本文整理汇总了Java中org.apache.bcel.Constants.INVOKESTATIC属性的典型用法代码示例。如果您正苦于以下问题:Java Constants.INVOKESTATIC属性的具体用法?Java Constants.INVOKESTATIC怎么用?Java Constants.INVOKESTATIC使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类org.apache.bcel.Constants的用法示例。
在下文中一共展示了Constants.INVOKESTATIC属性的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: instanceEscapes
protected boolean instanceEscapes(InvokeInstruction inv, int instanceArgNum) {
//ConstantPoolGen cpg = getCPG();
// String className = inv.getClassName(cpg);
//System.out.print("[Passed as arg="+instanceArgNum+" at " + inv + "]");
boolean escapes = (inv.getOpcode() == Constants.INVOKESTATIC || instanceArgNum != 0);
//if (escapes) System.out.print("[Escape at " + inv + " argNum=" + instanceArgNum + "]");
if (FindOpenStream.DEBUG && escapes) System.out.println("ESCAPE at " + location);
// Record the fact that this might be a stream escape
if (stream.getOpenLocation() != null)
resourceTracker.addStreamEscape(stream, location);
return escapes;
}
示例2: sawOpcode
@Override
public void sawOpcode(int seen) {
if (seen == Constants.INVOKESTATIC
&& getClassConstantOperand().equals("javax/crypto/Cipher")
&& getNameConstantOperand().equals("getInstance")) {
OpcodeStack.Item item = stack.getStackItem(getSigConstantOperand().contains(";L") ? 1 : 0);
if (StackUtils.isConstantString(item)) {
String cipherValue = (String) item.getConstant();
// default padding for "RSA" only is PKCS1 so it is not reported
if (cipherValue.startsWith("RSA/") && cipherValue.endsWith("/NoPadding")) {
bugReporter.reportBug(new BugInstance(this, RSA_NO_PADDING_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
}
}
示例3: sawOpcode
@Override
public void sawOpcode(int seen) {
// printOpCode(seen);
// getClassConstantOperand().equals("java/net/Socket")
if (seen == Constants.INVOKEVIRTUAL && ( //List of method mark as external file access
getNameConstantOperand().equals("getExternalCacheDir") ||
getNameConstantOperand().equals("getExternalCacheDirs") ||
getNameConstantOperand().equals("getExternalFilesDir") ||
getNameConstantOperand().equals("getExternalFilesDirs") ||
getNameConstantOperand().equals("getExternalMediaDirs")
)) {
// System.out.println(getSigConstantOperand());
bugReporter.reportBug(new BugInstance(this, ANDROID_EXTERNAL_FILE_ACCESS_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
else if(seen == Constants.INVOKESTATIC && getClassConstantOperand().equals("android/os/Environment") && (
getNameConstantOperand().equals("getExternalStorageDirectory") ||
getNameConstantOperand().equals("getExternalStoragePublicDirectory")
)) {
bugReporter.reportBug(new BugInstance(this, ANDROID_EXTERNAL_FILE_ACCESS_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
示例4: isGetterMethod
/**
* Determine whether or not the the given method is
* a getter method. I.e., if it just returns the
* value of an instance field.
*
* @param classContext the ClassContext for the class containing the method
* @param method the method
*/
public static boolean isGetterMethod(ClassContext classContext, Method method) {
MethodGen methodGen = classContext.getMethodGen(method);
InstructionList il = methodGen.getInstructionList();
// System.out.println("Checking getter method: " + method.getName());
if (il.getLength() > 60)
return false;
int count = 0;
Iterator it = il.iterator();
while (it.hasNext()) {
InstructionHandle ih = (InstructionHandle) it.next();
switch (ih.getInstruction().getOpcode()) {
case Constants.GETFIELD:
count++;
if (count > 1) return false;
break;
case Constants.PUTFIELD:
case Constants.BALOAD:
case Constants.CALOAD:
case Constants.DALOAD:
case Constants.FALOAD:
case Constants.IALOAD:
case Constants.LALOAD:
case Constants.SALOAD:
case Constants.AALOAD:
case Constants.BASTORE:
case Constants.CASTORE:
case Constants.DASTORE:
case Constants.FASTORE:
case Constants.IASTORE:
case Constants.LASTORE:
case Constants.SASTORE:
case Constants.AASTORE:
case Constants.PUTSTATIC:
return false;
case Constants.INVOKESTATIC:
case Constants.INVOKEVIRTUAL:
case Constants.INVOKEINTERFACE:
case Constants.INVOKESPECIAL:
case Constants.GETSTATIC:
// no-op
}
}
// System.out.println("Found getter method: " + method.getName());
return true;
}
示例5: match
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg,
ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowAnalysisException {
// See if the instruction is an InvokeInstruction
Instruction ins = handle.getInstruction();
if (!(ins instanceof InvokeInstruction))
return null;
InvokeInstruction inv = (InvokeInstruction) ins;
String methodName = inv.getMethodName(cpg);
boolean isStatic = inv.getOpcode() == Constants.INVOKESTATIC;
boolean isCtor = methodName.equals("<init>");
int actualMode = 0;
if (isStatic) actualMode |= STATIC;
if (isCtor) actualMode |= CONSTRUCTOR;
if (!isStatic && !isCtor) actualMode |= INSTANCE;
// Intersection of actual and desired modes must be nonempty.
