Example 1 with Item
use of edu.umd.cs.findbugs.OpcodeStack.Item in project fb-contrib by mebigfatguy.
the class LoggerOddities method getLoggingClassNameFromStackValue.
@Nullable
private String getLoggingClassNameFromStackValue() {
if (stack.getStackDepth() > 0) {
OpcodeStack.Item item = stack.getStackItem(0);
LOUserValue<String> uv = (LOUserValue<String>) item.getUserValue();
if ((uv != null) && (uv.getType() == LOUserValue.LOType.CLASS_NAME)) {
return uv.getValue();
}
}
return null;
}
Also used :
Item(edu.umd.cs.findbugs.OpcodeStack.Item)
OpcodeStack(edu.umd.cs.findbugs.OpcodeStack)
ToString(com.mebigfatguy.fbcontrib.utils.ToString)
Nullable(javax.annotation.Nullable)
Example 2 with Item
use of edu.umd.cs.findbugs.OpcodeStack.Item in project fb-contrib by mebigfatguy.
the class LoggerOddities method lookForSuspectClasses.
/**
* looks for instantiation of a logger with what looks like a class name that isn't the same as the class in which it exists. There are some cases where a
* 'classname-like' string is presented purposely different than this class, and an attempt is made to ignore those.
*/
@SuppressWarnings("unchecked")
private void lookForSuspectClasses() {
String callingClsName = getClassConstantOperand();
String mthName = getNameConstantOperand();
String loggingClassName = null;
int loggingPriority = NORMAL_PRIORITY;
if ("org/slf4j/LoggerFactory".equals(callingClsName) && "getLogger".equals(mthName)) {
String signature = getSigConstantOperand();
if (SIG_CLASS_TO_SLF4J_LOGGER.equals(signature)) {
loggingClassName = getLoggingClassNameFromStackValue();
} else if (SIG_STRING_TO_SLF4J_LOGGER.equals(signature) && (stack.getStackDepth() > 0)) {
OpcodeStack.Item item = stack.getStackItem(0);
loggingClassName = (String) item.getConstant();
loggingPriority = LOW_PRIORITY;
}
} else if ((LOG4J_LOGGER.equals(callingClsName) || LOG4J2_LOGMANAGER.equals(callingClsName)) && "getLogger".equals(mthName)) {
String signature = getSigConstantOperand();
if (SIG_CLASS_TO_LOG4J_LOGGER.equals(signature) || SIG_CLASS_TO_LOG4J2_LOGGER.equals(signature)) {
loggingClassName = getLoggingClassNameFromStackValue();
} else if (SIG_STRING_TO_LOG4J_LOGGER.equals(signature) || SIG_STRING_TO_LOG4J2_LOGGER.equals(signature)) {
if (stack.getStackDepth() > 0) {
OpcodeStack.Item item = stack.getStackItem(0);
loggingClassName = (String) item.getConstant();
LOUserValue<String> uv = (LOUserValue<String>) item.getUserValue();
if (uv != null) {
Object userValue = uv.getValue();
if (loggingClassName != null) {
// first look at the constant passed in
loggingPriority = LOW_PRIORITY;
} else if (userValue instanceof String) {
// try the user value, which may have been set by a call
// to Foo.class.getName()
loggingClassName = (String) userValue;
}
} else {
return;
}
}
} else if (SIG_STRING_AND_FACTORY_TO_LOG4J_LOGGER.equals(signature) && (stack.getStackDepth() > 1)) {
OpcodeStack.Item item = stack.getStackItem(1);
loggingClassName = (String) item.getConstant();
loggingPriority = LOW_PRIORITY;
}
} else if ("org/apache/commons/logging/LogFactory".equals(callingClsName) && "getLog".equals(mthName)) {
String signature = getSigConstantOperand();
if (SIG_CLASS_TO_COMMONS_LOGGER.equals(signature)) {
loggingClassName = getLoggingClassNameFromStackValue();
} else if (SIG_STRING_TO_COMMONS_LOGGER.equals(signature) && (stack.getStackDepth() > 0)) {
OpcodeStack.Item item = stack.getStackItem(0);
loggingClassName = (String) item.getConstant();
loggingPriority = LOW_PRIORITY;
}
}
if (loggingClassName != null) {
loggingClassName = loggingClassName.replace('/', '.');
if ((stack.getStackDepth() > 0) && !loggingClassName.equals(SignatureUtils.getNonAnonymousPortion(nameOfThisClass))) {
bugReporter.reportBug(new BugInstance(this, BugType.LO_SUSPECT_LOG_CLASS.name(), loggingPriority).addClass(this).addMethod(this).addSourceLine(this).addString(loggingClassName).addString(nameOfThisClass));
}
}
}
Also used :
Item(edu.umd.cs.findbugs.OpcodeStack.Item)
Item(edu.umd.cs.findbugs.OpcodeStack.Item)
OpcodeStack(edu.umd.cs.findbugs.OpcodeStack)
BugInstance(edu.umd.cs.findbugs.BugInstance)
ToString(com.mebigfatguy.fbcontrib.utils.ToString)
Example 3 with Item
use of edu.umd.cs.findbugs.OpcodeStack.Item in project fb-contrib by mebigfatguy.
the class LoggerOddities method hasExceptionOnStack.
