Page MenuHomePhabricator
Create Task
Maniphest T249491

phan and taint-check weird interactions: PhanUndeclaredThis
Closed, ResolvedPublic
Actions

Description

Similar to T248742. For instance:

includes/libs/Message/MessageValue.php:48 PhanUndeclaredThis Variable $this is undeclared

Note, this is not the same as PhanUndeclaredThis in other code paths.

Details

SubjectRepoBranchLines +/-
Fix another edge case interaction with phanmediawiki/tools/phan/SecurityCheckPluginmaster+45 -6
Customize query in gerrit

Related Objects
Search...

Event Timeline

Daimona created this task.Apr 6 2020, 10:15 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 6 2020, 10:15 AM
Daimona added a parent task: T248630: Upgrade phan to 0.10.2 and remove phan-taint-check-plugin.Apr 6 2020, 10:15 AM
Daimona added a comment.Apr 6 2020, 1:16 PM

So, this one was harder than the other, and reproducing the issue wasn't easy, either. The problem arises when we try to compute the objects that a function could possibly return, but doing that from outside that function. To do that, we basically backup the variable map when first analyzing the function (from the inside), save it in the object representing the function, and retrieve it later when we need to collect the return values. This is because phan deletes the variable map in between, and this fix was explicitly suggested as a stable workaround (https://github.com/phan/phan/issues/2963). The problem is: for some reason, phan deletes the object where we saved the scope, hence we'll later receive another copy of that function, without the original scope, and actually, with no variables at all (including $this, which triggers the issue).

gerritbot added a comment.Apr 6 2020, 4:01 PM

Change 586386 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/tools/phan/SecurityCheckPlugin@master] Fix another edge case interaction with phan

https://gerrit.wikimedia.org/r/586386

gerritbot added a project: Patch-For-Review.Apr 6 2020, 4:01 PM
Daimona claimed this task.Apr 6 2020, 4:02 PM
Daimona triaged this task as High priority.Apr 6 2020, 4:34 PM
Daimona renamed this task from phan and taint-check weird interactions: PhanUndeclaredVariable, part 2 to phan and taint-check weird interactions: PhanUndeclaredThis.Apr 6 2020, 4:47 PM
Daimona updated the task description. (Show Details)
Daimona mentioned this in T249519: phan and taint-check weird interactions: PhanUndeclaredThis, part 2.
gerritbot added a comment.Apr 6 2020, 5:36 PM

Change 586386 merged by jenkins-bot:
[mediawiki/tools/phan/SecurityCheckPlugin@master] Fix another edge case interaction with phan

https://gerrit.wikimedia.org/r/586386

Jdforrester-WMF moved this task from Backlog to Plugin itself on the phan-taint-check-plugin board.Apr 6 2020, 5:50 PM
Jdforrester-WMF mentioned this in rMTPSa76c9ae8fcb3: Fix another edge case interaction with phan.Apr 6 2020, 6:03 PM
Daimona closed this task as Resolved.Apr 7 2020, 2:14 PM
Daimona removed a project: Patch-For-Review.
Daimona mentioned this in rMTPSd80d0ccedffb: Fix bad interaction with phan, part 3.Apr 7 2020, 3:49 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits