Function uses global variable causes inconsistency in variable id

[quanyang]

Example:

<?php
$global = "B";
function TestTaintOnFunction() {
    global $global;
    $secondVar = "2";
    echo $global;
}

Results in:

    Expr_Assign
        var: Var#1<$global>
        expr: LITERAL('B')
        result: Var#2
    Stmt_Function<TestTaintOnFunction>

Function TestTaintOnFunction():
Block#1
    Terminal_GlobalVar
        var: LITERAL('global')
    Expr_Assign
        var: Var#1<$secondVar>
        expr: LITERAL('2')
        result: Var#2
    Terminal_Echo
        expr: Var#3<$global>

Anyway to make the id consistent?

[nikic]

Something to consider here is that the pseudo-main scope of a file does not necessarily coincide with the global scope. Consider this scenario:

// file1.php
<?php
$global = "B";
function test() {
    global $global;
    echo $global;
}

// file2.php
<?php
$global = "A";
function run() {
    require __DIR__ . '/file1.php';
}
run();

And then execute file2.php. In this case the $global variable from file1.php will actually be a local variable inside the run function and global $global will instead reference the $global from file2.php. (Nowadays files are nearly always included from something other than the global scope due to autoloading, so this is not entirely idle speculation.)

[quanyang]

Yes that could be a possibility. However, the currently php-cfg implementation is not be able to handle inclusion of external files, am I right?

Do you think it'd be possible at all to fix this issue for global vars?