Example 56 with Method
use of org.apache.bcel.classfile.Method in project fb-contrib by mebigfatguy.
the class StaticMethodInstanceInvocation method classDefinesStaticMethod.
boolean classDefinesStaticMethod(String popSignature) throws ClassNotFoundException {
if (Values.DOTTED_JAVA_LANG_OBJECT.equals(popSignature) || Values.DOTTED_JAVA_LANG_CLASS.equals(popSignature)) {
return false;
}
JavaClass cls = Repository.lookupClass(popSignature);
Method[] methods = cls.getMethods();
for (Method m : methods) {
if (m.isStatic() && m.getName().equals(getNameConstantOperand()) && m.getSignature().equals(getSigConstantOperand())) {
return true;
}
}
return classDefinesStaticMethod(cls.getSuperclassName());
}Example 57 with Method
use of org.apache.bcel.classfile.Method in project fb-contrib by mebigfatguy.
the class SuspiciousJDKVersionUse method isValid.
private boolean isValid(Map<String, Set<String>> validMethods, String clsName) throws IOException, ClassNotFoundException {
Set<String> methodInfos = validMethods.get(clsName);
if (methodInfos == null) {
ZipEntry ze = jdkZip.getEntry(clsName + ".class");
if (ze == null) {
if (isJavaXExternal(clsName)) {
return true;
}
bugReporter.reportBug(new BugInstance(this, BugType.SJVU_SUSPICIOUS_JDK_VERSION_USE.name(), HIGH_PRIORITY).addClass(this).addMethod(this).addSourceLine(this).addClass(clsName));
} else if (clsName.startsWith("java/")) {
JavaClass calledClass = null;
try (InputStream is = new BufferedInputStream(jdkZip.getInputStream(ze))) {
ClassParser parser = new ClassParser(is, clsName);
calledClass = parser.parse();
}
superNames.put(clsName, calledClass.getSuperclassName().replace('.', '/'));
Method[] methods = calledClass.getMethods();
methodInfos = new HashSet<>(methods.length);
validMethods.put(clsName, methodInfos);
for (Method m : methods) {
methodInfos.add(m.getName() + m.getSignature());
}
}
}
if (methodInfos == null) {
return true;
}
String wantedMethod = getNameConstantOperand() + getSigConstantOperand();
if (methodInfos.contains(wantedMethod)) {
return true;
} else if (Values.SLASHED_JAVA_LANG_OBJECT.equals(clsName)) {
return false;
} else {
return isValid(validMethods, superNames.get(clsName));
}
}
Also used :
JavaClass(org.apache.bcel.classfile.JavaClass)
BufferedInputStream(java.io.BufferedInputStream)
BufferedInputStream(java.io.BufferedInputStream)
InputStream(java.io.InputStream)
ZipEntry(java.util.zip.ZipEntry)
BugInstance(edu.umd.cs.findbugs.BugInstance)
Method(org.apache.bcel.classfile.Method)
ClassParser(org.apache.bcel.classfile.ClassParser)
HashSet(java.util.HashSet)
Example 58 with Method
use of org.apache.bcel.classfile.Method in project fb-contrib by mebigfatguy.
the class SuspiciousJDKVersionUse method findCalledMethod.
@Nullable
private Method findCalledMethod() {
try {
JavaClass clss = Repository.lookupClass(getClassConstantOperand());
Method[] methods = clss.getMethods();
String calledMethod = getNameConstantOperand();
String calledSignature = getSigConstantOperand();
for (Method m : methods) {
if (m.getName().equals(calledMethod) && m.getSignature().equals(calledSignature)) {
return m;
}
}
return null;
} catch (ClassNotFoundException cnfe) {
bugReporter.reportMissingClass(cnfe);
return null;
}
}Example 59 with Method
use of org.apache.bcel.classfile.Method in project fb-contrib by mebigfatguy.
the class PoorlyDefinedParameter method visitCode.
/**
* implements the visitor to see if the method has parameters
*
* @param obj
* the context object of the currently parsed code block
*/
@Override
public void visitCode(Code obj) {
try {
Method m = getMethod();
if (m.isSynthetic()) {
return;
}
if (m.isStatic() || m.isPrivate() || Values.CONSTRUCTOR.equals(m.getName())) {
parmSigs = SignatureUtils.getParameterSlotAndSignatures(m.isStatic(), m.getSignature());
if (!parmSigs.isEmpty() && prescreen(m)) {
state = State.SAW_NOTHING;
bugs = new HashMap<>();
downwardBranchTarget = -1;
super.visitCode(obj);
for (BugInfo bi : bugs.values()) {
bugReporter.reportBug(bi.bug);
}
}
}
} finally {
bugs = null;
}
}
Also used :
Method(org.apache.bcel.classfile.Method)
Example 60 with Method
use of org.apache.bcel.classfile.Method in project fb-contrib by mebigfatguy.
the class SuspiciousUninitializedArray method visitCode.
/**
* overrides the visitor to check to see if the method returns an array, and if so resets the stack for this method.
*
* @param obj
* the context object for the currently parsed code block
*/
@Override
public void visitCode(Code obj) {
Method m = getMethod();
if (m.isSynthetic()) {
return;
}
if (isEnum && "values".equals(m.getName())) {
return;
}
String sig = m.getSignature();
int sigPos = sig.indexOf(")[");
if (sigPos < 0) {
return;
}
if (INITIAL_VALUE.equals(m.getName())) {
try {
if ((THREAD_LOCAL_CLASS == null) || getClassContext().getJavaClass().instanceOf(THREAD_LOCAL_CLASS)) {
return;
}
} catch (ClassNotFoundException e) {
bugReporter.reportMissingClass(e);
return;
}
}
stack.resetForMethodEntry(this);
returnArraySig = sig.substring(sigPos + 1);
uninitializedRegs.clear();
arrayAliases.clear();
storedUVs.clear();
super.visitCode(obj);
}Aggregations
Method (org.apache.bcel.classfile.Method)79
JavaClass (org.apache.bcel.classfile.JavaClass)28
BugInstance (edu.umd.cs.findbugs.BugInstance)20
ToString (com.mebigfatguy.fbcontrib.utils.ToString)12
StopOpcodeParsingException (com.mebigfatguy.fbcontrib.utils.StopOpcodeParsingException)11
FQMethod (com.mebigfatguy.fbcontrib.utils.FQMethod)7
HashMap (java.util.HashMap)7
HashSet (java.util.HashSet)7
Field (org.apache.bcel.classfile.Field)6
Type (org.apache.bcel.generic.Type)6
AnnotationEntry (org.apache.bcel.classfile.AnnotationEntry)5
ExceptionTable (org.apache.bcel.classfile.ExceptionTable)5
OpcodeStack (edu.umd.cs.findbugs.OpcodeStack)4
SourceLineAnnotation (edu.umd.cs.findbugs.SourceLineAnnotation)4
ArrayList (java.util.ArrayList)4
Map (java.util.Map)4
ConstantPoolGen (org.apache.bcel.generic.ConstantPoolGen)4
BugType (com.mebigfatguy.fbcontrib.utils.BugType)3
QMethod (com.mebigfatguy.fbcontrib.utils.QMethod)3
XMethod (edu.umd.cs.findbugs.ba.XMethod)3
