本文整理汇总了Java中edu.umd.cs.findbugs.ba.ClassContext类的典型用法代码示例。如果您正苦于以下问题:Java ClassContext类的具体用法?Java ClassContext怎么用?Java ClassContext使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
ClassContext类属于edu.umd.cs.findbugs.ba包,在下文中一共展示了ClassContext类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: visitClassContext
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
public void visitClassContext(ClassContext classContext) {
try {
setUpAnnotation = null;
tearDownAnnotation = null;
validClass = false;
validMethod = false;
sawSetUp = false;
sawTearDown = false;
JavaClass[] superClasses = classContext.getJavaClass().getSuperClasses();
for (int i = 0; i < superClasses.length; i++) {
JavaClass sc = superClasses[i];
if (sc.getClassName().equals("junit.framework.TestCase")) {
validClass = true;
classContext.getJavaClass().accept(this);
break;
}
}
} catch (ClassNotFoundException cnfe) {
bugReporter.reportMissingClass(cnfe);
}
}
示例2: reportMatch
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
public void reportMatch(ClassContext classContext, Method method, ByteCodePatternMatch match) {
MethodGen methodGen = classContext.getMethodGen(method);
JavaClass javaClass = classContext.getJavaClass();
BindingSet bindingSet = match.getBindingSet();
// Note that the lookup of "h" cannot fail, and
// it is guaranteed to be bound to a FieldVariable.
Binding binding = bindingSet.lookup("h");
FieldVariable field = (FieldVariable) binding.getVariable();
// Ignore fields generated for accesses to Foo.class
if (field.getFieldName().startsWith("class$"))
return;
// Find start and end instructions (for reporting source lines)
InstructionHandle start = match.getLabeledInstruction("startDC");
InstructionHandle end = match.getLabeledInstruction("endDC");
String sourceFile = javaClass.getSourceFileName();
bugReporter.reportBug(new BugInstance(this, "BCPDC_DOUBLECHECK", NORMAL_PRIORITY)
.addClassAndMethod(methodGen, sourceFile)
.addField(field).describe("FIELD_ON")
.addSourceLine(methodGen, sourceFile, start, end));
}
示例3: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
protected void analyzeMethod(ClassContext classContext, Method method)
throws CheckedAnalysisException {
TaintDataflow dataflow = getTaintDataFlow(classContext, method);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
String currentMethod = getFullMethodName(classContext.getMethodGen(method));
for (Iterator<Location> i = getLocationIterator(classContext, method); i.hasNext();) {
Location location = i.next();
InstructionHandle handle = location.getHandle();
Instruction instruction = handle.getInstruction();
if (!(instruction instanceof InvokeInstruction)) {
continue;
}
InvokeInstruction invoke = (InvokeInstruction) instruction;
TaintFrame fact = dataflow.getFactAtLocation(location);
assert fact != null;
if (!fact.isValid()) {
continue;
}
analyzeLocation(classContext, method, handle, cpg, invoke, fact, currentMethod);
}
}
示例4: InjectionSink
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
/**
* Constructs the instance and stores immutable values for reporting
*
* @param detector detctor for reporting
* @param bugType reported bug type
* @param originalPriority original priority (without sink confirmation)
* @param classContext class with the sink
* @param method method with the sink
* @param instructionHandle instruction with the sink
* @param sinkMethod called method (sink)
* @throws NullPointerException if any argument is null
*/
public InjectionSink(Detector detector, String bugType, int originalPriority,
ClassContext classContext, Method method, InstructionHandle instructionHandle,
String sinkMethod) {
Objects.requireNonNull(detector, "detector");
Objects.requireNonNull(bugType, "bugType");
Objects.requireNonNull(classContext, "classContext");
Objects.requireNonNull(method, "method");
Objects.requireNonNull(instructionHandle, "instructionHandle");
this.detector = detector;
this.bugType = bugType;
this.originalPriority = originalPriority;
this.classContext = classContext;
this.method = method;
this.instructionHandle = instructionHandle;
this.sinkMethod = (sinkMethod == null) ? "unknown" : sinkMethod;
}
示例5: hasCustomReadObject
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
/**
* Check if the readObject is doing multiple external call beyond the basic readByte, readBoolean, etc..
