1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-15 10:57:08 +01:00
Commit Graph

1916 Commits

Author SHA1 Message Date
Matt Brown
15b0542260 Prevent more offset issues 2021-03-22 23:26:03 -04:00
Matt Brown
bf578d1024 Fix potential crash when calling magic setter 2021-03-22 23:08:38 -04:00
AndrolGenhald
de5a031088
Improve @no-named-arguments support and variadics. (#5455)
* Improve @no-named-arguments support and variadics.

Handling of argument unpacking and variadics still needs a pretty big makeover, but this is a good start.

Fixes #5420
Improves #5453 (iterable works, array still causes issues)

* Remove unneeded imports.
2021-03-22 19:58:22 -04:00
Sergey Yakimov
fb94db9b1f
Add proper handling of unpacked arguments with string keys (#5446)
* Add proper handling of unpacked arguments with string keys

* Fix undefined array key error

* Fix missed named arguments handling

* Fix false-positive on variadic parameter

* Add tests
2021-03-22 09:08:05 -04:00
Matt Brown
b73223f9c1 Add use statements 2021-03-20 22:17:22 -04:00
Matt Brown
44c6d3035b Add more mixed origin information 2021-03-20 21:45:38 -04:00
Matt Brown
d1740394aa Detect mixed echo argument when unused variable detection is turned on 2021-03-20 20:53:51 -04:00
AndrolGenhald
0579c1109b
Fix bugs with array spread operator (fixes #5421) (#5433) 2021-03-19 22:43:58 -04:00
Samuel Mortenson
4aabb411a8
Added event to prevent tainting. (#5398)
* Added event to prevent tainting.

* Remove optional codebase parameter.

* Removed falsy check for codebase.

* Use two separate hooks for adding and removing taints

* Add slashes

* Update add/remove taint test name.

* Cleaned up SafeArrayKeyChecker example plugin.

* Added more AddRemoveTaintsEvent calls to codebase.

* Fix type check error with $added_taints param.

* Added AddRemoveTaintsEvent to remaining classes.

* Fix post-merge error.

* Add comma

* Remove $int_offset that never existed

Co-authored-by: Matt Brown <github@muglug.com>
2021-03-19 22:41:41 -04:00
AndrolGenhald
d4590711d6
Fix object-like array keys when combining string and automatic keys (fixes #5427). (#5428)
* Fix object-like array keys (fixes #5427).

* Fix incorrect return types for tests.

* Fix false positive list with literal int key.
2021-03-19 21:44:44 -04:00
Matt Brown
42d3bceb4e Use more accurate return type 2021-03-18 15:19:29 -04:00
Matt Brown
b7a68edd0b Simplify complex methods 2021-03-18 15:09:03 -04:00
Matt Brown
d19088bb10 Add better origins for calls 2021-03-17 19:37:21 -04:00
Matt Brown
3046468d1e Add hints for MixedAssignment issues 2021-03-17 01:10:42 -04:00
Matt Brown
b549989ba7 Prevent overwriting storage type during analysis 2021-03-13 14:12:55 -05:00
orklah
cddef00692
fix int overflow (#5369) 2021-03-12 13:24:00 -05:00
Bruce Weirdan
8be77aaa2e
Track variable usage in bool to int casts (#5349)
Fixes vimeo/psalm#4956
2021-03-11 00:08:32 -05:00
Bruce Weirdan
185827a7ab
Continue analysis after unknown exception being caught (#5348)
Fixes vimeo/psalm#5188
2021-03-11 00:08:02 -05:00
Bruce Weirdan
71a0457284
Emit ImplicitToStringCast in more places (#5344)
* Emit ImplicitToStringCast in more places

Fixes vimeo/psalm#5320

`to_string_cast` is set on successful comparison, thus it needs to
always bubble up (it will be ignored in UnionTypeComparator if some part
does not match).

