diff --git a/stubs/CoreGenericFunctions.phpstub b/stubs/CoreGenericFunctions.phpstub index 14658e20c29..059ecb4d4d3 100644 --- a/stubs/CoreGenericFunctions.phpstub +++ b/stubs/CoreGenericFunctions.phpstub @@ -1674,7 +1674,7 @@ function stream_select(null|array &$read, null|array &$write, null|array &$excep * @psalm-taint-escape sql * @psalm-flow ($string) -> return */ -function mysqli_escape_string($string) {} +function mysqli_escape_string(mysqli $mysqli, $string) {} /** * @psalm-pure @@ -1682,7 +1682,7 @@ function mysqli_escape_string($string) {} * @psalm-taint-escape sql * @psalm-flow ($string) -> return */ -function mysqli_real_escape_string($string) {} +function mysqli_real_escape_string(mysqli $mysqli, $string) {} /** * @psalm-pure diff --git a/tests/TaintTest.php b/tests/TaintTest.php index f9f7612b3ed..edaedce57ca 100644 --- a/tests/TaintTest.php +++ b/tests/TaintTest.php @@ -744,9 +744,9 @@ function bar(array $arr): void { $mysqli = new mysqli(); $a = $mysqli->escape_string($_GET["a"]); - $b = mysqli_escape_string($_GET["b"]); + $b = mysqli_escape_string($mysqli, $_GET["b"]); $c = $mysqli->real_escape_string($_GET["c"]); - $d = mysqli_real_escape_string($_GET["d"]); + $d = mysqli_real_escape_string($mysqli, $_GET["d"]); $mysqli->query("$a$b$c$d");', ], @@ -2434,12 +2434,14 @@ public static function getPrevious(string $s): string { ], 'assertMysqliOnlyEscapesSqlTaints3' => [ 'code' => ' 'TaintedHtml', ], 'assertMysqliOnlyEscapesSqlTaints4' => [ 'code' => ' 'TaintedHtml', ], 'assertDb2OnlyEscapesSqlTaints' => [