当前位置: 首页>>代码示例>>Java>>正文


Java DataflowAnalysisException类代码示例

本文整理汇总了Java中edu.umd.cs.findbugs.ba.DataflowAnalysisException的典型用法代码示例。如果您正苦于以下问题:Java DataflowAnalysisException类的具体用法?Java DataflowAnalysisException怎么用?Java DataflowAnalysisException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


DataflowAnalysisException类属于edu.umd.cs.findbugs.ba包,在下文中一共展示了DataflowAnalysisException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: match

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg,
                         ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowAnalysisException {

	Variable field;
	Instruction ins = handle.getInstruction();
	FieldInstruction fieldIns;

	// The instruction must be GETFIELD or GETSTATIC
	if (ins instanceof GETFIELD) {
		fieldIns = (GETFIELD) ins;
		ValueNumber ref = before.getTopValue();
		field = new FieldVariable(ref, fieldIns.getClassName(cpg), fieldIns.getFieldName(cpg), fieldIns.getSignature(cpg));
	} else if (ins instanceof GETSTATIC) {
		fieldIns = (GETSTATIC) ins;
		field = new FieldVariable(fieldIns.getClassName(cpg), fieldIns.getFieldName(cpg), fieldIns.getSignature(cpg));
	} else
		return null;

	Variable result = snarfFieldValue(fieldIns, cpg, after);

	return checkConsistent(field, result, bindingSet);
}
 
开发者ID:parabuild-ci,项目名称:parabuild-ci,代码行数:23,代码来源:Load.java

示例2: match

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg,
                         ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowAnalysisException {

	Instruction ins = handle.getInstruction();
	FieldInstruction fieldIns;
	Variable field;

	// The instruction must be PUTFIELD or PUTSTATIC
	if (ins instanceof PUTFIELD) {
		fieldIns = (PUTFIELD) ins;
		int numSlots = before.getNumSlots();
		ValueNumber ref = before.getValue(isLongOrDouble(fieldIns, cpg)
		        ? numSlots - 3
		        : numSlots - 2);
		field = new FieldVariable(ref, fieldIns.getClassName(cpg), fieldIns.getFieldName(cpg), fieldIns.getSignature(cpg));
	} else if (ins instanceof PUTSTATIC) {
		fieldIns = (PUTSTATIC) ins;
		field = new FieldVariable(fieldIns.getClassName(cpg), fieldIns.getFieldName(cpg), fieldIns.getSignature(cpg));
	} else
		return null;

	Variable value = snarfFieldValue(fieldIns, cpg, before);

	return checkConsistent(field, value, bindingSet);
}
 
开发者ID:parabuild-ci,项目名称:parabuild-ci,代码行数:26,代码来源:Store.java

示例3: handleStoreInstruction

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
@Override
public void handleStoreInstruction(StoreInstruction obj) {
    try {
        int numConsumed = obj.consumeStack(cpg);
        if (numConsumed == Constants.UNPREDICTABLE) {
            throw new InvalidBytecodeException("Unpredictable stack consumption");
        }
        int index = obj.getIndex();
        while (numConsumed-- > 0) {
            Taint value = new Taint(getFrame().popValue());
            value.setVariableIndex(index);
            getFrame().setValue(index++, value);
        }
    } catch (DataflowAnalysisException ex) {
        throw new InvalidBytecodeException(ex.toString(), ex);
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:18,代码来源:TaintFrameModelingVisitor.java

示例4: visitAASTORE

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
@Override
public void visitAASTORE(AASTORE obj) {
    try {
        Taint valueTaint = getFrame().popValue();
        getFrame().popValue(); // array index
        Taint arrayTaint = getFrame().popValue();
        Taint merge = Taint.merge(valueTaint, arrayTaint);
        setLocalVariableTaint(merge, arrayTaint);
        Taint stackTop = null;
        if (getFrame().getStackDepth() > 0) {
            stackTop = getFrame().getTopValue();
        }
        // varargs use duplicated values
        if (stackTop == arrayTaint) {
            getFrame().popValue();
            getFrame().pushValue(new Taint(merge));
        }
    } catch (DataflowAnalysisException ex) {
        throw new InvalidBytecodeException("Not enough values on the stack", ex);
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:22,代码来源:TaintFrameModelingVisitor.java

示例5: visitCHECKCAST

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
@Override
public void visitCHECKCAST(CHECKCAST obj) {
    // cast to a safe object type
    ObjectType objectType = obj.getLoadClassType(cpg);
    if (objectType == null) {
        return;
    }

    String objectTypeSignature = objectType.getSignature();

    if(!taintConfig.isClassTaintSafe(objectTypeSignature)) {
        return;
    }

    try {
        getFrame().popValue();
        pushSafe();
    }
    catch (DataflowAnalysisException ex) {
        throw new InvalidBytecodeException("empty stack for checkcast", ex);
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:23,代码来源:TaintFrameModelingVisitor.java

