diff --git a/Magento2/Sniffs/Security/InsecureFunctionSniff.php b/Magento2/Sniffs/Security/InsecureFunctionSniff.php index 68b09382..7382bb3a 100644 --- a/Magento2/Sniffs/Security/InsecureFunctionSniff.php +++ b/Magento2/Sniffs/Security/InsecureFunctionSniff.php @@ -28,15 +28,17 @@ class InsecureFunctionSniff extends ForbiddenFunctionsSniff 'assert' => null, 'create_function' => null, 'exec' => null, + 'json_decode' => 'injection \Magento\Framework\Serialize\SerializerInterface to your construct and unserialize', + 'json_encode' => 'injection \Magento\Framework\Serialize\SerializerInterface to your construct and serialize', 'md5' => 'improved hash functions (SHA-256, SHA-512 etc.)', 'passthru' => null, 'pcntl_exec' => null, 'popen' => null, 'proc_open' => null, - 'serialize' => '\Magento\Framework\Serialize\SerializerInterface::serialize', + 'serialize' => 'injection \Magento\Framework\Serialize\SerializerInterface to your construct and serialize', 'shell_exec' => null, 'system' => null, - 'unserialize' => '\Magento\Framework\Serialize\SerializerInterface::unserialize', + 'unserialize' => 'injection \Magento\Framework\Serialize\SerializerInterface to your construct and unserialize', 'srand' => null, 'mt_srand'=> null, ]; diff --git a/Magento2/Tests/Security/InsecureFunctionUnitTest.inc b/Magento2/Tests/Security/InsecureFunctionUnitTest.inc index a502580a..f2768050 100644 --- a/Magento2/Tests/Security/InsecureFunctionUnitTest.inc +++ b/Magento2/Tests/Security/InsecureFunctionUnitTest.inc @@ -27,3 +27,7 @@ pcntl_exec('path/goes/here'); srand(); mt_srand(); + +json_encode([]); + +json_decode('[]'); diff --git a/Magento2/Tests/Security/InsecureFunctionUnitTest.php b/Magento2/Tests/Security/InsecureFunctionUnitTest.php index 5a35a8d2..650f8a84 100644 --- a/Magento2/Tests/Security/InsecureFunctionUnitTest.php +++ b/Magento2/Tests/Security/InsecureFunctionUnitTest.php @@ -40,6 +40,8 @@ public function getWarningList() 25 => 1, 27 => 1, 29 => 1, + 31 => 1, + 33 => 1 ]; } }