@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); Method[] methodList = javaClass.getMethods(); for (Method m : methodList) { try { analyzeMethod(m, classContext); } catch (CFGBuilderException e) { } catch (DataflowAnalysisException e) { } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); String superClassName = javaClass.getSuperclassName(); if ("org.apache.wicket.markup.html.WebPage".equals(superClassName)) { bugReporter.reportBug(new BugInstance(this, WICKET_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClass(javaClass)); return; } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); for (Method method : javaClass.getMethods()) { if (isVulnerable(method)) { bugReporter.reportBug(new BugInstance(this, SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING_TYPE, Priorities.HIGH_PRIORITY) // .addClassAndMethod(javaClass, method)); } } }
@Override public void visitClassContext(ClassContext classContext) { javaClass = classContext.getJavaClass(); possibleWaitBugs.clear(); possibleNotifyLocations.clear(); Method[] methodList = javaClass.getMethods(); for (Method method : methodList) { MethodGen methodGen = classContext.getMethodGen(method); bug.addSourceLine(notifyLine).describe("SOURCE_NOTIFICATION_DEADLOCK"); bugReporter.reportBug(bug);
BugInstance bug = new BugInstance(this, "DB_DUPLICATE_SWITCH_CLAUSES", LOW_PRIORITY).addClassAndMethod( classContext.getJavaClass(), method); for (int i : clauses)
@Override public void visitClassContext(ClassContext classContext) { for(Method method : classContext.getJavaClass().getMethods()) { MethodDescriptor methodDescriptor = BCELUtil.getMethodDescriptor(classContext.getJavaClass(), method); ValueRangeAnalysis analysis; try { SourceLineAnnotation sourceLineAnnotation = SourceLineAnnotation.fromVisitedInstruction(classContext, method, condition.getLocation().getHandle().getPosition()); BugInstance bug = new BugInstance(condition.isByType()?"UC_USELESS_CONDITION_TYPE":"UC_USELESS_CONDITION", priority) .addClassAndMethod(methodDescriptor).add(new StringAnnotation(normalize(condition.getTrueCondition()))); if(condition.isByType()) {
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); Method[] methodList = javaClass.getMethods(); for (Method m : methodList) { try { analyzeMethod(m,classContext); } catch (CFGBuilderException e) { } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); for (Method m : javaClass.getMethods()) { if ("execute".equals(m.getName()) && "()Ljava/lang/String;".equals(m.getSignature())) { bugReporter.reportBug(new BugInstance(this, STRUTS2_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClass(javaClass)); } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); if ("java.security.MessageDigest".equals(javaClass.getSuperclassName())) { bugReporter.reportBug(new BugInstance(this, CUSTOM_MESSAGE_DIGEST_TYPE, Priorities.NORMAL_PRIORITY) // .addClass(javaClass)); } }
private void analyzeMethod(ClassContext classContext, Method method) throws CFGBuilderException, DataflowAnalysisException { // System.out.println("Checking " + method); CFG cfg = classContext.getCFG(method); LockDataflow lockDataflow = classContext.getLockDataflow(method); for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) { Location location = i.next(); Instruction ins = location.getHandle().getInstruction(); if (!