* Fix implicit casts

* Fix handling of string method references in self-out context
2021-03-11 00:07:39 -05:00
Matt Brown
96e0743892 Fix #5325 – remove all memoised methods when calling a method with property mutations 2021-03-05 00:39:25 -05:00
Matt Brown
bca09d74ad Fix style issues 2021-02-25 21:24:18 -05:00
Matt Brown
474ebf912e Fix #5229 - new SomeTemplatedClass should expand out params even if none passed 2021-02-25 21:20:05 -05:00
Matt Brown
d4841993b2 Fix #5279 - don’t convert get_class($templated) into dependent type 2021-02-25 18:43:04 -05:00
Matt Brown
b2c35834ff Remove mistakenly-duplicated code for get_* functions 2021-02-25 18:40:05 -05:00
Matt Brown
7958ef6889 Decomplicate method 2021-02-24 00:03:55 -05:00
Matt Brown
cafbdb6831 Fix #5264 - use accurate static type when calling parent method in trait 2021-02-23 20:48:22 -05:00
Matt Brown
78577fd624 Fix #5257 - allow object::foo() call 2021-02-23 17:31:14 -05:00
orklah
69eb8e4999
display PHP version when not understanding an expression (#5268) 2021-02-22 13:15:34 -05:00
elnoro
e1d6f2f491
Fixed 4788 (#5263) 2021-02-22 09:21:28 -05:00
Matt Brown
6ba899e34e Only replace static type once 2021-02-22 00:25:13 -05:00
Matt Brown
3106635953 Fix inference of conditional types when wildcard constant given 2021-02-20 12:21:52 -05:00
orklah
7b24552534
Fix not always positive bit operations (#5233)
* Fix not always positive bit operations

* Fix not always positive bit operations

* add test
2021-02-15 23:10:42 -05:00
orklah
5191dac3fa
Introduce Virtual Nodes in order to differentiate real nodes in plugins (#5222) 2021-02-15 16:18:41 -05:00
Matt Brown
b7792ab0b4 Fix static method call completion with variable assignment after 2021-02-15 00:45:39 -05:00
Matt Brown
bd6efd7cf2 Improve completion for namespaced classes
cc @joehoyle - this mainly allows us to get a correct list when the user starts typing Foo (without the new before it) inside a namespace
2021-02-14 23:25:13 -05:00
Matt Brown
00288c14c5 Fix param 2021-02-13 16:23:11 -05:00
Matt Brown
6fb7423c68 Fix #5211 - prevent infinite loop in template inference 2021-02-13 16:16:58 -05:00
Alberto Piai
144bb37f76
Fix array_key_exists() with all int literal keys (#5197)
When checking code like the following:

```
<?php

function checkNegated(string $key): void {
    $arr = [
        0 => "foo",
        1 => "bar",
    ];

    if (!array_key_exists($key, $arr)) {
        printf("not found\n");
    }
}

function check(string $key): void {
    $arr = [
        0 => "foo",
        1 => "bar",
    ];

    if (array_key_exists($key, $arr)) {
        printf("found\n");
    }
}
```

the `if` in `checkNegated` would cause:

```
ERROR: RedundantCondition - 9:10 - Type string for $key is never =int(0)
```

This happens when the array keys are all int literals, but the "needle"
is a string.

`array_key_exists()` uses a loose equality comparison, but the generated
assertions for this specific case
(`AssertionFinder::getArrayKeyExistsAssertions`) was generating strict
equality clauses. This commit fixes it by changing the generated clause
from `=` to `~`.
2021-02-12 17:00:38 -05:00
Matt Brown
044602a244 Fix #5196 - fix type before assigning default property values 2021-02-11 09:38:04 -05:00
Matt Brown
ccdb29abfa Improve handling of property-mutating calls 2021-02-10 12:09:21 -05:00
Matt Brown
2dc86651a4 Check context var exists 2021-02-09 14:13:24 -05:00
orklah
88fe805c27
Prevent throwing a division by zero when encountering a literal division by zero (#5182) 2021-02-09 11:48:59 -05:00
Matt Brown
c7b7da46e9 Add slashes 2021-02-09 11:48:24 -05:00
Matt Brown
8aaa489733 Make more operations generic-safe 2021-02-09 11:37:48 -05:00
Matt Brown
b9dac8c46c Add slashes 2021-02-09 10:57:19 -05:00
Matt Brown
a955dabfe5 Account for context var not existing 2021-02-09 10:46:33 -05:00
Matt Brown
2b9d307cab Fix #5184 - remove this vars from parent context where possible 2021-02-09 10:23:22 -05:00
Matt Brown
ecfc4726d7 Limit removal of vars further 2021-02-09 00:53:09 -05:00
Matt Brown
ad0b575080 Better fix for #5180 2021-02-08 23:31:49 -05:00
Matt Brown
9b8fdf154d Revert "Allow refinement of $this properties based on subclass"
This reverts commit 1d5d2403e2.
2021-02-08 22:50:50 -05:00
Matt Brown
1d5d2403e2 Allow refinement of $this properties based on subclass
Fixes #5180
2021-02-08 22:46:32 -05:00
Matt Brown
3be1bb7342 Limited fix for #5028 2021-02-07 22:56:37 -05:00
Matt Brown
8b5e0fc754 Fix #5172 - prevent calling function with implicitly-broader type 2021-02-07 11:07:22 -05:00
Bruce Weirdan
b72c5a0fa2
Mark variables in throw arguments as used (#5166)
Fixes vimeo/psalm#5164
2021-02-06 22:07:01 -05:00
orklah
343d020408
improve psalter capacities for anonymous class extending real classes (#5146) 2021-02-04 09:59:38 -05:00
Matt Brown
7dbdc8c59e Fix #5144 - prevent exception during taint analysis 2021-02-02 14:16:15 -05:00
Matt Brown
0f2a07a9a3 Fix #5137 – support @psalm-flow in methods 2021-01-31 22:40:48 -05:00
Joe Hoyle
a3dcc52e9a
Track references on global variables (#5122)
* Track references on global variables

Add global type references to the type map, and fix up unused detection on global variables.

