danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-11-30 04:39:00 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9170 from mmcev106/filter-var-pure

Browse Source 
Added @psalm-pure to filter_var()
This commit is contained in:
orklah 2023-02-02 23:39:06 +01:00 committed by GitHub
commit 54cd529642
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 87 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Psalm/Internal/Analyzer/Statements/Expression/Call/FunctionCallReturnTypeFetcher.php
View File

@ -658,7 +658,7 @@ class FunctionCallReturnTypeFetcher
$stmt->getArgs(),
$node_location,
$function_call_node,
$removed_taints,
array_merge($removed_taints, $conditionally_removed_taints),
$added_taints,
);
}

62
stubs/CoreGenericFunctions.phpstub
View File

@ -813,20 +813,82 @@ function array_sum(array $array) {}
function array_product(array $array) {}
/**
* @psalm-pure
*
* 257 is FILTER_VALIDATE_INT
* @psalm-taint-escape ($filter is 257 ? 'callable' : null)
* @psalm-taint-escape ($filter is 257 ? 'unserialize' : null)
* @psalm-taint-escape ($filter is 257 ? 'include' : null)
* @psalm-taint-escape ($filter is 257 ? 'eval' : null)
* @psalm-taint-escape ($filter is 257 ? 'ldap' : null)
* @psalm-taint-escape ($filter is 257 ? 'sql' : null)
* @psalm-taint-escape ($filter is 257 ? 'html' : null)
* @psalm-taint-escape ($filter is 257 ? 'has_quotes' : null)
* @psalm-taint-escape ($filter is 257 ? 'shell' : null)
* @psalm-taint-escape ($filter is 257 ? 'ssrf' : null)
* @psalm-taint-escape ($filter is 257 ? 'file' : null)
* @psalm-taint-escape ($filter is 257 ? 'cookie' : null)
* @psalm-taint-escape ($filter is 257 ? 'header' : null)
*
* 258 is FILTER_VALIDATE_BOOLEAN
* @psalm-taint-escape ($filter is 258 ? 'callable' : null)
* @psalm-taint-escape ($filter is 258 ? 'unserialize' : null)
* @psalm-taint-escape ($filter is 258 ? 'include' : null)
* @psalm-taint-escape ($filter is 258 ? 'eval' : null)
* @psalm-taint-escape ($filter is 258 ? 'ldap' : null)
* @psalm-taint-escape ($filter is 258 ? 'sql' : null)
* @psalm-taint-escape ($filter is 258 ? 'html' : null)
* @psalm-taint-escape ($filter is 258 ? 'has_quotes' : null)
* @psalm-taint-escape ($filter is 258 ? 'shell' : null)
* @psalm-taint-escape ($filter is 258 ? 'ssrf' : null)
* @psalm-taint-escape ($filter is 258 ? 'file' : null)
* @psalm-taint-escape ($filter is 258 ? 'cookie' : null)
* @psalm-taint-escape ($filter is 258 ? 'header' : null)
*
* 259 is FILTER_VALIDATE_FLOAT
* @psalm-taint-escape ($filter is 259 ? 'callable' : null)
* @psalm-taint-escape ($filter is 259 ? 'unserialize' : null)
* @psalm-taint-escape ($filter is 259 ? 'include' : null)
* @psalm-taint-escape ($filter is 259 ? 'eval' : null)
* @psalm-taint-escape ($filter is 259 ? 'ldap' : null)
* @psalm-taint-escape ($filter is 259 ? 'sql' : null)
* @psalm-taint-escape ($filter is 259 ? 'html' : null)
* @psalm-taint-escape ($filter is 259 ? 'has_quotes' : null)
* @psalm-taint-escape ($filter is 259 ? 'shell' : null)
* @psalm-taint-escape ($filter is 259 ? 'ssrf' : null)
* @psalm-taint-escape ($filter is 259 ? 'file' : null)
* @psalm-taint-escape ($filter is 259 ? 'cookie' : null)
* @psalm-taint-escape ($filter is 259 ? 'header' : null)
*
* 519 is FILTER_SANITIZE_NUMBER_INT
* @psalm-taint-escape ($filter is 519 ? 'callable' : null)
* @psalm-taint-escape ($filter is 519 ? 'unserialize' : null)
* @psalm-taint-escape ($filter is 519 ? 'include' : null)
* @psalm-taint-escape ($filter is 519 ? 'eval' : null)
* @psalm-taint-escape ($filter is 519 ? 'ldap' : null)
* @psalm-taint-escape ($filter is 519 ? 'sql' : null)
* @psalm-taint-escape ($filter is 519 ? 'html' : null)
* @psalm-taint-escape ($filter is 519 ? 'has_quotes' : null)
* @psalm-taint-escape ($filter is 519 ? 'shell' : null)
* @psalm-taint-escape ($filter is 519 ? 'ssrf' : null)
* @psalm-taint-escape ($filter is 519 ? 'file' : null)
* @psalm-taint-escape ($filter is 519 ? 'cookie' : null)
* @psalm-taint-escape ($filter is 519 ? 'header' : null)
*
* 520 is FILTER_SANITIZE_NUMBER_FLOAT
* @psalm-taint-escape ($filter is 520 ? 'callable' : null)
* @psalm-taint-escape ($filter is 520 ? 'unserialize' : null)
* @psalm-taint-escape ($filter is 520 ? 'include' : null)
* @psalm-taint-escape ($filter is 520 ? 'eval' : null)
* @psalm-taint-escape ($filter is 520 ? 'ldap' : null)
* @psalm-taint-escape ($filter is 520 ? 'sql' : null)
* @psalm-taint-escape ($filter is 520 ? 'html' : null)
* @psalm-taint-escape ($filter is 520 ? 'has_quotes' : null)
* @psalm-taint-escape ($filter is 520 ? 'shell' : null)
* @psalm-taint-escape ($filter is 520 ? 'ssrf' : null)
* @psalm-taint-escape ($filter is 520 ? 'file' : null)
* @psalm-taint-escape ($filter is 520 ? 'cookie' : null)
* @psalm-taint-escape ($filter is 520 ? 'header' : null)
*
* @psalm-flow ($value, $filter, $options) -> return
*/

