From fa2ac321528fbba5fa9eb15ee6ae87803fb54bb3 Mon Sep 17 00:00:00 2001 From: Cyrille Bagard Date: Mon, 7 Aug 2023 01:18:51 +0200 Subject: Reject calls on non callable expressions softly (and fix a little coding mistake). --- src/analysis/scan/exprs/call.c | 16 ++++++++++++---- tests/analysis/scan/fuzzing.py | 15 +++++++++++++++ 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/src/analysis/scan/exprs/call.c b/src/analysis/scan/exprs/call.c index 2fd1ff1..83aff85 100644 --- a/src/analysis/scan/exprs/call.c +++ b/src/analysis/scan/exprs/call.c @@ -378,18 +378,24 @@ static ScanReductionState g_scan_pending_call_reduce(GScanPendingCall *expr, GSc */ if (!G_IS_REGISTERED_ITEM(final)) { - assert(access->next == NULL); + if (access->next != NULL) + result = SRS_UNRESOLVABLE; - *out = G_SCAN_EXPRESSION(final); + else + { + *out = G_SCAN_EXPRESSION(final); + g_object_ref(G_OBJECT(final)); + + result = SRS_REDUCED; - result = SRS_REDUCED; + } } else { assert(access->next != NULL); - new_next = g_scan_named_access_duplicate(access->next, resolved); + new_next = g_scan_named_access_duplicate(access->next, G_REGISTERED_ITEM(final)); result = g_scan_expression_reduce(new_next, ctx, scope, out); @@ -402,6 +408,8 @@ static ScanReductionState g_scan_pending_call_reduce(GScanPendingCall *expr, GSc else result = SRS_UNRESOLVABLE; + g_clear_object(&final); + } /* Libération locale des arguments reconstruits */ diff --git a/tests/analysis/scan/fuzzing.py b/tests/analysis/scan/fuzzing.py index 6eecac9..d5fce4b 100644 --- a/tests/analysis/scan/fuzzing.py +++ b/tests/analysis/scan/fuzzing.py @@ -78,3 +78,18 @@ rule test { ''' self.check_rule_failure(rule) + + + def testCallOnNonCallable(self): + """Reject calls on non callable expressions softly.""" + + rule = ''' +rule test { + + condition: + console.log().log() + +} +''' + + self.check_rule_failure(rule) -- cgit v0.11.2-87-g4458