danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-11-26 20:34:47 +01:00
Code Issues Projects Releases Wiki Activity

Allow more things to be suppressed with @psalm-suppress TaintedInput

Browse Source
This commit is contained in:
Brown 2020-07-02 11:53:44 -04:00
parent fab07c58bd
commit 67b2edc328
8 changed files with 46 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Psalm/Internal/Analyzer/Statements/Expression/Assignment/InstancePropertyAssignmentAnalyzer.php
View File

@ -1112,7 +1112,6 @@ class InstancePropertyAssignmentAnalyzer
if (!$codebase->taint
|| !$codebase->config->trackTaintsInPath($statements_analyzer->getFilePath())
|| \in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())
) {
return;
}
@ -1134,6 +1133,11 @@ class InstancePropertyAssignmentAnalyzer
);
if ($var_id) {
if (\in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())) {
$context->vars_in_scope[$var_id]->parent_nodes = [];
return;
}
$var_node = TaintNode::getForAssignment(
$var_id,
$var_location

19
src/Psalm/Internal/Analyzer/Statements/Expression/AssignmentAnalyzer.php
View File

@ -943,20 +943,23 @@ class AssignmentAnalyzer
if ($codebase->taint
&& $codebase->config->trackTaintsInPath($statements_analyzer->getFilePath())
&& !\in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())
) {
if ($context->vars_in_scope[$var_id]->parent_nodes) {
$var_location = new CodeLocation($statements_analyzer->getSource(), $assign_var);
if (\in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())) {
$context->vars_in_scope[$var_id]->parent_nodes = [];
} else {
$var_location = new CodeLocation($statements_analyzer->getSource(), $assign_var);
$new_parent_node = \Psalm\Internal\Taint\TaintNode::getForAssignment($var_id, $var_location);
$new_parent_node = \Psalm\Internal\Taint\TaintNode::getForAssignment($var_id, $var_location);
$codebase->taint->addTaintNode($new_parent_node);
$codebase->taint->addTaintNode($new_parent_node);
foreach ($context->vars_in_scope[$var_id]->parent_nodes as $parent_node) {
$codebase->taint->addPath($parent_node, $new_parent_node, '=', [], $removed_taints);
foreach ($context->vars_in_scope[$var_id]->parent_nodes as $parent_node) {
$codebase->taint->addPath($parent_node, $new_parent_node, '=', [], $removed_taints);
}
$context->vars_in_scope[$var_id]->parent_nodes = [$new_parent_node];
}
$context->vars_in_scope[$var_id]->parent_nodes = [$new_parent_node];
}
}
}

1
src/Psalm/Internal/Analyzer/Statements/Expression/Call/NewAnalyzer.php
View File

@ -572,6 +572,7 @@ class NewAnalyzer extends \Psalm\Internal\Analyzer\Statements\Expression\CallAna
if ($codebase->taint
&& $codebase->config->trackTaintsInPath($statements_analyzer->getFilePath())
&& !\in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())
&& ($stmt_type = $statements_analyzer->node_data->getType($stmt))
) {
$code_location = new CodeLocation($statements_analyzer->getSource(), $stmt);

1
src/Psalm/Internal/Analyzer/Statements/Expression/Call/StaticCallAnalyzer.php
View File

@ -1358,6 +1358,7 @@ class StaticCallAnalyzer extends \Psalm\Internal\Analyzer\Statements\Expression\
if (!$codebase->taint
|| !$codebase->config->trackTaintsInPath($statements_analyzer->getFilePath())
|| \in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())
) {
return;
}

6
src/Psalm/Internal/Analyzer/Statements/Expression/Fetch/ArrayFetchAnalyzer.php
View File

@ -318,8 +318,12 @@ class ArrayFetchAnalyzer
&& ($stmt_var_type = $statements_analyzer->node_data->getType($var))
&& $stmt_var_type->parent_nodes
&& $codebase->config->trackTaintsInPath($statements_analyzer->getFilePath())
&& !\in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())
) {
if (\in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())) {
$stmt_var_type->parent_nodes = [];
return;
}
$var_location = new CodeLocation($statements_analyzer->getSource(), $var);
$new_parent_node = \Psalm\Internal\Taint\TaintNode::getForAssignment(

10
src/Psalm/Internal/Analyzer/Statements/Expression/Fetch/InstancePropertyFetchAnalyzer.php
View File

@ -1076,7 +1076,6 @@ class InstancePropertyFetchAnalyzer
if (!$codebase->taint
|| !$codebase->config->trackTaintsInPath($statements_analyzer->getFilePath())
|| \in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())
) {
return;
}
@ -1098,6 +1097,13 @@ class InstancePropertyFetchAnalyzer
);
if ($var_id) {
$var_type = $statements_analyzer->node_data->getType($stmt->var);
if ($var_type && \in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())) {
$var_type->parent_nodes = [];
return;
}
$var_node = TaintNode::getForAssignment(
$var_id,
$var_location
@ -1119,8 +1125,6 @@ class InstancePropertyFetchAnalyzer
. ($stmt->name instanceof PhpParser\Node\Identifier ? '-' . $stmt->name : '')
);
$var_type = $statements_analyzer->node_data->getType($stmt->var);
if ($var_type && $var_type->parent_nodes) {
foreach ($var_type->parent_nodes as $parent_node) {
$codebase->taint->addPath(

5
src/Psalm/Internal/Analyzer/Statements/Expression/Fetch/VariableFetchAnalyzer.php
View File

@ -360,7 +360,10 @@ class VariableFetchAnalyzer
) : void {
$codebase = $statements_analyzer->getCodebase();
if ($codebase->taint && $codebase->config->trackTaintsInPath($statements_analyzer->getFilePath())) {
if ($codebase->taint
&& $codebase->config->trackTaintsInPath($statements_analyzer->getFilePath())
&& !\in_array('TaintedInput', $statements_analyzer->getSuppressedIssues())
) {
if ($var_name === '$_GET'
|| $var_name === '$_POST'
|| $var_name === '$_COOKIE'

12
tests/TaintTest.php
View File

@ -474,6 +474,18 @@ class TaintTest extends TestCase
echo $_GET["x"];
}'
],
'suppressTaintedAssignment' => [
'<?php
$b = $_GET["x"];
/**
* @psalm-suppress TaintedInput
*/
$a = $b;
echo $a;'
]
];
}