = 'target.txt';
+link($target, $link);
+link($target, 'link');
+link('target.txt', $link);
+link('target.txt', 'link');