Class: Brakeman::OutputProcessor

Inherits:
Ruby2Ruby
  • Object
show all
Includes:
Util
Defined in:
lib/brakeman/processors/output_processor.rb

Overview

Produces formatted output strings from Sexps. Recommended usage is

OutputProcessor.new.format(Sexp.new(:str, "hello"))

Constant Summary

Constants included from Util

Util::ALL_PARAMETERS, Util::COOKIES, Util::COOKIES_SEXP, Util::PARAMETERS, Util::PARAMS_SEXP, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION, Util::SESSION_SEXP

Instance Method Summary collapse

Methods included from Util

#array?, #block?, #call?, #camelize, #class_name, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #github_url, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #make_call, #node_type?, #number?, #params?, #pluralize, #rails_version, #regexp?, #relative_path, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #string_interp?, #symbol?, #table_to_csv, #template_path_to_name, #true?, #truncate_table, #underscore

Instance Method Details

#format(exp) ⇒ Object Also known as: process_safely

Copies exp and then formats it.



12
13
14
 
# File 'lib/brakeman/processors/output_processor.rb', line 12

def format exp
  process(exp.deep_clone) || "[Format Error]"
end

#process(exp) ⇒ Object 



18
19
20
21
22
23
24
 
# File 'lib/brakeman/processors/output_processor.rb', line 18

def process exp
  begin
    super exp if sexp? exp and not exp.empty?
  rescue => e
    Brakeman.debug "While formatting #{exp}: #{e}\n#{e.backtrace.join("\n")}"
  end
end

#process_const(exp) ⇒ Object 



153
154
155
156
157
158
159
160
161
162
 
# File 'lib/brakeman/processors/output_processor.rb', line 153

def process_const exp
  if exp[0] == Brakeman::Tracker::UNKNOWN_MODEL
    exp.clear
    "(Unresolved Model)"
  else
    out = exp[0].to_s
    exp.clear
    out
  end
end

#process_cookies(exp) ⇒ Object 



41
42
43
44
 
# File 'lib/brakeman/processors/output_processor.rb', line 41

def process_cookies exp
  exp.clear
  "cookies"
end

#process_defn(exp) ⇒ Object 



59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
# File 'lib/brakeman/processors/output_processor.rb', line 59

def process_defn exp
  # Copied from Ruby2Ruby except without the whole
  # "convert methods to attr_*" stuff
  name = exp.shift
  args = process exp.shift
  args = "" if args == "()"

  exp.shift if exp == s(s(:nil)) # empty it out of a default nil expression

  body = []
  until exp.empty? do
    body << indent(process(exp.shift))
  end

  body << indent("# do nothing") if body.empty?

  body = body.join("\n")

  return "def #{name}#{args}\n#{body}\nend".gsub(/\n\s*\n+/, "\n")
end

#process_escaped_output(exp) ⇒ Object 



104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
 
# File 'lib/brakeman/processors/output_processor.rb', line 104

def process_escaped_output exp
  out = if exp[0].node_type == :str
          ""
        else
          res = process exp[0]

          if res == ""
            ""
          else
            "[Escaped Output] #{res}"
          end
        end
  exp.clear
  out
end

#process_format(exp) ⇒ Object 



121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
 
# File 'lib/brakeman/processors/output_processor.rb', line 121

def process_format exp
  out = if exp[0].node_type == :str or exp[0].node_type == :ignore
          ""
        else
          res = process exp[0]

          if res == ""
            ""
          else
            "[Format] #{res}"
          end
        end
  exp.clear
  out
end

#process_format_escaped(exp) ⇒ Object 



137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
 
# File 'lib/brakeman/processors/output_processor.rb', line 137

def process_format_escaped exp
  out = if exp[0].node_type == :str or exp[0].node_type == :ignore
          ""
        else
          res = process exp[0]

          if res == ""
            ""
          else
            "[Escaped] #{res}"
          end
        end
  exp.clear
  out
end

#process_ignore(exp) ⇒ Object 



26
27
28
29
 
# File 'lib/brakeman/processors/output_processor.rb', line 26

def process_ignore exp
  exp.clear
  "[ignored]"
end

#process_iter(exp) ⇒ Object 



80
81
82
83
84
85
86
 
# File 'lib/brakeman/processors/output_processor.rb', line 80

def process_iter exp
  call = process exp[0]
  block = process_rlist exp[2..-1]
  out = "#{call} do\n #{block}\n end"
  exp.clear
  out
end

#process_output(exp) ⇒ Object 



88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
 
# File 'lib/brakeman/processors/output_processor.rb', line 88

def process_output exp
  out = if exp[0].node_type == :str
          ""
        else
          res = process exp[0]

          if res == ""
            ""
          else
            "[Output] #{res}"
          end
        end
  exp.clear
  out
end

#process_params(exp) ⇒ Object 



31
32
33
34
 
# File 'lib/brakeman/processors/output_processor.rb', line 31

def process_params exp
  exp.clear
  "params"
end

#process_render(exp) ⇒ Object 



164
165
166
167
168
169
170
 
# File 'lib/brakeman/processors/output_processor.rb', line 164

def process_render exp
  exp[1] = process exp[1] if sexp? exp[1]
  exp[2] = process exp[2] if sexp? exp[2]
  out = "render(#{exp[0]} => #{exp[1]}, #{exp[2]})"
  exp.clear
  out
end

#process_rlist(exp) ⇒ Object 



46
47
48
49
50
51
52
53
54
55
56
57
 
# File 'lib/brakeman/processors/output_processor.rb', line 46

def process_rlist exp
  out = exp.map do |e|
    res = process e
    if res == ""
      nil
    else
      res
    end
  end.compact.join("\n")
  exp.clear
  out
end

#process_session(exp) ⇒ Object 



36
37
38
39
 
# File 'lib/brakeman/processors/output_processor.rb', line 36

def process_session exp
  exp.clear
  "session"
end