if ((actualMode & mode) == 0)
return null;
// Check class name, method name, and method signature.
if (!methodNameMatcher.match(methodName) ||
!methodSigMatcher.match(inv.getSignature(cpg)) ||
!classNameMatcher.match(inv.getClassName(cpg)))
return null;
// It's a match!
return new MatchResult(this, bindingSet);
}
示例6: sawOpcode
@Override
public void sawOpcode(int seen) {
if (seen == Constants.INVOKESTATIC && FILENAMEUTILS_NULL_METHOD.matches(this)) {
bugReporter.reportBug(new BugInstance(this, WEAK_FILENAMEUTILS_TYPE, Priorities.LOW_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this)
.addString(getNameConstantOperand()));
}
}
示例7: sawOpcode
@Override
public void sawOpcode(int seen) {
//printOpCode(seen);
//Important sample from \plugin\src\test\webapp\includes\jsp_include_1.jsp
//org.apache.jasper.runtime.JspRuntimeLibrary
//JspRuntimeLibrary.include(request, response, (String)PageContextImpl.evaluateExpression("${param.secret_param}", String.class, _jspx_page_context, null), out, false);
// JspIncludeDetector: [0119] invokestatic org/apache/jasper/runtime/JspRuntimeLibrary.include (Ljavax/servlet/ServletRequest;Ljavax/servlet/ServletResponse;Ljava/lang/String;Ljavax/servlet/jsp/JspWriter;Z)V
//Important sample from \plugin\src\test\webapp\includes\jsp_include_3.jsp
//ImportTag _jspx_th_c_import_0 = (ImportTag)this._jspx_tagPool_c_import_url_nobody.get(ImportTag.class);
//_jspx_th_c_import_0.setUrl((String)PageContextImpl.evaluateExpression("${param.secret_param}", String.class, _jspx_page_context, null));
// JspIncludeDetector: [0051] invokevirtual org/apache/taglibs/standard/tag/rt/core/ImportTag.setUrl (Ljava/lang/String;)V
if (seen == Constants.INVOKESTATIC && ("org/apache/jasper/runtime/JspRuntimeLibrary".equals(getClassConstantOperand()) || "org/apache/sling/scripting/jsp/jasper/runtime/JspRuntimeLibrary".equals(getClassConstantOperand()))
&& getNameConstantOperand().equals("include") && getSigConstantOperand().equals("(Ljavax/servlet/ServletRequest;Ljavax/servlet/ServletResponse;Ljava/lang/String;Ljavax/servlet/jsp/JspWriter;Z)V")) {
bugReporter.reportBug(new BugInstance(this, JSP_INCLUDE_TYPE, Priorities.HIGH_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
else if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("org/apache/taglibs/standard/tag/rt/core/ImportTag")
&& getNameConstantOperand().equals("setUrl") && getSigConstantOperand().equals("(Ljava/lang/String;)V")) {
bugReporter.reportBug(new BugInstance(this, JSP_INCLUDE_TYPE, Priorities.HIGH_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
示例8: sawOpcode
@Override
public void sawOpcode(int seen) {
if (seen == Constants.INVOKESPECIAL
&& getClassConstantOperand().equals("org/apache/http/impl/client/DefaultHttpClient")
&& getNameConstantOperand().equals("<init>")
&& getSigConstantOperand().equals("()V")) {
//DefaultHttpClient constructor with no parameter
bugReporter.reportBug(new BugInstance(this, DEFAULT_HTTP_CLIENT, Priorities.NORMAL_PRIORITY)
.addClass(this).addMethod(this).addSourceLine(this));
}
if (seen == Constants.INVOKESTATIC
&& getClassConstantOperand().equals("javax/net/ssl/SSLContext")
&& getNameConstantOperand().equals("getInstance")
&& getSigConstantOperand().equals("(Ljava/lang/String;)Ljavax/net/ssl/SSLContext;")) {
//System.out.println("SSLContext.getInstance(" + this.getSigConstantOperand() + ")");
final OpcodeStack.Item item = stack.getStackItem(0);
String sslContextName = (String) item.getConstant(); //Null if the value passed isn't constant
if (sslContextName != null && sslContextName.equalsIgnoreCase("SSL")) {
bugReporter.reportBug(new BugInstance(this, SSL_CONTEXT, Priorities.NORMAL_PRIORITY)
.addClass(this).addMethod(this).addSourceLine(this));
}
}
}
示例9: sawOpcode
@Override
public void sawOpcode(int seen) {
if ((seen != Constants.INVOKESTATIC
|| !getClassConstantOperand().equals("javax/crypto/Cipher"))
|| !getNameConstantOperand().equals("getInstance")) {
return;
}
OpcodeStack.Item item = stack.getStackItem(getSigConstantOperand().contains(";L") ? 1 : 0);
String cipherValue;
