Fix static call specialisation via annotation

vimeo · Jun 22, 2020 · fc8212e · fc8212e
1 parent bee10a2
commit fc8212e
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 1 deletion.
diff --git a/src/Psalm/Internal/Analyzer/Statements/Expression/Call/StaticCallAnalyzer.php b/src/Psalm/Internal/Analyzer/Statements/Expression/Call/StaticCallAnalyzer.php
@@ -1368,7 +1368,7 @@ private static function taintReturnType(
             ? ($method_storage->signature_return_type_location ?: $method_storage->location)
             : null;
 
-        if ($method_storage && $method_storage->pure) {
+        if ($method_storage && $method_storage->specialize_call) {
             $method_source = TaintNode::getForMethodReturn(
                 (string) $method_id,
                 $cased_method_id,

diff --git a/tests/TaintTest.php b/tests/TaintTest.php
@@ -1717,4 +1717,36 @@ public function testImplodeExplode() : void
 
         $this->analyzeFile('somefile.php', new Context());
     }
+
+    public function testSpecializeStaticMethod() : void
+    {
+        $this->project_analyzer->trackTaintedInputs();
+
+        $this->addFile(
+            'somefile.php',
+            '<?php
+                StringUtility::foo($_GET["c"]);
+
+                class StringUtility {
+                    /**
+                     * @psalm-taint-specialize
+                     */
+                    public static function foo(string $str) : string
+                    {
+                        return $str;
+                    }
+
+                    /**
+                     * @psalm-taint-specialize
+                     */
+                    public static function slugify(string $url) : string {
+                        return self::foo($url);
+                    }
+                }
+
+                echo StringUtility::slugify("hello");'
+        );
+
+        $this->analyzeFile('somefile.php', new Context());
+    }
 }