/** * Create a MethodAnnotation from an XMethod. * * @param xmethod * the XMethod * @return the MethodAnnotation */ public static MethodAnnotation fromXMethod(XMethod xmethod) { return fromForeignMethod(xmethod.getClassName(), xmethod.getName(), xmethod.getSignature(), xmethod.isStatic()); }
/** * @param item stack item to check * @return true if this stack item is known to be newly created */ private static boolean isNew(OpcodeStack.Item item) { if(item.isNewlyAllocated()) { return true; } XMethod returnValueOf = item.getReturnValueOf(); if(returnValueOf == null) { return false; } if("iterator".equals(returnValueOf.getName()) && "()Ljava/util/Iterator;".equals(returnValueOf.getSignature()) && Subtypes2.instanceOf(returnValueOf.getClassName(), "java.lang.Iterable")) { return true; } if(returnValueOf.getClassName().startsWith("[") && returnValueOf.getName().equals("clone")) { return true; } if(NEW_OBJECT_RETURNING_METHODS.contains(returnValueOf.getMethodDescriptor())) { return true; } return false; }
@Override public void addMethodAnnotation(String cName, String mName, String sig, boolean isStatic, NullnessAnnotation annotation) { if (DEBUG) { System.out.println("addMethodAnnotation: annotate " + cName + "." + mName + " with " + annotation); } XMethod xmethod = getXMethod(cName, mName, sig, isStatic); if (xmethod == null) { return; } // Get JSR-305 nullness annotation type ClassDescriptor nullnessAnnotationType = getNullnessAnnotationClassDescriptor(annotation); // Create an AnnotationValue AnnotationValue annotationValue = new AnnotationValue(nullnessAnnotationType); // Destructively add the annotation to the MethodInfo object xmethod.addAnnotation(annotationValue); }
private static String getDetailedSignature(XMethod m2) { return m2.getName() + m2.getSignature() + m2.isStatic(); }
public static boolean assertsFirstParameterIsNonnull(XMethod m) { return ("checkNonNull".equalsIgnoreCase(m.getName()) || "checkNotNull".equalsIgnoreCase(m.getName()) // JDK 7 java.util.Objects.requireNonNull(Object) || "requireNonNull".equals(m.getName()) // org.eclipse.core.runtime.Assert(Object) || "isNotNull".equalsIgnoreCase(m.getName()) || "assertNotNull".equalsIgnoreCase(m.getName())) && m.getSignature().startsWith("(Ljava/lang/Object;"); }
if (invokedMethod.isResolved() && invokedMethod.getClassName().equals(getDottedClassConstantOperand()) || invokedMethod.isSynthetic()) { return; if (alternativeMethod.isResolved() && alternativeMethod.getClassName().equals(possibleTargetClass)) { String targetPackage = invokedMethod.getPackageName(); String alternativePackage = alternativeMethod.getPackageName(); int priority = HIGH_PRIORITY; if (targetPackage.equals(alternativePackage)) { priority += 2; if (invokedMethod.getName().equals(getMethodName())) { priority++; .addClassAndMethod(this).addMethod(invokedMethod).describe("METHOD_INHERITED") .addMethod(alternativeMethod).describe("METHOD_ALTERNATIVE_TARGET"); if(invokedMethod.getName().equals("iterator") && invokedMethod.getSignature().equals("()Ljava/util/Iterator;") && Subtypes2.instanceOf(getDottedClassName(), "java.lang.Iterable")) { iteratorBug = bug;
return false; String name = m.getName(); return false; if (!m.isPublic() && m.isResolved()) { return false; if (m.isStatic() || !m.isResolved()) { if ("compare".equals(name) && m.getClassName().startsWith("com.google.common.primitives.")) { return true; if (!m.isStatic() || !m.isResolved()) { if ("compareTo".equals(name) && "(Ljava/lang/Object;)I".equals(m.getSignature())) { return true; if ("compare".equals(name) && "(Ljava/lang/Object;Ljava/lang/Object;)I".equals(m.getSignature())) { return true;
