You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/security_analysis/avoiding_false_positives.md
+8-8
Original file line number
Diff line number
Diff line change
@@ -13,7 +13,7 @@ Some operations remove taints from data – for example, wrapping `$_GET['name']
13
13
Psalm allows you to remove taints via a `@psalm-taint-escape <taint-type>` annotation:
14
14
15
15
```php
16
-
<?php // trackTaints
16
+
<?php
17
17
18
18
function echoVar(string $str) : void {
19
19
/**
@@ -31,7 +31,7 @@ echoVar($_GET["text"]);
31
31
For functions, methods and classes you can use the `@psalm-taint-specialize` annotation.
32
32
33
33
```php
34
-
<?php // trackTaints
34
+
<?php
35
35
36
36
function takesInput(string $s) : string {
37
37
return $s;
@@ -44,7 +44,7 @@ echo takesInput("hello"); // Psalm detects tainted HTML here
44
44
Adding a `@psalm-taint-specialize` annotation solves the problem, by telling Psalm that each invocation of the function should be treated separately.
45
45
46
46
```php
47
-
<?php // trackTaints
47
+
<?php
48
48
49
49
/**
50
50
* @psalm-taint-specialize
@@ -60,7 +60,7 @@ echo takesInput("hello"); // No error
60
60
A specialized function or method will still track tainted input:
61
61
62
62
```php
63
-
<?php // trackTaints
63
+
<?php
64
64
65
65
/**
66
66
* @psalm-taint-specialize
@@ -78,7 +78,7 @@ Here we’re telling Psalm that a function’s taintedness is wholly depenedent
78
78
If you're familiar with [immutability in Psalm](https://psalm.dev/articles/immutability-and-beyond) then this general idea should be familiar, since a pure function is one where the output is wholly dependent on its input. Unsurprisingly, all functions marked `@psalm-pure`_also_ specialize the taintedness of their output based on input:
79
79
80
80
```php
81
-
<?php // trackTaints
81
+
<?php
82
82
83
83
/**
84
84
* @psalm-pure
@@ -96,7 +96,7 @@ echo takesInput("hello"); // No error
96
96
Just as taints can be specialized in function calls, tainted properties can also be specialized to a given class.
97
97
98
98
```php
99
-
<?php // trackTaints
99
+
<?php
100
100
101
101
class User {
102
102
public string $name;
@@ -122,7 +122,7 @@ echoUserName($user1);
122
122
Adding `@psalm-taint-specialize` to the class fixes the issue.
123
123
124
124
```php
125
-
<?php // trackTaints
125
+
<?php
126
126
127
127
/**
128
128
* @psalm-taint-specialize
@@ -151,7 +151,7 @@ echoUserName($user1);
151
151
And, because it’s form of purity enforcement, `@psalm-immutable` can also be used:
0 commit comments