Refine search
/** return an int on the stack, or 'defaultValue' if can't determine */ private int getIntValue(int stackDepth, int defaultValue) { if (stack.getStackDepth() < stackDepth) { return defaultValue; } OpcodeStack.Item it = stack.getStackItem(stackDepth); Object value = it.getConstant(); if (value == null || !(value instanceof Integer)) { return defaultValue; } return ((Number) value).intValue(); }
return; OpcodeStack.Item it = stack.getStackItem(stackDepth); Object value = it.getConstant(); if (value == null || !(value instanceof String)) { return; if (ignorePasswordMasking && dotIsUsed) { priority = NORMAL_PRIORITY; OpcodeStack.Item top = stack.getStackItem(0); Object topValue = top.getConstant(); if (topValue instanceof String) { String replacementString = (String) topValue; bugReporter.reportBug(new BugInstance(this, "RE_POSSIBLE_UNINTENDED_PATTERN", priority).addClassAndMethod(this) .addCalledMethod(this).addSourceLine(this));
private void checkRange(Item item, Object minValue, Object maxValue, String pattern) { if(!(item.getConstant() instanceof Number)) { return; int value = ((Number)item.getConstant()).intValue(); int intMin = Integer.MIN_VALUE; int intMax = Integer.MAX_VALUE; } else if (maxValue instanceof OpcodeStack.Item){ OpcodeStack.Item maxItem = (OpcodeStack.Item ) maxValue; if (maxItem.getSignature().charAt(0) == '[' && maxItem.getConstant() instanceof Integer) { intMax = ((Integer)maxItem.getConstant())-1; BugInstance bug = new BugInstance(pattern, NORMAL_PRIORITY ).addClassAndMethod(DumbMethods.this).addSourceLine(DumbMethods.this) .addInt(value).describe(IntAnnotation.INT_VALUE);
if ("java/io/ObjectOutputStream".equals(calledClassName) && Const.CONSTRUCTOR_NAME.equals(calledMethodName) && "(Ljava/io/OutputStream;)V".equals(calledMethodSig) && stack.getStackItem(0).getSpecialKind() == OpcodeStack.Item.FILE_OPENED_IN_APPEND_MODE) { bugReporter.reportBug(new BugInstance(this, "IO_APPENDING_TO_OBJECT_OUTPUT_STREAM", Priorities.HIGH_PRIORITY) .addClassAndMethod(this).addSourceLine(this)); OpcodeStack.Item item = stack.getStackItem(0); Object value = item.getConstant(); sawOpenInAppendMode = value instanceof Integer && ((Integer) value).intValue() == 1; } else if ("java/io/BufferedOutputStream".equals(calledClassName) && Const.CONSTRUCTOR_NAME.equals(calledMethodName) bugReporter.reportBug(new BugInstance(this, "IO_APPENDING_TO_OBJECT_OUTPUT_STREAM", Priorities.HIGH_PRIORITY) .addClassAndMethod(this).addSourceLine(this)); sawOpenInAppendMode = false;
private Number getArg() { Object constValue = stack.getStackItem(0).getConstant(); if (!(constValue instanceof Number)) { constValue = stack.getStackItem(1).getConstant(); } if (!(constValue instanceof Long) && !(constValue instanceof Integer)) { return null; } return (Number) constValue; }
private void checkForCompatibleLongComparison(OpcodeStack.Item left, OpcodeStack.Item right) { if (left.getSpecialKind() == Item.RESULT_OF_I2L && right.getConstant() != null) { long value = ((Number) right.getConstant()).longValue(); if ( (value > Integer.MAX_VALUE || value < Integer.MIN_VALUE)) { int priority = Priorities.HIGH_PRIORITY; if (value == Integer.MAX_VALUE+1L || value == Integer.MIN_VALUE-1L) { priority = Priorities.NORMAL_PRIORITY; } String stringValue = IntAnnotation.getShortInteger(value)+"L"; if (value == 0xffffffffL) { stringValue = "0xffffffffL"; } else if (value == 0x80000000L) { stringValue = "0x80000000L"; } accumulator.accumulateBug(new BugInstance(this, "INT_BAD_COMPARISON_WITH_INT_VALUE", priority ).addClassAndMethod(this) .addString(stringValue).describe(StringAnnotation.STRING_NONSTRING_CONSTANT_ROLE) .addValueSource(left, this) , this); } } }
