Merge pull request #1 from Nullify-Platform/ruby-parser

Update parser for ruby
Nullify-Platform · Mar 19, 2024 · a9c8500 · a9c8500
2 parents c9fc366 + 817d308
commit a9c8500
Show file tree

Hide file tree

Showing 10 changed files with 20 additions and 19 deletions.
diff --git a/gem_common.rb b/gem_common.rb
@@ -18,6 +18,7 @@ def self.extended_dependencies spec
       spec.add_dependency "haml", ">=3.0", "<5.0"
       spec.add_dependency "sass", "~>3.0", "<3.5.0"
       spec.add_dependency "slim", ">=1.3.6", "<3.0.8"
+      spec.add_dependency "rexml", "~>3.2.6"
     end
   end
 end
diff --git a/lib/brakeman/checks/check_execute.rb b/lib/brakeman/checks/check_execute.rb
@@ -146,7 +146,7 @@ def dangerous? exp
       if node_type? e, :if
         # If we're in a conditional, evaluate the `then` and `else` clauses to
         # see if they're dangerous.
-        if res = dangerous?(e.values[1..-1])
+        if res = dangerous?(e.sexp_body.sexp_body)
           return res
         end
       elsif node_type? e, :or, :evstr, :dstr

diff --git a/lib/brakeman/checks/check_regex_dos.rb b/lib/brakeman/checks/check_regex_dos.rb
@@ -29,7 +29,7 @@ def process_result result
     return unless original? result
 
     call = result[:call]
-    components = call[1..-1]
+    components = call.sexp_body
 
     components.any? do |component|
       next unless sexp? component

diff --git a/lib/brakeman/parsers/template_parser.rb b/lib/brakeman/parsers/template_parser.rb
@@ -59,9 +59,9 @@ def parse_erb path, text
       else
         require 'erb'
         src = if ERB.instance_method(:initialize).parameters.assoc(:key) # Ruby 2.6+
-          ERB.new(text, trim_mode: path).src
+          ERB.new(text, trim_mode: "-").src
         else
-          ERB.new(text, nil, path).src
+          ERB.new(text, nil, "-").src
         end
         src.sub!(/^#.*\n/, '') if Brakeman::Scanner::RUBY_1_9
         src

diff --git a/lib/brakeman/processors/alias_processor.rb b/lib/brakeman/processors/alias_processor.rb
@@ -234,7 +234,7 @@ def process_call exp
         env[target_var] = target
         return target
       elsif string? target and string_interp? first_arg
-        exp = Sexp.new(:dstr, target.value + first_arg[1]).concat(first_arg[2..-1])
+        exp = Sexp.new(:dstr, target.value + first_arg[1]).concat(first_arg.sexp_body(2))
         env[target_var] = exp
       elsif string? first_arg and string_interp? target
         if string? target.last
@@ -900,7 +900,7 @@ def collapse_send_call exp, first_arg
     args = exp.args
     exp.pop # remove last arg
     if args.length > 1
-      exp.arglist = args[1..-1]
+      exp.arglist = args.sexp_body
     end
   end
 

diff --git a/lib/brakeman/processors/controller_processor.rb b/lib/brakeman/processors/controller_processor.rb
@@ -206,7 +206,7 @@ def add_fake_filter exp
     end
 
     if node_type? exp.block, :block
-      block_inner = exp.block[1..-1]
+      block_inner = exp.block.sexp_body
     else
       block_inner = [exp.block]
     end

diff --git a/lib/brakeman/processors/output_processor.rb b/lib/brakeman/processors/output_processor.rb
@@ -83,7 +83,7 @@ def process_defn exp
 
   def process_iter exp
     call = process exp[1]
-    block = process_rlist exp[3..-1]
+    block = process_rlist exp.sexp_body(3)
     out = "#{call} do\n #{block}\n end"
 
     out

diff --git a/lib/brakeman/tracker/controller.rb b/lib/brakeman/tracker/controller.rb
@@ -125,7 +125,7 @@ def before_filter_to_hash processor, args
         value = args[-1][2]
         case value.node_type
         when :array
-          filter[option] = value[1..-1].map {|v| v[1] }
+          filter[option] = value.sexp_body.map {|v| v[1] }
         when :lit, :str
           filter[option] = value[1]
         else

diff --git a/lib/brakeman/util.rb b/lib/brakeman/util.rb
@@ -286,7 +286,7 @@ def contains_class? exp
       if node_type? current, :class
         return true
       elsif sexp? current
-        todo = current[1..-1].concat todo
+        todo = current.sexp_body.concat todo
       end
     end
 
@@ -299,7 +299,7 @@ def make_call target, method, *args
     if args.empty? or args.first.empty?
       #nothing to do
     elsif node_type? args.first, :arglist
-      call.concat args.first[1..-1]
+      call.concat args.first.sexp_body
     elsif args.first.node_type.is_a? Sexp #just a list of args
       call.concat args.first
     else

diff --git a/lib/ruby_parser/bm_sexp.rb b/lib/ruby_parser/bm_sexp.rb
@@ -40,7 +40,7 @@ def deep_clone line = nil
       s.line(line)
     else
       s.original_line = self.original_line
-      s.line(self.line)
+      s.line(self.line) if self.line
     end
 
     s
@@ -175,7 +175,7 @@ def arglist= exp
     start_index = 3
 
     if exp.is_a? Sexp and exp.node_type == :arglist
-      exp = exp[1..-1]
+      exp = exp.sexp_body
     end
 
     exp.each_with_index do |e, i|
@@ -198,10 +198,10 @@ def arglist
 
     case self.node_type
     when :call, :attrasgn, :safe_call, :safe_attrasgn
-      self[3..-1].unshift :arglist
+      self.sexp_body(3).unshift :arglist
     when :super, :zsuper
       if self[1]
-        self[1..-1].unshift :arglist
+        self.sexp_body.unshift :arglist
       else
         Sexp.new(:arglist)
       end
@@ -218,13 +218,13 @@ def args
     case self.node_type
     when :call, :attrasgn, :safe_call, :safe_attrasgn
       if self[3]
-        self[3..-1]
+        self.sexp_body(3)
       else
         Sexp.new
       end
     when :super, :zsuper
       if self[1]
-        self[1..-1]
+        self.sexp_body
       else
         Sexp.new
       end
@@ -314,7 +314,7 @@ def call_chain
     chain = []
     call = self
 
-    while call.class == Sexp and CALLS.include? call.first 
+    while call.class == Sexp and CALLS.include? call.first
       chain << call.method
       call = call.target
     end
@@ -507,7 +507,7 @@ def body= exp
     self.slice!(index..-1) #Remove old body
 
     if exp.first == :rlist
-      exp = exp[1..-1]
+      exp = exp.sexp_body
     end
 
     #Insert new body