diff --git a/src/ValidatorVisitor.php b/src/ValidatorVisitor.php index 695cdc5..33650c5 100644 --- a/src/ValidatorVisitor.php +++ b/src/ValidatorVisitor.php @@ -287,6 +287,10 @@ public function leaveNode(Node $node){ if($this->sandbox->isDefinedClass($class)){ $node->type = new Node\Name($this->sandbox->getDefinedClass($class)); } + if ($this->sandbox->isWhitelistedInterface($class)) + $this->sandbox->checkInterface($class); + else + $this->sandbox->checkType($class); return $node; } else if($node instanceof Node\Expr\New_){ if(!$this->sandbox->allow_objects){ @@ -358,6 +362,10 @@ public function leaveNode(Node $node){ } else { $this->sandbox->validationError("Sandboxed code attempted use invalid namespace or alias!", Error::DEFINE_ALIAS_ERROR, $node); } + if ($this->sandbox->isWhitelistedInterface($use->alias)) + $this->sandbox->checkInterface($use->alias); + else + $this->sandbox->checkType($use->alias); } return false; } else if($node instanceof Node\Expr\ShellExec){ diff --git a/tests/DefaultConfigTest.php b/tests/DefaultConfigTest.php index af4f488..fd3c558 100644 --- a/tests/DefaultConfigTest.php +++ b/tests/DefaultConfigTest.php @@ -431,4 +431,24 @@ public function testWhitelistMagicConstants(){ $this->sandbox->whitelistMagicConst('DIR'); $this->assertEquals(str_replace('tests', 'src', __DIR__), $this->sandbox->execute(function(){ return __DIR__; })); } + + /** + * Test whether sandbox disallows non-whitelisted classes in use statements + */ + public function testDisallowsTypeInUse(){ + $this->expectException('PHPSandbox\Error'); + $this->sandbox->allow_aliases = true; + $this->sandbox->execute('use TestClass;'); + } + + /** + * Test whether sandbox disallows non-whitelisted classes in parameter type hints + */ + public function testDisallowsTypeInParam(){ + $this->expectException('PHPSandbox\Error'); + $this->sandbox->allow_functions = true; + $this->sandbox->execute(function() { + function testTypeInParam(TestClass $param) {}; + }); + } } \ No newline at end of file