• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Java CFGBuilderException类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中edu.umd.cs.findbugs.ba.CFGBuilderException的典型用法代码示例。如果您正苦于以下问题:Java CFGBuilderException类的具体用法?Java CFGBuilderException怎么用?Java CFGBuilderException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



CFGBuilderException类属于edu.umd.cs.findbugs.ba包,在下文中一共展示了CFGBuilderException类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: hasCustomReadObject

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
 * Check if the readObject is doing multiple external call beyond the basic readByte, readBoolean, etc..
 * @param m
 * @param classContext
 * @return
 * @throws CFGBuilderException
 * @throws DataflowAnalysisException
 */
private boolean hasCustomReadObject(Method m, ClassContext classContext,List<String> classesToIgnore)
        throws CFGBuilderException, DataflowAnalysisException {
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);
    int count = 0;
    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location location = i.next();
        Instruction inst = location.getHandle().getInstruction();
        //ByteCode.printOpCode(inst,cpg);
        if(inst instanceof InvokeInstruction) {
            InvokeInstruction invoke = (InvokeInstruction) inst;
            if (!READ_DESERIALIZATION_METHODS.contains(invoke.getMethodName(cpg))
                    && !classesToIgnore.contains(invoke.getClassName(cpg))) {
                count +=1;
            }
        }
    }
    return count > 3;
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:28,代码来源:DeserializationGadgetDetector.java


示例2: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();
    if (OBJECT_MAPPER_CLASSES.contains(javaClass.getClassName())) {
        return;
    }
    for (Field field : javaClass.getFields()) {
        analyzeField(field, javaClass);
    }
    for (Method m : javaClass.getMethods()) {
        try {
            analyzeMethod(m, classContext);
        }
        catch (CFGBuilderException | DataflowAnalysisException e) {
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:18,代码来源:UnsafeJacksonDeserializationDetector.java


示例3: analyzeMethod

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {
    MethodGen methodGen = classContext.getMethodGen(m);
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);

    if (methodGen == null || methodGen.getInstructionList() == null) {
        return; //No instruction .. nothing to do
    }
    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location location = i.next();
        Instruction inst = location.getHandle().getInstruction();
        if (inst instanceof InvokeInstruction) {
            InvokeInstruction invoke = (InvokeInstruction) inst;
            String methodName = invoke.getMethodName(cpg);
            if ("enableDefaultTyping".equals(methodName)) {
                JavaClass clz = classContext.getJavaClass();
                bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY)
                        .addClass(clz)
                        .addMethod(clz, m)
                        .addCalledMethod(cpg, invoke)
                        .addSourceLine(classContext, m, location)
                );
            }
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:UnsafeJacksonDeserializationDetector.java


示例4: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
    public void visitClassContext(ClassContext classContext) {
        JavaClass javaClass = classContext.getJavaClass();
//        System.out.println(javaClass.getSuperclassName() + "###");
        if(javaClass.getSuperclassName().equals("android.webkit.WebViewClient")) {
            Method[] methodList = javaClass.getMethods();

            for (Method m : methodList) {
//                System.out.println(m.getName() + "###");
                if(m.getName().equals("onReceivedSslError")) {
                    try {
                        analyzeMethod(javaClass, m, classContext);
                    } catch (CFGBuilderException e) {
                    }
                }
            }
        }
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:19,代码来源:WebViewSslErrorDetector.java


示例5: analyzeMethod

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {

        ConstantPoolGen cpg = classContext.getConstantPoolGen();
        CFG cfg = classContext.getCFG(m);
        
        for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
            Location location = i.next();

            Instruction inst = location.getHandle().getInstruction();
            
            if (inst instanceof LDC) {
                LDC ldc = (LDC) inst;
                if (ldc != null) {
                    if("java.naming.security.authentication".equals(ldc.getValue(cpg)) &&
                       "none".equals(ByteCode.getConstantLDC(location.getHandle().getNext(), cpg, String.class))){
                        JavaClass clz = classContext.getJavaClass();
                        bugReporter.reportBug(new BugInstance(this, LDAP_ANONYMOUS, Priorities.LOW_PRIORITY) //
                        .addClass(clz)
                        .addMethod(clz, m)
                        .addSourceLine(classContext, m, location));
                        break;
                    }
                }
            }            
        }
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:27,代码来源:AnonymousLdapDetector.java


示例6: isSafeValue

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private boolean isSafeValue(Location location, ConstantPoolGen cpg) throws CFGBuilderException {
    Instruction prevIns = location.getHandle().getInstruction();
    if (prevIns instanceof LDC || prevIns instanceof GETSTATIC)
        return true;
    if (prevIns instanceof InvokeInstruction) {
        String methodName = ((InvokeInstruction) prevIns).getMethodName(cpg);
        if (methodName.startsWith("to") && methodName.endsWith("String") && methodName.length() > 8)
            return true;
    }
    if (prevIns instanceof AALOAD) {
        CFG cfg = classContext.getCFG(method);

