Giters

phylum-dev / vuln-reach

A library for building tools to determine if vulnerabilities are reachable in a code base.

Home Page:https://phylum.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Symbol table fails to parse functions with comments between formal parameters and body

andreaphylum opened this issue · comments

commented

The symbol table builder assumes that a formal_parameter list is always immediately contiguous to a statement_block.
There are cases where this is not true, for example when a comment appears between the parameter list and the function body.

The assumption should be relaxed.

Example:

function ok(arg1, arg2) { }
function bad(arg1, arg2) /* comment */ { }
function_declaration [0, 0] - [0, 27]
  name: identifier [0, 9] - [0, 11]
  parameters: formal_parameters [0, 11] - [0, 23]
    identifier [0, 12] - [0, 16]
    identifier [0, 18] - [0, 22]
  body: statement_block [0, 24] - [0, 27]
function_declaration [1, 0] - [1, 42]
  name: identifier [1, 9] - [1, 12]
  parameters: formal_parameters [1, 12] - [1, 24]
    identifier [1, 13] - [1, 17]
    identifier [1, 19] - [1, 23]
  comment [1, 25] - [1, 38]    <-- this causes a panic.
  body: statement_block [1, 39] - [1, 42]

Affected code: https://github.com/phylum-dev/vuln-reach/blob/main/vuln-reach/src/javascript/lang/symbol_table.rs#L113-L119