danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-15 10:57:08 +01:00
Code Issues Projects Releases Wiki Activity
7,306 Commits 43 Branches 314 Tags 108 MiB
72d1d799b1
Commit Graph

8 Commits

Author SHA1 Message Date
Craig Francis
993e112236
Additional MySQL sinks, ref Issue #4155 (#4158) 2020-09-08 11:54:23 -04:00
Tyson Andre
e62e964167
Set up taint analysis for pgsql functions (#4021) 
I noticed that entries in InternalTaintSinkMap don't warn
unless the functions are added to CallMap.php
e.g. `pg_exec($conn, $_GET['query']);`
(pg_exec is an alias of pg_query)
 2020-08-19 10:41:02 -04:00
Tyson Andre
cad86aae5b
Fix typo for printr (#3754) 
Related to #3744

`print_r` is only a taint sink when `$return` is false or absent.
 2020-07-07 00:25:14 -04:00
Tyson Andre
b0a3de47e8
Mark create_function() as a taint sink (#3729) 
create_function() is a thin wrapper around eval().
Fixes #3723
 2020-07-01 18:09:30 -04:00
Brown
7288dfc620 Fix #3715 - unserialize is a taint sink 2020-06-29 17:54:47 -04:00
Brown
51202c75ea Add taint docs 2020-06-19 11:56:12 -04:00
Matthew Brown
73797f7498 Add more default sinks 2020-05-29 00:24:07 -04:00
Brown
118b700436 Simplify sink mapping for internal calls 2020-05-25 13:10:06 -04:00