Fix query simulation leading to query error (#549)

Author: staabm

.phpstan-dba-mysqli.cache

@@ -280,7 +280,13 @@ public function resolveQueryStrings(Expr $queryExpr, Scope $scope): iterable
 
         $queryString = $this->resolveQueryExpr($queryExpr, $scope);
         if (null !== $queryString) {
-            yield QuerySimulation::stripComments($this->normalizeQueryString($queryString));
+            $normalizedQuery = QuerySimulation::stripComments($this->normalizeQueryString($queryString));
+
+            // query simulation might lead in a invalid query, skip those
+            $error = $this->validateQueryString($normalizedQuery);
+            if ($error === null) {
+                yield $normalizedQuery;
+            }
         }
     }
 

src/QueryReflection/QueryReflection.php

@@ -304,4 +304,9 @@ public function testBugRexstan165()
     {
         $this->analyse([__DIR__ . '/data/bug-rexstan-165.php'], []);
     }
+
+    public function testBug547(): void
+    {
+        $this->analyse([__DIR__ . '/data/bug-547.php'], []);
+    }
 }

tests/rules/SyntaxErrorInQueryMethodRuleTest.php

@@ -68,4 +68,9 @@ public function testBug536(): void
     {
         $this->analyse([__DIR__ . '/data/bug-536.php'], []);
     }
+
+    public function testBug547(): void
+    {
+        $this->analyse([__DIR__ . '/data/bug-547.php'], []);
+    }
 }

tests/rules/UnresolvableQueryMethodRuleTest.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace Bug547;
+
+use PDO;
+
+function taintEscapedAndInferencePlaceholder(PDO $pdo, string $s)
+{
+
+    $pdo->query('SELECT * FROM ' . X::escapeIdentifier($s), PDO::FETCH_ASSOC);
+}
+
+class X {
+    /**
+     * Escapes and adds backsticks around.
+     *
+     * @param string $name
+     *
+     * @return string
+     *
+     * @psalm-taint-escape sql
+     */
+    public static function escapeIdentifier($name)
+    {
+        return '';
+    }
+
+}