本文整理汇总了Java中edu.umd.cs.findbugs.ba.CFGBuilderException类的典型用法代码示例。如果您正苦于以下问题:Java CFGBuilderException类的具体用法?Java CFGBuilderException怎么用?Java CFGBuilderException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
CFGBuilderException类属于edu.umd.cs.findbugs.ba包,在下文中一共展示了CFGBuilderException类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: hasCustomReadObject
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
* Check if the readObject is doing multiple external call beyond the basic readByte, readBoolean, etc..
* @param m
* @param classContext
* @return
* @throws CFGBuilderException
* @throws DataflowAnalysisException
*/
private boolean hasCustomReadObject(Method m, ClassContext classContext,List<String> classesToIgnore)
throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
int count = 0;
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
//ByteCode.printOpCode(inst,cpg);
if(inst instanceof InvokeInstruction) {
InvokeInstruction invoke = (InvokeInstruction) inst;
if (!READ_DESERIALIZATION_METHODS.contains(invoke.getMethodName(cpg))
&& !classesToIgnore.contains(invoke.getClassName(cpg))) {
count +=1;
}
}
}
return count > 3;
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:28,代码来源:DeserializationGadgetDetector.java
示例2: visitClassContext
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
if (OBJECT_MAPPER_CLASSES.contains(javaClass.getClassName())) {
return;
}
for (Field field : javaClass.getFields()) {
analyzeField(field, javaClass);
}
for (Method m : javaClass.getMethods()) {
try {
analyzeMethod(m, classContext);
}
catch (CFGBuilderException | DataflowAnalysisException e) {
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:18,代码来源:UnsafeJacksonDeserializationDetector.java
示例3: analyzeMethod
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
MethodGen methodGen = classContext.getMethodGen(m);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
if (methodGen == null || methodGen.getInstructionList() == null) {
return; //No instruction .. nothing to do
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof InvokeInstruction) {
InvokeInstruction invoke = (InvokeInstruction) inst;
String methodName = invoke.getMethodName(cpg);
if ("enableDefaultTyping".equals(methodName)) {
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY)
.addClass(clz)
.addMethod(clz, m)
.addCalledMethod(cpg, invoke)
.addSourceLine(classContext, m, location)
);
}
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:UnsafeJacksonDeserializationDetector.java
示例4: visitClassContext
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
// System.out.println(javaClass.getSuperclassName() + "###");
if(javaClass.getSuperclassName().equals("android.webkit.WebViewClient")) {
Method[] methodList = javaClass.getMethods();
for (Method m : methodList) {
// System.out.println(m.getName() + "###");
if(m.getName().equals("onReceivedSslError")) {
try {
analyzeMethod(javaClass, m, classContext);
} catch (CFGBuilderException e) {
}
}
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:19,代码来源:WebViewSslErrorDetector.java
示例5: analyzeMethod
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof LDC) {
LDC ldc = (LDC) inst;
if (ldc != null) {
if("java.naming.security.authentication".equals(ldc.getValue(cpg)) &&
"none".equals(ByteCode.getConstantLDC(location.getHandle().getNext(), cpg, String.class))){
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, LDAP_ANONYMOUS, Priorities.LOW_PRIORITY) //
.addClass(clz)
.addMethod(clz, m)
.addSourceLine(classContext, m, location));
break;
}
}
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:AnonymousLdapDetector.java
示例6: isSafeValue
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private boolean isSafeValue(Location location, ConstantPoolGen cpg) throws CFGBuilderException {
Instruction prevIns = location.getHandle().getInstruction();
if (prevIns instanceof LDC || prevIns instanceof GETSTATIC)
return true;
if (prevIns instanceof InvokeInstruction) {
String methodName = ((InvokeInstruction) prevIns).getMethodName(cpg);
if (methodName.startsWith("to") && methodName.endsWith("String") && methodName.length() > 8)
return true;
}
if (prevIns instanceof AALOAD) {
CFG cfg = classContext.getCFG(method);
Location prev = getPreviousLocation(cfg, location, true);
if (prev != null) {
Location prev2 = getPreviousLocation(cfg, prev, true);
if (prev2 != null && prev2.getHandle().getInstruction() instanceof GETSTATIC) {
GETSTATIC getStatic = (GETSTATIC) prev2.getHandle().getInstruction();
if (getStatic.getSignature(cpg).equals("[Ljava/lang/String;"))
return true;
}
}
}
return false;
}
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:25,代码来源:FindSqlInjection.java
示例7: hasManyPreceedingNullTests
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private boolean hasManyPreceedingNullTests(int pc) {
int ifNullTests = 0;
BitSet seen = new BitSet();
try {
for (Iterator<Location> i = classContext.getCFG(method).locationIterator(); i.hasNext();) {
Location loc = i.next();
int pc2 = loc.getHandle().getPosition();
if (pc2 >= pc || pc2 < pc - 30)
continue;
Instruction ins = loc.getHandle().getInstruction();
if ((ins instanceof IFNONNULL || ins instanceof IFNULL || ins instanceof NullnessConversationInstruction)
&& !seen.get(pc2)) {
ifNullTests++;
seen.set(pc2);
}
}
boolean result = ifNullTests > 2;
// System.out.println("Preceeding null tests " + ifNullTests + " " +
// ifNonnullTests + " " + result);
return result;
} catch (CFGBuilderException e) {
return false;
}
}
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:26,代码来源:FindNullDeref.java
示例8: isDuplicated
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
* @param propertySet
* @param pc
* @param isConsistent
* @return
*/
public boolean isDuplicated(WarningPropertySet<WarningProperty> propertySet, int pc, boolean isConsistent) {
boolean duplicated = false;
if (!isConsistent) {
if (propertySet.containsProperty(NullDerefProperty.DEREFS_ARE_CLONED))
duplicated = true;
else
try {
CFG cfg = classContext.getCFG(method);
if (cfg.getLocationsContainingInstructionWithOffset(pc).size() > 1) {
propertySet.addProperty(NullDerefProperty.DEREFS_ARE_INLINED_FINALLY_BLOCKS);
duplicated = true;
}
} catch (CFGBuilderException e) {
AnalysisContext.logError("Error while analyzing " + classContext.getFullyQualifiedMethodName(method), e);
}
}
return duplicated;
}
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:26,代码来源:FindNullDeref.java
示例9: buildResourceCollection
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private ResourceCollection<Resource> buildResourceCollection(ClassContext classContext, Method method,
ResourceTrackerType resourceTracker) throws CFGBuilderException, DataflowAnalysisException {
ResourceCollection<Resource> resourceCollection = new ResourceCollection<Resource>();
CFG cfg = classContext.getCFG(method);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
Resource resource = resourceTracker.isResourceCreation(location.getBasicBlock(), location.getHandle(), cpg);
if (resource != null)
resourceCollection.addCreatedResource(location, resource);
}
return resourceCollection;
}
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:18,代码来源:ResourceTrackingDetector.java
示例10: PatternMatcher
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
* Constructor.
*
* @param pattern
* the ByteCodePattern to look for examples of
* @param classContext
* ClassContext for the class to analyze
* @param method
* the Method to analyze
*/
public PatternMatcher(ByteCodePattern pattern, ClassContext classContext, Method method) throws CFGBuilderException,
DataflowAnalysisException {
this.pattern = pattern;
this.cfg = classContext.getCFG(method);
this.cpg = classContext.getConstantPoolGen();
this.dfs = classContext.getDepthFirstSearch(method);
this.vnaDataflow = classContext.getValueNumberDataflow(method);
this.domAnalysis = classContext.getNonExceptionDominatorsAnalysis(method);
this.workList = new LinkedList<BasicBlock>();
this.visitedBlockMap = new IdentityHashMap<BasicBlock, BasicBlock>();
this.resultList = new LinkedList<ByteCodePatternMatch>();
}
开发者ID:OpenNTF,项目名称:FindBug-for-Domino-Designer,代码行数:23,代码来源:PatternMatcher.java
示例11: scan
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
* Scan a method for self call sites.
