org.apache.bcel.generic.ConstantPoolGen

Here are the examples of the java api org.apache.bcel.generic.ConstantPoolGen taken from open source projects. By voting up you can indicate which examples are most useful and appropriate.

170 Examples 7

19 Source : StreamResourceTracker.java
with GNU Lesser General Public License v2.1
from spotbugs

public boolean isResourceOpen(BasicBlock basicBlock, InstructionHandle handle, ConstantPoolGen cpg, Stream resource, ResourceValueFrame frame) {
    return resource.isStreamOpen(basicBlock, handle, cpg, frame);
}

19 Source : StreamResourceTracker.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public ResourceValueFrameModelingVisitor createVisitor(Stream resource, ConstantPoolGen cpg) {
    return new StreamFrameModelingVisitor(cpg, this, resource);
}

19 Source : StreamResourceTracker.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public Stream isResourceCreation(BasicBlock basicBlock, InstructionHandle handle, ConstantPoolGen cpg) {
    // Use precomputed map of Locations to Stream creations,
    // if present. Note that we don't care about preexisting
    // resources here.
    if (resourceCollection != null) {
        return resourceCollection.getCreatedResource(new Location(handle, basicBlock));
    }
    Instruction ins = handle.getInstruction();
    if (!(ins instanceof TypedInstruction)) {
        return null;
    }
    Type type = ((TypedInstruction) ins).getType(cpg);
    if (!(type instanceof ObjectType)) {
        return null;
    }
    Location location = new Location(handle, basicBlock);
    // All StreamFactories are given an opportunity to
    // look at the location and possibly identify a created stream.
    for (StreamFactory aStreamFactoryList : streamFactoryList) {
        Stream stream = aStreamFactoryList.createStream(location, (ObjectType) type, cpg, lookupFailureCallback);
        if (stream != null) {
            return stream;
        }
    }
    return null;
}

19 Source : StreamResourceTracker.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public boolean mightCloseResource(BasicBlock basicBlock, InstructionHandle handle, ConstantPoolGen cpg) throws DataflowreplacedysisException {
    return Stream.mightCloseStream(basicBlock, handle, cpg);
}

19 Source : StreamResourceTracker.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public boolean isResourceClose(BasicBlock basicBlock, InstructionHandle handle, ConstantPoolGen cpg, Stream resource, ResourceValueFrame frame) {
    return resource.isStreamClose(basicBlock, handle, cpg, frame, lookupFailureCallback);
}

19 Source : StaticFieldLoadStreamFactory.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public Stream createStream(Location location, ObjectType type, ConstantPoolGen cpg, RepositoryLookupFailureCallback lookupFailureCallback) {
    Instruction ins = location.getHandle().getInstruction();
    if (ins.getOpcode() != Const.GETSTATIC) {
        return null;
    }
    GETSTATIC getstatic = (GETSTATIC) ins;
    if (!clreplacedName.equals(getstatic.getClreplacedName(cpg)) || !fieldName.equals(getstatic.getName(cpg)) || !fieldSig.equals(getstatic.getSignature(cpg))) {
        return null;
    }
    return new Stream(location, type.getClreplacedName(), streamBaseClreplaced).setIgnoreImplicitExceptions(true).setIsOpenOnCreation(true);
}

19 Source : IOStreamFactory.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public Stream createStream(Location location, ObjectType type, ConstantPoolGen cpg, RepositoryLookupFailureCallback lookupFailureCallback) {
    try {
        Instruction ins = location.getHandle().getInstruction();
        if (ins.getOpcode() != Const.NEW) {
            return null;
        }
        if (Hierarchy.isSubtype(type, baseClreplacedType)) {
            boolean isUninteresting = false;
            for (ObjectType aUninterestingSubclreplacedTypeList : uninterestingSubclreplacedTypeList) {
                if (Hierarchy.isSubtype(type, aUninterestingSubclreplacedTypeList)) {
                    isUninteresting = true;
                    break;
                }
            }
            Stream result = new Stream(location, type.getClreplacedName(), baseClreplacedType.getClreplacedName()).setIgnoreImplicitExceptions(true);
            if (!isUninteresting) {
                result.setInteresting(bugType);
            }
            return result;
        }
    } catch (ClreplacedNotFoundException e) {
        lookupFailureCallback.reportMissingClreplaced(e);
    }
    return null;
}

19 Source : InstanceFieldLoadStreamFactory.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public Stream createStream(Location location, ObjectType type, ConstantPoolGen cpg, RepositoryLookupFailureCallback lookupFailureCallback) {
    Instruction ins = location.getHandle().getInstruction();
    if (ins.getOpcode() != Const.GETFIELD) {
        return null;
    }
    String fieldClreplaced = type.getClreplacedName();
    try {
        if (fieldClreplaced.startsWith("[")) {
            return null;
        }
        if (!Hierarchy.isSubtype(fieldClreplaced, streamBaseClreplaced)) {
            return null;
        }
        Stream stream = new Stream(location, fieldClreplaced, streamBaseClreplaced);
        stream.setIsOpenOnCreation(true);
        stream.setOpenLocation(location);
        if (bugPatternType != null) {
            stream.setInteresting(bugPatternType);
        }
        // System.out.println("Instance field stream at " + location);
        return stream;
    } catch (ClreplacedNotFoundException e) {
        lookupFailureCallback.reportMissingClreplaced(e);
        return null;
    }
}

19 Source : FindSqlInjection.java
with GNU Lesser General Public License v2.1
from spotbugs

private boolean isStringAppend(Instruction ins, ConstantPoolGen cpg) {
    if (ins instanceof INVOKEVIRTUAL) {
        INVOKEVIRTUAL invoke = (INVOKEVIRTUAL) ins;
        if ("append".equals(invoke.getMethodName(cpg)) && invoke.getClreplacedName(cpg).startsWith("java.lang.StringB")) {
            String sig = invoke.getSignature(cpg);
            char firstChar = sig.charAt(1);
            return firstChar == '[' || firstChar == 'L';
        }
    }
    return false;
}

19 Source : FindSqlInjection.java
with GNU Lesser General Public License v2.1
from spotbugs

private StringAppendState updateStringAppendState(Location location, ConstantPoolGen cpg, StringAppendState stringAppendState) {
    InstructionHandle handle = location.getHandle();
    Instruction ins = handle.getInstruction();
    if (!isConstantStringLoad(location, cpg)) {
        throw new IllegalArgumentException("instruction must be LDC");
    }
    LDC load = (LDC) ins;
    Object value = load.getValue(cpg);
    String stringValue = ((String) value).trim();
    if (stringValue.startsWith(",") || stringValue.endsWith(",")) {
        stringAppendState.setSawComma(handle);
    }
    if (isCloseQuote(stringValue) && stringAppendState.getSawOpenQuote(handle)) {
        stringAppendState.setSawCloseQuote(handle);
    }
    if (isOpenQuote(stringValue)) {
        stringAppendState.setSawOpenQuote(handle);
    }
    return stringAppendState;
}

19 Source : FindSqlInjection.java
with GNU Lesser General Public License v2.1
from spotbugs

private boolean isConstantStringLoad(Location location, ConstantPoolGen cpg) {
    Instruction ins = location.getHandle().getInstruction();
    if (ins instanceof LDC) {
        LDC load = (LDC) ins;
        Object value = load.getValue(cpg);
        if (value instanceof String) {
            return true;
        }
    }
    return false;
}

