当前位置: 首页>>代码示例>>Java>>正文


Java ClassContext类代码示例

本文整理汇总了Java中edu.umd.cs.findbugs.ba.ClassContext的典型用法代码示例。如果您正苦于以下问题:Java ClassContext类的具体用法?Java ClassContext怎么用?Java ClassContext使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


ClassContext类属于edu.umd.cs.findbugs.ba包,在下文中一共展示了ClassContext类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: visitClassContext

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
public void visitClassContext(ClassContext classContext) {
	try {
		setUpAnnotation = null;
		tearDownAnnotation = null;
		validClass = false;
		validMethod = false;
		sawSetUp = false;
		sawTearDown = false;
		JavaClass[] superClasses = classContext.getJavaClass().getSuperClasses();
		for (int i = 0; i < superClasses.length; i++) {
			JavaClass sc = superClasses[i];
			if (sc.getClassName().equals("junit.framework.TestCase")) {
				validClass = true;
				classContext.getJavaClass().accept(this);
				break;
			}
		}
	} catch (ClassNotFoundException cnfe) {
		bugReporter.reportMissingClass(cnfe);
	}
		
}
 
开发者ID:parabuild-ci,项目名称:parabuild-ci,代码行数:23,代码来源:InvalidJUnitTest.java

示例2: reportMatch

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
public void reportMatch(ClassContext classContext, Method method, ByteCodePatternMatch match) {
	MethodGen methodGen = classContext.getMethodGen(method);
	JavaClass javaClass = classContext.getJavaClass();

	BindingSet bindingSet = match.getBindingSet();

	// Note that the lookup of "h" cannot fail, and
	// it is guaranteed to be bound to a FieldVariable.
	Binding binding = bindingSet.lookup("h");
	FieldVariable field = (FieldVariable) binding.getVariable();

	// Ignore fields generated for accesses to Foo.class
	if (field.getFieldName().startsWith("class$"))
		return;

	// Find start and end instructions (for reporting source lines)
	InstructionHandle start = match.getLabeledInstruction("startDC");
	InstructionHandle end = match.getLabeledInstruction("endDC");

	String sourceFile = javaClass.getSourceFileName();
	bugReporter.reportBug(new BugInstance(this, "BCPDC_DOUBLECHECK", NORMAL_PRIORITY)
	        .addClassAndMethod(methodGen, sourceFile)
	        .addField(field).describe("FIELD_ON")
	        .addSourceLine(methodGen, sourceFile, start, end));
}
 
开发者ID:parabuild-ci,项目名称:parabuild-ci,代码行数:26,代码来源:BCPDoubleCheck.java

示例3: analyzeMethod

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
protected void analyzeMethod(ClassContext classContext, Method method)
        throws CheckedAnalysisException {
    TaintDataflow dataflow = getTaintDataFlow(classContext, method);
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    String currentMethod = getFullMethodName(classContext.getMethodGen(method));
    for (Iterator<Location> i = getLocationIterator(classContext, method); i.hasNext();) {
        Location location = i.next();
        InstructionHandle handle = location.getHandle();
        Instruction instruction = handle.getInstruction();
        if (!(instruction instanceof InvokeInstruction)) {
            continue;
        }
        InvokeInstruction invoke = (InvokeInstruction) instruction;
        TaintFrame fact = dataflow.getFactAtLocation(location);
        assert fact != null;
        if (!fact.isValid()) {
            continue;
        }
        analyzeLocation(classContext, method, handle, cpg, invoke, fact, currentMethod);
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:22,代码来源:AbstractTaintDetector.java

示例4: InjectionSink

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
/**
 * Constructs the instance and stores immutable values for reporting
 * 
 * @param detector detctor for reporting
 * @param bugType reported bug type
 * @param originalPriority original priority (without sink confirmation)
 * @param classContext class with the sink
 * @param method method with the sink
 * @param instructionHandle instruction with the sink
 * @param sinkMethod called method (sink)
 * @throws NullPointerException if any argument is null
 */
public InjectionSink(Detector detector, String bugType, int originalPriority,
        ClassContext classContext, Method method, InstructionHandle instructionHandle,
        String sinkMethod) {
    Objects.requireNonNull(detector, "detector");
    Objects.requireNonNull(bugType, "bugType");
    Objects.requireNonNull(classContext, "classContext");
    Objects.requireNonNull(method, "method");
    Objects.requireNonNull(instructionHandle, "instructionHandle");
    this.detector = detector;
    this.bugType = bugType;
    this.originalPriority = originalPriority;
    this.classContext = classContext;
    this.method = method;
    this.instructionHandle = instructionHandle;
    this.sinkMethod = (sinkMethod == null) ? "unknown" : sinkMethod;
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:29,代码来源:InjectionSink.java

示例5: hasCustomReadObject

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
/**
 * Check if the readObject is doing multiple external call beyond the basic readByte, readBoolean, etc..
 * @param m
 * @param classContext
 * @return
 * @throws CFGBuilderException
 * @throws DataflowAnalysisException
 */
private boolean hasCustomReadObject(Method m, ClassContext classContext,List<String> classesToIgnore)
        throws CFGBuilderException, DataflowAnalysisException {
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);
    int count = 0;
    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location location = i.next();
        Instruction inst = location.getHandle().getInstruction();
        //ByteCode.printOpCode(inst,cpg);
        if(inst instanceof InvokeInstruction) {
            InvokeInstruction invoke = (InvokeInstruction) inst;
            if (!READ_DESERIALIZATION_METHODS.contains(invoke.getMethodName(cpg))
                    && !classesToIgnore.contains(invoke.getClassName(cpg))) {
                count +=1;
            }
        }
    }
    return count > 3;
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:28,代码来源:DeserializationGadgetDetector.java

示例6: visitClassContext

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();
    if (OBJECT_MAPPER_CLASSES.contains(javaClass.getClassName())) {
        return;
    }
    for (Field field : javaClass.getFields()) {
        analyzeField(field, javaClass);
    }
    for (Method m : javaClass.getMethods()) {
        try {
            analyzeMethod(m, classContext);
        }
        catch (CFGBuilderException | DataflowAnalysisException e) {
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:18,代码来源:UnsafeJacksonDeserializationDetector.java

示例7: analyzeMethod

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
    MethodGen methodGen = classContext.getMethodGen(m);
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);

    if (methodGen == null || methodGen.getInstructionList() == null) {
        return; //No instruction .. nothing to do
    }
    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location location = i.next();
        Instruction inst = location.getHandle().getInstruction();
        if (inst instanceof InvokeInstruction) {
            InvokeInstruction invoke = (InvokeInstruction) inst;
            String methodName = invoke.getMethodName(cpg);
            if ("enableDefaultTyping".equals(methodName)) {
                JavaClass clz = classContext.getJavaClass();
                bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY)
                        .addClass(clz)
                        .addMethod(clz, m)
                        .addCalledMethod(cpg, invoke)
                        .addSourceLine(classContext, m, location)
                );
            }
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:UnsafeJacksonDeserializationDetector.java

示例8: visitClassContext

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
@Override
    public void visitClassContext(ClassContext classContext) {
        JavaClass javaClass = classContext.getJavaClass();
//        System.out.println(javaClass.getSuperclassName() + "###");
        if(javaClass.getSuperclassName().equals("android.webkit.WebViewClient")) {
            Method[] methodList = javaClass.getMethods();

            for (Method m : methodList) {
//                System.out.println(m.getName() + "###");
                if(m.getName().equals("onReceivedSslError")) {
                    try {
                        analyzeMethod(javaClass, m, classContext);
                    } catch (CFGBuilderException e) {
                    }
                }
            }
        }
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:19,代码来源:WebViewSslErrorDetector.java

示例9: visitClassContext

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();
    
    //The class extends WebChromeClient
    boolean isWebChromeClient = InterfaceUtils.isSubtype(javaClass, "android.webkit.WebChromeClient");
    
    //Not the target of this detector
    if (!isWebChromeClient) {
        return;
    }
    Method[] methodList = javaClass.getMethods();
    for (Method m : methodList) {
        if (DEBUG) {
            System.out.println(">>> Method: " + m.getName());
        }
        //The presence of onGeolocationPermissionsShowPrompt is not enforce for the moment
        if (!m.getName().equals("onGeolocationPermissionsShowPrompt")) {
            continue;
        }
        //Since the logic implemented need to be analyze by a human, all implementation will be flagged.
        bugReporter.reportBug(new BugInstance(this, ANDROID_GEOLOCATION_TYPE, Priorities.NORMAL_PRIORITY) //
                .addClassAndMethod(javaClass, m));
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:26,代码来源:GeolocationDetector.java

示例10: visitClassContext

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();

    //The class extends HttpServletRequestWrapper
    boolean isRequestWrapper = InterfaceUtils.isSubtype(javaClass, "javax.servlet.http.HttpServletRequestWrapper");

    //Not the target of this detector
    if (!isRequestWrapper) return;

    Method[] methodList = javaClass.getMethods();

    for (Method m : methodList) {
        if (m.getName().equals("stripXSS")) {
            bugReporter.reportBug(new BugInstance(this, XSS_REQUEST_WRAPPER_TYPE, Priorities.NORMAL_PRIORITY) //
                    .addClassAndMethod(javaClass, m));
            return;
        }
    }

}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:22,代码来源:XSSRequestWrapperDetector.java

