From 39881e88564435840a70552fac148ef2b525072e Mon Sep 17 00:00:00 2001
From: JDGrimes <jdg@codesymphony.co>
Date: Sun, 15 Feb 2015 18:02:28 -0500
Subject: [PATCH] Add tests for printf() and vprintf()

---
 WordPress/Sniffs/XSS/EscapeOutputSniff.php   | 7 +++++++
 WordPress/Tests/XSS/EscapeOutputUnitTest.inc | 5 +++++
 WordPress/Tests/XSS/EscapeOutputUnitTest.php | 2 ++
 3 files changed, 14 insertions(+)

diff --git a/WordPress/Sniffs/XSS/EscapeOutputSniff.php b/WordPress/Sniffs/XSS/EscapeOutputSniff.php
index d7807f2e5b..ccf3db1854 100644
--- a/WordPress/Sniffs/XSS/EscapeOutputSniff.php
+++ b/WordPress/Sniffs/XSS/EscapeOutputSniff.php
@@ -280,6 +280,8 @@ public function process( PHP_CodeSniffer_File $phpcsFile, $stackPtr )
 
 		$needs_sanitizing_function = false;
 
+		$function = $tokens[ $stackPtr ]['content'];
+
 		// If function, not T_ECHO nor T_PRINT
 		if ( $tokens[$stackPtr]['code'] == T_STRING ) {
 			// Skip if it is a function but is not of the printing functions ( self::needSanitizingFunctions )
@@ -337,6 +339,11 @@ public function process( PHP_CodeSniffer_File $phpcsFile, $stackPtr )
 			if ( $tokens[$i]['code'] == T_WHITESPACE )
 				continue;
 
+			if ( 'vprintf' === $function && $tokens[ $i ]['code'] === T_ARRAY ) {
+				$i++; // Skip the opening parenthesis.
+				continue;
+			}
+
 			// Wake up on concatenation characters, another part to check
 			if ( in_array( $tokens[$i]['code'], array( T_STRING_CONCAT ) ) ) {
 				$watch = true;
diff --git a/WordPress/Tests/XSS/EscapeOutputUnitTest.inc b/WordPress/Tests/XSS/EscapeOutputUnitTest.inc
index 2ebbfe43e8..88534ed990 100644
--- a/WordPress/Tests/XSS/EscapeOutputUnitTest.inc
+++ b/WordPress/Tests/XSS/EscapeOutputUnitTest.inc
@@ -69,3 +69,8 @@ die( $foo ); // Bad
 die( esc_html( $foo ) ); // OK
 
 printf( 'Hello %s', $foo ); // Bad
+printf( 'Hello %s', esc_html( $foo ) ); // OK
+printf( 'Hello %s! Hi %s!', esc_html( $foo ), $bar ); // Bad
+
+vprintf( 'Hello %s', array( $foo ) ); // Bad
+vprintf( 'Hello %s', array( esc_html( $foo ) ) ); // OK
diff --git a/WordPress/Tests/XSS/EscapeOutputUnitTest.php b/WordPress/Tests/XSS/EscapeOutputUnitTest.php
index 403b9737b5..46efaa0a77 100644
--- a/WordPress/Tests/XSS/EscapeOutputUnitTest.php
+++ b/WordPress/Tests/XSS/EscapeOutputUnitTest.php
@@ -56,6 +56,8 @@ public function getErrorList()
                 65 => 1,
                 68 => 1,
                 71 => 1,
+                73 => 1,
+                75 => 1,
                );
 
     }//end getErrorList()