if (noSideEffectMethods.excluded(callSeen.getMethodDescriptor())) { sawExcludedNSECall = true; if (noSideEffectMethods.hasNoSideEffect(callSeen.getMethodDescriptor())) { int priority = NORMAL_PRIORITY; Type callReturnType = Type.getReturnType(callSeen.getMethodDescriptor().getSignature()); Type methodReturnType = Type.getReturnType(getMethodSig()); if(callReturnType.equals(methodReturnType) && callReturnType != Type.BOOLEAN && callReturnType != Type.VOID) { priority = HIGH_PRIORITY; } else { String callReturnClass = callSeen.getName().equals(Const.CONSTRUCTOR_NAME) ? callSeen.getClassDescriptor().getClassName() : ClassName.fromFieldSignature(callReturnType.getSignature()); if (xFactory.isFunctionshatMightBeMistakenForProcedures(callSeen.getMethodDescriptor())) { annotation = CheckReturnValueAnnotation.CHECK_RETURN_VALUE_INFERRED; && !callSeen.getSignature().endsWith(callSeen.getClassName().replace('.', '/') + ";")) { priority++; if (callSeen.isPrivate()) { priority++; if ("clone".equals(callSeen.getName()) || callSeen.getName().startsWith("get")) { priority++; if (Const.CONSTRUCTOR_NAME.equals(callSeen.getName()) && (callSeen.getClassName().endsWith("Exception") || callSeen.getClassName().endsWith("Error"))) { pattern = "RV_EXCEPTION_NOT_THROWN";
private int taintPriority(OpcodeStack.Item writing) { if (writing == null) { return Priorities.NORMAL_PRIORITY; } XMethod method = writing.getReturnValueOf(); if (method != null && "getParameter".equals(method.getName()) && "javax.servlet.http.HttpServletRequest".equals(method.getClassName())) { return Priorities.HIGH_PRIORITY; } return Priorities.NORMAL_PRIORITY; }
@Override public boolean visitClass(ClassDescriptor classDescriptor, XClass xclass) { assert xclass != null; String methodSignature = xmethod.getSignature(); XMethod bridgedFrom = xmethod.bridgeFrom(); // See if this class has an overridden method XMethod xm = xclass.findMethod(xmethod.getName(), methodSignature, false); if (xm == null && bridgedFrom != null && !classDescriptor.equals(xmethod.getClassDescriptor())) { methodSignature = bridgedFrom.getSignature(); xm = xclass.findMethod(xmethod.getName(), methodSignature, false); } if (xm != null) { return visitOverriddenMethod(xm) || bridgedFrom != null; } else { // Even though this particular class doesn't contain the method // we're // looking for, a superclass might, so we need to keep going. return true; } }
private boolean bad(Item left, Item right) { XMethod m = left.getReturnValueOf(); if (m == null) { return false; } Object value = right.getConstant(); if (!(value instanceof Integer) || ((Integer) value).intValue() == 0) { return false; } if (m.isStatic() || !m.isPublic()) { return false; } if ("compareTo".equals(m.getName()) && "(Ljava/lang/Object;)I".equals(m.getSignature())) { return true; } if ("compare".equals(m.getName()) && "(Ljava/lang/Object;Ljava/lang/Object;)I".equals(m.getSignature())) { return true; } return false; }
m = m.resolveAccessMethodForMethod(); String sourceSignature = m.getSourceSignature(); if (DEBUG) { System.out.println(" Call target: " + m); XMethod m2 = m.bridgeTo(); if (m2 != null) { m = m2; if (sourceSignature != null && !sourceSignature.equals(m.getSignature())) { GenericSignatureParser p = new GenericSignatureParser(sourceSignature); String rv = p.getReturnTypeSignature(); SignatureParser p = new SignatureParser(m.getSignature()); String rv = p.getReturnTypeSignature();
