Example 1 with DottedClassName
use of edu.umd.cs.findbugs.internalAnnotations.DottedClassName in project spotbugs by spotbugs.
the class PlaceholderTest method setup.
@Before
public void setup() {
Project project = new Project();
reporter = new SarifBugReporter(project);
writer = new StringWriter();
reporter.setWriter(new PrintWriter(writer));
reporter.setPriorityThreshold(Priorities.IGNORE_PRIORITY);
DetectorFactoryCollection.resetInstance(new DetectorFactoryCollection());
IAnalysisCache analysisCache = ClassFactory.instance().createAnalysisCache(new ClassPathImpl(), reporter);
Global.setAnalysisCacheForCurrentThread(analysisCache);
FindBugs2.registerBuiltInAnalysisEngines(analysisCache);
AnalysisContext analysisContext = new AnalysisContext(project) {
public boolean isApplicationClass(@DottedClassName String className) {
// treat all classes as application class, to report bugs in it
return true;
}
};
AnalysisContext.setCurrentAnalysisContext(analysisContext);
}
Also used :
Project(edu.umd.cs.findbugs.Project)
StringWriter(java.io.StringWriter)
ClassPathImpl(edu.umd.cs.findbugs.classfile.impl.ClassPathImpl)
IAnalysisCache(edu.umd.cs.findbugs.classfile.IAnalysisCache)
AnalysisContext(edu.umd.cs.findbugs.ba.AnalysisContext)
PrintWriter(java.io.PrintWriter)
DetectorFactoryCollection(edu.umd.cs.findbugs.DetectorFactoryCollection)
DottedClassName(edu.umd.cs.findbugs.internalAnnotations.DottedClassName)
Before(org.junit.Before)
Example 2 with DottedClassName
use of edu.umd.cs.findbugs.internalAnnotations.DottedClassName in project spotbugs by spotbugs.
the class FindUseOfNonSerializableValue method visitClassContext.
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
boolean skip = false;
ConstantPool constantPool = javaClass.getConstantPool();
for (Constant c : constantPool.getConstantPool()) {
if (c instanceof ConstantMethodref || c instanceof ConstantInterfaceMethodref) {
ConstantCP m = (ConstantCP) c;
@DottedClassName String clazz = m.getClass(constantPool);
ConstantNameAndType nt = (ConstantNameAndType) constantPool.getConstant(m.getNameAndTypeIndex(), Const.CONSTANT_NameAndType);
String name = nt.getName(constantPool);
if ("setAttribute".equals(name) && "javax.servlet.http.HttpSession".equals(clazz) || ("writeObject".equals(name) && ("java.io.ObjectOutput".equals(clazz) || "java.io.ObjectOutputStream".equals(clazz)))) {
if (DEBUG) {
System.out.println("Found call to " + clazz + "." + name);
}
skip = false;
break;
}
}
}
if (skip) {
return;
}
if (DEBUG) {
System.out.println(this.getClass().getSimpleName() + " Checking " + javaClass.getClassName());
}
Method[] methodList = javaClass.getMethods();
for (Method method : methodList) {
if (method.getCode() == null) {
continue;
}
try {
analyzeMethod(classContext, method);
} catch (CFGBuilderException e) {
bugReporter.logError("Detector " + this.getClass().getName() + " caught exception", e);
} catch (DataflowAnalysisException e) {
// bugReporter.logError("Detector " + this.getClass().getName()
// + " caught exception", e);
}
bugAccumulator.reportAccumulatedBugs();
}
}
Also used :
Constant(org.apache.bcel.classfile.Constant)
Method(org.apache.bcel.classfile.Method)
DottedClassName(edu.umd.cs.findbugs.internalAnnotations.DottedClassName)
ConstantNameAndType(org.apache.bcel.classfile.ConstantNameAndType)
JavaClass(org.apache.bcel.classfile.JavaClass)
ConstantMethodref(org.apache.bcel.classfile.ConstantMethodref)
ConstantPool(org.apache.bcel.classfile.ConstantPool)
CFGBuilderException(edu.umd.cs.findbugs.ba.CFGBuilderException)
ConstantInterfaceMethodref(org.apache.bcel.classfile.ConstantInterfaceMethodref)
ConstantCP(org.apache.bcel.classfile.ConstantCP)
DataflowAnalysisException(edu.umd.cs.findbugs.ba.DataflowAnalysisException)
Example 3 with DottedClassName
use of edu.umd.cs.findbugs.internalAnnotations.DottedClassName in project spotbugs by spotbugs.
the class UncallableMethodOfAnonymousClass method doVisitMethod.
