@Override public void sawOpcode(int seen) { if (seen == Const.INVOKEINTERFACE) { String methodName = getNameConstantOperand(); String clsConstant = getClassConstantOperand(); if (("java/sql/ResultSet".equals(clsConstant) && ((methodName.startsWith("get") && dbFieldTypesSet .contains(methodName.substring(3))) || (methodName.startsWith("update") && dbFieldTypesSet .contains(methodName.substring(6))))) || (("java/sql/PreparedStatement".equals(clsConstant) && ((methodName.startsWith("set") && dbFieldTypesSet .contains(methodName.substring(3))))))) { String signature = getSigConstantOperand(); int numParms = PreorderVisitor.getNumberArguments(signature); if (stack.getStackDepth() >= numParms) { OpcodeStack.Item item = stack.getStackItem(numParms - 1); if ("I".equals(item.getSignature()) && item.couldBeZero()) { bugReporter.reportBug(new BugInstance(this, "java/sql/PreparedStatement".equals(clsConstant) ? "SQL_BAD_PREPARED_STATEMENT_ACCESS" : "SQL_BAD_RESULTSET_ACCESS", item.mustBeZero() ? HIGH_PRIORITY : NORMAL_PRIORITY) .addClassAndMethod(this).addSourceLine(this)); } } } } } }
@Override public void sawOpcode(int seen) { if (seen == INVOKEINTERFACE) { String methodName = getNameConstantOperand(); String clsConstant = getClassConstantOperand(); if (("java/sql/ResultSet".equals(clsConstant) && ((methodName.startsWith("get") && dbFieldTypesSet .contains(methodName.substring(3))) || (methodName.startsWith("update") && dbFieldTypesSet .contains(methodName.substring(6))))) || (("java/sql/PreparedStatement".equals(clsConstant) && ((methodName.startsWith("set") && dbFieldTypesSet .contains(methodName.substring(3))))))) { String signature = getSigConstantOperand(); int numParms = PreorderVisitor.getNumberArguments(signature); if (stack.getStackDepth() >= numParms) { OpcodeStack.Item item = stack.getStackItem(numParms - 1); if ("I".equals(item.getSignature()) && item.couldBeZero()) { bugReporter.reportBug(new BugInstance(this, "java/sql/PreparedStatement".equals(clsConstant) ? "SQL_BAD_PREPARED_STATEMENT_ACCESS" : "SQL_BAD_RESULTSET_ACCESS", item.mustBeZero() ? HIGH_PRIORITY : NORMAL_PRIORITY) .addClassAndMethod(this).addSourceLine(this)); } } } } } }
if (stack.getStackDepth() > 1) { OpcodeStack.Item itm = stack.getStackItem(0); if (!itm.couldBeZero()) { it.remove(); } else {
OpcodeStack.Item itm2 = stack.getStackItem(0); reg = itm1.getRegisterNumber(); if ((reg >= 0) && (itm1.couldBeZero())) { uValue = itm2.getUserValue(); if (uValue != null) {
OpcodeStack.Item itm2 = stack.getStackItem(0); reg = itm1.getRegisterNumber(); if ((reg >= 0) && (itm1.couldBeZero())) { uValue = itm2.getUserValue(); if (uValue != null) {
if (stack.getStackDepth() > 1) { OpcodeStack.Item itm = stack.getStackItem(0); if (!itm.couldBeZero()) { it.remove(); } else {