19 Source : AnyMethodReturnValueStreamFactory.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public Stream createStream(Location location, ObjectType type, ConstantPoolGen cpg, RepositoryLookupFailureCallback lookupFailureCallback) {
    Instruction ins = location.getHandle().getInstruction();
    try {
        if (ins instanceof InvokeInstruction) {
            if (!Hierarchy.isSubtype(type, baseClreplacedType)) {
                return null;
            }
            Stream stream = new Stream(location, type.getClreplacedName(), baseClreplacedType.getClreplacedName()).setIsOpenOnCreation(true).setIgnoreImplicitExceptions(true);
            if (bugType != null) {
                stream.setInteresting(bugType);
            }
            return stream;
        }
    } catch (ClreplacedNotFoundException e) {
        lookupFailureCallback.reportMissingClreplaced(e);
    }
    return null;
}

19 Source : NullnessConversationInstruction.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public Type getType(ConstantPoolGen cp) {
    return Type.BOOLEAN;
}

19 Source : NullnessConversationInstruction.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public int consumeStack(ConstantPoolGen cpg) {
    return 1;
}

19 Source : NullnessConversationInstruction.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public int produceStack(ConstantPoolGen cpg) {
    return 1;
}

19 Source : ValueNumberFrameModelingVisitor.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public void visitGETSTATIC(GETSTATIC obj) {
    ConstantPoolGen cpg = getCPG();
    String fieldName = obj.getName(cpg);
    String fieldSig = obj.getSignature(cpg);
    ValueNumberFrame frame = getFrame();
    if (RLE_DEBUG) {
        System.out.println("GETSTATIC of " + fieldName + " : " + fieldSig);
    }
    // Is this an access of a Clreplaced object?
    if (fieldName.startsWith("clreplaced$") && "Ljava/lang/Clreplaced;".equals(fieldSig)) {
        String clreplacedName = fieldName.substring("clreplaced$".length()).replace('$', '.');
        if (RLE_DEBUG) {
            System.out.println("[found load of clreplaced object " + clreplacedName + "]");
        }
        ValueNumber value = factory.getClreplacedObjectValue(clreplacedName);
        frame.pushValue(value);
        return;
    }
    XField xfield = Hierarchy.findXField(obj, getCPG());
    if (xfield != null) {
        if (xfield.isVolatile()) {
            getFrame().killAllLoads();
        }
        if (doRedundantLoadElimination()) {
            loadStaticField(xfield, obj);
            return;
        }
    }
    handleNormalInstruction(obj);
}

19 Source : TargetEnumeratingVisitor.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * Visitor to find all of the targets of an instruction whose InstructionHandle
 * is given. Note that we don't consider exception edges.
 *
 * @author David Hovemeyer
 * @author Chadd Williams
 */
public clreplaced TargetEnumeratingVisitor extends org.apache.bcel.generic.EmptyVisitor implements EdgeTypes {

    private final InstructionHandle handle;

    private final ConstantPoolGen constPoolGen;

    private final LinkedList<Target> targetList;

    private boolean isBranch, isReturn, isThrow, isExit;

    /**
     * Constructor.
     *
     * @param handle
     *            the handle of the instruction whose targets should be
     *            enumerated
     * @param constPoolGen
     *            the ConstantPoolGen object for the clreplaced
     */
    public TargetEnumeratingVisitor(InstructionHandle handle, ConstantPoolGen constPoolGen) {
        this.handle = handle;
        this.constPoolGen = constPoolGen;
        targetList = new LinkedList<>();
        isBranch = isReturn = isThrow = isExit = false;
        handle.getInstruction().accept(this);
    }

    /**
     * Is the instruction the end of a basic block?
     */
    public boolean isEndOfBasicBlock() {
        return isBranch || isReturn || isThrow || isExit;
    }

    /**
     * Is the replacedyzed instruction a method return?
     */
    public boolean instructionIsReturn() {
        return isReturn;
    }

    /**
     * Is the replacedyzed instruction an explicit throw?
     */
    public boolean instructionIsThrow() {
        return isThrow;
    }

    /**
     * Is the replacedyzed instruction an exit (call to System.exit())?
     */
    public boolean instructionIsExit() {
        return isExit;
    }

    /**
     * Iterate over Target objects representing control flow targets and their
     * edge types.
     */
    public Iterator<Target> targereplacederator() {
        return targetList.iterator();
    }

    @Override
    public void visitGotoInstruction(GotoInstruction ins) {
        isBranch = true;
        InstructionHandle target = ins.getTarget();
        if (target == null) {
            throw new IllegalStateException();
        }
        targetList.add(new Target(target, GOTO_EDGE));
    }

    @Override
    public void visitIfInstruction(IfInstruction ins) {
        isBranch = true;
        InstructionHandle target = ins.getTarget();
        if (target == null) {
            throw new IllegalStateException();
        }
        targetList.add(new Target(target, IFCMP_EDGE));
        InstructionHandle fallThrough = handle.getNext();
        targetList.add(new Target(fallThrough, FALL_THROUGH_EDGE));
    }

    @Override
    public void visitSelect(Select ins) {
        isBranch = true;
        // Add non-default switch edges.
        InstructionHandle[] targets = ins.getTargets();
        for (InstructionHandle target : targets) {
            targetList.add(new Target(target, SWITCH_EDGE));
        }
        // Add default switch edge.
        InstructionHandle defaultTarget = ins.getTarget();
        if (defaultTarget == null) {
            throw new IllegalStateException();
        }
        targetList.add(new Target(defaultTarget, SWITCH_DEFAULT_EDGE));
    }

    @Override
    public void visitReturnInstruction(ReturnInstruction ins) {
        isReturn = true;
    }

    @Override
    public void visitATHROW(ATHROW ins) {
        isThrow = true;
    }

    @Override
    public void visitINVOKESTATIC(INVOKESTATIC ins) {
        // Find calls to System.exit(), since this effectively terminates the
        // basic block.
        String clreplacedName = ins.getClreplacedName(constPoolGen);
        String methodName = ins.getName(constPoolGen);
        String methodSig = ins.getSignature(constPoolGen);
        if ("java.lang.System".equals(clreplacedName) && "exit".equals(methodName) && "(I)V".equals(methodSig)) {
            isExit = true;
        }
    }
}

19 Source : StackDepthAnalysis.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * A really simple forward dataflow replacedysis to find the depth of the Java
 * operand stack. This is more of a proof of concept for the dataflow replacedysis
 * framework than anything useful.
 *
 * @see Dataflow
 * @see Dataflowreplacedysis
 */
public clreplaced StackDepthreplacedysis extends ForwardDataflowreplacedysis<StackDepth> {

    public static final int TOP = -1;

    public static final int BOTTOM = -2;

    private final ConstantPoolGen cpg;

    /**
     * Constructor.
     *
     * @param cpg
     *            the ConstantPoolGen of the method whose CFG we're performing
     *            the replacedysis on
     * @param dfs
     *            DepthFirstSearch of the method's CFG
     */
    public StackDepthreplacedysis(ConstantPoolGen cpg, DepthFirstSearch dfs) {
        super(dfs);
        this.cpg = cpg;
    }

