Freeze call index results

to prevent modification which is not thread-safe across checks
presidentbeef · Feb 5, 2020 · d584de7 · d584de7
1 parent 91c4eef
commit d584de7
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 10 deletions.
diff --git a/lib/brakeman/checks/check_content_tag.rb b/lib/brakeman/checks/check_content_tag.rb
@@ -55,8 +55,7 @@ def process_result result
 
     @current_file = result[:location][:file]
 
-    call = result[:call] = result[:call].dup
-
+    call = result[:call]
     args = call.arglist
 
     tag_name = args[1]

diff --git a/lib/brakeman/checks/check_link_to.rb b/lib/brakeman/checks/check_link_to.rb
@@ -34,7 +34,7 @@ def process_result result
 
     #Have to make a copy of this, otherwise it will be changed to
     #an ignored method call by the code above.
-    call = result[:call] = result[:call].dup
+    call = result[:call]
 
     first_arg = call.first_arg
     second_arg = call.second_arg

diff --git a/lib/brakeman/checks/check_link_to_href.rb b/lib/brakeman/checks/check_link_to_href.rb
@@ -30,9 +30,7 @@ def run_check
   end
 
   def process_result result
-    #Have to make a copy of this, otherwise it will be changed to
-    #an ignored method call by the code above.
-    call = result[:call] = result[:call].dup
+    call = result[:call]
     @matched = false
 
     url_arg = if result[:block]

diff --git a/lib/brakeman/processors/lib/find_all_calls.rb b/lib/brakeman/processors/lib/find_all_calls.rb
@@ -60,7 +60,7 @@ def process_rlist exp
   end
 
   def process_call exp
-    @calls << create_call_hash(exp)
+    @calls << create_call_hash(exp).freeze
     exp
   end
 
@@ -72,6 +72,7 @@ def process_iter exp
 
       call_hash[:block] = exp.block
       call_hash[:block_args] = exp.block_args
+      call_hash.freeze
 
       @calls << call_hash
 
@@ -133,10 +134,10 @@ def process_attrasgn exp
   def add_simple_call method_name, exp
     @calls << { :target => nil,
                 :method => method_name,
-                :call => exp,
+                :call => exp.semi_freeze,
                 :nested => false,
                 :location => make_location,
-                :parent => @current_call }
+                :parent => @current_call }.freeze
   end
 
   #Gets the target of a call as a Symbol
@@ -228,7 +229,7 @@ def create_call_hash exp
     call_hash = {
       :target => target,
       :method => method,
-      :call => exp,
+      :call => exp.semi_freeze,
       :nested => @in_target,
       :chain => get_chain(exp),
       :location => make_location,