示例6: getPriorityFromTaintFrame

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
@Override
protected int getPriorityFromTaintFrame(TaintFrame fact, int offset)
        throws DataflowAnalysisException {
    Taint valueTaint = fact.getStackValue(0);
    Taint parameterTaint = fact.getStackValue(1);

    if(valueTaint.getConstantValue() == null || parameterTaint.getConstantValue() == null) {
        return Priorities.IGNORE_PRIORITY;
    }

    String parameterValue = parameterTaint.getConstantValue().toLowerCase();
    if(parameterValue.equals("java.naming.security.credentials")) {
        return Priorities.NORMAL_PRIORITY;
    }
    for (String password : PASSWORD_WORDS) {
        if (parameterValue.contains(password)) {//Is a constant value
            return Priorities.NORMAL_PRIORITY;
        }
    }
    return Priorities.IGNORE_PRIORITY;
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:22,代码来源:HardcodePasswordInMapDetector.java

示例7: getPriorityFromTaintFrame

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
@Override
protected int getPriorityFromTaintFrame(TaintFrame fact, int offset)
        throws DataflowAnalysisException {
    Taint mvcResultTaint = fact.getStackValue(offset);

    // The MVC Result object was tainted - This could still be safe if the content-type is a safe one
    if (!mvcResultTaint.isSafe()) {
        // Get the value of the content-type parameter
        Taint parameterTaint = fact.getStackValue(0);

        if ( !parameterTaint.isSafe()
                || VULNERABLE_CONTENT_TYPE.equalsIgnoreCase(parameterTaint.getConstantValue())) {
            return getPriority(mvcResultTaint);
        }
    }

    return Priorities.IGNORE_PRIORITY;
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:19,代码来源:XssMvcApiDetector.java

示例8: hasCustomReadObject

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
/**
 * Check if the readObject is doing multiple external call beyond the basic readByte, readBoolean, etc..
 * @param m
 * @param classContext
 * @return
 * @throws CFGBuilderException
 * @throws DataflowAnalysisException
 */
private boolean hasCustomReadObject(Method m, ClassContext classContext,List<String> classesToIgnore)
        throws CFGBuilderException, DataflowAnalysisException {
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);
    int count = 0;
    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location location = i.next();
        Instruction inst = location.getHandle().getInstruction();
        //ByteCode.printOpCode(inst,cpg);
        if(inst instanceof InvokeInstruction) {
            InvokeInstruction invoke = (InvokeInstruction) inst;
            if (!READ_DESERIALIZATION_METHODS.contains(invoke.getMethodName(cpg))
                    && !classesToIgnore.contains(invoke.getClassName(cpg))) {
                count +=1;
            }
        }
    }
    return count > 3;
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:28,代码来源:DeserializationGadgetDetector.java

示例9: visitClassContext

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();
    if (OBJECT_MAPPER_CLASSES.contains(javaClass.getClassName())) {
        return;
    }
    for (Field field : javaClass.getFields()) {
        analyzeField(field, javaClass);
    }
    for (Method m : javaClass.getMethods()) {
        try {
            analyzeMethod(m, classContext);
        }
        catch (CFGBuilderException | DataflowAnalysisException e) {
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:18,代码来源:UnsafeJacksonDeserializationDetector.java

示例10: analyzeMethod

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
    MethodGen methodGen = classContext.getMethodGen(m);
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);

    if (methodGen == null || methodGen.getInstructionList() == null) {
        return; //No instruction .. nothing to do
    }
    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location location = i.next();
        Instruction inst = location.getHandle().getInstruction();
        if (inst instanceof InvokeInstruction) {
            InvokeInstruction invoke = (InvokeInstruction) inst;
            String methodName = invoke.getMethodName(cpg);
            if ("enableDefaultTyping".equals(methodName)) {
                JavaClass clz = classContext.getJavaClass();
                bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY)
                        .addClass(clz)
                        .addMethod(clz, m)
                        .addCalledMethod(cpg, invoke)
                        .addSourceLine(classContext, m, location)
                );
            }
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:UnsafeJacksonDeserializationDetector.java

示例11: analyzeMethod

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {

        ConstantPoolGen cpg = classContext.getConstantPoolGen();
        CFG cfg = classContext.getCFG(m);
        
        for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
            Location location = i.next();

            Instruction inst = location.getHandle().getInstruction();
            
            if (inst instanceof LDC) {
                LDC ldc = (LDC) inst;
                if (ldc != null) {
                    if("java.naming.security.authentication".equals(ldc.getValue(cpg)) &&
                       "none".equals(ByteCode.getConstantLDC(location.getHandle().getNext(), cpg, String.class))){
                        JavaClass clz = classContext.getJavaClass();
                        bugReporter.reportBug(new BugInstance(this, LDAP_ANONYMOUS, Priorities.LOW_PRIORITY) //
                        .addClass(clz)
                        .addMethod(clz, m)
                        .addSourceLine(classContext, m, location));
                        break;
                    }
                }
            }            
        }
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:AnonymousLdapDetector.java