    @Override
    public StackDepth createFact() {
        return new StackDepth(TOP);
    }

    @Override
    public void makeFactTop(StackDepth fact) {
        fact.setDepth(TOP);
    }

    @Override
    public boolean isTop(StackDepth fact) {
        return fact.getDepth() == TOP;
    }

    @Override
    public boolean isFactValid(StackDepth fact) {
        int depth = fact.getDepth();
        return depth != TOP && depth != BOTTOM;
    }

    @Override
    public void copy(StackDepth source, StackDepth dest) {
        dest.setDepth(source.getDepth());
    }

    @Override
    public void initEntryFact(StackDepth entryFact) {
        // stack depth == 0 at entry to CFG
        entryFact.setDepth(0);
    }

    @Override
    public boolean same(StackDepth fact1, StackDepth fact2) {
        return fact1.getDepth() == fact2.getDepth();
    }

    @Override
    public void transferInstruction(InstructionHandle handle, BasicBlock basicBlock, StackDepth fact) throws DataflowreplacedysisException {
        Instruction ins = handle.getInstruction();
        int produced = ins.produceStack(cpg);
        int consumed = ins.consumeStack(cpg);
        if (produced == Const.UNPREDICTABLE || consumed == Const.UNPREDICTABLE) {
            throw new IllegalStateException("Unpredictable stack delta for instruction: " + handle);
        }
        int depth = fact.getDepth();
        depth += (produced - consumed);
        if (depth < 0) {
            fact.setDepth(BOTTOM);
        } else {
            fact.setDepth(depth);
        }
    }

    @Override
    public void meetInto(StackDepth fact, Edge edge, StackDepth result) {
        int a = fact.getDepth();
        int b = result.getDepth();
        int combined;
        if (a == TOP) {
            combined = b;
        } else if (b == TOP) {
            combined = a;
        } else if (a == BOTTOM || b == BOTTOM || a != b) {
            combined = BOTTOM;
        } else {
            combined = a;
        }
        result.setDepth(combined);
    }
    // /**
    // * Command line driver, for testing.
    // */
    // public static void main(String[] argv) throws Exception {
    // if (argv.length != 1) {
    // System.out.println("Usage: " + StackDepthreplacedysis.clreplaced.getName() +
    // " <clreplaced file>");
    // System.exit(1);
    // }
    // 
    // DataflowTestDriver<StackDepth, StackDepthreplacedysis> driver = new
    // DataflowTestDriver<StackDepth, StackDepthreplacedysis>() {
    // @Override
    // public Dataflow<StackDepth, StackDepthreplacedysis>
    // createDataflow(ClreplacedContext clreplacedContext, Method method)
    // throws CFGBuilderException, DataflowreplacedysisException {
    // 
    // DepthFirstSearch dfs = clreplacedContext.getDepthFirstSearch(method);
    // CFG cfg = clreplacedContext.getCFG(method);
    // 
    // StackDepthreplacedysis replacedysis = new
    // StackDepthreplacedysis(clreplacedContext.getConstantPoolGen(), dfs);
    // Dataflow<StackDepth, StackDepthreplacedysis> dataflow = new
    // Dataflow<StackDepth, StackDepthreplacedysis>(cfg, replacedysis);
    // dataflow.execute();
    // 
    // return dataflow;
    // }
    // };
    // 
    // driver.execute(argv[0]);
    // }
}

19 Source : SignatureParser.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * Get the number of parameters preplaceded to method invocation.
 *
 * @param inv
 * @param cpg
 * @return int number of parameters
 */
public static int getNumParametersForInvocation(InvokeInstruction inv, ConstantPoolGen cpg) {
    SignatureParser sigParser = new SignatureParser(inv.getSignature(cpg));
    return sigParser.getNumParameters();
}

19 Source : InstructionActionCache.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * A cache for looking up the collection of ObligationPolicyDatabaseActions
 * replacedociated with a given InstructionHandle. Avoids the need for repeated
 * (slow) lookups.
 *
 * @author David Hovemeyer
 */
public clreplaced InstructionActionCache {

    private static final boolean DEBUG_LOOKUP = SystemProperties.getBoolean("oa.debug.lookup");

    private final ObligationPolicyDatabase database;

    private final Map<InstructionHandle, Collection<ObligationPolicyDatabaseAction>> actionCache;

    private final XMethod xmethod;

    private final TypeDataflow typeDataflow;

    private final ConstantPoolGen cpg;

    public InstructionActionCache(ObligationPolicyDatabase database, XMethod xmethod, ConstantPoolGen cpg, TypeDataflow typeDataflow) {
        this.database = database;
        this.actionCache = new HashMap<>();
        this.xmethod = xmethod;
        this.cpg = cpg;
        this.typeDataflow = typeDataflow;
    }

    static final ClreplacedDescriptor WILL_CLOSE = DescriptorFactory.createClreplacedDescriptor(WillClose.clreplaced);

