Example 1 with UExpression
use of org.jetbrains.uast.UExpression in project kotlin by JetBrains.
the class AlarmDetector method ensureAtLeast.
private static void ensureAtLeast(@NonNull JavaContext context, @NonNull UCallExpression node, int parameter, long min) {
UExpression argument = node.getValueArguments().get(parameter);
long value = getLongValue(context, argument);
if (value < min) {
String message = String.format("Value will be forced up to %1$d as of Android 5.1; " + "don't rely on this to be exact", min);
context.report(ISSUE, argument, context.getUastLocation(argument), message);
}
}
Also used :
UExpression(org.jetbrains.uast.UExpression)
Example 2 with UExpression
use of org.jetbrains.uast.UExpression in project kotlin by JetBrains.
the class AllowAllHostnameVerifierDetector method visitMethod.
@Override
public void visitMethod(@NonNull JavaContext context, @Nullable UastVisitor visitor, @NonNull UCallExpression node, @NonNull UMethod method) {
JavaEvaluator evaluator = context.getEvaluator();
if (evaluator.methodMatches(method, null, false, "javax.net.ssl.HostnameVerifier")) {
UExpression argument = node.getValueArguments().get(0);
PsiElement resolvedArgument = UastUtils.tryResolve(argument);
if (resolvedArgument instanceof PsiField) {
PsiField field = (PsiField) resolvedArgument;
if ("ALLOW_ALL_HOSTNAME_VERIFIER".equals(field.getName())) {
Location location = context.getUastLocation(argument);
String message = "Using the ALLOW_ALL_HOSTNAME_VERIFIER HostnameVerifier " + "is unsafe because it always returns true, which could cause " + "insecure network traffic due to trusting TLS/SSL server " + "certificates for wrong hostnames";
context.report(ISSUE, argument, location, message);
}
}
}
}
Also used :
UExpression(org.jetbrains.uast.UExpression)
PsiField(com.intellij.psi.PsiField)
JavaEvaluator(com.android.tools.klint.client.api.JavaEvaluator)
PsiElement(com.intellij.psi.PsiElement)
Location(com.android.tools.klint.detector.api.Location)
Example 3 with UExpression
use of org.jetbrains.uast.UExpression in project kotlin by JetBrains.
the class PermissionRequirement method getAnnotationStringValues.
@Nullable
public static String[] getAnnotationStringValues(@Nullable UAnnotation annotation, @NonNull String name) {
if (annotation != null) {
UExpression attributeValue = annotation.findDeclaredAttributeValue(name);
if (attributeValue == null && ATTR_VALUE.equals(name)) {
attributeValue = annotation.findDeclaredAttributeValue(null);
}
if (attributeValue == null) {
return null;
}
if (UastExpressionUtils.isArrayInitializer(attributeValue)) {
List<UExpression> initializers = ((UCallExpression) attributeValue).getValueArguments();
List<String> result = Lists.newArrayListWithCapacity(initializers.size());
ConstantEvaluator constantEvaluator = new ConstantEvaluator(null);
for (UExpression element : initializers) {
Object o = constantEvaluator.evaluate(element);
if (o instanceof String) {
result.add((String) o);
}
}
if (result.isEmpty()) {
return null;
} else {
return result.toArray(new String[0]);
}
} else {
// Use constant evaluator since we want to resolve field references as well
Object o = ConstantEvaluator.evaluate(null, attributeValue);
if (o instanceof String) {
return new String[] { (String) o };
} else if (o instanceof String[]) {
return (String[]) o;
} else if (o instanceof Object[]) {
Object[] array = (Object[]) o;
List<String> strings = Lists.newArrayListWithCapacity(array.length);
for (Object element : array) {
if (element instanceof String) {
strings.add((String) element);
}
}
return strings.toArray(new String[0]);
}
}
}
return null;
}
Also used :
ConstantEvaluator(com.android.tools.klint.detector.api.ConstantEvaluator)
UExpression(org.jetbrains.uast.UExpression)
UCallExpression(org.jetbrains.uast.UCallExpression)
Nullable(com.android.annotations.Nullable)
Example 4 with UExpression
use of org.jetbrains.uast.UExpression in project kotlin by JetBrains.
the class SecurityDetector method visitMethod.
