From 9ad60fe1cdad3f8c293a0530c9784bef03389b07 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez=20Crespo?= <jaime.perez@uninett.no>
Date: Mon, 8 Jan 2018 12:49:13 +0100
Subject: [PATCH] Fix psalm issues.

Psalm is starting to get annoying. Both openssl_decrypt() and realpath() can return a string or false on error. Psalm seems to ignore the latter all of a sudden, so it assumes the returned variable will always be a string and then it fails when you check on errors. This fix explicitly declares the problematic variables with types string or false, so that psalm stops complaining.
---
 lib/SimpleSAML/Utils/Crypto.php | 1 +
 lib/SimpleSAML/Utils/HTTP.php   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/lib/SimpleSAML/Utils/Crypto.php b/lib/SimpleSAML/Utils/Crypto.php
index 749d9d2db..f0b723d4f 100644
--- a/lib/SimpleSAML/Utils/Crypto.php
+++ b/lib/SimpleSAML/Utils/Crypto.php
@@ -49,6 +49,7 @@ class Crypto
 
         // authenticate the ciphertext
         if (self::secureCompare(hash_hmac('sha256', $iv.$msg, substr($key, 64, 64), true), $hmac)) {
+            /** @var string|false $plaintext */
             $plaintext = openssl_decrypt(
                 $msg,
                 'AES-256-CBC',
diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index 96cfc62ec..5367f654d 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -756,6 +756,7 @@ class HTTP
     {
         $cfg = \SimpleSAML_Configuration::getInstance();
         $baseDir = $cfg->getBaseDir();
+        /** @var string|false $cur_path */
         $cur_path = realpath($_SERVER['SCRIPT_FILENAME']);
         // make sure we got a string from realpath()
         $cur_path = is_string($cur_path) ? $cur_path : '';
-- 
GitLab