boolean foundVacuousComparison = false; if (seen == Const.IF_ICMPGT || seen == Const.IF_ICMPLE) { OpcodeStack.Item rhs = stack.getStackItem(0); Object rhsConstant = rhs.getConstant(); if (rhsConstant instanceof Integer && ((Integer) rhsConstant).intValue() == Integer.MAX_VALUE) { foundVacuousComparison = true; OpcodeStack.Item lhs = stack.getStackItem(1); Object lhsConstant = lhs.getConstant(); if (lhsConstant instanceof Integer && ((Integer) lhsConstant).intValue() == Integer.MIN_VALUE) { foundVacuousComparison = true; OpcodeStack.Item rhs = stack.getStackItem(0); Object rhsConstant = rhs.getConstant(); if (rhsConstant instanceof Integer && ((Integer) rhsConstant).intValue() == Integer.MIN_VALUE) { foundVacuousComparison = true; OpcodeStack.Item lhs = stack.getStackItem(1); Object lhsConstant = lhs.getConstant(); if (lhsConstant instanceof Integer && ((Integer) lhsConstant).intValue() == Integer.MAX_VALUE) { foundVacuousComparison = true; accumulator.accumulateBug(new BugInstance(DumbMethods.this, "INT_VACUOUS_COMPARISON", getBranchOffset() < 0 ? HIGH_PRIORITY : NORMAL_PRIORITY).addClassAndMethod(DumbMethods.this), DumbMethods.this);
/** * @return first argument of the called method if it's a constant */ private Optional<String> getFirstArgument() { Object value = getStack().getStackItem(getNumberArguments(getMethodDescriptorOperand().getSignature()) - 1) .getConstant(); return Optional.ofNullable(Objects.toString(value, null)); }
SourceLineAnnotation loopTop = SourceLineAnnotation.fromVisitedInstruction(getClassContext(), this, bb.to); int loopTopLine = loopTop.getStartLine(); BugInstance bug = new BugInstance(this, "IL_INFINITE_LOOP", HIGH_PRIORITY).addClassAndMethod(this) .addSourceLine(this, fcb.from).addSourceLine(loopBottom) .describe(SourceLineAnnotation.DESCRIPTION_LOOP_BOTTOM); int reg0 = fcb.item0.getRegisterNumber(); boolean reg0Invariant = true; if (reg0 >= 0 && fcb.item0.getConstant() == null) { reg0Invariant = !isRegModified(reg0, myBackwardsReach, bb.from); SourceLineAnnotation lastChange = SourceLineAnnotation.fromVisitedInstruction(getClassContext(), this, if (reg1 >= 0 && reg1 != reg0 && fcb.item1.getConstant() == null) { SourceLineAnnotation lastChange = SourceLineAnnotation.fromVisitedInstruction(getClassContext(), this, constantSince(fcb.item1));
@Override public void sawOpcode(int seen) { boolean shouldReportBug = false; if(seen == INVOKESPECIAL) { if(PATTERN_SEARCH_CONTROLS_INIT.matches(this)) { OpcodeStack.Item item = stack.getStackItem(1); Object param = item.getConstant(); shouldReportBug = param instanceof Integer && Integer.valueOf(1).equals(param); } } else if(seen == INVOKEVIRTUAL) { if(PATTERN_SEARCH_CONTROLS_SETTER.matches(this)) { OpcodeStack.Item item = stack.getStackItem(0); Object param = item.getConstant(); shouldReportBug = param instanceof Integer && Integer.valueOf(1).equals(param); } } if(shouldReportBug) { bugReporter.reportBug(new BugInstance(this, LDAP_ENTRY_POISONING, Priorities.NORMAL_PRIORITY) // .addClass(this).addMethod(this).addSourceLine(this)); } } }
