Examples with ASTStandardCondition net.sourceforge.pmd.lang.apex.ast.ASTStandardCondition used on opensource projects

Search in sources :

Example 1 with ASTStandardCondition

use of net.sourceforge.pmd.lang.apex.ast.ASTStandardCondition in project pmd by pmd.

the class ApexSOQLInjectionRule method reportStrings.

private void reportStrings(ASTMethodCallExpression m, Object data) {
    final HashSet<ASTVariableExpression> setOfSafeVars = new HashSet<>();
    final List<ASTStandardCondition> conditions = m.findDescendantsOfType(ASTStandardCondition.class);
    for (ASTStandardCondition c : conditions) {
        List<ASTVariableExpression> vars = c.findDescendantsOfType(ASTVariableExpression.class);
        setOfSafeVars.addAll(vars);
    }
    final List<ASTBinaryExpression> binaryExpr = m.findChildrenOfType(ASTBinaryExpression.class);
    for (ASTBinaryExpression b : binaryExpr) {
        List<ASTVariableExpression> vars = b.findDescendantsOfType(ASTVariableExpression.class);
        for (ASTVariableExpression v : vars) {
            String fqName = Helper.getFQVariableName(v);
            if (selectContainingVariables.containsKey(fqName)) {
                boolean isLiteral = selectContainingVariables.get(fqName);
                if (isLiteral) {
                    continue;
                }
            }
            if (setOfSafeVars.contains(v) || safeVariables.contains(fqName)) {
                continue;
            }
            final ASTMethodCallExpression parentCall = v.getFirstParentOfType(ASTMethodCallExpression.class);
            boolean isSafeMethod = Helper.isMethodName(parentCall, STRING, ESCAPE_SINGLE_QUOTES) || Helper.isMethodName(parentCall, STRING, JOIN);
            if (!isSafeMethod) {
                addViolation(data, v);
            }
        }
    }
}
Also used : ASTVariableExpression(net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression) ASTBinaryExpression(net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression) ASTStandardCondition(net.sourceforge.pmd.lang.apex.ast.ASTStandardCondition) ASTMethodCallExpression(net.sourceforge.pmd.lang.apex.ast.ASTMethodCallExpression) HashSet(java.util.HashSet)

Aggregations

HashSet (java.util.HashSet)1 ASTBinaryExpression (net.sourceforge.pmd.lang.apex.ast.ASTBinaryExpression)1 ASTMethodCallExpression (net.sourceforge.pmd.lang.apex.ast.ASTMethodCallExpression)1 ASTStandardCondition (net.sourceforge.pmd.lang.apex.ast.ASTStandardCondition)1 ASTVariableExpression (net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial