From da6980382309f4a41756ef1e36468b46135ae723 Mon Sep 17 00:00:00 2001 From: Markus Staab Date: Mon, 12 Feb 2024 10:45:05 +0100 Subject: [PATCH 1/3] Report invalid number of arguments for psalm-taint-* --- .../PhpVisitor/Reflector/FunctionLikeDocblockParser.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/Psalm/Internal/PhpVisitor/Reflector/FunctionLikeDocblockParser.php b/src/Psalm/Internal/PhpVisitor/Reflector/FunctionLikeDocblockParser.php index e2a2cc5a14b..923313ec34b 100644 --- a/src/Psalm/Internal/PhpVisitor/Reflector/FunctionLikeDocblockParser.php +++ b/src/Psalm/Internal/PhpVisitor/Reflector/FunctionLikeDocblockParser.php @@ -238,6 +238,8 @@ public static function parse( if (count($param_parts) >= 2) { $info->taint_sink_params[] = ['name' => $param_parts[1], 'taint' => $param_parts[0]]; + } else { + throw new IncorrectDocblockException('@psalm-taint-sink expects 2 arguments'); } } } @@ -279,6 +281,8 @@ public static function parse( if ($param_parts[0]) { $info->taint_source_types[] = $param_parts[0]; + } else { + throw new IncorrectDocblockException('@psalm-taint-source expects 1 argument'); } } } elseif (isset($parsed_docblock->tags['return-taint'])) { From c3526b44639d2b7561dca010da1e6f4d456658dc Mon Sep 17 00:00:00 2001 From: Markus Staab Date: Mon, 12 Feb 2024 14:04:50 +0100 Subject: [PATCH 2/3] fix test --- tests/Template/ConditionalReturnTypeTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Template/ConditionalReturnTypeTest.php b/tests/Template/ConditionalReturnTypeTest.php index 18669470af7..0dd32eac1cf 100644 --- a/tests/Template/ConditionalReturnTypeTest.php +++ b/tests/Template/ConditionalReturnTypeTest.php @@ -759,7 +759,7 @@ private function getBody() : string { * @template TSource as self::SOURCE_* * @param TSource $source * @return (TSource is "BODY" ? object|list : array) - * @psalm-taint-source + * @psalm-taint-source html */ public function getParams( string $source = self::SOURCE_GET From f5fb9498de11c06e639d31d6fa7006f01dcdbac4 Mon Sep 17 00:00:00 2001 From: Markus Staab Date: Tue, 13 Feb 2024 09:11:11 +0100 Subject: [PATCH 3/3] Use IssueBuffer::maybeAdd() instead of throwing --- .../Reflector/FunctionLikeDocblockParser.php | 14 ++++++++++++-- tests/Template/ConditionalReturnTypeTest.php | 2 +- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/src/Psalm/Internal/PhpVisitor/Reflector/FunctionLikeDocblockParser.php b/src/Psalm/Internal/PhpVisitor/Reflector/FunctionLikeDocblockParser.php index 923313ec34b..7bedbf9e27f 100644 --- a/src/Psalm/Internal/PhpVisitor/Reflector/FunctionLikeDocblockParser.php +++ b/src/Psalm/Internal/PhpVisitor/Reflector/FunctionLikeDocblockParser.php @@ -239,7 +239,12 @@ public static function parse( if (count($param_parts) >= 2) { $info->taint_sink_params[] = ['name' => $param_parts[1], 'taint' => $param_parts[0]]; } else { - throw new IncorrectDocblockException('@psalm-taint-sink expects 2 arguments'); + IssueBuffer::maybeAdd( + new InvalidDocblock( + '@psalm-taint-sink expects 2 arguments', + $code_location, + ), + ); } } } @@ -282,7 +287,12 @@ public static function parse( if ($param_parts[0]) { $info->taint_source_types[] = $param_parts[0]; } else { - throw new IncorrectDocblockException('@psalm-taint-source expects 1 argument'); + IssueBuffer::maybeAdd( + new InvalidDocblock( + '@psalm-taint-source expects 1 argument', + $code_location, + ), + ); } } } elseif (isset($parsed_docblock->tags['return-taint'])) { diff --git a/tests/Template/ConditionalReturnTypeTest.php b/tests/Template/ConditionalReturnTypeTest.php index 0dd32eac1cf..cbdce780a2b 100644 --- a/tests/Template/ConditionalReturnTypeTest.php +++ b/tests/Template/ConditionalReturnTypeTest.php @@ -759,7 +759,7 @@ private function getBody() : string { * @template TSource as self::SOURCE_* * @param TSource $source * @return (TSource is "BODY" ? object|list : array) - * @psalm-taint-source html + * @psalm-taint-source input */ public function getParams( string $source = self::SOURCE_GET