* @param m
* @param classContext
* @return
* @throws CFGBuilderException
* @throws DataflowAnalysisException
*/
private boolean hasCustomReadObject(Method m, ClassContext classContext,List<String> classesToIgnore)
throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
int count = 0;
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
//ByteCode.printOpCode(inst,cpg);
if(inst instanceof InvokeInstruction) {
InvokeInstruction invoke = (InvokeInstruction) inst;
if (!READ_DESERIALIZATION_METHODS.contains(invoke.getMethodName(cpg))
&& !classesToIgnore.contains(invoke.getClassName(cpg))) {
count +=1;
}
}
}
return count > 3;
}
示例6: visitClassContext
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
if (OBJECT_MAPPER_CLASSES.contains(javaClass.getClassName())) {
return;
}
for (Field field : javaClass.getFields()) {
analyzeField(field, javaClass);
}
for (Method m : javaClass.getMethods()) {
try {
analyzeMethod(m, classContext);
}
catch (CFGBuilderException | DataflowAnalysisException e) {
}
}
}
示例7: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
MethodGen methodGen = classContext.getMethodGen(m);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
if (methodGen == null || methodGen.getInstructionList() == null) {
return; //No instruction .. nothing to do
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof InvokeInstruction) {
InvokeInstruction invoke = (InvokeInstruction) inst;
String methodName = invoke.getMethodName(cpg);
if ("enableDefaultTyping".equals(methodName)) {
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY)
.addClass(clz)
.addMethod(clz, m)
.addCalledMethod(cpg, invoke)
.addSourceLine(classContext, m, location)
);
}
}
}
}
示例8: visitClassContext
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
// System.out.println(javaClass.getSuperclassName() + "###");
if(javaClass.getSuperclassName().equals("android.webkit.WebViewClient")) {
Method[] methodList = javaClass.getMethods();
for (Method m : methodList) {
// System.out.println(m.getName() + "###");
if(m.getName().equals("onReceivedSslError")) {
try {
analyzeMethod(javaClass, m, classContext);
} catch (CFGBuilderException e) {
}
}
}
}
}
示例9: visitClassContext
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
//The class extends WebChromeClient
boolean isWebChromeClient = InterfaceUtils.isSubtype(javaClass, "android.webkit.WebChromeClient");
//Not the target of this detector
if (!isWebChromeClient) {
return;
}
Method[] methodList = javaClass.getMethods();
for (Method m : methodList) {
if (DEBUG) {
System.out.println(">>> Method: " + m.getName());
}
//The presence of onGeolocationPermissionsShowPrompt is not enforce for the moment
if (!m.getName().equals("onGeolocationPermissionsShowPrompt")) {
continue;
}
//Since the logic implemented need to be analyze by a human, all implementation will be flagged.
