Embed Size (px)
Citation preview
Cornac for PHPPHP static code analysis
OSCON, Portland, OR, USA, July 28th 2011
Agenda
•What is cornac?
•Applications and results
•How to make your code better
Who’s speaking?
•Damien Seguy
•In transition from Alter Way, France to Bysoft, China
•Industrialisation coach, LAMP expert
Yes, we take
./bin/cornac -I spotweb.ini> Tokenizeur
> Auditeur> Done
Quick Inventory
Cornac
•Static auditor
•Analyze PHP code without executing it
•Study the application as a whole
Do not mistake with
•Xdebug
•xdebug executes code
•grep
•grep doesn’t understand PHP semantics
•CodeSniffer
•CodeSniffer check for coding and naming conventions
Close cousins
•PMD
•PHP Mess Detector
•PHP_Depends
PHP extensions list
•The real list of extensions
•Useful for deployment
•Loved by hosting companies
Static audit•Process large quantities of code
•Process the same code over and over
•Depends on auditor expert level
•Automates searchs
•Make search systematics
Classes
Application inventory
•Taking a global look at the application
•List of structures names
•List of used PHP functionnalities
Technical aspects
•Listing all technical aspects
•PHP functionalities
•Advanced functionalities
•Deprecated functionalities
•Dependences
5.3 migration•Incompatible evolutions
•Obsolet functions
•Reference handling
•References with the ‘new’ operator
•mktime doesn’t take 7 parameters anymore
Structures names
•Extract all structures names
•Study the convention
•Study the whole
•Study semantics
Inclusion network
Inclusion network
• include*, require*
• Ignore variables
• Circles represents files
• Arrows represent inclusions
Constant network
• Link between constant definition and its usage
• Constants are used within their definition file
• Except one
Global view
•Provide a graph for the whole application
•Get a feedback without dwelling on the precise names
Hierarchies
• Dot version
• Not too many levels
Hiérarchies
• dotclear hierarchy
Hierarchies
Classes network
•Gephi version
•Link classes based on composition
Cornac under the hood
•Cornac depends on PHP tokenizer
•It add a layer of structure : spoting larger structures
•It removes all useless separators
•{} [] () ; , ‘’ «»
Extractions [6] => Array ( [0] => 309 [1] => $world [2] => 1 )
[7] => Array ( [0] => 314 [1] => ! [2] => 1 )
[8] => " [9] => ) [10] => ; [1] => Array
( [0] => token PHP [1] => code PHP [2] => ligne ) [2] => "
<?php print ("hello $world! "); ?>
[1] => Array ( [0] => 266 [1] => print [2] => 1 )
[2] => Array ( [0] => 370 [1] => [2] => 1 )
[3] => ( [4] => " [5] => Array ( [0] => 314 [1] => hello [2] => 1 )
Extractions<?php print ("hello $world! "); ?>
Extractions
Iffectations
Unused classes
• Classes, properties, variables, functions,
Inner gears
Tokenizeur
Auditeur Display
Analyzer
Evolution
Auditeur
Analyzer
•Web
•XML
•ODS
•PHPCodeBrowser
•Sonar
•...
Tokenizeur
Rules•Security
•Best practices (PHP, CMS..)
•In house conventions
•PHP 5.3 5.4 migration
•Performances
•Design patterns
