lib/brakeman/processors/alias_processor.rb in brakeman-2.2.0 vs lib/brakeman/processors/alias_processor.rb in brakeman-2.3.0

@@ -86,10 +86,14 @@
 
     target = exp.target
     method = exp.method
     first_arg = exp.first_arg
 
+    if method == :send or method == :try
+      collapse_send_call exp, first_arg
+    end
+
     if node_type? target, :or and [:+, :-, :*, :/].include? method
       res = process_or_simple_operation(exp)
       return res if res
     end
 
@@ -218,17 +222,28 @@
     end
   end
 
   #Process a method definition.
   def process_methdef exp
-    env.scope do
-      set_env_defaults
+    meth_env do
       exp.body = process_all! exp.body
     end
     exp
   end
 
+  def meth_env
+    begin
+      env.scope do
+        set_env_defaults
+        @meth_env = env.current
+        yield
+      end
+    ensure
+      @meth_env = nil
+    end
+  end
+
   #Process a method definition on self.
   def process_selfdef exp
     env.scope do
       set_env_defaults
       exp.body = process_all! exp.body
@@ -435,13 +450,15 @@
       @inside_if = true
 
       branch_scopes = []
       exps.each_with_index do |branch, i|
         scope do
+          @branch_env = env.current
           branch_index = 2 + i # s(:if, condition, then_branch, else_branch)
           exp[branch_index] = process_if_branch branch
           branch_scopes << env.current
+          @branch_env = nil
         end
       end
 
       @inside_if = was_inside
 
@@ -528,10 +545,21 @@
     else
       result
     end
   end
 
+  # Change x.send(:y, 1) to x.y(1)
+  def collapse_send_call exp, first_arg
+    return unless symbol? first_arg or string? first_arg
+    exp.method = first_arg.value.to_sym
+    args = exp.args
+    exp.pop # remove last arg
+    if args.length > 1
+      exp.arglist = args[1..-1]
+    end
+  end
+
   #Returns a new SexpProcessor::Environment containing only instance variables.
   #This is useful, for example, when processing views.
   def only_ivars include_request_vars = false, lenv = nil
     lenv ||= env
     res = SexpProcessor::Environment.new
@@ -729,11 +757,21 @@
     if node_type? value, :if
       value = value_from_if(value)
     end
 
     if @ignore_ifs or not @inside_if
-      env[var] = value
+      if @meth_env and node_type? var, :ivar and env[var].nil?
+        @meth_env[var] = value
+      else
+        env[var] = value
+      end
+    elsif env.current[var]
+      env.current[var] = value
+    elsif @branch_env and @branch_env[var]
+      @branch_env[var] = value
+    elsif @branch_env and @meth_env and node_type? var, :ivar
+      @branch_env[var] = value
     else
       env.current[var] = value
     end
   end
 
@@ -774,7 +812,6 @@
       process copy
     else
       false
     end
   end
-
 end