本文整理汇总了Java中org.apache.bcel.generic.MethodGen.getConstantPool方法的典型用法代码示例。如果您正苦于以下问题:Java MethodGen.getConstantPool方法的具体用法?Java MethodGen.getConstantPool怎么用?Java MethodGen.getConstantPool使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.bcel.generic.MethodGen的用法示例。
在下文中一共展示了MethodGen.getConstantPool方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: preScreen
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
public boolean preScreen(MethodGen mg) {
ConstantPoolGen cpg = mg.getConstantPool();
int lockCount = mg.isSynchronized() ? 1 : 0;
boolean sawWaitOrNotify = false;
InstructionHandle handle = mg.getInstructionList().getStart();
while (handle != null && !(lockCount >= 2 && sawWaitOrNotify)) {
Instruction ins = handle.getInstruction();
if (ins instanceof MONITORENTER)
++lockCount;
else if (ins instanceof INVOKEVIRTUAL) {
INVOKEVIRTUAL inv = (INVOKEVIRTUAL) ins;
String methodName = inv.getMethodName(cpg);
if (methodName.equals("wait") || methodName.startsWith("notify"))
sawWaitOrNotify = true;
}
handle = handle.getNext();
}
return lockCount >= 2 && sawWaitOrNotify;
}
示例2: IsNullValueAnalysis
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
public IsNullValueAnalysis(MethodDescriptor descriptor, MethodGen methodGen, CFG cfg, ValueNumberDataflow vnaDataflow,
TypeDataflow typeDataflow, DepthFirstSearch dfs, AssertionMethods assertionMethods) {
super(dfs);
this.trackValueNumbers = AnalysisContext.currentAnalysisContext().getBoolProperty(
AnalysisFeatures.TRACK_VALUE_NUMBERS_IN_NULL_POINTER_ANALYSIS);
this.methodGen = methodGen;
this.visitor = new IsNullValueFrameModelingVisitor(methodGen.getConstantPool(), assertionMethods, vnaDataflow,
typeDataflow, trackValueNumbers);
this.vnaDataflow = vnaDataflow;
this.cfg = cfg;
this.locationWhereValueBecomesNullSet = new HashSet<LocationWhereValueBecomesNull>();
this.pointerEqualityCheck = getForPointerEqualityCheck(cfg, vnaDataflow);
if (DEBUG) {
System.out.println("IsNullValueAnalysis for " + methodGen.getClassName() + "." + methodGen.getName() + " : "
+ methodGen.getSignature());
}
}
示例3: addCalledMethod
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
/**
* Add a method annotation for the method which is called by given
* instruction.
*
* @param methodGen the method containing the call
* @param inv the InvokeInstruction
* @return this object
*/
public BugInstance addCalledMethod(MethodGen methodGen, InvokeInstruction inv) {
ConstantPoolGen cpg = methodGen.getConstantPool();
String className = inv.getClassName(cpg);
String methodName = inv.getMethodName(cpg);
String methodSig = inv.getSignature(cpg);
addMethod(className, methodName, methodSig);
describe("METHOD_CALLED");
return this;
}
示例4: TaintAnalysis
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
/**
* Constructs analysis for the given method
*
* @param methodGen method to analyze
* @param dfs DFS algorithm
* @param descriptor descriptor of the method to analyze
* @param taintConfig configured and derived taint summaries
*/
public TaintAnalysis(MethodGen methodGen, DepthFirstSearch dfs,
MethodDescriptor descriptor, TaintConfig taintConfig) {
super(dfs);
this.methodGen = methodGen;
this.methodDescriptor = (MethodInfo) descriptor;
this.visitor = new TaintFrameModelingVisitor(methodGen.getConstantPool(), descriptor, taintConfig);
computeParametersInfo(descriptor.getSignature(), descriptor.isStatic());
}
示例5: removeLocalTypeTables
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
static void removeLocalTypeTables(MethodGen mg) {
ConstantPoolGen cpg = mg.getConstantPool();
Attribute[] a = mg.getCodeAttributes();
for (int i = 0; i < a.length; i++) {
String attribName = ((ConstantUtf8) cpg.getConstant(a[i]
.getNameIndex())).getBytes();
if (attribName.equals("LocalVariableTypeTable")) {
mg.removeCodeAttribute(a[i]);
}
}
}
示例6: generateBugInstance
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
private BugInstance generateBugInstance(JavaClass javaClass, MethodGen methodGen, InstructionHandle handle,
StringAppendState stringAppendState) {
Instruction instruction = handle.getInstruction();
ConstantPoolGen cpg = methodGen.getConstantPool();
int priority = LOW_PRIORITY;
boolean sawSeriousTaint = false;
if (stringAppendState.getSawAppend(handle)) {
if (stringAppendState.getSawOpenQuote(handle) && stringAppendState.getSawCloseQuote(handle)) {
priority = HIGH_PRIORITY;
} else if (stringAppendState.getSawComma(handle)) {
