private void analyzeField(Field field, JavaClass javaClass) { for (AnnotationEntry annotation : field.getAnnotationEntries()) { if (ANNOTATION_TYPES.contains(annotation.getAnnotationType()) || annotation.getAnnotationType().contains("JsonTypeInfo")) { for (ElementValuePair elementValuePair : annotation.getElementValuePairs()) { if ("use".equals((elementValuePair.getNameString())) && VULNERABLE_USE_NAMES.contains(elementValuePair.getValue().stringifyValue())) { bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY) .addClass(javaClass) .addString(javaClass.getClassName() + " on field " + field.getName() + " of type " + field.getType() + " annotated with " + annotation.toShortString()) .addField(FieldAnnotation.fromBCELField(javaClass, field)) .addString("") ); } } } } }
@Override public String toString() { return toShortString(); }
protected String dumpAnnotationEntries(final AnnotationEntry[] as) { final StringBuilder result = new StringBuilder(); result.append("["); for (int i = 0; i < as.length; i++) { final AnnotationEntry annotation = as[i]; result.append(annotation.toShortString()); if (i + 1 < as.length) { result.append(","); } } result.append("]"); return result.toString(); }
private void analyzeField(Field field, JavaClass javaClass) { for (AnnotationEntry annotation : field.getAnnotationEntries()) { if (ANNOTATION_TYPES.contains(annotation.getAnnotationType()) || annotation.getAnnotationType().contains("JsonTypeInfo")) { for (ElementValuePair elementValuePair : annotation.getElementValuePairs()) { if ("use".equals((elementValuePair.getNameString())) && VULNERABLE_USE_NAMES.contains(elementValuePair.getValue().stringifyValue())) { bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY) .addClass(javaClass) .addString(javaClass.getClassName() + " on field " + field.getName() + " of type " + field.getType() + " annotated with " + annotation.toShortString()) .addField(FieldAnnotation.fromBCELField(javaClass, field)) .addString("") ); } } } } }