private static AnnotationEntry findRequestMappingAnnotation(Method method) { for (AnnotationEntry annotationEntry : method.getAnnotationEntries()) { if (REQUEST_MAPPING_ANNOTATION_TYPE.equals(annotationEntry.getAnnotationType())) { return annotationEntry; } } return null; }
private boolean hasRequestMapping(JavaClass clazz) { Method[] methods = clazz.getMethods(); for (Method m: methods) { AnnotationEntry[] annotations = m.getAnnotationEntries(); for (AnnotationEntry ae: annotations) { if (REQUEST_MAPPING_ANNOTATION_TYPES.contains(ae.getAnnotationType())) { return true; } } } return false; }
@Override public void visitMethod(Method obj) { if (!obj.isPrivate() || obj.isSynthetic()) { return; } super.visitMethod(obj); String methodName = getMethodName(); if (!"writeReplace".equals(methodName) && !"readResolve".equals(methodName) && !"readObject".equals(methodName) && !"readObjectNoData".equals(methodName) && !"writeObject".equals(methodName) && methodName.indexOf("debug") == -1 && methodName.indexOf("Debug") == -1 && methodName.indexOf("trace") == -1 && methodName.indexOf("Trace") == -1 && !Const.CONSTRUCTOR_NAME.equals(methodName) && !Const.STATIC_INITIALIZER_NAME.equals(methodName)) { for(AnnotationEntry a : obj.getAnnotationEntries()) { String typeName = a.getAnnotationType(); if ("Ljavax/annotation/PostConstruct;".equals(typeName) || "Ljavax/annotation/PreDestroy;".equals(typeName)) { return; } } definedPrivateMethods.add(MethodAnnotation.fromVisitedMethod(this)); } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); method : for (Method m : javaClass.getMethods()) { for (AnnotationEntry ae : m.getAnnotationEntries()) { if (REQUEST_MAPPING_ANNOTATION_TYPES.contains(ae.getAnnotationType())) { bugReporter.reportBug(new BugInstance(this, SPRING_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClassAndMethod(javaClass, m)); continue method; } } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); for (Method m : javaClass.getMethods()) { for (AnnotationEntry ae : m.getAnnotationEntries()) { //Every method mark with @javax.jws.WebMethod is mark as an Endpoint if (ae.getAnnotationType().equals("Ljavax/jws/WebMethod;")) { bugReporter.reportBug(new BugInstance(this, JAXWS_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClassAndMethod(javaClass, m)); } } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); for (Method m : javaClass.getMethods()) { for (AnnotationEntry ae : m.getAnnotationEntries()) { //Every method mark with @javax.ws.rs.Path is mark as an Endpoint if (ae.getAnnotationType().equals("Ljavax/ws/rs/Path;")) { bugReporter.reportBug(new BugInstance(this, JAXRS_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClassAndMethod(javaClass, m)); } } } }
@Override public void visitAnnotation(Annotations arg0) { for (AnnotationEntry ae : arg0.getAnnotationEntries()) { boolean runtimeVisible = ae.isRuntimeVisible(); String name = ClassName.fromFieldSignature(ae.getAnnotationType()); if (name == null) { continue; } name = ClassName.toDottedClassName(name); Map<String, ElementValue> map = new HashMap<>(); for (ElementValuePair ev : ae.getElementValuePairs()) { map.put(ev.getNameString(), ev.getValue()); } visitAnnotation(name, map, runtimeVisible); } } }
private void analyzeField(Field field, JavaClass javaClass) { for (AnnotationEntry annotation : field.getAnnotationEntries()) { if (ANNOTATION_TYPES.contains(annotation.getAnnotationType()) || annotation.getAnnotationType().contains("JsonTypeInfo")) { for (ElementValuePair elementValuePair : annotation.getElementValuePairs()) { if ("use".equals((elementValuePair.getNameString())) && VULNERABLE_USE_NAMES.contains(elementValuePair.getValue().stringifyValue())) { bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY) .addClass(javaClass) .addString(javaClass.getClassName() + " on field " + field.getName() + " of type " + field.getType() + " annotated with " + annotation.toShortString()) .addField(FieldAnnotation.fromBCELField(javaClass, field)) .addString("") ); } } } } }
