2020-05-19 18:56:23 +02:00
|
|
|
<?php
|
|
|
|
|
namespace Psalm\Internal\Analyzer\Statements;
|
|
|
|
|
|
|
|
|
|
use PhpParser;
|
2021-06-08 04:55:21 +02:00
|
|
|
use Psalm\CodeLocation;
|
|
|
|
|
use Psalm\Context;
|
2020-05-19 18:56:23 +02:00
|
|
|
use Psalm\Internal\Analyzer\Statements\Expression\Call\ArgumentAnalyzer;
|
2020-06-29 18:11:11 +02:00
|
|
|
use Psalm\Internal\Analyzer\Statements\Expression\CastAnalyzer;
|
2020-05-19 18:56:23 +02:00
|
|
|
use Psalm\Internal\Analyzer\StatementsAnalyzer;
|
2020-09-30 18:28:13 +02:00
|
|
|
use Psalm\Internal\Codebase\TaintFlowGraph;
|
2021-06-08 04:55:21 +02:00
|
|
|
use Psalm\Internal\DataFlow\TaintSink;
|
2020-05-19 18:56:23 +02:00
|
|
|
use Psalm\Issue\ForbiddenCode;
|
|
|
|
|
use Psalm\Issue\ForbiddenEcho;
|
|
|
|
|
use Psalm\Issue\ImpureFunctionCall;
|
|
|
|
|
use Psalm\IssueBuffer;
|
|
|
|
|
use Psalm\Storage\FunctionLikeParameter;
|
|
|
|
|
use Psalm\Type;
|
|
|
|
|
|
|
|
|
|
class EchoAnalyzer
|
|
|
|
|
{
|
|
|
|
|
public static function analyze(
|
|
|
|
|
StatementsAnalyzer $statements_analyzer,
|
|
|
|
|
PhpParser\Node\Stmt\Echo_ $stmt,
|
|
|
|
|
Context $context
|
|
|
|
|
) : bool {
|
|
|
|
|
$echo_param = new FunctionLikeParameter(
|
|
|
|
|
'var',
|
|
|
|
|
false
|
|
|
|
|
);
|
|
|
|
|
|
2020-05-22 04:47:58 +02:00
|
|
|
$codebase = $statements_analyzer->getCodebase();
|
2020-05-19 18:56:23 +02:00
|
|
|
|
|
|
|
|
foreach ($stmt->exprs as $i => $expr) {
|
|
|
|
|
$context->inside_call = true;
|
|
|
|
|
ExpressionAnalyzer::analyze($statements_analyzer, $expr, $context);
|
|
|
|
|
$context->inside_call = false;
|
|
|
|
|
|
2020-11-08 16:18:32 +01:00
|
|
|
$expr_type = $statements_analyzer->node_data->getType($expr);
|
2020-06-29 18:11:11 +02:00
|
|
|
|
2020-10-13 23:28:12 +02:00
|
|
|
if ($statements_analyzer->data_flow_graph instanceof TaintFlowGraph) {
|
2021-03-21 01:53:51 +01:00
|
|
|
if ($expr_type) {
|
|
|
|
|
$expr_type = CastAnalyzer::castStringAttempt(
|
|
|
|
|
$statements_analyzer,
|
|
|
|
|
$context,
|
|
|
|
|
$expr_type,
|
|
|
|
|
$expr,
|
|
|
|
|
false
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-22 04:47:58 +02:00
|
|
|
$call_location = new CodeLocation($statements_analyzer->getSource(), $stmt);
|
|
|
|
|
|
2020-09-21 05:59:52 +02:00
|
|
|
$echo_param_sink = TaintSink::getForMethodArgument(
|
2020-05-22 04:47:58 +02:00
|
|
|
'echo',
|
|
|
|
|
'echo',
|
|
|
|
|
(int) $i,
|
2020-06-22 08:10:03 +02:00
|
|
|
null,
|
2020-05-22 04:47:58 +02:00
|
|
|
$call_location
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$echo_param_sink->taints = [
|
2020-05-25 19:10:06 +02:00
|
|
|
Type\TaintKind::INPUT_HTML,
|
|
|
