private void checkName(Tree tree) { if (tree instanceof IdentifierTree) { String name = ((IdentifierTree) tree).name(); if (!pattern.matcher(name).matches()) { addIssue(tree, String.format(MESSAGE, name, format)); } } } }
private static boolean propertyIsDeprecated(ExpressionTree property, List<String> deprecated) { if (property.is(Tree.Kind.PROPERTY_IDENTIFIER)) { IdentifierTree identifier = (IdentifierTree) property; return deprecated.contains(identifier.name()); } return false; } }
private static boolean propertyIsDeprecated(ExpressionTree property, List<String> deprecated) { if (property.is(Tree.Kind.IDENTIFIER_NAME)){ IdentifierTree identifier = (IdentifierTree) property; return deprecated.contains(identifier.name()); } return false; } }
private static boolean isFunctionConstructorWithPossibleInjection(ExpressionTree tree, @Nullable ArgumentListTree arguments) { boolean result = false; if (tree.is(Tree.Kind.IDENTIFIER_REFERENCE)) { String name = ((IdentifierTree)tree).name(); result = "Function".equals(name) && arguments != null && atLeastOneArgumentNotLiteral(arguments); } return result; }
@Override public void visitCallExpression(CallExpressionTree tree) { ExpressionTree callee = tree.callee(); if (callee.is(Kind.IDENTIFIER_REFERENCE) && OPEN_DIALOG_METHODS.contains(((IdentifierTree) callee).name())) { addIssue(tree, String.format(MESSAGE, ((IdentifierTree) callee).name())); } super.visitCallExpression(tree); }
private static boolean isArrayFromMethod(DotMemberExpressionTree memberExpression, ProgramState currentState) { SymbolicValue symbolicValue = currentState.peekStack(); return symbolicValue.equals(BuiltInObjectSymbolicValue.ARRAY) && "from".equals(memberExpression.property().name()); } }
private static void addArrowParametersToScope(Tree parameters, Set<String> currentScope) { if (parameters.is(Kind.FORMAL_PARAMETER_LIST)) { for (IdentifierTree identifier : ((ParameterListTreeImpl) parameters).parameterIdentifiers()) { currentScope.add(identifier.name()); } } }
@Override public void visitNode(Tree tree) { // we can do this cast because we subscribed only to nodes of kind CALL_EXPRESSION CallExpressionTree callExpressionTree = (CallExpressionTree) tree; ExpressionTree callee = callExpressionTree.callee(); if (callee.is(Kind.IDENTIFIER_REFERENCE) && FORBIDDEN_FUNCTIONS.contains(((IdentifierTree) callee).name())) { addIssue(tree, "Remove the usage of this forbidden function."); } }
@Override public void visitNewExpression(NewExpressionTree tree) { ExpressionTree expression = tree.expression(); if (expression.is(Tree.Kind.IDENTIFIER_REFERENCE)){ String next = ((IdentifierTree)expression).name(); if ("Array".equals(next) || "Object".equals(next)){ getContext().addIssue(this, tree, String.format("Use a literal instead of the %s constructor.", next)); } } super.visitNewExpression(tree); } }
@Override public void visitUnaryExpression(UnaryExpressionTree unaryExpression) { if (unaryExpression.is(Kind.TYPEOF)) { ExpressionTree expression = unaryExpression.expression(); if (expression.is(Kind.IDENTIFIER_REFERENCE)) { excludedNames.add(((IdentifierTree) expression).name()); } } super.visitUnaryExpression(unaryExpression); }
/** * @return true if symbol found and usage recorded, false otherwise. */ private boolean addUsageFor(IdentifierTree identifier, Usage.Kind kind) { Symbol symbol = currentScope.lookupSymbol(identifier.name()); if (symbol != null) { symbol.addUsage(Usage.create(identifier, kind)); return true; } return false; }
