1
0
mirror of https://github.com/danog/psalm.git synced 2024-11-27 12:55:26 +01:00

Fix #4769 – don’t use unique ids for new generated nodes

This commit is contained in:
Matt Brown 2020-12-04 15:43:12 -05:00
parent 9f9b090f6a
commit fd67d41120
2 changed files with 24 additions and 5 deletions

View File

@ -222,7 +222,7 @@ class TaintFlowGraph extends DataFlowGraph
/**
* @param array<string> $source_taints
* @param array<DataFlowNode> $sinks
* @return array<string, DataFlowNode>
* @return list<DataFlowNode>
*/
private function getChildNodes(
DataFlowNode $generated_source,
@ -441,7 +441,7 @@ class TaintFlowGraph extends DataFlowGraph
$new_destination->specialized_calls = $generated_source->specialized_calls;
$new_destination->path_types = array_merge($generated_source->path_types, [$path_type]);
$new_sources[$to_id] = $new_destination;
$new_sources[] = $new_destination;
}
return $new_sources;
@ -459,11 +459,10 @@ class TaintFlowGraph extends DataFlowGraph
if ($source->specialization_key && isset($this->specialized_calls[$source->specialization_key])) {
$generated_source = clone $source;
$generated_source->specialized_calls[$source->specialization_key]
= $this->specialized_calls[$source->specialization_key];
$generated_source->id = substr($source->id, 0, -strlen($source->specialization_key) - 1);
$generated_source->specialized_calls[$source->specialization_key][$generated_source->id] = true;
$generated_sources[] = $generated_source;
} elseif (isset($this->specializations[$source->id])) {
foreach ($this->specializations[$source->id] as $specialization => $_) {

View File

@ -1940,6 +1940,26 @@ class TaintTest extends TestCase
echo foo($_GET["foo"], false);',
'error_message' => 'TaintedHtml',
],
'suppressOneCatchAnother' => [
'<?php
/** @psalm-taint-specialize */
function data(array $data, string $key) {
return $data[$key];
}
function get(string $key) {
return data($_GET, $key);
}
function post(string $key) {
return data($_POST, $key);
}
echo get("x");
/** @psalm-suppress TaintedInput */
echo post("x");',
'error_message' => 'TaintedHtml',
],
/*
// TODO: Stubs do not support this type of inference even with $this->message = $message.
// Most uses of getMessage() would be with caught exceptions, so this is not representative of real code.