* Add null assertions

* PHPCS
2021-01-28 18:58:02 -05:00
Joe Hoyle
5759472168
Add constant fetch to reference map (#5115)
* Add constant fetch to reference map

To support showing constant types on hover of constant references, we need to add them to the ref map.

* Fix root constants

* PHPCBF
2021-01-28 11:18:28 -05:00
Matt Brown
359a0166e3 Fix #4631 - prevent reusing named params 2021-01-27 22:53:55 -05:00
Matt Brown
4807d38507 Fix using std library functions 2021-01-27 22:28:33 -05:00
Matt Brown
3c58220f3a Fix #5097 - memoise more things during null coalesce 2021-01-26 23:10:57 -05:00
Matt Brown
76269658ca Fix #5107 - treat function-bound templated parameters the same
Previously they were treated differently depending on whether or not they were inside a method
2021-01-26 22:43:42 -05:00
Matt Brown
0624098865 Ensure getId() output can always be parsed as a type
Ref #5105
2021-01-25 23:41:51 -05:00
Matt Brown
6f30399189 Fix #5070 – fix static return type inference in static methods 2021-01-22 09:58:09 -05:00
Matthew Brown
28d2795e59 Fix #5078 - when unpacking with missing array item, Use the param’s default type if param has one 2021-01-22 00:20:51 -05:00
Bruce Weirdan
d296c4bb9a
Add missing dataflow population in array spreads (#5059)
Fixes vimeo/psalm#5057
2021-01-20 17:42:11 -05:00
81b75a7884
Check iterator types on yield from (#5042)
* Check iterator types on yield from

* Switch to NodeAbstract

* Make Foo iterable
2021-01-20 17:41:15 -05:00
Matt Brown
2f58c6afc8 Fix #5020 - remove previous catch var assertions when assigning inside catch 2021-01-17 14:28:28 -05:00
Matt Brown
3049301da8 Fix #5028 - avoid false-positive on dynamic property fetch after ternary 2021-01-17 11:59:59 -05:00
orklah
72c21c5fa6
Calculate more literal values (#5032)
* try to calculate more literal values

* add test

* improve test
2021-01-17 10:55:32 -05:00
orklah
7a40443ffb
don't throw InvalidArrayOffset when dealing with templates (#5019) 2021-01-14 16:35:06 -05:00
Matt Brown
ef4afd72bc Unset should change array with keyed offsets 2021-01-13 18:10:59 -05:00
Marco Pivetta
a53cc23809
#4997 added more precise type inference for count() returning 0 or positive-int on known arrays (#4999)
* #4997 added more precise stub for `count()` returning `0` or `positive-int` on known types

* #4997 updated `count()` to support `\SimpleXmlElement` and `\ResourceBundle` counting, as well as handling hardcoded 2-element-arrays cases

This patch:

 * adds support for `count(\SimpleXmlElement)` (https://www.php.net/manual/en/simplexmlelement.count.php)
 * adds support for `count(\ResourceBundle)` (https://www.php.net/manual/en/resourcebundle.count.php)
 * removes usage of global constants from stub (not supported - see https://www.php.net/manual/en/function.count.php)
 * adds support for identifying fixed-element-count arrays, for example `count(callable&array)`, which is always `2`

* #4997 adapted `FunctionCallReturnTypeFetcher` to infer `TPositiveInt` for `count(TNonEmptyArray)` and `count(TNonEmptyList)`

* The `FunctionCallReturnTypeFetcher` is responsible for defining the precise type of a `\count(T)`
expression when given a `T`, so we baked the whole type resolution for `positive-int`, `0` and
`positive-int|0` directly in there.

