本文整理汇总了Java中edu.umd.cs.findbugs.ba.ClassContext.getConstantPoolGen方法的典型用法代码示例。如果您正苦于以下问题:Java ClassContext.getConstantPoolGen方法的具体用法?Java ClassContext.getConstantPoolGen怎么用?Java ClassContext.getConstantPoolGen使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类edu.umd.cs.findbugs.ba.ClassContext的用法示例。
在下文中一共展示了ClassContext.getConstantPoolGen方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: hasCustomReadObject
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
/**
* Check if the readObject is doing multiple external call beyond the basic readByte, readBoolean, etc..
* @param m
* @param classContext
* @return
* @throws CFGBuilderException
* @throws DataflowAnalysisException
*/
private boolean hasCustomReadObject(Method m, ClassContext classContext,List<String> classesToIgnore)
throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
int count = 0;
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
//ByteCode.printOpCode(inst,cpg);
if(inst instanceof InvokeInstruction) {
InvokeInstruction invoke = (InvokeInstruction) inst;
if (!READ_DESERIALIZATION_METHODS.contains(invoke.getMethodName(cpg))
&& !classesToIgnore.contains(invoke.getClassName(cpg))) {
count +=1;
}
}
}
return count > 3;
}
示例2: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
MethodGen methodGen = classContext.getMethodGen(m);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
if (methodGen == null || methodGen.getInstructionList() == null) {
return; //No instruction .. nothing to do
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof InvokeInstruction) {
InvokeInstruction invoke = (InvokeInstruction) inst;
String methodName = invoke.getMethodName(cpg);
if ("enableDefaultTyping".equals(methodName)) {
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY)
.addClass(clz)
.addMethod(clz, m)
.addCalledMethod(cpg, invoke)
.addSourceLine(classContext, m, location)
);
}
}
}
}
示例3: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof LDC) {
LDC ldc = (LDC) inst;
if (ldc != null) {
if("java.naming.security.authentication".equals(ldc.getValue(cpg)) &&
"none".equals(ByteCode.getConstantLDC(location.getHandle().getNext(), cpg, String.class))){
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, LDAP_ANONYMOUS, Priorities.LOW_PRIORITY) //
.addClass(clz)
.addMethod(clz, m)
.addSourceLine(classContext, m, location));
break;
}
}
}
}
}
示例4: buildResourceCollection
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private ResourceCollection<Resource> buildResourceCollection(ClassContext classContext, Method method,
ResourceTrackerType resourceTracker) throws CFGBuilderException, DataflowAnalysisException {
ResourceCollection<Resource> resourceCollection = new ResourceCollection<Resource>();
CFG cfg = classContext.getCFG(method);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
Resource resource = resourceTracker.isResourceCreation(location.getBasicBlock(), location.getHandle(), cpg);
if (resource != null)
resourceCollection.addCreatedResource(location, resource);
}
return resourceCollection;
}
示例5: PatternMatcher
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
/**
* Constructor.
