Class: Brakeman::BaseProcessor

# File 'lib/brakeman/processors/base_processor.rb', line 14

def initialize tracker
  super()
  self.strict = false
  self.auto_shift_type = false
  self.require_empty = false
  self.default_method = :process_default
  self.warn_on_default = false
  @last = nil
  @tracker = tracker
  @ignore = Sexp.new :ignore
  @current_template = @current_module = @current_class = @current_method = nil
end

Instance Attribute Details

- (`Object`) ignore (readonly)

Returns the value of attribute ignore



11
12
13

# File 'lib/brakeman/processors/base_processor.rb', line 11

def ignore
  @ignore
end

Instance Method Details

- (`Object`) find_render_type(args)

Determines the type of a call to render.

Possible types are: :action, :default :file, :inline, :js, :json, :nothing, :partial, :template, :text, :update, :xml

# File 'lib/brakeman/processors/base_processor.rb', line 211

def find_render_type args
  rest = Sexp.new(:hash)
  type = nil
  value = nil

  if args.length == 2 and args[-1] == Sexp.new(:lit, :update)
    return :update, nil, args[0..-2]
  end

  #Look for render :action, ... or render "action", ...
  if string? args[1] or symbol? args[1]
    type = :action
    value = args[1]
  elsif args[1].is_a? Symbol or args[1].is_a? String
    type = :action
    value = Sexp.new(:lit, args[1].to_sym)
elsif args[1].nil?
	type = :default
  elsif not hash? args[1]
    type = :action
    value = args[1]
  end

  if hash? args[-1]
    hash_iterate(args[-1]) do |key, val|
      case key[1]
      when :action, :file, :inline, :js, :json, :nothing, :partial, :text, :update, :xml
        type = key[1]
        value = val
      else  
        rest << key << val
      end
    end
  end

  type ||= :default
  value ||= :default
  args[-1] = rest
  return type, value, rest
end

- (`Object`) make_render(exp)

Generates :render node from call to render.

# File 'lib/brakeman/processors/base_processor.rb', line 198

def make_render exp
  render_type, value, rest = find_render_type exp[3]
  rest = process rest
  result = Sexp.new(:render, render_type, value, rest)
  result.line(exp.line)
  result
end

- (`Object`) process_and(exp)

Processes an and keyword

# File 'lib/brakeman/processors/base_processor.rb', line 137

def process_and exp
  exp = exp.dup
  exp[1] = process exp[1]
  exp[2] = process exp[2]
  exp
end

- (`Object`) process_arglist(exp)

Processes the values in an argument list

# File 'lib/brakeman/processors/base_processor.rb', line 160

def process_arglist exp
  exp = exp.dup
  exp.shift
  exp.map! do |e|
    process e
  end

  exp.unshift :arglist
end

- (`Object`) process_attrasgn(exp)

Processes an attribute assignment, which can be either x.y = 1 or x = 1

# File 'lib/brakeman/processors/base_processor.rb', line 185

def process_attrasgn exp
  exp = exp.dup
  exp[1] = process exp[1]
  exp[3] = process exp[3]
  exp
end

- (`Object`) process_block(exp)

Processes a block. Changes Sexp node type to :rlist

# File 'lib/brakeman/processors/base_processor.rb', line 108

def process_block exp
  exp = exp.dup
  exp.shift

  exp.map! do |e|
    process e
  end

  exp.unshift :rlist
end

- (`Object`) process_default(exp)

Default processing.

