@Override public void visit(Field f) { if (f.getName().startsWith("this$")) { isInnerClass = true; } }
private boolean badFieldName(Field obj) { String fieldName = obj.getName(); return !obj.isFinal() && Character.isLetter(fieldName.charAt(0)) && !Character.isLowerCase(fieldName.charAt(0)) && fieldName.indexOf('_') == -1 && Character.isLetter(fieldName.charAt(1)) && Character.isLowerCase(fieldName.charAt(1)); }
private static @CheckForNull String getSignatureOfOuterClass(JavaClass obj) { for (Field f : obj.getFields()) { if (f.getName().startsWith("this$")) { return f.getSignature(); } } return null; }
@Override public void visit(Field obj) { super.visit(obj); if (obj.isFinal()) { finalFields.add(obj.getName()); } }
@Override public void visit(Field obj) { int accessFlags = obj.getAccessFlags(); if ((accessFlags & Const.ACC_STATIC) != 0) { return; } if (!obj.getName().startsWith("this$") && !BCELUtil.isSynthetic(obj) && !obj.isTransient()) { hasFields = true; } }
@Override public void visit(Field obj) { if ("this$0".equals(obj.getName())) { isInnerClass = true; } if (!obj.isFinal() && !obj.isStatic() && !BCELUtil.isSynthetic(obj)) { hasNonFinalFields = true; } }
@Override public void visit(Field obj) { super.visit(obj); XField f = XFactory.createXField(this); data.allMyFields.add(f); String signature = obj.getSignature(); if (!"serialVersionUID".equals(getFieldName())) { data.myFields.add(f); if ("_jspx_dependants".equals(obj.getName())) { data.containerFields.add(f); } } if (isSeleniumWebElement(signature)) { data.containerFields.add(f); } }
/** * @param obj * the field to parse * @return a descriptor for the field */ protected FieldDescriptor parseField(Field obj) { return new FieldDescriptor(slashedClassName, obj.getName(), obj.getSignature(), obj.isStatic()); }
/** * Find a field with given name defined in given class. * * @param className * the name of the class * @param fieldName * the name of the field * @return the Field, or null if no such field could be found */ public static Field findField(String className, String fieldName) throws ClassNotFoundException { JavaClass jclass = Repository.lookupClass(className); while (jclass != null) { Field[] fieldList = jclass.getFields(); for (Field field : fieldList) { if (field.getName().equals(fieldName)) { return field; } } jclass = jclass.getSuperClass(); } return null; }
/** * Factory method. Construct from class name and BCEL Field object. * * @param className * the name of the class which defines the field * @param field * the BCEL Field object * @return the FieldAnnotation */ public static FieldAnnotation fromBCELField(@DottedClassName String className, Field field) { return new FieldAnnotation(className, field.getName(), field.getSignature(), field.isStatic()); }
/** * Factory method. Construct from class name and BCEL Field object. * * @param jClass * the class which defines the field * @param field * the BCEL Field object * @return the FieldAnnotation */ public static FieldAnnotation fromBCELField(JavaClass jClass, Field field) { return new FieldAnnotation(jClass.getClassName(), field.getName(), field.getSignature(), field.isStatic()); }
public FieldDescriptor getFieldDescriptor(@SlashedClassName String className, Field ma) { return getFieldDescriptor(className, ma.getName(), ma.getSignature(), ma.isStatic()); }
/** * Create an XField object from a BCEL Field. * * @param className * the name of the Java class containing the field * @param field * the Field within the JavaClass * @return the created XField */ public static XField createXField(String className, Field field) { String fieldName = field.getName(); String fieldSig = field.getSignature(); XField xfield = getExactXField(className, fieldName, fieldSig, field.isStatic()); assert xfield.isResolved() : "Could not exactly resolve " + xfield; return xfield; }
public static boolean isJSP(JavaClass javaClass) { @DottedClassName String className = javaClass.getClassName(); if ( className.endsWith("_jsp") || className.endsWith("_tag")) { return true; } for(Method m : javaClass.getMethods()) { if (m.getName().startsWith("_jsp")) { return true; } } for(Field f : javaClass.getFields()) { if (f.getName().startsWith("_jsp")) { return true; } } return Subtypes2.instanceOf(className, "javax.servlet.jsp.JspPage") || Subtypes2.instanceOf(className, "org.apache.jasper.runtime.HttpJspBase") || Subtypes2.instanceOf(className, "javax.servlet.jsp.tagext.SimpleTagSupport") || Subtypes2.instanceOf(className, " org.apache.jasper.runtime.JspSourceDependent"); }
@Override public void visit(Field obj) { if (isReservedName(obj.getName())) { BugInstance bug = new BugInstance(this, "NM_FUTURE_KEYWORD_USED_AS_MEMBER_IDENTIFIER", isVisible(obj) ? HIGH_PRIORITY : NORMAL_PRIORITY).addClass(this).addField(this); bugReporter.reportBug(bug); } }
if (f.getName().length() >= 2 && badFieldName(f)) { badFieldNames++;
private void analyzeField(Field field, JavaClass javaClass) { for (AnnotationEntry annotation : field.getAnnotationEntries()) { if (ANNOTATION_TYPES.contains(annotation.getAnnotationType()) || annotation.getAnnotationType().contains("JsonTypeInfo")) { for (ElementValuePair elementValuePair : annotation.getElementValuePairs()) { if ("use".equals((elementValuePair.getNameString())) && VULNERABLE_USE_NAMES.contains(elementValuePair.getValue().stringifyValue())) { bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY) .addClass(javaClass) .addString(javaClass.getClassName() + " on field " + field.getName() + " of type " + field.getType() + " annotated with " + annotation.toShortString()) .addField(FieldAnnotation.fromBCELField(javaClass, field)) .addString("") ); } } } } }
@Override public void visitField(Field obj) { if (obj.isProtected()) { bugReporter.reportBug(new BugInstance(this, "CI_CONFUSED_INHERITANCE", LOW_PRIORITY).addClass(cls).addField( new FieldAnnotation(cls.getClassName(), obj.getName(), obj.getSignature(), obj.isStatic()))); } }
@Override public void visit(JavaClass obj) { if (Subtypes2.instanceOf(obj, "java.util.Comparator") && !ClassName.isLocalOrAnonymous(getClassName()) && !Subtypes2.instanceOf(obj, "java.io.Serializable")) { int priority = NORMAL_PRIORITY; if (obj.isInterface() || obj.isAbstract()) { return; } double easilySerializable = 1.0; for (Field f : obj.getFields()) { try { if (f.getName().startsWith("this$")) { return; } String signature = f.getSignature(); char firstChar = signature.charAt(0); if (firstChar == 'L' || firstChar == '[') { easilySerializable *= DeepSubtypeAnalysis.isDeepSerializable(signature); } } catch (ClassNotFoundException e) { easilySerializable = 0.0; break; } } if (easilySerializable < 0.9) { priority = LOW_PRIORITY; } bugReporter.reportBug(new BugInstance(this, "SE_COMPARATOR_SHOULD_BE_SERIALIZABLE", priority).addClass(this)); } }
addFeature(FIELD_NAME_KEY + field.getName() + ":" + transformSignature(field.getSignature()));