        Location prev = getPreviousLocation(cfg, location, true);
        if (prev != null) {
            Location prev2 = getPreviousLocation(cfg, prev, true);
            if (prev2 != null && prev2.getHandle().getInstruction() instanceof GETSTATIC) {
                GETSTATIC getStatic = (GETSTATIC) prev2.getHandle().getInstruction();
                if (getStatic.getSignature(cpg).equals("[Ljava/lang/String;"))
                    return true;
            }
        }
    }
    return false;
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:25,代码来源:FindSqlInjection.java


示例7: hasManyPreceedingNullTests

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private boolean hasManyPreceedingNullTests(int pc) {
    int ifNullTests = 0;
    BitSet seen = new BitSet();
    try {
        for (Iterator<Location> i = classContext.getCFG(method).locationIterator(); i.hasNext();) {
            Location loc = i.next();
            int pc2 = loc.getHandle().getPosition();
            if (pc2 >= pc || pc2 < pc - 30)
                continue;
            Instruction ins = loc.getHandle().getInstruction();
            if ((ins instanceof IFNONNULL || ins instanceof IFNULL || ins instanceof NullnessConversationInstruction)
                    && !seen.get(pc2)) {
                ifNullTests++;
                seen.set(pc2);
            }
        }
        boolean result = ifNullTests > 2;

        // System.out.println("Preceeding null tests " + ifNullTests + " " +
        // ifNonnullTests + " " + result);
        return result;
    } catch (CFGBuilderException e) {
        return false;
    }
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:26,代码来源:FindNullDeref.java


示例8: isDuplicated

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
 * @param propertySet
 * @param pc
 * @param isConsistent
 * @return
 */
public boolean isDuplicated(WarningPropertySet<WarningProperty> propertySet, int pc, boolean isConsistent) {
    boolean duplicated = false;
    if (!isConsistent) {
        if (propertySet.containsProperty(NullDerefProperty.DEREFS_ARE_CLONED))
            duplicated = true;

        else
            try {
                CFG cfg = classContext.getCFG(method);
                if (cfg.getLocationsContainingInstructionWithOffset(pc).size() > 1) {
                    propertySet.addProperty(NullDerefProperty.DEREFS_ARE_INLINED_FINALLY_BLOCKS);
                    duplicated = true;
                }
            } catch (CFGBuilderException e) {
                AnalysisContext.logError("Error while analyzing " + classContext.getFullyQualifiedMethodName(method), e);
            }
    }
    return duplicated;
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:26,代码来源:FindNullDeref.java


示例9: buildResourceCollection

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private ResourceCollection<Resource> buildResourceCollection(ClassContext classContext, Method method,
        ResourceTrackerType resourceTracker) throws CFGBuilderException, DataflowAnalysisException {

    ResourceCollection<Resource> resourceCollection = new ResourceCollection<Resource>();

    CFG cfg = classContext.getCFG(method);
    ConstantPoolGen cpg = classContext.getConstantPoolGen();

    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
        Location location = i.next();
        Resource resource = resourceTracker.isResourceCreation(location.getBasicBlock(), location.getHandle(), cpg);
        if (resource != null)
            resourceCollection.addCreatedResource(location, resource);
    }

    return resourceCollection;
}
 
开发者ID:ytus,项目名称:findbugs-all-the-bugs,代码行数:18,代码来源:ResourceTrackingDetector.java


示例10: PatternMatcher

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
 * Constructor.
 * 
 * @param pattern
 *            the ByteCodePattern to look for examples of
 * @param classContext
 *            ClassContext for the class to analyze
 * @param method
 *            the Method to analyze
 */
public PatternMatcher(ByteCodePattern pattern, ClassContext classContext, Method method) throws CFGBuilderException,
        DataflowAnalysisException {
    this.pattern = pattern;
    this.cfg = classContext.getCFG(method);
    this.cpg = classContext.getConstantPoolGen();
    this.dfs = classContext.getDepthFirstSearch(method);
    this.vnaDataflow = classContext.getValueNumberDataflow(method);
    this.domAnalysis = classContext.getNonExceptionDominatorsAnalysis(method);
    this.workList = new LinkedList<BasicBlock>();
    this.visitedBlockMap = new IdentityHashMap<BasicBlock, BasicBlock>();
    this.resultList = new LinkedList<ByteCodePatternMatch>();
}
 
开发者ID:OpenNTF,项目名称:FindBug-for-Domino-Designer,代码行数:23,代码来源:PatternMatcher.java


示例11: scan

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
/**
 * Scan a method for self call sites.
 *
 * @param node the CallGraphNode for the method to be scanned
 */
private void scan(CallGraphNode node) throws CFGBuilderException {
	Method method = node.getMethod();
	CFG cfg = classContext.getCFG(method);

	if (method.isSynchronized())
		hasSynchronization = true;

	Iterator<BasicBlock> i = cfg.blockIterator();
	while (i.hasNext()) {
		BasicBlock block = i.next();
		Iterator<InstructionHandle> j = block.instructionIterator();
		while (j.hasNext()) {
			InstructionHandle handle = j.next();

			Instruction ins = handle.getInstruction();
			if (ins instanceof InvokeInstruction) {
				InvokeInstruction inv = (InvokeInstruction) ins;
				Method called = isSelfCall(inv);
				if (called != null) {
					// Add edge to call graph
					CallSite callSite = new CallSite(method, block, handle);
					callGraph.createEdge(node, callGraph.getNodeForMethod(called), callSite);

					// Add to called method set
					calledMethodSet.add(called);
				}
			} else if (ins instanceof MONITORENTER || ins instanceof MONITOREXIT) {
				hasSynchronization = true;
			}
		}
	}
}
 
开发者ID:parabuild-ci,项目名称:parabuild-ci,代码行数:38,代码来源:SelfCalls.java


示例12: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass clazz = classContext.getJavaClass();

    if (hasRequestMapping(clazz)) {
        Method[] methods = clazz.getMethods();
        for (Method m: methods) {

            try {
                analyzeMethod(m, classContext);
            } catch (CFGBuilderException e){
            }
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:16,代码来源:SpringUnvalidatedRedirectDetector.java


示例13: analyzeMethod

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException{
    JavaClass clazz = classContext.getJavaClass();
    ConstantPoolGen cpg = classContext.getConstantPoolGen();
    CFG cfg = classContext.getCFG(m);

    for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
        Location loc = i.next();
        Instruction inst = loc.getHandle().getInstruction();

        if (inst instanceof INVOKEVIRTUAL) {
            INVOKEVIRTUAL invoke = (INVOKEVIRTUAL)inst;
            if( "java.lang.StringBuilder".equals(invoke.getClassName(cpg)) && "append".equals(invoke.getMethodName(cpg))) {
                Instruction prev = loc.getHandle().getPrev().getInstruction();

                if (prev instanceof LDC) {
                    LDC ldc = (LDC)prev;
                    Object value = ldc.getValue(cpg);

                    if (value instanceof String) {
                        String v = (String)value;

                        if ("redirect:".equals(v)) {
                            BugInstance bug = new BugInstance(this, SPRING_UNVALIDATED_REDIRECT_TYPE, Priorities.NORMAL_PRIORITY);
                            bug.addClass(clazz).addMethod(clazz,m).addSourceLine(classContext,m,loc);
                            reporter.reportBug(bug);
                        }
                    }
                }
            }
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:33,代码来源:SpringUnvalidatedRedirectDetector.java


示例14: getLocationIterator

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private static Iterator<Location> getLocationIterator(ClassContext classContext, Method method)
        throws CheckedAnalysisException {
    try {
        return classContext.getCFG(method).locationIterator();
    } catch (CFGBuilderException ex) {
        throw new CheckedAnalysisException("cannot get control flow graph", ex);
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:9,代码来源:AbstractTaintDetector.java


示例15: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();

    Method[] methodList = javaClass.getMethods();

    for (Method m : methodList) {
        try {
            analyzeMethod(m,classContext);
        } catch (CFGBuilderException e) {
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:14,代码来源:CookieFlagsDetector.java


示例16: analyzeMethod

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException {

        ConstantPoolGen cpg = classContext.getConstantPoolGen();
        CFG cfg = classContext.getCFG(m);
        
        for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
            Location location = i.next();

            Instruction inst = location.getHandle().getInstruction();

            if (inst instanceof INVOKEINTERFACE) {
                INVOKEINTERFACE invoke = (INVOKEINTERFACE) inst;
                String methodName = invoke.getMethodName(cpg);
                String className = invoke.getClassName(cpg);

                if (className.equals("javax.servlet.http.HttpServletResponse") &&
                   (methodName.equals("addHeader") || methodName.equals("setHeader"))) {

                    LDC ldc = ByteCode.getPrevInstruction(location.getHandle().getPrev(), LDC.class);
                    if (ldc != null) {
                        String headerValue = ByteCode.getConstantLDC(location.getHandle().getPrev(), cpg, String.class);
                        if ("Access-Control-Allow-Origin".equalsIgnoreCase((String)ldc.getValue(cpg)) &&
                            (headerValue.contains("*") || "null".equalsIgnoreCase(headerValue))) {

