当前位置: 首页>>代码示例>>Java>>正文


Java CFGBuilderException类代码示例

本文整理汇总了Java中edu.umd.cs.findbugs.ba.CFGBuilderException的典型用法代码示例。如果您正苦于以下问题:Java CFGBuilderException类的具体用法?Java CFGBuilderException怎么用?Java CFGBuilderException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


CFGBuilderException类属于edu.umd.cs.findbugs.ba包,在下文中一共展示了CFGBuilderException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: hasCustomReadObject

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
 * Check if the readObject is doing multiple external call beyond the basic readByte, readBoolean, etc..
 * @param m
 * @param classContext
 * @return
 * @throws CFGBuilderException
 * @throws DataflowAnalysisException
 */
private boolean hasCustomReadObject(Method m, ClassContext classContext,List<String> classesToIgnore)
        throws CFGBuilderException, DataflowAnalysisException {
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);
    int count = 0;
    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location location = i.next();
        Instruction inst = location.getHandle().getInstruction();
        //ByteCode.printOpCode(inst,cpg);
        if(inst instanceof InvokeInstruction) {
            InvokeInstruction invoke = (InvokeInstruction) inst;
            if (!READ_DESERIALIZATION_METHODS.contains(invoke.getMethodName(cpg))
                    && !classesToIgnore.contains(invoke.getClassName(cpg))) {
                count +=1;
            }
        }
    }
    return count > 3;
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:28,代码来源:DeserializationGadgetDetector.java

示例2: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();
    if (OBJECT_MAPPER_CLASSES.contains(javaClass.getClassName())) {
        return;
    }
    for (Field field : javaClass.getFields()) {
        analyzeField(field, javaClass);
    }
    for (Method m : javaClass.getMethods()) {
        try {
            analyzeMethod(m, classContext);
        }
        catch (CFGBuilderException | DataflowAnalysisException e) {
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:18,代码来源:UnsafeJacksonDeserializationDetector.java

示例3: analyzeMethod

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
    MethodGen methodGen = classContext.getMethodGen(m);
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);

    if (methodGen == null || methodGen.getInstructionList() == null) {
        return; //No instruction .. nothing to do
    }
    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location location = i.next();
        Instruction inst = location.getHandle().getInstruction();
        if (inst instanceof InvokeInstruction) {
            InvokeInstruction invoke = (InvokeInstruction) inst;
            String methodName = invoke.getMethodName(cpg);
            if ("enableDefaultTyping".equals(methodName)) {
                JavaClass clz = classContext.getJavaClass();
                bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY)
                        .addClass(clz)
                        .addMethod(clz, m)
                        .addCalledMethod(cpg, invoke)
                        .addSourceLine(classContext, m, location)
                );
            }
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:UnsafeJacksonDeserializationDetector.java

示例4: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
    public void visitClassContext(ClassContext classContext) {
        JavaClass javaClass = classContext.getJavaClass();
//        System.out.println(javaClass.getSuperclassName() + "###");
        if(javaClass.getSuperclassName().equals("android.webkit.WebViewClient")) {
            Method[] methodList = javaClass.getMethods();

            for (Method m : methodList) {
//                System.out.println(m.getName() + "###");
                if(m.getName().equals("onReceivedSslError")) {
                    try {
                        analyzeMethod(javaClass, m, classContext);
                    } catch (CFGBuilderException e) {
                    }
                }
            }
        }
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:19,代码来源:WebViewSslErrorDetector.java

示例5: analyzeMethod

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {

        ConstantPoolGen cpg = classContext.getConstantPoolGen();
        CFG cfg = classContext.getCFG(m);
        
        for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
            Location location = i.next();

            Instruction inst = location.getHandle().getInstruction();
            
            if (inst instanceof LDC) {
                LDC ldc = (LDC) inst;
                if (ldc != null) {
                    if("java.naming.security.authentication".equals(ldc.getValue(cpg)) &&
                       "none".equals(ByteCode.getConstantLDC(location.getHandle().getNext(), cpg, String.class))){
                        JavaClass clz = classContext.getJavaClass();
                        bugReporter.reportBug(new BugInstance(this, LDAP_ANONYMOUS, Priorities.LOW_PRIORITY) //
                        .addClass(clz)
                        .addMethod(clz, m)
                        .addSourceLine(classContext, m, location));
                        break;
                    }
                }
            }            
        }
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:AnonymousLdapDetector.java