bugReporter.reportBug(new BugInstance(this, ANDROID_GEOLOCATION_TYPE, Priorities.NORMAL_PRIORITY) //
.addClassAndMethod(javaClass, m));
}
}
示例10: visitClassContext
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
//The class extends HttpServletRequestWrapper
boolean isRequestWrapper = InterfaceUtils.isSubtype(javaClass, "javax.servlet.http.HttpServletRequestWrapper");
//Not the target of this detector
if (!isRequestWrapper) return;
Method[] methodList = javaClass.getMethods();
for (Method m : methodList) {
if (m.getName().equals("stripXSS")) {
bugReporter.reportBug(new BugInstance(this, XSS_REQUEST_WRAPPER_TYPE, Priorities.NORMAL_PRIORITY) //
.addClassAndMethod(javaClass, m));
return;
}
}
}
示例11: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof LDC) {
LDC ldc = (LDC) inst;
if (ldc != null) {
if("java.naming.security.authentication".equals(ldc.getValue(cpg)) &&
"none".equals(ByteCode.getConstantLDC(location.getHandle().getNext(), cpg, String.class))){
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, LDAP_ANONYMOUS, Priorities.LOW_PRIORITY) //
.addClass(clz)
.addMethod(clz, m)
.addSourceLine(classContext, m, location));
break;
}
}
}
}
}
示例12: isIllegalFinalType
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
private static boolean isIllegalFinalType(Type type, ClassContext classContext) {
if (type instanceof ObjectType) {
try {
String className = ((ObjectType) type).getClassName();
if (className.startsWith("java.")) {
// Types in java.lang are final for security reasons.
return false;
}
JavaClass cls = classContext.getAnalysisContext().lookupClass(className);
return cls.isFinal() && !cls.isEnum();
} catch (ClassNotFoundException e) {
throw new RuntimeException(e);
}
}
return false;
}
示例13: visitClassContext
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
public void visitClassContext(ClassContext cc) {
JavaClass jc = cc.getJavaClass();
Method[] methods = jc.getMethods();
for (Method m : methods) {
MethodGen mg = cc.getMethodGen(m);
if (mg == null) {
continue;
}
try {
analyzeMethod(cc, m);
} catch (Exception e) {
// There was a problem,
// report it. Probably
// isn't going to
// be a big deal.
e.printStackTrace();
}
}
}
示例14: visitClass
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
public void visitClass(ClassDescriptor classDescriptor) throws CheckedAnalysisException {
IAnalysisCache analysisCache = Global.getAnalysisCache();
JavaClass jclass = analysisCache.getClassAnalysis(JavaClass.class, classDescriptor);
classContext = analysisCache.getClassAnalysis(ClassContext.class, classDescriptor);
for (Method m : classContext.getMethodsInCallOrder()) {
if (m.getCode() == null) {
continue;
}
method = m;
MethodDescriptor methodDescriptor = BCELUtil.getMethodDescriptor(jclass, method);
// Try to get MethodGen. If we can't get one,
// then this method should be skipped.
MethodGen methodGen = analysisCache.getMethodAnalysis(MethodGen.class, methodDescriptor);
if (methodGen == null) {
continue;
}
CFG cfg = analysisCache.getMethodAnalysis(CFG.class, methodDescriptor);
visitMethodCFG(methodDescriptor, cfg);
}
}
示例15: fromVisitedInstructionRange
import edu.umd.cs.findbugs.ba.ClassContext; //导入依赖的package包/类
/**
* Factory method for creating a source line annotation describing the
* source line numbers for a range of instructions in the method being
* visited by the given visitor.
*
* @param classContext
* the ClassContext
* @param visitor
* a BetterVisitor which is visiting the method
* @param startPC
* the bytecode offset of the start instruction in the range
* @param endPC
* the bytecode offset of the end instruction in the range
* @return the SourceLineAnnotation, or null if we do not have line number
* information for the instruction
*/
public static @Nonnull SourceLineAnnotation fromVisitedInstructionRange(ClassContext classContext, PreorderVisitor visitor,
int startPC, int endPC) {
if (startPC > endPC)
throw new IllegalArgumentException("Start pc " + startPC + " greater than end pc " + endPC);
LineNumberTable lineNumberTable = getLineNumberTable(visitor);
String className = visitor.getDottedClassName();
String sourceFile = visitor.getSourceFile();
if (lineNumberTable == null)
return createUnknown(className, sourceFile, startPC, endPC);
int startLine = lineNumberTable.getSourceLine(startPC);
int endLine = lineNumberTable.getSourceLine(endPC);
return new SourceLineAnnotation(className, sourceFile, startLine, endLine, startPC, endPC);
}