Add sink for print_r

2024-11-27 04:45:20 +01:00 · 2019-10-18 15:28:15 -04:00 · 2019-10-18 15:28:15 -04:00 · 8978e5c7f1
commit 8978e5c7f1
parent 46b57cc0bb
1 changed files with 6 additions and 0 deletions
--- a/src/Psalm/Internal/Codebase/CallMap.php
+++ b/src/Psalm/Internal/Codebase/CallMap.php
@ -274,6 +274,12 @@ class CallMap
                    $function_param->sink = Type\Union::TAINTED_INPUT_SHELL;
                }

+                if ($arg_offset === 0
+                    && ($function_id === 'print_r')
+                ) {
+                    $function_param->sink = Type\Union::TAINTED_INPUT_HTML;
+                }
+
                $function_param->signature_type = null;

                $function_params[] = $function_param;