Taint can't transmit through numerics nor bool

vimeo · Nov 25, 2021 · ab61eae · ab61eae
1 parent 3bc06a8
commit ab61eae
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/src/Psalm/Internal/Analyzer/FunctionLikeAnalyzer.php b/src/Psalm/Internal/Analyzer/FunctionLikeAnalyzer.php
@@ -12,6 +12,7 @@
 use Psalm\Internal\Analyzer\FunctionLike\ReturnTypeAnalyzer;
 use Psalm\Internal\Analyzer\FunctionLike\ReturnTypeCollector;
 use Psalm\Internal\Analyzer\Statements\ExpressionAnalyzer;
+use Psalm\Internal\Codebase\TaintFlowGraph;
 use Psalm\Internal\DataFlow\DataFlowNode;
 use Psalm\Internal\FileManipulation\FunctionDocblockManipulator;
 use Psalm\Internal\Type\Comparator\TypeComparisonResult;
@@ -1032,7 +1033,9 @@ private function processParams(
             if ($statements_analyzer->data_flow_graph
                 && $function_param->location
             ) {
-                if ($function_param->type === null
+                //don't add to taint flow graph if the type can't transmit taints
+                if (!$statements_analyzer->data_flow_graph instanceof TaintFlowGraph
+                    || $function_param->type === null
                     || !$function_param->type->isSingle()
                     || (!$function_param->type->isInt()
                         && !$function_param->type->isFloat()