From 820ba362a3da900fd18c53df5e49f93880305112 Mon Sep 17 00:00:00 2001
From: Justin Collins <collins@twitter.com>
Date: Fri, 24 Feb 2012 09:58:21 -0800
Subject: [PATCH] Use Util.node_type? wherever possible

instead of "sexp? exp and exp.node_type == :blah"
or "sexp? exp and exp[0] == :blah"
---
 lib/brakeman/checks/check_link_to_href.rb              | 6 +++++-
 lib/brakeman/checks/check_sql.rb                       | 2 +-
 lib/brakeman/processors/controller_processor.rb        | 4 ++--
 lib/brakeman/processors/erb_template_processor.rb      | 2 +-
 lib/brakeman/processors/lib/find_all_calls.rb          | 2 +-
 lib/brakeman/processors/lib/find_call.rb               | 2 +-
 lib/brakeman/processors/lib/rails2_config_processor.rb | 2 +-
 lib/brakeman/processors/lib/rails2_route_processor.rb  | 4 ++--
 lib/brakeman/processors/lib/rails3_config_processor.rb | 4 ++--
 lib/brakeman/processors/lib/render_helper.rb           | 2 +-
 lib/brakeman/processors/template_alias_processor.rb    | 4 ++--
 11 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/lib/brakeman/checks/check_link_to_href.rb b/lib/brakeman/checks/check_link_to_href.rb
index 77c13c17..16a7ba1f 100644
--- a/lib/brakeman/checks/check_link_to_href.rb
+++ b/lib/brakeman/checks/check_link_to_href.rb
@@ -35,7 +35,11 @@ class Brakeman::CheckLinkToHref < Brakeman::CheckLinkTo
     call = result[:call] = result[:call].dup
     @matched = false
     url_arg = process call[3][2]
-    return if sexp?(url_arg) && url_arg.node_type == :string_interp && !url_arg[1].chomp.empty?
+
+    #Ignore situations where the href is an interpolated string
+    #with something before the user input
+    return if node_type?(url_arg, :string_interp) && !url_arg[1].chomp.empty?
+
     type, match = has_immediate_user_input? url_arg
 
     if type
diff --git a/lib/brakeman/checks/check_sql.rb b/lib/brakeman/checks/check_sql.rb
index 466f6e25..68a13725 100644
--- a/lib/brakeman/checks/check_sql.rb
+++ b/lib/brakeman/checks/check_sql.rb
@@ -181,7 +181,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
     arg.each do |exp|
       #For now, don't warn on interpolation of Model.table_name
       #but check for other 'safe' things in the future
-      if sexp? exp and (exp.node_type == :string_eval or exp.node_type == :evstr)
+      if node_type? exp, :string_eval, :evstr
         if call? exp[1] and (model_name?(exp[1][1]) or exp[1][1].nil?) and exp[1][2] == :table_name
           return false
         end
diff --git a/lib/brakeman/processors/controller_processor.rb b/lib/brakeman/processors/controller_processor.rb
index 9a3c961a..c0a0dc46 100644
--- a/lib/brakeman/processors/controller_processor.rb
+++ b/lib/brakeman/processors/controller_processor.rb
@@ -85,7 +85,7 @@ class Brakeman::ControllerProcessor < Brakeman::BaseProcessor
             else
               Brakeman.debug "[Notice] Layout not found: #{name}"
             end
-          elsif sexp? args[-1] and (args[-1][0] == :nil or args[-1][0] == :false)
+          elsif node_type? args[-1], :nil, :false
             #layout :false or layout nil
             @controller[:layout] = false
           end
@@ -181,7 +181,7 @@ class Brakeman::ControllerProcessor < Brakeman::BaseProcessor
       block_variable = :temp
     end
 
-    if sexp? exp[3] and exp[3].node_type == :block
+    if node_type? exp[3], :block
       block_inner = exp[3][1..-1]
     else
       block_inner = [exp[3]]
diff --git a/lib/brakeman/processors/erb_template_processor.rb b/lib/brakeman/processors/erb_template_processor.rb
index 17bcd6b4..140c2bef 100644
--- a/lib/brakeman/processors/erb_template_processor.rb
+++ b/lib/brakeman/processors/erb_template_processor.rb
@@ -68,7 +68,7 @@ class Brakeman::ErbTemplateProcessor < Brakeman::TemplateProcessor
         res = process e
         if res.empty? or res == ignore
           nil
-        elsif sexp? res and res.node_type == :lvar and res[1] == :_erbout
+        elsif node_type?(res, :lvar) and res[1] == :_erbout
           nil
 
         else
diff --git a/lib/brakeman/processors/lib/find_all_calls.rb b/lib/brakeman/processors/lib/find_all_calls.rb
index 303c6416..a610d040 100644
--- a/lib/brakeman/processors/lib/find_all_calls.rb
+++ b/lib/brakeman/processors/lib/find_all_calls.rb
@@ -138,7 +138,7 @@ class Brakeman::FindAllCalls < Brakeman::BaseProcessor
   #Returns method chain as an array
   #For example, User.human.alive.all would return [:User, :human, :alive, :all]
   def get_chain call
-    if sexp? call and (call.node_type == :call or call.node_type == :attrasgn)
+    if node_type? call, :call, :attrasgn
       get_chain(call[1]) + [call[2]]
     else
       [get_target(call)]
diff --git a/lib/brakeman/processors/lib/find_call.rb b/lib/brakeman/processors/lib/find_call.rb
index 341092dd..80605c39 100644
--- a/lib/brakeman/processors/lib/find_call.rb
+++ b/lib/brakeman/processors/lib/find_call.rb
@@ -107,7 +107,7 @@ class Brakeman::FindCall < Brakeman::BaseProcessor
     #  User.find(:first, :conditions => "user = '#{params['user']}').name
     #
     #A search for User.find will not match this unless @in_depth is true.
-    if @in_depth and sexp? exp[1] and exp[1][0] == :call
+    if @in_depth and node_type? exp[1], :call
       process exp[1]
     end
 
