/**
* Méthode d'execution
*/
public function run()
{
// Initialisation des loggers
$this->getConfiguration()->initLoggers();
// Initialisation du process
$this->createProcess();
try {
// Lancement du process
$this->process->run(function ($type, $buffer) {
// On affiche le debug à l'écran pour s'assurer qu'aucune erreur
// bloquante n'est présente et suivre l'exécution des longs process
if ('err' === $type) {
echo 'ERR > ' . $buffer;
} else {
echo 'OUT > ' . $buffer;
}
});
// On récupère la sortie standard en cas de succès (STDOUT)
if ($this->process->isSuccessful()) {
$this->message .= $this->process->getOutput();
} else {
// On récupère la sortie standard en cas d'erreur (STDERR)
$this->message .= $this->process->getErrorOutput();
}
} catch (\Exception $e) {
$this->message .= $e->getMessage();
}
// Log du process
$this->report();
// Envoi des notifications
$this->notify();
}
protected function execute(InputInterface $input, OutputInterface $output)
{
/** @var FormatterHelper $formatter */
$formatter = $this->getHelper('formatter');
// $process = new Process('wkhtmltopdf http://google.com/ test.pdf');
// $process->run();
// $process->stop(3, SIGINT);
// $process->mustRun(function ($type, $message) use ($output, $formatter) {
// if ($type === Process::ERR) {
// $output->writeln($formatter->formatBlock($message, 'error'));
// } else {
// $output->writeln($formatter->formatBlock($message, 'comment'));
// }
// });
$process = new PhpProcess(<<<EOF
<?php
sleep(5);
echo "OK
";
?>
EOF
);
$process->start();
$process->stop(2, SIGINT);
if (!$process->isSuccessful()) {
$output->writeln($formatter->formatBlock($process->getErrorOutput(), 'error', true));
return;
}
$output->writeln($formatter->formatSection('success', $process->getOutput()));
}
/**
* {@inheritdoc}
*/
public function run(JobReportInterface $report)
{
try {
$this->process->start();
$this->savePid($this->process->getPid(), $report);
while ($this->process->isRunning()) {
// waiting for process to finish
}
if ($this->process->isSuccessful()) {
$report->setOutput(trim($this->process->getOutput()));
return JobState::STATE_FINISHED;
}
$report->setErrorOutput(trim($this->process->getErrorOutput()));
} catch (LogicException $e) {
$report->setErrorOutput($e->getMessage());
} catch (RuntimeException $e) {
$report->setErrorOutput($e->getMessage());
}
return JobState::STATE_FAILED;
}
function assertTranspile($yamlPath)
{
$input = new ArrayInput(array());
$stream = fopen('php://memory', 'rw', false);
$output = new StreamOutput($stream);
$symfonyio = new SymfonyIO($input, $output);
// Load and parse yaml
$config = Yaml::parse(file_get_contents($yamlPath));
if (!isset($config['stdout'])) {
$this->fail('Stdout section not found in $yamlPath');
}
if (!isset($config['code'])) {
$this->fail('Code section not found in $yamlPath');
}
// Create temp file for code to transpile
$tmpPath = tempnam(sys_get_temp_dir(), 'transphpile');
file_put_contents($tmpPath, "<?php\n" . $config['code']);
// Transpile code and send to stdout
$transpiler = new Transpile($symfonyio);
$transpiler->transpile($tmpPath, '-');
// unlink tmp file
unlink($tmpPath);
// Fetch php5 code written by transpiler
rewind($stream);
$php5 = stream_get_contents($stream);
// Run php5 code
$process = new PhpProcess($php5);
$process->run();
$stdout = $process->getOutput();
$stderr = $process->getErrorOutput();
// If we don't define stderr, there should not be any stderr output from our php5 file
if (!empty($stderr) && !isset($config['stderr'])) {
$this->fail('Error reported, but no stderr section found in $yamlPath');
}
// Check output
$config['stdout'] = trim($config['stdout']);
$this->assertRegExp('{' . $config['stdout'] . '}', $stdout, isset($config['name']) ? $config['name'] : "");
// Check stderr if any
if (isset($config['stderr'])) {
$config['stderr'] = trim($config['stderr']);
if (empty($stderr)) {
$this->fail('stderr seems empty but should contain an error');
}
$this->assertRegExp('{' . $config['stderr'] . '}', $stderr, isset($config['name']) ? $config['name'] : "");
}
}
protected function execute(InputInterface $input, OutputInterface $output)
