protected function getArgumentTaint(TaintResult $argTaint)
 {
     $taintVal = $argTaint->getTaint();
     $sanitisingFuncs = $argTaint->getSanitisingFunctions();
     if ($this->containsSanitisingFunction($sanitisingFuncs)) {
         return Annotation::SAFE;
     } else {
         return $taintVal;
     }
 }
Beispiel #2
0
 private function mergeTaintResultsWithWithParameterTaints($resTaint, $argTaints)
 {
     if (empty($resTaint)) {
         return new TaintResult(Annotation::UNASSIGNED);
     }
     $taintResult = new TaintResult($resTaint->getTaint(), $resTaint->getSanitisingFunctions());
     foreach ($argTaints as $paramName => $taint) {
         if ($resTaint->isAffectingParameter($paramName)) {
             $taintResult->merge($taint);
         }
     }
     return $taintResult;
 }
 protected function mergeTaintResultSanitisingFunctions(TaintResult $result1, TaintResult $result2)
 {
     $functions1 = $result1->getSanitisingFunctions();
     $functions2 = $result2->getSanitisingFunctions();
     return array_merge($functions1, $functions2);
 }