private void accumulateBug() { if (pendingBug == null) { return; } bugAccumulator.accumulateBug(pendingBug, SourceLineAnnotation.fromVisitedInstruction(this, monitorEnterPC)); pendingBug = null; } }
/** * Accumulate a warning at source location currently being visited by given * BytecodeScanningDetector. * * @param bug * the warning * @param visitor * the BytecodeScanningDetector */ public void accumulateBug(BugInstance bug, BytecodeScanningDetector visitor) { SourceLineAnnotation source = SourceLineAnnotation.fromVisitedInstruction(visitor); accumulateBug(bug, source); }
public void accumulateBug(BugInstance bug, ClassContext classContext, Method method, Location location) { accumulateBug(bug, SourceLineAnnotation.fromVisitedInstruction(classContext, method, location)); }
public void accumulateBug(BugInstance bug, ClassContext classContext, MethodGen methodGen, String sourceFile, Location location) { accumulateBug(bug, SourceLineAnnotation.fromVisitedInstruction(classContext, methodGen, sourceFile, location.getHandle())); } }
@Override protected void accumulateBug() { bugAccumulator.accumulateBug(new BugInstance(this, "NP_OPTIONAL_RETURN_NULL", HIGH_PRIORITY).addClassAndMethod(this), this); }
@Override protected void accumulateBug() { bugAccumulator.accumulateBug(new BugInstance(this, "NP_BOOLEAN_RETURN_NULL", getMethodName().startsWith("is") ? HIGH_PRIORITY : NORMAL_PRIORITY).addClassAndMethod(this), this); }
private void reportBug() { int priority = LOW_PRIORITY; String pattern = "NS_NON_SHORT_CIRCUIT"; if (sawDangerOld) { if (sawNullTestVeryOld) { priority = HIGH_PRIORITY; } if (sawMethodCallOld || sawNumericTestVeryOld && sawArrayDangerOld) { priority = HIGH_PRIORITY; pattern = "NS_DANGEROUS_NON_SHORT_CIRCUIT"; } else { priority = NORMAL_PRIORITY; } } bugAccumulator.accumulateBug(new BugInstance(this, pattern, priority).addClassAndMethod(this), this); }
@Override public void sawOpcode(int seen) { if (seen == Const.INVOKEVIRTUAL && "java/util/concurrent/ScheduledThreadPoolExecutor".equals(getClassConstantOperand()) && "setMaximumPoolSize".equals(getNameConstantOperand())) { accumulator.accumulateBug(new BugInstance(DumbMethods.this, "DMI_FUTILE_ATTEMPT_TO_CHANGE_MAXPOOL_SIZE_OF_SCHEDULED_THREAD_POOL_EXECUTOR", HIGH_PRIORITY) .addClassAndMethod(DumbMethods.this), DumbMethods.this); } } }
@Override public void sawOpcode(int seen) { LOGGER.log(Level.FINE, "Opcode: {0}", Const.getOpcodeName(seen)); if (((seen == Const.INVOKEVIRTUAL) || (seen == Const.INVOKEINTERFACE)) && ("replaceAll".equals(getNameConstantOperand())) && ("(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;".equals(getSigConstantOperand())) && hasConstantArguments()) { Optional<String> firstArgument = getFirstArgument(); if (firstArgument.isPresent() && !REGEX_CHARS_PATTERN.matcher(firstArgument.get()).find()) { bugAccumulator.accumulateBug( new BugInstance(this, "IRA_INEFFICIENT_REPLACEALL", LOW_PRIORITY).addClassAndMethod(this), this); } } }
@Override public void sawOpcode(int seen) { if (seen == Const.INVOKEVIRTUAL && "finalize".equals(getNameConstantOperand()) && "()V".equals(getSigConstantOperand())) { bugAccumulator.accumulateBug( new BugInstance(this, "FI_EXPLICIT_INVOCATION", "finalize".equals(getMethodName()) && "()V".equals(getMethodSig()) ? HIGH_PRIORITY : NORMAL_PRIORITY).addClassAndMethod(this) .addCalledMethod(this), this); } if (seen == Const.INVOKESPECIAL && "finalize".equals(getNameConstantOperand())) { sawSuperFinalize = true; } } }
@Override public void sawOpcode(int seen) { if ((seen == Const.INVOKEVIRTUAL && "java/util/HashMap".equals(getClassConstantOperand()) && "get".equals(getNameConstantOperand())) || (seen == Const.INVOKEINTERFACE && "java/util/Map".equals(getClassConstantOperand()) && "get".equals(getNameConstantOperand())) || (seen == Const.INVOKEVIRTUAL && "java/util/HashSet".equals(getClassConstantOperand()) && "contains".equals(getNameConstantOperand())) || (seen == Const.INVOKEINTERFACE && "java/util/Set".equals(getClassConstantOperand()) && "contains".equals(getNameConstantOperand()))) { OpcodeStack.Item top = stack.getStackItem(0); if ("Ljava/net/URL;".equals(top.getSignature())) { accumulator.accumulateBug(new BugInstance(DumbMethods.this, "DMI_COLLECTION_OF_URLS", HIGH_PRIORITY) .addClassAndMethod(DumbMethods.this), DumbMethods.this); } } } }
@Override public void sawOpcode(int seen) { if (seen == Const.INVOKEVIRTUAL && "java/util/Random".equals(getClassConstantOperand()) && (freshRandomOnTos || freshRandomOneBelowTos)) { accumulator.accumulateBug(new BugInstance(DumbMethods.this, "DMI_RANDOM_USED_ONLY_ONCE", HIGH_PRIORITY) .addClassAndMethod(DumbMethods.this).addCalledMethod(DumbMethods.this), DumbMethods.this); } freshRandomOneBelowTos = freshRandomOnTos && isRegisterLoad(); freshRandomOnTos = seen == Const.INVOKESPECIAL && "java/util/Random".equals(getClassConstantOperand()) && Const.CONSTRUCTOR_NAME.equals(getNameConstantOperand()); } }