While this complicates things, it is also true that it is not possible right now (for the stubs)
to provide the level of detail around `count()` that is required by the type inference system
for such a complex function with so many different semantics.
2021-01-13 09:48:38 -05:00
Matt Brown
1afce4d613 Improve treatment of strict equality 2021-01-12 12:07:36 -05:00
Adrien LUCAS
493c57eedf
Trigger dispatch even when only legacy hooks (#4962) 2021-01-08 19:51:26 -05:00
Adrien LUCAS
d1398f2b12
Avoid false positives for taint specialized calls even when not using a variable (#4948) 2021-01-07 16:39:51 -05:00
Matt Brown
603ecadbb7 Fix #4945 - use assertion string for scalar templated assertions 2021-01-07 10:27:35 -05:00
orklah
0e17a3354f
add stubs for standard iterators (#4725)
* add stubs for standard iterators

* Apply suggestions from code review cc @weirdan

Co-authored-by: Bruce Weirdan <weirdan@gmail.com>

* complete stub + delete code made redundant by stubs + fix some syntax in stubs

* fix parse error

Co-authored-by: Bruce Weirdan <weirdan@gmail.com>
2021-01-07 10:07:07 -05:00
Adrien LUCAS
0f5886746f
Taint specialized calls even when not using a variable (#4940) 2021-01-06 14:14:52 -05:00
orklah
f9fccb2b2d
implement DTO for plugins (#4881)
* implement DTO for plugins

* introduce EventHandler + reintroduce legacy API for plugins
2021-01-06 09:05:53 -05:00
orklah
bcc378bd20
handle concatenation with int parts (#4938) 2021-01-06 09:01:53 -05:00
Matthew Brown
3fd47f9e10 Add comments to AtomicMethodCallAnalyzer and suppress ComplexMethod 2021-01-05 19:03:50 -05:00
Matthew Brown
e4b1a4fa55 Uncomment erroneously-commented return 2021-01-05 17:49:17 -05:00
orklah
c47230c690
Infer result of modulo 1 operation statically (#4926) 2021-01-03 16:56:04 +00:00
Tyson Andre
00b42bf4f7
Check if included files are listed in mustBeIgnored (#4911)
Previously, when a file was included in `include()`, it was not subject
to ignoreFiles

Related to #4876
2020-12-29 14:05:17 +00:00
Matthew Brown
ddd99970a9 Fix #4901 - simplify mapping of template types within class 2020-12-29 12:24:33 +00:00
orklah
1d9987e0ed
fix phpdoc (#4905) 2020-12-29 11:42:41 +00:00
orklah
3684ceff4c
Illegal offset (#4865)
* Illegal offset access

* add tests

* fix tests
2020-12-26 10:33:49 +00:00
Bruce Weirdan
89ff4282df
Allow assertions on static class properties (#4833)
* Minimal implementation for assertions on static properties

* Added inheritance tests

* Add support for `ClassName::$var`

* Import strpos() to keep phpcs happy

* Add support for conditional assertions on static properties
2020-12-21 17:05:44 +00:00
Matt Brown
6eae582763 Prevent mixed array offset in array creation
Fixes #4846
2020-12-16 08:18:18 -05:00
Matt Brown
c7087c150b Fix #4848 - use better inference when incorrect array keys are passed 2020-12-16 08:07:57 -05:00
Matt Brown
e43f2259ea Fix #4839 - undefined possibly set in by-reference should be treated as such 2020-12-14 16:57:48 -05:00
orklah
8974da5610
preserve analyzers until the end of file (#4834)
* preserve analyzers until the end of file

* remove unused variable
2020-12-13 01:17:13 -05:00
2e3s
d8d6811ed4
Memoize private inferred mutation-free methods (#4832) 2020-12-12 10:26:14 -05:00
Matt Brown
cc1c643168 Fix #4829 – don’t crash when yielding non-existent class 2020-12-11 10:04:28 -05:00
Matt Brown
a27c674cee Add test for #4825 2020-12-10 13:51:49 -05:00
Matt Brown
8cae4047b0 Fix #4825 - check for finally var set 2020-12-10 11:48:43 -05:00
Matt Brown
2a92025737 Union types if stmt already has one 2020-12-10 01:40:20 -05:00
Matt Brown
b7a7e2fb87 Fix get magic property checks 2020-12-10 01:29:07 -05:00
Matt Brown
524084a64c Tighten up rules arouund when mutation-free methods get memoised 2020-12-08 16:39:06 -05:00
2e3s
e46c68b1e5
Overwrite memoized return type after sum-type candidate is calculated (#4805)
* Overwrite memoized return type after sum-type candidate is calculated