priority = NORMAL_PRIORITY;
}
if (!stringAppendState.getSawUnsafeAppend(handle)) {
priority += 2;
} else if (stringAppendState.getSawSeriousTaint(handle)) {
priority--;
sawSeriousTaint = true;
} else if (!stringAppendState.getSawTaint(handle)) {
priority++;
}
}
String description = "TESTING";
if (instruction instanceof InvokeInstruction && isExecuteDatabaseSink((InvokeInstruction) instruction, cpg)) {
description = "SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE";
} else if (isPreparedStatementDatabaseSink(instruction, cpg)) {
description = "SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING";
}
BugInstance bug = new BugInstance(this, description, priority);
bug.addClassAndMethod(methodGen, javaClass.getSourceFileName());
if (description.equals("TESTING"))
bug.addString("Incomplete report invoking non-constant SQL string");
if (sawSeriousTaint)
bug.addString("non-constant SQL string involving HTTP taint");
return bug;
}
示例7: BetterCFGBuilder2
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
/**
* Constructor.
*
* @param methodGen
* the method to build a CFG for
*/
public BetterCFGBuilder2(@Nonnull MethodGen methodGen) {
this.methodGen = methodGen;
this.cpg = methodGen.getConstantPool();
this.exceptionHandlerMap = new ExceptionHandlerMap(methodGen);
this.usedInstructionSet = new BitSet();
this.jsrSubroutineMap = new IdentityHashMap<InstructionHandle, Subroutine>();
this.subroutineWorkList = new LinkedList<Subroutine>();
}
示例8: reportMatch
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
public void reportMatch(ClassContext classContext, Method method, ByteCodePatternMatch match) {
MethodGen methodGen = classContext.getMethodGen(method);
JavaClass javaClass = classContext.getJavaClass();
InstructionHandle call = match.getLabeledInstruction("call");
// Ignore inner-class access methods
InvokeInstruction inv = (InvokeInstruction) call.getInstruction();
ConstantPoolGen cp = methodGen.getConstantPool();
String calledMethodName = inv.getMethodName(cp);
if (calledMethodName.startsWith("access$")
|| calledMethodName.startsWith("access+"))
return;
/*
System.out.println("Found " + calledMethodName);
System.out.println(inv.getSignature(cp));
System.out.println(inv.getClassName(cp));
*/
String calledMethodClass = inv.getClassName(cp);
if (inv.getSignature(cp).endsWith("V") && !calledMethodName.equals("<init>"))
return;
/*
if (calledMethodClass.equals(javaClass.getClassName()))
return;
*/
String sourceFile = javaClass.getSourceFileName();
/*
System.out.println("CalledMethodClass: " + calledMethodClass);
System.out.println("CalledMethodName: " + calledMethodName);
*/
int priority = NORMAL_PRIORITY;
if (calledMethodName.equals("createNewFile"))
priority = LOW_PRIORITY;
else if (calledMethodClass.startsWith("java.lang")
|| calledMethodClass.endsWith("Error")
|| calledMethodClass.endsWith("Exception"))
priority = HIGH_PRIORITY;
/*
String calledPackage = extractPackageName(calledMethodClass);
String callingPackage = extractPackageName(javaClass.getClassName());
if (calledPackage.length() > 0
&& callingPackage.length() > 0
&& (calledPackage.startsWith(callingPackage)
|| callingPackage.startsWith(calledPackage)))
priority++;
*/
// System.out.println("priority: " + priority);
bugReporter.reportBug(new BugInstance(this, "RV_RETURN_VALUE_IGNORED",
priority)
.addClassAndMethod(methodGen, sourceFile)
.addCalledMethod(methodGen, inv)
.addSourceLine(methodGen, sourceFile, call));
}
示例9: analyzeMethod
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
private void analyzeMethod(ClassContext cc, Method m) throws CFGBuilderException, DataflowAnalysisException {
JavaClass jc = cc.getJavaClass();
MethodGen mg = cc.getMethodGen(m);
if (mg == null) {
return;
}
ConstantPoolGen cpg = mg.getConstantPool();
CFG cfg = cc.getCFG(m);
ConstantDataflow df = cc.getConstantDataflow(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location l = i.next();
Instruction ins = l.getHandle().getInstruction();
if (!(ins instanceof InvokeInstruction)) {
continue;
}
InvokeInstruction ii = (InvokeInstruction) ins;
MethodDescriptor md = new MethodDescriptor(ii, cpg);
// Skip this method if it's not on the list
if (!methodsToWatch.contains(md.toString()))
{
continue;
}
ConstantFrame cf = df.getFactAtLocation(l);
int numArgs = cf.getNumArguments(ii, cpg);
// If the function has 1 argument passed to it:
// This should always be true since the methods in the list
// only have one argument.
