protected function getArgumentTaint(TaintResult $argTaint)
{
$taintVal = $argTaint->getTaint();
$sanitisingFuncs = $argTaint->getSanitisingFunctions();
if ($this->containsSanitisingFunction($sanitisingFuncs)) {
return Annotation::SAFE;
} else {
return $taintVal;
}
}
private function mergeTaintResultsWithWithParameterTaints($resTaint, $argTaints)
{
if (empty($resTaint)) {
return new TaintResult(Annotation::UNASSIGNED);
}
$taintResult = new TaintResult($resTaint->getTaint(), $resTaint->getSanitisingFunctions());
foreach ($argTaints as $paramName => $taint) {
if ($resTaint->isAffectingParameter($paramName)) {
$taintResult->merge($taint);
}
}
return $taintResult;
}
protected function mergeTaintResultSanitisingFunctions(TaintResult $result1, TaintResult $result2)
{
$functions1 = $result1->getSanitisingFunctions();
$functions2 = $result2->getSanitisingFunctions();
return array_merge($functions1, $functions2);
}