PHP: Patterns, that could profit from source code discovery

testable-eu / sast-testability-patterns

Testability Pattern Catalogs for SAST

https://owasp.org/www-project-testability-patterns-for-web-applications/

Apache License 2.0

29 stars 2 forks source link

PHP: Patterns, that could profit from source code discovery #43

Open felix-20 opened 1 year ago

felix-20 commented 1 year ago

In PHP, there are a few patterns, that cannot be discovered using opcode, as the tarpit is not present in opcode anymore. Therfor I think these patterns could profit from a discovery method, that uses the PHP source code rather than the opcode.

This affects PHP patterns:

5_combined_operator
40_trait
47_overriding
48_construct_with_inheritance
55_goto
80_callback_functions