|
|
Type\TaintKind::USER_SECRET,
|
|
|
|
|
Type\TaintKind::SYSTEM_SECRET
|
2020-05-22 04:47:58 +02:00
|
|
|
];
|
|
|
|
|
|
2020-10-13 23:28:12 +02:00
|
|
|
$statements_analyzer->data_flow_graph->addSink($echo_param_sink);
|
2020-05-22 04:47:58 +02:00
|
|
|
}
|
|
|
|
|
|
2020-11-08 16:06:39 +01:00
|
|
|
if (ArgumentAnalyzer::verifyType(
|
|
|
|
|
$statements_analyzer,
|
|
|
|
|
$expr_type ?: Type::getMixed(),
|
|
|
|
|
Type::getString(),
|
|
|
|
|
null,
|
|
|
|
|
'echo',
|
2020-11-18 15:59:54 +01:00
|
|
|
null,
|
2020-11-08 16:06:39 +01:00
|
|
|
(int)$i,
|
|
|
|
|
new CodeLocation($statements_analyzer->getSource(), $expr),
|
|
|
|
|
$expr,
|
|
|
|
|
$context,
|
|
|
|
|
$echo_param,
|
|
|
|
|
false,
|
|
|
|
|
null,
|
|
|
|
|
true,
|
|
|
|
|
true,
|
|
|
|
|
new CodeLocation($statements_analyzer, $stmt)
|
|
|
|
|
) === false) {
|
|
|
|
|
return false;
|
2020-05-19 18:56:23 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($codebase->config->forbid_echo) {
|
|
|
|
|
if (IssueBuffer::accepts(
|
|
|
|
|
new ForbiddenEcho(
|
|
|
|
|
'Use of echo',
|
|
|
|
|
new CodeLocation($statements_analyzer, $stmt)
|
|
|
|
|
),
|
|
|
|
|
$statements_analyzer->getSource()->getSuppressedIssues()
|
|
|
|
|
)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
} elseif (isset($codebase->config->forbidden_functions['echo'])) {
|
|
|
|
|
if (IssueBuffer::accepts(
|
|
|
|
|
new ForbiddenCode(
|
|
|
|
|
'Use of echo',
|
|
|
|
|
new CodeLocation($statements_analyzer, $stmt)
|
|
|
|
|
),
|
|
|
|
|
$statements_analyzer->getSource()->getSuppressedIssues()
|
|
|
|
|
)) {
|
|
|
|
|
// continue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-23 16:28:26 +02:00
|
|
|
if (!$context->collect_initializations && !$context->collect_mutations) {
|
|
|
|
|
if ($context->mutation_free || $context->external_mutation_free) {
|
|
|
|
|
if (IssueBuffer::accepts(
|
|
|
|
|
new ImpureFunctionCall(
|
|
|
|
|
'Cannot call echo from a mutation-free context',
|
|
|
|
|
new CodeLocation($statements_analyzer, $stmt)
|
|
|
|
|
),
|
|
|
|
|
$statements_analyzer->getSuppressedIssues()
|
|
|
|
|
)) {
|
|
|
|
|
// fall through
|
|
|
|
|
}
|
2020-08-28 18:42:55 +02:00
|
|
|
} elseif ($statements_analyzer->getSource() instanceof \Psalm\Internal\Analyzer\FunctionLikeAnalyzer
|
|
|
|
|
&& $statements_analyzer->getSource()->track_mutations
|
2020-08-23 16:28:26 +02:00
|
|
|
) {
|
2020-08-25 01:24:27 +02:00
|
|
|
$statements_analyzer->getSource()->inferred_has_mutation = true;
|
2020-08-23 16:28:26 +02:00
|
|
|
$statements_analyzer->getSource()->inferred_impure = true;
|
2020-05-19 18:56:23 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