@Override
public void visitMethod(@NonNull JavaContext context, @Nullable UastVisitor visitor, @NonNull UCallExpression node, @NonNull UMethod method) {
List<UExpression> args = node.getValueArguments();
String methodName = node.getMethodName();
if (context.getEvaluator().isMemberInSubClassOf(method, FILE_CLASS, false)) {
// java.io.File.setWritable(true, false)
if ("setReadable".equals(methodName)) {
if (args.size() == 2 && Boolean.TRUE.equals(ConstantEvaluator.evaluate(context, args.get(0))) && Boolean.FALSE.equals(ConstantEvaluator.evaluate(context, args.get(1)))) {
context.report(SET_READABLE, node, context.getUastLocation(node), "Setting file permissions to world-readable can be " + "risky, review carefully");
}
return;
} else if ("setWritable".equals(methodName)) {
if (args.size() == 2 && Boolean.TRUE.equals(ConstantEvaluator.evaluate(context, args.get(0))) && Boolean.FALSE.equals(ConstantEvaluator.evaluate(context, args.get(1)))) {
context.report(SET_WRITABLE, node, context.getUastLocation(node), "Setting file permissions to world-writable can be " + "risky, review carefully");
}
return;
}
}
assert visitor != null;
for (UExpression arg : args) {
arg.accept(visitor);
}
}
Also used :
UExpression(org.jetbrains.uast.UExpression)
Example 5 with UExpression
use of org.jetbrains.uast.UExpression in project kotlin by JetBrains.
the class ServiceCastDetector method visitMethod.
@Override
public void visitMethod(@NonNull JavaContext context, @Nullable UastVisitor visitor, @NonNull UCallExpression call, @NonNull UMethod method) {
UElement parent = LintUtils.skipParentheses(UastUtils.getQualifiedParentOrThis(call).getUastParent());
if (UastExpressionUtils.isTypeCast(parent)) {
UBinaryExpressionWithType cast = (UBinaryExpressionWithType) parent;
List<UExpression> args = call.getValueArguments();
if (args.size() == 1 && args.get(0) instanceof UReferenceExpression) {
PsiElement resolvedServiceConst = ((UReferenceExpression) args.get(0)).resolve();
if (!(resolvedServiceConst instanceof PsiField)) {
return;
}
String name = ((PsiField) resolvedServiceConst).getName();
String expectedClass = getExpectedType(name);
if (expectedClass != null && cast != null) {
String castType = cast.getType().getCanonicalText();
if (castType.indexOf('.') == -1) {
expectedClass = stripPackage(expectedClass);
}
if (!castType.equals(expectedClass)) {
// android.content.ClipboardManager and android.text.ClipboardManager
if (isClipboard(castType) && isClipboard(expectedClass)) {
return;
}
String message = String.format("Suspicious cast to `%1$s` for a `%2$s`: expected `%3$s`", stripPackage(castType), name, stripPackage(expectedClass));
context.report(ISSUE, call, context.getUastLocation(cast), message);
}
}
}
}
}
Also used :
UExpression(org.jetbrains.uast.UExpression)
PsiField(com.intellij.psi.PsiField)
UElement(org.jetbrains.uast.UElement)
UReferenceExpression(org.jetbrains.uast.UReferenceExpression)
UBinaryExpressionWithType(org.jetbrains.uast.UBinaryExpressionWithType)
PsiElement(com.intellij.psi.PsiElement)
Aggregations
UExpression (org.jetbrains.uast.UExpression)25
Location (com.android.tools.klint.detector.api.Location)8
JavaEvaluator (com.android.tools.klint.client.api.JavaEvaluator)7
PsiElement (com.intellij.psi.PsiElement)6
PsiMethod (com.intellij.psi.PsiMethod)6
PsiClass (com.intellij.psi.PsiClass)5
UCallExpression (org.jetbrains.uast.UCallExpression)5
ResourceUrl (com.android.ide.common.resources.ResourceUrl)4
PsiClassType (com.intellij.psi.PsiClassType)4
PsiType (com.intellij.psi.PsiType)4
UReferenceExpression (org.jetbrains.uast.UReferenceExpression)4
Nullable (com.android.annotations.Nullable)3
LintFix (com.android.tools.lint.detector.api.LintFix)3
PsiVariable (com.intellij.psi.PsiVariable)3
UElement (org.jetbrains.uast.UElement)3
ULiteralExpression (org.jetbrains.uast.ULiteralExpression)3
PsiField (com.intellij.psi.PsiField)2
UIfExpression (org.jetbrains.uast.UIfExpression)2
UParenthesizedExpression (org.jetbrains.uast.UParenthesizedExpression)2
UQualifiedReferenceExpression (org.jetbrains.uast.UQualifiedReferenceExpression)2