if (StackUtils.isConstantString(item)) {
cipherValue = (String) item.getConstant();
} else {
return;
}
if (INSECURE_ECB_MODES.matcher(cipherValue).matches()) {
reportBug(ECB_MODE_TYPE);
}
if (cipherValue.contains("/CBC/PKCS5Padding")) {
reportBug(PADDING_ORACLE_TYPE);
}
//Some cipher will not have mode specified (ie: "RSA" .. issue GitHub #24)
if (!AUTHENTICATED_CIPHER_MODES.matcher(cipherValue).matches()
&& !cipherValue.startsWith("RSA")) {
reportBug(CIPHER_INTEGRITY_TYPE);
}
}
示例10: sawOpcode
@Override
public void sawOpcode(int seen) {
// printOpCode(seen);
if (seen == Constants.INVOKESTATIC && getClassConstantOperand().equals("org/apache/velocity/app/Velocity")
&& getNameConstantOperand().equals("evaluate")) {
OpcodeStack.Item item = stack.getStackItem(0);
if(!StackUtils.isConstantString(item)) {
bugReporter.reportBug(new BugInstance(this, VELOCITY_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
}
示例11: sawOpcode
@Override
public void sawOpcode(int seen) {
//printOpCode(seen);
if (seen == Constants.INVOKESPECIAL && getClassConstantOperand().equals("java/util/Random")
&& getNameConstantOperand().equals("<init>")) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("java.util.Random"));
} else if (seen == Constants.INVOKESTATIC && getClassConstantOperand().equals("java/lang/Math")
&& getNameConstantOperand().equals("random")) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("java.lang.Math.random()"));
} else if (seen == Constants.INVOKESTATIC && getClassConstantOperand().equals("java/util/concurrent/ThreadLocalRandom")
&& getNameConstantOperand().equals("current")) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("java.util.concurrent.ThreadLocalRandom"));
} else if (seen == Constants.INVOKESPECIAL && getClassConstantOperand().equals("scala/util/Random")
&& getNameConstantOperand().equals("<init>")) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_SCALA_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("scala.util.Random"));
} else if (seen == Constants.INVOKEVIRTUAL && RANDOM_NEXT_METHODS.matches(this)) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_SCALA_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("scala.util.Random."+getNameConstantOperand()+"()"));
}
}
示例12: findObviouslyLockedCallSites
/**
* Find all self-call sites that are obviously locked.
*/
private Set<CallSite> findObviouslyLockedCallSites(ClassContext classContext, SelfCalls selfCalls)
throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
// Find all obviously locked call sites
HashSet<CallSite> obviouslyLockedSites = new HashSet<CallSite>();
for (Iterator<CallSite> i = selfCalls.callSiteIterator(); i.hasNext();) {
CallSite callSite = i.next();
Method method = callSite.getMethod();
Location location = callSite.getLocation();
InstructionHandle handle = location.getHandle();
// Only instance method calls qualify as candidates for
// "obviously locked"
Instruction ins = handle.getInstruction();
if (ins.getOpcode() == Constants.INVOKESTATIC)
continue;
// Get lock set for site
LockDataflow lockDataflow = classContext.getLockDataflow(method);
LockSet lockSet = lockDataflow.getFactAtLocation(location);
// Get value number frame for site
ValueNumberDataflow vnaDataflow = classContext.getValueNumberDataflow(method);
ValueNumberFrame frame = vnaDataflow.getFactAtLocation(location);
// NOTE: if the CFG on which the value number analysis was performed
// was pruned, there may be unreachable instructions. Therefore,
// we can't assume the frame is valid.
if (!frame.isValid())
continue;
// Find the ValueNumber of the receiver object
int numConsumed = ins.consumeStack(cpg);
if (numConsumed == Constants.UNPREDICTABLE)
throw new AnalysisException("Unpredictable stack consumption: " + handle);
//if (DEBUG) System.out.println("Getting receiver for frame: " + frame);
ValueNumber instance = frame.getStackValue(numConsumed - 1);
// Is the instance locked?
int lockCount = lockSet.getLockCount(instance.getNumber());
if (lockCount > 0) {
// This is a locked call site
obviouslyLockedSites.add(callSite);
}
}
return obviouslyLockedSites;
}