*
* @param pattern
* the ByteCodePattern to look for examples of
* @param classContext
* ClassContext for the class to analyze
* @param method
* the Method to analyze
*/
public PatternMatcher(ByteCodePattern pattern, ClassContext classContext, Method method) throws CFGBuilderException,
DataflowAnalysisException {
this.pattern = pattern;
this.cfg = classContext.getCFG(method);
this.cpg = classContext.getConstantPoolGen();
this.dfs = classContext.getDepthFirstSearch(method);
this.vnaDataflow = classContext.getValueNumberDataflow(method);
this.domAnalysis = classContext.getNonExceptionDominatorsAnalysis(method);
this.workList = new LinkedList<BasicBlock>();
this.visitedBlockMap = new IdentityHashMap<BasicBlock, BasicBlock>();
this.resultList = new LinkedList<ByteCodePatternMatch>();
}
示例6: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException{
JavaClass clazz = classContext.getJavaClass();
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location loc = i.next();
Instruction inst = loc.getHandle().getInstruction();
if (inst instanceof INVOKEVIRTUAL) {
INVOKEVIRTUAL invoke = (INVOKEVIRTUAL)inst;
if( "java.lang.StringBuilder".equals(invoke.getClassName(cpg)) && "append".equals(invoke.getMethodName(cpg))) {
Instruction prev = loc.getHandle().getPrev().getInstruction();
if (prev instanceof LDC) {
LDC ldc = (LDC)prev;
Object value = ldc.getValue(cpg);
if (value instanceof String) {
String v = (String)value;
if ("redirect:".equals(v)) {
BugInstance bug = new BugInstance(this, SPRING_UNVALIDATED_REDIRECT_TYPE, Priorities.NORMAL_PRIORITY);
bug.addClass(clazz).addMethod(clazz,m).addSourceLine(classContext,m,loc);
reporter.reportBug(bug);
}
}
}
}
}
}
}
示例7: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof INVOKEINTERFACE) {
INVOKEINTERFACE invoke = (INVOKEINTERFACE) inst;
String methodName = invoke.getMethodName(cpg);
String className = invoke.getClassName(cpg);
if (className.equals("javax.servlet.http.HttpServletResponse") &&
(methodName.equals("addHeader") || methodName.equals("setHeader"))) {
LDC ldc = ByteCode.getPrevInstruction(location.getHandle().getPrev(), LDC.class);
if (ldc != null) {
String headerValue = ByteCode.getConstantLDC(location.getHandle().getPrev(), cpg, String.class);
if ("Access-Control-Allow-Origin".equalsIgnoreCase((String)ldc.getValue(cpg)) &&
(headerValue.contains("*") || "null".equalsIgnoreCase(headerValue))) {
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, PERMISSIVE_CORS, Priorities.HIGH_PRIORITY)
.addClass(clz)
.addMethod(clz, m)
.addSourceLine(classContext, m, location));
}
}
}
}
}
}
示例8: allow_All_Hostname_Verify
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private void allow_All_Hostname_Verify(ClassContext classContext, JavaClass javaClass, Method m){
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = null;
try {
cfg = classContext.getCFG(m);
} catch (CFGBuilderException e) {
e.printStackTrace();
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location loc = i.next();
//ByteCode.printOpCode(loc.getHandle().getInstruction(), cpg);
Instruction inst = loc.getHandle().getInstruction();
if (inst instanceof GETSTATIC) {
GETSTATIC invoke = (GETSTATIC) inst;
// System.out.println(invoke.getClassName(cpg));
// System.out.println(invoke.getName(cpg));
// System.out.println(invoke.getSignature(cpg));
// if("org.apache.http.conn.ssl.SSLSocketFactory".equals(invoke.getClassName(cpg)) &&
// "Lorg/apache/http/conn/ssl/X509HostnameVerifier;".equals(invoke.getSignature(cpg)) &&
// "ALLOW_ALL_HOSTNAME_VERIFIER".equals(invoke.getName(cpg))){
if("ALLOW_ALL_HOSTNAME_VERIFIER".equals(invoke.getName(cpg))){
bugReporter.reportBug(new BugInstance(this, WEAK_HOSTNAME_VERIFIER_TYPE, Priorities.NORMAL_PRIORITY)
.addClassAndMethod(javaClass, m));
}
}
}
}
示例9: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException
{
MethodGen methodGen = classContext.getMethodGen(m);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
if (methodGen == null || methodGen.getInstructionList() == null) {
