fix phpdoc parsing with whitespaces/contents after values (#438)

Co-authored-by: Markus Staab <[email protected]>
staabm · Oct 10, 2022 · 7ce54d8 · 7ce54d8
1 parent 8e6836a
commit 7ce54d8
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 2 deletions.
diff --git a/src/PhpDoc/PhpDocUtil.php b/src/PhpDoc/PhpDocUtil.php
@@ -30,7 +30,7 @@ public static function matchTaintEscape($callLike, Scope $scope): ?string
             // atm no resolved phpdoc for methods
             // see https://github.com/phpstan/phpstan/discussions/7657
             $phpDocString = $methodReflection->getDocComment();
-            if (null !== $phpDocString && preg_match('/@psalm-taint-escape\s+(\S+)$/m', $phpDocString, $matches)) {
+            if (null !== $phpDocString && preg_match('/@psalm-taint-escape\s+(\S+).*$/m', $phpDocString, $matches)) {
                 return $matches[1];
             }
         }
@@ -91,7 +91,7 @@ private static function matchStringAnnotation(string $annotation, $callLike, Sco
             // atm no resolved phpdoc for methods
             // see https://github.com/phpstan/phpstan/discussions/7657
             $phpDocString = $methodReflection->getDocComment();
-            if (null !== $phpDocString && preg_match('/'.$annotation.'\s+(.+)$/m', $phpDocString, $matches)) {
+            if (null !== $phpDocString && preg_match('/'.$annotation.'\s+(\S+).*$/m', $phpDocString, $matches)) {
                 $placeholder = $matches[1];
 
                 if (\in_array($placeholder[0], ['"', "'"], true)) {

diff --git a/tests/default/data/inference-placeholder.php b/tests/default/data/inference-placeholder.php
@@ -26,6 +26,13 @@ public function fetchOneWithDynamicQueryPartViaVariable(Connection $conn, string
         assertType('string|false', $fetchResult);
     }
 
+    public function bug439(Connection $conn, string $email)
+    {
+        $query = 'SELECT email, adaid FROM ada WHERE email = :email AND '.$this->stuffAfterPlaceholder(rand(0, 100));
+        $fetchResult = $conn->fetchOne($query, ['email' => $email]);
+        assertType('string|false', $fetchResult);
+    }
+
     /**
      * simulating a dynamic where part, not relevant for the query overall result.
      *
@@ -61,4 +68,14 @@ private static function staticDynamicWhere(int $i)
 
         return implode(' AND ', $where);
     }
+
+    /**
+     * @phpstandba-inference-placeholder '1=1'  <-- anything behind placeholder value
+     *
+     * @return string
+     */
+    private function stuffAfterPlaceholder(int $i)
+    {
+        return '';
+    }
 }