use of org.sonar.plugins.java.api.tree.Arguments in project sonar-java by SonarSource.
the class OSCommandInjectionCheck method visitNode.
@Override
public void visitNode(Tree tree) {
if (hasSemantic()) {
if (tree.is(Tree.Kind.METHOD_INVOCATION)) {
MethodInvocationTree mit = (MethodInvocationTree) tree;
Arguments arguments = mit.arguments();
if (RUNTIME_EXEC_MATCHER.matches(mit)) {
checkForIssue(tree, arguments.get(0));
} else if (PROCESS_BUILDER_COMMAND_MATCHER.matches(mit) && !arguments.isEmpty()) {
checkForIssue(tree, arguments);
}
} else if (((NewClassTree) tree).symbolType().is("java.lang.ProcessBuilder")) {
checkForIssue(tree, ((NewClassTree) tree).arguments());
}
}
}
use of org.sonar.plugins.java.api.tree.Arguments in project sonar-java by SonarSource.
the class ReplaceLambdaByMethodRefCheck method isMethodInvocation.
private static boolean isMethodInvocation(@Nullable Tree tree, LambdaExpressionTree lambdaTree) {
if (tree != null && tree.is(Tree.Kind.METHOD_INVOCATION, Tree.Kind.NEW_CLASS)) {
Arguments arguments;
if (tree.is(Tree.Kind.NEW_CLASS)) {
if (((NewClassTree) tree).classBody() != null) {
return false;
}
arguments = ((NewClassTree) tree).arguments();
} else {
MethodInvocationTree mit = (MethodInvocationTree) tree;
if (hasMethodInvocationInMethodSelect(mit) || hasNonFinalFieldInMethodSelect(mit)) {
return false;
}
arguments = mit.arguments();
}
List<VariableTree> parameters = lambdaTree.parameters();
return matchingParameters(parameters, arguments) || (arguments.isEmpty() && isNoArgMethodInvocationFromLambdaParam(tree, parameters));
}
return false;
}
use of org.sonar.plugins.java.api.tree.Arguments in project sonar-java by SonarSource.
the class FlowComputation method getArgumentIdentifier.
@CheckForNull
public static IdentifierTree getArgumentIdentifier(MethodInvocationTree mit, int index) {
Arguments arguments = mit.arguments();
if (index < 0 || index > arguments.size()) {
throw new IllegalArgumentException("index must be within arguments range.");
}
ExpressionTree expr = ExpressionUtils.skipParentheses(arguments.get(index));
switch(expr.kind()) {
case MEMBER_SELECT:
return ((MemberSelectExpressionTree) expr).identifier();
case IDENTIFIER:
return ((IdentifierTree) expr);
default:
return null;
}
}
use of org.sonar.plugins.java.api.tree.Arguments in project sonar-java by SonarSource.
the class DuplicateArgumentCheck method visitNode.
@Override
public void visitNode(Tree tree) {
MethodInvocationTree mit = (MethodInvocationTree) tree;
Arguments arguments = mit.arguments();
int arity = arguments.size();
if (arity <= 1) {
return;
}
Set<ExpressionTree> reported = new HashSet<>();
for (int i = 0; i < arity; i++) {
ExpressionTree arg = ExpressionUtils.skipParentheses(arguments.get(i));
if (isLiteral(arg) || arg.is(Tree.Kind.IDENTIFIER) || arg.is(Tree.Kind.NEW_CLASS)) {
continue;
}
for (int j = i + 1; j < arity; j++) {
ExpressionTree otherArg = ExpressionUtils.skipParentheses(arguments.get(j));
if (!reported.contains(otherArg) && SyntacticEquivalence.areEquivalent(arg, otherArg)) {
reportIssue(otherArg, String.format("Verify that this is the intended value; it is the same as the %s argument.", argumentNumber(i + 1)), Collections.singletonList(new JavaFileScannerContext.Location("", arg)), null);
reported.add(otherArg);
}
}
}
}
use of org.sonar.plugins.java.api.tree.Arguments in project sonar-java by SonarSource.
the class WeakSSLContextCheck method visitNode.
@Override
public void visitNode(Tree tree) {
if (hasSemantic()) {
MethodInvocationTree mit = (MethodInvocationTree) tree;
Arguments arguments = mit.arguments();
if (SSLCONTEXT_GETINSTANCE_MATCHER.matches(mit)) {
ExpressionTree firstArgument = arguments.get(0);
if (firstArgument.is(Tree.Kind.STRING_LITERAL) && !STRONG_PROTOCOLS.contains(trimQuotes(((LiteralTree) firstArgument).value()))) {
reportIssue(firstArgument, "Change this code to use a stronger protocol.");
}
}
}
}
Aggregations