Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AppConfig: returns default on exception #42844

Merged
merged 1 commit into from
Jan 16, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion lib/private/AppConfig.php
Original file line number Diff line number Diff line change
@@ -292,11 +292,17 @@ public function getValueMixed(
string $default = '',
?bool $lazy = false
): string {
try {
$lazy = ($lazy === null) ? $this->isLazy($app, $key) : $lazy;
} catch (AppConfigUnknownKeyException $e) {
return $default;
}

return $this->getTypedValue(
$app,
$key,
$default,
($lazy === null) ? $this->isLazy($app, $key) : $lazy,
$lazy,
self::VALUE_MIXED
);
}

Unchanged files with check annotations Beta

$this->logger->critical(
sprintf(
'$params["'.$element.'"] was missing. Transferred value: %s',
print_r($params, true)

Check failure on line 63 in apps/admin_audit/lib/Actions/Action.php

GitHub Actions / static-code-analysis-security

TaintedHtml

apps/admin_audit/lib/Actions/Action.php:63:16: TaintedHtml: Detected tainted HTML (see https://psalm.dev/245)
),
['app' => 'admin_audit']
);
if (!is_subclass_of($objectClass, '\OCP\Files\ObjectStore\IObjectStore')) {
throw new \InvalidArgumentException('Invalid object store');
}
$storage->setBackendOption('objectstore', new $objectClass($objectStore));

Check failure on line 75 in apps/files_external/lib/Config/ConfigAdapter.php

GitHub Actions / static-code-analysis-security

TaintedCallable

apps/files_external/lib/Config/ConfigAdapter.php:75:50: TaintedCallable: Detected tainted text (see https://psalm.dev/243)
}
$storage->getAuthMechanism()->manipulateStorageConfig($storage, $user);
try {
$keyPath = $this->hostKeysPath();
if ($keyPath && file_exists($keyPath)) {
$fp = fopen($keyPath, 'w');

Check failure on line 246 in apps/files_external/lib/Lib/Storage/SFTP.php

GitHub Actions / static-code-analysis-security

TaintedFile

apps/files_external/lib/Lib/Storage/SFTP.php:246:17: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
foreach ($keys as $host => $key) {
fwrite($fp, $host . '::' . $key . "\n");
}
if (file_exists($keyPath)) {
$hosts = [];
$keys = [];
$lines = file($keyPath, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);

Check failure on line 267 in apps/files_external/lib/Lib/Storage/SFTP.php

GitHub Actions / static-code-analysis-security

TaintedFile

apps/files_external/lib/Lib/Storage/SFTP.php:267:19: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
if ($lines) {
foreach ($lines as $line) {
$hostKeyArray = explode("::", $line, 2);
case 'c':
case 'c+':
$context = stream_context_create(['sftp' => ['session' => $connection]]);
$handle = fopen($this->constructUrl($path), $mode, false, $context);

Check failure on line 412 in apps/files_external/lib/Lib/Storage/SFTP.php

GitHub Actions / static-code-analysis-security

TaintedFile

apps/files_external/lib/Lib/Storage/SFTP.php:412:22: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
return RetryWrapper::wrap($handle);
}
} catch (\Exception $e) {
&& !isset($downloadStartSecret[32])
&& preg_match('!^[a-zA-Z0-9]+$!', $downloadStartSecret) === 1) {
// FIXME: set on the response once we use an actual app framework response
setcookie('ocDownloadStarted', $downloadStartSecret, time() + 20, '/');

Check failure on line 468 in apps/files_sharing/lib/Controller/ShareController.php

GitHub Actions / static-code-analysis-security

TaintedCookie

apps/files_sharing/lib/Controller/ShareController.php:468:35: TaintedCookie: Detected tainted cookie (see https://psalm.dev/257)
}
$this->emitAccessShareHook($share);
$appIconContent = $appIcon->getContent();
$mime = $appIcon->getMimeType();
} else {
$appIconContent = file_get_contents($appIcon);

Check failure on line 137 in apps/theming/lib/IconBuilder.php

GitHub Actions / static-code-analysis-security

TaintedFile

apps/theming/lib/IconBuilder.php:137:40: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
$mime = mime_content_type($appIcon);
}
if ($imageFile === false || $imageFile === "") {
return false;
}
$svg = file_get_contents($imageFile);

Check failure on line 235 in apps/theming/lib/IconBuilder.php

GitHub Actions / static-code-analysis-security

TaintedFile

apps/theming/lib/IconBuilder.php:235:28: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
if ($svg !== false && $svg !== "") {
$color = $this->util->elementColor($this->themingDefaults->getColorPrimary());
$svg = $this->util->colorizeSvg($svg, $color);
// slash which is required by URL generation.
if (isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
substr($_SERVER['REQUEST_URI'], -1) !== '/') {
header('Location: '.\OC::$WEBROOT.'/');

Check failure on line 204 in lib/base.php

GitHub Actions / static-code-analysis-security

TaintedHeader

lib/base.php:204:12: TaintedHeader: Detected tainted header (see https://psalm.dev/256)
exit();
}
}
throw new Exception('Not installed');
} else {
$url = OC::$WEBROOT . '/index.php';
header('Location: ' . $url);

Check failure on line 286 in lib/base.php

GitHub Actions / static-code-analysis-security

TaintedHeader

lib/base.php:286:12: TaintedHeader: Detected tainted header (see https://psalm.dev/256)
}
exit();
}