danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2025-01-22 05:41:20 +01:00
Code Issues Projects Releases Wiki Activity

Add taintedness to magic property fetches

Browse Source
This commit is contained in:
Brown 2019-08-06 12:54:12 -04:00
parent 17753865f3
commit 0dc6b74fb4
1 changed files with 26 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
src/Psalm/Internal/Analyzer/Statements/Expression/Fetch/PropertyFetchAnalyzer.php
View File

@ -174,17 +174,7 @@ class PropertyFetchAnalyzer
$property_id = $lhs_type_part->value . '::$' . $stmt->name->name; $property_id = $lhs_type_part->value . '::$' . $stmt->name->name;
if ($codebase->taint) { self::processTaints($statements_analyzer, $stmt, $stmt->inferredType, $property_id);
$method_source = new TypeSource(
$property_id,
new CodeLocation($statements_analyzer, $stmt->name)
);
if ($codebase->taint->hasPreviousSource($method_source)) {
$stmt->inferredType->tainted = 1;
$stmt->inferredType->sources = [$method_source];
}
}
$codebase->properties->propertyExists( $codebase->properties->propertyExists(
$property_id, $property_id,
@ -501,6 +491,7 @@ class PropertyFetchAnalyzer
if (isset($class_storage->pseudo_property_get_types['$' . $prop_name])) { if (isset($class_storage->pseudo_property_get_types['$' . $prop_name])) {
$stmt->inferredType = clone $class_storage->pseudo_property_get_types['$' . $prop_name]; $stmt->inferredType = clone $class_storage->pseudo_property_get_types['$' . $prop_name];
self::processTaints($statements_analyzer, $stmt, $stmt->inferredType, $property_id);
continue; continue;
} }
@ -546,17 +537,7 @@ class PropertyFetchAnalyzer
$property_id = $lhs_type_part->value . '::$' . $prop_name; $property_id = $lhs_type_part->value . '::$' . $prop_name;
if ($codebase->taint) { self::processTaints($statements_analyzer, $stmt, $stmt->inferredType, $property_id);
$method_source = new TypeSource(
$property_id,
new CodeLocation($statements_analyzer, $stmt->name)
);
if ($codebase->taint->hasPreviousSource($method_source)) {
$stmt->inferredType->tainted = 1;
$stmt->inferredType->sources = [$method_source];
}
}
/* /*
* If we have an explicit list of all allowed magic properties on the class, and we're * If we have an explicit list of all allowed magic properties on the class, and we're
@ -810,14 +791,7 @@ class PropertyFetchAnalyzer
} }
} }
if ($codebase->taint) { self::processTaints($statements_analyzer, $stmt, $class_property_type, $property_id);
$method_source = new TypeSource($property_id, new CodeLocation($statements_analyzer, $stmt->name));
if ($codebase->taint->hasPreviousSource($method_source)) {
$class_property_type->tainted = 1;
$class_property_type->sources = [$method_source];
}
}
if (isset($stmt->inferredType)) { if (isset($stmt->inferredType)) {
$stmt->inferredType = Type::combineUnionTypes($class_property_type, $stmt->inferredType); $stmt->inferredType = Type::combineUnionTypes($class_property_type, $stmt->inferredType);
@ -869,6 +843,28 @@ class PropertyFetchAnalyzer
} }
} }
private static function processTaints(
StatementsAnalyzer $statements_analyzer,
PhpParser\Node\Expr\PropertyFetch $stmt,
Type\Union $type,
string $property_id
) : void {
$codebase = $statements_analyzer->getCodebase();
if ($codebase->taint) {
$method_source = new TypeSource(
$property_id,
new CodeLocation($statements_analyzer, $stmt->name)
);
$type->sources = [$method_source];
if ($codebase->taint->hasPreviousSource($method_source)) {
$type->tainted = 1;
}
}
}
/** /**
* @param StatementsAnalyzer $statements_analyzer * @param StatementsAnalyzer $statements_analyzer
* @param PhpParser\Node\Expr\StaticPropertyFetch $stmt * @param PhpParser\Node\Expr\StaticPropertyFetch $stmt