@Override
public void doVisitMethod(Method obj) {
super.doVisitMethod(obj);
if (pendingBug != null) {
if (potentialSuperCall == null) {
String role = ClassAnnotation.SUPERCLASS_ROLE;
@DottedClassName String superclassName = ClassName.toDottedClassName(getSuperclassName());
if (Values.DOTTED_JAVA_LANG_OBJECT.equals(superclassName)) {
try {
JavaClass[] interfaces = getThisClass().getInterfaces();
if (interfaces.length == 1) {
superclassName = interfaces[0].getClassName();
role = ClassAnnotation.IMPLEMENTED_INTERFACE_ROLE;
}
} catch (ClassNotFoundException e) {
AnalysisContext.reportMissingClass(e);
}
}
pendingBug.addClass(superclassName).describe(role);
try {
XClass from = Global.getAnalysisCache().getClassAnalysis(XClass.class, DescriptorFactory.createClassDescriptorFromDottedClassName(superclassName));
XMethod potentialMatch = null;
for (XMethod m : from.getXMethods()) {
if (!m.isStatic() && !m.isPrivate() && m.getName().toLowerCase().equals(obj.getName().toLowerCase())) {
if (potentialMatch == null) {
potentialMatch = m;
} else {
// multiple matches; ignore all
potentialMatch = null;
break;
}
}
}
if (potentialMatch != null) {
pendingBug.addMethod(potentialMatch).describe(MethodAnnotation.METHOD_DID_YOU_MEAN_TO_OVERRIDE);
}
} catch (CheckedAnalysisException e) {
AnalysisContext.logError("Error: ", e);
}
} else {
pendingBug.setPriority(pendingBug.getPriority() - 1);
pendingBug.addMethod(potentialSuperCall).describe(MethodAnnotation.METHOD_DID_YOU_MEAN_TO_OVERRIDE);
}
bugReporter.reportBug(pendingBug);
pendingBug = null;
potentialSuperCall = null;
}
}
Also used :
CheckedAnalysisException(edu.umd.cs.findbugs.classfile.CheckedAnalysisException)
JavaClass(org.apache.bcel.classfile.JavaClass)
XMethod(edu.umd.cs.findbugs.ba.XMethod)
XClass(edu.umd.cs.findbugs.ba.XClass)
DottedClassName(edu.umd.cs.findbugs.internalAnnotations.DottedClassName)
Example 4 with DottedClassName
use of edu.umd.cs.findbugs.internalAnnotations.DottedClassName in project spotbugs by spotbugs.
the class UselessSubclassMethod method findSuperclassMethod.
private Method findSuperclassMethod(@DottedClassName String superclassName, Method subclassMethod) throws ClassNotFoundException {
String methodName = subclassMethod.getName();
Type[] subArgs = null;
JavaClass superClass = Repository.lookupClass(superclassName);
Method[] methods = superClass.getMethods();
outer: for (Method m : methods) {
if (m.getName().equals(methodName)) {
if (subArgs == null) {
subArgs = Type.getArgumentTypes(subclassMethod.getSignature());
}
Type[] superArgs = Type.getArgumentTypes(m.getSignature());
if (subArgs.length == superArgs.length) {
for (int j = 0; j < subArgs.length; j++) {
if (!superArgs[j].equals(subArgs[j])) {
continue outer;
}
}
return m;
}
}
}
if (!"Object".equals(superclassName)) {
@DottedClassName String superSuperClassName = superClass.getSuperclassName();
if (superSuperClassName.equals(superclassName)) {
throw new ClassNotFoundException("superclass of " + superclassName + " is itself");
}
return findSuperclassMethod(superSuperClassName, subclassMethod);
}
return null;
}
Also used :
Type(org.apache.bcel.generic.Type)
JavaClass(org.apache.bcel.classfile.JavaClass)
Method(org.apache.bcel.classfile.Method)
DottedClassName(edu.umd.cs.findbugs.internalAnnotations.DottedClassName)
Example 5 with DottedClassName
use of edu.umd.cs.findbugs.internalAnnotations.DottedClassName in project spotbugs by spotbugs.
the class DroppedException method visit.
