From 9795347f7c8c9af147b25c11955be20b9c98ded7 Mon Sep 17 00:00:00 2001 From: Snehil Shah Date: Thu, 2 Jan 2025 11:10:02 +0000 Subject: [PATCH 1/2] fix(repl): avoid falling into proxy traps in tokenizer Signed-off-by: Snehil Shah --- type: pre_commit_static_analysis_report description: Results of running static analysis checks when committing changes. report: - task: lint_filenames status: passed - task: lint_editorconfig status: passed - task: lint_markdown status: na - task: lint_package_json status: na - task: lint_repl_help status: na - task: lint_javascript_src status: passed - task: lint_javascript_cli status: na - task: lint_javascript_examples status: na - task: lint_javascript_tests status: na - task: lint_javascript_benchmarks status: na - task: lint_python status: na - task: lint_r status: na - task: lint_c_src status: na - task: lint_c_examples status: na - task: lint_c_benchmarks status: na - task: lint_c_tests_fixtures status: na - task: lint_shell status: na - task: lint_typescript_declarations status: na - task: lint_typescript_tests status: na - task: lint_license_headers status: passed --- Signed-off-by: Snehil Shah --- type: pre_push_report description: Results of running various checks prior to pushing changes. report: - task: run_javascript_examples status: na - task: run_c_examples status: na - task: run_cpp_examples status: na - task: run_javascript_readme_examples status: na - task: run_c_benchmarks status: na - task: run_cpp_benchmarks status: na - task: run_fortran_benchmarks status: na - task: run_javascript_benchmarks status: na - task: run_julia_benchmarks status: na - task: run_python_benchmarks status: na - task: run_r_benchmarks status: na - task: run_javascript_tests status: na --- --- .../@stdlib/repl/lib/tokenizer.js | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/lib/node_modules/@stdlib/repl/lib/tokenizer.js b/lib/node_modules/@stdlib/repl/lib/tokenizer.js index 188ae75ce857..ac666ff0086b 100644 --- a/lib/node_modules/@stdlib/repl/lib/tokenizer.js +++ b/lib/node_modules/@stdlib/repl/lib/tokenizer.js @@ -24,6 +24,7 @@ var parse = require( 'acorn-loose' ).parse; var walk = require( 'acorn-walk' ); +var hasProp = require( '@stdlib/assert/has-property' ); var linkedList = require( '@stdlib/utils/linked-list' ); var contains = require( '@stdlib/array/base/assert/contains' ); var resolveLocalScopes = require( './resolve_local_scopes.js' ); @@ -227,7 +228,7 @@ function tokenizer( line, context ) { for ( i = 0; i < COMMANDS.length; i++ ) { command = COMMANDS[ i ]; if ( node.name === command[ 0 ] ) { - tokens.push( { + tokens.push({ 'value': node.name, 'type': 'command', 'start': node.start, @@ -240,14 +241,14 @@ function tokenizer( line, context ) { identifier = context[ node.name ]; if ( identifier ) { if ( isLiteralType( typeof identifier ) ) { - tokens.push( { + tokens.push({ 'value': node.name, 'type': 'variable', 'start': node.start, 'end': node.end }); } else { - tokens.push( { + tokens.push({ 'value': node.name, 'type': typeof identifier, 'start': node.start, @@ -313,21 +314,21 @@ function tokenizer( line, context ) { } // Case: 'bar' in `foo['bar']` - property already pushed as a string token. Ignore... if ( property.value.type === 'Literal' ) { - obj = obj[ property.value.value ]; - if ( !obj ) { + if ( !hasProp( obj, property.value.value ) ) { // Property not found in context: break; } + obj = obj[ property.value.value ]; property = properties.next(); continue; } // Case: `foo.bar` - resolve property and push it as a token... if ( property.value.type === 'Identifier' ) { - obj = obj[ property.value.name ]; - if ( !obj ) { + if ( !hasProp( obj, property.value.name ) ) { // Property not found in context: break; } + obj = obj[ property.value.name ]; if ( !compute ) { // Push token if property exists in context: if ( isLiteralType( typeof obj ) ) { @@ -356,11 +357,11 @@ function