示例6: isSafeValue

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private boolean isSafeValue(Location location, ConstantPoolGen cpg) throws CFGBuilderException {
    Instruction prevIns = location.getHandle().getInstruction();
    if (prevIns instanceof LDC || prevIns instanceof GETSTATIC)
        return true;
    if (prevIns instanceof InvokeInstruction) {
        String methodName = ((InvokeInstruction) prevIns).getMethodName(cpg);
        if (methodName.startsWith("to") && methodName.endsWith("String") && methodName.length() > 8)
            return true;
    }
    if (prevIns instanceof AALOAD) {
        CFG cfg = classContext.getCFG(method);

        Location prev = getPreviousLocation(cfg, location, true);
        if (prev != null) {
            Location prev2 = getPreviousLocation(cfg, prev, true);
            if (prev2 != null && prev2.getHandle().getInstruction() instanceof GETSTATIC) {
                GETSTATIC getStatic = (GETSTATIC) prev2.getHandle().getInstruction();
                if (getStatic.getSignature(cpg).equals("[Ljava/lang/String;"))
                    return true;
            }
        }
    }
    return false;
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:25,代码来源:FindSqlInjection.java

示例7: hasManyPreceedingNullTests

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private boolean hasManyPreceedingNullTests(int pc) {
    int ifNullTests = 0;
    BitSet seen = new BitSet();
    try {
        for (Iterator<Location> i = classContext.getCFG(method).locationIterator(); i.hasNext();) {
            Location loc = i.next();
            int pc2 = loc.getHandle().getPosition();
            if (pc2 >= pc || pc2 < pc - 30)
                continue;
            Instruction ins = loc.getHandle().getInstruction();
            if ((ins instanceof IFNONNULL || ins instanceof IFNULL || ins instanceof NullnessConversationInstruction)
                    && !seen.get(pc2)) {
                ifNullTests++;
                seen.set(pc2);
            }
        }
        boolean result = ifNullTests > 2;

        // System.out.println("Preceeding null tests " + ifNullTests + " " +
        // ifNonnullTests + " " + result);
        return result;
    } catch (CFGBuilderException e) {
        return false;
    }
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:26,代码来源:FindNullDeref.java

示例8: isDuplicated

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
 * @param propertySet
 * @param pc
 * @param isConsistent
 * @return
 */
public boolean isDuplicated(WarningPropertySet<WarningProperty> propertySet, int pc, boolean isConsistent) {
    boolean duplicated = false;
    if (!isConsistent) {
        if (propertySet.containsProperty(NullDerefProperty.DEREFS_ARE_CLONED))
            duplicated = true;

        else
            try {
                CFG cfg = classContext.getCFG(method);
                if (cfg.getLocationsContainingInstructionWithOffset(pc).size() > 1) {
                    propertySet.addProperty(NullDerefProperty.DEREFS_ARE_INLINED_FINALLY_BLOCKS);
                    duplicated = true;
                }
            } catch (CFGBuilderException e) {
                AnalysisContext.logError("Error while analyzing " + classContext.getFullyQualifiedMethodName(method), e);
            }
    }
    return duplicated;
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:26,代码来源:FindNullDeref.java

示例9: buildResourceCollection

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private ResourceCollection<Resource> buildResourceCollection(ClassContext classContext, Method method,
        ResourceTrackerType resourceTracker) throws CFGBuilderException, DataflowAnalysisException {

    ResourceCollection<Resource> resourceCollection = new ResourceCollection<Resource>();

    CFG cfg = classContext.getCFG(method);
    ConstantPoolGen cpg = classContext.getConstantPoolGen();

    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
        Location location = i.next();
        Resource resource = resourceTracker.isResourceCreation(location.getBasicBlock(), location.getHandle(), cpg);
        if (resource != null)
            resourceCollection.addCreatedResource(location, resource);
    }

    return resourceCollection;
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:18,代码来源:ResourceTrackingDetector.java

