Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error when also using Flay: setting s(:call, nil, :lambda).line nil (ArgumentError) #1579

Closed
owst opened this issue Apr 12, 2021 · 2 comments · Fixed by #1581
Closed

Error when also using Flay: setting s(:call, nil, :lambda).line nil (ArgumentError) #1579

owst opened this issue Apr 12, 2021 · 2 comments · Fixed by #1581

Comments

@owst
Copy link

owst commented Apr 12, 2021

Background

We use brakeman and flay (via https://github.com/prontolabs/pronto); we are seeing an ArgumentError for a method that calls a lambda twice, something like:

  def logline(foo, bar)
    summarise = ->(x) { x.id }

    [summarise.call(foo), " and ", summarise.call(bar)].join
  end

the last few lines of the stacktrace indicate this is a problem originating from brakeman:

	 4: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:72:in `process'
	 3: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:113:in `in_context'
	 2: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:76:in `block in process'
	 1: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_processor.rb:151:in `process_call'
/Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/sexp_processor-4.15.2/lib/sexp.rb:222:in `line': setting s(:call, nil, :lambda).line nil (ArgumentError)

Brakeman version: 5.0.0
Rails version: 5.2.5
Ruby version: 2.7.2

It's possible that this is a flay issue since I see no error if I don't require flay. However, given the error (seems) to originate from brakeman, I thought I'd raise the issue here.

Reproduction

To reproduce, use the following script that sets up a minimal rails app with brakeman/flay and the problematic module and then runs brakeman:

set -x

rails new brakeman_issue --minimal

cd brakeman_issue

cat > app/controllers/foos_controller.rb <<EOF
class FoosController < ApplicationController
  include MyModule

  def create
  end
end
EOF

mkdir app/classes

cat > app/classes/my_module.rb <<EOF
module MyModule
  def logline(foo, bar)
    summarise = ->(x) { x.id }

    [summarise.call(foo), " and ", summarise.call(bar)].join
  end
end
EOF

cat > repro.rb <<EOF
require 'brakeman'
require 'flay'

Brakeman.run(print_report: true, app_path: '.', debug: true)
EOF

echo 'gem "brakeman"' >> Gemfile
echo 'gem "flay"' >> Gemfile
bundle install

bundle exec ruby repro.rb

The output of the last line is:

