public function testXSSInsideFuncCall() { $taintDephense = new Taint(); $runResult = $taintDephense->run($this->program2->parseTree); $this->assertEquals(1, count($runResult)); $taint = $this->getVariableTaint($this->program2->parseTree[2]->var); $this->assertEquals(Taint\Annotation::TAINTED, $taint); }
public function testSQLInjectionInFunctionCallSanitisation() { $taintDephense = new Taint(); $runResult = $taintDephense->run($this->program1->parseTree); $this->assertEquals(0, count($runResult)); $taint = $this->getVariableTaint($this->program1->parseTree[2]->var); $this->assertEquals(Taint\Annotation::TAINTED, $taint); }
public function testIfElse() { $taintDephense = new Taint(); $taintDephense->run($this->program2->parseTree); $taint1 = $this->getVariableTaint($this->program2->parseTree[2]->var); $this->assertEquals(Taint\Annotation::SAFE, $taint1); $taint2 = $this->getVariableTaint($this->program2->parseTree[4]->var); $this->assertEquals(Taint\Annotation::TAINTED, $taint2); }