From 4f316b2ed397bb331ef89f2cd2d8ce92a725ccba Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sun, 29 Jan 2023 18:53:51 +0100
Subject: PHPStan level 9 for ./p/ and lib_rss.php (#5049)

And app/FreshRSS.php
Contributes to https://github.com/FreshRSS/FreshRSS/issues/4112
---
 p/ext.php | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

(limited to 'p/ext.php')

diff --git a/p/ext.php b/p/ext.php
index 9427f8c20..abc07ad12 100644
--- a/p/ext.php
+++ b/p/ext.php
@@ -13,10 +13,7 @@ const SUPPORTED_TYPES = [
 	'svg' => 'image/svg+xml',
 ];
 
-/**
- * @return string
- */
-function get_absolute_filename(string $file_name) {
+function get_absolute_filename(string $file_name): string {
 	$core_extension = realpath(CORE_EXTENSIONS_PATH . '/' . $file_name);
 	if (false !== $core_extension) {
 		return $core_extension;
@@ -40,9 +37,12 @@ function get_absolute_filename(string $file_name) {
 	return '';
 }
 
-function is_valid_path_extension($path, $extensionPath, $isStatic = true) {
+function is_valid_path_extension(string $path, string $extensionPath, bool $isStatic = true): bool {
 	// It must be under the extension path.
 	$real_ext_path = realpath($extensionPath);
+	if ($real_ext_path == false) {
+		return false;
+	}
 
 	//Windows compatibility
 	$real_ext_path = str_replace('\\', '/', $real_ext_path);
@@ -60,7 +60,7 @@ function is_valid_path_extension($path, $extensionPath, $isStatic = true) {
 
 	// Static files to serve must be under a `ext_dir/static/` directory.
 	$path_relative_to_ext = substr($path, strlen($real_ext_path) + 1);
-	list(,$static,$file) = sscanf($path_relative_to_ext, '%[^/]/%[^/]/%s');
+	list(, $static, $file) = sscanf($path_relative_to_ext, '%[^/]/%[^/]/%s') ?? [null, null, null];
 	if (null === $file || 'static' !== $static) {
 		return false;
 	}
@@ -78,16 +78,18 @@ function is_valid_path_extension($path, $extensionPath, $isStatic = true) {
  * @return bool true if it can be served, false otherwise.
  *
  */
-function is_valid_path($path) {
+function is_valid_path(string $path): bool {
 	return is_valid_path_extension($path, CORE_EXTENSIONS_PATH) || is_valid_path_extension($path, THIRDPARTY_EXTENSIONS_PATH)
 		|| is_valid_path_extension($path, USERS_PATH, false);
 }
 
+/** @return never */
 function sendBadRequestResponse(string $message = null) {
 	header('HTTP/1.1 400 Bad Request');
 	die($message);
 }
 
+/** @return never */
 function sendNotFoundResponse() {
 	header('HTTP/1.1 404 Not Found');
 	die();
-- 
cgit v1.2.3