Merge pull request #248 from koriym/add-psalm-taint-annotations

Add Psalm taint analysis annotations for SQL injection detection

Author: harikt

src/ExtendedPdoInterface.php

@@ -251,6 +251,7 @@ public function getProfiler(): ProfilerInterface;
      *
      * @return string The multi-part identifier name, quoted.
      *
+     * @psalm-taint-escape sql
      */
     public function quoteName(string $name): string;
 
@@ -262,6 +263,7 @@ public function quoteName(string $name): string;
      *
      * @return string The quoted identifier name.
      *
+     * @psalm-taint-escape sql
      */
     public function quoteSingleName(string $name): string;
 

src/PdoInterface.php

@@ -92,6 +92,7 @@ public function errorInfo(): array;
      *
      * @see http://php.net/manual/en/pdo.exec.php
      *
+     * @psalm-taint-sink sql $statement
      */
     public function exec(string $statement): int|false;
 
@@ -152,6 +153,8 @@ public function lastInsertId(?string $name = null): string|false;
      * @return \PDOStatement|false
      *
      * @see http://php.net/manual/en/pdo.prepare.php
+     *
+     * @psalm-taint-sink sql $query
      */
     public function prepare(string $query, array $options = []): PDOStatement|false;
 
@@ -169,6 +172,7 @@ public function prepare(string $query, array $options = []): PDOStatement|false;
      *
      * @see http://php.net/manual/en/pdo.query.php
      *
+     * @psalm-taint-sink sql $query
      */
     public function query(string $query, ?int $fetchMode = null, ...$fetch_mode_args): PDOStatement|false;
 
@@ -184,6 +188,7 @@ public function query(string $query, ?int $fetchMode = null, ...$fetch_mode_args
      *
      * @see http://php.net/manual/en/pdo.quote.php
      *
+     * @psalm-taint-escape sql
      */
     public function quote(string|int|array|float|null $value, int $type = PDO::PARAM_STR): string|false;