From a1ee5e6682902d62fb9ff0f2e3b45e3bf4fe2692 Mon Sep 17 00:00:00 2001 From: Craig Francis Date: Tue, 8 Sep 2020 16:54:23 +0100 Subject: [PATCH] Additional MySQL sinks, ref Issue #4155 (#4158) --- src/Psalm/Internal/InternalTaintSinkMap.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/Psalm/Internal/InternalTaintSinkMap.php b/src/Psalm/Internal/InternalTaintSinkMap.php index c30038243..d6451202b 100644 --- a/src/Psalm/Internal/InternalTaintSinkMap.php +++ b/src/Psalm/Internal/InternalTaintSinkMap.php @@ -12,6 +12,16 @@ return [ 'igbinary_unserialize' => [['text']], 'ldap_search' => [['text']], 'mysqli_query' => [[], ['sql']], +'mysqli::query' => [['sql']], +'mysqli_real_query' => [[], ['sql']], +'mysqli::real_query' => [['sql']], +'mysqli_multi_query' => [[], ['sql']], +'mysqli::multi_query' => [['sql']], +'mysqli_prepare' => [[], ['sql']], +'mysqli::prepare' => [['sql']], +'mysqli_stmt::__construct' => [[], ['sql']], +'mysqli_stmt_prepare' => [[], ['sql']], +'mysqli_stmt::prepare' => [['sql']], 'passthru' => [['shell']], 'pcntl_exec' => [['shell']], 'PDO::prepare' => [['sql']],