def visit(self, node, state): stoponthis = False newobj = None # global parent scope parentscope = self.locate_scope(node, state) if not getattr(node, '_object', False): # Start traveling node when instance is created node._parent_scope = parentscope state.classes[node.name] = node stoponthis = True else: # new instance has been created # Create new Scope and push it onto the stack newscope = Scope(node, parent_scope=parentscope, is_root=True) # add builtins to scope newscope._builtins = dict( ((uv, VariableDef(uv, -1, newscope)) for uv in VariableDef.USER_VARS)) state.scopes.append(newscope) newobj = Obj(node.name, node.lineno, newscope, node._object_var, ast_node=node) # create $this var for internal method calling this_var = VariableDef('$this', node.lineno, newscope) this_var._obj_def = newobj newscope.add_var(this_var) # add ObjDef to VarDef, this way we can trace method call back to the correct instance node._object_var._obj_def = newobj node._scope = newscope state.objects[node._object_var.name] = node._object_var return newobj, stoponthis
def visit(self, node, state): stoponthis = False newobj = None # Methodes are not traveled untill called, this enables us to call methods from within methods method = node._parent_node._object_var._obj_def.get_method(node.name) if method: # Method object was already created, travel the children state.scopes.append(method._scope) else: # Create method so we can travel childres nodes when called parentscope = self.locate_scope(node, state) # Create new Scope and push it onto the stack newscope = Scope(node, parent_scope=parentscope, is_root=True) # node seen node._seen = True # add builtins to scope newscope._builtins = dict( ((uv, VariableDef(uv, -1, newscope)) for uv in VariableDef.USER_VARS)) # Don't trigger vulnerabilities in this scope untill code is no longer dead newscope._dead_code = True state.scopes.append(newscope) newobj = Method(node.name, node.lineno, newscope, ast_node=node) node._scope = newscope # add this method to object node._parent_node._object_var._obj_def.add_method(newobj) # Stop parsing children nodes stoponthis = True return newobj, stoponthis
def visit(self, node, state): # global parent scope parentscope = self.locate_scope(node, state) # Create new Scope and push it onto the stack newscope = Scope(node, parent_scope=parentscope, is_root=True) # add builtins to scope newscope._builtins = dict(((uv, VariableDef(uv, -1, newscope)) for uv in VariableDef.USER_VARS)) # Don't trigger vulnerabilities in this scope untill code is no longer dead newscope._dead_code = True state.scopes.append(newscope) node._scope = newscope # create Function object newobj = Function(node.name, node.lineno, newscope, ast_node=node) # Store custom function state.functions_declarations[node.name] = newobj return newobj, False