* Fix mismatched types

* Fix code style
2020-12-08 09:35:11 -05:00
Matt Brown
91ee4aeca3 Fix #4797 - sanitise assertion output of template result 2020-12-07 19:11:56 -05:00
Matt Brown
f5dd6e76f8 Fix #4802 - don’t clone context when analysing coalesce 2020-12-07 14:30:57 -05:00
Matthew Brown
d406d5b112
Fix typo 2020-12-07 01:32:18 -05:00
Matt Brown
e702e472fc Support simple list assignment in foreach
Ref #4741
2020-12-06 19:14:52 -05:00
Matt Brown
9c0e9a3d7e Taint all when conditional return is used
Ref #4792
2020-12-06 11:24:48 -05:00
Matt Brown
4d1aae43f9 Fix #4778 - remove already-initialized properties when checking initialisation 2020-12-06 11:07:59 -05:00
Matt Brown
cec8d7138f Fix #4782 - don’t replace closure types with upper bounds when replacing class param types 2020-12-05 11:58:55 -05:00
Matt Brown
1bb8b73f99 Return earlier 2020-12-05 10:25:34 -05:00
orklah
62d5ea83a1
Allow int casts if the type comes from calculation (#4768) 2020-12-03 23:15:07 -05:00
Matt Brown
0411049559 Mixed array access should mark vars as used just in case 2020-12-03 13:09:08 -05:00
Matt Brown
2feba22a00 Make more try vars potentially undefined
Fixes #4764
2020-12-03 11:44:10 -05:00
Matt Brown
51a92aa223 Fix interface property regression 2020-12-03 11:13:10 -05:00
Matt Brown
bef9ab37e6 Fix #4759 – don’t generate assertion when assigning to same-named variable 2020-12-03 09:42:26 -05:00
Denis Smetannikov
11576951f6
Update ExistingAtomicStaticCallAnalyzer.php (#4761)
The invalid syntax for PHP 7.1+
2020-12-03 09:24:34 -05:00
Matt Brown
1a5d5e4476 Simplify FunctionLikeDocblockScanner 2020-12-03 00:19:01 -05:00
Matt Brown
e2a2e8ee87 Break apart AtomicPropertyFetchAnalyzer::analyze 2020-12-02 23:37:29 -05:00
Matt Brown
2f00500c91 Improve message 2020-12-02 22:08:14 -05:00
Matt Brown
6f916553a8 Ref #4753 - allow int literals to inform key type 2020-12-02 17:13:45 -05:00
Matt Brown
e2bb02e93c Don’t suggest a potential value that’s undefined
Fixes #4754
2020-12-02 14:49:30 -05:00
Matt Brown
f0876b86f4 Avoid false-positives while analysing memoised coalesce 2020-12-02 02:25:15 -05:00
Matt Brown
394eceb01c Memoize coalesce expression in more scenarios 2020-12-02 02:15:17 -05:00
Matt Brown
928fdda00f Don’t do new isset conversion on try-set vars 2020-12-02 01:47:49 -05:00
Matt Brown
1feca322d5 Fix loading imported functions 2020-12-02 00:52:35 -05:00
Matt Brown
5a200ca442 Fix assertions on unions 2020-12-01 21:12:03 -05:00
Matt Brown
61e374f33b Fix null array access complaints 2020-12-01 20:10:48 -05:00
Matt Brown
1a629ccc82 Fix a few issues 2020-12-01 18:26:15 -05:00
Matt Brown
e7f9ce6da0 Break out RedundantCast issues 2020-12-01 17:25:45 -05:00
Matt Brown
2963efc9a5 Use fallback assignment type when the property doesn’t exist on the class 2020-12-01 16:59:44 -05:00
Matt Brown
f5494bc407 Fix typos caused by Macbook Pro’s bad keyboard 2020-12-01 14:14:09 -05:00
orklah
f0c0ac0616
handle return flag for a try/catch/finally (#4746)
* handle return flag for a try/catch/finally

