org.apache.bcel.generic.LDC Java Examples
The following examples show how to use
org.apache.bcel.generic.LDC.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: TaintFrameModelingVisitor.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
public void visitLDC(LDC ldc) {
Taint taint = new Taint(Taint.State.SAFE);
Object value = ldc.getValue(cpg);
if (value instanceof String) {
taint.setConstantValue((String) value);
}
if (FindSecBugsGlobalConfig.getInstance().isDebugTaintState()) {
if (value instanceof String) {
taint.setDebugInfo("\"" + value + "\"");
} else {
taint.setDebugInfo("LDC " + ldc.getType(cpg).getSignature());
}
}
getFrame().pushValue(taint);
}
Example #2
| Source File: AnonymousLdapDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 6 votes |
|
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof LDC) {
LDC ldc = (LDC) inst;
if (ldc != null) {
if("java.naming.security.authentication".equals(ldc.getValue(cpg)) &&
"none".equals(ByteCode.getConstantLDC(location.getHandle().getNext(), cpg, String.class))){
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, LDAP_ANONYMOUS, Priorities.LOW_PRIORITY) //
.addClass(clz)
.addMethod(clz, m)
.addSourceLine(classContext, m, location));
break;
}
}
}
}
}
Example #3
| Source File: FindSqlInjection.java From spotbugs with GNU Lesser General Public License v2.1 | 6 votes |
|
private StringAppendState updateStringAppendState(Location location, ConstantPoolGen cpg, StringAppendState stringAppendState) {
InstructionHandle handle = location.getHandle();
Instruction ins = handle.getInstruction();
if (!isConstantStringLoad(location, cpg)) {
throw new IllegalArgumentException("instruction must be LDC");
}
LDC load = (LDC) ins;
Object value = load.getValue(cpg);
String stringValue = ((String) value).trim();
if (stringValue.startsWith(",") || stringValue.endsWith(",")) {
stringAppendState.setSawComma(handle);
}
if (isCloseQuote(stringValue) && stringAppendState.getSawOpenQuote(handle)) {
stringAppendState.setSawCloseQuote(handle);
}
if (isOpenQuote(stringValue)) {
stringAppendState.setSawOpenQuote(handle);
}
return stringAppendState;
}
Example #4
| Source File: Pass3aVerifier.java From commons-bcel with Apache License 2.0 | 6 votes |
|
/** Checks if the constraints of operands of the said instruction(s) are satisfied. */
// LDC and LDC_W (LDC_W is a subclass of LDC in BCEL's model)
@Override
public void visitLDC(final LDC ldc) {
indexValid(ldc, ldc.getIndex());
final Constant c = constantPoolGen.getConstant(ldc.getIndex());
if (c instanceof ConstantClass) {
addMessage("Operand of LDC or LDC_W is CONSTANT_Class '"+c+"' - this is only supported in JDK 1.5 and higher.");
}
else{
if (! ( (c instanceof ConstantInteger) ||
(c instanceof ConstantFloat) ||
(c instanceof ConstantString) ) ) {
constraintViolated(ldc,
"Operand of LDC or LDC_W must be one of CONSTANT_Integer, CONSTANT_Float or CONSTANT_String, but is '"+c+"'.");
}
}
}
Example #5
| Source File: SpringUnvalidatedRedirectDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException{
JavaClass clazz = classContext.getJavaClass();
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location loc = i.next();
Instruction inst = loc.getHandle().getInstruction();
if (inst instanceof INVOKEVIRTUAL) {
INVOKEVIRTUAL invoke = (INVOKEVIRTUAL)inst;
if( "java.lang.StringBuilder".equals(invoke.getClassName(cpg)) && "append".equals(invoke.getMethodName(cpg))) {
Instruction prev = loc.getHandle().getPrev().getInstruction();
if (prev instanceof LDC) {
LDC ldc = (LDC)prev;
Object value = ldc.getValue(cpg);
if (value instanceof String) {
String v = (String)value;
if ("redirect:".equals(v)) {
BugInstance bug = new BugInstance(this, SPRING_UNVALIDATED_REDIRECT_TYPE, Priorities.NORMAL_PRIORITY);
bug.addClass(clazz).addMethod(clazz,m).addSourceLine(classContext,m,loc);
reporter.reportBug(bug);
}
}
}
}
}
}
}
Example #6
| Source File: PermissiveCORSDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof INVOKEINTERFACE) {
INVOKEINTERFACE invoke = (INVOKEINTERFACE) inst;
String methodName = invoke.getMethodName(cpg);
String className = invoke.getClassName(cpg);
if (className.equals("javax.servlet.http.HttpServletResponse") &&
(methodName.equals("addHeader") || methodName.equals("setHeader"))) {
LDC ldc = ByteCode.getPrevInstruction(location.getHandle().getPrev(), LDC.class);
if (ldc != null) {
String headerValue = ByteCode.getConstantLDC(location.getHandle().getPrev(), cpg, String.class);
if ("Access-Control-Allow-Origin".equalsIgnoreCase((String)ldc.getValue(cpg)) &&
(headerValue.contains("*") || "null".equalsIgnoreCase(headerValue))) {
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, PERMISSIVE_CORS, Priorities.HIGH_PRIORITY)
.addClass(clz)
.addMethod(clz, m)
.addSourceLine(classContext, m, location));
}
}
}
}
}
}
Example #7
| Source File: FindRefComparison.java From spotbugs with GNU Lesser General Public License v2.1 | 5 votes |
|
@Override
public void visitLDC(LDC obj) {
Type type = obj.getType(getCPG());
if (isString(type)) {
Object value = obj.getValue(getCPG());
if (value instanceof String && ((String) value).length() == 0) {
pushValue(emptyStringTypeInstance);
} else {
pushValue(staticStringTypeInstance);
}
} else {
pushValue(type);
}
}
Example #8
| Source File: FindSqlInjection.java From spotbugs with GNU Lesser General Public License v2.1 | 5 votes |
|
private boolean isConstantStringLoad(Location location, ConstantPoolGen cpg) {
Instruction ins = location.getHandle().getInstruction();
if (ins instanceof LDC) {
LDC load = (LDC) ins;
Object value = load.getValue(cpg);
if (value instanceof String) {
return true;
}
}
return false;
}
Example #9
| Source File: FindSqlInjection.java From spotbugs with GNU Lesser General Public License v2.1 | 5 votes |
|
private boolean isSafeValue(Location location, ConstantPoolGen cpg) throws CFGBuilderException {
Instruction prevIns = location.getHandle().getInstruction();
if (prevIns instanceof LDC || prevIns instanceof GETSTATIC) {
return true;
}
if (prevIns instanceof InvokeInstruction) {
String methodName = ((InvokeInstruction) prevIns).getMethodName(cpg);
if (methodName.startsWith("to") && methodName.endsWith("String") && methodName.length() > 8) {
return true;
}
}
if (prevIns instanceof AALOAD) {
CFG cfg = classContext.getCFG(method);
Location prev = getPreviousLocation(cfg, location, true);
if (prev != null) {
Location prev2 = getPreviousLocation(cfg, prev, true);
if (prev2 != null && prev2.getHandle().getInstruction() instanceof GETSTATIC) {
GETSTATIC getStatic = (GETSTATIC) prev2.getHandle().getInstruction();
if ("[Ljava/lang/String;".equals(getStatic.getSignature(cpg))) {
return true;
}
}
}
}
return false;
}
Example #10
| Source File: ForwardTypeQualifierDataflowAnalysis.java From spotbugs with GNU Lesser General Public License v2.1 | 5 votes |
|
private void registerInstructionSources() throws DataflowAnalysisException {
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
Instruction instruction = location.getHandle().getInstruction();
short opcode = instruction.getOpcode();
int produces = instruction.produceStack(cpg);
if (instruction instanceof InvokeInstruction) {
// Model return value
registerReturnValueSource(location);
} else if (opcode == Const.GETFIELD || opcode == Const.GETSTATIC) {
// Model field loads
registerFieldLoadSource(location);
} else if (instruction instanceof LDC) {
// Model constant values
registerLDCValueSource(location);
} else if (instruction instanceof LDC2_W) {
// Model constant values
registerLDC2ValueSource(location);
} else if (instruction instanceof ConstantPushInstruction) {
// Model constant values
registerConstantPushSource(location);
} else if (instruction instanceof ACONST_NULL) {
// Model constant values
registerPushNullSource(location);
} else if ((produces == 1 || produces == 2) && !(instruction instanceof LocalVariableInstruction)
&& !(instruction instanceof CHECKCAST)) {
// Model other sources
registerOtherSource(location);
}
}
}
Example #11
| Source File: XmlStreamReaderDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 4 votes |
|
@Override
public void sawOpcode(int seen) {
if (seen != Constants.INVOKEVIRTUAL) {
return;
}
String fullClassName = getClassConstantOperand();
String method = getNameConstantOperand();
//The method call is doing XML parsing (see class javadoc)
if (fullClassName.equals("javax/xml/stream/XMLInputFactory") &&
method.equals("createXMLStreamReader")) {
ClassContext classCtx = getClassContext();
ConstantPoolGen cpg = classCtx.getConstantPoolGen();
CFG cfg;
try {
cfg = classCtx.getCFG(getMethod());
} catch (CFGBuilderException e) {
AnalysisContext.logError("Cannot get CFG", e);
return;
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
//DTD disallow
//XMLInputFactory.setProperty
if (inst instanceof org.apache.bcel.generic.INVOKEVIRTUAL) {
InvokeInstruction invoke = (InvokeInstruction) inst;
if ("setProperty".equals(invoke.getMethodName(cpg))) {
org.apache.bcel.generic.LDC loadConst = ByteCode.getPrevInstruction(location.getHandle(), LDC.class);
if (loadConst != null) {
if (PROPERTY_SUPPORT_DTD.equals(loadConst.getValue(cpg)) || PROPERTY_IS_SUPPORTING_EXTERNAL_ENTITIES.equals(loadConst.getValue(cpg))){
InstructionHandle prev1 = location.getHandle().getPrev();
InstructionHandle prev2 = prev1.getPrev();
//Case where the boolean is wrapped like : Boolean.valueOf(true) : 2 instructions
if (invokeInstruction().atClass("java.lang.Boolean").atMethod("valueOf").matches(prev1.getInstruction(),cpg)) {
if (prev2.getInstruction() instanceof ICONST) {
Integer valueWrapped = ByteCode.getConstantInt(prev2);
if (valueWrapped != null && valueWrapped.equals(0)) { //Value is false
return; //Safe feature is disable
}
}
}
//Case where the boolean is declared as : Boolean.FALSE
else if (prev1.getInstruction() instanceof org.apache.bcel.generic.GETSTATIC) {
org.apache.bcel.generic.GETSTATIC getstatic = (org.apache.bcel.generic.GETSTATIC) prev1.getInstruction();
if (getstatic.getClassType(cpg).getClassName().equals("java.lang.Boolean") &&
getstatic.getFieldName(cpg).equals("FALSE")) {
return;
}
}
}
}
}
}
}
//Raise a bug
bugReporter.reportBug(new BugInstance(this, XXE_XMLSTREAMREADER_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example #12
| Source File: ConstantFrameModelingVisitor.java From spotbugs with GNU Lesser General Public License v2.1 | 4 votes |
|
@Override
public void visitLDC(LDC obj) {
Object value = obj.getValue(getCPG());
Constant c = new Constant(value);
getFrame().pushValue(c);
}
Example #13
| Source File: ForwardTypeQualifierDataflowAnalysis.java From spotbugs with GNU Lesser General Public License v2.1 | 4 votes |
|
private void registerLDCValueSource(Location location) throws DataflowAnalysisException {
LDC instruction = (LDC) location.getHandle().getInstruction();
Object constantValue = instruction.getValue(cpg);
registerConstantSource(location, constantValue);
}
Example #14
| Source File: IsNullValueFrameModelingVisitor.java From spotbugs with GNU Lesser General Public License v2.1 | 4 votes |
|
@Override
public void visitLDC(LDC obj) {
produce(IsNullValue.nonNullValue());
}
Example #15
| Source File: BetterCFGBuilder2.java From spotbugs with GNU Lesser General Public License v2.1 | 4 votes |
|
/**
* Return whether or not the given instruction can throw exceptions.
*
* @param handle
* the instruction
* @return true if the instruction can throw an exception, false otherwise
* @throws CFGBuilderException
*/
private boolean isPEI(InstructionHandle handle) throws CFGBuilderException {
Instruction ins = handle.getInstruction();
if (!(ins instanceof ExceptionThrower)) {
return false;
}
if (ins instanceof NEW) {
return false;
}
// if (ins instanceof ATHROW) return false;
if (ins instanceof GETSTATIC) {
return false;
}
if (ins instanceof PUTSTATIC) {
return false;
}
if (ins instanceof ReturnInstruction) {
return false;
}
if (ins instanceof INSTANCEOF) {
return false;
}
if (ins instanceof MONITOREXIT) {
return false;
}
if (ins instanceof LDC) {
return false;
}
if (ins instanceof GETFIELD && !methodGen.isStatic()) {
// Assume that GETFIELD on this object is not PEI
return !isSafeFieldSource(handle.getPrev());
}
if (ins instanceof PUTFIELD && !methodGen.isStatic()) {
// Assume that PUTFIELD on this object is not PEI
int depth = ins.consumeStack(cpg);
for (InstructionHandle prev = handle.getPrev(); prev != null; prev = prev.getPrev()) {
Instruction prevInst = prev.getInstruction();
if (prevInst instanceof BranchInstruction) {
if (prevInst instanceof GotoInstruction) {
// Currently we support only jumps to the PUTFIELD itself
// This will cover simple cases like this.a = flag ? foo : bar
if (((BranchInstruction) prevInst).getTarget() == handle) {
depth = ins.consumeStack(cpg);
} else {
return true;
}
} else if (!(prevInst instanceof IfInstruction)) {
// As IF instructions may fall through then the stack depth remains unchanged
// Actually we should not go here for normal Java bytecode: switch or jsr should not appear in this context
return true;
}
}
depth = depth - prevInst.produceStack(cpg) + prevInst.consumeStack(cpg);
if (depth < 1) {
throw new CFGBuilderException("Invalid stack at " + prev + " when checking " + handle);
}
if (depth == 1) {
InstructionHandle prevPrev = prev.getPrev();
if (prevPrev != null && prevPrev.getInstruction() instanceof BranchInstruction) {
continue;
}
return !isSafeFieldSource(prevPrev);
}
}
}
return true;
}
Example #16
| Source File: BCELFactory.java From commons-bcel with Apache License 2.0 | 4 votes |
|
@Override
public void visitLDC( final LDC i ) {
createConstant(i.getValue(_cp));
}
