Merge pull request #71 from getsentry/change_build_matrix

Jean85 · web-flow · commit c2493d76ee18 · 2017-08-23T09:33:35.000+02:00
Add PHP 7.2 support
diff --git a/.travis.yml b/.travis.yml
@@ -8,6 +8,7 @@ php:
   - 5.6
   - 7.0
   - 7.1
+  - 7.2
   - hhvm
 
 matrix:
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Added
+ - Add official support to PHP 7.2 (#71)
+### Fixed
+ - Remove usage of create_function to avoid deprecations (#71)
 
 ## 0.8.3 - 2017-08-07
 ### Changed
diff --git a/src/Sentry/SentryBundle/ErrorTypesParser.php b/src/Sentry/SentryBundle/ErrorTypesParser.php
@@ -33,25 +33,23 @@ public function parse()
             array(".", ""),
             $this->expression
         );
-        // remove anything which could be a security issue
-        $this->expression = preg_replace("/[^\d.+*%^|&~<>\/()-]/", "", $this->expression);
 
         return $this->compute($this->expression);
     }
 
-
     /**
      * Converts error constants from string to int.
      *
      * @param  string $expression e.g. E_ALL & ~E_DEPRECATED & ~E_NOTICE
-     * @return string   convertes expression e.g. 32767 & ~8192 & ~8
+     * @return string   converted expression e.g. 32767 & ~8192 & ~8
      */
     private function convertErrorConstants($expression)
     {
         $output = preg_replace_callback("/(E_[a-zA-Z_]+)/", function ($errorConstant) {
             if (defined($errorConstant[1])) {
                 return constant($errorConstant[1]);
             }
+
             return $errorConstant[0];
         }, $expression);
 
@@ -66,8 +64,11 @@ private function convertErrorConstants($expression)
      */
     private function compute($expression)
     {
-        $compute = create_function("", "return " . $expression . ";");
+        // catch anything which could be a security issue
+        if (0 !== preg_match("/[^\d.+*%^|&~<>\/()-]/", $this->expression)) {
+            throw new \InvalidArgumentException('Wrong value in error types config value');
+        }
 
-        return 0 + $compute();
+        return 0 + (int)eval('return ' . $expression . ';');
     }
 }
diff --git a/test/ErrorTypesParserTest.php b/test/ErrorTypesParserTest.php
@@ -11,4 +11,12 @@ public function test_error_types_parser()
         $ex = new ErrorTypesParser('E_ALL & ~E_DEPRECATED & ~E_NOTICE');
         $this->assertEquals($ex->parse(), E_ALL & ~E_DEPRECATED & ~E_NOTICE);
     }
+
+    public function test_error_types_parser_throws_exception_for_unwanted_values()
+    {
+        $ex = new ErrorTypesParser('exec(something-dangerous)');
+
+        $this->setExpectedException('\InvalidArgumentException');
+        $ex->parse();
+    }
 }

-Original file line number
+Diff line change
   - 5.6
   - 7.0
   - 7.1
 +  - 7.2
   - hhvm
 matrix:
Original file line number	Diff line number	Diff line change
`@@ -33,25 +33,23 @@ public function parse()`
`33`	`33`	`array(".", ""),`
`34`	`34`	`$this->expression`
`35`	`35`	`);`
`36`		`- // remove anything which could be a security issue`
`37`		`- $this->expression = preg_replace("/[^\d.+*%^\|&~<>\/()-]/", "", $this->expression);`
`38`	`36`
`39`	`37`	`return $this->compute($this->expression);`
`40`	`38`	`}`
`41`	`39`
`42`		`-`
`43`	`40`	`/**`
`44`	`41`	`* Converts error constants from string to int.`
`45`	`42`	`*`
`46`	`43`	`* @param string $expression e.g. E_ALL & ~E_DEPRECATED & ~E_NOTICE`
`47`		`- * @return string convertes expression e.g. 32767 & ~8192 & ~8`
	`44`	`+ * @return string converted expression e.g. 32767 & ~8192 & ~8`
`48`	`45`	`*/`
`49`	`46`	`private function convertErrorConstants($expression)`
`50`	`47`	`{`
`51`	`48`	`$output = preg_replace_callback("/(E_[a-zA-Z_]+)/", function ($errorConstant) {`
`52`	`49`	`if (defined($errorConstant[1])) {`
`53`	`50`	`return constant($errorConstant[1]);`
`54`	`51`	`}`
	`52`	`+`
`55`	`53`	`return $errorConstant[0];`
`56`	`54`	`}, $expression);`
`57`	`55`
`@@ -66,8 +64,11 @@ private function convertErrorConstants($expression)`
`66`	`64`	`*/`
`67`	`65`	`private function compute($expression)`
`68`	`66`	`{`
`69`		`- $compute = create_function("", "return " . $expression . ";");`
	`67`	`+ // catch anything which could be a security issue`
	`68`	`+ if (0 !== preg_match("/[^\d.+*%^\|&~<>\/()-]/", $this->expression)) {`
	`69`	`+ throw new \InvalidArgumentException('Wrong value in error types config value');`
	`70`	`+ }`
`70`	`71`
`71`		`- return 0 + $compute();`
	`72`	`+ return 0 + (int)eval('return ' . $expression . ';');`
`72`	`73`	`}`
`73`	`74`	`}`
Original file line number	Diff line number	Diff line change
`@@ -11,4 +11,12 @@ public function test_error_types_parser()`
`11`	`11`	`$ex = new ErrorTypesParser('E_ALL & ~E_DEPRECATED & ~E_NOTICE');`
`12`	`12`	`$this->assertEquals($ex->parse(), E_ALL & ~E_DEPRECATED & ~E_NOTICE);`
`13`	`13`	`}`
	`14`	`+`
	`15`	`+ public function test_error_types_parser_throws_exception_for_unwanted_values()`
	`16`	`+ {`
	`17`	`+ $ex = new ErrorTypesParser('exec(something-dangerous)');`
	`18`	`+`
	`19`	`+ $this->setExpectedException('\InvalidArgumentException');`
	`20`	`+ $ex->parse();`
	`21`	`+ }`
`14`	`22`	`}`