From 40dc7ea3795f8548c3e41ad3641dc589c031eaa0 Mon Sep 17 00:00:00 2001
From: nikhilk <nikhilk@live.com>
Date: Thu, 18 Apr 2013 11:04:06 -0700
Subject: [PATCH] Validate Script.Literal strings are valid String.Format
 strings (fix #360)

---
 src/Core/Compiler/Compiler/ExpressionBuilder.cs    | 14 ++++++++++++++
 src/Core/Compiler/Generator/ExpressionGenerator.cs |  2 +-
 tests/TestCases/Validation/InlineScript/Code.cs    |  1 +
 tests/ValidationTests.cs                           |  3 ++-
 4 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/src/Core/Compiler/Compiler/ExpressionBuilder.cs b/src/Core/Compiler/Compiler/ExpressionBuilder.cs
index d6543694e..0e2607ef2 100644
--- a/src/Core/Compiler/Compiler/ExpressionBuilder.cs
+++ b/src/Core/Compiler/Compiler/ExpressionBuilder.cs
@@ -7,6 +7,7 @@
 using System.Collections;
 using System.Collections.Generic;
 using System.Diagnostics;
+using System.Globalization;
 using System.Linq;
 using ScriptSharp;
 using ScriptSharp.CodeModel;
@@ -1100,6 +1101,19 @@ private Expression ProcessOpenParenExpressionNode(BinaryExpressionNode node) {
                             return new InlineScriptExpression("", objectType);
                         }
 
+                        if (args.Count > 1) {
+                            // Check whether the script is a valid string format string
+                            try {
+                                object[] argValues = new object[args.Count - 1];
+                                String.Format(CultureInfo.InvariantCulture, script, argValues);
+                            }
+                            catch {
+                                _errorHandler.ReportError("The argument to Script.Literal must be a valid String.Format string.",
+                                                          argNodes.Expressions[0].Token.Location);
+                                return new InlineScriptExpression("", objectType);
+                            }
+                        }
+
                         InlineScriptExpression scriptExpression = new InlineScriptExpression(script, objectType);
                         for (int i = 1; i < args.Count; i++) {
                             scriptExpression.AddParameterValue(args[i]);
diff --git a/src/Core/Compiler/Generator/ExpressionGenerator.cs b/src/Core/Compiler/Generator/ExpressionGenerator.cs
index fe6e5ac3d..796d4e430 100644
--- a/src/Core/Compiler/Generator/ExpressionGenerator.cs
+++ b/src/Core/Compiler/Generator/ExpressionGenerator.cs
@@ -525,7 +525,7 @@ private static void GenerateInlineScriptExpression(ScriptGenerator generator, Me
                     }
                 }
 
-                script = String.Format(script, parameterScripts);
+                script = String.Format(CultureInfo.InvariantCulture, script, parameterScripts);
             }
 
             writer.Write(script);
diff --git a/tests/TestCases/Validation/InlineScript/Code.cs b/tests/TestCases/Validation/InlineScript/Code.cs
index 28de5655f..5ee3257a6 100644
--- a/tests/TestCases/Validation/InlineScript/Code.cs
+++ b/tests/TestCases/Validation/InlineScript/Code.cs
@@ -13,6 +13,7 @@ public void Test(int arg) {
             string scriptTemplate = "alert({0} + {1})";
             
             Script.Literal(scriptTemplate, a, a);
+            Script.Literal("alert({name:{0}})", "aaa");
         }
     }
 }
diff --git a/tests/ValidationTests.cs b/tests/ValidationTests.cs
index ff598d290..1d608b69e 100644
--- a/tests/ValidationTests.cs
+++ b/tests/ValidationTests.cs
@@ -114,7 +114,8 @@ public void TestImplicitEnums() {
         [TestMethod]
         public void TestInlineScript() {
             string expectedErrors =
-                "The argument to Script.Literal must be a constant string. Code.cs(15, 28)";
+                "The argument to Script.Literal must be a constant string. Code.cs(15, 28)" + Environment.NewLine +
+                "The argument to Script.Literal must be a valid String.Format string. Code.cs(16, 28)";
 
             Compilation compilation = CreateCompilation();
             compilation.AddSource("Code.cs");