/** * @return first argument of the called method if it's a constant */ private String getFirstArgument() { Object value = getStack().getStackItem(getNumberArguments(getMethodDescriptorOperand().getSignature()) - 1) .getConstant(); return value == null ? null : value.toString(); }
/** * @param seen * @param item */ private void reportVacuousBitOperation(int seen, OpcodeStack.Item item) { if (item.getConstant() == null) { accumulator .accumulateBug( new BugInstance(this, "INT_VACUOUS_BIT_OPERATION", NORMAL_PRIORITY) .addClassAndMethod(this) .addString(Const.getOpcodeName(seen)) .addOptionalAnnotation( LocalVariableAnnotation.getLocalVariableAnnotation(getMethod(), item, getPC())), this); } }
@Override public void sawOpcode(int seen) { if (seen == Const.INVOKEVIRTUAL && stack.getStackDepth() > 0 && "java/lang/String".equals(getClassConstantOperand())) { boolean lastIndexOf = "lastIndexOf".equals(getNameConstantOperand()); if (lastIndexOf || "indexOf".equals(getNameConstantOperand())) { int stackOff = -1; if ("(Ljava/lang/String;)I".equals(getSigConstantOperand())) { // sig: String stackOff = 0; } else if ("(Ljava/lang/String;I)I".equals(getSigConstantOperand())) { // sig: String, int stackOff = 1; } if (stackOff > -1) { OpcodeStack.Item item = stack.getStackItem(stackOff); Object o = item.getConstant(); if (o != null && ((String) o).length() == 1) { bugReporter.reportBug(new BugInstance(this, lastIndexOf ? "IIO_INEFFICIENT_LAST_INDEX_OF" : "IIO_INEFFICIENT_INDEX_OF", LOW_PRIORITY).addClassAndMethod(this) .describe(StringAnnotation.STRING_MESSAGE).addCalledMethod(this).addSourceLine(this)); } } } } }
@Override public void sawOpcode(int seen) { if (seen == Const.INVOKEVIRTUAL) { if ("equals".equals(getNameConstantOperand()) && "(Ljava/lang/Object;)Z".equals(getSigConstantOperand())) { OpcodeStack.Item item = stack.getStackItem(1); ClassDescriptor c = DescriptorFactory.createClassDescriptorFromSignature(item.getSignature()); check(c); } else if ("java/lang/Class".equals(getClassConstantOperand()) && ("isInstance".equals(getNameConstantOperand()) || "cast".equals(getNameConstantOperand()))) { OpcodeStack.Item item = stack.getStackItem(1); if ("Ljava/lang/Class;".equals(item.getSignature())) { Object value = item.getConstant(); if (value instanceof String) { ClassDescriptor c = DescriptorFactory.createClassDescriptor((String) value); check(c); } } } } else if (seen == Const.INSTANCEOF || seen == Const.CHECKCAST) { check(getClassDescriptorOperand()); } }
private void checkForCompatibleLongComparison(OpcodeStack.Item left, OpcodeStack.Item right) { if (left.getSpecialKind() == Item.RESULT_OF_I2L && right.getConstant() != null) { long value = ((Number) right.getConstant()).longValue(); if ( (value > Integer.MAX_VALUE || value < Integer.MIN_VALUE)) { int priority = Priorities.HIGH_PRIORITY; if (value == Integer.MAX_VALUE+1L || value == Integer.MIN_VALUE-1L) { priority = Priorities.NORMAL_PRIORITY; } String stringValue = IntAnnotation.getShortInteger(value)+"L"; if (value == 0xffffffffL) { stringValue = "0xffffffffL"; } else if (value == 0x80000000L) { stringValue = "0x80000000L"; } accumulator.accumulateBug(new BugInstance(this, "INT_BAD_COMPARISON_WITH_INT_VALUE", priority ).addClassAndMethod(this) .addString(stringValue).describe(StringAnnotation.STRING_NONSTRING_CONSTANT_ROLE) .addValueSource(left, this) , this); } } }