return; //No instruction .. nothing to do
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
//
if (inst instanceof InvokeInstruction) {
// System.out.println(inst.getName());
InvokeInstruction invoke = (InvokeInstruction) inst;
String className = invoke.getClassName(cpg);
if ("java.io.ObjectInputStream".equals(className) || className.contains("InputStream") || InterfaceUtils.isSubtype(className, "java.io.ObjectInputStream")) {
String methodName = invoke.getMethodName(cpg);
if (OBJECT_INPUTSTREAM_READ_METHODS.contains(methodName)) {
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, OBJECT_DESERIALIZATION_TYPE, HIGH_PRIORITY) //
.addClass(clz).addMethod(clz, m).addSourceLine(classContext,m,location));
}
}
}
}
}
示例10: get_line_location
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private Map<String, List<Location>> get_line_location(Method m, ClassContext classContext){
HashMap<String, List<Location>> all_line_location = new HashMap<>();
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = null;
try {
cfg = classContext.getCFG(m);
} catch (CFGBuilderException e) {
e.printStackTrace();
return all_line_location;
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location loc = i.next();
Instruction inst = loc.getHandle().getInstruction();
if(inst instanceof INVOKEVIRTUAL) {
INVOKEVIRTUAL invoke = (INVOKEVIRTUAL) inst;
// if (classname.equals(invoke.getClassName(cpg)) &&
// methodName.equals(invoke.getMethodName(cpg))) {
if(all_line_location.containsKey(invoke.getMethodName(cpg))){
all_line_location.get(invoke.getMethodName(cpg)).add(loc);
}else {
LinkedList<Location> loc_list = new LinkedList<>();
loc_list.add(loc);
all_line_location.put(invoke.getMethodName(cpg), loc_list);
}
// }
}
}
return all_line_location;
}
示例11: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private void analyzeMethod(JavaClass javaClass, Method m, ClassContext classContext) throws CFGBuilderException {
MethodGen methodGen = classContext.getMethodGen(m);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
if (methodGen == null || methodGen.getInstructionList() == null) {
bugReporter.reportBug(new BugInstance(this, WEBVIEW_RECEIVE_SSL_ERROR_TYPE, HIGH_PRIORITY)
.addClass(javaClass)
.addMethod(javaClass, m)
);
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof INVOKEVIRTUAL) {
INVOKEVIRTUAL invoke = (INVOKEVIRTUAL) inst;
String methodName = invoke.getMethodName(cpg);
if ("proceed".equals(methodName)) {
bugReporter.reportBug(new BugInstance(this, WEBVIEW_RECEIVE_SSL_ERROR_TYPE, HIGH_PRIORITY)
.addClass(javaClass)
.addMethod(javaClass, m)
.addCalledMethod(cpg, invoke)
.addSourceLine(classContext, m, location)
);
}
break;
}
}
}
示例12: shouldAnalyzeClass
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
@Override
public boolean shouldAnalyzeClass(ClassContext classContext) {
ConstantPoolGen constantPoolGen = classContext.getConstantPoolGen();
for (String requiredClass : REQUIRED_CLASSES) {
if (constantPoolGen.lookupUtf8(requiredClass) != -1) {
String className = classContext.getClassDescriptor().getDottedClassName();
return !InterfaceUtils.isSubtype(className, XssJspDetector.JSP_PARENT_CLASSES);
}
}
return false;
}
示例13: mightCloseResource
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private boolean mightCloseResource(ClassContext classContext, Method method, ResourceTrackerType resourceTracker)
throws CFGBuilderException, DataflowAnalysisException {
CFG cfg = classContext.getCFG(method);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
if (resourceTracker.mightCloseResource(location.getBasicBlock(), location.getHandle(), cpg))
return true;
}
return false;
}
示例14: analyzeMethod
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
//Bytecode representation of the TransformTag instantiation
// XslTransformJspDetector: [0035] ldc "${param.xml}"
// XslTransformJspDetector: [0037] ldc java/lang/Object
// XslTransformJspDetector: [0039] aload_1
// XslTransformJspDetector: [0040] aconst_null