    public Collection<ObligationPolicyDatabaseAction> getActions(BasicBlock block, InstructionHandle handle) {
        Collection<ObligationPolicyDatabaseAction> actionList = actionCache.get(handle);
        if (actionList == null) {
            Instruction ins = handle.getInstruction();
            actionList = Collections.emptyList();
            if (ins instanceof InvokeInstruction) {
                if (ins instanceof INVOKEDYNAMIC) {
                    return actionList;
                }
                InvokeInstruction inv = (InvokeInstruction) ins;
                XMethod invokedMethod = XFactory.createXMethod(inv, cpg);
                String signature = invokedMethod.getSignature();
                String methodName = invokedMethod.getName();
                if (DEBUG_LOOKUP) {
                    System.out.println("Looking up actions for call to " + invokedMethod);
                }
                if (invokedMethod.getAnnotationDescriptors().contains(WILL_CLOSE) && methodName.startsWith("close") && signature.endsWith(")V")) {
                    actionList = Collections.singletonList(ObligationPolicyDatabaseAction.CLEAR);
                } else if (signature.indexOf(';') >= -1) {
                    ReferenceType receiverType = inv.getReferenceType(cpg);
                    boolean isStatic = inv.getOpcode() == Const.INVOKESTATIC;
                    actionList = new LinkedList<>();
                    database.getActions(receiverType, methodName, signature, isStatic, actionList);
                    if (actionList.isEmpty()) {
                        try {
                            TypeFrame factAtLocation = null;
                            SignatureParser sigParser = new SignatureParser(signature);
                            // int startIndex = 0;
                            // if (!xmethod.isStatic())
                            // startIndex = 1;
                            Iterator<String> signatureIterator = sigParser.parameterSignatureIterator();
                            int parameters = sigParser.getNumParameters();
                            for (int i = 0; i < parameters; i++) {
                                String sig = signatureIterator.next();
                                Collection<ClreplacedDescriptor> annotations = invokedMethod.getParameterAnnotationDescriptors(i);
                                if (annotations.contains(WILL_CLOSE) || "Ljava/io/Closeable;".equals(sig) || methodName.startsWith("close")) {
                                    // closing this value
                                    if (factAtLocation == null) {
                                        factAtLocation = typeDataflow.getFactAtLocation(new Location(handle, block));
                                    }
                                    Type argumentType = factAtLocation.getArgument(inv, cpg, i, sigParser);
                                    if (argumentType instanceof ObjectType) {
                                        Obligation obligation = database.getFactory().getObligationByType((ObjectType) argumentType);
                                        if (obligation != null) {
                                            actionList.add(new ObligationPolicyDatabaseAction(ObligationPolicyDatabaseActionType.DEL, obligation));
                                        }
                                    }
                                }
                            }
                        } catch (CheckedreplacedysisException e) {
                            replacedysisContext.logError("Error checking " + invokedMethod, e);
                        } catch (ClreplacedNotFoundException e) {
                            replacedysisContext.reportMissingClreplaced(e);
                        } finally {
                        }
                    }
                    if (DEBUG_LOOKUP && !actionList.isEmpty()) {
                        System.out.println("  At " + handle + ": " + actionList);
                    }
                }
            } else if (ins instanceof PUTFIELD || ins instanceof PUTSTATIC || ins instanceof ARETURN) {
                Location loc = new Location(handle, block);
                try {
                    TypeFrame typeFrame = typeDataflow.getFactAtLocation(loc);
                    if (typeFrame.isValid()) {
                        Type tosType = typeFrame.getTopValue();
                        if (tosType instanceof ObjectType) {
                            ObligationFactory factory = database.getFactory();
                            Obligation obligation = factory.getObligationByType((ObjectType) tosType);
                            if (obligation != null) {
                                if ("java.sql.ResultSet".equals(obligation.getClreplacedName())) {
                                    ObjectType sType = ObjectTypeFactory.getInstance(java.sql.Statement.clreplaced);
                                    Obligation sObligation = factory.getObligationByType(sType);
                                    actionList = Arrays.asList(new ObligationPolicyDatabaseAction(ObligationPolicyDatabaseActionType.DEL, obligation), new ObligationPolicyDatabaseAction(ObligationPolicyDatabaseActionType.DEL, sObligation));
                                } else {
                                    actionList = Collections.singleton(new ObligationPolicyDatabaseAction(ObligationPolicyDatabaseActionType.DEL, obligation));
                                }
                            }
                        }
                    }
                } catch (ClreplacedNotFoundException e) {
                    replacedysisContext.reportMissingClreplaced(e);
                } catch (Exception e) {
                    replacedysisContext.logError("Error in checking obligation replacedysis for " + xmethod, e);
                }
            }
            actionCache.put(handle, actionList);
        }
        return actionList;
    }

    public boolean addsObligation(BasicBlock block, InstructionHandle handle, Obligation obligation) {
        return hasAction(block, handle, obligation, ObligationPolicyDatabaseActionType.ADD);
    }

    public boolean deletesObligation(BasicBlock block, InstructionHandle handle, Obligation obligation) {
        return hasAction(block, handle, obligation, ObligationPolicyDatabaseActionType.DEL);
    }

    private boolean hasAction(BasicBlock block, InstructionHandle handle, Obligation obligation, ObligationPolicyDatabaseActionType actionType) {
        Collection<ObligationPolicyDatabaseAction> actionList = getActions(block, handle);
        for (ObligationPolicyDatabaseAction action : actionList) {
            if (action.getActionType() == actionType && action.getObligation().equals(obligation)) {
                return true;
            }
        }
        return false;
    }
}

19 Source : FieldSetAnalysis.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * @author David Hovemeyer
 */
public abstract clreplaced FieldSetreplacedysis extends ForwardDataflowreplacedysis<FieldSet> {

    private final ConstantPoolGen cpg;

    private final Map<InstructionHandle, XField> instructionToFieldMap;

    public FieldSetreplacedysis(DepthFirstSearch dfs, ConstantPoolGen cpg) {
        super(dfs);
        this.cpg = cpg;
        this.instructionToFieldMap = new HashMap<>();
    }

    public ConstantPoolGen getCPG() {
        return cpg;
    }

    @Override
    public void makeFactTop(FieldSet fact) {
        fact.setTop();
    }

    @Override
    public boolean isTop(FieldSet fact) {
        return fact.isTop();
    }

    @Override
    public void initEntryFact(FieldSet result) throws DataflowreplacedysisException {
        result.clear();
    }

    // public void initResultFact(FieldSet result) {
    // makeFactTop(result);
    // }
    @Override
    public void meetInto(FieldSet fact, Edge edge, FieldSet result) throws DataflowreplacedysisException {
        result.mergeWith(fact);
    }

    @Override
    public boolean same(FieldSet fact1, FieldSet fact2) {
        return fact1.sameAs(fact2);
    }

    @Override
    public FieldSet createFact() {
        return new FieldSet();
    }

    @Override
    public boolean isFactValid(FieldSet fact) {
        return fact.isValid();
    }

    @Override
    public void copy(FieldSet source, FieldSet dest) {
        dest.copyFrom(source);
    }

    @Override
    public void transferInstruction(InstructionHandle handle, BasicBlock basicBlock, FieldSet fact) throws DataflowreplacedysisException {
        if (!isFactValid(fact)) {
            return;
        }
        handleInstruction(handle, basicBlock, fact);
    }

    private void handleInstruction(InstructionHandle handle, BasicBlock basicBlock, FieldSet fact) {
        Instruction ins = handle.getInstruction();
        short opcode = ins.getOpcode();
        XField field;
        switch(opcode) {
            case Const.GETFIELD:
            case Const.GETSTATIC:
                field = lookupField(handle, (FieldInstruction) ins);
                if (field != null) {
                    sawLoad(fact, field);
                }
                break;
            case Const.PUTFIELD:
            case Const.PUTSTATIC:
                field = lookupField(handle, (FieldInstruction) ins);
                if (field != null) {
                    sawStore(fact, field);
                }
                break;
            case Const.INVOKEINTERFACE:
            case Const.INVOKESPECIAL:
            case Const.INVOKESTATIC:
            case Const.INVOKEVIRTUAL:
                // replacedume that the called method replacedigns loads and stores all
                // possible fields
                fact.setBottom();
                break;
            default:
                break;
        }
    }

    @CheckForNull
    private XField lookupField(InstructionHandle handle, FieldInstruction fins) {
        XField field = instructionToFieldMap.get(handle);
        if (field == null) {
            field = Hierarchy.findXField(fins, getCPG());
            instructionToFieldMap.put(handle, field);
        }
        return field;
    }

    protected abstract void sawLoad(FieldSet fact, XField field);

    protected abstract void sawStore(FieldSet fact, XField field);
}

19 Source : Frame.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * Get the slot the object instance referred to by given instruction is
 * located in.
 *
 * @param ins
 *            the Instruction
 * @param cpg
 *            the ConstantPoolGen for the method
 * @return stack slot the object instance is in
 * @throws DataflowreplacedysisException
 */
public int getInstanceSlot(Instruction ins, ConstantPoolGen cpg) throws DataflowreplacedysisException {
    if (!isValid()) {
        throw new DataflowreplacedysisException("Accessing invalid frame at " + ins);
    }
    int numConsumed = ins.consumeStack(cpg);
    if (numConsumed == Const.UNPREDICTABLE) {
        throw new DataflowreplacedysisException("Unpredictable stack consumption in " + ins);
    }
    if (numConsumed > getStackDepth()) {
        throw new DataflowreplacedysisException("Stack underflow " + ins);
    }
    return getNumSlots() - numConsumed;
}

