danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-11-27 12:55:26 +01:00
Code Issues Projects Releases Wiki Activity
97fe86c4e1
psalm/docs/running_psalm/issues/TaintedCallable.md
Matt Brown 78d644d1a1 Change TaintedText to TaintedCallable
2020-11-19 19:01:19 -05:00

307 B
Raw Blame History

TaintedCallable

Emitted when tainted text is used in an aribtary function call.

This can lead to dangerous situations, like running arbitrary functions.

<?php

$name = $_GET["name"];

evalCode($name);

function evalCode(string $name) {
    if (is_callable($name)) {
        $name();
    }
}