コード例 #1
0
 /**
  * The detector is only meaningful for Java5 class libraries.
  *
  * @param classContext the context object that holds the JavaClass parsed
  */
 @Override
 public void visitClassContext(ClassContext classContext) {
   int majorVersion = classContext.getJavaClass().getMajor();
   if (majorVersion >= MAJOR_1_5) {
     super.visitClassContext(classContext);
   }
 }
コード例 #2
0
 @Override
 public void visit(Code obj) {
   if (DEBUG) {
     System.out.println("Checking " + obj);
   }
   lastQuestionableCheckTarget = -1;
   super.visit(obj);
 }
コード例 #3
0
 @Override
 public void visit(Code code) {
   boolean interesting = true;
   if (interesting) {
     // initialize any variables we want to initialize for the method
     super.visit(code); // make callbacks to sawOpcode for all opcodes
   }
   accumulator.reportAccumulatedBugs();
 }
コード例 #4
0
  @Override
  public void visit(Method method) {
    super.visit(method);

    String methodName = method.getName();

    if ("foo".equals(methodName) || "bar".equals(methodName)) {
      reporter.reportBug(
          new BugInstance("LJCU_BUG_3", Priorities.HIGH_PRIORITY)
              .addClass(this)
              .addMethod(this)
              .addSourceLine(this));
    }
  }
  @Override
  public void visit(Code code) {
    if (getMethod().isStatic() || getMethod().isPrivate()) return;
    XMethod overrides =
        Lookup.findSuperImplementorAsXMethod(
            getThisClass(), getMethodName(), getMethodSig(), bugReporter);

    if (overrides == null) return;
    AnnotationValue annotation = overrides.getAnnotation(mustOverrideAnnotation);
    if (annotation == null) return;
    sawCallToSuper = false;
    super.visit(code);
    if (!sawCallToSuper)
      bugReporter.reportBug(
          new BugInstance(this, "TESTING", NORMAL_PRIORITY).addClassAndMethod(this));
  }
コード例 #6
0
 @Override
 public void visit(Code obj) {
   if (isSerializable) {
     super.visit(obj);
   }
 }
コード例 #7
0
  @Override
  public void visit(Method obj) {

    int accessFlags = obj.getAccessFlags();
    boolean isSynchronized = (accessFlags & ACC_SYNCHRONIZED) != 0;
    if (getMethodName().equals("<init>")
        && getMethodSig().equals("()V")
        && (accessFlags & ACC_PUBLIC) != 0) hasPublicVoidConstructor = true;
    if (!getMethodName().equals("<init>") && isSynthetic(obj)) foundSynthetic = true;
    // System.out.println(methodName + isSynchronized);

    if (getMethodName().equals("readExternal")
        && getMethodSig().equals("(Ljava/io/ObjectInput;)V")) {
      sawReadExternal = true;
      if (DEBUG && !obj.isPrivate())
        System.out.println("Non-private readExternal method in: " + getDottedClassName());
    } else if (getMethodName().equals("writeExternal")
        && getMethodSig().equals("(Ljava/io/Objectoutput;)V")) {
      sawWriteExternal = true;
      if (DEBUG && !obj.isPrivate())
        System.out.println("Non-private writeExternal method in: " + getDottedClassName());
    } else if (getMethodName().equals("readResolve")
        && getMethodSig().startsWith("()")
        && isSerializable) {
      sawReadResolve = true;
      if (!getMethodSig().equals("()Ljava/lang/Object;"))
        bugReporter.reportBug(
            new BugInstance(this, "SE_READ_RESOLVE_MUST_RETURN_OBJECT", HIGH_PRIORITY)
                .addClassAndMethod(this));
      else if (obj.isStatic())
        bugReporter.reportBug(
            new BugInstance(this, "SE_READ_RESOLVE_IS_STATIC", HIGH_PRIORITY)
                .addClassAndMethod(this));
      else if (obj.isPrivate())
        try {
          Set<ClassDescriptor> subtypes =
              AnalysisContext.currentAnalysisContext()
                  .getSubtypes2()
                  .getSubtypes(getClassDescriptor());
          if (subtypes.size() > 1) {
            BugInstance bug =
                new BugInstance(this, "SE_PRIVATE_READ_RESOLVE_NOT_INHERITED", NORMAL_PRIORITY)
                    .addClassAndMethod(this);
            boolean nasty = false;
            for (ClassDescriptor subclass : subtypes)
              if (!subclass.equals(getClassDescriptor())) {

                XClass xSub = AnalysisContext.currentXFactory().getXClass(subclass);
                if (xSub != null
                    && xSub.findMethod("readResolve", "()Ljava/lang/Object;", false) == null
                    && xSub.findMethod("writeReplace", "()Ljava/lang/Object;", false) == null) {
                  bug.addClass(subclass).describe(ClassAnnotation.SUBCLASS_ROLE);
                  nasty = true;
                }
              }
            if (nasty) bug.setPriority(HIGH_PRIORITY);
            else if (!getThisClass().isPublic()) bug.setPriority(LOW_PRIORITY);
            bugReporter.reportBug(bug);
          }

        } catch (ClassNotFoundException e) {
          bugReporter.reportMissingClass(e);
        }

    } else if (getMethodName().equals("readObject")
        && getMethodSig().equals("(Ljava/io/ObjectInputStream;)V")
        && isSerializable) {
      sawReadObject = true;
      if (!obj.isPrivate())
        bugReporter.reportBug(
            new BugInstance(this, "SE_METHOD_MUST_BE_PRIVATE", HIGH_PRIORITY)
                .addClassAndMethod(this));

    } else if (getMethodName().equals("readObjectNoData")
        && getMethodSig().equals("()V")
        && isSerializable) {

      if (!obj.isPrivate())
        bugReporter.reportBug(
            new BugInstance(this, "SE_METHOD_MUST_BE_PRIVATE", HIGH_PRIORITY)
                .addClassAndMethod(this));

    } else if (getMethodName().equals("writeObject")
        && getMethodSig().equals("(Ljava/io/ObjectOutputStream;)V")
        && isSerializable) {
      sawWriteObject = true;
      if (!obj.isPrivate())
        bugReporter.reportBug(
            new BugInstance(this, "SE_METHOD_MUST_BE_PRIVATE", HIGH_PRIORITY)
                .addClassAndMethod(this));
    }

    if (isSynchronized) {
      if (getMethodName().equals("readObject")
          && getMethodSig().equals("(Ljava/io/ObjectInputStream;)V")
          && isSerializable)
        bugReporter.reportBug(
            new BugInstance(this, "RS_READOBJECT_SYNC", NORMAL_PRIORITY).addClass(this));
      else if (getMethodName().equals("writeObject")
          && getMethodSig().equals("(Ljava/io/ObjectOutputStream;)V")
          && isSerializable) writeObjectIsSynchronized = true;
      else foundSynchronizedMethods = true;
    }
    super.visit(obj);
  }
コード例 #8
0
 @Override
 public void visit(Code obj) {
   super.visit(obj);
   bugAccumulator.reportAccumulatedBugs();
 }