# File 'lib/brakeman/processors/base_processor.rb', line 43

def process_default exp
  exp = exp.dup
  type = exp.shift
  exp.each_with_index do |e, i|
    if sexp? e and not e.empty?
      exp[i] = process e
    else
      e
    end
  end
ensure
  exp.unshift type
end

- (`Object`) process_dstr(exp)

String with interpolation. Changes Sexp node type to :string_interp

# File 'lib/brakeman/processors/base_processor.rb', line 86

def process_dstr exp
  exp = exp.dup
  exp.shift
  exp.map! do |e|
    if e.is_a? String
      e
    elsif e[1].is_a? String
      e[1]
    else
      res = process e
      if res.empty?
        nil
      else
        res
      end
    end
  end.compact!

  exp.unshift :string_interp
end

- (`Object`) process_evstr(exp)

Processes the inside of an interpolated String. Changes Sexp node type to :string_eval

# File 'lib/brakeman/processors/base_processor.rb', line 121

def process_evstr exp
  exp = exp.dup
  exp[0] = :string_eval
  exp[1] = process exp[1]
  exp
end

- (`Object`) process_hash(exp)

Processes a hash

# File 'lib/brakeman/processors/base_processor.rb', line 145

def process_hash exp
  exp = exp.dup
  exp.shift
  exp.map! do |e|
    if sexp? e
      process e
    else
      e
    end
  end

  exp.unshift :hash
end

- (`Object`) process_iasgn(exp)

Processes an instance variable assignment

# File 'lib/brakeman/processors/base_processor.rb', line 178

def process_iasgn exp
  exp = exp.dup
  exp[2] = process exp[2]
  exp
end

- (`Object`) process_if(exp)

Process an if statement.

# File 'lib/brakeman/processors/base_processor.rb', line 58

def process_if exp
  exp = exp.dup
  exp[1] = process exp[1]
  exp[2] = process exp[2] if exp[2]
  exp[3] = process exp[3] if exp[3]
  exp
end

- (`Object`) process_ignore(exp)

Ignore ignore Sexps



193
194
195

# File 'lib/brakeman/processors/base_processor.rb', line 193

def process_ignore exp
  exp
end

- (`Object`) process_iter(exp)

Processes calls with blocks. Changes Sexp node type to :call_with_block

s(:iter, CALL, :lasgn|:masgn, BLOCK)

# File 'lib/brakeman/processors/base_processor.rb', line 69

def process_iter exp
  exp = exp.dup
  call = process exp[1]
  #deal with assignments somehow
  if exp[3]
    block = process exp[3]
    block = nil if block.empty?
  else
    block = nil
  end

  call = Sexp.new(:call_with_block, call, exp[2], block).compact
  call.line(exp.line)
  call
end

- (`Object`) process_lasgn(exp)

Processes a local assignment

# File 'lib/brakeman/processors/base_processor.rb', line 171

def process_lasgn exp
  exp = exp.dup
  exp[2] = process exp[2]
  exp
end

- (`Object`) process_or(exp)

Processes an or keyword

# File 'lib/brakeman/processors/base_processor.rb', line 129

def process_or exp
  exp = exp.dup
  exp[1] = process exp[1]
  exp[2] = process exp[2]
  exp
end

- (`Object`) process_scope(exp)

Process a new scope. Removes expressions that are set to nil.

# File 'lib/brakeman/processors/base_processor.rb', line 28

def process_scope exp
  exp = exp.dup
  exp.shift
  exp.map! do |e|
    res = process e
    if res.empty?
      res = nil
    else
      res
    end
  end.compact
  exp.unshift :scope
end

Class: Brakeman::BaseProcessor

Overview

Direct Known Subclasses

Constant Summary

Constant Summary

Constants included from Util

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Methods included from Util

Methods included from ProcessorHelper

Constructor Details

- (BaseProcessor) initialize(tracker)

Instance Attribute Details

- (Object) ignore (readonly)

Instance Method Details

- (Object) find_render_type(args)

- (Object) make_render(exp)

- (Object) process_and(exp)

- (Object) process_arglist(exp)

- (Object) process_attrasgn(exp)

- (Object) process_block(exp)

- (Object) process_default(exp)

- (Object) process_dstr(exp)

- (Object) process_evstr(exp)

- (Object) process_hash(exp)

- (Object) process_iasgn(exp)

- (Object) process_if(exp)

- (Object) process_ignore(exp)

- (Object) process_iter(exp)

- (Object) process_lasgn(exp)

- (Object) process_or(exp)

- (Object) process_scope(exp)

- (`BaseProcessor`) initialize(tracker)