public ClassElementValueGen(final ObjectType t, final ConstantPoolGen cpool) { super(ElementValueGen.CLASS, cpool); // this.idx = cpool.addClass(t); idx = cpool.addUtf8(t.getSignature()); }
public AnnotationEntryGen(final ObjectType type, final List<ElementValuePairGen> elements, final boolean vis, final ConstantPoolGen cpool) { this.cpool = cpool; this.typeIndex = cpool.addUtf8(type.getSignature()); evs = elements; isRuntimeVisible = vis; }
public EnumElementValueGen(final ObjectType t, final String value, final ConstantPoolGen cpool) { super(ElementValueGen.ENUM_CONSTANT, cpool); typeIdx = cpool.addUtf8(t.getSignature());// was addClass(t); valueIdx = cpool.addUtf8(value);// was addString(value); }
public int findFirstStringLocalVariableOffset(final Method method) { final Type[] argumentTypes = method.getArgumentTypes(); int offset = -1; for (int i = 0, count = argumentTypes.length; i < count; i++) { if (Type.STRING.getSignature().equals(argumentTypes[i].getSignature())) { if (method.isStatic()) { offset = i; } else { offset = i + 1; } break; } } return offset; } }
@Override public void visitCHECKCAST(CHECKCAST obj) { // cast to a safe object type ObjectType objectType = obj.getLoadClassType(cpg); if (objectType == null) { return; } String objectTypeSignature = objectType.getSignature(); if(!taintConfig.isClassTaintSafe(objectTypeSignature)) { return; } try { getFrame().popValue(); pushSafe(); } catch (DataflowAnalysisException ex) { throw new InvalidBytecodeException("empty stack for checkcast", ex); } }
@Override public void visitCHECKCAST(CHECKCAST obj) { // cast to a safe object type ObjectType objectType = obj.getLoadClassType(cpg); if (objectType == null) { return; } String objectTypeSignature = objectType.getSignature(); if(!taintConfig.isClassTaintSafe(objectTypeSignature)) { return; } try { getFrame().popValue(); pushSafe(); } catch (DataflowAnalysisException ex) { throw new InvalidBytecodeException("empty stack for checkcast", ex); } }
@Override public void visitGETSTATIC(GETSTATIC obj) { // Scala uses some classes to represent null instances of objects // If we find one of them, we will handle it as a Java Null if (obj.getLoadClassType(getCPG()).getSignature().equals("Lscala/collection/immutable/Nil$;")) { if (FindSecBugsGlobalConfig.getInstance().isDebugTaintState()) { getFrame().pushValue(new Taint(Taint.State.NULL).setDebugInfo("NULL")); } else { getFrame().pushValue(new Taint(Taint.State.NULL)); } } else { super.visitGETSTATIC(obj); } }
@Override public void visitGETSTATIC(GETSTATIC obj) { // Scala uses some classes to represent null instances of objects // If we find one of them, we will handle it as a Java Null if (obj.getLoadClassType(getCPG()).getSignature().equals("Lscala/collection/immutable/Nil$;")) { if (FindSecBugsGlobalConfig.getInstance().isDebugTaintState()) { getFrame().pushValue(new Taint(Taint.State.NULL).setDebugInfo("NULL")); } else { getFrame().pushValue(new Taint(Taint.State.NULL)); } } else { //super.visitGETSTATIC(obj); String fieldSig = obj.getClassName(cpg).replaceAll("\\.","/")+"."+obj.getName(cpg); Taint.State state = taintConfig.getClassTaintState(fieldSig, Taint.State.UNKNOWN); Taint taint = new Taint(state); if (!state.equals(Taint.State.SAFE)){ taint.addLocation(getTaintLocation(), false); } taint.addSource(new UnknownSource(UnknownSourceType.FIELD,state).setSignatureField(fieldSig)); int numConsumed = getNumWordsConsumed(obj); int numProduced = getNumWordsProduced(obj); modelInstruction(obj, numConsumed, numProduced, taint); notifyAdditionalVisitorField(obj, methodGen, getFrame(), taint, numProduced); } }