示例12: mergeReferenceTypes

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
@Override
protected ReferenceType mergeReferenceTypes(ReferenceType aRef, ReferenceType bRef) throws DataflowAnalysisException {
    byte aType = aRef.getType();
    byte bType = bRef.getType();

    if (isExtendedStringType(aType) || isExtendedStringType(bType)) {
        // If both types are the same extended String type,
        // then the same type is returned. Otherwise, extended
        // types are downgraded to plain java.lang.String,
        // and a standard merge is applied.
        if (aType == bType) {
            return aRef;
        }

        if (isExtendedStringType(aType)) {
            aRef = Type.STRING;
        }
        if (isExtendedStringType(bType)) {
            bRef = Type.STRING;
        }
    }

    return super.mergeReferenceTypes(aRef, bRef);
}
 
开发者ID:OpenNTF,项目名称:FindBug-for-Domino-Designer,代码行数:25,代码来源:FindRefComparison.java

示例13: newValueOnTOS

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
/**
 * Hook indicating that a new (possibly-null) value is on the top of the
 * stack.
 */
private void newValueOnTOS() {
    IsNullValueFrame frame = getFrame();
    if (frame.getStackDepth() < 1) {
        return;
    }
    int tosSlot = frame.getNumSlots() - 1;
    IsNullValue tos = frame.getValue(tosSlot);
    if (tos.isDefinitelyNull()) {
        slotContainingNewNullValue = tosSlot;
    }
    if (trackValueNumbers) {
        try {
            ValueNumberFrame vnaFrameAfter = vnaDataflow.getFactAfterLocation(getLocation());
            if (vnaFrameAfter.isValid()) {
                ValueNumber tosVN = vnaFrameAfter.getTopValue();
                getFrame().setKnownValue(tosVN, tos);
            }
        } catch (DataflowAnalysisException e) {
            AnalysisContext.logError("error", e);
        }
    }
}
 
开发者ID:OpenNTF,项目名称:FindBug-for-Domino-Designer,代码行数:27,代码来源:IsNullValueFrameModelingVisitor.java

示例14: refresh

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
@Override
public void refresh(ValueNumberFrame vnaFrame, DefinitelyNullSet definitelyNullSet) throws DataflowAnalysisException {
    valueNumber = vnaFrame.getTopValue();

    NullnessValue nullnessValue = definitelyNullSet.getNulllessValue(valueNumber);
    short opcode = getLocation().getHandle().getInstruction().getOpcode();

    if (nullnessValue.isDefinitelyNull() || nullnessValue.isDefinitelyNotNull()) {
        // Comparison is redundant.

        boolean ifcmpFeasible = nullnessValue.isDefinitelyNull() == (opcode == Constants.IFNULL);
        ifcmpDecision = new Decision(ifcmpFeasible, ifcmpFeasible ? nullnessValue.toCheckedValue() : null);

        boolean fallThroughFeasible = nullnessValue.isDefinitelyNull() != (opcode == Constants.IFNONNULL);
        fallThroughDecision = new Decision(fallThroughFeasible, fallThroughFeasible ? nullnessValue.toCheckedValue() : null);

        return;
    }

    NullnessValue definitelyNull = NullnessValue.definitelyNullValue().toCheckedValue();
    NullnessValue definitelyNotNull = NullnessValue.definitelyNotNullValue().toCheckedValue();

    // Nullness is unknown, assume both branches are feasible.
    ifcmpDecision = new Decision(true, (opcode == Constants.IFNULL) ? definitelyNull : definitelyNotNull);
    fallThroughDecision = new Decision(true, (opcode == Constants.IFNULL) ? definitelyNotNull : definitelyNull);
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:27,代码来源:IfNullCondition.java

示例15: visitDUP

import edu.umd.cs.findbugs.ba.DataflowAnalysisException; //导入依赖的package包/类
@Override
public void visitDUP(DUP obj) {
    try {
        TypeFrame frame = getFrame();
        boolean isExact = isTopOfStackExact();
        Type value = frame.popValue();
        frame.pushValue(value);
        if (isExact)
            setTopOfStackIsExact();
        frame.pushValue(value);
        if (isExact)
            setTopOfStackIsExact();
    } catch (DataflowAnalysisException e) {
        throw new InvalidBytecodeException(e.toString());
    }
}
 
开发者ID:OpenNTF,项目名称:FindBug-for-Domino-Designer,代码行数:17,代码来源:TypeFrameModelingVisitor.java


注:本文中的edu.umd.cs.findbugs.ba.DataflowAnalysisException类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。