示例10: PatternMatcher

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
 * Constructor.
 * 
 * @param pattern
 *            the ByteCodePattern to look for examples of
 * @param classContext
 *            ClassContext for the class to analyze
 * @param method
 *            the Method to analyze
 */
public PatternMatcher(ByteCodePattern pattern, ClassContext classContext, Method method) throws CFGBuilderException,
        DataflowAnalysisException {
    this.pattern = pattern;
    this.cfg = classContext.getCFG(method);
    this.cpg = classContext.getConstantPoolGen();
    this.dfs = classContext.getDepthFirstSearch(method);
    this.vnaDataflow = classContext.getValueNumberDataflow(method);
    this.domAnalysis = classContext.getNonExceptionDominatorsAnalysis(method);
    this.workList = new LinkedList<BasicBlock>();
    this.visitedBlockMap = new IdentityHashMap<BasicBlock, BasicBlock>();
    this.resultList = new LinkedList<ByteCodePatternMatch>();
}
 
开发者ID:OpenNTF,项目名称:FindBug-for-Domino-Designer,代码行数:23,代码来源:PatternMatcher.java

示例11: scan

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
 * Scan a method for self call sites.
 *
 * @param node the CallGraphNode for the method to be scanned
 */
private void scan(CallGraphNode node) throws CFGBuilderException {
	Method method = node.getMethod();
	CFG cfg = classContext.getCFG(method);

	if (method.isSynchronized())
		hasSynchronization = true;

	Iterator<BasicBlock> i = cfg.blockIterator();
	while (i.hasNext()) {
		BasicBlock block = i.next();
		Iterator<InstructionHandle> j = block.instructionIterator();
		while (j.hasNext()) {
			InstructionHandle handle = j.next();

			Instruction ins = handle.getInstruction();
			if (ins instanceof InvokeInstruction) {
				InvokeInstruction inv = (InvokeInstruction) ins;
				Method called = isSelfCall(inv);
				if (called != null) {
					// Add edge to call graph
					CallSite callSite = new CallSite(method, block, handle);
					callGraph.createEdge(node, callGraph.getNodeForMethod(called), callSite);

					// Add to called method set
					calledMethodSet.add(called);
				}
			} else if (ins instanceof MONITORENTER || ins instanceof MONITOREXIT) {
				hasSynchronization = true;
			}
		}
	}
}
 
开发者ID:parabuild-ci,项目名称:parabuild-ci,代码行数:38,代码来源:SelfCalls.java

示例12: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass clazz = classContext.getJavaClass();

    if (hasRequestMapping(clazz)) {
        Method[] methods = clazz.getMethods();
        for (Method m: methods) {

            try {
                analyzeMethod(m, classContext);
            } catch (CFGBuilderException e){
            }
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:16,代码来源:SpringUnvalidatedRedirectDetector.java

示例13: analyzeMethod

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException{
    JavaClass clazz = classContext.getJavaClass();
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);

    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location loc = i.next();
        Instruction inst = loc.getHandle().getInstruction();

        if (inst instanceof INVOKEVIRTUAL) {
            INVOKEVIRTUAL invoke = (INVOKEVIRTUAL)inst;
            if( "java.lang.StringBuilder".equals(invoke.getClassName(cpg)) && "append".equals(invoke.getMethodName(cpg))) {
                Instruction prev = loc.getHandle().getPrev().getInstruction();

                if (prev instanceof LDC) {
                    LDC ldc = (LDC)prev;
                    Object value = ldc.getValue(cpg);

                    if (value instanceof String) {
                        String v = (String)value;

                        if ("redirect:".equals(v)) {
                            BugInstance bug = new BugInstance(this, SPRING_UNVALIDATED_REDIRECT_TYPE, Priorities.NORMAL_PRIORITY);
                            bug.addClass(clazz).addMethod(clazz,m).addSourceLine(classContext,m,loc);
                            reporter.reportBug(bug);
                        }
                    }
                }
            }
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:33,代码来源:SpringUnvalidatedRedirectDetector.java

示例14: getLocationIterator

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private static Iterator<Location> getLocationIterator(ClassContext classContext, Method method)
        throws CheckedAnalysisException {
    try {
        return classContext.getCFG(method).locationIterator();
    } catch (CFGBuilderException ex) {
        throw new CheckedAnalysisException("cannot get control flow graph", ex);
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:9,代码来源:AbstractTaintDetector.java

示例15: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();

    Method[] methodList = javaClass.getMethods();

    for (Method m : methodList) {
        try {
            analyzeMethod(m,classContext);
        } catch (CFGBuilderException e) {
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:14,代码来源:CookieFlagsDetector.java


注:本文中的edu.umd.cs.findbugs.ba.CFGBuilderException类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。