From 94c155c24db0cea187707bf2de85bb5883793aca Mon Sep 17 00:00:00 2001 From: Oleh Posyniak Date: Thu, 12 Nov 2020 10:25:32 -0600 Subject: [PATCH 1/4] MC-38508: Add static checks for PHP FS calls --- Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php | 1 + 1 file changed, 1 insertion(+) diff --git a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php index e1db0341..bced9283 100644 --- a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php +++ b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php @@ -228,5 +228,6 @@ class DiscouragedFunctionSniff extends ForbiddenFunctionsSniff '^intval$' => '(int) construction', '^strval$' => '(string) construction', '^htmlspecialchars$' => '\Magento\Framework\Escaper->escapeHtml', + 'getimagesize' => 'getimagesizefromstring', ]; } From 7959427e0a6f81150c5082610179831f48c4b0bd Mon Sep 17 00:00:00 2001 From: Oleh Posyniak Date: Thu, 19 Nov 2020 09:56:30 -0600 Subject: [PATCH 2/4] MC-38508: Add static checks for PHP FS calls --- Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php index bced9283..55001802 100644 --- a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php +++ b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php @@ -228,6 +228,6 @@ class DiscouragedFunctionSniff extends ForbiddenFunctionsSniff '^intval$' => '(int) construction', '^strval$' => '(string) construction', '^htmlspecialchars$' => '\Magento\Framework\Escaper->escapeHtml', - 'getimagesize' => 'getimagesizefromstring', + '^getimagesize$' => 'getimagesizefromstring', ]; } From dc1e4b330ad2d47d4d0d9c394c56ffef2dd4ba0b Mon Sep 17 00:00:00 2001 From: Oleh Posyniak Date: Mon, 30 Nov 2020 15:55:50 -0600 Subject: [PATCH 3/4] MC-38508: Add static checks for PHP FS calls --- Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md diff --git a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md new file mode 100644 index 00000000..603d7def --- /dev/null +++ b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md @@ -0,0 +1,11 @@ +# Rule: getimagesize() is discouraged + +## Reason + +[getimagesize()](https://www.php.net/manual/en/function.getimagesize.php) function works only with local and supported streams. +With introduction of more advanced storages, like AWS S3 or Azure Blob Storage this function will cause issues where file is not accessible. + +## How to fix + +[getimagesizefromstring](https://www.php.net/manual/en/function.getimagesizefromstring.php) can be used instead to retrieve all the information from file. +This function works with data strings, so you should read the file content using specific adapter before using it. From 98e9fffb693c0a072f0bc19c1f7e700295652029 Mon Sep 17 00:00:00 2001 From: Oleh Posyniak Date: Tue, 1 Dec 2020 09:49:54 -0600 Subject: [PATCH 4/4] MC-38508: Add static checks for PHP FS calls --- Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md index 603d7def..ceb49e4c 100644 --- a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md +++ b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.md @@ -2,7 +2,7 @@ ## Reason -[getimagesize()](https://www.php.net/manual/en/function.getimagesize.php) function works only with local and supported streams. +[getimagesize](https://www.php.net/manual/en/function.getimagesize.php) function works only with local and supported streams. With introduction of more advanced storages, like AWS S3 or Azure Blob Storage this function will cause issues where file is not accessible. ## How to fix