private boolean isResourceType(Tree operand) { return operand instanceof IdentifierTree && Constants.SLING_RESOURCE_QUALIFIED_NAME .equals(((IdentifierTree) operand).symbolType().fullyQualifiedName()); }
private static List<VariableTree> matchingTypesWrongOrder(ParametersList formalParameterList, List<IdentifierTree> argumentList) { Iterator<IdentifierTree> argumentsIterator = argumentList.stream().filter(Objects::nonNull).iterator(); List<VariableTree> misplacedParameters = new ArrayList<>(); while (argumentsIterator.hasNext()) { IdentifierTree argument = argumentsIterator.next(); int index = formalParameterList.indexOf(argument.name().toLowerCase(Locale.ENGLISH)); Type formalType = formalParameterList.typeOfIndex(index); Type argType = argument.symbolType(); if (!formalType.is(argType.fullyQualifiedName()) || formalType.isUnknown() || argType.isUnknown()) { return Collections.emptyList(); } if (argumentList.indexOf(argument) != index) { misplacedParameters.add(formalParameterList.parameterAt(index)); } } if (misplacedParameters.size() >= 2) { return misplacedParameters; } return Collections.emptyList(); }
private static List<VariableTree> matchingTypesWrongOrder(ParametersList formalParameterList, List<IdentifierTree> argumentList) { Iterator<IdentifierTree> argumentsIterator = argumentList.stream().filter(Objects::nonNull).iterator(); List<VariableTree> misplacedParameters = new ArrayList<>(); while (argumentsIterator.hasNext()) { IdentifierTree argument = argumentsIterator.next(); int index = formalParameterList.indexOf(argument.name().toLowerCase(Locale.ENGLISH)); Type formalType = formalParameterList.typeOfIndex(index); Type argType = argument.symbolType(); if (!formalType.is(argType.fullyQualifiedName()) || formalType.isUnknown() || argType.isUnknown()) { return Collections.emptyList(); } if (argumentList.indexOf(argument) != index) { misplacedParameters.add(formalParameterList.parameterAt(index)); } } if (misplacedParameters.size() >= 2) { return misplacedParameters; } return Collections.emptyList(); }
private JavaSymbol resolveConstructorSymbol(IdentifierTree identifier, Resolve.Env methodEnv, List<JavaType> argTypes) { JavaSymbol symbol = resolve.findMethod(methodEnv, (JavaType) identifier.symbolType(), "<init>", argTypes).symbol(); associateReference(identifier, symbol); return symbol; }
private JavaSymbol resolveConstructorSymbol(IdentifierTree identifier, Resolve.Env methodEnv, List<JavaType> argTypes) { JavaSymbol symbol = resolve.findMethod(methodEnv, (JavaType) identifier.symbolType(), "<init>", argTypes).symbol(); associateReference(identifier, symbol); return symbol; }
@CheckForNull private static MethodJavaType getMethodType(JavaSymbol.MethodJavaSymbol methodSymbol, Tree methodName) { if (!methodSymbol.isParametrized()) { return null; } Type type = null; if (methodName.is(Tree.Kind.MEMBER_SELECT)) { type = ((MemberSelectExpressionTree) methodName).identifier().symbolType(); } else if (methodName.is(Tree.Kind.IDENTIFIER)) { type = ((IdentifierTree) methodName).symbolType(); } else if (methodName.is(Tree.Kind.PARAMETERIZED_TYPE)) { type = ((ParameterizedTypeTree) methodName).symbolType(); } if (type instanceof MethodJavaType) { return (MethodJavaType) type; } return null; }
@CheckForNull private static MethodJavaType getMethodType(JavaSymbol.MethodJavaSymbol methodSymbol, Tree methodName) { if (!methodSymbol.isParametrized()) { return null; } Type type = null; if (methodName.is(Tree.Kind.MEMBER_SELECT)) { type = ((MemberSelectExpressionTree) methodName).identifier().symbolType(); } else if (methodName.is(Tree.Kind.IDENTIFIER)) { type = ((IdentifierTree) methodName).symbolType(); } else if (methodName.is(Tree.Kind.PARAMETERIZED_TYPE)) { type = ((ParameterizedTypeTree) methodName).symbolType(); } if (type instanceof MethodJavaType) { return (MethodJavaType) type; } return null; }
private static ProgramState handleOpenOptionAppend(ProgramState programState, IdentifierTree identifier) { if (identifier.symbolType().is("java.nio.file.StandardOpenOption") && "APPEND".equals(identifier.name())) { return programState.addConstraint(programState.peekValue(), new FileOutputStreamAppendConstraint(identifier)); } return programState; }
private static ProgramState handleOpenOptionAppend(ProgramState programState, IdentifierTree identifier) { if (identifier.symbolType().is("java.nio.file.StandardOpenOption") && "APPEND".equals(identifier.name())) { return programState.addConstraint(programState.peekValue(), new FileOutputStreamAppendConstraint(identifier)); } return programState; }
private static boolean shouldVerify(AssignmentExpressionTree assignment) { if (assignment.expression().is(Tree.Kind.NEW_CLASS) && assignment.variable().is(Tree.Kind.IDENTIFIER)) { IdentifierTree identifier = (IdentifierTree) assignment.variable(); boolean isMethodVariable = identifier.symbol().isVariableSymbol() && identifier.symbol().owner().isMethodSymbol(); boolean isSupportedClass = CLASSES.stream().anyMatch(identifier.symbolType()::isSubtypeOf) || CLASSES.stream().anyMatch(assignment.expression().symbolType()::isSubtypeOf); return isMethodVariable && isSupportedClass; } return false; }