if (numArgs == 1) {
// Get the only constant value passed to the function
Constant val = cf.getStackValue(0);
// If the value is not a constant string
// (I know it is a String because the methodsToWatch list specifies argument type)
if (!val.isConstantString())
{
// Log and report
BugInstance bug = new BugInstance(this, "POSSIBLE_COMMAND_INJECTION", HIGH_PRIORITY);
bug.addClassAndMethod(mg, jc.getSourceFileName());
bugAccumulator.accumulateBug(bug, SourceLineAnnotation.fromVisitedInstruction(cc, mg, jc.getSourceFileName(), l.getHandle()));
}
}
}
bugAccumulator.reportAccumulatedBugs();
}
示例10: analyzeMethod
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
private void analyzeMethod(ClassContext classContext, Method method) throws CFGBuilderException, DataflowAnalysisException {
MethodGen methodGen = classContext.getMethodGen(method);
if (methodGen == null)
return;
ConstantPoolGen cpg = methodGen.getConstantPool();
CFG cfg = classContext.getCFG(method);
ValueNumberDataflow vnaDataflow = classContext.getValueNumberDataflow(method);
LockDataflow dataflow = classContext.getLockDataflow(method);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
InstructionHandle handle = location.getHandle();
Instruction ins = handle.getInstruction();
if (!(ins instanceof INVOKEVIRTUAL))
continue;
INVOKEVIRTUAL inv = (INVOKEVIRTUAL) ins;
String methodName = inv.getName(cpg);
String methodSig = inv.getSignature(cpg);
if (Hierarchy.isMonitorWait(methodName, methodSig) || Hierarchy.isMonitorNotify(methodName, methodSig)) {
int numConsumed = inv.consumeStack(cpg);
if (numConsumed == Constants.UNPREDICTABLE)
throw new DataflowAnalysisException("Unpredictable stack consumption", methodGen, handle);
ValueNumberFrame frame = vnaDataflow.getFactAtLocation(location);
if (!frame.isValid())
// Probably dead code
continue;
if (frame.getStackDepth() - numConsumed < 0)
throw new DataflowAnalysisException("Stack underflow", methodGen, handle);
ValueNumber ref = frame.getValue(frame.getNumSlots() - numConsumed);
LockSet lockSet = dataflow.getFactAtLocation(location);
int lockCount = lockSet.getLockCount(ref.getNumber());
if (lockCount == 0) {
Collection<ValueNumber> lockedValueNumbers = lockSet.getLockedValueNumbers(frame);
boolean foundMatch = false;
for (ValueNumber v : lockedValueNumbers)
if (frame.veryFuzzyMatch(ref, v)) {
foundMatch = true;
break;
}
if (!foundMatch) {
String type = methodName.equals("wait") ? "MWN_MISMATCHED_WAIT" : "MWN_MISMATCHED_NOTIFY";
String sourceFile = classContext.getJavaClass().getSourceFileName();
// Report as medium priority only if the method is
// public.
