Create function parameter assignment sniff

Question

Create function parameter assignment sniff

aik099 opened this issue 6 years ago · 0 comments

Idea of the sniff is to locate function/method parameter that's value is replaced within the method. This is bad idea, because any code that reads parameter value expects original value to be retrieved, but instead is getting last modified value version.

Implementation plan:

listen for T_FUNCTION token
get parameters of that function, that aren't passed by reference
lookup names of these parameters in function body and T_WHITESPACE (optional) + assignment tokens after it

P.S.
The $$var code won't be supported, because it's hard to trace back statically.

Examples

function functionName($param1, &$param2)
{
    $param1 = 'new value' . $param1; // not allowed
    $param2 = 'new value'; // allowed, because value is passed by reference
}