private void analyzeField(Field field, JavaClass javaClass) { for (AnnotationEntry annotation : field.getAnnotationEntries()) { if (ANNOTATION_TYPES.contains(annotation.getAnnotationType()) || annotation.getAnnotationType().contains("JsonTypeInfo")) { for (ElementValuePair elementValuePair : annotation.getElementValuePairs()) { if ("use".equals((elementValuePair.getNameString())) && VULNERABLE_USE_NAMES.contains(elementValuePair.getValue().stringifyValue())) { bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY) .addClass(javaClass) .addString(javaClass.getClassName() + " on field " + field.getName() + " of type " + field.getType() + " annotated with " + annotation.toShortString()) .addField(FieldAnnotation.fromBCELField(javaClass, field)) .addString("") ); } } } } }
@Override public void visitField(Field obj) { if (obj.getAnnotationEntries().length > 0) { fieldsWithAnnotations.add(getFieldDescriptor()); } }
@Override public void visitField(Field obj) { if (obj.getAnnotationEntries().length > 0) { fieldsWithAnnotations.add(getFieldDescriptor()); } }
/** * looks to see the field has a runtime visible annotation, if it does it might be autowired or some other mechanism attached that makes them less * interesting for a toString call. * * @param f * the field to check * @return if the field has a runtime visible annotation */ private static boolean fieldHasRuntimeVisibleAnnotation(Field f) { AnnotationEntry[] annotations = f.getAnnotationEntries(); if (annotations != null) { for (AnnotationEntry annotation : annotations) { if (annotation.isRuntimeVisible()) { return true; } } } return false; }
/** * looks to see the field has a runtime visible annotation, if it does it might * be autowired or some other mechanism attached that makes them less * interesting for a toString call. * * @param f the field to check * @return if the field has a runtime visible annotation */ private static boolean fieldHasRuntimeVisibleAnnotation(Field f) { AnnotationEntry[] annotations = f.getAnnotationEntries(); if (annotations != null) { for (AnnotationEntry annotation : annotations) { if (annotation.isRuntimeVisible()) { return true; } } } return false; }
public void checkAnnotatedField(final JavaClass clazz, final String fieldname, final String AnnotationEntryName, final String AnnotationEntryElementName, final String AnnotationEntryElementValue) { final Field[] fields = clazz.getFields(); for (final Field f : fields) { final AnnotationEntry[] fieldAnnotationEntrys = f.getAnnotationEntries(); if (f.getName().equals(fieldname)) { checkAnnotationEntry(fieldAnnotationEntrys[0], AnnotationEntryName, AnnotationEntryElementName, AnnotationEntryElementValue); } } }
private void analyzeField(Field field, JavaClass javaClass) { for (AnnotationEntry annotation : field.getAnnotationEntries()) { if (ANNOTATION_TYPES.contains(annotation.getAnnotationType()) || annotation.getAnnotationType().contains("JsonTypeInfo")) { for (ElementValuePair elementValuePair : annotation.getElementValuePairs()) { if ("use".equals((elementValuePair.getNameString())) && VULNERABLE_USE_NAMES.contains(elementValuePair.getValue().stringifyValue())) { bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY) .addClass(javaClass) .addString(javaClass.getClassName() + " on field " + field.getName() + " of type " + field.getType() + " annotated with " + annotation.toShortString()) .addField(FieldAnnotation.fromBCELField(javaClass, field)) .addString("") ); } } } } }
boolean hasAutowired = false; String qualifier = ""; for (AnnotationEntry entry : field.getAnnotationEntries()) { switch (entry.getAnnotationType()) { case SPRING_AUTOWIRED:
boolean hasAutowired = false; String qualifier = ""; for (AnnotationEntry entry : field.getAnnotationEntries()) { switch (entry.getAnnotationType()) { case SPRING_AUTOWIRED:
boolean hasAutowired = false; String qualifier = ""; for (AnnotationEntry entry : field.getAnnotationEntries()) { switch (entry.getAnnotationType()) { case SPRING_AUTOWIRED:
boolean hasAutowired = false; String qualifier = ""; for (AnnotationEntry entry : field.getAnnotationEntries()) { switch (entry.getAnnotationType()) { case SPRING_AUTOWIRED:
FieldAnnotation fa = new FieldAnnotation(cls.getClassName(), f.getName(), f.getSignature(), false); boolean hasExternalAnnotation = false; for (AnnotationEntry entry : f.getAnnotationEntries()) { ConstantUtf8 cutf = (ConstantUtf8) cp.getConstant(entry.getTypeIndex()); if (!cutf.getBytes().startsWith(Values.JAVA)) {
FieldAnnotation fa = new FieldAnnotation(cls.getClassName(), f.getName(), f.getSignature(), false); boolean hasExternalAnnotation = false; for (AnnotationEntry entry : f.getAnnotationEntries()) { ConstantUtf8 cutf = (ConstantUtf8) cp.getConstant(entry.getTypeIndex()); if (!cutf.getBytes().startsWith(Values.JAVA)) {
+ dumpAnnotationEntries(f.getAnnotationEntries())); + f.getAnnotationEntries().length, f.getAnnotationEntries().length == 2);