how to handle comma? - Githubissues

mindedsecurity / JStillery

Advanced JavaScript Deobfuscation via Partial Evaluation

GNU General Public License v3.0

863 stars 143 forks source link

how to handle comma? #15

Closed weituotian closed 6 years ago

weituotian commented 6 years ago

example:

        return e[n].call(o.exports, o, o.exports, t),
        o.loaded = !0,
        o.exports

what i want :

        e[n].call(o.exports, o, o.exports, t);
        o.loaded = !0;
        return o.exports;

mikesamuel commented 6 years ago

Would it be sufficiently clear if comma expressions were parenthesized?

return (e[n].call(o.exports, o, o.exports, t),
        o.loaded = !0,
        o.exports)

wisec commented 6 years ago

quick and dirty 30 min fix:

function x(){
  return a=2,b=a,c;
}

rewrites to:

function x()
    /*Scope Closed:false | writes:false*/
    {
        {
            a = 2;
            b = a;
            return c;
        }
    }

It should be improved to remove that additional BlockStatement.. https://mindedsecurity.github.io/jstillery/#ZnVuY3Rpb24lMjB4KCklN0IlMEElMjAlMjByZXR1cm4lMjBhJTNEMiUyQ2IlM0RhJTJDYyUzQiUwQSU3RA==

@weituotian If that's enough for you can close the issue. Thanks!

weituotian commented 6 years ago

@wisec Really cool stuff! Excellent! I will close this issue soon.

Before that, please allow me to ask more a question again. It is embarrassing to bring trouble to you.

var a = 1;
var b = 2;
if (a++, b++, a < b) {
    console.log('a<b')
}

var a = 1;
var b = 2;
a++;
b++;
if (a < b) {
    console.log('a<b')
}

wisec commented 6 years ago

No problem @weituotian, SequenceExpression is of course a broader problem than just together with ReturnStatement, it should be fixed converting it to a blockstatement.