@Override public void visitICONST(ICONST obj) { Taint t = new Taint(Taint.State.SAFE); if (FindSecBugsGlobalConfig.getInstance().isDebugTaintState()) { t.setDebugInfo("" + obj.getValue().intValue()); } getFrame().pushValue(t); }
void removeUnusedLocals(Method mOrig, MethodGen m) { InstructionList il = m.getInstructionList(); InstructionHandle[] ins = il.getInstructionHandles(); for (int i = 0; i < ins.length; i++) { Instruction in = ins[i].getInstruction(); if (in instanceof LocalVariableInstruction) { LocalVariableInstruction curr = (LocalVariableInstruction) in; if (mtab.getLocal(m, curr, ins[i].getPosition()) != null && curr.getIndex() < m.getMaxLocals() - 5 && !mtab.isLocalUsedInInlet(mOrig, curr.getIndex())) { if (curr instanceof IINC) { ins[i].setInstruction(new NOP()); } else if (curr instanceof LSTORE || curr instanceof DSTORE) { ins[i].setInstruction(new POP2()); } else if (curr instanceof StoreInstruction) { ins[i].setInstruction(new POP()); } else if (curr instanceof ALOAD) { ins[i].setInstruction(new ACONST_NULL()); } else if (curr instanceof FLOAD) { ins[i].setInstruction(new FCONST((float) 0.0)); } else if (curr instanceof ILOAD) { ins[i].setInstruction(new ICONST(0)); } else if (curr instanceof DLOAD) { ins[i].setInstruction(new DCONST(0.0)); } else if (curr instanceof LLOAD) { ins[i].setInstruction(new LCONST(0L)); } else { System.out.println("unhandled ins in " + "removeUnusedLocals: " + curr); System.exit(1); } } } } }
private MethodGen createRunMethod(ClassGen closureClass, ClosureScope scope, GenScope parentScope) { InstructionList il = new InstructionList(); MethodGen mg = new MethodGen(Constants.ACC_PUBLIC,// access flags Type.VOID, Type.NO_ARGS, new String[] {}, "run", closureClass.getClassName(), // method, class il, closureClass.getConstantPool()); scope.processMethod(mg); InstructionFactory ifact = scope.getInstructionFactory(); il.append(InstructionFactory.THIS); for(int i = 0; i < formalParameters.size(); i++) { il.append(InstructionFactory.THIS); // with this, I get class-circularity-error // il.append(ifact.createGetField(DefaultTypes.RunnableClosure.getClassName(), "params", DefaultTypes.ArrayList)); il.append(ifact.createGetField(closureClass.getClassName(), "params", DefaultTypes.ArrayList)); il.append(new ICONST(i)); il.append(ifact.createInvoke(DefaultTypes.ArrayList.getClassName(), "get", Type.OBJECT, new Type[] { Type.INT }, Constants.INVOKEVIRTUAL)); } il.append(ifact.createInvoke(closureClass.getClassName(), "call", Type.OBJECT, getParameterTypes(), Constants.INVOKEVIRTUAL)); il.append(InstructionFactory.THIS); il.append(InstructionConstants.SWAP); il.append(ifact.createPutField(closureClass.getClassName(), "result", Type.OBJECT)); InstructionHandle end = il.append(InstructionConstants.RETURN); // TODO: Line numbers mg.setMaxStack(); mg.setMaxLocals(); return mg; }
@Override public void sawOpcode(int seen) { if (seen != Constants.INVOKEVIRTUAL) { return; } String fullClassName = getClassConstantOperand(); String method = getNameConstantOperand(); //The method call is doing XML parsing (see class javadoc) if (fullClassName.equals("javax/xml/stream/XMLInputFactory") && method.equals("createXMLStreamReader")) { ClassContext classCtx = getClassContext(); ConstantPoolGen cpg = classCtx.getConstantPoolGen(); CFG cfg; try { cfg = classCtx.getCFG(getMethod()); } catch (CFGBuilderException e) { AnalysisContext.logError("Cannot get CFG", e); return; } for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) { Location location = i.next(); Instruction inst = location.getHandle().getInstruction(); //DTD disallow //XMLInputFactory.setProperty if (inst instanceof org.apache.bcel.generic.INVOKEVIRTUAL) { InvokeInstruction invoke = (InvokeInstruction) inst; if ("setProperty".equals(invoke.getMethodName(cpg))) { org.apache.bcel.generic.LDC loadConst = ByteCode.getPrevInstruction(location.getHandle(), LDC.class); if (loadConst != null) { if (PROPERTY_SUPPORT_DTD.equals(loadConst.getValue(cpg)) || PROPERTY_IS_SUPPORTING_EXTERNAL_ENTITIES.equals(loadConst.getValue(cpg))){ InstructionHandle prev1 = location.getHandle().getPrev(); InstructionHandle prev2 = prev1.getPrev(); //Case where the boolean is wrapped like : Boolean.valueOf(true) : 2 instructions if (invokeInstruction().atClass("java.lang.Boolean").atMethod("valueOf").matches(prev1.getInstruction(),cpg)) { if (prev2.getInstruction() instanceof ICONST) { Integer valueWrapped = ByteCode.getConstantInt(prev2); if (valueWrapped != null && valueWrapped.equals(0)) { //Value is false return; //Safe feature is disable } } } //Case where the boolean is declared as : Boolean.FALSE else if (prev1.getInstruction() instanceof org.apache.bcel.generic.GETSTATIC) { org.apache.bcel.generic.GETSTATIC getstatic = (org.apache.bcel.generic.GETSTATIC) prev1.getInstruction(); if (getstatic.getClassType(cpg).getClassName().equals("java.lang.Boolean") && getstatic.getFieldName(cpg).equals("FALSE")) { return; } } } } } } } //Raise a bug bugReporter.reportBug(new BugInstance(this, XXE_XMLSTREAMREADER_TYPE, Priorities.NORMAL_PRIORITY) // .addClass(this).addMethod(this).addSourceLine(this)); } }
void initSpawnTargets(InstructionList il) { for (int i = 0; i < idTable.size(); i++) { InstructionList storeIns = getStoreIns(i); if (storeIns == null) { continue; } if (isArrayStore(storeIns.getStart())) { continue; } Instruction store = storeIns.getStart().getInstruction(); if (store instanceof LSTORE) { il.insert(new LCONST(0)); il.append(il.getStart(), store); } else if (store instanceof ISTORE) { il.insert(new ICONST(0)); il.append(il.getStart(), store); } else if (store instanceof FSTORE) { il.insert(new FCONST((float) 0.0)); il.append(il.getStart(), store); } else if (store instanceof DSTORE) { il.insert(new DCONST(0.0)); il.append(il.getStart(), store); } else if (store instanceof ASTORE) { il.insert(new ACONST_NULL()); il.append(il.getStart(), store); } else if (store instanceof PUTFIELD) { // no need to init. } else if (store instanceof PUTSTATIC) { // no need to init. } else if (store instanceof ALOAD) { // no need to init. } else { System.err.println("WARNING: Unhandled store instruction in " + "initSpawnTargets, opcode = " + store.getOpcode() + " ins = " + store); // System.exit(1); } } }
byte[] counterAdaptClass(final InputStream is, final String name) throws Exception { JavaClass jc = new ClassParser(is, name + ".class").parse(); ClassGen cg = new ClassGen(jc); ConstantPoolGen cp = cg.getConstantPool(); if (!cg.isInterface()) { FieldGen fg = new FieldGen(ACC_PUBLIC, Type.getType("I"), "_counter", cp); cg.addField(fg.getField()); } Method[] ms = cg.getMethods(); for (int j = 0; j < ms.length; ++j) { MethodGen mg = new MethodGen(ms[j], cg.getClassName(), cp); if (!mg.getName().equals("<init>") && !mg.isStatic() && !mg.isAbstract() && !mg.isNative()) { if (mg.getInstructionList() != null) { InstructionList il = new InstructionList(); il.append(new ALOAD(0)); il.append(new ALOAD(0)); il.append(new GETFIELD(cp.addFieldref(name, "_counter", "I"))); il.append(new ICONST(1)); il.append(new IADD()); il.append(new PUTFIELD(cp.addFieldref(name, "_counter", "I"))); mg.getInstructionList().insert(il); mg.setMaxStack(Math.max(mg.getMaxStack(), 2)); boolean lv = ms[j].getLocalVariableTable() == null; boolean ln = ms[j].getLineNumberTable() == null; if (lv) { mg.removeLocalVariables(); } if (ln) { mg.removeLineNumbers(); } cg.replaceMethod(ms[j], mg.getMethod()); } } } return cg.getJavaClass().getBytes(); }
@SuppressWarnings("unused") // Called using reflection private Instruction createInstructionIconst(Element inst) { int value = Integer.parseInt(inst.getAttributeValue("value")); return new ICONST(value); }
@Override public void visitICONST(ICONST obj) { Number value = obj.getValue(); Constant c = new Constant(value); getFrame().pushValue(c); }
