Add support for argument unpacking

Ref #3670
2024-11-26 20:34:47 +01:00 · 2020-06-24 18:43:15 -04:00 · 2020-06-24 18:43:15 -04:00 · a6c7a48387
commit a6c7a48387
parent d03a53a5ad
2 changed files with 23 additions and 0 deletions
--- a/src/Psalm/Internal/Analyzer/Statements/Expression/Call/ArgumentAnalyzer.php
+++ b/src/Psalm/Internal/Analyzer/Statements/Expression/Call/ArgumentAnalyzer.php
@ -343,6 +343,21 @@ class ArgumentAnalyzer
                    // fall through
                }

+                if ($cased_method_id) {
+                    $arg_location = new CodeLocation($statements_analyzer->getSource(), $arg->value);
+
+                    self::processTaintedness(
+                        $statements_analyzer,
+                        $cased_method_id,
+                        $argument_offset,
+                        $arg_location,
+                        $function_call_location,
+                        $function_param,
+                        $arg_type,
+                        $specialize_taint
+                    );
+                }
+
                return;
            }

--- a/tests/TaintTest.php
+++ b/tests/TaintTest.php
@ -1222,6 +1222,14 @@ class TaintTest extends TestCase
                    print($_GET["name"]);',
                'error_message' => 'TaintedInput - src/somefile.php:2:27 - Detected tainted html in path: $_GET -> $_GET[\'name\'] (src/somefile.php:2:27) -> call to print (src/somefile.php:2:27) -> print#1',
            ],
+            'unpackArgs' => [
+                '<?php
+                    function test(...$args) {
+                        echo $args[0];
+                    }
+                    test(...$_GET["other"]);',
+                'error_message' => 'TaintedInput',
+            ],
        ];
    }
 }