@edu.umd.cs.findbugs.annotations.SuppressFBWarnings(value = "UC_USELESS_CONDITION", justification = "To be fixed in SpotBugs 4.0.0, see https://github.com/spotbugs/spotbugs/issues/84")
@Override
public void visit(Code obj) {
CodeException[] exp = obj.getExceptionTable();
LineNumberTable lineNumbers = obj.getLineNumberTable();
if (exp == null) {
return;
}
byte[] code = obj.getCode();
for (CodeException aExp : exp) {
int handled = aExp.getHandlerPC();
int start = aExp.getStartPC();
int end = aExp.getEndPC();
int cause = aExp.getCatchType();
boolean exitInTryBlock = false;
if (DEBUG) {
System.out.println("start = " + start + ", end = " + end + ", codeLength = " + code.length + ", handled = " + handled);
}
for (int j = start; j <= end && j < code.length; ) {
int opcode = asUnsignedByte(code[j]);
if (Const.getNoOfOperands(opcode) < 0) {
exitInTryBlock = true;
break;
}
j += 1 + Const.getNoOfOperands(opcode);
if (opcode >= Const.IRETURN && opcode <= Const.RETURN || opcode >= Const.IFEQ && opcode <= Const.GOTO && (opcode != Const.GOTO || j < end)) {
exitInTryBlock = true;
if (DEBUG) {
System.out.println("\texit: " + opcode + " in " + getFullyQualifiedMethodName());
}
break;
}
}
if (exitInTryBlock) {
if (DEBUG) {
System.out.println("Exit in try block");
}
continue;
}
if (handled < 5) {
continue;
}
@DottedClassName String causeName;
if (cause == 0) {
causeName = "java.lang.Throwable";
} else {
causeName = Utility.compactClassName(getConstantPool().getConstantString(cause, Const.CONSTANT_Class), false);
if (!isChecked(causeName)) {
continue;
}
}
int jumpAtEnd = 0;
if (end < code.length && asUnsignedByte(code[end]) == Const.GOTO) {
jumpAtEnd = getUnsignedShort(code, end + 1);
if (jumpAtEnd < handled) {
jumpAtEnd = 0;
}
}
int opcode = asUnsignedByte(code[handled]);
int afterHandler = 0;
if (DEBUG) {
System.out.println("DE:\topcode is " + Const.getOpcodeName(opcode) + ", " + asUnsignedByte(code[handled + 1]));
}
boolean drops = false;
boolean startsWithASTORE03 = opcode >= Const.ASTORE_0 && opcode <= Const.ASTORE_3;
if (startsWithASTORE03 && asUnsignedByte(code[handled + 1]) == Const.RETURN) {
if (DEBUG) {
System.out.println("Drop 1");
}
drops = true;
afterHandler = handled + 1;
}
if (handled + 2 < code.length && opcode == Const.ASTORE && asUnsignedByte(code[handled + 2]) == Const.RETURN) {
drops = true;
afterHandler = handled + 2;
if (DEBUG) {
System.out.println("Drop 2");
}
}
if (handled + 3 < code.length && !exitInTryBlock) {
if (DEBUG) {
System.out.println("DE: checking for jumps");
}
if (startsWithASTORE03 && asUnsignedByte(code[handled - 3]) == Const.GOTO) {
int offsetBefore = getUnsignedShort(code, handled - 2);
if (DEBUG) {
System.out.println("offset before = " + offsetBefore);
}
if (offsetBefore == 4) {
drops = true;
afterHandler = handled + 1;
if (DEBUG) {
System.out.println("Drop 3");
}
}
}
if (opcode == Const.ASTORE && asUnsignedByte(code[handled - 3]) == Const.GOTO) {
int offsetBefore = getUnsignedShort(code, handled - 2);
if (offsetBefore == 5) {
drops = true;
afterHandler = handled + 2;
if (DEBUG) {
System.out.println("Drop 4");
}
}
}
if (startsWithASTORE03 && asUnsignedByte(code[handled + 1]) == Const.GOTO && asUnsignedByte(code[handled - 3]) == Const.GOTO) {
int offsetBefore = getUnsignedShort(code, handled - 2);
int offsetAfter = getUnsignedShort(code, handled + 2);
if (offsetAfter > 0 && offsetAfter + 4 == offsetBefore) {
drops = true;
afterHandler = handled + 4;
if (DEBUG) {
System.out.println("Drop 5");
}
}
}
if (opcode == Const.ASTORE && asUnsignedByte(code[handled + 2]) == Const.GOTO && asUnsignedByte(code[handled - 3]) == Const.GOTO) {
int offsetBefore = getUnsignedShort(code, handled - 2);
int offsetAfter = getUnsignedShort(code, handled + 3);
if (offsetAfter > 0 && offsetAfter + 5 == offsetBefore) {
drops = true;
afterHandler = handled + 5;
if (DEBUG) {
System.out.println("Drop 6");
}
}
}
}
boolean multiLineHandler = false;
if (DEBUG) {
System.out.println("afterHandler = " + afterHandler + ", handled = " + handled);
}
if (afterHandler > handled && lineNumbers != null) {
int startHandlerLinenumber = lineNumbers.getSourceLine(handled);
int endHandlerLinenumber = getNextExecutableLineNumber(lineNumbers, afterHandler) - 1;
if (DEBUG) {
System.out.println("Handler in lines " + startHandlerLinenumber + "-" + endHandlerLinenumber);
}
if (endHandlerLinenumber > startHandlerLinenumber) {
multiLineHandler = true;
if (DEBUG) {
System.out.println("Multiline handler");
}
}
}
if (end - start >= 4 && drops && !"java.lang.InterruptedException".equals(causeName) && !"java.lang.CloneNotSupportedException".equals(causeName)) {
int priority = NORMAL_PRIORITY;
if (exitInTryBlock) {
priority++;
}
if (end - start == 4) {
priority++;
}
SourceLineAnnotation srcLine = SourceLineAnnotation.fromVisitedInstruction(this.classContext, this, handled);
if (srcLine != null && LOOK_IN_SOURCE_TO_FIND_COMMENTED_CATCH_BLOCKS) {
if (catchBlockHasComment(srcLine)) {
return;
} else {
priority++;
}
} else {
// can't look at source
if (lineNumbers == null || multiLineHandler) {
priority += 2;
}
}
if ("java.lang.Error".equals(causeName) || "java.lang.Exception".equals(causeName) || "java.lang.Throwable".equals(causeName) || "java.lang.RuntimeException".equals(causeName)) {
priority--;
if (end - start > 30) {
priority--;
}
}
int register = -1;
if (startsWithASTORE03) {
register = opcode - Const.ASTORE_0;
} else if (opcode == Const.ASTORE) {
register = asUnsignedByte(code[handled + 1]);
}
if (register >= 0) {
LocalVariableAnnotation lva = LocalVariableAnnotation.getLocalVariableAnnotation(getMethod(), register, handled + 2, handled + 1);
String name = lva.getName();
if (DEBUG) {
System.out.println("Name: " + name);
}
if (name.startsWith("ignore") || name.startsWith("cant")) {
continue;
}
}
if (DEBUG) {
System.out.println("Priority is " + priority);
}
if (priority > LOW_PRIORITY) {
return;
}
if (priority < HIGH_PRIORITY) {
priority = HIGH_PRIORITY;
}
if (DEBUG) {
System.out.println("reporting warning");
}
BugInstance bugInstance = new BugInstance(this, exitInTryBlock ? "DE_MIGHT_DROP" : "DE_MIGHT_IGNORE", priority).addClassAndMethod(this);
bugInstance.addClass(causeName).describe("CLASS_EXCEPTION");
bugInstance.addSourceLine(srcLine);
bugAccumulator.accumulateBug(bugInstance, srcLine);
}
}
}
Also used :
CodeException(org.apache.bcel.classfile.CodeException)
SourceLineAnnotation(edu.umd.cs.findbugs.SourceLineAnnotation)
LocalVariableAnnotation(edu.umd.cs.findbugs.LocalVariableAnnotation)
BugInstance(edu.umd.cs.findbugs.BugInstance)
LineNumberTable(org.apache.bcel.classfile.LineNumberTable)
DottedClassName(edu.umd.cs.findbugs.internalAnnotations.DottedClassName)
Aggregations
DottedClassName (edu.umd.cs.findbugs.internalAnnotations.DottedClassName)11
JavaClass (org.apache.bcel.classfile.JavaClass)4
DetectorFactoryCollection (edu.umd.cs.findbugs.DetectorFactoryCollection)2
Project (edu.umd.cs.findbugs.Project)2
AnalysisContext (edu.umd.cs.findbugs.ba.AnalysisContext)2
IAnalysisCache (edu.umd.cs.findbugs.classfile.IAnalysisCache)2
ClassPathImpl (edu.umd.cs.findbugs.classfile.impl.ClassPathImpl)2
PrintWriter (java.io.PrintWriter)2
StringWriter (java.io.StringWriter)2
Matcher (java.util.regex.Matcher)2
Method (org.apache.bcel.classfile.Method)2
Before (org.junit.Before)2
BugInstance (edu.umd.cs.findbugs.BugInstance)1
ClassAnnotation (edu.umd.cs.findbugs.ClassAnnotation)1
LocalVariableAnnotation (edu.umd.cs.findbugs.LocalVariableAnnotation)1
SourceLineAnnotation (edu.umd.cs.findbugs.SourceLineAnnotation)1
CFGBuilderException (edu.umd.cs.findbugs.ba.CFGBuilderException)1
DataflowAnalysisException (edu.umd.cs.findbugs.ba.DataflowAnalysisException)1
XClass (edu.umd.cs.findbugs.ba.XClass)1
XMethod (edu.umd.cs.findbugs.ba.XMethod)1
