/** Handles a single code fragment. */ private void handleCodeFragment(List<String> resultList, ConstantPoolGen cpg, Code code) { for (Instruction i : new InstructionList(code.getCode()) .getInstructions()) { if (i instanceof NEW) { NEW newInstruction = (NEW) i; ObjectType ot = newInstruction.getLoadClassType(cpg); if (ot == null) { // ot is primitive type continue; } String newClassName = ot.getClassName(); if (!resultList.contains(newClassName) && !isBlacklisted(newClassName)) { resultList.add(newClassName); } } } }
/** * Return whether or not the given instruction can throw exceptions. * * @param handle * the instruction * @return true if the instruction can throw an exception, false otherwise */ private boolean isPEI(InstructionHandle handle) { Instruction ins = handle.getInstruction(); if (!(ins instanceof ExceptionThrower)) return false; if (ins instanceof NEW) return false; // if (ins instanceof ATHROW) return false; if (ins instanceof GETSTATIC) return false; if (ins instanceof PUTSTATIC) return false; if (ins instanceof ReturnInstruction) return false; if (ins instanceof INSTANCEOF) return false; if (ins instanceof MONITOREXIT) return false; if (ins instanceof LDC) return false; return true; }
/** Checks if the constraints of operands of the said instruction(s) are satisfied. */ public void visitNEW(NEW o){ indexValid(o, o.getIndex()); Constant c = cpg.getConstant(o.getIndex()); if (! (c instanceof ConstantClass)){ constraintViolated(o, "Expecting a CONSTANT_Class operand, but found a '"+c+"'."); } else{ ConstantUtf8 cutf8 = (ConstantUtf8) (cpg.getConstant( ((ConstantClass) c).getNameIndex() )); Type t = Type.getType("L"+cutf8.getBytes()+";"); if (t instanceof ArrayType){ constraintViolated(o, "NEW must not be used to create an array."); } } }
public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg, ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowAnalysisException { Instruction ins = handle.getInstruction(); if (!(ins instanceof NEW)) return null; LocalVariable result = new LocalVariable(after.getTopValue()); return addOrCheckDefinition(result, bindingSet); }
@Override public void visitNEW(NEW obj) { Taint taint = new Taint(Taint.State.SAFE); ObjectType type = obj.getLoadClassType(cpg); taint.setRealInstanceClass(type); if (FindSecBugsGlobalConfig.getInstance().isDebugTaintState()) { taint.setDebugInfo("new " + type.getClassName() + "()"); } getFrame().pushValue(taint); }
public void visitNEW(NEW n) { Type t = n.getType(poolGen); log.log(" instr(new)=" + t, Project.MSG_DEBUG); String type = t.toString(); design.checkClass(type); }
public static boolean isNullCheck(InstructionHandle h, ConstantPoolGen cpg) { if (!(h.getInstruction() instanceof IFNONNULL)) return false; h = h.getNext(); final Instruction newInstruction = h.getInstruction(); if (!(newInstruction instanceof NEW)) return false; final ObjectType loadClassType = ((NEW) newInstruction).getLoadClassType(cpg); if (!loadClassType.getClassName().equals("java.lang.NullPointerException")) return false; h = h.getNext(); return check(h, NULLCHECK1) || check(h, NULLCHECK2); }
@Override public MatchResult match(InstructionHandle handle, ConstantPoolGen cpg, ValueNumberFrame before, ValueNumberFrame after, BindingSet bindingSet) throws DataflowAnalysisException { Instruction ins = handle.getInstruction(); if (!(ins instanceof NEW)) return null; LocalVariable result = new LocalVariable(after.getTopValue()); return addOrCheckDefinition(result, bindingSet); }
@Override public void run() { String args[] = EntryPoint.getArgs(); String inputJarFileName = args[0]; String outputSrgMappingsFileName = args[1]; try ( PrintWriter outputSrgMappingWriter = new PrintWriter(outputSrgMappingsFileName); JarFile inputJarFile = new JarFile(inputJarFileName) ) { for (JarEntry jarEntry : new EnumerationIterator<>(inputJarFile.entries())) { if (jarEntry.isDirectory() || !jarEntry.getName().endsWith(".class")) { continue; } String original = Utils.stripClassEnding(jarEntry.getName()); JavaClass clazz = new ClassParser(inputJarFile.getInputStream(jarEntry), original).parse(); if (clazz.isEnum()) { Method staticInit = getCLInit(clazz); //skip enums with no static init method if (staticInit == null) { continue; } ConstantPoolGen cpGen = new ClassGen(clazz).getConstantPool(); MethodGen methodGen = new MethodGen(staticInit, clazz.getClassName(), cpGen); Iterator<Instruction> instrIter = Arrays.asList(methodGen.getInstructionList().getInstructions()).iterator(); while (instrIter.hasNext()) { //first goes NEW Instruction instr = instrIter.next(); if (!(instr instanceof NEW)) { break; } //but it may actually be another new, so we check if it is for enum constant if (!((NEW) instr).getLoadClassType(cpGen).getClassName().equals(clazz.getClassName())) { break; } //then goes dup, skip it instrIter.next(); //LDC with our real enum name String realName = (String) ((LDC) instrIter.next()).getValue(cpGen); //now skip everything, until we reach invokespecial with <init> for this enum field while (true) { Instruction nextInstr = instrIter.next(); if (nextInstr instanceof INVOKESPECIAL) { INVOKESPECIAL ispecial = ((INVOKESPECIAL) nextInstr); if (ispecial.getMethodName(cpGen).equals("<init>") && (ispecial.getClassName(cpGen).equals(clazz.getClassName()))) { break; } } } //next is putstatic with our obufscated field name PUTSTATIC putstatic = (PUTSTATIC) instrIter.next(); String obfName = putstatic.getFieldName(cpGen); //now print the mapping outputSrgMappingWriter.println(MappingUtils.createSRG(clazz.getClassName(), obfName, realName)); } } } } catch (Throwable t) { t.printStackTrace(); } }
@Override public void visitNEW(NEW obj) { produce(IsNullValue.nonNullValue()); }
