Java Code Examples for org.apache.bcel.Constants#INVOKEVIRTUAL
The following examples show how to use
org.apache.bcel.Constants#INVOKEVIRTUAL .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: PersistentCookieDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
public void sawOpcode(int seen) {
if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("javax/servlet/http/Cookie")
&& getNameConstantOperand().equals("setMaxAge")) {
Object maxAge = stack.getStackItem(0).getConstant();
Integer n = (maxAge instanceof Integer) ? (Integer)maxAge : 0;
//Max age equal or greater than one year
if (n >= 31536000) {
bugReporter.reportBug(new BugInstance(this, "COOKIE_PERSISTENT", Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
}
Example 2
| Source File: JspSpringEvalDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
public void sawOpcode(int seen) {
//printOpCode(seen);
// JspSpringEvalDetector: [0039] ldc "${expression}"
// JspSpringEvalDetector: [0041] ldc java/lang/String
// JspSpringEvalDetector: [0043] aload_2
// JspSpringEvalDetector: [0044] aconst_null
// JspSpringEvalDetector: [0045] invokestatic org/apache/jasper/runtime/PageContextImpl.evaluateExpression (Ljava/lang/String;Ljava/lang/Class;Ljavax/servlet/jsp/PageContext;Lorg/apache/jasper/runtime/ProtectedFunctionMapper;)Ljava/lang/Object;
// JspSpringEvalDetector: [0048] checkcast
// JspSpringEvalDetector: [0051] invokevirtual org/springframework/web/servlet/tags/EvalTag.setExpression (Ljava/lang/String;)V
if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("org/springframework/web/servlet/tags/EvalTag")
&& getNameConstantOperand().equals("setExpression") && getSigConstantOperand().equals("(Ljava/lang/String;)V")) {
if (StackUtils.isVariableString(stack.getStackItem(0))) {
bugReporter.reportBug(new BugInstance(this, JSP_SPRING_EVAL, Priorities.HIGH_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
}
Example 3
| Source File: StickyBroadcastDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
public void sawOpcode(int seen) {
//printOpCode(seen);
// getClassConstantOperand().equals("java/net/Socket")
if (seen == Constants.INVOKEVIRTUAL && ( //List of method mark as external file access
getNameConstantOperand().equals("sendStickyBroadcast") ||
getNameConstantOperand().equals("sendStickyOrderedBroadcast") ||
getNameConstantOperand().equals("sendStickyBroadcastAsUser") ||
getNameConstantOperand().equals("sendStickyOrderedBroadcastAsUser")
)) {
// System.out.println(getSigConstantOperand());
bugReporter.reportBug(new BugInstance(this, ANDROID_STICKY_BROADCAST_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 4
| Source File: WebViewJavascriptEnabledDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
public void sawOpcode(int seen) {
//printOpCode(seen);
if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("android/webkit/WebSettings") &&
(getNameConstantOperand().equals("setJavaScriptEnabled") ||
getNameConstantOperand().equals("setAllowFileAccess") ||
getNameConstantOperand().equals("setAllowFileAccessFromFileURLs") ||
getNameConstantOperand().equals("setAllowUniversalAccessFromFileURLs"))) {
OpcodeStack.Item item = stack.getStackItem(0); //First item on the stack is the last
if(StackUtils.isConstantInteger(item)) {
Integer value = (Integer) item.getConstant();
if(value == null || value == 1) {
bugReporter.reportBug(new BugInstance(this, ANDROID_WEB_VIEW_JAVASCRIPT_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
}
}
Example 5
| Source File: ExternalFileAccessDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
public void sawOpcode(int seen) {
// printOpCode(seen);
// getClassConstantOperand().equals("java/net/Socket")
if (seen == Constants.INVOKEVIRTUAL && ( //List of method mark as external file access
getNameConstantOperand().equals("getExternalCacheDir") ||
getNameConstantOperand().equals("getExternalCacheDirs") ||
getNameConstantOperand().equals("getExternalFilesDir") ||
getNameConstantOperand().equals("getExternalFilesDirs") ||
getNameConstantOperand().equals("getExternalMediaDirs")
)) {
// System.out.println(getSigConstantOperand());
bugReporter.reportBug(new BugInstance(this, ANDROID_EXTERNAL_FILE_ACCESS_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
else if(seen == Constants.INVOKESTATIC && getClassConstantOperand().equals("android/os/Environment") && (
getNameConstantOperand().equals("getExternalStorageDirectory") ||
getNameConstantOperand().equals("getExternalStoragePublicDirectory")
)) {
bugReporter.reportBug(new BugInstance(this, ANDROID_EXTERNAL_FILE_ACCESS_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 6
| Source File: InstructionFactory.java From ApkToolPlus with Apache License 2.0 | 6 votes |
|
/** Create an invoke instruction.
*
* @param class_name name of the called class
* @param name name of the called method
* @param ret_type return type of method
* @param arg_types argument types of method
* @param kind how to invoke, i.e., INVOKEINTERFACE, INVOKESTATIC, INVOKEVIRTUAL,
* or INVOKESPECIAL
* @see Constants
*/
public InvokeInstruction createInvoke(String class_name, String name, Type ret_type,
Type[] arg_types, short kind) {
int index;
int nargs = 0;
String signature = Type.getMethodSignature(ret_type, arg_types);
for(int i=0; i < arg_types.length; i++) // Count size of arguments
nargs += arg_types[i].getSize();
if(kind == Constants.INVOKEINTERFACE)
index = cp.addInterfaceMethodref(class_name, name, signature);
else
index = cp.addMethodref(class_name, name, signature);
switch(kind) {
case Constants.INVOKESPECIAL: return new INVOKESPECIAL(index);
case Constants.INVOKEVIRTUAL: return new INVOKEVIRTUAL(index);
case Constants.INVOKESTATIC: return new INVOKESTATIC(index);
case Constants.INVOKEINTERFACE: return new INVOKEINTERFACE(index, nargs + 1);
default:
throw new RuntimeException("Oops: Unknown invoke kind:" + kind);
}
}
Example 7
| Source File: CookieReadDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
public void sawOpcode(int seen) {
if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("javax/servlet/http/Cookie")
&& (getNameConstantOperand().equals("getName") || getNameConstantOperand().equals("getValue") ||
getNameConstantOperand().equals("getPath"))) {
bugReporter.reportBug(new BugInstance(this, COOKIE_USAGE_TYPE, Priorities.LOW_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 8
| Source File: JspIncludeDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
public void sawOpcode(int seen) {
//printOpCode(seen);
//Important sample from \plugin\src\test\webapp\includes\jsp_include_1.jsp
//org.apache.jasper.runtime.JspRuntimeLibrary
//JspRuntimeLibrary.include(request, response, (String)PageContextImpl.evaluateExpression("${param.secret_param}", String.class, _jspx_page_context, null), out, false);
// JspIncludeDetector: [0119] invokestatic org/apache/jasper/runtime/JspRuntimeLibrary.include (Ljavax/servlet/ServletRequest;Ljavax/servlet/ServletResponse;Ljava/lang/String;Ljavax/servlet/jsp/JspWriter;Z)V
//Important sample from \plugin\src\test\webapp\includes\jsp_include_3.jsp
//ImportTag _jspx_th_c_import_0 = (ImportTag)this._jspx_tagPool_c_import_url_nobody.get(ImportTag.class);
//_jspx_th_c_import_0.setUrl((String)PageContextImpl.evaluateExpression("${param.secret_param}", String.class, _jspx_page_context, null));
// JspIncludeDetector: [0051] invokevirtual org/apache/taglibs/standard/tag/rt/core/ImportTag.setUrl (Ljava/lang/String;)V
if (seen == Constants.INVOKESTATIC && ("org/apache/jasper/runtime/JspRuntimeLibrary".equals(getClassConstantOperand()) || "org/apache/sling/scripting/jsp/jasper/runtime/JspRuntimeLibrary".equals(getClassConstantOperand()))
&& getNameConstantOperand().equals("include") && getSigConstantOperand().equals("(Ljavax/servlet/ServletRequest;Ljavax/servlet/ServletResponse;Ljava/lang/String;Ljavax/servlet/jsp/JspWriter;Z)V")) {
bugReporter.reportBug(new BugInstance(this, JSP_INCLUDE_TYPE, Priorities.HIGH_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
else if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("org/apache/taglibs/standard/tag/rt/core/ImportTag")
&& getNameConstantOperand().equals("setUrl") && getSigConstantOperand().equals("(Ljava/lang/String;)V")) {
bugReporter.reportBug(new BugInstance(this, JSP_INCLUDE_TYPE, Priorities.HIGH_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 9
| Source File: FreemarkerDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
public void sawOpcode(int seen) {
//printOpCode(seen);
// FreemarkerDetector: [0113] invokevirtual freemarker/template/Template.process (Ljava/lang/Object;Ljava/io/Writer;)V
if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("freemarker/template/Template")
&& getNameConstantOperand().equals("process")) {
bugReporter.reportBug(new BugInstance(this, FREEMARKER_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 10
| Source File: RegisterReceiverNoPermissionDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
public void sawOpcode(int seen) {
//printOpCode(seen);
// getClassConstantOperand().equals("java/net/Socket")
if (seen == Constants.INVOKEVIRTUAL && //List of method mark as external file access
getNameConstantOperand().equals("registerReceiver") &&
(getSigConstantOperand().contains("(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;)") ||
getSigConstantOperand().contains("(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;I)"))) {
// System.out.println(getSigConstantOperand());
bugReporter.reportBug(new BugInstance(this, ANDROID_REGISTER_RECEIVER_NOPERMISSION_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 11
| Source File: PrintlnUseDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
public void sawOpcode(int seen) {
if (seen == Constants.INVOKEVIRTUAL && ( //List of method mark as external file access
getNameConstantOperand().equals("println") ||
getNameConstantOperand().equals("print")
) && getClassConstantOperand().equals("java/io/PrintStream")) {
// System.out.println(getClassConstantOperand());
bugReporter.reportBug(new BugInstance(this, OUT_ERR_PRINT_LN_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 12
| Source File: WebViewJavascriptInterfaceDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
public void sawOpcode(int seen) {
if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("android/webkit/WebView") &&
getNameConstantOperand().equals("addJavascriptInterface")) {
bugReporter.reportBug(new BugInstance(this, ANDROID_WEB_VIEW_INTERFACE_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 13
| Source File: PredictableRandomDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
public void sawOpcode(int seen) {
//printOpCode(seen);
if (seen == Constants.INVOKESPECIAL && getClassConstantOperand().equals("java/util/Random")
&& getNameConstantOperand().equals("<init>")) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("java.util.Random"));
} else if (seen == Constants.INVOKESTATIC && getClassConstantOperand().equals("java/lang/Math")
&& getNameConstantOperand().equals("random")) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("java.lang.Math.random()"));
} else if (seen == Constants.INVOKESTATIC && getClassConstantOperand().equals("java/util/concurrent/ThreadLocalRandom")
&& getNameConstantOperand().equals("current")) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("java.util.concurrent.ThreadLocalRandom"));
} else if (seen == Constants.INVOKESPECIAL && getClassConstantOperand().equals("scala/util/Random")
&& getNameConstantOperand().equals("<init>")) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_SCALA_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("scala.util.Random"));
} else if (seen == Constants.INVOKEVIRTUAL && RANDOM_NEXT_METHODS.matches(this)) {
bugReporter.reportBug(new BugInstance(this, PREDICTABLE_RANDOM_SCALA_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this) //
.addString("scala.util.Random."+getNameConstantOperand()+"()"));
}
}
Example 14
| Source File: SpringCsrfProtectionDisabledDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
public void sawOpcode(int seen) {
if (seen == Constants.INVOKEVIRTUAL && CSRF_CONFIGURER_DISABLE_METHOD.matches(this)) {
bugReporter.reportBug(new BugInstance(this, SPRING_CSRF_PROTECTION_DISABLED_TYPE, Priorities.HIGH_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 15
| Source File: XmlStreamReaderDetector.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 4 votes |
|
@Override
public void sawOpcode(int seen) {
if (seen != Constants.INVOKEVIRTUAL) {
return;
}
String fullClassName = getClassConstantOperand();
String method = getNameConstantOperand();
//The method call is doing XML parsing (see class javadoc)
if (fullClassName.equals("javax/xml/stream/XMLInputFactory") &&
method.equals("createXMLStreamReader")) {
ClassContext classCtx = getClassContext();
ConstantPoolGen cpg = classCtx.getConstantPoolGen();
CFG cfg;
try {
cfg = classCtx.getCFG(getMethod());
} catch (CFGBuilderException e) {
AnalysisContext.logError("Cannot get CFG", e);
return;
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
//DTD disallow
//XMLInputFactory.setProperty
if (inst instanceof org.apache.bcel.generic.INVOKEVIRTUAL) {
InvokeInstruction invoke = (InvokeInstruction) inst;
if ("setProperty".equals(invoke.getMethodName(cpg))) {
org.apache.bcel.generic.LDC loadConst = ByteCode.getPrevInstruction(location.getHandle(), LDC.class);
if (loadConst != null) {
if (PROPERTY_SUPPORT_DTD.equals(loadConst.getValue(cpg)) || PROPERTY_IS_SUPPORTING_EXTERNAL_ENTITIES.equals(loadConst.getValue(cpg))){
InstructionHandle prev1 = location.getHandle().getPrev();
InstructionHandle prev2 = prev1.getPrev();
//Case where the boolean is wrapped like : Boolean.valueOf(true) : 2 instructions
if (invokeInstruction().atClass("java.lang.Boolean").atMethod("valueOf").matches(prev1.getInstruction(),cpg)) {
if (prev2.getInstruction() instanceof ICONST) {
Integer valueWrapped = ByteCode.getConstantInt(prev2);
if (valueWrapped != null && valueWrapped.equals(0)) { //Value is false
return; //Safe feature is disable
}
}
}
//Case where the boolean is declared as : Boolean.FALSE
else if (prev1.getInstruction() instanceof org.apache.bcel.generic.GETSTATIC) {
org.apache.bcel.generic.GETSTATIC getstatic = (org.apache.bcel.generic.GETSTATIC) prev1.getInstruction();
if (getstatic.getClassType(cpg).getClassName().equals("java.lang.Boolean") &&
getstatic.getFieldName(cpg).equals("FALSE")) {
return;
}
}
}
}
}
}
}
//Raise a bug
bugReporter.reportBug(new BugInstance(this, XXE_XMLSTREAMREADER_TYPE, Priorities.NORMAL_PRIORITY) //
.addClass(this).addMethod(this).addSourceLine(this));
}
}
Example 16
| Source File: INVOKEVIRTUAL.java From ApkToolPlus with Apache License 2.0 | 4 votes |
|
public INVOKEVIRTUAL(int index) {
super(Constants.INVOKEVIRTUAL, index);
}
