fix: Fix psalm taint error in L10N factory

come-nc · come-nc · commit 7d26ac8d8ebc · 2025-02-13T18:06:43.000+01:00
Signed-off-by: Côme Chilliet &lt;come.chilliet@nextcloud.com&gt;
diff --git a/lib/private/L10N/Factory.php b/lib/private/L10N/Factory.php
@@ -108,9 +108,7 @@ public function get($app, $lang = null, $locale = null) {
 				$locale = $forceLocale;
 			}
 
-			if ($lang === null || !$this->languageExists($app, $lang)) {
-				$lang = $this->findLanguage($app);
-			}
+			$lang = $this->validateLanguage($app, $lang);
 
 			if ($locale === null || !$this->localeExists($locale)) {
 				$locale = $this->findLocale($lang);
@@ -130,6 +128,29 @@ public function get($app, $lang = null, $locale = null) {
 		});
 	}
 
+	/**
+	 * Check that $lang is an existing language and not null, otherwise return the language to use instead
+	 *
+	 * @psalm-taint-escape callable
+	 * @psalm-taint-escape cookie
+	 * @psalm-taint-escape file
+	 * @psalm-taint-escape has_quotes
+	 * @psalm-taint-escape header
+	 * @psalm-taint-escape html
+	 * @psalm-taint-escape include
+	 * @psalm-taint-escape ldap
+	 * @psalm-taint-escape shell
+	 * @psalm-taint-escape sql
+	 * @psalm-taint-escape unserialize
+	 */
+	private function validateLanguage(string $app, ?string $lang): string {
+		if ($lang === null || !$this->languageExists($app, $lang)) {
+			return $this->findLanguage($app);
+		} else {
+			return $lang;
+		}
+	}
+
 	/**
 	 * Find the best language
 	 *
