From 37d93141c4abb747eb3b1190f3400f3a4027fcb2 Mon Sep 17 00:00:00 2001
From: Brown <github@muglug.com>
Date: Tue, 6 Aug 2019 13:05:34 -0400
Subject: [PATCH] Only register taints on known magic properties

---
 .../Expression/Assignment/PropertyAssignmentAnalyzer.php      | 4 ++--
 .../Statements/Expression/Fetch/PropertyFetchAnalyzer.php     | 2 --
 tests/TaintTest.php                                           | 3 +++
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/Psalm/Internal/Analyzer/Statements/Expression/Assignment/PropertyAssignmentAnalyzer.php b/src/Psalm/Internal/Analyzer/Statements/Expression/Assignment/PropertyAssignmentAnalyzer.php
index 806794888a4..968db1221a2 100644
--- a/src/Psalm/Internal/Analyzer/Statements/Expression/Assignment/PropertyAssignmentAnalyzer.php
+++ b/src/Psalm/Internal/Analyzer/Statements/Expression/Assignment/PropertyAssignmentAnalyzer.php
@@ -361,6 +361,8 @@ public static function analyzeInstance(
 
                             $has_regular_setter = true;
                             $property_exists = true;
+
+                            self::taintProperty($statements_analyzer, $stmt, $property_id, $assignment_value_type);
                             continue;
                         }
                     }
@@ -408,8 +410,6 @@ public static function analyzeInstance(
                         if (!in_array('PossiblyNullReference', $suppressed_issues, true)) {
                             $statements_analyzer->removeSuppressedIssues(['PossiblyNullReference']);
                         }
-
-                        self::taintProperty($statements_analyzer, $stmt, $property_id, $assignment_value_type);
                     }
 
                     /*
diff --git a/src/Psalm/Internal/Analyzer/Statements/Expression/Fetch/PropertyFetchAnalyzer.php b/src/Psalm/Internal/Analyzer/Statements/Expression/Fetch/PropertyFetchAnalyzer.php
index a6a827b8613..9eba60966da 100644
--- a/src/Psalm/Internal/Analyzer/Statements/Expression/Fetch/PropertyFetchAnalyzer.php
+++ b/src/Psalm/Internal/Analyzer/Statements/Expression/Fetch/PropertyFetchAnalyzer.php
@@ -537,8 +537,6 @@ public static function analyzeInstance(
 
                 $property_id = $lhs_type_part->value . '::$' . $prop_name;
 
-                self::processTaints($statements_analyzer, $stmt, $stmt->inferredType, $property_id);
-
                 /*
                  * If we have an explicit list of all allowed magic properties on the class, and we're
                  * not in that list, fall through
diff --git a/tests/TaintTest.php b/tests/TaintTest.php
index 3905a9d7d98..8011b18bc63 100644
--- a/tests/TaintTest.php
+++ b/tests/TaintTest.php
@@ -668,6 +668,9 @@ public function testTaintedInputFromMagicProperty() : void
         $this->addFile(
             'somefile.php',
             '<?php
+                /**
+                 * @property string $userId
+                 */
                 class A {
                     /** @var array<string, string> */
                     private $vars = [];