phpsa
phpsa copied to clipboard
[Analyzer] Forbid dynamic calls to scope introspection functions
https://wiki.php.net/rfc/forbid_dynamic_scope_introspection
For the functions
- extract()
- compact()
- get_defined_vars()
- parse_str() with one arg
- mb_parse_str() with one arg
- assert() with string argument (eval)
- func_get_args()
- func_get_arg()
- func_num_args()
dynamic calls of the form
- $fn()
- call_user_func($fn)
- array_map($fn, $array) etc.
will be forbidden. Such calls will result in a warning being thrown and an error-indicating return value being returned, that is consistent with other error-indicating return values of the respective functions.