2020-06-19 17:56:04 +02:00
# Custom Taint Sources
2020-06-21 07:02:00 +02:00
You can define your own taint sources with an annotation or a plugin.
2020-06-22 06:18:15 +02:00
## Taint source annotation
2020-06-21 07:02:00 +02:00
You can use the annotation `@psalm-taint-source <taint-type>` to indicate a function or method that provides user input.
2021-01-25 17:04:00 +01:00
In the below example the `input` taint type is specified as a standin for input taints as defined in [Psalm\Type\TaintKindGroup ](https://github.com/vimeo/psalm/blob/master/src/Psalm/Type/TaintKindGroup.php ).
2020-06-21 07:02:00 +02:00
```php
/**
* @psalm -taint-source input
*/
function getQueryParam(string $name) : string {}
```
## Custom taint plugin
2020-06-19 17:56:04 +02:00
For example this plugin treats all variables named `$bad_data` as taint sources.
```php
< ?php
namespace Some\Ns;
use PhpParser;
use Psalm\CodeLocation;
use Psalm\Context;
use Psalm\FileManipulation;
2021-01-06 15:05:53 +01:00
use Psalm\Plugin\EventHandler\AfterExpressionAnalysisInterface;
use Psalm\Plugin\EventHandler\Event\AfterExpressionAnalysisEvent;
2020-06-19 17:56:04 +02:00
use Psalm\Type\TaintKindGroup;
class BadSqlTainter implements AfterExpressionAnalysisInterface
{
/**
* Called after an expression has been checked
*
* @param PhpParser\Node\Expr $expr
* @param Context $context
* @param FileManipulation[] $file_replacements
*
* @return void
*/
2021-01-06 15:05:53 +01:00
public static function afterExpressionAnalysis(AfterExpressionAnalysisEvent $event): ?bool {
$expr = $event->getExpr();
$statements_source = $event->getStatementsSource();
$codebase = $event->getCodebase();
2020-06-19 17:56:04 +02:00
if ($expr instanceof PhpParser\Node\Expr\Variable
2020-11-16 02:28:24 +01:00
& & $expr->name === 'bad_data'
2020-06-19 17:56:04 +02:00
) {
$expr_type = $statements_source->getNodeTypeProvider()->getType($expr);
// should be a globally unique id
// you can use its line number/start offset
$expr_identifier = '$bad_data'
. '-' . $statements_source->getFileName()
. ':' . $expr->getAttribute('startFilePos');
if ($expr_type) {
$codebase->addTaintSource(
$expr_type,
$expr_identifier,
TaintKindGroup::ALL_INPUT,
new CodeLocation($statements_source, $expr)
);
}
}
}
}
```