danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2025-01-21 21:31:13 +01:00
Code Issues Projects Releases Wiki Activity

Array cast pass taints

Browse Source
This commit is contained in:
orklah 2021-11-03 21:11:06 +01:00
parent 73fb04fce7
commit 24137bdbad
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Psalm/Internal/Analyzer/Statements/Expression/CastAnalyzer.php
View File

@ -232,8 +232,7 @@ class CastAnalyzer
$type = Type::getArray();
}
if ($statements_analyzer->data_flow_graph instanceof \Psalm\Internal\Codebase\VariableUseGraph
) {
if ($statements_analyzer->data_flow_graph) {
$type->parent_nodes = $stmt_expr_type->parent_nodes ?? [];
}

10
tests/TaintTest.php
View File

@ -2182,6 +2182,16 @@ class TaintTest extends TestCase
'error_message' => 'TaintedHtml',
],
*/
'castToArrayPassTaints' => [
'<?php
$args = $_POST;
$args = (array) $args;
pg_query($connection, "SELECT * FROM tableA where key = " .$args["key"]);
',
'error_message' => 'TaintedSql',
],
];
}