if(seen == Const.INVOKESTATIC && getClassConstantOperand().equals("java/lang/Math") && (getMethodDescriptorOperand().getName().equals("max") || getMethodDescriptorOperand().getName().equals("min"))) { Object const1 = stack.getStackItem(0).getConstant(); Object const2 = stack.getStackItem(1).getConstant(); Number n = null; if(const1 != null ^ const2 != null) { upperBound = lowerBound = null; XMethod rvo1 = stack.getStackItem(0).getReturnValueOf(); XMethod rvo2 = stack.getStackItem(1).getReturnValueOf(); if(rvo1 != null ^ rvo2 != null) { if(result > 0) { accumulator.accumulateBug( new BugInstance("DM_INVALID_MIN_MAX", HIGH_PRIORITY).addClassAndMethod(DumbMethods.this) .addString(String.valueOf(n)), DumbMethods.this);
private void markHardCodedItemsFromFlow() { for (int i = 0; i < stack.getStackDepth(); i++) { OpcodeStack.Item stackItem = stack.getStackItem(i); if ((stackItem.getConstant() != null || stackItem.isNull()) && !stackItem.getSignature().startsWith("[")) { setHardCodedItem(stackItem); } if (hasHardCodedFieldSource(stackItem)) { setHardCodedItem(stackItem); } } }
/** * @param seen * @param item */ private void reportVacuousBitOperation(int seen, OpcodeStack.Item item) { if (item.getConstant() == null) { accumulator .accumulateBug( new BugInstance(this, "INT_VACUOUS_BIT_OPERATION", NORMAL_PRIORITY) .addClassAndMethod(this) .addString(OPCODE_NAMES[seen]) .addOptionalAnnotation( LocalVariableAnnotation.getLocalVariableAnnotation(getMethod(), item, getPC())), this); } }
Object size = stack.getStackItem(0).getConstant(); Object formatStr = stack.getStackItem(1).getConstant(); if (size instanceof Integer && formatStr instanceof String) { arguments = new OpcodeStack.Item[(Integer) size]; state = FormatState.EXPECTING_ASSIGNMENT; } else if (state == FormatState.EXPECTING_ASSIGNMENT && stack.getStackDepth() == stackDepth + 3 && seen == Const.AASTORE) { Object pos = stack.getStackItem(1).getConstant(); OpcodeStack.Item value = stack.getStackItem(0); if (pos instanceof Integer) { bugReporter.reportBug(new BugInstance(this, "VA_FORMAT_STRING_USES_NEWLINE", NORMAL_PRIORITY) .addClassAndMethod(this).addCalledMethod(this).addString(formatString) .describe(StringAnnotation.FORMAT_STRING_ROLE).addSourceLine(this));
Object constantLength = length.getConstant(); if(src.getConstant() instanceof Integer) { length1 = (int) src.getConstant(); if(srcPos.getConstant() instanceof Integer) { length1 -= (int) srcPos.getConstant(); if(dest.getConstant() instanceof Integer) { length2 = (int) stack.getStackItem(2).getConstant(); if(destPos.getConstant() instanceof Integer) { length2 -= (int) stack.getStackItem(1).getConstant(); if(m.getSlashedClassName().equals("java/lang/String")) { if((m.getName().equals("charAt") || m.getName().equals("codePointAt")) && m.getSignature().startsWith("(I)")) { checkRange(stack.getStackItem(0), 0, stack.getStackItem(1).getConstant(), "RANGE_STRING_INDEX"); Object thisConstantValue = thisArg.getConstant(); int maxLength = thisConstantValue instanceof String ? ((String)thisConstantValue).length() : Integer.MAX_VALUE; checkRange(firstArg, 0,maxLength, "RANGE_STRING_INDEX"); checkRange(secondArg, firstArg.getConstant() == null ? 0 : firstArg.getConstant(), maxLength, "RANGE_STRING_INDEX"); if(arrayArg.getConstant() instanceof Integer) { length = (int) arrayArg.getConstant();