danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2025-01-22 05:41:20 +01:00
Code Issues Projects Releases Wiki Activity

Taint can't transmit through numerics nor bool

Browse Source
This commit is contained in:
orklah 2021-11-25 22:51:35 +01:00
parent 3bc06a8eab
commit ab61eae5c9
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/Psalm/Internal/Analyzer/FunctionLikeAnalyzer.php
View File

@ -12,6 +12,7 @@ use Psalm\Context;
use Psalm\Internal\Analyzer\FunctionLike\ReturnTypeAnalyzer; use Psalm\Internal\Analyzer\FunctionLike\ReturnTypeAnalyzer;
use Psalm\Internal\Analyzer\FunctionLike\ReturnTypeCollector; use Psalm\Internal\Analyzer\FunctionLike\ReturnTypeCollector;
use Psalm\Internal\Analyzer\Statements\ExpressionAnalyzer; use Psalm\Internal\Analyzer\Statements\ExpressionAnalyzer;
use Psalm\Internal\Codebase\TaintFlowGraph;
use Psalm\Internal\DataFlow\DataFlowNode; use Psalm\Internal\DataFlow\DataFlowNode;
use Psalm\Internal\FileManipulation\FunctionDocblockManipulator; use Psalm\Internal\FileManipulation\FunctionDocblockManipulator;
use Psalm\Internal\Type\Comparator\TypeComparisonResult; use Psalm\Internal\Type\Comparator\TypeComparisonResult;
@ -1032,7 +1033,9 @@ abstract class FunctionLikeAnalyzer extends SourceAnalyzer
if ($statements_analyzer->data_flow_graph if ($statements_analyzer->data_flow_graph
&& $function_param->location && $function_param->location
) { ) {
if ($function_param->type === null //don't add to taint flow graph if the type can't transmit taints
if (!$statements_analyzer->data_flow_graph instanceof TaintFlowGraph
|| $function_param->type === null
|| !$function_param->type->isSingle() || !$function_param->type->isSingle()
|| (!$function_param->type->isInt() || (!$function_param->type->isInt()
&& !$function_param->type->isFloat() && !$function_param->type->isFloat()