RegularExpressionPatternRule: validate preg_quote'd patterns

Author: staabm

src/Rules/Regexp/RegularExpressionPatternRule.php

@@ -9,6 +9,7 @@
 use PHPStan\Analyser\Scope;
 use PHPStan\Rules\Rule;
 use PHPStan\Rules\RuleErrorBuilder;
+use PHPStan\Type\Php\RegexExpressionHelper;
 use function in_array;
 use function sprintf;
 use function str_starts_with;
@@ -20,6 +21,12 @@
 class RegularExpressionPatternRule implements Rule
 {
 
+	public function __construct(
+		private RegexExpressionHelper $regexExpressionHelper,
+	)
+	{
+	}
+
 	public function getNodeType(): string
 	{
 		return FuncCall::class;
@@ -74,6 +81,9 @@ private function extractPatterns(FuncCall $functionCall, Scope $scope): array
 				'preg_filter',
 			], true)
 		) {
+			if ($patternNode instanceof Node\Expr\BinaryOp\Concat) {
+				$patternType = $this->regexExpressionHelper->resolvePatternConcat($patternNode, $scope);
+			}
 			foreach ($patternType->getConstantStrings() as $constantStringType) {
 				$patternStrings[] = $constantStringType->getValue();
 			}

tests/PHPStan/Rules/Regexp/RegularExpressionPatternRuleTest.php

@@ -4,6 +4,7 @@
 
 use PHPStan\Rules\Rule;
 use PHPStan\Testing\RuleTestCase;
+use PHPStan\Type\Php\RegexExpressionHelper;
 use function sprintf;
 use const PHP_VERSION_ID;
 
@@ -15,7 +16,9 @@ class RegularExpressionPatternRuleTest extends RuleTestCase
 
 	protected function getRule(): Rule
 	{
-		return new RegularExpressionPatternRule();
+		return new RegularExpressionPatternRule(
+			self::getContainer()->getByType(RegexExpressionHelper::class),
+		);
 	}
 
 	public function testValidRegexPatternBefore73(): void
@@ -115,6 +118,30 @@ public function testValidRegexPatternBefore73(): void
 					'Regex pattern is invalid: Compilation failed: missing ) at offset 1 in pattern: ~(~',
 					43,
 				],
+				[
+					'Regex pattern is invalid: Delimiter must not be alphanumeric, backslash, or NUL in pattern: nok',
+					57,
+				],
+				[
+					'Regex pattern is invalid: Delimiter must not be alphanumeric, backslash, or NUL in pattern: nok',
+					58,
+				],
+				[
+					'Regex pattern is invalid: Compilation failed: missing closing parenthesis at offset 1 in pattern: ~(~',
+					59,
+				],
+				[
+					'Regex pattern is invalid: Delimiter must not be alphanumeric, backslash, or NUL in pattern: noknono',
+					61,
+				],
+				[
+					'Regex pattern is invalid: Delimiter must not be alphanumeric, backslash, or NUL in pattern: noknope',
+					62,
+				],
+				[
+					'Regex pattern is invalid: Compilation failed: missing closing parenthesis at offset 1 in pattern: ~(~',
+					63,
+				],
 			],
 		);
 	}
@@ -221,6 +248,30 @@ public function testValidRegexPatternAfter73(): void
 					'Regex pattern is invalid: Compilation failed: missing closing parenthesis at offset 1 in pattern: ~(~',
 					43,
 				],
+				[
+					sprintf('Regex pattern is invalid: Delimiter must not be %s in pattern: nok', $messagePart),
+					57,
+				],
+				[
+					sprintf('Regex pattern is invalid: Delimiter must not be %s in pattern: nok', $messagePart),
+					58,
+				],
+				[
+					'Regex pattern is invalid: Compilation failed: missing closing parenthesis at offset 1 in pattern: ~(~',
+					59,
+				],
+				[
+					sprintf('Regex pattern is invalid: Delimiter must not be %s in pattern: noknono', $messagePart),
+					61,
+				],
+				[
+					sprintf('Regex pattern is invalid: Delimiter must not be %s in pattern: noknope', $messagePart),
+					62,
+				],
+				[
+					'Regex pattern is invalid: Compilation failed: missing closing parenthesis at offset 1 in pattern: ~(~',
+					63,
+				],
 			],
 		);
 	}

tests/PHPStan/Rules/Regexp/data/valid-regex-pattern.php

@@ -1,4 +1,4 @@
-<?php
+<?php namespace RegexExpressionPatterns;
 
 $string = (function (): string {})();
 
@@ -48,3 +48,17 @@
 	],
 	''
 );
+
+function doFoo(string $s) {
+	preg_match('~ok'. preg_quote($s, '~') .'~', '');
+	preg_match('~ok'. preg_quote($s) .'~', '');
+
+	// invalid preg_quote delimiters will be reported by RegularExpressionQuotingRule
+	preg_match('nok'. preg_quote($s), '');
+	preg_match('nok'. preg_quote($s), '');
+	preg_match('~('. preg_quote($s, '~') .'~', '');
+
+	preg_replace('nok'. preg_quote($s).'nono', '');
+	preg_replace('nok'. preg_quote($s).'nope', '');
+	preg_replace('~('. preg_quote($s, '~') .'~', '');
+}