Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * fb-contrib - Auxiliary detectors for Java programs
   * Copyright (C) 2005-2015 Dave Brosius
   *
   * This library is free software; you can redistribute it and/or
   * modify it under the terms of the GNU Lesser General Public
   * License as published by the Free Software Foundation; either
   * version 2.1 of the License, or (at your option) any later version.
   *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 package com.mebigfatguy.fbcontrib.detect;
 
 import java.util.Map;
 
 
 
looks for methods that build xml based strings by concatenation strings and custom values together. Doing so makes brittle code, that is difficult to modify, validate and understand. It is cleaner to create external xml files that are transformed at runtime, using parameters set through Transformer.setParameter.
 
 public class CustomBuiltXML extends BytecodeScanningDetector
 {
 	private static final Map<PatternBooleanxmlPatterns = new HashMap<PatternBoolean>(10);
 	static {
 		.put(Pattern.compile(".*<[a-zA-Z_](\\w)*>[^=]?.*"), .);
 		.put(Pattern.compile(".*</[a-zA-Z_](\\w)*>[^=]?.*"), .);
 		.put(Pattern.compile(".*<[a-zA-Z_](\\w)*/>[^=]?.*"), .);
 		.put(Pattern.compile(".*<[^=]?(/)?$"), .);
 		.put(Pattern.compile("^(/)?>.*"), .);
 		.put(Pattern.compile(".*=(\\s)*[\"'].*"), .);
 		.put(Pattern.compile("^[\"']>.*"), .);
 		.put(Pattern.compile(".*<!\\[CDATA\\[.*".), .);
 		.put(Pattern.compile(".*\\]\\]>.*"), .);
 		.put(Pattern.compile(".*xmlns:.*"), .);
 	}
 	private static final String CBX_MIN_REPORTABLE_ITEMS = "fb-contrib.cbx.minxmlitems";
 	private OpcodeStack stack;
 	private int xmlItemCount = 0;
 	private int xmlConfidentCount = 0;
 	private int lowReportingThreshold;
 	private int midReportingThreshold;
 	private int highReportingThreshold;
 	private int firstPC;

constructs a CBX detector given the reporter to report bugs on

Parameters:
bugReporter the sync of bug reports
 
 	public CustomBuiltXML(BugReporter bugReporter) {
 		this. = bugReporter;
 
 	}

    
overrides the visitor to create and destroy the stack

Parameters:
classContext the context object of the currently parsed class
 
     @Override
     public void visitClassContext(ClassContext classContext) {
     	try {
 	         = new OpcodeStack();
 	        super.visitClassContext(classContext);
     	} finally {
 	         = null;
     	}
     }

overrides the visitor reset the opcode stack

Parameters:
obj the code object of the currently parsed method
	public void visitCode(Code obj) {
         = 0;
		 = -1;
		super.visitCode(obj);
													"CBX_CUSTOM_BUILT_XML",
										.addClass(this)
										.addMethod(this)
		}
	}

overrides the visitor to find String concatenations including xml strings

Parameters:
seen the opcode that is being visited
	public void sawOpcode(int seen) {
		String strCon = null;
		try {
	        .precomputation(this);
			if (seen == ) {
				if ("java/lang/StringBuffer".equals(clsName) || "java/lang/StringBuilder".equals(clsName)) {
					String methodName = getNameConstantOperand();
					String methodSig = getSigConstantOperand();
					if (..equals(methodName) && ("(Ljava/lang/String;)L" + clsName + ";").equals(methodSig)) {
						if (.getStackDepth() > 0) {
							strCon = (String)itm.getConstant();
						}
					}
				}
else if (seen == ) {
				if ("java/lang/StringBuffer".equals(clsName) || "java/lang/StringBuilder".equals(clsName)) {
					String methodName = getNameConstantOperand();
					String methodSig = getSigConstantOperand();
					if ("append".equals(methodName) && ("(Ljava/lang/String;)L" + clsName + ";").equals(methodSig)) {
						if (.getStackDepth() > 0) {
							strCon = (String)itm.getConstant();
						}
					}
				}
			}
			if (strCon != null) {
			    strCon = strCon.trim();
				if (strCon.length() == 0)
					return;
				for (Map.Entry<PatternBooleanentry : .entrySet()) {
					Matcher m = entry.getKey().matcher(strCon);
					if (m.matches()) {
						if (entry.getValue().booleanValue())
						if (( < 0) && ( > 0))
						break;
					}
				}
			}
finally {
			.sawOpcode(thisseen);
		}
	}
New to GrepCode? Check out our FAQ X