// Non-public methods may be properly locked in a
// calling context.
int priority = method.isPublic() ? NORMAL_PRIORITY : LOW_PRIORITY;
bugAccumulator.accumulateBug(
new BugInstance(this, type, priority).addClassAndMethod(methodGen, sourceFile),
SourceLineAnnotation.fromVisitedInstruction(classContext, methodGen, sourceFile, handle));
}
}
}
}
bugAccumulator.reportAccumulatedBugs();
}
示例11: analyzeMethod
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
private void analyzeMethod(ClassContext classContext, Method method) throws DataflowAnalysisException, CFGBuilderException {
JavaClass javaClass = classContext.getJavaClass();
this.method = method;
this.classContext = classContext;
MethodGen methodGen = classContext.getMethodGen(method);
if (methodGen == null)
return;
ConstantPoolGen cpg = methodGen.getConstantPool();
CFG cfg = classContext.getCFG(method);
StringAppendState stringAppendState = getStringAppendState(cfg, cpg);
ConstantDataflow dataflow = classContext.getConstantDataflow(method);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
Instruction ins = location.getHandle().getInstruction();
if (!(ins instanceof InvokeInstruction))
continue;
InvokeInstruction invoke = (InvokeInstruction) ins;
if (isDatabaseSink(invoke, cpg)) {
ConstantFrame frame = dataflow.getFactAtLocation(location);
int numArguments = frame.getNumArguments(invoke, cpg);
Constant value = frame.getStackValue(numArguments - 1);
if (!value.isConstantString()) {
// TODO: verify it's the same string represented by
// stringAppendState
// FIXME: will false positive on const/static strings
// returns by methods
Location prev = getPreviousLocation(cfg, location, true);
if (prev == null || !isSafeValue(prev, cpg)) {
BugInstance bug = generateBugInstance(javaClass, methodGen, location.getHandle(), stringAppendState);
bugAccumulator.accumulateBug(
bug,
SourceLineAnnotation.fromVisitedInstruction(classContext, methodGen,
javaClass.getSourceFileName(), location.getHandle()));
}
}
}
}
bugAccumulator.reportAccumulatedBugs();
}
示例12: ConstantAnalysis
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
public ConstantAnalysis(MethodGen methodGen, DepthFirstSearch dfs) {
super(dfs);
this.methodGen = methodGen;
this.visitor = new ConstantFrameModelingVisitor(methodGen.getConstantPool());
}
示例13: ValueNumberFrameModelingVisitor
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
/**
* Constructor.
*
* @param methodGen
* the method being analyzed
* @param factory
* factory for ValueNumbers for the method
* @param cache
* cache of input/output transformations for each instruction
* @param loadedFieldSet
* fields loaded/stored by each instruction and entire method
* @param lookupFailureCallback
* callback to use to report class lookup failures
*/
public ValueNumberFrameModelingVisitor(MethodGen methodGen, ValueNumberFactory factory, ValueNumberCache cache,
LoadedFieldSet loadedFieldSet, RepositoryLookupFailureCallback lookupFailureCallback) {
super(methodGen.getConstantPool());
this.methodGen = methodGen;
this.factory = factory;
this.cache = cache;
this.loadedFieldSet = loadedFieldSet;
this.constantValueMap = new HashMap<Object, ValueNumber>();
this.stringConstantMap = new HashMap<ValueNumber, String>();
}
示例14: TypeAnalysis
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
/**
* Constructor.
*
* @param method
* TODO
* @param methodGen
* the MethodGen whose CFG we'll be analyzing
* @param cfg
* the control flow graph
* @param dfs
* DepthFirstSearch of the method
* @param typeMerger
* object to merge types
* @param lookupFailureCallback
* lookup failure callback
* @param exceptionSetFactory
* factory for creating ExceptionSet objects
*/
public TypeAnalysis(Method method, MethodGen methodGen, CFG cfg, DepthFirstSearch dfs, TypeMerger typeMerger,
RepositoryLookupFailureCallback lookupFailureCallback, ExceptionSetFactory exceptionSetFactory) {
this(method, methodGen, cfg, dfs, typeMerger, new TypeFrameModelingVisitor(methodGen.getConstantPool(), typeMerger),
lookupFailureCallback, exceptionSetFactory);
if (TypeFrameModelingVisitor.DEBUG)
System.out.println(methodGen.getClassName() + "." + methodGen.getName() + " " + methodGen.getSignature());
}
示例15: addCalledMethod
import org.apache.bcel.generic.MethodGen; //导入方法依赖的package包/类
/**
* Add a method annotation for the method which is called by given
* instruction.
*
* @param methodGen
* the method containing the call
* @param inv
* the InvokeInstruction
* @return this object
*/
@Nonnull
public BugInstance addCalledMethod(MethodGen methodGen, InvokeInstruction inv) {
ConstantPoolGen cpg = methodGen.getConstantPool();
return addCalledMethod(cpg, inv);
}