* add tests for psalter
2020-12-01 12:55:27 -05:00
Matt Brown
c6d0561612 Fix nullref 2020-12-01 00:48:09 -05:00
Matt Brown
7295e28e20 Fix #4743 - simplify assertions generated from array_key_exists check 2020-11-30 22:10:17 -05:00
Matt Brown
6f86201f34 Break up AssignmentAnalyzer::analyze 2020-11-30 14:57:35 -05:00
Matt Brown
3b1fa58413 Break apart method as much as possible 2020-11-30 14:07:18 -05:00
Matt Brown
2427606563 Fix lint 2020-11-30 13:25:27 -05:00
Matt Brown
2204728824 Break apart NewAnalyzer::analyze
Ref #4714
2020-11-30 13:24:24 -05:00
Matt Brown
4baf143ff7 Break apart ArrayAssignmentAnalyzer::updateArrayType
Ref #4714
2020-11-30 13:08:42 -05:00
Matt Brown
5430effb2b Break apart InstancePropertyAssignmentAnalyzer
Ref #4714
2020-11-30 12:09:09 -05:00
Matt Brown
31e2522adb Actually not a bug 2020-11-30 01:32:38 -05:00
Matt Brown
817db55140 Fix typo 2020-11-30 01:29:40 -05:00
Matt Brown
cf6dedc11d Break up AssertionFinder methods
Ref #4714
2020-11-30 01:20:28 -05:00
orklah
a760a2418a
support shift and bitwise operations in constants (#4740) 2020-11-29 21:43:49 -05:00
Matt Brown
4d81682fdd Fix #4731 - expand out class-bound generic types when evaluating instance method 2020-11-29 21:36:50 -05:00
Matt Brown
86b6d6a506 Fix #4733 - don’t replace template types when they’re defined on the same class 2020-11-29 19:12:22 -05:00
Matt Brown
601c1d8cd0 Expand out constants in param types earlier 2020-11-29 19:07:35 -05:00
Matt Brown
46b202731c Fix check 2020-11-29 18:28:32 -05:00
Matt Brown
58b306b6e3 Ensure class template types are mapped to static methods where necessary
Ref #4733
2020-11-29 17:40:52 -05:00
Matt Brown
8da676f5bf Improve param name 2020-11-29 17:26:42 -05:00
Matt Brown
ea314cc1c0 Simplify calling of replacer methods 2020-11-29 16:27:00 -05:00
Matt Brown
4d22723525 Break out replacement of templated types with their inferred result 2020-11-29 16:16:16 -05:00
Matt Brown
15a5bd5e29 Simplify storage and retrieval of extended template params 2020-11-29 15:05:32 -05:00
Matthew Brown
60ac109c01
Add RedundantPropertyInitializationCheck (#4732)
* Add RedundantPropertyInitializationCheck

* add documentation for RedundantPropertyInitializationCheck (#4734)

Co-authored-by: orklah <orklah@users.noreply.github.com>
2020-11-29 11:57:20 -05:00
Matt Brown
0efd4ebd7d Detect some erroneous issets 2020-11-29 09:26:39 -05:00
Matthew Brown
fd53192ad2
Fix redundant mappings 2020-11-28 21:05:31 -05:00
Matt Brown
8adc0918ae Fix the bug 2020-11-28 09:55:40 -05:00
Matt Brown
de1fa03f77 Fix template type selection 2020-11-28 09:53:11 -05:00
Matt Brown
4af7e818b2 Simplify ArrayFetchAnalyzer::getArrayAccessTypeGivenOffset
Ref #4714
2020-11-27 23:36:47 -05:00
Matt Brown
73cd07a01f Simplify FunctionCallAnalyzer
Ref #4714
2020-11-27 16:34:27 -05:00
Matt Brown
6db8132b4c Simplify call analysers a bit
Ref #4714
2020-11-27 16:31:10 -05:00
Matt Brown
5dd4912a99 Simplify ArrayAnalyzer
Ref #4714
2020-11-27 14:19:55 -05:00
Matt Brown
1ce45516db Don’t alter behaviour 2020-11-27 11:47:12 -05:00
Matt Brown
5f065d3d74 Turn template bound tuples into object
Ref #4714
2020-11-27 11:43:30 -05:00
Matt Brown
6de97e3779 Skip missing function params in taint analysis 2020-11-26 11:58:14 -05:00
orklah
4bbb72329e
Fix PHPMAXINT offset (#4707) 2020-11-26 09:24:32 -05:00
Matt Brown
01ceaf7006 Fix style issues 2020-11-25 21:36:37 -05:00
orklah
58736924dd
fix wrong cast to int when string offset is a number > MAX INT (#4702) 2020-11-25 15:48:53 -05:00
Matt Brown
f3e0201a99 Treat $a ?? $b identically to isset($a) ? $a : $b 2020-11-25 14:34:05 -05:00
Matt Brown
d40d63f180 Fix #4699 - treat isset like !== null when variable is defined 2020-11-25 14:04:55 -05:00
Matt Brown
6aa052475a Pass correct flags when referencing from finally 2020-11-25 14:04:55 -05:00
orklah
b6a3282589
Detect redundant cast (#4695)
* detect redundant cast

* fix redundant cast issues

* fix redundant cast in tests
2020-11-25 12:04:48 -05:00
Matt Brown
f8ddc7e58a Add slash 2020-11-24 15:07:15 -05:00
Matt Brown
e9c00b8395 Switch order to satisfy new refinement 2020-11-24 14:57:34 -05:00
Matt Brown
41af653bd4 Add support for some dependent types 2020-11-24 14:50:35 -05:00
orklah
b6cb9785ac
Prevent illegal array keys (#4660)
* Emit an issue when an array-key is not legal