/** * Convenience method for generating a method signature in human readable * form. * * @param xmethod * an XMethod * @return the formatted version of that signature */ public static String convertMethodSignature(XMethod xmethod) { @DottedClassName String className = xmethod.getClassName(); assert className.indexOf('/') == -1; return convertMethodSignature(className, xmethod.getName(), xmethod.getSignature()); }
/** * Constructor. Creates an entry which matches the given XMethod. * * @param xmethod * an XMethod * @param action * ActionType (ADD or DEL, depending on whether obligation is * added or deleted) * @param entryType * entry type * @param obligations * Obligation to be added or deleted */ public MatchMethodEntry(XMethod xmethod, ObligationPolicyDatabaseActionType action, ObligationPolicyDatabaseEntryType entryType, Obligation... obligations) { this(new SubtypeTypeMatcher(xmethod.getClassDescriptor()), new ExactStringMatcher(xmethod.getName()), new ExactStringMatcher(xmethod.getSignature()), xmethod.isStatic(), action, entryType, obligations); }
private boolean checkNonSuper(XMethod m, Set<XMethod> others) { if (m.isStatic()) { return false; } if (m.getName().startsWith(Const.CONSTRUCTOR_NAME) || m.getName().startsWith(Const.STATIC_INITIALIZER_NAME)) { return false; } for (XMethod m2 : others) { if (confusingMethodNamesWrongCapitalization(m, m2)) { XMethod mm1; XMethod mm2; if (m.compareTo(m2) < 0) { mm1 = m; mm2 = m2; } else { mm1 = m2; mm2 = m; } bugReporter.reportBug(new BugInstance(this, "NM_CONFUSING", LOW_PRIORITY).addClass(mm1.getClassName()) .addMethod(mm1).addClass(mm2.getClassName()).addMethod(mm2)); return true; } } return false; }
public static Set<XMethod> resolveVirtualMethodCallTargets(XMethod target, boolean receiverTypeIsExact, boolean invokeSpecial) throws ClassNotFoundException { return resolveVirtualMethodCallTargets(target.getClassDescriptor(), target.getName(), target.getSignature(), receiverTypeIsExact, invokeSpecial); }
public BugInstance addClassAndMethod(XMethod xMethod) { return addClassAndMethod(xMethod.getMethodDescriptor()); }
@Override public void sawOpcode(int seen) { if (seen == Const.INVOKESPECIAL) { XMethod m = getXMethodOperand(); if (m == null) { return; } XClass c = getXClass(); int nameDistance = EditDistance.editDistance(m.getName(), getMethodName()); if (nameDistance < 4 && c.findMatchingMethod(m.getMethodDescriptor()) == null && !m.isFinal()) { potentialSuperCall = m; } } }
/** * Convert to a value known because it was returned from a method in a * method property database. * * @param methodInvoked * TODO */ public IsNullValue markInformationAsComingFromReturnValueOfMethod(XMethod methodInvoked) { FieldDescriptor fieldDescriptor = methodInvoked.getAccessMethodForField(); if (fieldDescriptor != null) { XField f = XFactory.getExactXField(fieldDescriptor); return markInformationAsComingFromFieldValue(f); } int flag = RETURN_VAL; if ("readLine".equals(methodInvoked.getName()) && "()Ljava/lang/String;".equals(methodInvoked.getSignature())) { flag = READLINE_VAL; } if (getBaseKind() == NO_KABOOM_NN) { return new IsNullValue(kind | flag, locationOfKaBoom); } return instanceByFlagsList[(getFlags() | flag) >> FLAG_SHIFT][getBaseKind()]; }
SignatureParser sigParser = new SignatureParser(called.getSignature()); int numParams = sigParser.getNumParameters(); .getHandle().getPosition()); if (catchSizeNPE == Integer.MAX_VALUE && (!"java.lang.Integer".equals(called.getClassName()) || catchSizeNFE == Integer.MAX_VALUE)) {