{
$filename = $input->getArgument('filename');
if (null !== $filename) {
$filename = $this->getSnippetsPath() . DIRECTORY_SEPARATOR . $filename;
if (!file_exists($filename)) {
throw new InvalidArgumentException(sprintf('file "%s" does not exist', $filename));
}
$snippets = array(new \SplFileInfo($filename));
$nbSnippets = 1;
} else {
$snippets = $this->listSnippets(new Finder());
$nbSnippets = count($snippets->getIterator()->getIterator());
}
$dialog = $this->getHelperSet()->get('dialog');
$i = 0;
foreach ($snippets as $snippet) {
$snippetCode = file_get_contents($snippet->getRealpath());
$output->writeln(sprintf('<info>DEMO [%d/%d]:</info> %s', $i + 1, $nbSnippets, $snippet->getRealPath()));
$this->hr($output, 20);
$output->writeln('<info>CODE :</info>');
$output->writeln($snippetCode);
$this->hr($output, 20);
$dialog->askConfirmation($output, '<question>Press enter to see result</question>');
$output->writeln('<info>RESULT :</info>');
$process = new PhpProcess($snippetCode);
$process->run();
if (!$process->isSuccessful()) {
$output->writeln(array('<error>Error ::</error>', $process->getErrorOutput()));
}
$output->writeln(array('<comment>Output ::</comment>', $process->getOutput()));
$this->hr($output);
$i++;
if ($i < $nbSnippets) {
$dialog->askConfirmation($output, '<question>Press enter to continue</question>');
$output->writeln("[2J");
}
}
}
/**
* Makes a request in another process.
*
* @param Request $request A Request instance
*
* @return Response A Response instance
*
* @throws \RuntimeException When processing returns exit code
*/
protected function doRequestInProcess($request)
{
// We set the TMPDIR because on Macs, the temp directory changes based on the user.
$process = new PhpProcess($this->getScript($request), null, array('TMPDIR' => sys_get_temp_dir()));
$process->run();
if (!$process->isSuccessful() || !preg_match('/^O\:\d+\:/', $process->getOutput())) {
throw new \RuntimeException($process->getErrorOutput());
}
return unserialize($process->getOutput());
}
/**
* Makes a request in another process.
*
* @param object $request An origin request instance
*
* @return object An origin response instance
*
* @throws \RuntimeException When processing returns exit code
*/
protected function doRequestInProcess($request)
{
$process = new PhpProcess($this->getScript($request), null, null);
$process->run();
if (!$process->isSuccessful() || !preg_match('/^O\\:\\d+\\:/', $process->getOutput())) {
throw new \RuntimeException(sprintf('OUTPUT: %s ERROR OUTPUT: %s', $process->getOutput(), $process->getErrorOutput()));
}
return unserialize($process->getOutput());
}
/**
* Makes a request in another process.
*
* @param object $request An origin request instance
*
* @return object An origin response instance
*
* @throws \RuntimeException When processing returns exit code
*/
protected function doRequestInProcess($request)
{
// We set the TMPDIR (for Macs) and TEMP (for Windows), because on these platforms the temp directory changes based on the user.
$process = new PhpProcess($this->getScript($request), null, array('TMPDIR' => sys_get_temp_dir(), 'TEMP' => sys_get_temp_dir()));
$process->run();
if (!$process->isSuccessful() || !preg_match('/^O\\:\\d+\\:/', $process->getOutput())) {
throw new \RuntimeException(sprintf('OUTPUT: %s ERROR OUTPUT: %s', $process->getOutput(), $process->getErrorOutput()));
}
return unserialize($process->getOutput());
}
/**
* Makes a request in another process.
*
* @param Request $request A Request instance
*
* @return Response A Response instance
*
* @throws \RuntimeException When processing returns exit code
*/
protected function doRequestInProcess($request)
{
$process = new PhpProcess($this->getScript($request));
$process->run();
if (!$process->isSuccessful()) {
throw new \RuntimeException($process->getErrorOutput());
}
return unserialize($process->getOutput());
}
/**
* Test if it is safe to use the PHP function openssl_x509_parse().
*
* This checks if OpenSSL extensions is vulnerable to remote code execution
* via the exploit documented as CVE-2013-6420.