(ins instanceof INVOKESTATIC)) { continue; } if (!isSleep((INVOKESTATIC) ins, classContext.getConstantPoolGen())) { continue; } // System.out.println("Found sleep at " + location.getHandle()); LockSet lockSet = lockDataflow.getFactAtLocation(location); if (lockSet.getNumLockedObjects() > 0) { bugAccumulator.accumulateBug( new BugInstance(this, "SWL_SLEEP_WITH_LOCK_HELD", NORMAL_PRIORITY).addClassAndMethod( classContext.getJavaClass(), method), classContext, method, location); } } bugAccumulator.reportAccumulatedBugs(); }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); Method[] methodList = javaClass.getMethods(); for (Method m : methodList) { try { analyzeMethod(m, classContext); } catch (CFGBuilderException e) { } catch (DataflowAnalysisException e) { } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); method : for (Method m : javaClass.getMethods()) { for (AnnotationEntry ae : m.getAnnotationEntries()) { if (REQUEST_MAPPING_ANNOTATION_TYPES.contains(ae.getAnnotationType())) { bugReporter.reportBug(new BugInstance(this, SPRING_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClassAndMethod(javaClass, m)); continue method; } } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); if ("org.apache.struts.action.Action".equals(javaClass.getSuperclassName())) { bugReporter.reportBug(new BugInstance(this, STRUTS1_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClass(javaClass)); } }
Dataflow<ResourceValueFrame, ResourceValueAnalysis<Lock>> dataflow, Lock resource) { JavaClass javaClass = classContext.getJavaClass(); bugAccumulator.accumulateBug(new BugInstance(this, bugType, priority).addClassAndMethod(methodGen, sourceFile), SourceLineAnnotation.fromVisitedInstruction(classContext, methodGen, sourceFile, handle));
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); Method[] methodList = javaClass.getMethods(); for (Method m : methodList) { try { analyzeMethod(m, classContext); } catch (CFGBuilderException | DataflowAnalysisException e) { AnalysisContext.logError("Cannot analyze method", e); } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); for (Method m : javaClass.getMethods()) { for (AnnotationEntry ae : m.getAnnotationEntries()) { //Every method mark with @javax.jws.WebMethod is mark as an Endpoint if (ae.getAnnotationType().equals("Ljavax/jws/WebMethod;")) { bugReporter.reportBug(new BugInstance(this, JAXWS_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClassAndMethod(javaClass, m)); } } } }
@Override public void visitMethod(Method obj) { if ((interfaceMethods != null) && ((obj.getAccessFlags() & Const.ACC_ABSTRACT) != 0)) { String curDetail = obj.getName() + obj.getSignature(); for (String infMethodDetail : interfaceMethods) { if (curDetail.equals(infMethodDetail)) { bugReporter.reportBug(new BugInstance(this, "USM_USELESS_ABSTRACT_METHOD", LOW_PRIORITY).addClassAndMethod( getClassContext().getJavaClass(), obj)); } } } super.visitMethod(obj); }
ConstantPoolGen cpg = classContext.getConstantPoolGen(); MethodGen methodGen = classContext.getMethodGen(method); String sourceFile = classContext.getJavaClass().getSourceFileName(); String password = operandValue.getConstantString(); if (password.length() == 0) { bugAccumulator.accumulateBug(new BugInstance(this, "DMI_EMPTY_DB_PASSWORD", NORMAL_PRIORITY) .addClassAndMethod(methodGen, sourceFile), classContext, methodGen, sourceFile, location); } else { bugAccumulator.accumulateBug(new BugInstance(this, "DMI_CONSTANT_DB_PASSWORD", NORMAL_PRIORITY) .addClassAndMethod(methodGen, sourceFile), classContext, methodGen, sourceFile, location); bugAccumulator.accumulateBug(new BugInstance(this, "DMI_USELESS_SUBSTRING", NORMAL_PRIORITY) .addClassAndMethod(methodGen, sourceFile), classContext, methodGen, sourceFile, location);
@Override public void visitClassContext(ClassContext classContext) { JavaClass clazz = classContext.getJavaClass(); if (hasRequestMapping(clazz)) { Method[] methods = clazz.getMethods(); for (Method m: methods) { try { analyzeMethod(m, classContext); } catch (CFGBuilderException e){ } } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); for (Method m : javaClass.getMethods()) { for (AnnotationEntry ae : m.getAnnotationEntries()) { //Every method mark with @javax.ws.rs.Path is mark as an Endpoint if (ae.getAnnotationType().equals("Ljavax/ws/rs/Path;")) { bugReporter.reportBug(new BugInstance(this, JAXRS_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClassAndMethod(javaClass, m)); } } } }