示例11: analyzeMethod

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {

        ConstantPoolGen cpg = classContext.getConstantPoolGen();
        CFG cfg = classContext.getCFG(m);
        
        for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
            Location location = i.next();

            Instruction inst = location.getHandle().getInstruction();
            
            if (inst instanceof LDC) {
                LDC ldc = (LDC) inst;
                if (ldc != null) {
                    if("java.naming.security.authentication".equals(ldc.getValue(cpg)) &&
                       "none".equals(ByteCode.getConstantLDC(location.getHandle().getNext(), cpg, String.class))){
                        JavaClass clz = classContext.getJavaClass();
                        bugReporter.reportBug(new BugInstance(this, LDAP_ANONYMOUS, Priorities.LOW_PRIORITY) //
                        .addClass(clz)
                        .addMethod(clz, m)
                        .addSourceLine(classContext, m, location));
                        break;
                    }
                }
            }            
        }
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:AnonymousLdapDetector.java

示例12: isIllegalFinalType

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
private static boolean isIllegalFinalType(Type type, ClassContext classContext) {
    if (type instanceof ObjectType) {
        try {
            String className = ((ObjectType) type).getClassName();
            if (className.startsWith("java.")) {
                // Types in java.lang are final for security reasons.
                return false;
            }
            JavaClass cls = classContext.getAnalysisContext().lookupClass(className);
            return cls.isFinal() && !cls.isEnum();
        } catch (ClassNotFoundException e) {
            throw new RuntimeException(e);
        }
    }
    return false;
}
 
开发者ID:palantir,项目名称:antipatterns,代码行数:17,代码来源:FinalSignatureDetector.java

示例13: visitClassContext

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
public void visitClassContext(ClassContext cc) {
	JavaClass jc = cc.getJavaClass();
	
	Method[] methods = jc.getMethods();
	
	for (Method m : methods) {
		MethodGen mg = cc.getMethodGen(m);
		
		if (mg == null) {
			continue;
		}
		
		try {
			analyzeMethod(cc, m);
		} catch (Exception e) {
			// There was a problem,
			// report it. Probably
			// isn't going to
			// be a big deal.
			e.printStackTrace();
		}
	}
}
 
开发者ID:jkusner,项目名称:FindMoreBugs,代码行数:24,代码来源:CommandInjectionVulnerabilityDetector.java

示例14: visitClass

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
public void visitClass(ClassDescriptor classDescriptor) throws CheckedAnalysisException {
    IAnalysisCache analysisCache = Global.getAnalysisCache();

    JavaClass jclass = analysisCache.getClassAnalysis(JavaClass.class, classDescriptor);
    classContext = analysisCache.getClassAnalysis(ClassContext.class, classDescriptor);

    for (Method m : classContext.getMethodsInCallOrder()) {
        if (m.getCode() == null) {
            continue;
        }
        method = m;

        MethodDescriptor methodDescriptor = BCELUtil.getMethodDescriptor(jclass, method);

        // Try to get MethodGen. If we can't get one,
        // then this method should be skipped.
        MethodGen methodGen = analysisCache.getMethodAnalysis(MethodGen.class, methodDescriptor);
        if (methodGen == null) {
            continue;
        }

        CFG cfg = analysisCache.getMethodAnalysis(CFG.class, methodDescriptor);
        visitMethodCFG(methodDescriptor, cfg);
    }
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:26,代码来源:CFGDetector.java

示例15: fromVisitedInstructionRange

import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
/**
 * Factory method for creating a source line annotation describing the
 * source line numbers for a range of instructions in the method being
 * visited by the given visitor.
 *
 * @param classContext
 *            the ClassContext
 * @param visitor
 *            a BetterVisitor which is visiting the method
 * @param startPC
 *            the bytecode offset of the start instruction in the range
 * @param endPC
 *            the bytecode offset of the end instruction in the range
 * @return the SourceLineAnnotation, or null if we do not have line number
 *         information for the instruction
 */
public static @Nonnull SourceLineAnnotation fromVisitedInstructionRange(ClassContext classContext, PreorderVisitor visitor,
        int startPC, int endPC) {
    if (startPC > endPC)
        throw new IllegalArgumentException("Start pc " + startPC + " greater than end pc " + endPC);

    LineNumberTable lineNumberTable = getLineNumberTable(visitor);
    String className = visitor.getDottedClassName();
    String sourceFile = visitor.getSourceFile();

    if (lineNumberTable == null)
        return createUnknown(className, sourceFile, startPC, endPC);

    int startLine = lineNumberTable.getSourceLine(startPC);
    int endLine = lineNumberTable.getSourceLine(endPC);
    return new SourceLineAnnotation(className, sourceFile, startLine, endLine, startPC, endPC);
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:33,代码来源:SourceLineAnnotation.java


注:本文中的edu.umd.cs.findbugs.ba.ClassContext类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。