@Override public boolean prescreen(ClassContext classContext, Method method, boolean mightClose) { if (!mightClose) { return false; } BitSet bytecodeSet = classContext.getBytecodeSet(method); if (bytecodeSet == null) { return false; } MethodGen methodGen = classContext.getMethodGen(method); return methodGen != null && methodGen.getName().toLowerCase().indexOf("lock") == -1 && (bytecodeSet.get(Const.INVOKEVIRTUAL) || bytecodeSet.get(Const.INVOKEINTERFACE)); }
private void considerMethod(ClassContext classContext, Method method) { if ((method.getReturnType() instanceof ReferenceType) && classContext.getMethodGen(method) != null) { if (VERBOSE_DEBUG) { System.out.println("Check " + method); } analyzeMethod(classContext, method); } }
private void considerMethod(ClassContext classContext, Method method) { boolean hasReferenceParameters = false; for (Type argument : method.getArgumentTypes()) { if (argument instanceof ReferenceType) { hasReferenceParameters = true; } } if (hasReferenceParameters && classContext.getMethodGen(method) != null) { if (VERBOSE_DEBUG) { System.out.println("Check " + method); } analyzeMethod(classContext, method); } }
private void analyzeMethod(ClassContext classContext, Method method) throws CFGBuilderException, DataflowAnalysisException { MethodGen methodGen = classContext.getMethodGen(method); CFG cfg = classContext.getCFG(method); LockDataflow dataflow = classContext.getLockDataflow(method); for (Iterator<Location> j = cfg.locationIterator(); j.hasNext();) { Location location = j.next(); visitLocation(classContext, location, methodGen, dataflow); } }
private void analyzeMethod(ClassContext classContext, Method method) throws DataflowAnalysisException, CFGBuilderException { if (DEBUG || DEBUG_NULLARG) { System.out.println("Pre FND "); } MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { return; } // UsagesRequiringNonNullValues uses = // classContext.getUsagesRequiringNonNullValues(method); this.method = method; if (DEBUG || DEBUG_NULLARG) { System.out.println("FND: " + SignatureConverter.convertMethodSignature(methodGen)); } findPreviouslyDeadBlocks(); vnaDataflow = classContext.getValueNumberDataflow(method); // Create a NullDerefAndRedundantComparisonFinder object to do the // actual // work. It will call back to report null derefs and redundant null // comparisons // through the NullDerefAndRedundantComparisonCollector interface we // implement. NullDerefAndRedundantComparisonFinder worker = new NullDerefAndRedundantComparisonFinder(classContext, method, this); worker.execute(); }
@Override public void visitClassContext(ClassContext classContext) { JavaClass jclass = classContext.getJavaClass(); Method[] methodList = jclass.getMethods(); for (Method method : methodList) { MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { continue; } // Don't bother analyzing the method unless there is both locking // and a method call. BitSet bytecodeSet = classContext.getBytecodeSet(method); if (bytecodeSet == null) { continue; } if (!(bytecodeSet.get(Const.MONITORENTER) && bytecodeSet.get(Const.INVOKEVIRTUAL))) { continue; } try { analyzeMethod(classContext, method); } catch (DataflowAnalysisException e) { bugReporter.logError("FindMismatchedWaitOrNotify: caught exception", e); } catch (CFGBuilderException e) { bugReporter.logError("FindMismatchedWaitOrNotify: caught exception", e); } } }
/** * Find the self calls. */ public void execute() throws CFGBuilderException { JavaClass jclass = classContext.getJavaClass(); Method[] methods = jclass.getMethods(); if (DEBUG) { System.out.println("Class has " + methods.length + " methods"); } // Add call graph nodes for all methods for (Method method : methods) { callGraph.addNode(method); } if (DEBUG) { System.out.println("Added " + callGraph.getNumVertices() + " nodes to graph"); } // Scan methods for self calls for (Method method : methods) { MethodGen mg = classContext.getMethodGen(method); if (mg == null) { continue; } scan(callGraph.getNodeForMethod(method)); } if (DEBUG) { System.out.println("Found " + callGraph.getNumEdges() + " self calls"); } }
@Override public void visitClassContext(ClassContext classContext) { if(!shouldAnalyzeClass(classContext)) { return; } for (Method method : classContext.getMethodsInCallOrder()) { if (classContext.getMethodGen(method) == null) { continue; } try { analyzeMethod(classContext, method); } catch (CheckedAnalysisException e) { logException(classContext, method, e); } catch (RuntimeException e) { logException(classContext, method, e); } } }
Method[] methodList = javaClass.getMethods(); for (Method method : methodList) { MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { continue;
