From 45c0433cda7655adf503547ef3cfd399724824d0 Mon Sep 17 00:00:00 2001
From: fraxken <gentilhomme.thomas@gmail.com>
Date: Tue, 28 Nov 2023 17:03:50 +0100
Subject: [PATCH] fix: illegal return statement parsing error

---
 foo.js                              | 52 +++++++++++++++++++++++++++++
 index.js                            |  8 +++--
 test/illegalReturnStatement.spec.js | 27 +++++++++++++++
 3 files changed, 85 insertions(+), 2 deletions(-)
 create mode 100644 foo.js
 create mode 100644 test/illegalReturnStatement.spec.js

diff --git a/foo.js b/foo.js
new file mode 100644
index 0000000..6df16f2
--- /dev/null
+++ b/foo.js
@@ -0,0 +1,52 @@
+#!/usr/bin/env node
+
+const which = require('../lib')
+const argv = process.argv.slice(2)
+
+const usage = (err) => {
+  if (err) {
+    console.error(`which: ${err}`)
+  }
+  console.error('usage: which [-as] program ...')
+  process.exit(1)
+}
+
+if (!argv.length) {
+  return usage()
+}
+
+let dashdash = false
+const [commands, flags] = argv.reduce((acc, arg) => {
+  if (dashdash || arg === '--') {
+    dashdash = true
+    return acc
+  }
+
+  if (!/^-/.test(arg)) {
+    acc[0].push(arg)
+    return acc
+  }
+
+  for (const flag of arg.slice(1).split('')) {
+    if (flag === 's') {
+      acc[1].silent = true
+    } else if (flag === 'a') {
+      acc[1].all = true
+    } else {
+      usage(`illegal option -- ${flag}`)
+    }
+  }
+
+  return acc
+}, [[], {}])
+
+for (const command of commands) {
+  try {
+    const res = which.sync(command, { all: flags.all })
+    if (!flags.silent) {
+      console.log([].concat(res).join('\n'))
+    }
+  } catch (err) {
+    process.exitCode = 1
+  }
+}
diff --git a/index.js b/index.js
index ec873a0..6682834 100644
--- a/index.js
+++ b/index.js
@@ -122,15 +122,19 @@ function parseScriptExtended(strToAnalyze, options = {}) {
     return body;
   }
   catch (error) {
+    const isIllegalReturn = error.description.includes("Illegal return statement");
+
     if (error.name === "SyntaxError" && (
       error.description.includes("The import keyword") ||
-      error.description.includes("The export keyword")
+      error.description.includes("The export keyword") ||
+      isIllegalReturn
     )) {
       const { body } = meriyah.parseScript(
         cleanedStrToAnalyze,
         {
           ...kMeriyahDefaultOptions,
-          module: true
+          module: true,
+          globalReturn: isIllegalReturn
         }
       );
 
diff --git a/test/illegalReturnStatement.spec.js b/test/illegalReturnStatement.spec.js
new file mode 100644
index 0000000..ac11f4e
--- /dev/null
+++ b/test/illegalReturnStatement.spec.js
@@ -0,0 +1,27 @@
+// Import Node.js Dependencies
+import { test } from "node:test";
+// import assert from "node:assert";
+
+// Import Internal Dependencies
+import { runASTAnalysis } from "../index.js";
+
+/**
+ * @see https://github.com/NodeSecure/js-x-ray/issues/163
+ */
+// CONSTANTS
+const kIncriminedCodeSample = `
+const argv = process.argv.slice(2);
+
+function foobar() {
+  console.log("foobar");
+}
+
+if (!argv.length) {
+  return foobar();
+}
+`;
+
+test("it should not throw error whatever module is true or false", () => {
+  runASTAnalysis(kIncriminedCodeSample, { module: false });
+  runASTAnalysis(kIncriminedCodeSample, { module: true });
+});