@@ -4,7 +4,7 @@ module.exports = function (ast, vars) {
44 if ( ! vars ) vars = { } ;
55 var FAIL = { } ;
66
7- var result = ( function walk ( node ) {
7+ var result = ( function walk ( node , scopeVars ) {
88 if ( node . type === 'Literal' ) {
99 return node . value ;
1010 }
@@ -97,7 +97,10 @@ module.exports = function (ast, vars) {
9797 }
9898 else if ( node . type === 'MemberExpression' ) {
9999 var obj = walk ( node . object ) ;
100- if ( obj === FAIL ) return FAIL ;
100+ // do not allow access to methods on Function
101+ if ( ( obj === FAIL ) || ( typeof obj == 'function' ) ) {
102+ return FAIL ;
103+ }
101104 if ( node . property . type === 'Identifier' ) {
102105 return obj [ node . property . name ] ;
103106 }
@@ -110,7 +113,37 @@ module.exports = function (ast, vars) {
110113 if ( val === FAIL ) return FAIL ;
111114 return val ? walk ( node . consequent ) : walk ( node . alternate )
112115 }
116+ else if ( node . type === 'ExpressionStatement' ) {
117+ var val = walk ( node . expression )
118+ if ( val === FAIL ) return FAIL ;
119+ return val ;
120+ }
121+ else if ( node . type === 'ReturnStatement' ) {
122+ return walk ( node . argument )
123+ }
113124 else if ( node . type === 'FunctionExpression' ) {
125+
126+ var bodies = node . body . body ;
127+
128+ // Create a "scope" for our arguments
129+ var oldVars = { } ;
130+ Object . keys ( vars ) . forEach ( function ( element ) {
131+ oldVars [ element ] = vars [ element ] ;
132+ } )
133+
134+ node . params . forEach ( function ( key ) {
135+ if ( key . type == 'Identifier' ) {
136+ vars [ key . name ] = null ;
137+ }
138+ } ) ;
139+ for ( var i in bodies ) {
140+ if ( walk ( bodies [ i ] ) === FAIL ) {
141+ return FAIL ;
142+ }
143+ }
144+ // restore the vars and scope after we walk
145+ vars = oldVars ;
146+
114147 var keys = Object . keys ( vars ) ;
115148 var vals = keys . map ( function ( key ) {
116149 return vars [ key ] ;
0 commit comments