There is no @return existence check when prototyping

laminas / laminas-code

Extensions to the PHP Reflection API, static code scanning, and code generation

https://docs.laminas.dev/laminas-code/

BSD 3-Clause "New" or "Revised" License

1.85k stars 81 forks source link

There is no @return existence check when prototyping #52

Open sd1328 opened 3 years ago

sd1328 commented 3 years ago

Insufficient return value validation

Class \Laminas\Code\Reflection\MethodReflection Method: getPrototype Line: 100

if ($docBlock) {
            $return = $docBlock->getTag('return');
            $returnTypes = $return->getTypes();   // return false
            $returnType = count($returnTypes) > 1 ? implode('|', $returnTypes) : $returnTypes[0];
}

There is no check for the existence of @return. If it is absent, we get an exception "Call to a member function getTypes() on bool"

fezfez commented 3 years ago

@sd1328 : please provide a code to reproducing the bug