Open etremblay opened 1 year ago
I found these snippets:
I found these snippets:
I ran into the same issue, and only when --taint-analysis
is enabled as @etremblay reported.
The method FunctionCallReturnTypeFetcher::taintUsingFlows
assumes that the $args
parameter contains an array of PhpParser\Node\Arg
instances and calls its value
property. Instead, it contains a PhpParser\Node\VariadicPlaceholder
instance.
In the lines above, there is already a check $current_arg_is_variadic
, but this does not seem to prevent calling the PhpParser\Node\Arg
property:
I'm assuming the solution would be to change the type of $args
to array<PhpParser\Node\Arg|PhpParser\Node\VariadicPlaceholder>
and if $args[$arg_index]
is an instance of PhpParser\Node\VariadicPlaceholder
, instantiate CodeLocation
in a different way.
But I'm new to the codebase of Psalm, and I'm not really sure what is the best way to solve this. If someone can point me in the right direction I'd be happy to contribute a pull request.
A simple
array_map(strtolower(...), array)
cause the--taint-analysis
to throw an exception.https://psalm.dev/r/4180f36bb1
The regular code scanning pass.
It does not crash with user function or class method like :