protected void analyzeMethod(ClassContext classContext, Method method) throws CheckedAnalysisException { TaintDataflow dataflow = getTaintDataFlow(classContext, method); ConstantPoolGen cpg = classContext.getConstantPoolGen(); String currentMethod = getFullMethodName(classContext.getMethodGen(method)); for (Iterator<Location> i = getLocationIterator(classContext, method); i.hasNext();) { Location location = i.next(); InstructionHandle handle = location.getHandle(); Instruction instruction = handle.getInstruction(); if (!(instruction instanceof InvokeInstruction)) { continue; } InvokeInstruction invoke = (InvokeInstruction) instruction; TaintFrame fact = dataflow.getFactAtLocation(location); assert fact != null; if (!fact.isValid()) { continue; } analyzeLocation(classContext, method, handle, cpg, invoke, fact, currentMethod); } }
MethodGen methodGen = classContext.getMethodGen(m);
public void analyzeMethod(ClassContext classContext, Method method, ResourceTrackerType resourceTracker, ResourceCollection<Resource> resourceCollection) throws CFGBuilderException, DataflowAnalysisException { MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { return;
MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { continue;
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException { MethodGen methodGen = classContext.getMethodGen(m); ConstantPoolGen cpg = classContext.getConstantPoolGen(); CFG cfg = classContext.getCFG(m); if (methodGen == null || methodGen.getInstructionList() == null) { return; //No instruction .. nothing to do } for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) { Location location = i.next(); Instruction inst = location.getHandle().getInstruction(); if (inst instanceof InvokeInstruction) { InvokeInstruction invoke = (InvokeInstruction) inst; String methodName = invoke.getMethodName(cpg); if ("enableDefaultTyping".equals(methodName)) { JavaClass clz = classContext.getJavaClass(); bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY) .addClass(clz) .addMethod(clz, m) .addCalledMethod(cpg, invoke) .addSourceLine(classContext, m, location) ); } } } }
@Override public void visitClassContext(ClassContext classContext) { this.classContext = classContext; JavaClass jclass = classContext.getJavaClass(); Method[] methodList = jclass.getMethods(); for (Method method : methodList) { MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { continue; } // Prescreening - must have IF_ACMPEQ, IF_ACMPNE, // or an invocation of an instance method BitSet bytecodeSet = classContext.getBytecodeSet(method); if (bytecodeSet == null || !bytecodeSet.intersects(prescreenSet)) { continue; } if (DEBUG) { System.out.println("FindRefComparison: analyzing " + SignatureConverter.convertMethodSignature(methodGen)); } try { analyzeMethod(classContext, method); } catch (CFGBuilderException e) { bugReporter.logError("Error analyzing " + method.toString(), e); } catch (DataflowAnalysisException e) { // bugReporter.logError("Error analyzing " + method.toString(), // e); } bugAccumulator.reportAccumulatedBugs(); } }
MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { continue;
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); Method[] methodList = javaClass.getMethods(); for (Method method : methodList) { MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { continue; } if (!prescreen(classContext, method)) { continue; } try { analyzeMethod(classContext, method); } catch (DataflowAnalysisException e) { bugReporter.logError("Error analyzing " + method.toString(), e); } catch (CFGBuilderException e) { bugReporter.logError("Error analyzing " + method.toString(), e); } } }
MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { continue;
MethodGen methodGen = classContext.getMethodGen(method); assert methodGen != null; if (numConsumed == Const.UNPREDICTABLE) {
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); if(!PreorderVisitor.hasInterestingMethod(javaClass.getConstantPool(), allMethods)) { return; } Method[] methodList = javaClass.getMethods(); for (Method method : methodList) { MethodGen methodGen = classContext.getMethodGen(method); if (methodGen == null) { continue; } try { analyzeMethod(classContext, method); } catch (DataflowAnalysisException e) { bugReporter.logError( "FindSqlInjection caught exception while analyzing " + classContext.getFullyQualifiedMethodName(method), e); } catch (CFGBuilderException e) { bugReporter.logError( "FindSqlInjection caught exception while analyzing " + classContext.getFullyQualifiedMethodName(method), e); } catch (RuntimeException e) { bugReporter.logError( "FindSqlInjection caught exception while analyzing " + classContext.getFullyQualifiedMethodName(method), e); } } }