@CheckForNull private static Integer intLiteralValue(LiteralTree literal) { String literalValue = literal.value().replaceAll("_", ""); if (literalValue.startsWith("0x") || literalValue.startsWith("0b")) { return null; } return Integer.valueOf(literalValue); }
@CheckForNull private static Boolean booleanLiteralValue(ExpressionTree expression) { if (expression.is(Tree.Kind.BOOLEAN_LITERAL)) { return Boolean.valueOf(((LiteralTree) expression).value()); } return null; }
private String algorithm(ExpressionTree invocationArgument) { if (invocationArgument.is(Tree.Kind.STRING_LITERAL)) { String value = ((LiteralTree) invocationArgument).value(); return value.substring(1, value.length() - 1); } return null; }
@CheckForNull private static Object extractKey(ExpressionTree keyArgument) { if (keyArgument instanceof LiteralTree) { return ((LiteralTree) keyArgument).value(); } return symbolFromIdentifier(keyArgument); } }
@CheckForNull private static Object extractKey(ExpressionTree keyArgument) { if (keyArgument instanceof LiteralTree) { return ((LiteralTree) keyArgument).value(); } return symbolFromIdentifier(keyArgument); } }
private static String stringLiteralValue(Object object) { if (object instanceof LiteralTree) { LiteralTree literal = (LiteralTree) object; return LiteralUtils.trimQuotes(literal.value()); } return null; } }
private void handleStringLiteral(LiteralTree tree) { String cleanedLiteral = LiteralUtils.trimQuotes(tree.value()); literalPatterns().map(pattern -> pattern.matcher(cleanedLiteral)) // contains "pwd=" or similar .filter(Matcher::find) .map(matcher -> matcher.group(1)) .findAny() .ifPresent(credential -> report(tree, credential)); }
private void handleStringLiteral(LiteralTree tree) { String cleanedLiteral = LiteralUtils.trimQuotes(tree.value()); literalPatterns().map(pattern -> pattern.matcher(cleanedLiteral)) // contains "pwd=" or similar .filter(Matcher::find) .map(matcher -> matcher.group(1)) .findAny() .ifPresent(credential -> report(tree, credential)); }
private void checkPathDelimiter(ExpressionTree expr) { ExpressionTree newExpr = ExpressionUtils.skipParentheses(expr); if (newExpr.is(Tree.Kind.STRING_LITERAL) && PATH_DELIMETERS_PATTERN.matcher(((LiteralTree) newExpr).value()).find()) { reportIssue(newExpr, "Remove this hard-coded path-delimiter."); } } }
private void checkIssue(ExpressionTree argumentForReport, LiteralTree argument) { String[] transformationElements = LiteralUtils.trimQuotes(argument.value()).split("/"); if (transformationElements.length > 0 && isExcludedAlgorithm(transformationElements[0])) { reportIssue(argumentForReport, "Use the recommended AES (Advanced Encryption Standard) instead."); } }
private static boolean isScopeSingleton(SymbolMetadata clazzMeta) { List<AnnotationValue> values = clazzMeta.valuesForAnnotation(SCOPE_ANNOTATION_FQN); for (AnnotationValue annotationValue : values) { if (("value".equals(annotationValue.name()) || "scopeName".equals(annotationValue.name())) && annotationValue.value() instanceof LiteralTree && !"\"singleton\"".equals(((LiteralTree) annotationValue.value()).value())) { return false; } } return true; }
private static boolean isLeftShiftOnOne(BinaryExpressionTree tree) { // 1 << 1 is used for bit masks construction and should be excluded. if (tree.is(Tree.Kind.LEFT_SHIFT) && tree.leftOperand().is(Tree.Kind.INT_LITERAL) && tree.rightOperand().is(Tree.Kind.INT_LITERAL)) { String left = ((LiteralTree) tree.leftOperand()).value(); String right = ((LiteralTree) tree.rightOperand()).value(); if ("1".equals(right) && "1".equals(left)) { return true; } } return false; }
@Override public void visitNode(Tree tree) { LiteralTree lt = (LiteralTree) tree; if (isRSA(LiteralUtils.trimQuotes(lt.value()))) { reportIssue(lt, "Use an RSA algorithm with an OAEP (Optimal Asymmetric Encryption Padding)."); } }
private boolean isSetSecureCall(MethodInvocationTree mit) { Symbol methodSymbol = mit.symbol(); boolean hasArityOne = mit.arguments().size() == 1; if (hasArityOne && isCallSiteCookie(methodSymbol)) { ExpressionTree expressionTree = mit.arguments().get(0); if (expressionTree.is(Tree.Kind.BOOLEAN_LITERAL) && "false".equals(((LiteralTree) expressionTree).value())) { return false; } return "setSecure".equals(getIdentifier(mit).name()); } return false; }
@Override public void visitNode(Tree tree) { LiteralTree lt = (LiteralTree) tree; if (isRSA(LiteralUtils.trimQuotes(lt.value()))) { addIssue(lt, "Use an RSA algorithm with an OAEP (Optimal Asymmetric Encryption Padding)."); } }
private void check(MethodInvocationTree tree) { if (isEquals(tree.methodSelect()) && tree.arguments().size() == 1 && tree.arguments().get(0).is(Kind.STRING_LITERAL)) { LiteralTree stringLiteral = (LiteralTree) tree.arguments().get(0); addIssue(stringLiteral, "Move the " + stringLiteral.value() + " string literal on the left side of this string comparison."); } }
@Override public void visitNode(Tree tree) { LiteralTree literalTree = (LiteralTree) tree; String value = literalTree.value(); if (!containsUnderscore(value) && !isSerialVersionUID(tree) && shouldUseUnderscore(value)) { reportIssue(literalTree, "Add underscores to this numeric value for readability"); } }
@Override public void visitLiteral(LiteralTree tree) { String value = tree.value(); SymbolicValue sv = programState.peekValue(); if (tree.is(Tree.Kind.CHAR_LITERAL) && isNullCharacter(value)) { addZeroConstraint(sv, ZeroConstraint.ZERO); } else if (tree.is(Tree.Kind.INT_LITERAL, Tree.Kind.LONG_LITERAL, Tree.Kind.DOUBLE_LITERAL, Tree.Kind.FLOAT_LITERAL)) { addZeroConstraint(sv, isNumberZero(value) ? ZeroConstraint.ZERO : ZeroConstraint.NON_ZERO); } }
private void checkVariable(VariableTree member) { if (ModifiersUtils.hasModifier(member.modifiers(), Modifier.FINAL)) { return; } ExpressionTree initializer = member.initializer(); if (initializer != null) { initializer = ExpressionUtils.skipParentheses(initializer); if (isDefault(initializer, member.type().symbolType().isPrimitive())) { reportIssue(initializer, "Remove this initialization to \"" + ((LiteralTree) initializer).value() + "\", the compiler will do that for you."); } } }
private void check(MethodInvocationTree tree) { if (isEquals(tree.methodSelect()) && tree.arguments().size() == 1 && tree.arguments().get(0).is(Kind.STRING_LITERAL)) { LiteralTree stringLiteral = (LiteralTree) tree.arguments().get(0); reportIssue(stringLiteral, "Move the " + stringLiteral.value() + " string literal on the left side of this string comparison."); } }