@Override public void visitParameterAnnotation(ParameterAnnotations arg0) { ParameterAnnotationEntry[] parameterAnnotationEntries = arg0.getParameterAnnotationEntries(); int numParametersToMethod = getNumberMethodArguments(); int offset = 0; if (numParametersToMethod > parameterAnnotationEntries.length) { offset = 1; } for (int i = 0; i < parameterAnnotationEntries.length; i++) { ParameterAnnotationEntry e = parameterAnnotationEntries[i]; for (AnnotationEntry ae : e.getAnnotationEntries()) { boolean runtimeVisible = ae.isRuntimeVisible(); String name = ClassName.fromFieldSignature(ae.getAnnotationType()); if (name == null) { continue; } name = ClassName.toDottedClassName(name); Map<String, ElementValue> map = new HashMap<>(); for (ElementValuePair ev : ae.getElementValuePairs()) { map.put(ev.getNameString(), ev.getValue()); } visitParameterAnnotation(offset + i, name, map, runtimeVisible); } } }
String type = entry.getAnnotationType();
public static boolean methodHasNullableAnnotation(Method m) { for (AnnotationEntry entry : m.getAnnotationEntries()) { String annotationType = entry.getAnnotationType(); if (NULLABLE_ANNOTATIONS.contains(annotationType)) { return true; } } return false; }
private static AnnotationEntry findRequestMappingAnnotation(Method method) { for (AnnotationEntry annotationEntry : method.getAnnotationEntries()) { if (REQUEST_MAPPING_ANNOTATION_TYPE.equals(annotationEntry.getAnnotationType())) { return annotationEntry; } } return null; }
public static boolean methodHasNullableAnnotation(Method m) { for (AnnotationEntry entry : m.getAnnotationEntries()) { String annotationType = entry.getAnnotationType(); if (NULLABLE_ANNOTATIONS.contains(annotationType)) { return true; } } return false; }
private boolean hasRequestMapping(JavaClass clazz) { Method[] methods = clazz.getMethods(); for (Method m: methods) { AnnotationEntry[] annotations = m.getAnnotationEntries(); for (AnnotationEntry ae: annotations) { if (REQUEST_MAPPING_ANNOTATION_TYPES.contains(ae.getAnnotationType())) { return true; } } } return false; }
@Override public void visitCode(Code obj) { Method m = getMethod(); for (AnnotationEntry annotation : m.getAnnotationEntries()) { String type = annotation.getAnnotationType(); if (type.startsWith("Lorg/junit/") || type.startsWith("Lorg/testng/")) { return; } } stack.resetForMethodEntry(this); super.visitCode(obj); }
@Override public void visitCode(Code obj) { Method m = getMethod(); for (AnnotationEntry annotation : m.getAnnotationEntries()) { String type = annotation.getAnnotationType(); if (type.startsWith("Lorg/junit/") || type.startsWith("Lorg/testng/")) { return; } } stack.resetForMethodEntry(this); super.visitCode(obj); }
@Override public void visitAnnotation(Annotations annotations) { for (AnnotationEntry entry : annotations.getAnnotationEntries()) { String annotationType = entry.getAnnotationType(); if (BEAN_ANNOTATIONS.contains(annotationType)) { Statistics.getStatistics().addAutowiredBean(getDottedClassName()); } } }
@Override public void visitAnnotation(Annotations annotations) { for (AnnotationEntry entry : annotations.getAnnotationEntries()) { String annotationType = entry.getAnnotationType(); if (BEAN_ANNOTATIONS.contains(annotationType)) { Statistics.getStatistics().addAutowiredBean(getDottedClassName()); } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); for (Method m : javaClass.getMethods()) { for (AnnotationEntry ae : m.getAnnotationEntries()) { //Every method mark with @javax.ws.rs.Path is mark as an Endpoint if (ae.getAnnotationType().equals("Ljavax/ws/rs/Path;")) { bugReporter.reportBug(new BugInstance(this, JAXRS_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClassAndMethod(javaClass, m)); } } } }
@Override public void visitClassContext(ClassContext classContext) { JavaClass javaClass = classContext.getJavaClass(); for (Method m : javaClass.getMethods()) { for (AnnotationEntry ae : m.getAnnotationEntries()) { //Every method mark with @javax.jws.WebMethod is mark as an Endpoint if (ae.getAnnotationType().equals("Ljavax/jws/WebMethod;")) { bugReporter.reportBug(new BugInstance(this, JAXWS_ENDPOINT_TYPE, Priorities.LOW_PRIORITY) // .addClassAndMethod(javaClass, m)); } } } }