getCodebase(); if (ExpressionAnalyzer::analyze($statements_analyzer, $stmt->expr, $context) === false) { return false; } if ($codebase->taint_graph && $codebase->config->trackTaintsInPath($statements_analyzer->getFilePath()) ) { $call_location = new CodeLocation($statements_analyzer->getSource(), $stmt); $print_param_sink = Sink::getForMethodArgument( 'print', 'print', 0, null, $call_location ); $print_param_sink->taints = [ Type\TaintKind::INPUT_HTML, Type\TaintKind::USER_SECRET, Type\TaintKind::SYSTEM_SECRET ]; $codebase->taint_graph->addSink($print_param_sink); } if ($stmt_expr_type = $statements_analyzer->node_data->getType($stmt->expr)) { if (Call\ArgumentAnalyzer::verifyType( $statements_analyzer, $stmt_expr_type, Type::getString(), null, 'print', 0, new CodeLocation($statements_analyzer->getSource(), $stmt->expr), $stmt->expr, $context, new FunctionLikeParameter('var', false), false, null, true, true, new CodeLocation($statements_analyzer->getSource(), $stmt) ) === false) { return false; } } if (isset($codebase->config->forbidden_functions['print'])) { if (IssueBuffer::accepts( new ForbiddenCode( 'You have forbidden the use of print', new CodeLocation($statements_analyzer->getSource(), $stmt) ), $statements_analyzer->getSuppressedIssues() )) { // continue } } $statements_analyzer->node_data->setType($stmt, Type::getInt(false, 1)); return true; } }