mirror of
https://github.com/danog/psalm.git
synced 2024-11-27 04:45:20 +01:00
4aabb411a8
* Added event to prevent tainting. * Remove optional codebase parameter. * Removed falsy check for codebase. * Use two separate hooks for adding and removing taints * Add slashes * Update add/remove taint test name. * Cleaned up SafeArrayKeyChecker example plugin. * Added more AddRemoveTaintsEvent calls to codebase. * Fix type check error with $added_taints param. * Added AddRemoveTaintsEvent to remaining classes. * Fix post-merge error. * Add comma * Remove $int_offset that never existed Co-authored-by: Matt Brown <github@muglug.com>
39 lines
1.2 KiB
PHP
39 lines
1.2 KiB
PHP
<?php
|
|
namespace Psalm\Example\Plugin;
|
|
|
|
use PhpParser\Node\Expr\ArrayItem;
|
|
use Psalm\Internal\Analyzer\StatementsAnalyzer;
|
|
use Psalm\Plugin\EventHandler\Event\AddRemoveTaintsEvent;
|
|
use Psalm\Plugin\EventHandler\RemoveTaintsInterface;
|
|
|
|
class SafeArrayKeyChecker implements RemoveTaintsInterface
|
|
{
|
|
/**
|
|
* Called to see what taints should be removed
|
|
*
|
|
* @return list<string>
|
|
*/
|
|
public static function removeTaints(AddRemoveTaintsEvent $event): array {
|
|
$item = $event->getExpr();
|
|
$statements_analyzer = $event->getStatementsSource();
|
|
if (!($item instanceof ArrayItem) || !($statements_analyzer instanceof StatementsAnalyzer)) {
|
|
return [];
|
|
}
|
|
$item_key_value = '';
|
|
if ($item->key) {
|
|
if ($item_key_type = $statements_analyzer->node_data->getType($item->key)) {
|
|
$key_type = $item_key_type;
|
|
|
|
if ($key_type->isSingleStringLiteral()) {
|
|
$item_key_value = $key_type->getSingleStringLiteral()->value;
|
|
}
|
|
}
|
|
}
|
|
|
|
if ($item_key_value === 'safe_key') {
|
|
return ['html'];
|
|
}
|
|
return [];
|
|
}
|
|
}
|