danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2025-01-21 21:31:13 +01:00
Code Issues Projects Releases Wiki Activity

Add explicit path object

Browse Source
This commit is contained in:
Brown 2020-06-22 02:10:03 -04:00
parent 36f1630e03
commit dddc159694
5 changed files with 32 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Psalm/Internal/Analyzer/Statements/EchoAnalyzer.php
View File

@ -37,14 +37,13 @@ class EchoAnalyzer
if ($codebase->taint
&& $codebase->config->trackTaintsInPath($statements_analyzer->getFilePath())
) {
$expr_location = new CodeLocation($statements_analyzer->getSource(), $expr);
$call_location = new CodeLocation($statements_analyzer->getSource(), $stmt);
$echo_param_sink = Sink::getForMethodArgument(
'echo',
'echo',
(int) $i,
$expr_location,
null,
$call_location
);

1
src/Psalm/Internal/Analyzer/Statements/Expression/IncludeAnalyzer.php
View File

@ -112,7 +112,6 @@ class IncludeAnalyzer
'include',
'include',
0,
$arg_location,
$arg_location
);

12
src/Psalm/Internal/Codebase/Taint.php
View File

@ -37,7 +37,7 @@ class Taint
/** @var array<string, Sink> */
private $sinks = [];
/** @var array<string, array<string, array{string, array<string>, array<string>}>> */
/** @var array<string, array<string, Path>> */
private $forward_edges = [];
/** @var array<string, array<string, true>> */
@ -86,7 +86,7 @@ class Taint
return;
}
$this->forward_edges[$from_id][$to_id] = [$path_type, $added_taints, $removed_taints];
$this->forward_edges[$from_id][$to_id] = new Path($path_type, $added_taints, $removed_taints);
}
public function getPredecessorPath(Taintable $source) : string
@ -166,7 +166,7 @@ class Taint
$sources = $this->sources;
$sinks = $this->sinks;
for ($i = 0; count($sinks) && count($sources) && $i < 30; $i++) {
for ($i = 0; count($sinks) && count($sources) && $i < 40; $i++) {
$new_sources = [];
foreach ($sources as $source) {
@ -207,8 +207,10 @@ class Taint
) : array {
$new_sources = [];
foreach ($this->forward_edges[$generated_source->id] as $to_id => $path_data) {
[$path_type, $added_taints, $removed_taints] = $path_data;
foreach ($this->forward_edges[$generated_source->id] as $to_id => $path) {
$path_type = $path->type;
$added_taints = $path->unescaped_taints;
$removed_taints = $path->escaped_taints;
if (!isset($this->nodes[$to_id])) {
continue;

23
src/Psalm/Internal/Taint/Path.php Normal file
View File

@ -0,0 +1,23 @@
<?php
namespace Psalm\Internal\Taint;
class Path
{
public $type;
public $unescaped_taints;
public $escaped_taints;
/**
* @param array<string> $unescaped_taints
* @param array<string> $escaped_taints
*/
public function __construct(string $type, array $unescaped_taints, array $escaped_taints)
{
$this->type = $type;
$this->unescaped_taints = $unescaped_taints;
$this->escaped_taints = $escaped_taints;
}
}

2
tests/TaintTest.php
View File

@ -44,7 +44,7 @@ class TaintTest extends TestCase
public function testTaintedInputFromFunctionReturnType()
{
$this->expectException(\Psalm\Exception\CodeException::class);
$this->expectExceptionMessage('TaintedInput');
$this->expectExceptionMessage('TaintedInput - somefile.php:6:22 - Detected tainted html in path: $_GET -> $_GET[\'name\'] (somefile.php:3:28) -> getname (somefile.php:6:22) -> call to echo (somefile.php:6:22) -> echo#1');
$this->project_analyzer->trackTaintedInputs();