danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2025-01-22 05:41:20 +01:00
Code Issues Projects Releases Wiki Activity

Prevent flows through TaintedInput-suppressed files

Browse Source
This commit is contained in:
Matt Brown 2020-11-22 16:04:57 -05:00 committed by Daniil Gentili
parent aa4be209fc
commit ed9b81ce51
Signed by: danog
GPG Key ID: 8C1BE3B34B230CA7
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Psalm/Internal/Codebase/TaintFlowGraph.php
View File

@ -227,6 +227,8 @@ class TaintFlowGraph extends DataFlowGraph
) : array {
$new_sources = [];
$config = \Psalm\Config::getInstance();
foreach ($this->forward_edges[$generated_source->id] as $to_id => $path) {
$path_type = $path->type;
$added_taints = $path->unescaped_taints ?: [];
@ -259,12 +261,16 @@ class TaintFlowGraph extends DataFlowGraph
continue;
}
if ($generated_source->code_location
&& !$config->reportIssueInFile('TaintedInput', $generated_source->code_location->file_path)
) {
continue;
}
if (isset($sinks[$to_id])) {
$matching_taints = array_intersect($sinks[$to_id]->taints, $new_taints);
if ($matching_taints && $generated_source->code_location) {
$config = \Psalm\Config::getInstance();
if ($sinks[$to_id]->code_location
&& $config->reportIssueInFile('TaintedInput', $sinks[$to_id]->code_location->file_path)
) {