protected function getArgumentTaint(TaintResult $argTaint) { $taintVal = $argTaint->getTaint(); $sanitisingFuncs = $argTaint->getSanitisingFunctions(); if ($this->containsSanitisingFunction($sanitisingFuncs)) { return Annotation::SAFE; } else { return $taintVal; } }
private function mergeTaintResultsWithWithParameterTaints($resTaint, $argTaints) { if (empty($resTaint)) { return new TaintResult(Annotation::UNASSIGNED); } $taintResult = new TaintResult($resTaint->getTaint(), $resTaint->getSanitisingFunctions()); foreach ($argTaints as $paramName => $taint) { if ($resTaint->isAffectingParameter($paramName)) { $taintResult->merge($taint); } } return $taintResult; }
protected function mergeTaintResultSanitisingFunctions(TaintResult $result1, TaintResult $result2) { $functions1 = $result1->getSanitisingFunctions(); $functions2 = $result2->getSanitisingFunctions(); return array_merge($functions1, $functions2); }