36
tests/TaintTest.php
View File

@ -230,19 +230,31 @@ class TaintTest extends TestCase
echo $a;
}',
],
'taintFilterVarInt' => [
'taintFilterVar' => [
'code' => '<?php
echo filter_var($_GET["bad"], FILTER_VALIDATE_INT);
echo filter_var($_GET["bad"], FILTER_SANITIZE_NUMBER_INT);',
],
'taintFilterVarBoolean' => [
'code' => '<?php
echo filter_var($_GET["bad"], FILTER_VALIDATE_BOOLEAN);',
],
'taintFilterVarFloat' => [
'code' => '<?php
echo filter_var($_GET["bad"], FILTER_VALIDATE_FLOAT);
echo filter_var($_GET["bad"], FILTER_SANITIZE_NUMBER_FLOAT);',
$args = [
filter_var($_GET["bad"], FILTER_VALIDATE_INT),
filter_var($_GET["bad"], FILTER_VALIDATE_BOOLEAN),
filter_var($_GET["bad"], FILTER_VALIDATE_FLOAT),
filter_var($_GET["bad"], FILTER_SANITIZE_NUMBER_INT),
filter_var($_GET["bad"], FILTER_SANITIZE_NUMBER_FLOAT),
];
foreach($args as $arg){
new $arg;
unserialize($arg);
require_once $arg;
eval($arg);
ldap_connect($arg);
ldap_search("", "", $arg);
mysqli_query($conn, $arg);
echo $arg;
system($arg);
curl_init($arg);
file_get_contents($arg);
setcookie($arg);
header($arg);
}',
],
'taintLdapEscape' => [
'code' => '<?php