Class: Brakeman::FindCall
- Inherits:
-
BaseProcessor
- Object
- SexpProcessor
- BaseProcessor
- Brakeman::FindCall
- Defined in:
- lib/brakeman/processors/lib/find_call.rb
Overview
Finds method calls matching the given target(s).
#-- This should be deprecated --#
#-- Do not use for new code --#
Targets/methods can be:
-
nil: matches anything, including nothing
-
Empty array: matches nothing
-
Symbol: matches single target/method exactly
-
Array of symbols: matches against any of the symbols
-
Regular expression: matches the expression
-
Array of regular expressions: matches any of the expressions
If a target is also the name of a class, methods called on instances of that class will also be matched, in a very limited way. (Any methods called on Klass.new, basically. More useful when used in conjunction with AliasProcessor.)
Examples:
#To find any uses of this class: FindCall.new :FindCall, nil
#Find system calls without a target FindCall.new [], [:system, :exec, :syscall]
#Find all calls to length(), no matter the target FindCall.new nil, :length
#Find all calls to sub, sub!, gsub, or gsub! FindCall.new nil, /^g?sub!?$/
Constant Summary
Constants included from Util
Util::ALL_PARAMETERS, Util::COOKIES, Util::PARAMETERS, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION
Constants inherited from SexpProcessor
Instance Attribute Summary
Attributes inherited from BaseProcessor
Attributes inherited from SexpProcessor
Instance Method Summary collapse
-
#initialize(targets, methods, tracker, in_depth = false) ⇒ FindCall
constructor
A new instance of FindCall.
-
#matches ⇒ Object
Returns a list of results.
-
#process_attrasgn(exp) ⇒ Object
Process an assignment like a call.
-
#process_call(exp) ⇒ Object
Look for matching calls and add them to results.
-
#process_methdef(exp) ⇒ Object
(also: #process_selfdef)
Process body of method.
-
#process_rlist(exp) ⇒ Object
Process body of block.
-
#process_source(exp, klass = nil, method = nil, template = nil) ⇒ Object
Process the given source.
Methods inherited from BaseProcessor
#find_render_type, #make_render, #make_render_in_view, #process_arglist, #process_block, #process_class, #process_default, #process_dstr, #process_evstr, #process_hash, #process_if, #process_ignore, #process_iter, #process_lasgn, #process_scope
Methods included from Util
#array?, #call?, #camelize, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #node_type?, #number?, #params?, #pluralize, #regexp?, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #symbol?, #table_to_csv, #true?, #truncate_table, #underscore
Methods included from ProcessorHelper
#class_name, #process_all, #process_module
Methods inherited from SexpProcessor
#error_handler, #in_context, #process, #process_dummy, #scope
Constructor Details
#initialize(targets, methods, tracker, in_depth = false) ⇒ FindCall
Returns a new instance of FindCall.
36 37 38 39 40 41 42 43 44 |
# File 'lib/brakeman/processors/lib/find_call.rb', line 36 def initialize targets, methods, tracker, in_depth = false super tracker @calls = [] @find_targets = targets @find_methods = methods @current_class = nil @current_method = nil @in_depth = in_depth end |
Instance Method Details
#matches ⇒ Object
Returns a list of results.
A result looks like:
s(:result, :ClassName, :method_name, s(:call, …))
or
s(:result, :template_name, s(:call, …))
55 56 57 |
# File 'lib/brakeman/processors/lib/find_call.rb', line 55 def matches @calls end |
#process_attrasgn(exp) ⇒ Object
Process an assignment like a call
113 114 115 |
# File 'lib/brakeman/processors/lib/find_call.rb', line 113 def process_attrasgn exp process_call exp end |
#process_call(exp) ⇒ Object
Look for matching calls and add them to results
83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 |
# File 'lib/brakeman/processors/lib/find_call.rb', line 83 def process_call exp target = get_target exp.target method = exp.method process_all exp.args if match(@find_targets, target) and match(@find_methods, method) if @current_template @calls << Sexp.new(:result, @current_template, exp).line(exp.line) else @calls << Sexp.new(:result, @current_module, @current_class, @current_method, exp).line(exp.line) end end #Normally FindCall won't match a method invocation that is the target of #another call, such as: # # User.find(:first, :conditions => "user = '#{params['user']}').name # #A search for User.find will not match this unless @in_depth is true. if @in_depth and node_type? exp.target, :call process exp.target end exp end |
#process_methdef(exp) ⇒ Object Also known as: process_selfdef
Process body of method
71 72 73 |
# File 'lib/brakeman/processors/lib/find_call.rb', line 71 def process_methdef exp process exp.body end |
#process_rlist(exp) ⇒ Object
Process body of block
78 79 80 |
# File 'lib/brakeman/processors/lib/find_call.rb', line 78 def process_rlist exp process_all exp end |
#process_source(exp, klass = nil, method = nil, template = nil) ⇒ Object
Process the given source. Provide either class and method being searched or the template. These names are used when reporting results.
Use FindCall#matches to retrieve results.
63 64 65 66 67 68 |
# File 'lib/brakeman/processors/lib/find_call.rb', line 63 def process_source exp, klass = nil, method = nil, template = nil @current_class = klass @current_method = method @current_template = template process exp end |