20 Commits

Author	SHA1	Message	Date
Brown	49f0592794	Improve tracking of array taints	2020-06-18 18:48:19 -04:00
Brown	f609a01497	Move static property fetch analyzer to own class	2020-06-18 11:53:24 -04:00
Olle Härstedt	e1cc27f7a2	Add new config: sealAllMethods (#3578) ... * Add new config: sealAllMethods * Add some more tests * Fix codesniffer issue with preg_quote * Fix missing method in test Co-authored-by: Olle <noemail>	2020-06-15 22:36:42 -04:00
Matthew Brown	91e76f7173	Fix #3536 - Make method return type provider aware of original called method	2020-06-06 23:35:08 -04:00
Matthew Brown	0ac739fd48	Fix #3534 - allow magic method call on mixin	2020-06-06 23:28:32 -04:00
Brown	cf92361338	Fix #3522 - only use property pass-through when it’s visible	2020-06-04 16:15:07 -04:00
feek	5330dcbd7a	fix: pass along final (#3471)	2020-05-28 01:59:24 -04:00
Brown	3c60609c21	Support better mixin handling	2020-05-27 11:12:09 -04:00
Brown	769ac5c052	Fix #3458 - scope templated mixin accurately	2020-05-26 23:32:07 -04:00
Brown	d04e21ee5a	Define mixin declaring classname	2020-05-26 23:32:07 -04:00
Brown	953be61cf2	Allow limiting connected taint paths	2020-05-25 23:28:11 -04:00
Brown	7e7456c863	Make taint checks more thorough	2020-05-25 17:10:53 -04:00
Brown	2e6fc24867	Template callmap methods too ... Fixes #3453	2020-05-25 14:21:06 -04:00
Brown	118b700436	Simplify sink mapping for internal calls	2020-05-25 13:10:06 -04:00
Brown	be847472a2	Fix #3453 - allow conditional return types on instance methods	2020-05-25 09:39:30 -04:00
Brown	fb3cb2c4d1	Only use plain return type if we’re not memoizing	2020-05-22 17:05:39 -04:00
Brown	4b1c3db760	Don’t memoize method call where we have a getter standin ... Fixes #3427	2020-05-22 15:54:32 -04:00
Matthew Brown	187b944680	Add faster taint analysis	2020-05-22 12:33:29 -04:00
Brown	8e5b330c5a	Break apart CallAnalyzer	2020-05-18 22:57:00 -04:00
Brown	5b06c206e0	Move classes into deeper namespace	2020-05-18 22:52:33 -04:00