* tests
2020-11-23 15:20:39 -05:00
erikjwaxx
25d8c6d21e
Narrow inference of $a <=> $b from "int" to "-1|0|1" (#4680)
* A <=> operator has a literal type of -1|0|1 and not simply int

* Test to verify inferred type of $a <=> $b is -1|0|1
2020-11-23 13:10:51 -05:00
Matt Brown
17ceba5c06 Fix bug 2020-11-22 23:32:14 -05:00
Matt Brown
f164a45843 Fix bugs 2020-11-22 19:45:54 -05:00
Matt Brown
9a03a9a5d0 Move param taint sink addition after arguuments have been analysed 2020-11-22 19:39:40 -05:00
Matt Brown
b782dd4225 Make sure conditional escaping works for static methods too 2020-11-22 13:39:32 -05:00
Matt Brown
af008953a8 Fix #4661 - support conditional escaping for functions 2020-11-22 13:24:33 -05:00
orklah
a3217265ce
null operations should return mixed results (#4655) 2020-11-22 09:06:03 -05:00
Matt Brown
f0ae0e5cb4 Break aparat type combiner 2020-11-21 18:11:29 -05:00
Lukas Reschke
ffb0c4ae17
Implement variadic taint propagation (#4649)
* Implement variadic taint propagation

* Lint code
2020-11-21 17:41:40 -05:00
orklah
ae0486529e
Unused psalm-suppress (#4646) 2020-11-21 17:39:40 -05:00
Matt Brown
1cead18760 Fix #4637 - prevent regression when negating function call with === false 2020-11-20 09:56:53 -05:00
Matt Brown
ce8938263e Fix #4636 - prevent crashes on aliased classes 2020-11-20 09:29:24 -05:00
Matt Brown
c562e1dd52 Don’t taint foreach keys with array-fetch
We could use array-keyfetch or similar, but for now gives false-positives
2020-11-19 19:08:59 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Matt Brown
4c315ec45c Closure calls aren’t sinks 2020-11-19 18:44:36 -05:00
Matt Brown
70c9fd97c7 Return empty instead of throwing 2020-11-19 16:25:53 -05:00
Matt Brown
ead63894a1 Fix formatting 2020-11-19 16:09:30 -05:00
Matt Brown
b5d4b59c33 Be more refined 2020-11-19 15:57:05 -05:00
Matt Brown
de49892525 Fix #4626 - array_key_exists should infer type for first arg where possible 2020-11-19 15:40:27 -05:00
Matt Brown
ff3fff56d4 Simplify assertion negations, centralising as much as possible
Now the flag passed to scrapeAssertions just determines the errors emitted
2020-11-19 14:32:49 -05:00
Matt Brown
7803cc228b Revert "Fix #4624 - allow in_array to work with list arrays"
This reverts commit 08ae85a735.
2020-11-19 12:49:26 -05:00
Matt Brown
08ae85a735 Fix #4624 - allow in_array to work with list arrays 2020-11-19 09:26:41 -05:00
Matt Brown
95de6cf177 Allow immutable classes to be specialised through calls 2020-11-19 01:38:20 -05:00
Matt Brown
d60abaf858 Unfix fixes 2020-11-18 19:19:07 -05:00
Matt Brown
8dd229f6c0 Only ignore literal flows when tainting 2020-11-18 18:43:41 -05:00
Matt Brown
be275ae972 Fix #4605 - taint parent-declared property 2020-11-18 13:34:47 -05:00
Matt Brown
236292ff05 Fix #4600 - set attributes in a bunch of places 2020-11-18 12:44:59 -05:00
Matt Brown
3f7f959726 Fix #4599 - propagate taints to parent callers where necessary 2020-11-18 09:59:54 -05:00
Matt Brown
28dee4146a Fix tests 2020-11-17 17:53:46 -05:00
Matt Brown
adeaa33a64 Don’t propagate taints to child constructor args 2020-11-17 16:49:29 -05:00
Matt Brown
4e5111f1a8 Fix #4472 - if something flows into a byref var it’s used 2020-11-17 15:30:53 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matt Brown
42802e11d1 Allow PHP major version to determine substr return type 2020-11-16 16:31:33 -05:00
Dusk
0fe3e1f83b
Allow named arguments to variadic functions (#4575)
Closes #4563
2020-11-16 15:49:27 -05:00
orklah
6f8b463860
Detect trying to access to a list with a negative offset (#4552) 2020-11-15 20:26:50 -05:00
Matt Brown
26b4cd1fb9 Fix #4529 - allow unsetting with complex array key 2020-11-14 08:57:25 -05:00
Matt Brown
086237aab7 Fix #4544 - improve handling of get_class in match 2020-11-13 11:55:42 -05:00
Matt Brown
5a62dc5c40 Fix #4540 - use correct method when simulating property setting 2020-11-12 23:56:29 -05:00
Matt Brown
556fb12966 Move mutation checks to more appropriate place 2020-11-12 23:54:50 -05:00
Matt Brown
2f7bf2a144 Bind lower bounds to upper bounds as well when no upper bound can be inferred
Ref #4485
2020-11-11 17:46:09 -05:00
Matt Brown
a8d7248c31 Fix #4524 - do better template param inheritance 2020-11-11 13:25:17 -05:00
Matt Brown
5ad1e80e99 Fix #4527 - improve interpolated string types 2020-11-11 00:38:26 -05:00
Matt Brown
46ebca4497 Fix coalesce operation tainting 2020-11-10 14:36:36 -05:00
Matt Brown
a82a9558d2 Experiment with refactor 2020-11-10 12:50:17 -05:00
Matt Brown
b731b53d5e Add debug stuff for code complexity 2020-11-10 12:49:42 -05:00
Matt Brown
81babf2430 Clone to prevent incorrect references 2020-11-10 09:01:46 -05:00
Matt Brown
e27cbfba57 Reduce size of data flow graph when analysing array assignments 2020-11-09 22:44:36 -05:00
Adrien LUCAS
4cb8e86737
Add a proxy capability to the flow annotation (#4495)
* Add a `passthru` capability to the flow annotation