19 Source : Frame.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * Get the stack location (counting down from top of stack, starting at 0)
 * containing the object instance referred to by given instruction. This
 * relies on the observation that in instructions which use an object
 * instance (such as getfield, invokevirtual, etc.), the object instance is
 * the first operand used by the instruction.
 *
 * <p>
 * The value returned may be preplaceded to getStackValue(int).
 * </p>
 *
 * @param ins
 *            the Instruction
 * @param cpg
 *            the ConstantPoolGen for the method
 * @return stack location (counting down from top of stack, starting at 0)
 *         containing the object instance
 * @throws DataflowreplacedysisException
 */
public int getInstanceStackLocation(Instruction ins, ConstantPoolGen cpg) throws DataflowreplacedysisException {
    int numConsumed = ins.consumeStack(cpg);
    if (numConsumed == Const.UNPREDICTABLE) {
        throw new DataflowreplacedysisException("Unpredictable stack consumption in " + ins);
    }
    return numConsumed - 1;
}

19 Source : Frame.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * Get the value corresponding to the object instance used in the given
 * instruction. This relies on the observation that in instructions which
 * use an object instance (such as getfield, invokevirtual, etc.), the
 * object instance is the first operand used by the instruction.
 *
 * @param ins
 *            the instruction
 * @param cpg
 *            the ConstantPoolGen for the method
 */
public ValueType getInstance(Instruction ins, ConstantPoolGen cpg) throws DataflowreplacedysisException {
    return getStackValue(getInstanceStackLocation(ins, cpg));
}

19 Source : UnconditionalValueDerefAnalysis.java
with GNU Lesser General Public License v2.1
from spotbugs

public static boolean isNullCheck(InstructionHandle h, ConstantPoolGen cpg) {
    if (!(h.getInstruction() instanceof IFNONNULL)) {
        return false;
    }
    h = h.getNext();
    final Instruction newInstruction = h.getInstruction();
    if (!(newInstruction instanceof NEW)) {
        return false;
    }
    final ObjectType loadClreplacedType = ((NEW) newInstruction).getLoadClreplacedType(cpg);
    if (!"java.lang.NullPointerException".equals(loadClreplacedType.getClreplacedName())) {
        return false;
    }
    h = h.getNext();
    return check(h, NULLCHECK1) || check(h, NULLCHECK2);
}

19 Source : Wild.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg, ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowreplacedysisException {
    return new MatchResult(this, bindingSet);
}

19 Source : Opcode.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg, ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowreplacedysisException {
    if (handle.getInstruction().getOpcode() == opcode) {
        return new MatchResult(this, bindingSet);
    } else {
        return null;
    }
}

19 Source : New.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg, ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowreplacedysisException {
    Instruction ins = handle.getInstruction();
    if (!(ins instanceof NEW)) {
        return null;
    }
    LocalVariable result = new LocalVariable(after.getTopValue());
    return addOrCheckDefinition(result, bindingSet);
}

19 Source : Monitorenter.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg, ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowreplacedysisException {
    // Instruction must be MONITORENTER.
    Instruction ins = handle.getInstruction();
    if (!(ins instanceof MONITORENTER)) {
        return null;
    }
    // Ensure the object being locked matches any previous
    // instructions which bound our variable name to a value.
    Variable lock = new LocalVariable(before.getTopValue());
    return addOrCheckDefinition(lock, bindingSet);
}

19 Source : MatchAny.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg, ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowreplacedysisException {
    for (PatternElement child : childList) {
        MatchResult matchResult = child.match(handle, cpg, before, after, bindingSet);
        if (matchResult != null) {
            return matchResult;
        }
    }
    return null;
}

19 Source : Invoke.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg, ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowreplacedysisException {
    // See if the instruction is an InvokeInstruction
    Instruction ins = handle.getInstruction();
    if (!(ins instanceof InvokeInstruction)) {
        return null;
    }
    InvokeInstruction inv = (InvokeInstruction) ins;
    String methodName = inv.getMethodName(cpg);
    boolean isStatic = inv.getOpcode() == Const.INVOKESTATIC;
    boolean isCtor = Const.CONSTRUCTOR_NAME.equals(methodName);
    int actualMode = 0;
    if (isStatic) {
        actualMode |= STATIC;
    }
    if (isCtor) {
        actualMode |= CONSTRUCTOR;
    }
    if (!isStatic && !isCtor) {
        actualMode |= INSTANCE;
    }
    // Intersection of actual and desired modes must be nonempty.
    if ((actualMode & mode) == 0) {
        return null;
    }
    // Check clreplaced name, method name, and method signature.
    if (!methodNameMatcher.match(methodName) || !methodSigMatcher.match(inv.getSignature(cpg)) || !clreplacedNameMatcher.match(inv.getClreplacedName(cpg))) {
        return null;
    }
    // It's a match!
    return new MatchResult(this, bindingSet);
}

19 Source : IfNull.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg, ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowreplacedysisException {
    // Instruction must be IFNULL or IFNONNULL.
    Instruction ins = handle.getInstruction();
    if (!(ins instanceof IFNULL || ins instanceof IFNONNULL)) {
        return null;
    }
    // Ensure reference used is consistent with previous uses of
    // same variable.
    LocalVariable ref = new LocalVariable(before.getTopValue());
    return addOrCheckDefinition(ref, bindingSet);
}

19 Source : VisitorImpl.java
with GNU General Public License v3.0
from michaelmilleryoder

clreplaced VisitorImpl extends EmptyVisitor {

    private ConstantPool pool;

    private Log log;

    private Design design;

    private ConstantPoolGen poolGen;

    private InstructionVisitor visitor;

    private Location location;

    public VisitorImpl(ConstantPool pool, Log log, Design d, Location loc) {
        this.pool = pool;
        this.log = log;
        this.design = d;
        this.location = loc;
        this.poolGen = new ConstantPoolGen(pool);
        visitor = new InstructionVisitor(poolGen, log, d);
    }

    private void log(String s, int level) {
        log.log(s, level);
    }

    public void visitJavaClreplaced(JavaClreplaced c) {
        log("      super=" + c.getSuperclreplacedName(), Project.MSG_VERBOSE);
        String[] names = c.getInterfaceNames();
        String superClreplaced = c.getSuperclreplacedName();
        design.checkClreplaced(superClreplaced);
        for (int i = 0; i < names.length; i++) {
            log("      interfaces=" + names[i], Project.MSG_VERBOSE);
            design.checkClreplaced(names[i]);
        }
    }

    /**
     * @see org.apache.bcel.clreplacedfile.Visitor#visitField(org.apache.bcel.clreplacedfile.Field)
     */
    public void visitField(Field f) {
        String type = Utility.methodSignatureReturnType(f.getSignature());
        log("      field type=" + type, Project.MSG_VERBOSE);
        design.checkClreplaced(type);
    }

    /**
     * @see org.apache.bcel.clreplacedfile.Visitor#visitLocalVariable(org.apache.bcel.clreplacedfile.LocalVariable)
     */
    public void visitLocalVariable(LocalVariable v) {
        String type = Utility.methodSignatureReturnType(v.getSignature());
        log("         localVar type=" + type, Project.MSG_VERBOSE);
        design.checkClreplaced(type);
    }