private static boolean isNontrivialConditionException(ForStatementTree forStatement) { ExpressionTree condition = forStatement.condition(); ExpressionTree update = forStatement.update(); if (update != null && condition != null && condition.is(KindSet.EQUALITY_KINDS)) { Set<String> counters = new HashSet<>(); counters(update, counters); ExpressionTree leftOperand = ((BinaryExpressionTree) condition).leftOperand(); return !leftOperand.is(IDENTIFIER_REFERENCE) || !counters.contains(((IdentifierTree) leftOperand).name()); } return false; }
private static boolean isReplaceExclusion(IdentifierTree property, ArgumentListTree arguments) { if ("replace".equals(property.name()) && arguments.arguments().size() == 2) { Tree secondArgument = arguments.arguments().get(1); return !((ExpressionTree) secondArgument).types().containsOnly(Type.Kind.STRING); } return false; }
@Override public void beforeBlockElement(ProgramState currentState, Tree element, ProgramPoint programPoint) { if (element.is(Kind.DOT_MEMBER_EXPRESSION)) { DotMemberExpressionTree memberExpression = (DotMemberExpressionTree) element; if (isArrayPropertyExecuted(currentState) && METHODS_WITH_CALLBACK.contains(memberExpression.property().name())) { checkArgumentToBeFunctionWithReturn(memberExpression, 0, currentState); } else if (isArrayFromMethod(memberExpression, currentState)) { checkArgumentToBeFunctionWithReturn(memberExpression, 1, currentState); } } }
@Override public void visitCallExpression(CallExpressionTree tree) { ExpressionTree callee = tree.callee(); if (callee.is(Kind.IDENTIFIER_REFERENCE) && "eval".equals(((IdentifierTree) callee).name()) && atLeastOneArgumentNotLiteral(tree.argumentClause())) { addIssue(callee, MESSAGE); } super.visitCallExpression(tree); }
private static String getCalleeName(CallExpressionTree callExpression) { ExpressionTree callee = CheckUtils.removeParenthesis(callExpression.callee()); if (callee.is(Kind.DOT_MEMBER_EXPRESSION)) { return ((DotMemberExpressionTree) callee).property().name(); } else { return CheckUtils.asString(callee); } }
private void checkSelectorProperty(ExpressionTree expressionTree, List<String> deprecated, String parentheses) { if (expressionTree.is(Tree.Kind.DOT_MEMBER_EXPRESSION)) { ExpressionTree object = ((DotMemberExpressionTree) expressionTree).object(); IdentifierTree property = ((DotMemberExpressionTree) expressionTree).property(); if (object.types().contains(ObjectType.FrameworkType.JQUERY_SELECTOR_OBJECT) && propertyIsDeprecated(property, deprecated)) { addIssue(property, String.format(MESSAGE, property.name() + parentheses)); } } }
@Override public void visitPairProperty(PairPropertyTree tree) { if (tree.key().is(Kind.PROPERTY_IDENTIFIER)) { String keyName = ((IdentifierTree) tree.key()).name(); if (tree.value().is(Kind.IDENTIFIER_REFERENCE) && ((IdentifierTree) tree.value()).name().equals(keyName)) { raiseIssue("property", keyName, tree.key()); } if (tree.value().is(Kind.FUNCTION_EXPRESSION)) { raiseIssue("method", keyName, tree.key()); } } super.visitPairProperty(tree); }
private static boolean isIndexOfCall(ExpressionTree expression) { if (expression.is(Kind.CALL_EXPRESSION)) { CallExpressionTree callExpr = (CallExpressionTree) expression; if (callExpr.arguments().parameters().size() == 1 && callExpr.callee().is(Kind.DOT_MEMBER_EXPRESSION)) { DotMemberExpressionTree memberExpr = (DotMemberExpressionTree) ((CallExpressionTree) expression).callee(); return "indexOf".equals(memberExpr.property().name()); } } return false; }
@Override public void visitFunctionDeclaration(FunctionDeclarationTree tree) { symbolModel.declareSymbol(tree.name().name(), Symbol.Kind.FUNCTION, currentScope) .addUsage(Usage.create(tree.name(), Usage.Kind.DECLARATION)); newScope(tree); declareParameters(((ParameterListTreeImpl) tree.parameters()).parameterIdentifiers()); addFunctionBuiltInSymbols(); super.visitFunctionDeclaration(tree); leaveScope(); }