* Fix passthru-calls type

* Fix types and rename to proxy

* Allow to proxy a method

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-09 15:22:35 -05:00
Matt Brown
e97a9c86eb Fix #4517 - track type contradiction issues in match expressions 2020-11-09 10:00:53 -05:00
Matt Brown
3aaa1d8447 Fix #4516 - treat exit() as the empty type 2020-11-09 08:44:03 -05:00
Matt Brown
683546e024 Fix #4519 - prevent crash with empty match 2020-11-09 08:36:59 -05:00
Matt Brown
8799e1a337 Break apart complex method 2020-11-09 00:58:45 -05:00
Matt Brown
0be4f2fedf Fix/ignore reflection bugs 2020-11-08 14:27:37 -05:00
Matt Brown
20e37d8cb6 Add a comment to show workings 2020-11-08 13:08:45 -05:00
Matt Brown
24c9702aa5 Remove unused imports 2020-11-08 12:31:21 -05:00
Matt Brown
6da0905478 Separate out good from the bad 2020-11-08 12:29:23 -05:00
Matt Brown
b635353cf4 Fix redundant thing 2020-11-08 10:18:32 -05:00
Matt Brown
dccf236d16 Fix #4503 - don’t ignore assertions on possibly-null mixed 2020-11-08 10:06:39 -05:00
Matt Brown
b8f5d16e9f Consolidate similar functionality 2020-11-07 00:58:20 -05:00
Matt Brown
bb5b5142d6 Add more info to mic drop code 2020-11-06 21:36:38 -05:00
Matt Brown
45b3dce631 Break apart IfElseAnalyzer 2020-11-06 21:01:17 -05:00
Matt Brown
3359e7699a Rename IfAnalyzer 2020-11-06 20:51:14 -05:00
Axel H
271e0d86be
Fix type inference when unpacking typed iterables (#4487)
* Add test for unpacking typed iterables

* Fix type inference when unpacking typed iterables into arrays

* Fix possibly undefined array offset
2020-11-06 17:24:01 -05:00
Matt Brown
9daa534656 Ensure we flush out re-assigned vars also referenced
Fixes #4488
2020-11-06 12:51:41 -05:00
Matt Brown
6b06ecec39 Fix #4491 - support assertions in new calls 2020-11-06 11:55:19 -05:00
Matthew Brown
1c66646e72
Fix formatting 2020-11-05 19:23:54 -05:00
Matt Brown
d47d817843 Fix #4479 - use correct keys in message 2020-11-05 10:13:08 -05:00
Matt Brown
b3ff107c20 Add functions 2020-11-04 23:34:38 -05:00
Matt Brown
3bde327f1b Break up CommentAnalyzer 2020-11-04 23:25:08 -05:00
Matt Brown
f3c6d70a9b Use more accurate type for div of ints 2020-11-04 22:39:27 -05:00
Matt Brown
eacc05e73f Fix #2132 - get value of literal int division 2020-11-04 22:32:33 -05:00
Matt Brown
3e9c5d3600 Add support for @return never 2020-11-04 12:30:02 -05:00
Matt Brown
b5a3f45d52 Remove use of PHP 7.2 function 2020-11-04 11:02:34 -05:00
Matt Brown
91d9dc3759 Fix overeager inference 2020-11-03 16:44:24 -05:00