Static code analysis v2

Cornac for PHP PHP static code analysisOSCON, Portland, OR, USA, July 28th 2011

Agenda• What is cornac?• Applications and results• How to make your code better

Who’s speaking?• Damien Seguy• In transition from Alter Way, France to Bysoft, China• Industrialisation coach, LAMP expert• damien.seguy@gmail.com

Yes, we take

./bin/cornac -I spotweb.ini> Tokenizeur> Auditeur> Done

Quick Inventory

Cornac• Static auditor• Analyze PHP code without executing it• Study the application as a whole

Do not mistake with• Xdebug • xdebug executes code• grep • grep doesn’t understand PHP semantics• CodeSniffer • CodeSniffer check for coding and naming conventions

Close cousins• PMD • PHP Mess Detector• PHP_Depends

PHP extensions list • The real list of extensions • Useful for deployment • Loved by hosting compan

Static audit• Process large quantities of code• Process the same code over and over• Depends on auditor expert level• Automates searchs• Make search systematics

Classes

Application inventory• Taking a global look at the application• List of structures names• List of used PHP functionnalities

Technical aspects• Listing all technical aspects • PHP functionalities • Advanced functionalities • Deprecated functionalities • Dependences

5.3 migration• Incompatible evolutions• Obsolet functions• Reference handling• References with the ‘new’ operator• mktime doesn’t take 7 parameters anymore

Structures names• Extract all structures names• Study the convention• Study the whole• Study semantics

Inclusion network

Inclusion network• include*, require*• Ignore variables• Circles represents ﬁles• Arrows represent inclusions

Constant network• Link between constant definition and its usage• Constants are used within their definition file• Except one

Global view• Provide a graph for the whole application• Get a feedback without dwelling on the precise names

Hierarchies• Dot version• Not too many levels

Hiérarchies • dotclear hierarchy

Hierarchies

Classes network• Gephi version• Link classes based on composition

Cornac under the hood• Cornac depends on PHP tokenizer• It add a layer of structure : spoting larger structures• It removes all useless separators • {} [] () ; , ‘’ «»

<?php print ("hello $world! "); ?> Extractions [1] => Array ( [6] => Array [0] => 266 ( [1] => print [0] => 309 [2] => 1 [1] => $world ) [2] => 1 ) [2] => Array ( [7] => Array [0] => 370 ( [1] => [0] => 314 [2] => 1 [1] => ! ) [2] => 1 ) [3] => ( [4] => " [8] => " [5] => Array [9] => ) ( [10] => ; [1] => Array [0] => 314 ( [1] => hello [0] => token PHP [2] => 1 [1] => code PHP ) [2] => ligne ) [2] => "

Extractions<?php print ("hello $world! "); ?>

Extractions

Iffectations

Unused classes• Classes, properties, variables, functions,

Inner gearsTokeni Auditeur Display zeur Analyzer

Evolution • WebTokeni Auditeur • XML zeur • ODS • PHPCodeBrow • Sonar • ... Analyzer

Rules• Security• Best practices (PHP, CMS..)• In house conventions• PHP 5.3 5.4 migration• Performances• Design patterns

http://www.cornac.info/ damien.seguy@gmail.comSpecial thanks to Christophe Zadowski and Alexis Tellier

Static code analysis v2

by Seguy Damien

Accessibility

Categories

Upload Details

Usage Rights

1 Embed 29

Statistics