private static boolean shouldVerify(AssignmentExpressionTree assignment) { if (assignment.expression().is(Tree.Kind.NEW_CLASS) && assignment.variable().is(Tree.Kind.IDENTIFIER)) { IdentifierTree identifier = (IdentifierTree) assignment.variable(); boolean isMethodVariable = identifier.symbol().isVariableSymbol() && identifier.symbol().owner().isMethodSymbol(); boolean isSupportedClass = CLASSES.stream().anyMatch(identifier.symbolType()::isSubtypeOf) || CLASSES.stream().anyMatch(assignment.expression().symbolType()::isSubtypeOf); return isMethodVariable && isSupportedClass; } return false; }
@Override public void visitIdentifier(IdentifierTree tree) { Type type = tree.symbolType(); if (type instanceof MethodJavaType) { type = ((MethodJavaType) type).resultType(); } if (!sameErasure(type) && type.isSubtypeOf(classType.erasure())) { reportIssue(tree, String.format("Remove this reference to \"%s\".", type.symbol().name())); } }
@Override public void visitIdentifier(IdentifierTree tree) { Type type = tree.symbolType(); if (type instanceof MethodJavaType) { type = ((MethodJavaType) type).resultType(); } if (!sameErasure(type) && type.isSubtypeOf(classType.erasure())) { reportIssue(tree, String.format("Remove this reference to \"%s\".", type.symbol().name())); } }
private void checkIdentifier(IdentifierTree identifier) { Symbol.TypeSymbol enclosingClass = identifier.symbol().enclosingClass(); if (enclosingClass != null && enclosingClass.type().is("java.lang.System") && identifier.symbolType().is("java.io.InputStream") && identifier.name().equals("in") && !isClosingStream(identifier.parent())) { reportIssue(identifier); } }
private static boolean throwsNoSuchElementException(MethodInvocationTree methodInvocationTree) { Symbol symbol = methodInvocationTree.symbol(); if (!symbol.isMethodSymbol()) { return false; } if (throwsNoSuchElementException(((Symbol.MethodSymbol) symbol).thrownTypes())) { return true; } MethodJavaType methodJavaType = (MethodJavaType) ExpressionUtils.methodName(methodInvocationTree).symbolType(); return throwsNoSuchElementException(methodJavaType.thrownTypes()); }
private void checkIdentifier(IdentifierTree identifier) { Symbol.TypeSymbol enclosingClass = identifier.symbol().enclosingClass(); if (enclosingClass != null && enclosingClass.type().is("java.lang.System") && identifier.symbolType().is("java.io.InputStream") && identifier.name().equals("in") && !isClosingStream(identifier.parent())) { reportIssue(identifier); } }
private static boolean throwsNoSuchElementException(MethodInvocationTree methodInvocationTree) { Symbol symbol = methodInvocationTree.symbol(); if (!symbol.isMethodSymbol()) { return false; } if (throwsNoSuchElementException(((Symbol.MethodSymbol) symbol).thrownTypes())) { return true; } MethodJavaType methodJavaType = (MethodJavaType) ExpressionUtils.methodName(methodInvocationTree).symbolType(); return throwsNoSuchElementException(methodJavaType.thrownTypes()); }
@Override public void visitAssignmentExpression(AssignmentExpressionTree tree) { ExpressionTree variable = tree.variable(); if (variable.is(Tree.Kind.IDENTIFIER, Tree.Kind.MEMBER_SELECT)) { ExpressionTree expression = tree.expression(); // check first usage of closeables in order to manage use of same symbol executionState.checkUsageOfClosables(expression); IdentifierTree identifier; if (variable.is(Tree.Kind.IDENTIFIER)) { identifier = (IdentifierTree) variable; } else { identifier = ((MemberSelectExpressionTree) variable).identifier(); } Symbol symbol = identifier.symbol(); if (isCloseableOrAutoCloseableSubtype(identifier.symbolType()) && symbol.owner().isMethodSymbol()) { executionState.addCloseable(symbol, identifier, expression); } } }
private void addToUnsecuredCookies(AssignmentExpressionTree assignment) { if (assignment.expression().is(Tree.Kind.NEW_CLASS) && assignment.variable().is(Tree.Kind.IDENTIFIER)) { IdentifierTree assignmentVariable = (IdentifierTree) assignment.variable(); Symbol assignmentVariableSymbol = assignmentVariable.symbol(); boolean isMethodVariable = assignmentVariableSymbol.isVariableSymbol() && assignmentVariableSymbol.owner().isMethodSymbol(); boolean isMatchedType = isCookieClass(assignmentVariable.symbolType()) || isCookieClass(assignment.expression().symbolType()); if (isMethodVariable && isMatchedType && isSecureParamFalse((NewClassTree) assignment.expression())) { unsecuredCookies.add((Symbol.VariableSymbol) assignmentVariableSymbol); } } }
private void addToUnsecuredCookies(AssignmentExpressionTree assignment) { if (assignment.expression().is(Tree.Kind.NEW_CLASS) && assignment.variable().is(Tree.Kind.IDENTIFIER)) { IdentifierTree assignmentVariable = (IdentifierTree) assignment.variable(); Symbol assignmentVariableSymbol = assignmentVariable.symbol(); boolean isMethodVariable = assignmentVariableSymbol.isVariableSymbol() && assignmentVariableSymbol.owner().isMethodSymbol(); boolean isMatchedType = isCookieClass(assignmentVariable.symbolType()) || isCookieClass(assignment.expression().symbolType()); if (isMethodVariable && isMatchedType && isSecureParamFalse((NewClassTree) assignment.expression())) { unsecuredCookies.add((Symbol.VariableSymbol) assignmentVariableSymbol); } } }