    /**
     * @see org.apache.bcel.clreplacedfile.Visitor#visitMethod(org.apache.bcel.clreplacedfile.Method)
     */
    public void visitMethod(Method m) {
        log("      method=" + m.getName(), Project.MSG_VERBOSE);
        String retType = Utility.methodSignatureReturnType(m.getSignature());
        log("         method ret type=" + retType, Project.MSG_VERBOSE);
        if (!"void".equals(retType))
            design.checkClreplaced(retType);
        String[] types = Utility.methodSignatureArgumentTypes(m.getSignature());
        for (int i = 0; i < types.length; i++) {
            log("         method param[" + i + "]=" + types[i], Project.MSG_VERBOSE);
            design.checkClreplaced(types[i]);
        }
        ExceptionTable excs = m.getExceptionTable();
        if (excs != null) {
            types = excs.getExceptionNames();
            for (int i = 0; i < types.length; i++) {
                log("         exc=" + types[i], Project.MSG_VERBOSE);
                design.checkClreplaced(types[i]);
            }
        }
        processInstructions(m);
    }

    private void processInstructions(Method m) {
        MethodGen mg = new MethodGen(m, design.getCurrentClreplaced(), poolGen);
        if (!mg.isAbstract() && !mg.isNative()) {
            InstructionHandle ih = mg.getInstructionList().getStart();
            for (; ih != null; ih = ih.getNext()) {
                Instruction i = ih.getInstruction();
                log("         instr=" + i, Project.MSG_DEBUG);
                // if (i instanceof BranchInstruction) {
                // branch_map.put(i, ih); // memorize container
                // }
                // if (ih.hasTargeters()) {
                // if (i instanceof BranchInstruction) {
                // _out.println(" InstructionHandle ih_"
                // + ih.getPosition() + ";");
                // } else {
                // _out.print(" InstructionHandle ih_"
                // + ih.getPosition() + " = ");
                // }
                // } else {
                // _out.print(" ");
                // }
                // if (!visitInstruction(i))
                i.accept(visitor);
            }
        // CodeExceptionGen[] handlers = mg.getExceptionHandlers();
        // 
        // log("handlers len="+handlers.length, Project.MSG_DEBUG);
        // for (int i = 0; i < handlers.length; i++) {
        // CodeExceptionGen h = handlers[i];
        // ObjectType t = h.getCatchType();
        // log("type="+t, Project.MSG_DEBUG);
        // if(t != null) {
        // log("type="+t.getClreplacedName(), Project.MSG_DEBUG);
        // }
        // }
        // updateExceptionHandlers();
        }
    }

    public void visitCodeException(CodeException c) {
        String s = c.toString(pool, false);
        int catch_type = c.getCatchType();
        if (catch_type == 0)
            return;
        String temp = pool.getConstantString(catch_type, Constants.CONSTANT_Clreplaced);
        String str = Utility.compactClreplacedName(temp, false);
        log("         catch=" + str, Project.MSG_DEBUG);
        design.checkClreplaced(str);
    }

    // 
    public void visitCode(Code c) {
        LineNumberTable table = c.getLineNumberTable();
        // LocalVariableTable table = c.getLocalVariableTable();
        if (table == null)
            throw new BuildException(getNoDebugMsg(design.getCurrentClreplaced()), location);
    }

    public static String getNoDebugMsg(String clreplacedName) {
        String s = "Clreplaced=" + clreplacedName + " was not compiled with the debug option(-g) and\n" + "therefore verifydesign cannot be used on this jar.  Please compile your code\n" + "with -g option in javac or debug=\"true\" in the ant build.xml file";
        return s;
    }

    /**
     * @param jarName
     * @return
     */
    public static String getNoFileMsg(File jarName) {
        String s = "File you specified in your path(or jar attribute)='" + jarName.getAbsolutePath() + "' does not exist";
        return s;
    }
}

19 Source : InstructionVisitor.java
with GNU General Public License v3.0
from michaelmilleryoder

public clreplaced InstructionVisitor extends EmptyVisitor {

    private ConstantPoolGen poolGen;

    private Log log;

    private Design design;

    /**
     * @param poolGen
     * @param v
     */
    public InstructionVisitor(ConstantPoolGen poolGen, Log log, Design d) {
        this.poolGen = poolGen;
        this.log = log;
        this.design = d;
    }

    public void visitCHECKCAST(CHECKCAST c) {
        Type t = c.getType(poolGen);
        log.log("         instr(checkcast)=" + t, Project.MSG_DEBUG);
        String type = t.toString();
        design.checkClreplaced(type);
    }

    public void visitLoadInstruction(LoadInstruction l) {
        // log.log(" visit load", Project.MSG_DEBUG);
        Type t = l.getType(poolGen);
        log.log("         instr(loadinstr)=" + t, Project.MSG_DEBUG);
        String type = t.toString();
        design.checkClreplaced(type);
    }

    public void visitNEW(NEW n) {
        Type t = n.getType(poolGen);
        log.log("         instr(new)=" + t, Project.MSG_DEBUG);
        String type = t.toString();
        design.checkClreplaced(type);
    }

    public void visitANEWARRAY(ANEWARRAY n) {
        Type t = n.getType(poolGen);
        log.log("         instr(anewarray)=" + t, Project.MSG_DEBUG);
        String type = t.toString();
        design.checkClreplaced(type);
    }

    public void visitINSTANCEOF(INSTANCEOF i) {
        Type t = i.getType(poolGen);
        log.log("         instr(instanceof)=" + t, Project.MSG_DEBUG);
        String type = t.toString();
        design.checkClreplaced(type);
    }

    public void visitINVOKESTATIC(INVOKESTATIC s) {
        String t = s.getClreplacedName(poolGen);
        log.log("         instr(invokestatic)=" + t, Project.MSG_DEBUG);
        design.checkClreplaced(t);
    }

    public void visitPUTSTATIC(PUTSTATIC s) {
        String one = s.getClreplacedName(poolGen);
        String two = s.getFieldName(poolGen);
        String three = s.getName(poolGen);
        String four = s.getSignature(poolGen);
        String five = s.getClreplacedType(poolGen) + "";
        String six = s.getFieldType(poolGen) + "";
        log.log("         instr(putstatic)a=" + one, Project.MSG_DEBUG);
        log.log("         instr(putstatic)b=" + two, Project.MSG_DEBUG);
        log.log("         instr(putstatic)c=" + three, Project.MSG_DEBUG);
        log.log("         instr(putstatic)d=" + four, Project.MSG_DEBUG);
        log.log("         instr(putstatic)e=" + five, Project.MSG_DEBUG);
        log.log("         instr(putstatic)f=" + six, Project.MSG_DEBUG);
        String clreplacedName = s.getFieldName(poolGen);
        if ("staticField".equals(clreplacedName))
            return;
        if (clreplacedName.startsWith("clreplaced$") || clreplacedName.startsWith("array$"))
            ;
        else
            return;
        log.log("         instr(putstatic)1=" + clreplacedName, Project.MSG_DEBUG);
        clreplacedName = clreplacedName.substring(6, clreplacedName.length());
        log.log("         instr(putstatic)2=" + clreplacedName, Project.MSG_DEBUG);
        clreplacedName = clreplacedName.replace('$', '.');
        log.log("         instr(putstatic)3=" + clreplacedName, Project.MSG_DEBUG);
        design.checkClreplaced(clreplacedName);
    }
}

