From f58306c1e341b8bf9782caf2218262bbdbd521e6 Mon Sep 17 00:00:00 2001
From: "Chris West (Faux)" <git@goeswhere.com>
Date: Thu, 11 Jul 2019 10:57:34 +0100
Subject: [PATCH] feat: allow lazy || wrapper classes

---
 lib/ast.js                    |  4 ++++
 test/method-detection.test.js | 15 +++++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/lib/ast.js b/lib/ast.js
index 1fb7c09..c522ca7 100644
--- a/lib/ast.js
+++ b/lib/ast.js
@@ -96,6 +96,10 @@ function inspectNode(node, path, cb, expectingAnonymousDeclaration) {
       inspectNode(node.right, path.concat(unpackName(node.left)), cb, true);
       break;
     }
+    case 'LogicalExpression':
+      inspectNode(node.left, path, cb);
+      inspectNode(node.right, path, cb);
+      break;
     case 'UnaryExpression':
       inspectNode(node.argument, path, cb);
       break;
diff --git a/test/method-detection.test.js b/test/method-detection.test.js
index 39bc8f8..3f71b40 100644
--- a/test/method-detection.test.js
+++ b/test/method-detection.test.js
@@ -107,6 +107,21 @@ if (console.both) {
   t.end();
 });
 
+test('test lazy class declaration', function (t) {
+  const contents = `
+var Class = Class || (function (Object) {
+  function foo() {}
+});
+`;
+  const methods = ['Class.foo'];
+  const found = ast.findAllVulnerableFunctionsInScript(
+    contents, methods,
+  );
+  t.same(sorted(Object.keys(found)), sorted(methods));
+  t.equal(found[methods[0]].start.line, 3, 'foo');
+  t.end();
+});
+
 test('test st method detection', function (t) {
   const content = fs.readFileSync(__dirname + '/fixtures/st/node_modules/st.js');
   const methods = ['Mount.prototype.getPath'];