Merge pull request #68 from codeclimate/will/json-depth

wfleming · wfleming · commit 7b5a477eb2e8 · 2016-01-04T13:50:33.000-05:00
Do not limit nesting depth of parsed JSON
diff --git a/lib/cc/engine/analyzers/analyzer_base.rb b/lib/cc/engine/analyzers/analyzer_base.rb
@@ -1,4 +1,5 @@
 require "cc/engine/analyzers/parser_error"
+require "cc/engine/analyzers/parser_base"
 
 module CC
   module Engine
diff --git a/lib/cc/engine/analyzers/javascript/parser.rb b/lib/cc/engine/analyzers/javascript/parser.rb
@@ -4,7 +4,7 @@ module CC
   module Engine
     module Analyzers
       module Javascript
-        class Parser
+        class Parser < ParserBase
           attr_reader :code, :filename, :syntax_tree
 
           def initialize(code, filename)
@@ -15,8 +15,7 @@ def initialize(code, filename)
           def parse
             runner = CommandLineRunner.new(js_command)
             runner.run(strip_shebang(code)) do |ast|
-              json_ast = JSON.parse(ast)
-              @syntax_tree = json_ast
+              @syntax_tree = parse_json(ast)
             end
 
             self
diff --git a/lib/cc/engine/analyzers/parser_base.rb b/lib/cc/engine/analyzers/parser_base.rb
@@ -0,0 +1,13 @@
+module CC
+  module Engine
+    module Analyzers
+      class ParserBase
+        private
+
+        def parse_json(text)
+          JSON.parse(text, max_nesting: false)
+        end
+      end
+    end
+  end
+end
diff --git a/lib/cc/engine/analyzers/php/parser.rb b/lib/cc/engine/analyzers/php/parser.rb
@@ -6,7 +6,7 @@ module CC
   module Engine
     module Analyzers
       module Php
-        class Parser
+        class Parser < ParserBase
           attr_reader :code, :filename, :syntax_tree
 
           def initialize(code, filename)
@@ -17,7 +17,7 @@ def initialize(code, filename)
           def parse
             runner = CommandLineRunner.new("php #{parser_path}")
             runner.run(code) do |output|
-              json = JSON.parse(output)
+              json = parse_json(output)
 
               @syntax_tree = CC::Engine::Analyzers::Php::Nodes::Node.new.tap do |node|
                 node.stmts = CC::Engine::Analyzers::Php::AST.json_to_ast(json, filename)
diff --git a/lib/cc/engine/analyzers/python/parser.rb b/lib/cc/engine/analyzers/python/parser.rb
@@ -6,7 +6,7 @@ module CC
   module Engine
     module Analyzers
       module Python
-        class Parser
+        class Parser < ParserBase
           attr_reader :code, :filename, :syntax_tree
 
           def initialize(code, filename)
@@ -17,8 +17,7 @@ def initialize(code, filename)
           def parse
             runner = CommandLineRunner.new(python_command)
             runner.run(code) do |ast|
-              json_ast = JSON.parse(ast)
-              @syntax_tree = json_ast
+              @syntax_tree = parse_json(ast)
             end
 
             self
diff --git a/spec/cc/engine/analyzers/php/main_spec.rb b/spec/cc/engine/analyzers/php/main_spec.rb
@@ -49,6 +49,13 @@
       expect(json["fingerprint"]).to eq("667da0e2bab866aa2fe9d014a65d57d9")
     end
 
+    it "runs against complex files" do
+      FileUtils.cp(fixture_path("symfony_configuration.php"), File.join(@code, "configuration.php"))
+      result = run_engine(engine_conf).strip
+
+      expect(result).to match "\"type\":\"issue\""
+    end
+
     it "skips unparsable files" do
       create_source_file("foo.php", <<-EOPHP)
         <?php blorb &; "fee
diff --git a/spec/fixtures/symfony_configuration.php b/spec/fixtures/symfony_configuration.php
diff --git a/spec/support/helpers/analyzer_spec_helpers.rb b/spec/support/helpers/analyzer_spec_helpers.rb

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`require "cc/engine/analyzers/parser_error"`
	`2`	`+require "cc/engine/analyzers/parser_base"`
`2`	`3`
`3`	`4`	`module CC`
`4`	`5`	`module Engine`