19 Source : TestHttpMethodVisitor.java
with GNU General Public License v3.0
from jpmorganchase

// duck-typing style heuristics to define test method as 'http client'
// 1. mentions http
// 2. link a method starting with http verb
// 4. references url-like constant string
// only one (first) link is detected
public clreplaced TestHttpMethodVisitor extends TestMethodVisitor {

    private static final Pattern HTTP_CLIENTS = Pattern.compile("(?i).*(http|mvc).*");

    private String httpReference = null;

    private String verbReference = null;

    private String verb = null;

    private String urlReference = null;

    private ConstantPoolGen cp;

    TestHttpMethodVisitor(Method m, JavaClreplaced jc, Context c) {
        super(m, jc, c);
        cp = new ConstantPoolGen(jc.getConstantPool());
    }

    private static boolean guessVerbMatchByMethodName(String verb, String methodName) {
        return "POST".equals(verb) && methodName.contains("Upload") || methodName.toUpperCase().startsWith(verb);
    }

    @Override
    public void start() {
        if (method.isAbstract() || method.isNative() || !testMethod) {
            return;
        }
        visitInstructions(method);
        if (httpReference != null && verbReference != null && urlReference != null) {
            context.addLink(LinkFactory.createInstance(context.getApplicationId(), new Vertex.Builder(javaClreplaced.getClreplacedName(), formatMethod(method)).build(), new Vertex.Builder(verb + " " + HttpConsts.HTTP_LOCALHOST, urlReference, context.getCurrentLocation()).markSpecial().build(), LinkType.HTTP_REQUEST));
        }
    }

    @Override
    public void visitInvokeInstruction(InvokeInstruction invokeInstruction) {
        String referencedType = invokeInstruction.getReferenceType(cp).toString();
        if (httpReference == null && HTTP_CLIENTS.matcher(referencedType).matches()) {
            String referencedMethod = HttpConsts.getHttpVerb().stream().filter(v -> guessVerbMatchByMethodName(v, invokeInstruction.getMethodName(cp))).findFirst().orElse(null);
            if (referencedMethod != null) {
                httpReference = referencedType;
                verbReference = invokeInstruction.getMethodName(cp);
                verb = referencedMethod;
            }
        }
    }

    @Override
    public void visitCPInstruction(CPInstruction i) {
        Constant constant = cp.getConstant(i.getIndex());
        if (constant.getTag() == CONSTANT_String) {
            String path = ((ConstantString) constant).getBytes(cp.getConstantPool());
            if (httpReference == null && verbReference == null && HttpConsts.RELATIVE_URL.matcher(path).matches()) {
                urlReference = path;
            }
        }
    }
}

19 Source : SpringMockMvcMethodVisitor.java
with GNU General Public License v3.0
from jpmorganchase

public clreplaced SpringMockMvcMethodVisitor extends TestMethodVisitor {

    private final ConstantPoolGen cp;

    private String value;

    private static final String MOCK_HTTP_REQUEST_BUILDER = "MockHttpServletRequestBuilder";

    SpringMockMvcMethodVisitor(Method m, JavaClreplaced jc, Context c) {
        super(m, jc, c);
        cp = new ConstantPoolGen(javaClreplaced.getConstantPool());
    }

    @Override
    public void start() {
        if (method.isAbstract() || method.isNative() || !testMethod) {
            return;
        }
        visitInstructions(method);
    }

    @Override
    public void visitLDC(LDC obj) {
        if (obj.getValue(cp) instanceof String) {
            String tmpValue = (String) obj.getValue(cp);
            if (tmpValue.contains("/")) {
                this.value = tmpValue;
            }
        }
    }

    @Override
    public void visitINVOKESTATIC(INVOKESTATIC obj) {
        if (obj.getType(cp).getSignature().contains(MOCK_HTTP_REQUEST_BUILDER)) {
            context.addLink(LinkFactory.createInstance(context.getApplicationId(), new Vertex.Builder(javaClreplaced.getClreplacedName(), formatMethod(method)).build(), new Vertex.Builder(obj.getMethodName(cp).toUpperCase() + " " + HttpConsts.HTTP_LOCALHOST, value, context.getCurrentLocation()).markSpecial().build(), LinkType.HTTP_REQUEST));
        }
    }
}

19 Source : RedirectVisitor.java
with GNU General Public License v3.0
from jpmorganchase

public clreplaced RedirectVisitor extends MethodVisitorBase {

    private final ConstantPoolGen cp;

    private boolean controllerSide;

    public RedirectVisitor(Method m, JavaClreplaced jc, Context c, boolean controllerSide) {
        super(m, jc, c);
        cp = new ConstantPoolGen(javaClreplaced.getConstantPool());
        this.controllerSide = controllerSide;
    }

    public void start() {
        if (method.isAbstract() || method.isNative()) {
            return;
        }
        visitInstructions(method);
    }

    @Override
    public void visitLDC(LDC obj) {
        if (obj.getValue(cp) instanceof String) {
            String url = (String) obj.getValue(cp);
            if (url.contains("/")) {
                addHttpLinks(HttpConsts.GET_METHOD, context, url, javaClreplaced.getClreplacedName(), formatMethod(method), controllerSide);
            }
        }
    }
}

19 Source : MethodUtils.java
with GNU General Public License v3.0
from jpmorganchase

public static String getMethodNameAndType(ConstantPoolGen cp, ConstantNameAndType methodNameType) {
    return getMethodNameAndType(cp.getConstantPool(), methodNameType);
}

19 Source : HardcodePasswordInMapDetector.java
with GNU Lesser General Public License v3.0
from blackarbiter

@Override
protected InjectionPoint getInjectionPoint(InvokeInstruction invoke, ConstantPoolGen cpg, InstructionHandle handle) {
    replacedert invoke != null && cpg != null;
    if (HASHTABLE_PUT_METHOD.matches(invoke, cpg) || HASHTABLE_SET_PROPERTY.matches(invoke, cpg)) {
        // Only the value is
        return new InjectionPoint(new int[] { 0 }, HARD_CODE_PreplacedWORD_TYPE);
    }
    return InjectionPoint.NONE;
}

19 Source : LegacyInjectionDetector.java
with GNU Lesser General Public License v3.0
from blackarbiter

@Override
protected InjectionPoint getInjectionPoint(InvokeInstruction invoke, ConstantPoolGen cpg, InstructionHandle handle) {
    InjectionPoint injectionPoint = null;
    for (InjectionSource source : getInjectionSource()) {
        injectionPoint = source.getInjectableParameters(invoke, cpg, handle);
        if (injectionPoint != InjectionPoint.NONE) {
            break;
        }
    }
    if (injectionPoint == null || injectionPoint == InjectionPoint.NONE) {
        injectionPoint = super.getInjectionPoint(invoke, cpg, handle);
    }
    return injectionPoint;
}