+ bundle exec ruby repro.rb
Parsing Gemfile
Parsing config/environment.rb
Parsing config/application.rb
Parsing config/environments/production.rb
Parsing app/channels/application_cable/channel.rb
Parsing app/channels/application_cable/connection.rb
Parsing app/classes/my_module.rb
Parsing app/controllers/application_controller.rb
Parsing app/controllers/foos_controller.rb
Parsing app/helpers/application_helper.rb
Parsing app/jobs/application_job.rb
Parsing app/mailers/application_mailer.rb
Parsing app/models/application_record.rb
Parsing config/application.rb
Parsing config/boot.rb
Parsing config/environment.rb
Parsing config/environments/development.rb
Parsing config/environments/production.rb
Parsing config/environments/test.rb
Parsing config/initializers/application_controller_renderer.rb
Parsing config/initializers/assets.rb
Parsing config/initializers/backtrace_silencers.rb
Parsing config/initializers/content_security_policy.rb
Parsing config/initializers/cookies_serializer.rb
Parsing config/initializers/filter_parameter_logging.rb
Parsing config/initializers/inflections.rb
Parsing config/initializers/mime_types.rb
Parsing config/initializers/wrap_parameters.rb
Parsing config/puma.rb
Parsing config/routes.rb
Parsing config/spring.rb
Parsing repro.rb
Parsing /private/tmp/brakeman_issue/app/views/layouts/application.html.erb
Parsing app/views/layouts/application.html.erb
Parsing /private/tmp/brakeman_issue/app/views/layouts/mailer.html.erb
Parsing app/views/layouts/mailer.html.erb
Processing /private/tmp/brakeman_issue/config/initializers/assets.rb
Processing /private/tmp/brakeman_issue/config/initializers/cookies_serializer.rb
Processing /private/tmp/brakeman_issue/config/initializers/filter_parameter_logging.rb
Processing /private/tmp/brakeman_issue/config/initializers/wrap_parameters.rb
Processing /private/tmp/brakeman_issue/app/channels/application_cable/channel.rb
Processing /private/tmp/brakeman_issue/app/channels/application_cable/connection.rb
Processing /private/tmp/brakeman_issue/app/classes/my_module.rb
Processing /private/tmp/brakeman_issue/app/helpers/application_helper.rb
Processing /private/tmp/brakeman_issue/app/jobs/application_job.rb
Processing /private/tmp/brakeman_issue/app/mailers/application_mailer.rb
Processing /private/tmp/brakeman_issue/config/boot.rb
Processing /private/tmp/brakeman_issue/config/environment.rb
Processing /private/tmp/brakeman_issue/config/environments/development.rb
Processing /private/tmp/brakeman_issue/config/environments/test.rb
Processing /private/tmp/brakeman_issue/config/puma.rb
Processing /private/tmp/brakeman_issue/config/routes.rb
Processing /private/tmp/brakeman_issue/config/spring.rb
Processing /private/tmp/brakeman_issue/repro.rb
Parsing config/routes.rb
Processing /private/tmp/brakeman_issue/app/views/layouts/application.html.erb
Processing /private/tmp/brakeman_issue/app/views/layouts/mailer.html.erb
Processing layouts/application
Processing layouts/mailer
Processing /private/tmp/brakeman_issue/app/models/application_record.rb
Processing /private/tmp/brakeman_issue/app/controllers/application_controller.rb
Processing /private/tmp/brakeman_issue/app/controllers/foos_controller.rb
Processing ApplicationController
Processing FoosController
Processing FoosController#create
Rendering layouts/application (["FoosController#create"])
Rendering foos/create (["FoosController#create"])
[Notice] No such template: foos/create
Traceback (most recent call last):
	47: from repro.rb:4:in `<main>'
	46: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman.rb:85:in `run'
	45: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman.rb:379:in `scan'
	44: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/scanner.rb:67:in `process'
	43: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/scanner.rb:276:in `process_controller_data_flows'
	42: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/scanner.rb:337:in `track_progress'
	41: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/scanner.rb:337:in `each'
	40: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/scanner.rb:340:in `block in track_progress'
	39: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/scanner.rb:278:in `block in process_controller_data_flows'
	38: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/scanner.rb:278:in `each'
	37: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/scanner.rb:279:in `block (2 levels) in process_controller_data_flows'
	36: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processor.rb:50:in `process_controller_alias'
	35: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_alias_processor.rb:33:in `process_controller'
	34: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_alias_processor.rb:42:in `process_mixins'
	33: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_alias_processor.rb:42:in `each'
	32: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_alias_processor.rb:50:in `block in process_mixins'
	31: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_alias_processor.rb:50:in `each'
	30: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_alias_processor.rb:57:in `block (2 levels) in process_mixins'
	29: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/lib/module_helper.rb:99:in `process_defn'
	28: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/lib/processor_helper.rb:11:in `process_all!'
	27: from (eval):3:in `map!'
	26: from (eval):3:in `map!'
	25: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/lib/processor_helper.rb:13:in `block in process_all!'
	24: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:72:in `process'
	23: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:113:in `in_context'
	22: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:76:in `block in process'
	21: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/base_processor.rb:89:in `process_dstr'
	20: from (eval):3:in `map!'
	19: from (eval):3:in `map!'
	18: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/base_processor.rb:93:in `block in process_dstr'
	17: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:72:in `process'
	16: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:113:in `in_context'
	15: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:76:in `block in process'
	14: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/base_processor.rb:123:in `process_evstr'
	13: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:72:in `process'
	12: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:113:in `in_context'
	11: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:76:in `block in process'
	10: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_processor.rb:78:in `process_call'
	 9: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:72:in `process'
	 8: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:113:in `in_context'
	 7: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:76:in `block in process'
	 6: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_processor.rb:167:in `process_iter'
	 5: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/base_processor.rb:71:in `process_iter'
	 4: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:72:in `process'
	 3: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:113:in `in_context'
	 2: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/ruby_parser/bm_sexp_processor.rb:76:in `block in process'
	 1: from /Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/brakeman-5.0.0/lib/brakeman/processors/controller_processor.rb:151:in `process_call'
/Users/owen/.rbenv/versions/2.7.2/lib/ruby/gems/2.7.0/gems/sexp_processor-4.15.2/lib/sexp.rb:222:in `line': setting s(:call, nil, :lambda).line nil (ArgumentError)
@presidentbeef
Copy link
Owner

Hi @owst,

Thank you for the detailed report and a script to reproduce. Never gotten that before!

I am a little mystified as to the root cause here... it's not what I expected. So I'll keep digging.

presidentbeef added a commit that referenced this issue Apr 13, 2021
@presidentbeef
Set line numbers when joining array into a string
d5cfa90 
Fixes #1579
@presidentbeef presidentbeef mentioned this issue Apr 13, 2021
Merged
@presidentbeef
Copy link
Owner

Still no idea why adding Flay changes behavior, but it's a genuine bug in Brakeman.

Thank you for reporting!

Repository owner locked and limited conversation to collaborators Jan 30, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Set line numbers when joining array into a string presidentbeef/brakeman
2 participants
@presidentbeef @owst