def test_classes_1(self):
code = '''
<?php
class A {
private $prop1 = 'ok';
function foo($var1) {
echo $_GET[1];
$this->prop1 = $var1;
}
function bar($prop2 = 'default') {
echo $this->prop1;
$this->prop2 = $prop2;
}
function baz() {
if (1) {
system($this->prop2);
}
}
}
$obj1 = new A();
$obj1->foo($_GET[1]); #XSS
$obj1->bar(); #XSS
$obj1->baz();
$awsome = $_POST[1];
$obj2 = new A();
$obj2->foo('test'); #XSS
$obj2->bar($awsome);
$obj2->baz(); #OS COMMANDING
$obj1->bar(); #XSS again
?>'''
analyzer = PhpSCA(code)
vulns = analyzer.get_vulns()
self.assertEquals(4, len(vulns['XSS']))
self.assertEquals(1, len(vulns['OS_COMMANDING']))
self.assertEquals(18, vulns['OS_COMMANDING'][0][0].lineno)
self.assertEquals('$awsome', vulns['OS_COMMANDING'][0][-1].name)
self.assertEquals(28, vulns['OS_COMMANDING'][0][-1].lineno)
objects = analyzer.get_objects();
self.assertTrue('$obj1' and '$obj2' in objects)