void check(String className, String[] methodNames, int target, int url) { if (Arrays.binarySearch(methodNames, getNameConstantOperand()) < 0) { return; } if (stack.getStackDepth() <= target) { return; } OpcodeStack.Item targetItem = stack.getStackItem(target); OpcodeStack.Item urlItem = stack.getStackItem(url); if (!"Ljava/net/URL;".equals(urlItem.getSignature())) { return; } if (!targetItem.getSignature().equals(className)) { return; } accumulator.accumulateBug(new BugInstance(this, "DMI_COLLECTION_OF_URLS", HIGH_PRIORITY).addClassAndMethod(this) .addCalledMethod(this), this); }
@Override public void sawOpcode(int seen) { switch (seen) { case Const.INVOKEVIRTUAL: case Const.INVOKESPECIAL: case Const.INVOKESTATIC: XMethod callSeen = XFactory.createXMethod(MethodAnnotation.fromCalledMethod(this)); DefaultEncodingAnnotation annotation = defaultEncodingAnnotationDatabase.getDirectAnnotation(callSeen); if (annotation != null) { bugAccumulator.accumulateBug(new BugInstance(this, "DM_DEFAULT_ENCODING", HIGH_PRIORITY).addClassAndMethod(this) .addCalledMethod(this), this); } break; default: break; } } }
private void annotateAndReport(BugInstance bug, OpcodeStack.Item item) { assert item.isServletParameterTainted(); String s = item.getHttpParameterName(); int pc = item.getInjectionPC(); if (s != null && xmlSafe.matcher(s).matches()) { bug.addString(s).describe(StringAnnotation.PARAMETER_NAME_ROLE); } SourceLineAnnotation thisLine = SourceLineAnnotation.fromVisitedInstruction(this); if (pc >= 0) { SourceLineAnnotation source = SourceLineAnnotation.fromVisitedInstruction(this, pc); if (thisLine.getStartLine() != source.getStartLine()) { bug.add(source).describe(SourceLineAnnotation.ROLE_GENERATED_AT); } } bug.addOptionalLocalVariable(this, item); accumulator.accumulateBug(bug, this); }
@Override public void visitAfter(Code code) { if(bugAccumulator.getLastBugLocation() == null && !sawExcludedNSECall && noSideEffectMethods.useless(getMethodDescriptor())) { // Do not report UC_USELESS_VOID_METHOD if something was already reported inside the current method // it's likely that UC_USELESS_VOID_METHOD is just the consequence of the previous report bugAccumulator.accumulateBug(new BugInstance(this, "UC_USELESS_VOID_METHOD", code.getCode().length > 40 ? HIGH_PRIORITY : code.getCode().length > 15 ? NORMAL_PRIORITY : LOW_PRIORITY) .addClassAndMethod(getMethodDescriptor()), this); } sawExcludedNSECall = false; bugAccumulator.reportAccumulatedBugs(); }
/** * @param seen * @param item */ private void reportVacuousBitOperation(int seen, OpcodeStack.Item item) { if (item.getConstant() == null) { accumulator .accumulateBug( new BugInstance(this, "INT_VACUOUS_BIT_OPERATION", NORMAL_PRIORITY) .addClassAndMethod(this) .addString(Const.getOpcodeName(seen)) .addOptionalAnnotation( LocalVariableAnnotation.getLocalVariableAnnotation(getMethod(), item, getPC())), this); } }
@Override public void sawOpcode(int seen) { switch (seen) { default: break; case Const.IF_ICMPEQ: case Const.IF_ICMPNE: OpcodeStack.Item left = stack.getStackItem(1); OpcodeStack.Item right = stack.getStackItem(0); if (bad(left, right) || bad(right, left)) { accumulator.accumulateBug(new BugInstance(this, "TESTING", NORMAL_PRIORITY).addClassAndMethod(this) .addValueSource(left, this).addValueSource(right, this) .addString("Just check the sign of the result of compare or compareTo, not specific values such as 1 or -1"), this); } break; } }
@Override public void sawOpcode(int seen) { if (seen == Const.INVOKEVIRTUAL || seen == Const.INVOKEINTERFACE) { check("Ljava/util/HashSet;", HASHSET_KEY_METHODS, 1, 0); check("Ljava/util/HashMap;", HASHMAP_KEY_METHODS, 1, 0); check("Ljava/util/HashMap;", HASHMAP_TWO_ARG_KEY_METHODS, 2, 1); } if (seen == Const.INVOKEVIRTUAL && (getMethodDescriptorOperand().equals(URL_EQUALS) || getMethodDescriptorOperand().equals(URL_HASHCODE))) { accumulator.accumulateBug( new BugInstance(this, "DMI_BLOCKING_METHODS_ON_URL", HIGH_PRIORITY).addClassAndMethod(this) .addCalledMethod(this), this); } } }
private void foundSwitchNoDefault(SourceLineAnnotation s) { LineNumberTable table = getCode().getLineNumberTable(); if (table != null) { int startLine = s.getStartLine(); int prev = Integer.MIN_VALUE; for (LineNumber ln : table.getLineNumberTable()) { int thisLineNumber = ln.getLineNumber(); if (thisLineNumber < startLine && thisLineNumber > prev && ln.getStartPC() < s.getStartBytecode()) { prev = thisLineNumber; } } int diff = startLine - prev; if (diff > 5) { return; } bugAccumulator.accumulateBug(new BugInstance(this, "SF_SWITCH_NO_DEFAULT", NORMAL_PRIORITY).addClassAndMethod(this), s); } }