1
0
mirror of https://github.com/danog/psalm.git synced 2025-01-22 05:41:20 +01:00

Make taint source keys unique to the added taints. (#5444)

This commit is contained in:
Samuel Mortenson 2021-03-20 12:42:24 -07:00 committed by GitHub
parent 8d78372d43
commit e07337650b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 1 deletions

View File

@ -441,7 +441,9 @@ class TaintFlowGraph extends DataFlowGraph
$new_destination->specialized_calls = $generated_source->specialized_calls; $new_destination->specialized_calls = $generated_source->specialized_calls;
$new_destination->path_types = array_merge($generated_source->path_types, [$path_type]); $new_destination->path_types = array_merge($generated_source->path_types, [$path_type]);
$key = $to_id . ' ' . \json_encode($new_destination->specialized_calls); $key = $to_id .
' ' . \json_encode($new_destination->specialized_calls) .
' ' . \json_encode($new_destination->taints);
$new_sources[$key] = $new_destination; $new_sources[$key] = $new_destination;
} }

View File

@ -1116,5 +1116,30 @@ class PluginTest extends \Psalm\Tests\TestCase
$this->project_analyzer->trackTaintedInputs(); $this->project_analyzer->trackTaintedInputs();
$this->analyzeFile($file_path, new Context()); $this->analyzeFile($file_path, new Context());
$this->addFile(
$file_path,
'<?php // --taint-analysis
/**
* @psalm-taint-sink html $build
*/
function output(array $build) {}
$build = [
"nested" => [
"safe_key" => $_GET["input"],
"a" => $_GET["input"],
],
];
output($build);'
);
$this->project_analyzer->trackTaintedInputs();
$this->expectException(\Psalm\Exception\CodeException::class);
$this->expectExceptionMessageRegExp('/TaintedHtml/');
$this->analyzeFile($file_path, new Context());
} }
} }