@Override public void visitArrayInitializerBracket(ArrayInitializerBracketTree tree) { tree.arrayPairs().stream() .map(ArrayPairTree::key) .filter(Objects::nonNull) .filter(key -> key.is(Tree.Kind.REGULAR_STRING_LITERAL) && "salt".equals(trimQuotes(((LiteralTree) key)))) .forEach(passwordHashSaltTrees::add); super.visitArrayInitializerBracket(tree); } }
@Override public void visitArrayInitializerBracket(ArrayInitializerBracketTree tree) { tree.arrayPairs().stream() .map(ArrayPairTree::key) .filter(Objects::nonNull) .filter(key -> key.is(Tree.Kind.REGULAR_STRING_LITERAL) && "salt".equals(trimQuotes(((LiteralTree) key)))) .forEach(passwordHashSaltTrees::add); super.visitArrayInitializerBracket(tree); } }
@Override public void visitForStatement(ForStatementTree tree) { List<ExpressionTree> updates = tree.update().stream() .filter(expression -> updateKind(expression) != UpdateKind.UNKNOWN) .collect(Collectors.toList()); ExpressionTree forCondition = CheckUtils.getForCondition(tree); if (forCondition != null && !updates.isEmpty()) { checkCondition(forCondition, updates); } super.visitForStatement(tree); }
public static QualifiedName create(NamespaceNameTree nameTree) { List<String> namespaces = nameTree.namespaces().stream().map(NameIdentifierTree::text).collect(Collectors.toList()); return new QualifiedName(namespaces, nameTree.name().text()); }
public static QualifiedName create(NamespaceNameTree nameTree) { List<String> namespaces = nameTree.namespaces().stream().map(NameIdentifierTree::text).collect(Collectors.toList()); return new QualifiedName(namespaces, nameTree.name().text()); }
@Override public void visitForStatement(ForStatementTree tree) { List<ExpressionTree> updates = tree.update().stream() .filter(expression -> updateKind(expression) != UpdateKind.UNKNOWN) .collect(Collectors.toList()); ExpressionTree forCondition = CheckUtils.getForCondition(tree); if (forCondition != null && !updates.isEmpty()) { checkCondition(forCondition, updates); } super.visitForStatement(tree); }
public static QualifiedName create(NamespaceNameTree nameTree) { List<String> namespaces = nameTree.namespaces().stream().map(NameIdentifierTree::text).collect(Collectors.toList()); return new QualifiedName(namespaces, nameTree.name().text()); }
private Optional<ExpressionTree> getProperty(ArrayInitializerTree params, String property) { return params.arrayPairs().stream() .filter(pair -> isStringLiteralWithValue(pair.key(), property)) .map(pair -> getAssignedValue(pair.value())) .findFirst(); }
private Optional<ExpressionTree> getProperty(ArrayInitializerTree params, String property) { return params.arrayPairs().stream() .filter(pair -> isStringLiteralWithValue(pair.key(), property)) .map(pair -> getAssignedValue(pair.value())) .findFirst(); }
private Optional<ExpressionTree> getKeySize(ExpressionTree config) { if (config.is(Kind.ARRAY_INITIALIZER_FUNCTION, Kind.ARRAY_INITIALIZER_BRACKET) && isRSA((ArrayInitializerTree) config)) { return ((ArrayInitializerTree) config).arrayPairs().stream() .filter(pair -> hasKey(pair, "private_key_bits")) .map(ArrayPairTree::value) .findFirst(); } Symbol configSymbol = context().symbolTable().getSymbol(config); return assignmentExpressionVisitor .getUniqueAssignedValue(configSymbol) .flatMap(this::getKeySize); }
private Optional<ExpressionTree> getKeySize(ExpressionTree config) { if (config.is(Kind.ARRAY_INITIALIZER_FUNCTION, Kind.ARRAY_INITIALIZER_BRACKET) && isRSA((ArrayInitializerTree) config)) { return ((ArrayInitializerTree) config).arrayPairs().stream() .filter(pair -> hasKey(pair, "private_key_bits")) .map(ArrayPairTree::value) .findFirst(); } Symbol configSymbol = context().symbolTable().getSymbol(config); return assignmentExpressionVisitor .getUniqueAssignedValue(configSymbol) .flatMap(this::getKeySize); }
