@lzybkr @rjmholt It seems that by calling ScanNumber() in here, we're potentially triggering recursion when the value is not a valid number value. ScanNumber() calls LanguagePrimitives.ConvertTo() which eventually ends up calling the ConvertStringToInteger or another related conversion method, which just re-invokes Parser.ScanNumber() 😕

This seems to be the source of the stackoverflow I'm encountering here. Not really sure how best to avoid this one, though.

(ty @SeeminglyScience for double-checking my blindness and pointing this out!)

Per @iSazonov's comment in #7710 I'll look to see if we can keep a Parser handy in LanguagePrimitives for this purpose, and perhaps along the way I'll find a good way to circumvent the issue here.

Per @iSazonov's comment in #7710 I'll look to see if we can keep a Parser handy in LanguagePrimitives for this purpose, and perhaps along the way I'll find a good way to circumvent the issue here.

That's a great idea!

ScanNumber() calls LanguagePrimitives.ConvertTo() which eventually ends up calling the ConvertStringToInteger or another related conversion method, which just re-invokes Parser.ScanNumber() 😕

The only way to stop it is going to be some way of communicating to ScanNumber() that LanguagePrimitives.ConvertTo() has called it and that it should bottom out. However, LanguagePrimitives.ConvertTo() is public, whereas ScanNumber() is not. So perhaps the ticket is adding a default parameter to the internal ScanNumber() method: Parser.ScanNumber(string strToConvert, Type resultType, bool shouldTryCoercion = true). Then when it's called from LanguagePrimitives.ConvertTo(), you can use Parser.ScanNumber(str, t, shouldTryCoercion: false) while leaving all other calls the same.

The relevant Parser code would then be:

 if (shouldTryCoercion && (token == null || !tokenizer.IsAtEndOfScript(token.Extent))) 
 { 
     // We call ConvertTo, primarily because we expect it will throw an exception, 
     // but it's possible it could succeed, e.g. if the string had commas, our lexer 
     // will fail, but Convert.ChangeType could succeed. 
  
    return LanguagePrimitives.ConvertTo(str, toType, CultureInfo.InvariantCulture); 

@rjmholt @lzybkr appreciate the suggestions! It now no longer overflows.

However, despite also attempting to throw an exception here when handling the recursion, it seems that somehow that's getting swallowed and not emitted like other conversion failures do. Not sure what's happening there?

Hmm. Also, attempting to create a static Parser object for this purpose seems to trigger an AMSI uninitialization failure?

The shell cannot be started. A failure occurred during initialization:
The type initializer for 'System.Management.Automation.Language.Compiler' threw an exception.
Assertion Failed
AMSI should have been uninitialized.

Okay, all fixed. I think. Let's make sure that runs correctly now... Seems OK locally.

It was very surprising to me to completely break console error display by adding a default parameter to ScanNumber() but now I know for the future, I guess.

If this runs OK I'll look at adding some tests. 😄

🤔 OK, not sure what I broke in this test.

Failure is:

Describing Trusted module on locked down machine should not expose private functions to script debugger command processing
[-] Verifies that private trusted module function is not available in script debugger 11.97s
Expected regular expression 'DebuggerStopHandled' to match NoResult, but it did not match.
172:             $debuggerTester.TestResult | Should -Match "DebuggerStopHandled"
 at <ScriptBlock>, D:\a\1\s\test\powershell\Modules\Microsoft.PowerShell.Security\ConstrainedLanguageDebugger.Tests.ps1: line 172

I can't really figure out how/why this is failing here, unfortunately. Looking at the test, it seems like it originates from a helper module that I don't have any experience with. 😕

@PaulHigin Could you please help @vexx32 with the debugger security issue? Is it possible to resolve the issue in the PR context?

@rjmholt @BrucePay @iSazonov I've looked at coding in a static parser instance to reuse for the static class methods, but it might be more trouble than it's worth.

Was discussing it with @SeeminglyScience and he brought up a thread-safety concern; with a static parser instance in place there's no guarantee multiple threads won't try to use it at the same time. 😕

Thread safety isn't something I have a lot of awareness of at the moment, so I think I'll probably not try to get too deep into that here as that's more of a tangent than anything else in this PR. 😄

(Also, I did try it out and it seems to work, but it is breaking something somewhere in the builds, and I'm not sure where... 🙁 It seems that it would have to be declared in the actual Parser class, though, as declaring it in LanguagePrimitives triggers the AMSI uninit failure message.)

Per @lzybkr's comment in #7710, we're not going the static parser instance route here unless there's a compelling reason to do so.

I'll take care of the CodeFactor issues tomorrow. 😄

@iSazonov @PaulHigin that ought to do it. The remaining CodeFactor issues are all "this looks like Hungarian notation" complaints; unless we feel the need to rename half the variables in this file, I don't think it's worth pursuing. 😄

@vexx32 Thanks for your contribution!

@anmenaga The PR is ready to merge.

@vexx32 Please create Docs issue and link in the PR description. Thanks!

@iSazonov all done!