1
0
mirror of https://github.com/danog/psalm.git synced 2024-11-30 04:39:00 +01:00
Commit Graph

29 Commits

Author SHA1 Message Date
Brown
f46236ad71 Taint flows through preg_replace_callback 2020-06-23 15:28:31 -04:00
Brown
e8be2c500e Support taint flows in more functions 2020-06-22 17:53:03 -04:00
Brown
fbe3433edd Use escape terminology 2020-06-21 11:43:08 -04:00
orklah
428beb21fb
Improve stubs for str_replace and preg_replace (#3495)
* expand accepted values for str_replace and preg_replace. Make return conditional based on type of $subject

* Remove int|float from str_replace/preg_replace

Co-authored-by: Matthew Brown <github@muglug.com>
2020-05-30 16:59:18 -04:00
orklah
51bf7f38de
Fix #3438 (#3494) 2020-05-30 16:55:55 -04:00
Brown
a2b6326a84 Change specialize-call to taint-specialize 2020-05-26 14:18:43 -04:00
Brown
ecb179c784 Migrate min/max function calls back to CallMap 2020-05-26 12:28:56 -04:00
Brown
16af6a5773 Improve concat taint propagation 2020-05-23 01:11:16 -04:00
Brown
dc73e25157 Detect taints in include calls 2020-05-22 23:53:37 -04:00
Brown
8632cdb3cd Improve taint tracking during scanning phase 2020-05-22 12:33:48 -04:00
Matthew Brown
187b944680 Add faster taint analysis 2020-05-22 12:33:29 -04:00
orklah
478bb267d8
stubs for array_sum (#3395) 2020-05-18 17:23:21 -04:00
Brown
111303d913 Add non-empty-lowercase-string type 2020-05-15 10:18:05 -04:00
Brown
291018034b Remove unnecessary PHP code 2020-05-11 11:36:50 -04:00
Brown
eefd2e743b Use generic function definition for sscanf
cc @villfa
2020-05-10 23:58:51 -04:00
Grégoire Paris
1fb1c2195d
Allow non-string keys (#3221)
Although it would be stupid to provide an array with exclusively
non-string keys, it's possible to have an array with a bit of both.

See for instance
155d028be0/tests/Doctrine/Tests/DBAL/Functional/DataAccessTest.php (L263-L276)
2020-04-27 22:49:07 -04:00
Brown
e699004dab Improve names a little 2020-04-18 00:59:16 -04:00
Valentin Udaltsov
9b8e8ab964 Support non-empty-arrays in array_keys (#3168)
Closes #3160
2020-04-18 00:56:54 -04:00
Matthew Brown
aa29c7fc9e
Revert "Support non-empty-arrays in array_keys (#3168)" (#3172)
This reverts commit a280e57ecf.
2020-04-17 16:52:08 -04:00
Valentin Udaltsov
a280e57ecf
Support non-empty-arrays in array_keys (#3168)
Closes #3160
2020-04-17 15:07:41 -04:00
Brown
2e4aaac5bb Add better inference for date calls 2020-04-14 21:07:44 -04:00
Brown
a79122256c Use conditional return type for range 2020-04-07 19:59:20 -04:00
Brown
69045daea9 Convert a bunch of custom-handled functions to conditional stubbed ones 2020-04-07 16:48:29 -04:00
Brown
6b25b33d81 Revert "Stub out str_replace types"
This reverts commit 94fefde376.
2020-04-04 17:38:34 -04:00
Brown
649a33b27b Remove json_decode stub, because it introduces too many false-positives 2020-04-04 17:23:15 -04:00
Brown
4b36c4e4bf Add stub for json_encode 2020-04-04 11:18:24 -04:00
Brown
94fefde376 Stub out str_replace types 2020-04-04 11:05:13 -04:00
Thomas Gerbet
b40403d7b0 \sodium_memzero() sets to null the value of the given reference
While it is not mentionned in PHP manual \sodium_memzero() always sets
the given parameter to null [0].

[0] cb933d63c2/ext/sodium/libsodium.c (L512)
2020-03-03 19:34:20 -05:00
Matthew Brown
6129d533d8 Fix #2879 - rename stubs to prevent issues in PHPStorm 2020-03-01 17:28:51 -05:00