// XslTransformJspDetector: [0041] invokestatic org/apache/jasper/runtime/PageContextImpl.evaluateExpression (Ljava/lang/String;Ljava/lang/Class;Ljavax/servlet/jsp/PageContext;Lorg/apache/jasper/runtime/ProtectedFunctionMapper;)Ljava/lang/Object;
// XslTransformJspDetector: [0044] invokevirtual org/apache/taglibs/standard/tag/rt/xml/TransformTag.setXml (Ljava/lang/Object;)V
// XslTransformJspDetector: [0047] aload 4
// XslTransformJspDetector: [0049] ldc "${param.xslt}"
// XslTransformJspDetector: [0051] ldc java/lang/Object
// XslTransformJspDetector: [0053] aload_1
// XslTransformJspDetector: [0054] aconst_null
// XslTransformJspDetector: [0055] invokestatic org/apache/jasper/runtime/PageContextImpl.evaluateExpression (Ljava/lang/String;Ljava/lang/Class;Ljavax/servlet/jsp/PageContext;Lorg/apache/jasper/runtime/ProtectedFunctionMapper;)Ljava/lang/Object;
// XslTransformJspDetector: [0058] invokevirtual org/apache/taglibs/standard/tag/rt/xml/TransformTag.setXslt (Ljava/lang/Object;)V
// XslTransformJspDetector: [0061] aload 4
// XslTransformJspDetector: [0063] invokevirtual org/apache/taglibs/standard/tag/rt/xml/TransformTag.doStartTag ()I
// XslTransformJspDetector: [0066] istore
// XslTransformJspDetector: [0068] aload 4
// XslTransformJspDetector: [0070] invokevirtual org/apache/taglibs/standard/tag/rt/xml/TransformTag.doEndTag ()I
//Conditions that needs to fill to identify the vulnerability
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
//ByteCode.printOpCode(inst,cpg);
if (TRANSFORM_TAG_XSLT.matches(inst,cpg)) {
String value = ByteCode.getConstantLDC(location.getHandle().getPrev(),cpg,String.class);
if (value == null) {
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, JSP_XSLT, Priorities.HIGH_PRIORITY) //
.addClass(clz)
.addMethod(clz, m)
.addSourceLine(classContext, m, location));
}
}
}
}
示例15: sawOpcode
import edu.umd.cs.findbugs.ba.ClassContext; //导入方法依赖的package包/类
@Override
public void sawOpcode(int seen) {
if (seen != Constants.INVOKEVIRTUAL) {
return;
}
String fullClassName = getClassConstantOperand();
String method = getNameConstantOperand();
//The method call is doing XML parsing (see class javadoc)
if (fullClassName.equals("javax/xml/stream/XMLInputFactory") &&
method.equals("createXMLStreamReader")) {
ClassContext classCtx = getClassContext();
ConstantPoolGen cpg = classCtx.getConstantPoolGen();
CFG cfg;
try {
cfg = classCtx.getCFG(getMethod());
} catch (CFGBuilderException e) {
AnalysisContext.logError("Cannot get CFG", e);
return;
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
//DTD disallow
//XMLInputFactory.setProperty
if (inst instanceof org.apache.bcel.generic.INVOKEVIRTUAL) {
InvokeInstruction invoke = (InvokeInstruction) inst;
if ("setProperty".equals(invoke.getMethodName(cpg))) {
org.apache.bcel.generic.LDC loadConst = ByteCode.getPrevInstruction(location.getHandle(), LDC.class);
if (loadConst != null) {
if (PROPERTY_SUPPORT_DTD.equals(loadConst.getValue(cpg)) || PROPERTY_IS_SUPPORTING_EXTERNAL_ENTITIES.equals(loadConst.getValue(cpg))){
InstructionHandle prev1 = location.getHandle().getPrev();
InstructionHandle prev2 = prev1.getPrev();
//Case where the boolean is wrapped like : Boolean.valueOf(true) : 2 instructions
if (invokeInstruction().atClass("java.lang.Boolean").atMethod("valueOf").matches(prev1.getInstruction(),cpg)) {
if (prev2.getInstruction() instanceof ICONST) {
Integer valueWrapped = ByteCode.getConstantInt(prev2);
if (valueWrapped != null && valueWrapped.equals(0)) { //Value is false
return; //Safe feature is disable
}
}
}
//Case where the boolean is declared as : Boolean.FALSE
else if (prev1.getInstruction() instanceof org.apache.bcel.generic.GETSTATIC) {
org.apache.bcel.generic.GETSTATIC getstatic = (org.apache.bcel.generic.GETSTATIC) prev1.getInstruction();
if (getstatic.getClassType(cpg).getClassName().equals("java.lang.Boolean") &&
getstatic.getFieldName(cpg).equals("FALSE")) {
return;
}
}
}
}
}
}
}
//Raise a bug
bugReporter.reportBug(new BugInstance(this, XXE_XMLSTREAMREADER_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}