[Regression] unquoted-command-substitution-in-command & unquoted-variable-expansion-in-command [BASH] causes semgrep CRASH

[mjnowen]

Describe the bug In semgrep release v1.58.0, the following 2 x BASH rules (using latest commit: 57cb8aa01da7bcc180e16193dd5e55ae15b15de3) fail with the following example line of bash script:

unquoted-command-substitution-in-command
unquoted-variable-expansion-in-command

docker run --interactive --tty --rm \
    --mount type=bind,source="$(pwd)",target=/code,readonly "${FOO}" .

In semgrep release v1.59.0 and onwards to v1.84.1 (latest at time of writing), semgrep crashes with this error message:

{"errors": [{"code": 2, "level": "warn", "message": "Other syntax error at line NO FILE INFO YET:-1:\n Invalid_argument: index out of bounds", "path": "NO FILE INFO YET", "type": "Other syntax error"}], "paths": {"scanned": []}, "results": [], "skipped_rules": [], "version": "1.59.0"}

To Reproduce Code to reproduce this behavior:

# ubuntu 22.04
cd /usr/local

# latest commit of semgrep-rules
sudo git clone https://github.com/semgrep/semgrep-rules.git

sudo rm -r /usr/local/semgrep-rules/stats /usr/local/semgrep-rules/.github /usr/local/semgrep-rules/.pre-commit-config.yaml
sudo pip3 install --break-system-packages semgrep==1.58.0
semgrep --json --config=/usr/local/semgrep-rules --no-git-ignore --metrics=off --no-rewrite-rule-ids .
# it works

sudo pip3 install --break-system-packages semgrep==1.59.0
semgrep --json --config=/usr/local/semgrep-rules --no-git-ignore --metrics=off --no-rewrite-rule-ids .

# it crashes with this message:
{"errors": [{"code": 2, "level": "warn", "message": "Other syntax error at line NO FILE INFO YET:-1:\n Invalid_argument: index out of bounds", "path": "NO FILE INFO YET", "type": "Other syntax error"}], "paths": {"scanned": []}, "results": [], "skipped_rules": [], "version": "1.59.0"}

Expected behavior

1. semgrep application should not crash due to a bad rule(s)!
2. 2 x semgrep bash rules are generating false-positives against my example line of bash script as seen above.

Priority How important is this to you?

• [x] P0: blocking me from making progress
• [ ] P1: this will block me in the near future
• [ ] P2: annoying but not blocking me

Additional Context Add any other context about the problem here.

[mjnowen]

Possibly related: https://github.com/semgrep/semgrep/issues/10072