static String getOptions(int flags) { StringBuilder b = new StringBuilder(); appendOption(b, flags, Pattern.CANON_EQ, "CANON_EQ"); appendOption(b, flags, Pattern.CASE_INSENSITIVE, "CASE_INSENSITIVE"); appendOption(b, flags, Pattern.COMMENTS, "COMMENTS"); appendOption(b, flags, Pattern.DOTALL, "DOTALL"); appendOption(b, flags, Pattern.LITERAL, "LITERAL"); appendOption(b, flags, Pattern.MULTILINE, "MULTILINE"); appendOption(b, flags, Pattern.UNICODE_CASE, "UNICODE_CASE"); appendOption(b, flags, Pattern.UNIX_LINES, "UNIX_LINES"); return b.toString(); } }
@Override public void sawOpcode(int seen) { if (seen == Const.INVOKESTATIC && "java/util/regex/Pattern".equals(getClassConstantOperand()) && "compile".equals(getNameConstantOperand()) && getSigConstantOperand().startsWith("(Ljava/lang/String;I)")) { sawRegExPattern(1, getIntValue(0, 0)); } else if (seen == Const.INVOKESTATIC && "java/util/regex/Pattern".equals(getClassConstantOperand()) && "compile".equals(getNameConstantOperand()) && getSigConstantOperand().startsWith("(Ljava/lang/String;)")) { sawRegExPattern(0); } else if (seen == Const.INVOKESTATIC && "java/util/regex/Pattern".equals(getClassConstantOperand()) && "matches".equals(getNameConstantOperand())) { sawRegExPattern(1); } else if (seen == Const.INVOKEVIRTUAL && "java/lang/String".equals(getClassConstantOperand()) && "replaceAll".equals(getNameConstantOperand())) { sawRegExPattern(1); singleDotPatternWouldBeSilly(1, true); } else if (seen == Const.INVOKEVIRTUAL && "java/lang/String".equals(getClassConstantOperand()) && "replaceFirst".equals(getNameConstantOperand())) { sawRegExPattern(1); singleDotPatternWouldBeSilly(1, false); } else if (seen == Const.INVOKEVIRTUAL && "java/lang/String".equals(getClassConstantOperand()) && "matches".equals(getNameConstantOperand())) { sawRegExPattern(0); singleDotPatternWouldBeSilly(0, false); } else if (seen == Const.INVOKEVIRTUAL && "java/lang/String".equals(getClassConstantOperand()) && "split".equals(getNameConstantOperand())) { sawRegExPattern(0); singleDotPatternWouldBeSilly(0, false); } }
private void sawRegExPattern(int stackDepth) { sawRegExPattern(stackDepth, 0); }
return; if (replacementString.length() == 1 && getMethodName().toLowerCase().indexOf("pass") >= 0) { priority = LOW_PRIORITY;
.addClassAndMethod(this).addCalledMethod(this).addString(message).describe(StringAnnotation.ERROR_MSG_ROLE) .addString(regex).describe(StringAnnotation.REGEX_ROLE); String options = getOptions(flags); if (options.length() > 0) { bug.addString("Regex flags: " + options).describe(StringAnnotation.STRING_MESSAGE);
private void sawRegExPattern(int stackDepth) { sawRegExPattern(stackDepth, 0); }
return; if (replacementString.length() == 1 && getMethodName().toLowerCase().indexOf("pass") >= 0) { priority = LOW_PRIORITY;
.addClassAndMethod(this).addCalledMethod(this).addString(message).describe(StringAnnotation.ERROR_MSG_ROLE) .addString(regex).describe(StringAnnotation.REGEX_ROLE); String options = getOptions(flags); if (options.length() > 0) { bug.addString("Regex flags: " + options).describe(StringAnnotation.STRING_MESSAGE);
@Override public void sawOpcode(int seen) { if (seen == INVOKESTATIC && "java/util/regex/Pattern".equals(getClassConstantOperand()) && "compile".equals(getNameConstantOperand()) && getSigConstantOperand().startsWith("(Ljava/lang/String;I)")) { sawRegExPattern(1, getIntValue(0, 0)); } else if (seen == INVOKESTATIC && "java/util/regex/Pattern".equals(getClassConstantOperand()) && "compile".equals(getNameConstantOperand()) && getSigConstantOperand().startsWith("(Ljava/lang/String;)")) { sawRegExPattern(0); } else if (seen == INVOKESTATIC && "java/util/regex/Pattern".equals(getClassConstantOperand()) && "matches".equals(getNameConstantOperand())) { sawRegExPattern(1); } else if (seen == INVOKEVIRTUAL && "java/lang/String".equals(getClassConstantOperand()) && "replaceAll".equals(getNameConstantOperand())) { sawRegExPattern(1); singleDotPatternWouldBeSilly(1, true); } else if (seen == INVOKEVIRTUAL && "java/lang/String".equals(getClassConstantOperand()) && "replaceFirst".equals(getNameConstantOperand())) { sawRegExPattern(1); singleDotPatternWouldBeSilly(1, false); } else if (seen == INVOKEVIRTUAL && "java/lang/String".equals(getClassConstantOperand()) && "matches".equals(getNameConstantOperand())) { sawRegExPattern(0); singleDotPatternWouldBeSilly(0, false); } else if (seen == INVOKEVIRTUAL && "java/lang/String".equals(getClassConstantOperand()) && "split".equals(getNameConstantOperand())) { sawRegExPattern(0); singleDotPatternWouldBeSilly(0, false); } }
static String getOptions(int flags) { StringBuilder b = new StringBuilder(); appendOption(b, flags, Pattern.CANON_EQ, "CANON_EQ"); appendOption(b, flags, Pattern.CASE_INSENSITIVE, "CASE_INSENSITIVE"); appendOption(b, flags, Pattern.COMMENTS, "COMMENTS"); appendOption(b, flags, Pattern.DOTALL, "DOTALL"); appendOption(b, flags, Pattern.LITERAL, "LITERAL"); appendOption(b, flags, Pattern.MULTILINE, "MULTILINE"); appendOption(b, flags, Pattern.UNICODE_CASE, "UNICODE_CASE"); appendOption(b, flags, Pattern.UNIX_LINES, "UNIX_LINES"); return b.toString(); } }