search

shapesecurity / shift-scope-js

scope analyser for the Shift AST
http://shift-ast.org/scope.html
Apache License 2.0
11 stars 6 forks source link

Inferrence for direct `eval` calls is incorrect #18

Closed ikarienator closed 9 years ago

ikarienator commented 9 years ago

We should test if the eval identifier is globally-scoped.

michaelficarra commented 9 years ago

Nope, it depends on the runtime value, which we cannot guarantee.

(function(){
  (function(eval){
    eval('var x = 0;');
  }(eval));
  return typeof x;
}());

So we are pessimistic, and assume all direct calls to a function named eval are direct calls to eval.