                            JavaClass clz = classContext.getJavaClass();
                            bugReporter.reportBug(new BugInstance(this, PERMISSIVE_CORS, Priorities.HIGH_PRIORITY)
                            .addClass(clz)
                            .addMethod(clz, m)
                            .addSourceLine(classContext, m, location));
                        }
                    }
                }
            }
        }         
        
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:37,代码来源:PermissiveCORSDetector.java


示例17: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();
    Method[] methodList = javaClass.getMethods();
    for (Method m : methodList) {
        try {
            analyzeMethod(m, classContext);
        } catch (CFGBuilderException | DataflowAnalysisException e) {
            AnalysisContext.logError("Cannot analyze method", e);
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:13,代码来源:StaticIvDetector.java


示例18: allow_All_Hostname_Verify

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void allow_All_Hostname_Verify(ClassContext classContext, JavaClass javaClass, Method m){
        ConstantPoolGen cpg = classContext.getConstantPoolGen();
        CFG cfg = null;
        try {
            cfg = classContext.getCFG(m);
        } catch (CFGBuilderException e) {
            e.printStackTrace();
        }

        for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
            Location loc = i.next();
            //ByteCode.printOpCode(loc.getHandle().getInstruction(), cpg);

            Instruction inst = loc.getHandle().getInstruction();
            if (inst instanceof GETSTATIC) {
                GETSTATIC invoke = (GETSTATIC) inst;
//                        System.out.println(invoke.getClassName(cpg));
//                        System.out.println(invoke.getName(cpg));
//                        System.out.println(invoke.getSignature(cpg));
//                if("org.apache.http.conn.ssl.SSLSocketFactory".equals(invoke.getClassName(cpg)) &&
//                        "Lorg/apache/http/conn/ssl/X509HostnameVerifier;".equals(invoke.getSignature(cpg)) &&
//                        "ALLOW_ALL_HOSTNAME_VERIFIER".equals(invoke.getName(cpg))){
                if("ALLOW_ALL_HOSTNAME_VERIFIER".equals(invoke.getName(cpg))){
                    bugReporter.reportBug(new BugInstance(this, WEAK_HOSTNAME_VERIFIER_TYPE, Priorities.NORMAL_PRIORITY)
                            .addClassAndMethod(javaClass, m));
                }
            }
        }
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:30,代码来源:WeakTrustManagerDetector.java


示例19: analyzeMethod

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
private void analyzeMethod(Method m, ClassContext classContext) throws CFGBuilderException, DataflowAnalysisException
    {

        MethodGen methodGen = classContext.getMethodGen(m);
        ConstantPoolGen cpg = classContext.getConstantPoolGen();
        CFG cfg = classContext.getCFG(m);

        if (methodGen == null || methodGen.getInstructionList() == null) {
            return; //No instruction .. nothing to do
        }

        for (Iterator<Location> i = cfg.locationIterator(); i.hasNext(); ) {
            Location location = i.next();
            Instruction inst = location.getHandle().getInstruction();

            //
            if (inst instanceof InvokeInstruction) {
//                System.out.println(inst.getName());
                InvokeInstruction invoke = (InvokeInstruction) inst;

                String className = invoke.getClassName(cpg);
                if ("java.io.ObjectInputStream".equals(className) || className.contains("InputStream") || InterfaceUtils.isSubtype(className, "java.io.ObjectInputStream")) {

                    String methodName = invoke.getMethodName(cpg);
                    if (OBJECT_INPUTSTREAM_READ_METHODS.contains(methodName)) {

                        JavaClass clz = classContext.getJavaClass();
                        bugReporter.reportBug(new BugInstance(this, OBJECT_DESERIALIZATION_TYPE, HIGH_PRIORITY) //
                                .addClass(clz).addMethod(clz, m).addSourceLine(classContext,m,location));
                    }
                }

            }
        }
    }
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:36,代码来源:ObjectDeserializationDetector.java


示例20: visitClassContext

import edu.umd.cs.findbugs.ba.CFGBuilderException; //导入依赖的package包/类
@Override
public void visitClassContext(ClassContext classContext) {
    JavaClass javaClass = classContext.getJavaClass();

    Method[] methodList = javaClass.getMethods();

    for (Method m : methodList) {
        try {
            analyzeMethod(javaClass, m, classContext);
        } catch (CFGBuilderException e) {
        }
    }
}
 
开发者ID:blackarbiter,项目名称:Android_Code_Arbiter,代码行数:14,代码来源:LocalDenialOfServiceDetector.java



注:本文中的edu.umd.cs.findbugs.ba.CFGBuilderException类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Java Paths类代码示例发布时间:2022-05-22
下一篇:
Java ConfigurationParameter类代码示例发布时间:2022-05-22
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap