Examples with ASTBinaryExpression net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression used on opensource projects

Search in sources :

Example 1 with ASTBinaryExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression in project pmd by pmd.

the class ApexInsecureEndpointRule method findInsecureEndpoints.

private void findInsecureEndpoints(AbstractApexNode<?> node) {
    ASTVariableExpression variableNode = node.getFirstChildOfType(ASTVariableExpression.class);
    findInnerInsecureEndpoints(node, variableNode);
    ASTBinaryExpression binaryNode = node.getFirstChildOfType(ASTBinaryExpression.class);
    if (binaryNode != null) {
        findInnerInsecureEndpoints(binaryNode, variableNode);
    }
}
Also used : ASTVariableExpression(net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression) ASTBinaryExpression(net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression)

Example 2 with ASTBinaryExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression in project pmd by pmd.

the class ApexOpenRedirectRule method getObjectValue.

/**
 * Finds any variables being present in PageReference constructor
 *
 * @param node
 *            - PageReference
 * @param data
 */
private void getObjectValue(ApexNode<?> node, Object data) {
    // PageReference(foo);
    final List<ASTVariableExpression> variableExpressions = node.findChildrenOfType(ASTVariableExpression.class);
    for (ASTVariableExpression variable : variableExpressions) {
        if (variable.jjtGetChildIndex() == 0 && !listOfStringLiteralVariables.contains(Helper.getFQVariableName(variable))) {
            addViolation(data, variable);
        }
    }
    // PageReference(foo + bar)
    final List<ASTBinaryExpression> binaryExpressions = node.findChildrenOfType(ASTBinaryExpression.class);
    for (ASTBinaryExpression z : binaryExpressions) {
        getObjectValue(z, data);
    }
}
Also used : ASTVariableExpression(net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression) ASTBinaryExpression(net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression)

Example 3 with ASTBinaryExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression in project pmd by pmd.

the class ApexSOQLInjectionRule method findSelectContainingVariables.

private void findSelectContainingVariables(AbstractApexNode<?> node) {
    final ASTVariableExpression left = node.getFirstChildOfType(ASTVariableExpression.class);
    final ASTBinaryExpression right = node.getFirstChildOfType(ASTBinaryExpression.class);
    if (left != null && right != null) {
        recursivelyCheckForSelect(left, right);
    }
}
Also used : ASTVariableExpression(net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression) ASTBinaryExpression(net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression)

Example 4 with ASTBinaryExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression in project pmd by pmd.

the class ApexSOQLInjectionRule method reportStrings.

private void reportStrings(ASTMethodCallExpression m, Object data) {
    final HashSet<ASTVariableExpression> setOfSafeVars = new HashSet<>();
    final List<ASTStandardCondition> conditions = m.findDescendantsOfType(ASTStandardCondition.class);
    for (ASTStandardCondition c : conditions) {
        List<ASTVariableExpression> vars = c.findDescendantsOfType(ASTVariableExpression.class);
        setOfSafeVars.addAll(vars);
    }
    final List<ASTBinaryExpression> binaryExpr = m.findChildrenOfType(ASTBinaryExpression.class);
    for (ASTBinaryExpression b : binaryExpr) {
        List<ASTVariableExpression> vars = b.findDescendantsOfType(ASTVariableExpression.class);
        for (ASTVariableExpression v : vars) {
            String fqName = Helper.getFQVariableName(v);
            if (selectContainingVariables.containsKey(fqName)) {
                boolean isLiteral = selectContainingVariables.get(fqName);
                if (isLiteral) {
                    continue;
                }
            }
            if (setOfSafeVars.contains(v) || safeVariables.contains(fqName)) {
                continue;
            }
            final ASTMethodCallExpression parentCall = v.getFirstParentOfType(ASTMethodCallExpression.class);
            boolean isSafeMethod = Helper.isMethodName(parentCall, STRING, ESCAPE_SINGLE_QUOTES) || Helper.isMethodName(parentCall, STRING, JOIN);
            if (!isSafeMethod) {
                addViolation(data, v);
            }
        }
    }
}
Also used : ASTVariableExpression(net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression) ASTBinaryExpression(net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression) ASTStandardCondition(net.sourceforge.pmd.lang.apex.ast.ASTStandardCondition) ASTMethodCallExpression(net.sourceforge.pmd.lang.apex.ast.ASTMethodCallExpression) HashSet(java.util.HashSet)

Example 5 with ASTBinaryExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression in project pmd by pmd.

the class ApexXSSFromURLParamRule method processBinaryExpression.

private void processBinaryExpression(AbstractApexNode<?> node, Object data) {
    ASTBinaryExpression nestedBinaryExpression = node.getFirstChildOfType(ASTBinaryExpression.class);
    if (nestedBinaryExpression != null) {
        processBinaryExpression(nestedBinaryExpression, data);
    }
    ASTMethodCallExpression methodCallAssignment = node.getFirstChildOfType(ASTMethodCallExpression.class);
    if (methodCallAssignment != null) {
        processInlineMethodCalls(methodCallAssignment, data, true);
    }
    final List<ASTVariableExpression> nodes = node.findChildrenOfType(ASTVariableExpression.class);
    for (ASTVariableExpression n : nodes) {
        if (urlParameterStrings.contains(Helper.getFQVariableName(n))) {
            addViolation(data, n);
        }
    }
}
Also used : ASTBinaryExpression(net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression) ASTVariableExpression(net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression) ASTMethodCallExpression(net.sourceforge.pmd.lang.apex.ast.ASTMethodCallExpression)

Aggregations

ASTBinaryExpression (net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression)11 ASTVariableExpression (net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression)9 ASTMethodCallExpression (net.sourceforge.pmd.lang.apex.ast.ASTMethodCallExpression)5 ASTLiteralExpression (net.sourceforge.pmd.lang.apex.ast.ASTLiteralExpression)2 ASTVariableDeclaration (net.sourceforge.pmd.lang.apex.ast.ASTVariableDeclaration)2 StandardFieldInfo (apex.jorje.semantic.symbol.member.variable.StandardFieldInfo)1 Field (java.lang.reflect.Field)1 HashSet (java.util.HashSet)1 List (java.util.List)1 ASTAssignmentExpression (net.sourceforge.pmd.lang.apex.ast.ASTAssignmentExpression)1 ASTField (net.sourceforge.pmd.lang.apex.ast.ASTField)1 ASTStandardCondition (net.sourceforge.pmd.lang.apex.ast.ASTStandardCondition)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial