lib/brakeman/processors/alias_processor.rb in brakeman-lib-5.0.1 vs lib/brakeman/processors/alias_processor.rb in brakeman-lib-5.0.2
- old
+ new
@@ -218,17 +218,32 @@
exp = join_strings(target, first_arg, exp)
elsif number? first_arg
exp = math_op(:+, target, first_arg, exp)
end
when :-, :*, :/
- exp = math_op(method, target, first_arg, exp)
+ if method == :* and array? target
+ if string? first_arg
+ exp = process_array_join(target, first_arg)
+ end
+ else
+ exp = math_op(method, target, first_arg, exp)
+ end
when :[]
if array? target
exp = process_array_access(target, exp.args, exp)
elsif hash? target
exp = process_hash_access(target, first_arg, exp)
end
+ when :fetch
+ if array? target
+ # Not dealing with default value
+ # so just pass in first argument, but process_array_access expects
+ # an array of arguments.
+ exp = process_array_access(target, [first_arg], exp)
+ elsif hash? target
+ exp = process_hash_access(target, first_arg, exp)
+ end
when :merge!, :update
if hash? target and hash? first_arg
target = process_hash_merge! target, first_arg
env[target_var] = target
return target
@@ -264,10 +279,16 @@
return target
else
target = find_push_target(target_var)
env[target] = exp unless target.nil? # Happens in TemplateAliasProcessor
end
+ when :push
+ if array? target
+ target << first_arg
+ env[target_var] = target
+ return target
+ end
when :first
if array? target and first_arg.nil? and sexp? target[1]
exp = target[1]
end
when :freeze
@@ -277,35 +298,51 @@
when :dup
unless target.nil?
exp = target
end
when :join
- if array? target and target.length > 2 and (string? first_arg or first_arg.nil?)
+ if array? target and (string? first_arg or first_arg.nil?)
exp = process_array_join(target, first_arg)
end
when :!
# Convert `!!a` to boolean
if call? target and target.method == :!
exp = s(:or, s(:true).line(exp.line), s(:false).line(exp.line)).line(exp.line)
end
+ when :values
+ # Hash literal
+ if node_type? target, :hash
+ exp = hash_values(target)
+ end
+ when :values_at
+ if hash? target
+ exp = hash_values_at target, exp.args
+ end
end
exp
end
# Painful conversion of Array#join into string interpolation
def process_array_join array, join_str
+ # Empty array
+ if array.length == 1
+ return s(:str, '').line(array.line)
+ end
+
result = s().line(array.line)
join_value = if string? join_str
join_str.value
else
nil
end
- array[1..-2].each do |e|
- result << join_item(e, join_value)
+ if array.length > 2
+ array[1..-2].each do |e|
+ result << join_item(e, join_value)
+ end
end
result << join_item(array.last, nil)
# Combine the strings at the beginning because that's what RubyParser does
@@ -330,19 +367,27 @@
end
result.unshift combined_first
# Have to fix up strings that follow interpolation
- result.reduce(s(:dstr).line(array.line)) do |memo, e|
+ string = result.reduce(s(:dstr).line(array.line)) do |memo, e|
if string? e and node_type? memo.last, :evstr
e.value = "#{join_value}#{e.value}"
elsif join_value and node_type? memo.last, :evstr and node_type? e, :evstr
memo << s(:str, join_value).line(e.line)
end
memo << e
end
+
+ # Convert (:dstr, "hello world")
+ # to (:str, "hello world")
+ if string.length == 2 and string.last.is_a? String
+ string[0] = :str
+ end
+
+ string
end
def join_item item, join_value
if item.is_a? String
"#{item}#{join_value}"
@@ -1011,11 +1056,11 @@
def get_call_value call
method_name = call.method
#Look for helper methods and see if we can get a return value
- if found_method = find_method(method_name, @current_class)
- helper = found_method[:method]
+ if found_method = tracker.find_method(method_name, @current_class)
+ helper = found_method.src
if sexp? helper
value = process_helper_method helper, call.args
value.line(call.line)
return value