/**
* returns whether an exception object is on the stack slf4j will find this, and not include it in the parm list so i we find one, just don't report
*
* @return whether or not an exception i present
*/
@SuppressWarnings("unchecked")
private boolean hasExceptionOnStack() {
try {
for (int i = 0; i < (stack.getStackDepth() - 1); i++) {
OpcodeStack.Item item = stack.getStackItem(i);
String sig = item.getSignature();
if (sig.startsWith(Values.SIG_QUALIFIED_CLASS_PREFIX)) {
String name = SignatureUtils.stripSignature(sig);
JavaClass cls = Repository.lookupClass(name);
if (cls.instanceOf(throwableClass)) {
return true;
}
} else if (sig.startsWith(Values.SIG_ARRAY_PREFIX)) {
LOUserValue<Integer> uv = (LOUserValue<Integer>) item.getUserValue();
if ((uv != null) && (uv.getType() == LOUserValue.LOType.ARRAY_SIZE)) {
Integer sz = uv.getValue();
if ((sz != null) && (sz.intValue() < 0)) {
return true;
}
}
}
}
return false;
} catch (ClassNotFoundException cnfe) {
bugReporter.reportMissingClass(cnfe);
return true;
}
}
Also used :
Item(edu.umd.cs.findbugs.OpcodeStack.Item)
OpcodeStack(edu.umd.cs.findbugs.OpcodeStack)
JavaClass(org.apache.bcel.classfile.JavaClass)
ToString(com.mebigfatguy.fbcontrib.utils.ToString)
Example 4 with Item
use of edu.umd.cs.findbugs.OpcodeStack.Item in project fb-contrib by mebigfatguy.
the class CommonsStringBuilderToString method sawOpcode.
@Override
public void sawOpcode(int seen) {
switch(seen) {
case Const.ALOAD:
case Const.ALOAD_0:
case Const.ALOAD_1:
case Const.ALOAD_2:
case Const.ALOAD_3:
LocalVariable lv = getMethod().getLocalVariableTable().getLocalVariable(RegisterUtils.getALoadReg(this, seen), getNextPC());
if (lv != null) {
String signature = lv.getSignature();
if (isToStringBuilder(signature)) {
Integer loadReg = Integer.valueOf(getRegisterOperand());
Boolean appendInvoked = registerTracker.get(loadReg);
if (appendInvoked != null) {
stackTracker.add(new StringBuilderInvokedStatus(loadReg.intValue(), appendInvoked.booleanValue()));
}
}
}
break;
case Const.ASTORE:
case Const.ASTORE_0:
case Const.ASTORE_1:
case Const.ASTORE_2:
case Const.ASTORE_3:
Item si = stack.getStackItem(0);
String signature = si.getSignature();
if (isToStringBuilder(signature)) {
int storeReg = getRegisterOperand();
StringBuilderInvokedStatus p = stackTracker.pop();
registerTracker.put(Integer.valueOf(storeReg), p.register == -1 ? Boolean.FALSE : registerTracker.get(Integer.valueOf(p.register)));
}
break;
case Const.POP:
si = stack.getStackItem(0);
signature = si.getSignature();
if (isToStringBuilder(signature) && !stackTracker.isEmpty()) {
StringBuilderInvokedStatus p = stackTracker.pop();
registerTracker.put(Integer.valueOf(p.register), Boolean.valueOf(p.appendInvoked));
}
break;
case Const.INVOKESPECIAL:
case Const.INVOKEVIRTUAL:
String loadClassName = getClassConstantOperand();
String calledMethodName = getNameConstantOperand();
if ("org/apache/commons/lang3/builder/ToStringBuilder".equals(loadClassName) || "org/apache/commons/lang/builder/ToStringBuilder".equals(loadClassName)) {
String calledMethodSig = getSigConstantOperand();
if (Values.CONSTRUCTOR.equals(calledMethodName) && TOSTRINGBUILDER_CTOR_SIGS.contains(calledMethodSig)) {
stackTracker.add(new StringBuilderInvokedStatus(-1, false));
} else if ("append".equals(calledMethodName)) {
StringBuilderInvokedStatus p = stackTracker.pop();
stackTracker.add(new StringBuilderInvokedStatus(p.register, true));
} else if (Values.TOSTRING.equals(calledMethodName) && SignatureBuilder.SIG_VOID_TO_STRING.equals(calledMethodSig)) {
StringBuilderInvokedStatus p = stackTracker.pop();
if (!p.appendInvoked) {
bugReporter.reportBug(new BugInstance(this, "CSBTS_COMMONS_STRING_BUILDER_TOSTRING", HIGH_PRIORITY).addClass(this).addMethod(this).addSourceLine(this));
}
}
}
break;
default:
break;
}
}
Also used :
Item(edu.umd.cs.findbugs.OpcodeStack.Item)
LocalVariable(org.apache.bcel.classfile.LocalVariable)
BugInstance(edu.umd.cs.findbugs.BugInstance)
ToString(com.mebigfatguy.fbcontrib.utils.ToString)
Example 5 with Item
use of edu.umd.cs.findbugs.OpcodeStack.Item in project wcomponents by BorderTech.
the class CheckGetComponentModel method sawOpcode.
/**
* {@inheritDoc}
*/
@Override
public void sawOpcode(final int seen) {
String methodName = getMethodName();
boolean setter = methodName.startsWith("set");
boolean getter = methodName.startsWith("get");
String bug = null;
int priority = NORMAL_PRIORITY;
switch(seen) {
case INVOKEVIRTUAL:
{
if (util.isWComponent(getClassConstantOperand())) {
// We don't check the specific return type as the code wouldn't have compiled if it's not a ComponentModel.
if (setter && "getComponentModel".equals(getNameConstantOperand()) && getSigConstantOperand().startsWith("()L")) {
// Suspicious to call getComponentModel in a setter,
// but will not necessarily lead to application errors.
bug = "WCGETM_INCORRECT_USE_OF_GETCOMPONENTMODEL";
} else if (getter && !"getOrCreateComponentModel".equals(methodName) && "getOrCreateComponentModel".equals(getNameConstantOperand()) && getSigConstantOperand().startsWith("()L")) {
// Suspicious to call getOrCreateComponentModel in a getter,
// but will not necessarily lead to application errors.
bug = "WCGETM_INCORRECT_USE_OF_GETORCREATECOMPONENTMODEL";
}
} else if (util.isComponentModel(getClassConstantOperand()) && getNameConstantOperand().startsWith("set")) {
// TODO: this may not work if there are any double or long args.
Item model = stack.getStackItem(getNumberMethodArguments());
XMethod from = model.getReturnValueOf();
if (from != null && "getComponentModel".equals(from.getName()) && from.getSignature().startsWith("()L") && util.isWComponent(from.getClassName())) {
bug = "WCGETM_INCORRECT_USE_OF_GETCOMPONENTMODEL";
priority = HIGH_PRIORITY;
}
}
break;
}
case PUTFIELD:
{
if (util.isComponentModel(getClassConstantOperand())) {
Item model = stack.getStackItem(1);
XMethod from = model.getReturnValueOf();
if (from != null && "getComponentModel".equals(from.getName()) && from.getSignature().startsWith("()L") && util.isWComponent(from.getClassName())) {
bug = "WCGETM_INCORRECT_USE_OF_GETCOMPONENTMODEL";
priority = HIGH_PRIORITY;
}
}
}
}
if (bug != null) {
util.getBugReporter().reportBug(new BugInstance(this, bug, priority).addClass(this).addMethod(MethodAnnotation.fromVisitedMethod(this)).addSourceLine(this, getPC()));
}
}
Also used :
Item(edu.umd.cs.findbugs.OpcodeStack.Item)
XMethod(edu.umd.cs.findbugs.ba.XMethod)
BugInstance(edu.umd.cs.findbugs.BugInstance)
Aggregations
Item (edu.umd.cs.findbugs.OpcodeStack.Item)8
ToString (com.mebigfatguy.fbcontrib.utils.ToString)6
OpcodeStack (edu.umd.cs.findbugs.OpcodeStack)6
BugInstance (edu.umd.cs.findbugs.BugInstance)5
XMethod (edu.umd.cs.findbugs.ba.XMethod)2
JavaClass (org.apache.bcel.classfile.JavaClass)2
Matcher (java.util.regex.Matcher)1
Nullable (javax.annotation.Nullable)1
Constant (org.apache.bcel.classfile.Constant)1
ConstantClass (org.apache.bcel.classfile.ConstantClass)1
ConstantPool (org.apache.bcel.classfile.ConstantPool)1
LocalVariable (org.apache.bcel.classfile.LocalVariable)1