*
* @return bool
*/
public static function isOpensslParseSafe()
{
if (null !== self::$useOpensslParse) {
return self::$useOpensslParse;
}
if (PHP_VERSION_ID >= 50600) {
return self::$useOpensslParse = true;
}
// Vulnerable:
// PHP 5.3.0 - PHP 5.3.27
// PHP 5.4.0 - PHP 5.4.22
// PHP 5.5.0 - PHP 5.5.6
if (PHP_VERSION_ID < 50400 && PHP_VERSION_ID >= 50328 || PHP_VERSION_ID < 50500 && PHP_VERSION_ID >= 50423 || PHP_VERSION_ID < 50600 && PHP_VERSION_ID >= 50507) {
// This version of PHP has the fix for CVE-2013-6420 applied.
return self::$useOpensslParse = true;
}
if ('\\' === DIRECTORY_SEPARATOR) {
// Windows is probably insecure in this case.
return self::$useOpensslParse = false;
}
$compareDistroVersionPrefix = function ($prefix, $fixedVersion) {
$regex = '{^' . preg_quote($prefix) . '([0-9]+)$}';
if (preg_match($regex, PHP_VERSION, $m)) {
return (int) $m[1] >= $fixedVersion;
}
return false;
};
// Hard coded list of PHP distributions with the fix backported.
if ($compareDistroVersionPrefix('5.3.3-7+squeeze', 18) || $compareDistroVersionPrefix('5.4.4-14+deb7u', 7) || $compareDistroVersionPrefix('5.3.10-1ubuntu3.', 9)) {
return self::$useOpensslParse = true;
}
// This is where things get crazy, because distros backport security
// fixes the chances are on NIX systems the fix has been applied but
// it's not possible to verify that from the PHP version.
//
// To verify exec a new PHP process and run the issue testcase with
// known safe input that replicates the bug.
// Based on testcase in https://github.com/php/php-src/commit/c1224573c773b6845e83505f717fbf820fc18415
// changes in https://github.com/php/php-src/commit/76a7fd893b7d6101300cc656058704a73254d593
$cert = 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVwRENDQTR5Z0F3SUJBZ0lKQUp6dThyNnU2ZUJjTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUhETVFzd0NRWUQKVlFRR0V3SkVSVEVjTUJvR0ExVUVDQXdUVG05eVpISm9aV2x1TFZkbGMzUm1ZV3hsYmpFUU1BNEdBMVVFQnd3SApTOE9Ed3Jac2JqRVVNQklHQTFVRUNnd0xVMlZyZEdsdmJrVnBibk14SHpBZEJnTlZCQXNNRmsxaGJHbGphVzkxCmN5QkRaWEowSUZObFkzUnBiMjR4SVRBZkJnTlZCQU1NR0cxaGJHbGphVzkxY3k1elpXdDBhVzl1WldsdWN5NWsKWlRFcU1DZ0dDU3FHU0liM0RRRUpBUlliYzNSbFptRnVMbVZ6YzJWeVFITmxhM1JwYjI1bGFXNXpMbVJsTUhVWQpaREU1TnpBd01UQXhNREF3TURBd1dnQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBCkFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUEKQUFBQUFBQVhEVEUwTVRFeU9ERXhNemt6TlZvd2djTXhDekFKQmdOVkJBWVRBa1JGTVJ3d0dnWURWUVFJREJOTwpiM0prY21obGFXNHRWMlZ6ZEdaaGJHVnVNUkF3RGdZRFZRUUhEQWRMdzRQQ3RteHVNUlF3RWdZRFZRUUtEQXRUClpXdDBhVzl1UldsdWN6RWZNQjBHQTFVRUN3d1dUV0ZzYVdOcGIzVnpJRU5sY25RZ1UyVmpkR2x2YmpFaE1COEcKQTFVRUF3d1liV0ZzYVdOcGIzVnpMbk5sYTNScGIyNWxhVzV6TG1SbE1Tb3dLQVlKS29aSWh2Y05BUWtCRmh0egpkR1ZtWVc0dVpYTnpaWEpBYzJWcmRHbHZibVZwYm5NdVpHVXdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCCkR3QXdnZ0VLQW9JQkFRRERBZjNobDdKWTBYY0ZuaXlFSnBTU0RxbjBPcUJyNlFQNjV1c0pQUnQvOFBhRG9xQnUKd0VZVC9OYSs2ZnNnUGpDMHVLOURaZ1dnMnRIV1dvYW5TYmxBTW96NVBINlorUzRTSFJaN2UyZERJalBqZGhqaAowbUxnMlVNTzV5cDBWNzk3R2dzOWxOdDZKUmZIODFNTjJvYlhXczROdHp0TE11RDZlZ3FwcjhkRGJyMzRhT3M4CnBrZHVpNVVhd1Raa3N5NXBMUEhxNWNNaEZHbTA2djY1Q0xvMFYyUGQ5K0tBb2tQclBjTjVLTEtlYno3bUxwazYKU01lRVhPS1A0aWRFcXh5UTdPN2ZCdUhNZWRzUWh1K3ByWTNzaTNCVXlLZlF0UDVDWm5YMmJwMHdLSHhYMTJEWAoxbmZGSXQ5RGJHdkhUY3lPdU4rblpMUEJtM3ZXeG50eUlJdlZBZ01CQUFHalFqQkFNQWtHQTFVZEV3UUNNQUF3CkVRWUpZSVpJQVliNFFnRUJCQVFEQWdlQU1Bc0dBMVVkRHdRRUF3SUZvREFUQmdOVkhTVUVEREFLQmdnckJnRUYKQlFjREFqQU5CZ2txaGtpRzl3MEJBUVVGQUFPQ0FRRUFHMGZaWVlDVGJkajFYWWMrMVNub2FQUit2SThDOENhRAo4KzBVWWhkbnlVNGdnYTBCQWNEclk5ZTk0ZUVBdTZacXljRjZGakxxWFhkQWJvcHBXb2NyNlQ2R0QxeDMzQ2tsClZBcnpHL0t4UW9oR0QySmVxa2hJTWxEb214SE83a2EzOStPYThpMnZXTFZ5alU4QVp2V01BcnVIYTRFRU55RzcKbFcyQWFnYUZLRkNyOVRuWFRmcmR4R1ZFYnY3S1ZRNmJkaGc1cDVTanBXSDErTXEwM3VSM1pYUEJZZHlWODMxOQpvMGxWajFLRkkyRENML2xpV2lzSlJvb2YrMWNSMzVDdGQwd1lCY3BCNlRac2xNY09QbDc2ZHdLd0pnZUpvMlFnClpzZm1jMnZDMS9xT2xOdU5xLzBUenprVkd2OEVUVDNDZ2FVK1VYZTRYT1Z2a2NjZWJKbjJkZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K';
$script = <<<'EOT'
error_reporting(-1);
$info = openssl_x509_parse(base64_decode('%s'));
var_dump(PHP_VERSION, $info['issuer']['emailAddress'], $info['validFrom_time_t']);
EOT;
$script = '<' . "?php\n" . sprintf($script, $cert);
try {
$process = new PhpProcess($script);
$process->mustRun();
} catch (\Exception $e) {
// In the case of any exceptions just accept it is not possible to
// determine the safety of openssl_x509_parse and bail out.
return self::$useOpensslParse = false;
}
$output = preg_split('{\\r?\\n}', trim($process->getOutput()));
$errorOutput = trim($process->getErrorOutput());
if (count($output) === 3 && $output[0] === sprintf('string(%d) "%s"', strlen(PHP_VERSION), PHP_VERSION) && $output[1] === 'string(27) "*****@*****.**"' && $output[2] === 'int(-1)' && preg_match('{openssl_x509_parse\\(\\): illegal (?:ASN1 data type for|length in) timestamp in - on line \\d+}', $errorOutput)) {
// This PHP has the fix backported probably by a distro security team.
return self::$useOpensslParse = true;
}
return self::$useOpensslParse = false;
}
protected function loadRaw($model, $parsePhp = false)
{
$content = file_get_contents(sprintf(__DIR__ . '/%s.yml', $model));
if ($parsePhp) {
$process = new PhpProcess($content);
$process->run();
if (!$process->isSuccessful()) {
throw new \RuntimeException($process->getErrorOutput());
}
$content = $process->getOutput();
}
return Yaml::parse($content);
}
/**
* Makes a request in another process.
*
* @param object $request An origin request instance
*
* @return object An origin response instance
*
* @throws \RuntimeException When processing returns exit code
* @see \Symfony\Component\BrowserKit\Client
* @see \Symfony\Component\HttpKernel\Client
*/
protected function doRequestInProcess($request)
{
// We set the TMPDIR (for Macs) and TEMP (for Windows), because on these platforms the temp directory changes based on the user.
$process = new PhpProcess($this->getScript($request), $this->rootDir, array('TMPDIR' => sys_get_temp_dir(), 'TEMP' => sys_get_temp_dir()));
$process->setPhpBinary('php-cgi');
$process->run();
// I think the second hcheck validates that the response is serialized, but that's not what we want here.
//if (!$process->isSuccessful() || !preg_match('/^O\:\d+\:/', $process->getOutput())) {
if (!$process->isSuccessful()) {
throw new \RuntimeException(sprintf('OUTPUT: %s ERROR OUTPUT: %s', $process->getOutput(), $process->getErrorOutput()));
}
return $process->getOutput();
}
