Merge pull request #1421 from presidentbeef/check_string_length_first

Check string length against maximum before joining
presidentbeef · Oct 29, 2019 · 23232f6 · 23232f6
2 parents 3f24340 + 1b28a8e
commit 23232f6
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/lib/brakeman/processors/lib/call_conversion_helper.rb b/lib/brakeman/processors/lib/call_conversion_helper.rb
@@ -19,16 +19,17 @@ def join_arrays lhs, rhs, original_exp = nil
       end
     end
 
+    STRING_LENGTH_LIMIT = 50
+
     # Join two string literals into one.
     def join_strings lhs, rhs, original_exp = nil
       if string? lhs and string? rhs
-        result = Sexp.new(:str).line(lhs.line)
-        result.value = lhs.value + rhs.value
-
-        if result.value.length > 50
+        if (lhs.value.length + rhs.value.length > STRING_LENGTH_LIMIT)
           # Avoid gigantic strings
           lhs
         else
+          result = Sexp.new(:str).line(lhs.line)
+          result.value = lhs.value + rhs.value
           result
         end
       elsif call? lhs and lhs.method == :+ and string? lhs.first_arg and string? rhs