Fix another query simulation leading to query error (#550)

Author: staabm

tests/rules/SyntaxErrorInQueryMethodRuleTest.php

@@ -309,4 +309,9 @@ public function testBug547(): void
     {
         $this->analyse([__DIR__ . '/data/bug-547.php'], []);
     }
+
+    public function testBug548(): void
+    {
+        $this->analyse([__DIR__ . '/data/bug-548.php'], []);
+    }
 }

tests/rules/UnresolvableQueryMethodRuleTest.php

@@ -69,6 +69,11 @@ public function testBug536(): void
         $this->analyse([__DIR__ . '/data/bug-536.php'], []);
     }
 
+    public function testBug548(): void
+    {
+        $this->analyse([__DIR__ . '/data/bug-548.php'], []);
+    }
+
     public function testBug547(): void
     {
         $this->analyse([__DIR__ . '/data/bug-547.php'], []);

tests/rules/data/bug-548.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace Bug548;
+
+use PDO;
+
+function taintEscapedAndInferencePlaceholder(PDO $pdo, string $s, int $start, int $max)
+{
+
+    $pdo->query('SELECT * FROM ' . X::escapeIdentifier($s) . ' LIMIT ' . $start . ',' . $max, PDO::FETCH_ASSOC);
+}
+
+class X {
+    /**
+     * Escapes and adds backsticks around.
+     *
+     * @param string $name
+     *
+     * @return string
+     *
+     * @psalm-taint-escape sql
+     */
+    public static function escapeIdentifier($name)
+    {
+        return '';
+    }
+
+}