search

jquery / esprima

ECMAScript parsing infrastructure for multipurpose analysis
http://esprima.org
BSD 2-Clause "Simplified" License
7.04k stars 786 forks source link

AST_CALL is not applied on dictionary argument in a function #2114

Open fpinvo opened 2 years ago

fpinvo commented 2 years ago

JavaScript test function:

input=3;

getData(val)

setData({onLoad: function(options) {
  this.setDatas({
        humidity: options+50,
        daylight: daylight
      })
  }})

Nodes of AST tree


0 | Filesystem | File |   |   |   |   |   |   |   |   | stdin |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
-- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | --
1 | AST | AST_TOPLEVEL | TOPLEVEL_FILE | 1 |   |   |   |   | 1::1:68 | 1 | stdin |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
2 | Artificial | CFG_FUNC_ENTRY |   |   |   |   | 1 |   |   |   | stdin |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
3 | Artificial | CFG_FUNC_EXIT |   |   |   |   | 1 |   |   |   | stdin |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
4 | AST | AST_STMT_LIST |   | 1 |   | 0 | 1 |   | 1::1:68 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
5 | AST | AST_ASSIGN |   | 1 | main_func=require('./tests/packages/command_injection/hello.js') | 0 | 1 |   | 1:4:1:68 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
6 | AST | AST_VAR | JS_DECL_VAR | 1 |   | 0 | 1 |   | 1:4:1:13 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
7 | AST | string |   | 1 | main_func | 0 | 1 |   | 1:4:1:13 | 1 | main_func |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
8 | AST | AST_CALL | JS_REQUIRE_EXTERNAL | 1 | require('./tests/packages/command_injection/hello.js') | 1 | 1 |   | 1:14:1:68 | 1 | /ZS/ODGen/tests/packages/command_injection/hello.js |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
9 | AST | AST_NAME | NAME_NOT_FQ | 1 |   | 0 | 1 |   | 1:14:1:68 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
10 | AST | string |   | 1 | require | 0 | 1 |   | 1:14:1:21 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
11 | AST | AST_ARG_LIST |   | 1 | ('./tests/packages/command_injection/hello.js') | 1 | 1 |   | 1:14:1:68 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
12 | AST | string |   | 1 | ./tests/packages/command_injection/hello.js | 0 | 1 |   | 1:22:1:67 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
13 | Filesystem | File |   |   |   |   |   |   |   |   | /ZS/ODGen/tests/packages/command_injection/hello.js |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
14 | AST | AST_TOPLEVEL | TOPLEVEL_FILE | 1 |   |   |   |   | 1:2:10:7 | 10 | /ZS/ODGen/tests/packages/command_injection/hello.js |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
15 | Artificial | CFG_FUNC_ENTRY |   |   |   |   | 14 |   |   |   | /ZS/ODGen/tests/packages/command_injection/hello.js |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
16 | Artificial | CFG_FUNC_EXIT |   |   |   |   | 14 |   |   |   | /ZS/ODGen/tests/packages/command_injection/hello.js |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
17 | AST | AST_STMT_LIST |   | 1 |   | 0 | 14 |   | 1:2:10:7 | 10 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
18 | AST | AST_ASSIGN |   | 1 | input=3 | 0 | 14 |   | 1:6:1:13 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
19 | AST | AST_VAR | JS_DECL_VAR | 1 |   | 0 | 14 |   | 1:6:1:11 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
20 | AST | string |   | 1 | input | 0 | 14 |   | 1:6:1:11 | 1 | input |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
21 | AST | integer |   | 1 | 3 | 1 | 14 |   | 1:12:1:13 | 1 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
22 | AST | AST_CALL |   | 3 | getData(val) | 1 | 14 |   | 3:2:3:14 | 3 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
23 | AST | AST_NAME | NAME_NOT_FQ | 3 |   | 0 | 14 |   | 3:2:3:14 | 3 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
24 | AST | string |   | 3 | getData | 0 | 14 |   | 3:2:3:9 | 3 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
25 | AST | AST_ARG_LIST |   | 3 | (val) | 1 | 14 |   | 3:2:3:14 | 3 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
26 | AST | AST_VAR |   | 3 |   | 0 | 14 |   | 3:10:3:13 | 3 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
27 | AST | string |   | 3 | val | 0 | 14 |   | 3:10:3:13 | 3 | val |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
28 | AST | AST_CALL |   | 5 |   | 2 | 14 |   | 5:2:10:7 | 10 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
29 | AST | AST_NAME | NAME_NOT_FQ | 5 |   | 0 | 14 |   | 5:2:10:7 | 10 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
30 | AST | string |   | 5 | setData | 0 | 14 |   | 5:2:5:9 | 5 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
31 | AST | AST_ARG_LIST |   | 5 |   | 1 | 14 |   | 5:2:10:7 | 10 |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
33 | Scope | BASE_SCOPE |   |   |   |   |   |   |   |   | Base |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
34 | Name | NAMENODE |   |   |   |   |   |   |   |   | global |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
35 | Object | object |   |   |   |   |   |   |   |   |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
36 | Name | NAMENODE |   |   |   |   |   |   |   |   | null |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
37 | Object | object |   |   | null |   |   |   |   |   |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
38 | Name | NAMENODE |   |   |   |   |   |   |   |   | null |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
39 | Object | boolean |   |   | true |   |   |   |   |   |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
40 | Name | NAMENODE |   |   |   |   |   |   |   |   | true |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
41 | Name | NAMENODE |   |   |   |   |   |   |   |   | true |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
42 | Object | boolean |   |   | false |   |   |   |   |   |   |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
43 | Name | NAMENODE |   |   |   |   |   |   |   |   | false |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  
44 | Name | NAMENODE |   |   |   |   |   |   |   |   | false |   | True |   |   |   |   |   |   |   |   |   |   |   |   |   |   |  

if you take a look at the line number 22 "getData(val)" taken as AST_CALL since we are passing arg as variable, if we pass dictionary like "setData({onLoad: function(options) " as you can see in the code example it recognize as String line number 30 in the AST tree above. Please do let me know how we can call it as AST_CALL when we pass dictionary as arg in function.