slowQueryLogPath() returns a taint-safe file (#5251)

redaxo · Jul 19, 2022 · 992b3db · 992b3db
1 parent c1aa70e
commit 992b3db
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 5 deletions.
diff --git a/.tools/psalm/baseline-taint.xml b/.tools/psalm/baseline-taint.xml
@@ -10,9 +10,4 @@
       <code>$data</code>
     </TaintedCallable>
   </file>
-  <file src="redaxo/src/core/pages/system.log.external.php">
-    <TaintedFile occurrences="1">
-      <code>$logFile</code>
-    </TaintedFile>
-  </file>
 </files>
diff --git a/redaxo/src/core/lib/sql/util.php b/redaxo/src/core/lib/sql/util.php
@@ -7,6 +7,9 @@
  */
 class rex_sql_util
 {
+    /**
+     * @psalm-taint-escape file
+     */
     public static function slowQueryLogPath(): ?string
     {
         $db = rex_sql::factory();