Examples with ASTFieldDeclaration net.sourceforge.pmd.lang.apex.ast.ASTFieldDeclaration used on opensource projects

Example 1 with ASTFieldDeclaration

use of net.sourceforge.pmd.lang.apex.ast.ASTFieldDeclaration in project pmd by pmd.

the class ApexSOQLInjectionRule method visit.

@Override
public Object visit(ASTUserClass node, Object data) {
    if (Helper.isTestMethodOrClass(node) || Helper.isSystemLevelClass(node)) {
        // stops all the rules
        return data;
    }
    final List<ASTMethod> methodExpr = node.findDescendantsOfType(ASTMethod.class);
    for (ASTMethod m : methodExpr) {
        findSafeVariablesInSignature(m);
    }
    final List<ASTFieldDeclaration> fieldExpr = node.findDescendantsOfType(ASTFieldDeclaration.class);
    for (ASTFieldDeclaration a : fieldExpr) {
        findSanitizedVariables(a);
        findSelectContainingVariables(a);
    }
    // String foo = String.escapeSignleQuotes(...);
    final List<ASTVariableDeclaration> variableDecl = node.findDescendantsOfType(ASTVariableDeclaration.class);
    for (ASTVariableDeclaration a : variableDecl) {
        findSanitizedVariables(a);
        findSelectContainingVariables(a);
    }
    // baz = String.escapeSignleQuotes(...);
    final List<ASTAssignmentExpression> assignmentCalls = node.findDescendantsOfType(ASTAssignmentExpression.class);
    for (ASTAssignmentExpression a : assignmentCalls) {
        findSanitizedVariables(a);
        findSelectContainingVariables(a);
    }
    // Database.query(...) check
    final List<ASTMethodCallExpression> potentialDbQueryCalls = node.findDescendantsOfType(ASTMethodCallExpression.class);
    for (ASTMethodCallExpression m : potentialDbQueryCalls) {
        if (!Helper.isTestMethodOrClass(m) && Helper.isMethodName(m, DATABASE, QUERY)) {
            reportStrings(m, data);
            reportVariables(m, data);
        }
    }
    safeVariables.clear();
    selectContainingVariables.clear();
    return data;
}

Example 2 with ASTFieldDeclaration

use of net.sourceforge.pmd.lang.apex.ast.ASTFieldDeclaration in project pmd by pmd.

the class Helper method getFQVariableName.

static String getFQVariableName(final ASTFieldDeclaration variable) {
    FieldDeclaration n = variable.getNode();
    String name = "";
    try {
        java.lang.reflect.Field f = n.getClass().getDeclaredField("name");
        f.setAccessible(true);
        Identifier nameField = (Identifier) f.get(n);
        name = nameField.getValue();
    } catch (NoSuchFieldException | SecurityException | IllegalArgumentException | IllegalAccessException e) {
        throw new RuntimeException(e);
    }
    StringBuilder sb = new StringBuilder().append(n.getDefiningType().getApexName()).append(":").append(name);
    return sb.toString();
}

Example 3 with ASTFieldDeclaration

use of net.sourceforge.pmd.lang.apex.ast.ASTFieldDeclaration in project pmd by pmd.

the class ApexBadCryptoRule method visit.

@Override
public Object visit(ASTUserClass node, Object data) {
    if (Helper.isTestMethodOrClass(node)) {
        return data;
    }
    List<ASTFieldDeclaration> fieldDecl = node.findDescendantsOfType(ASTFieldDeclaration.class);
    for (ASTFieldDeclaration var : fieldDecl) {
        findSafeVariables(var);
    }
    List<ASTVariableDeclaration> variableDecl = node.findDescendantsOfType(ASTVariableDeclaration.class);
    for (ASTVariableDeclaration var : variableDecl) {
        findSafeVariables(var);
    }
    List<ASTMethodCallExpression> methodCalls = node.findDescendantsOfType(ASTMethodCallExpression.class);
    for (ASTMethodCallExpression methodCall : methodCalls) {
        if (Helper.isMethodName(methodCall, CRYPTO, ENCRYPT) || Helper.isMethodName(methodCall, CRYPTO, DECRYPT) || Helper.isMethodName(methodCall, CRYPTO, ENCRYPT_WITH_MANAGED_IV) || Helper.isMethodName(methodCall, CRYPTO, DECRYPT_WITH_MANAGED_IV)) {
            validateStaticIVorKey(methodCall, data);
        }
    }
    potentiallyStaticBlob.clear();
    return data;
}