Remove more uses of Sexp#args

lib/brakeman/checks/check_mass_assignment.rb

@@ -78,13 +78,14 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
 
   #Want to ignore calls to Model.new that have no arguments
   def check_call call
-    args = process_all! call.args
+    process_call_args call
+    first_arg = call.first_arg
 
-    if args.empty? #empty new()
+    if first_arg.nil? #empty new()
       false
-    elsif hash? args.first and not include_user_input? args.first
+    elsif hash? first_arg and not include_user_input? first_arg
       false
-    elsif all_literals? args
+    elsif all_literal_args? call
       false
     else
       true
@@ -93,17 +94,30 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
 
   LITERALS = Set[:lit, :true, :false, :nil, :string]
 
-  def all_literals? args
-    args.all? do |arg|
-      if sexp? arg
-        if arg.node_type == :hash
-          all_literals? arg
-        else
-          LITERALS.include? arg.node_type
-        end
+  def all_literal_args? exp
+    if call? exp
+      exp.each_arg do |arg|
+        return false unless literal? arg
+      end
+
+      true
+    else
+      exp.all? do |arg|
+        literal? arg
+      end
+    end
+
+  end
+
+  def literal? exp
+    if sexp? exp
+      if exp.node_type == :hash
+        all_literal_args? exp
       else
-        true
+        LITERALS.include? exp.node_type
       end
+    else
+      true
     end
   end
 end

lib/brakeman/checks/check_send.rb

@@ -16,10 +16,10 @@ class Brakeman::CheckSend < Brakeman::BaseCheck
   end
 
   def process_result result
-    args = process_all! result[:call].args
+    process_call_args result[:call]
     target = process result[:call].target
 
-    if input = has_immediate_user_input?(args.first)
+    if input = has_immediate_user_input?(result[:call].first_arg)
       warn :result => result,
         :warning_type => "Dangerous Send",
         :message => "User controlled method execution",

lib/brakeman/checks/check_sql.rb

@@ -486,9 +486,8 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
 
     target = exp.target
     method = exp.method
-    args = exp.args
 
-    if string? target or string? args.first
+    if string? target or string? exp.first_arg
       if STRING_METHODS.include? method
         return exp
       end

lib/brakeman/checks/check_without_protection.rb

@@ -33,7 +33,7 @@ class Brakeman::CheckWithoutProtection < Brakeman::BaseCheck
   #All results should be Model.new(...) or Model.attributes=() calls
   def process_result res
     call = res[:call]
-    last_arg = call.args.last
+    last_arg = call.last_arg
 
     if hash? last_arg and not call.original_line and not duplicate? res
 

lib/brakeman/processors/base_processor.rb

@@ -181,7 +181,7 @@ class Brakeman::BaseProcessor < Brakeman::SexpProcessor
 
   #Generates :render node from call to render.
   def make_render exp, in_view = false 
-    render_type, value, rest = find_render_type exp.args, in_view
+    render_type, value, rest = find_render_type exp, in_view
     rest = process rest
     result = Sexp.new(:render, render_type, value, rest)
     result.line(exp.line)
@@ -195,14 +195,14 @@ class Brakeman::BaseProcessor < Brakeman::SexpProcessor
   #:template, :text, :update, :xml
   #
   #And also :layout for inside templates
-  def find_render_type args, in_view = false
+  def find_render_type call, in_view = false
     rest = Sexp.new(:hash)
     type = nil
     value = nil
-    first_arg = args.first
+    first_arg = call.first_arg
 
-    if args.length == 1 and first_arg == Sexp.new(:lit, :update)
-      return :update, nil, Sexp.new(:arglist, *args[0..-2]) #TODO HUH?
+    if call.second_arg.nil? and first_arg == Sexp.new(:lit, :update)
+      return :update, nil, Sexp.new(:arglist, *call.args[0..-2]) #TODO HUH?
     end
 
     #Look for render :action, ... or render "action", ...
@@ -231,10 +231,12 @@ class Brakeman::BaseProcessor < Brakeman::SexpProcessor
       types_in_hash << :layout
     end
 
+    last_arg = call.last_arg
+
     #Look for "type" of render in options hash
     #For example, render :file => "blah"
-    if hash? args.last
-      hash_iterate(args.last) do |key, val|
+    if hash? last_arg
+      hash_iterate(last_arg) do |key, val|
         if symbol? key and types_in_hash.include? key.value
           type = key.value
           value = val