19 Source : CookieFlagsDetector.java
with GNU Lesser General Public License v3.0
from blackarbiter

private Location getSetSecureLocation(ConstantPoolGen cpg, Location startLocation, int stackLocation) {
    return getCookieInstructionLocation(cpg, startLocation, stackLocation, "javax.servlet.http.Cookie.setSecure");
}

19 Source : CookieFlagsDetector.java
with GNU Lesser General Public License v3.0
from blackarbiter

private Location getSetHttpOnlyLocation(ConstantPoolGen cpg, Location startLocation, int stackLocation) {
    return getCookieInstructionLocation(cpg, startLocation, stackLocation, "javax.servlet.http.Cookie.setHttpOnly");
}

19 Source : InvokeMatcherBuilder.java
with GNU Lesser General Public License v3.0
from blackarbiter

public boolean matches(Instruction instruction, ConstantPoolGen cpg) {
    if (instruction != null && instruction instanceof InvokeInstruction) {
        InvokeInstruction invokeInstruction = (InvokeInstruction) instruction;
        if (clreplacedesNames.size() != 0 && !clreplacedesNames.contains(invokeInstruction.getClreplacedName(cpg))) {
            return false;
        } else if (methodNames.size() != 0 && !methodNames.contains(invokeInstruction.getMethodName(cpg))) {
            return false;
        } else if (argSignatures.size() != 0 && !argSignatures.contains(invokeInstruction.getSignature(cpg))) {
            return false;
        }
        return true;
    }
    return false;
}

19 Source : WebViewLoadDataDetector.java
with GNU Lesser General Public License v3.0
from blackarbiter

@Override
protected InjectionPoint getInjectionPoint(InvokeInstruction invoke, ConstantPoolGen cpg, InstructionHandle handle) {
    replacedert invoke != null && cpg != null;
    String method = invoke.getMethodName(cpg);
    String sig = invoke.getSignature(cpg);
    // System.out.println(invoke.getClreplacedName(cpg));
    if (sig.contains("Ljava/lang/String;")) {
        if ("loadUrl".equals(method)) {
            if (sig.contains("Ljava/util/Map;")) {
                return new InjectionPoint(new int[] { 1 }, WEBVIEW_LOAD_DATA_URL_TYPE);
            } else {
                return new InjectionPoint(new int[] { 0 }, WEBVIEW_LOAD_DATA_URL_TYPE);
            }
        } else if ("loadData".equals(method)) {
            return new InjectionPoint(new int[] { 2 }, WEBVIEW_LOAD_DATA_URL_TYPE);
        } else if ("loadDataWithBaseURL".equals(method)) {
            // BUG
            return new InjectionPoint(new int[] { 4 }, WEBVIEW_LOAD_DATA_URL_TYPE);
        }
    }
    return InjectionPoint.NONE;
}

19 Source : BroadcastDetector.java
with GNU Lesser General Public License v3.0
from blackarbiter

@Override
protected InjectionPoint getInjectionPoint(InvokeInstruction invoke, ConstantPoolGen cpg, InstructionHandle handle) {
    replacedert invoke != null && cpg != null;
    String method = invoke.getMethodName(cpg);
    String sig = invoke.getSignature(cpg);
    // System.out.println(sig);
    if (sig.contains("Ljava/lang/String;")) {
        if (method.contains("send") && method.contains("Broadcast") && !method.contains("Sticky")) {
            // System.out.println(method);
            if ("sendOrderedBroadcastAsUser".equals(method)) {
                return new InjectionPoint(new int[] { 5 }, ANDROID_BROADCAST_TYPE);
            }
            if ("sendOrderedBroadcast".equals(method) && sig.contains("Landroid/content/BroadcastReceiver;")) {
                return new InjectionPoint(new int[] { 5 }, ANDROID_BROADCAST_TYPE);
            }
            return new InjectionPoint(new int[] { 0 }, ANDROID_BROADCAST_TYPE);
        }
    }
    return InjectionPoint.NONE;
}

18 Source : FieldAnnotation.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * Is the instruction a write of a field?
 *
 * @param ins
 *            the Instruction to check
 * @param cpg
 *            ConstantPoolGen of the method containing the instruction
 * @return the Field if instruction is a write of a field, null otherwise
 */
public static FieldAnnotation isWrite(Instruction ins, ConstantPoolGen cpg) {
    if (ins instanceof PUTFIELD || ins instanceof PUTSTATIC) {
        FieldInstruction fins = (FieldInstruction) ins;
        String clreplacedName = fins.getClreplacedName(cpg);
        return new FieldAnnotation(clreplacedName, fins.getName(cpg), fins.getSignature(cpg), fins instanceof PUTSTATIC);
    } else {
        return null;
    }
}

18 Source : FieldAnnotation.java
with GNU Lesser General Public License v2.1
from spotbugs

/**
 * Is the given instruction a read of a field?
 *
 * @param ins
 *            the Instruction to check
 * @param cpg
 *            ConstantPoolGen of the method containing the instruction
 * @return the Field if the instruction is a read of a field, null otherwise
 */
public static FieldAnnotation isRead(Instruction ins, ConstantPoolGen cpg) {
    if (ins instanceof GETFIELD || ins instanceof GETSTATIC) {
        FieldInstruction fins = (FieldInstruction) ins;
        String clreplacedName = fins.getClreplacedName(cpg);
        return new FieldAnnotation(clreplacedName, fins.getName(cpg), fins.getSignature(cpg), fins instanceof GETSTATIC);
    } else {
        return null;
    }
}

18 Source : StreamResourceTracker.java
with GNU Lesser General Public License v2.1
from spotbugs

@Override
public boolean ignoreExceptionEdge(Edge edge, Stream resource, ConstantPoolGen cpg) {
    return false;
}

18 Source : Stream.java
with GNU Lesser General Public License v2.1
from spotbugs

private boolean matchMethod(InvokeInstruction inv, ConstantPoolGen cpg, String clreplacedName, String methodName) {
    return inv.getClreplacedName(cpg).equals(clreplacedName) && inv.getName(cpg).equals(methodName);
}

18 Source : FindSqlInjection.java
with GNU Lesser General Public License v2.1
from spotbugs

private boolean isSafeValue(Location location, ConstantPoolGen cpg) throws CFGBuilderException {
    Instruction prevIns = location.getHandle().getInstruction();
    if (prevIns instanceof LDC || prevIns instanceof GETSTATIC) {
        return true;
    }
    if (prevIns instanceof InvokeInstruction) {
        String methodName = ((InvokeInstruction) prevIns).getMethodName(cpg);
        if (methodName.startsWith("to") && methodName.endsWith("String") && methodName.length() > 8) {
            return true;
        }
    }
    if (prevIns instanceof AALOAD) {
        CFG cfg = clreplacedContext.getCFG(method);
        Location prev = getPreviousLocation(cfg, location, true);
        if (prev != null) {
            Location prev2 = getPreviousLocation(cfg, prev, true);
            if (prev2 != null && prev2.getHandle().getInstruction() instanceof GETSTATIC) {
                GETSTATIC getStatic = (GETSTATIC) prev2.getHandle().getInstruction();
                if ("[Ljava/lang/String;".equals(getStatic.getSignature(cpg))) {
                    return true;
                }
            }
        }
    }
    return false;
}

See More Examples