mirror of
https://github.com/danog/psalm.git
synced 2024-11-27 12:55:26 +01:00
ea52b9d23a
While I was searching for some code, ran across these.
21 lines
501 B
Markdown
21 lines
501 B
Markdown
# Custom Taint Sinks
|
|
|
|
The `@psalm-taint-sink <taint-type> <param-name>` annotation allows you to define a taint sink.
|
|
|
|
Any tainted value matching the given [taint type](index.md#taint-types) will be reported as an error by Psalm.
|
|
|
|
### Example
|
|
|
|
Here the `PDOWrapper` class has an `exec` method that should not receive tainted SQL, so we can prevent its insertion:
|
|
|
|
```php
|
|
<?php
|
|
|
|
class PDOWrapper {
|
|
/**
|
|
* @psalm-taint-sink sql $sql
|
|
*/
|
|
public function exec(string $sql) : void {}
|
|
}
|
|
```
|