/**
* FORBIDDEN INSECURE FUNCTIONS (Severity 10 - NEVER USE)
* These functions pose critical security risks and must never be used in Magento code.
*/
export interface InsecureFunction {
replacement: string | null;
reason: string;
severity: 10;
}
export const INSECURE_FUNCTIONS: Record<string, InsecureFunction> = {
// Command execution - CRITICAL SECURITY RISK
'exec': {
replacement: '\\Magento\\Framework\\Shell::execute',
reason: 'Command injection risk - allows arbitrary command execution',
severity: 10
},
'shell_exec': {
replacement: null,
reason: 'Command injection risk - avoid entirely, no safe alternative',
severity: 10
},
'system': {
replacement: null,
reason: 'Command injection risk - executes external programs',
severity: 10
},
'passthru': {
replacement: null,
reason: 'Command injection risk - passes through raw output',
severity: 10
},
'popen': {
replacement: null,
reason: 'Command injection risk - opens process file pointer',
severity: 10
},
'proc_open': {
replacement: null,
reason: 'Command injection risk - executes command and opens file pointers',
severity: 10
},
'pcntl_exec': {
replacement: null,
reason: 'Command injection risk - executes program in current process space',
severity: 10
},
// Code execution - CRITICAL SECURITY RISK
'eval': {
replacement: null,
reason: 'Code injection risk - executes arbitrary PHP code, never use',
severity: 10
},
'assert': {
replacement: null,
reason: 'Can execute code when assertion is a string - security risk',
severity: 10
},
'create_function': {
replacement: 'Use anonymous functions (closures) instead',
reason: 'Deprecated in PHP 7.2, removed in PHP 8.0, security risk',
severity: 10
},
// Serialization - OBJECT INJECTION RISK
'serialize': {
replacement: '\\Magento\\Framework\\Serialize\\SerializerInterface::serialize',
reason: 'Object injection risk - use JSON serialization instead',
severity: 10
},
'unserialize': {
replacement: '\\Magento\\Framework\\Serialize\\SerializerInterface::unserialize',
reason: 'Object injection risk - can instantiate arbitrary objects',
severity: 10
},
// Weak cryptography
'md5': {
replacement: 'hash("sha256", $data) or password_hash() for passwords',
reason: 'Cryptographically weak - vulnerable to collision attacks',
severity: 10
},
'mt_rand': {
replacement: 'random_int()',
reason: 'Not cryptographically secure - predictable output',
severity: 10
},
'srand': {
replacement: null,
reason: 'Seeds predictable random number generator',
severity: 10
},
'mt_srand': {
replacement: null,
reason: 'Seeds predictable Mersenne Twister generator',
severity: 10
},
// Process control
'proc_nice': {
replacement: null,
reason: 'System resource manipulation - changes process priority',
severity: 10
},
'proc_close': {
replacement: null,
reason: 'Process control - closes process opened by proc_open',
severity: 10
},
'proc_terminate': {
replacement: null,
reason: 'Process control - kills a process',
severity: 10
},
'proc_get_status': {
replacement: null,
reason: 'Process control - gets information about a process',
severity: 10
},
};
/**
* Check if a function is insecure
*/
export function isInsecureFunction(functionName: string): boolean {
return functionName in INSECURE_FUNCTIONS;
}
/**
* Get information about an insecure function
*/
export function getInsecureFunctionInfo(functionName: string): InsecureFunction | null {
return INSECURE_FUNCTIONS[functionName] || null;
}