*
* @param node the CallGraphNode for the method to be scanned
*/
private void scan(CallGraphNode node) throws CFGBuilderException {
Method method = node.getMethod();
CFG cfg = classContext.getCFG(method);
if (method.isSynchronized())
hasSynchronization = true;
Iterator<BasicBlock> i = cfg.blockIterator();
while (i.hasNext()) {
BasicBlock block = i.next();
Iterator<InstructionHandle> j = block.instructionIterator();
while (j.hasNext()) {
InstructionHandle handle = j.next();
Instruction ins = handle.getInstruction();
if (ins instanceof InvokeInstruction) {
InvokeInstruction inv = (InvokeInstruction) ins;
Method called = isSelfCall(inv);
if (called != null) {
// Add edge to call graph
CallSite callSite = new CallSite(method, block, handle);
callGraph.createEdge(node, callGraph.getNodeForMethod(called), callSite);
// Add to called method set
calledMethodSet.add(called);
}
} else if (ins instanceof MONITORENTER || ins instanceof MONITOREXIT) {
hasSynchronization = true;
}
}
}
}
开发者ID:parabuild-ci,项目名称:parabuild-ci,代码行数:38,代码来源:SelfCalls.java
示例12: visitClassContext
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass clazz = classContext.getJavaClass();
if (hasRequestMapping(clazz)) {
Method[] methods = clazz.getMethods();
for (Method m: methods) {
try {
analyzeMethod(m, classContext);
} catch (CFGBuilderException e){
}
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:16,代码来源:SpringUnvalidatedRedirectDetector.java
示例13: analyzeMethod
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException{
JavaClass clazz = classContext.getJavaClass();
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location loc = i.next();
Instruction inst = loc.getHandle().getInstruction();
if (inst instanceof INVOKEVIRTUAL) {
INVOKEVIRTUAL invoke = (INVOKEVIRTUAL)inst;
if( "java.lang.StringBuilder".equals(invoke.getClassName(cpg)) && "append".equals(invoke.getMethodName(cpg))) {
Instruction prev = loc.getHandle().getPrev().getInstruction();
if (prev instanceof LDC) {
LDC ldc = (LDC)prev;
Object value = ldc.getValue(cpg);
if (value instanceof String) {
String v = (String)value;
if ("redirect:".equals(v)) {
BugInstance bug = new BugInstance(this, SPRING_UNVALIDATED_REDIRECT_TYPE, Priorities.NORMAL_PRIORITY);
bug.addClass(clazz).addMethod(clazz,m).addSourceLine(classContext,m,loc);
reporter.reportBug(bug);
}
}
}
}
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:33,代码来源:SpringUnvalidatedRedirectDetector.java
示例14: getLocationIterator
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private static Iterator<Location> getLocationIterator(ClassContext classContext, Method method)
throws CheckedAnalysisException {
try {
return classContext.getCFG(method).locationIterator();
} catch (CFGBuilderException ex) {
throw new CheckedAnalysisException("cannot get control flow graph", ex);
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:9,代码来源:AbstractTaintDetector.java
示例15: visitClassContext
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
Method[] methodList = javaClass.getMethods();
for (Method m : methodList) {
try {
analyzeMethod(m,classContext);
} catch (CFGBuilderException e) {
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:14,代码来源:CookieFlagsDetector.java
示例16: analyzeMethod
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
if (inst instanceof INVOKEINTERFACE) {
INVOKEINTERFACE invoke = (INVOKEINTERFACE) inst;
String methodName = invoke.getMethodName(cpg);
String className = invoke.getClassName(cpg);
if (className.equals("javax.servlet.http.HttpServletResponse") &&
(methodName.equals("addHeader") || methodName.equals("setHeader"))) {
LDC ldc = ByteCode.getPrevInstruction(location.getHandle().getPrev(), LDC.class);
if (ldc != null) {
String headerValue = ByteCode.getConstantLDC(location.getHandle().getPrev(), cpg, String.class);
if ("Access-Control-Allow-Origin".equalsIgnoreCase((String)ldc.getValue(cpg)) &&
(headerValue.contains("*") || "null".equalsIgnoreCase(headerValue))) {
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, PERMISSIVE_CORS, Priorities.HIGH_PRIORITY)
.addClass(clz)
.addMethod(clz, m)
.addSourceLine(classContext, m, location));
}
}
}
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:37,代码来源:PermissiveCORSDetector.java
示例17: visitClassContext
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
Method[] methodList = javaClass.getMethods();
for (Method m : methodList) {
try {
analyzeMethod(m, classContext);
} catch (CFGBuilderException | DataflowAnalysisException e) {
AnalysisContext.logError("Cannot analyze method", e);
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:13,代码来源:StaticIvDetector.java
示例18: allow_All_Hostname_Verify
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void allow_All_Hostname_Verify(ClassContext classContext, JavaClass javaClass, Method m){
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = null;
try {
cfg = classContext.getCFG(m);
} catch (CFGBuilderException e) {
e.printStackTrace();
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location loc = i.next();
//ByteCode.printOpCode(loc.getHandle().getInstruction(), cpg);
Instruction inst = loc.getHandle().getInstruction();
if (inst instanceof GETSTATIC) {
GETSTATIC invoke = (GETSTATIC) inst;
// System.out.println(invoke.getClassName(cpg));
// System.out.println(invoke.getName(cpg));
// System.out.println(invoke.getSignature(cpg));
// if("org.apache.http.conn.ssl.SSLSocketFactory".equals(invoke.getClassName(cpg)) &&
// "Lorg/apache/http/conn/ssl/X509HostnameVerifier;".equals(invoke.getSignature(cpg)) &&
// "ALLOW_ALL_HOSTNAME_VERIFIER".equals(invoke.getName(cpg))){
if("ALLOW_ALL_HOSTNAME_VERIFIER".equals(invoke.getName(cpg))){
bugReporter.reportBug(new BugInstance(this, WEAK_HOSTNAME_VERIFIER_TYPE, Priorities.NORMAL_PRIORITY)
.addClassAndMethod(javaClass, m));
}
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:30,代码来源:WeakTrustManagerDetector.java
示例19: analyzeMethod
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException
{
MethodGen methodGen = classContext.getMethodGen(m);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
CFG cfg = classContext.getCFG(m);
if (methodGen == null || methodGen.getInstructionList() == null) {
return; //No instruction .. nothing to do
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
Location location = i.next();
Instruction inst = location.getHandle().getInstruction();
//
if (inst instanceof InvokeInstruction) {
// System.out.println(inst.getName());
InvokeInstruction invoke = (InvokeInstruction) inst;
String className = invoke.getClassName(cpg);
if ("java.io.ObjectInputStream".equals(className) || className.contains("InputStream") || InterfaceUtils.isSubtype(className, "java.io.ObjectInputStream")) {
String methodName = invoke.getMethodName(cpg);
if (OBJECT_INPUTSTREAM_READ_METHODS.contains(methodName)) {
JavaClass clz = classContext.getJavaClass();
bugReporter.reportBug(new BugInstance(this, OBJECT_DESERIALIZATION_TYPE, HIGH_PRIORITY) //
.addClass(clz).addMethod(clz, m).addSourceLine(classContext,m,location));
}
}
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:36,代码来源:ObjectDeserializationDetector.java
示例20: visitClassContext
import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
JavaClass javaClass = classContext.getJavaClass();
Method[] methodList = javaClass.getMethods();
for (Method m : methodList) {
try {
analyzeMethod(javaClass, m, classContext);
} catch (CFGBuilderException e) {
}
}
}
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:14,代码来源:LocalDenialOfServiceDetector.java
注:本文中的edu.umd.cs.findbugs.ba.CFGBuilderException类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论