diff --git a/lib/brakeman/processors/lib/rails2_config_processor.rb b/lib/brakeman/processors/lib/rails2_config_processor.rb
index 400adcbc..bdecaf84 100644
--- a/lib/brakeman/processors/lib/rails2_config_processor.rb
+++ b/lib/brakeman/processors/lib/rails2_config_processor.rb
@@ -103,7 +103,7 @@ class Brakeman::Rails2ConfigProcessor < Brakeman::BaseProcessor
   #
   #  [:action_controller, :session_store]
   def get_rails_config exp
-    if sexp? exp and exp.node_type == :attrasgn
+    if node_type? exp, :attrasgn
       attribute = exp[2].to_s[0..-2].to_sym
       get_rails_config(exp[1]) << attribute
     elsif call? exp
diff --git a/lib/brakeman/processors/lib/rails2_route_processor.rb b/lib/brakeman/processors/lib/rails2_route_processor.rb
index 798cf9d9..c453212d 100644
--- a/lib/brakeman/processors/lib/rails2_route_processor.rb
+++ b/lib/brakeman/processors/lib/rails2_route_processor.rb
@@ -89,7 +89,7 @@ class Brakeman::Rails2RoutesProcessor < Brakeman::BaseProcessor
       process_resource_options exp[-1]
     else
       exp.each do |argument|
-        if sexp? argument and argument.node_type == :lit
+        if node_type? argument, :lit
           self.current_controller = exp[0][1]
           add_resources_routes
           process_resource_options exp[-1]
@@ -165,7 +165,7 @@ class Brakeman::Rails2RoutesProcessor < Brakeman::BaseProcessor
       process_resource_options exp[-1]
     else
       exp.each do |argument|
-        if sexp? argument and argument.node_type == :lit
+        if node_type? argument, :lit
           self.current_controller = pluralize(exp[0][1].to_s)
           add_resource_routes
           process_resource_options exp[-1]
diff --git a/lib/brakeman/processors/lib/rails3_config_processor.rb b/lib/brakeman/processors/lib/rails3_config_processor.rb
index 31a08561..2fcbb9fb 100644
--- a/lib/brakeman/processors/lib/rails3_config_processor.rb
+++ b/lib/brakeman/processors/lib/rails3_config_processor.rb
@@ -29,7 +29,7 @@ class Brakeman::Rails3ConfigProcessor < Brakeman::BaseProcessor
 
   #Look for MyApp::Application.configure do ... end
   def process_iter exp
-    if sexp?(exp[1][1]) and exp[1][1][0] == :colon2 and exp[1][1][2] == :Application
+    if node_type?(exp[1][1], :colon2) and exp[1][1][2] == :Application
       @inside_config = true
       process exp[-1] if sexp? exp[-1]
       @inside_config = false
@@ -100,7 +100,7 @@ class Brakeman::Rails3ConfigProcessor < Brakeman::BaseProcessor
   #
   #  [:action_controller, :session_store]
   def get_rails_config exp
-    if sexp? exp and exp.node_type == :attrasgn
+    if node_type? exp, :attrasgn
       attribute = exp[2].to_s[0..-2].to_sym
       get_rails_config(exp[1]) << attribute
     elsif call? exp
diff --git a/lib/brakeman/processors/lib/render_helper.rb b/lib/brakeman/processors/lib/render_helper.rb
index 1b5c3922..f45f2045 100644
--- a/lib/brakeman/processors/lib/render_helper.rb
+++ b/lib/brakeman/processors/lib/render_helper.rb
@@ -75,7 +75,7 @@ module Brakeman::RenderHelper
       #Process layout
       if string? options[:layout]
         process_template "layouts/#{options[:layout][1]}", nil
-      elsif sexp? options[:layout] and options[:layout][0] == :false
+      elsif node_type? options[:layout], :false
         #nothing
       elsif not template[:name].to_s.match(/[^\/_][^\/]+$/)
         #Don't do this for partials
diff --git a/lib/brakeman/processors/template_alias_processor.rb b/lib/brakeman/processors/template_alias_processor.rb
index 1269dc0e..d5333326 100644
--- a/lib/brakeman/processors/template_alias_processor.rb
+++ b/lib/brakeman/processors/template_alias_processor.rb
@@ -40,7 +40,7 @@ class Brakeman::TemplateAliasProcessor < Brakeman::AliasProcessor
 
     #Check for e.g. Model.find.each do ... end
     if method == :each and args and block and model = get_model_target(target)
-      if sexp? args and args.node_type == :lasgn
+      if node_type? args, :lasgn
         if model == target[1]
           env[Sexp.new(:lvar, args[1])] = Sexp.new(:call, model, :new, Sexp.new(:arglist))
         else
@@ -50,7 +50,7 @@ class Brakeman::TemplateAliasProcessor < Brakeman::AliasProcessor
         process block if sexp? block
       end
     elsif FORM_METHODS.include? method
-      if sexp? args and args.node_type == :lasgn
+      if node_type? args, :lasgn
         env[Sexp.new(:lvar, args[1])] = Sexp.new(:call, Sexp.new(:const, :FormBuilder), :new, Sexp.new(:arglist)) 
 
         process block if sexp? block
-- 
GitLab