@Override public void visitUseTraitDeclaration(UseTraitDeclarationTree tree) { super.visitUseTraitDeclaration(tree); tree.traits().stream() .filter(trait -> PSR_LOG_LOGGER_TRAIT.equalsIgnoreCase(getFullyQualifiedName(trait))) .forEach(trait -> context().newIssue(this, trait, MESSAGE)); }
@Override public void visitUseTraitDeclaration(UseTraitDeclarationTree tree) { super.visitUseTraitDeclaration(tree); tree.traits().stream() .filter(trait -> PSR_LOG_LOGGER_TRAIT.equalsIgnoreCase(getFullyQualifiedName(trait))) .forEach(trait -> context().newIssue(this, trait, MESSAGE)); }
@Override public void visitFunctionExpression(FunctionExpressionTree tree) { LexicalVariablesTree lexicalVars = tree.lexicalVars(); if (tree == currentFunction) { if (lexicalVars != null) { lexicalVars.variables().stream() .map(VariableTree::variableExpression) .filter(variable -> variable.is(Kind.VARIABLE_IDENTIFIER)) .map(variable -> ((VariableIdentifierTree) variable).text()) .forEach(initializedVariables::add); } super.visitFunctionExpression(tree); } else { if (lexicalVars != null) { scan(lexicalVars.variables()); } // skip nested } }
private static boolean isRSA(ArrayInitializerTree config) { return config.arrayPairs().stream().anyMatch(pair -> { if (!hasKey(pair, "private_key_type")) { return false; } if (pair.value().is(Kind.NAMESPACE_NAME)) { NamespaceNameTree value = (NamespaceNameTree) pair.value(); return "OPENSSL_KEYTYPE_RSA".equals(value.name().text()); } return false; }); }
private static boolean isRSA(ArrayInitializerTree config) { return config.arrayPairs().stream().anyMatch(pair -> { if (!hasKey(pair, "private_key_type")) { return false; } if (pair.value().is(Kind.NAMESPACE_NAME)) { NamespaceNameTree value = (NamespaceNameTree) pair.value(); return "OPENSSL_KEYTYPE_RSA".equals(value.name().text()); } return false; }); }
private void checkSuspiciousClassDeclaration(ClassTree tree) { NamespaceNameTree superClass = tree.superClass(); if (superClass != null) { QualifiedName fullyQualifiedSuperclassName = getFullyQualifiedName(superClass); if (fullyQualifiedSuperclassName.equalsIgnoreCase(CODE_IGNITER_CONTROLLER_CLASS)) { checkCodeIgniterControllerMethods(tree); } } tree.superInterfaces().stream() .filter(superInterface -> JOOMLA_CIPHER_INTERFACE.equalsIgnoreCase(getFullyQualifiedName(superInterface))) .forEach(superInterface -> context().newIssue(this, superInterface, MESSAGE)); }
private void checkSuspiciousClassDeclaration(ClassTree tree) { NamespaceNameTree superClass = tree.superClass(); if (superClass != null) { QualifiedName fullyQualifiedSuperclassName = getFullyQualifiedName(superClass); if (fullyQualifiedSuperclassName.equalsIgnoreCase(CODE_IGNITER_CONTROLLER_CLASS)) { checkCodeIgniterControllerMethods(tree); } } tree.superInterfaces().stream() .filter(superInterface -> JOOMLA_CIPHER_INTERFACE.equalsIgnoreCase(getFullyQualifiedName(superInterface))) .forEach(superInterface -> context().newIssue(this, superInterface, MESSAGE)); }
private void checkSuspiciousClassDeclaration(ClassTree tree) { NamespaceNameTree superClass = tree.superClass(); if (superClass != null && getFullyQualifiedName(superClass).equalsIgnoreCase(PSR_LOG_ABSTRACT_LOGGER_CLASS)) { context().newIssue(this, superClass, MESSAGE); } tree.superInterfaces().stream() .filter(superInterface -> PSR_LOG_LOGGER_INTERFACE.equalsIgnoreCase(getFullyQualifiedName(superInterface))) .forEach(superInterface -> context().newIssue(this, superInterface, MESSAGE)); }
private void checkSuspiciousClassDeclaration(ClassTree tree) { NamespaceNameTree superClass = tree.superClass(); if (superClass != null && getFullyQualifiedName(superClass).equalsIgnoreCase(PSR_LOG_ABSTRACT_LOGGER_CLASS)) { context().newIssue(this, superClass, MESSAGE); } tree.superInterfaces().stream() .filter(superInterface -> PSR_LOG_LOGGER_INTERFACE.equalsIgnoreCase(getFullyQualifiedName(superInterface))) .forEach(superInterface -> context().newIssue(this, superInterface, MESSAGE)); }