tokenizer( line, context ) { // Couldn't compute the internal `MemberExpression` into a definite name: break; } - obj = obj[ computed ]; - if ( !obj ) { + if ( !hasProp( obj, computed ) ) { // Property not found in context: break; } + obj = obj[ computed ]; property = properties.next(); continue; } From 2efda0203cf581e5ed05ea5130f8eb601445733f Mon Sep 17 00:00:00 2001 From: Snehil Shah Date: Thu, 2 Jan 2025 13:32:22 +0000 Subject: [PATCH 2/2] fix: update logic Signed-off-by: Snehil Shah --- type: pre_commit_static_analysis_report description: Results of running static analysis checks when committing changes. report: - task: lint_filenames status: passed - task: lint_editorconfig status: passed - task: lint_markdown status: na - task: lint_package_json status: na - task: lint_repl_help status: na - task: lint_javascript_src status: passed - task: lint_javascript_cli status: na - task: lint_javascript_examples status: na - task: lint_javascript_tests status: na - task: lint_javascript_benchmarks status: na - task: lint_python status: na - task: lint_r status: na - task: lint_c_src status: na - task: lint_c_examples status: na - task: lint_c_benchmarks status: na - task: lint_c_tests_fixtures status: na - task: lint_shell status: na - task: lint_typescript_declarations status: na - task: lint_typescript_tests status: na - task: lint_license_headers status: passed --- --- type: pre_push_report description: Results of running various checks prior to pushing changes. report: - task: run_javascript_examples status: na - task: run_c_examples status: na - task: run_cpp_examples status: na - task: run_javascript_readme_examples status: na - task: run_c_benchmarks status: na - task: run_cpp_benchmarks status: na - task: run_fortran_benchmarks status: na - task: run_javascript_benchmarks status: na - task: run_julia_benchmarks status: na - task: run_python_benchmarks status: na - task: run_r_benchmarks status: na - task: run_javascript_tests status: na --- --- .../@stdlib/repl/lib/tokenizer.js | 30 +++++++++++++------ 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/lib/node_modules/@stdlib/repl/lib/tokenizer.js b/lib/node_modules/@stdlib/repl/lib/tokenizer.js index ac666ff0086b..825aba460bbd 100644 --- a/lib/node_modules/@stdlib/repl/lib/tokenizer.js +++ b/lib/node_modules/@stdlib/repl/lib/tokenizer.js @@ -314,21 +314,29 @@ function tokenizer( line, context ) { } // Case: 'bar' in `foo['bar']` - property already pushed as a string token. Ignore... if ( property.value.type === 'Literal' ) { - if ( !hasProp( obj, property.value.value ) ) { - // Property not found in context: + try { + if ( !hasProp( obj, property.value.value ) ) { + // Property not found in context: + break; + } + obj = obj[ property.value.value ]; + } catch ( error ) { // eslint-disable-line no-unused-vars break; } - obj = obj[ property.value.value ]; property = properties.next(); continue; } // Case: `foo.bar` - resolve property and push it as a token... if ( property.value.type === 'Identifier' ) { - if ( !hasProp( obj, property.value.name ) ) { - // Property not found in context: + try { + if ( !hasProp( obj, property.value.name ) ) { + // Property not found in context: + break; + } + obj = obj[ property.value.name ]; + } catch ( error ) { // eslint-disable-line no-unused-vars break; } - obj = obj[ property.value.name ]; if ( !compute ) { // Push token if property exists in context: if ( isLiteralType( typeof obj ) ) { @@ -357,11 +365,15 @@ function tokenizer( line, context ) { // Couldn't compute the internal `MemberExpression` into a definite name: break; } - if ( !hasProp( obj, computed ) ) { - // Property not found in context: + try { + if ( !hasProp( obj, computed ) ) { + // Property not found in context: + break; + } + obj = obj[ computed ]; + } catch ( error ) { // eslint-disable-line no-unused-vars break; } - obj = obj[ computed ]; property = properties.next(); continue; }