Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * fb-contrib - Auxiliary detectors for Java programs
   * Copyright (C) 2005-2015 Chris Peterson
   * Copyright (C) 2005-2015 Jean-Noel Rouvignac
   * 
   * This library is free software; you can redistribute it and/or
   * modify it under the terms of the GNU Lesser General Public
   * License as published by the Free Software Foundation; either
   * version 2.1 of the License, or (at your option) any later version.
  * 
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * Lesser General Public License for more details.
  * 
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 package com.mebigfatguy.fbcontrib.detect;
 
 import java.util.Map;
 
 
looks for method calls that are unsafe or might indicate bugs.
 
 public class MoreDumbMethods extends BytecodeScanningDetector
 {
 	private static class ReportInfo {
 		private final String bugPattern;
 		private final int bugPriority;
 		
 		ReportInfo(String patternint priority) {
 			 = pattern;
 			 = priority;
 		}
 		
 			return ;
 		}
 		
 		int getPriority() {
 			return ;
 		}
 		
 		public String toString() {
 			return ToString.build(this);
 		}
 	}
 	
 	private final static Map<String,ReportInfodumbMethods = new HashMap<String,ReportInfo>();
 	static {
 		.put("java/lang/Runtime.exit(I)V",	new ReportInfo("MDM_RUNTIME_EXIT_OR_HALT"));
 		.put("java/lang/Runtime.halt(I)V",	new ReportInfo("MDM_RUNTIME_EXIT_OR_HALT"));
 		
 		.put("java/lang/Runtime.runFinalization()V",	new ReportInfo("MDM_RUNFINALIZATION"));
 		.put("java/lang/System.runFinalization()V",	new ReportInfo("MDM_RUNFINALIZATION"));
 		
 		.put("java/math/BigDecimal.equals(Ljava/lang/Object;)Z"new ReportInfo("MDM_BIGDECIMAL_EQUALS"));
 
 		//
 		// Network checks
 		//
 		.put("java/net/InetAddress.getLocalHost()Ljava/net/InetAddress;"new ReportInfo("MDM_INETADDRESS_GETLOCALHOST"));
 
 		.put("java/net/ServerSocket.<init>(I)V",	new ReportInfo("MDM_PROMISCUOUS_SERVERSOCKET"));
 		.put("java/net/ServerSocket.<init>(II)V"new ReportInfo("MDM_PROMISCUOUS_SERVERSOCKET"));
 		.put("javax/net/ServerSocketFactory.createServerSocket(I)Ljava/net/ServerSocket;"new ReportInfo("MDM_PROMISCUOUS_SERVERSOCKET"));
 		.put("javax/net/ServerSocketFactory.createServerSocket(II)Ljava/net/ServerSocket;",	new ReportInfo("MDM_PROMISCUOUS_SERVERSOCKET"));
 
 		//
 		// Random Number Generator checks
 		//
 		.put("java/util/Random.<init>()V",				new ReportInfo("MDM_RANDOM_SEED"));
 
 		//
 		// Thread checks
 		//
 		.put("java/lang/Thread.getPriority()I",    new ReportInfo("MDM_THREAD_PRIORITIES"));
 		.put("java/lang/Thread.setPriority(I)V",   new ReportInfo("MDM_THREAD_PRIORITIES"));
 
 		.put("java/lang/Thread.sleep(J)V",	new ReportInfo("MDM_THREAD_YIELD"));
 		.put("java/lang/Thread.sleep(JI)V",	new ReportInfo("MDM_THREAD_YIELD"));
 		.put("java/lang/Thread.yield()V",	new ReportInfo("MDM_THREAD_YIELD"));
 
 		.put("java/lang/Thread.join()V"new ReportInfo("MDM_WAIT_WITHOUT_TIMEOUT"));
 		.put("java/lang/Object.wait()V",							new ReportInfo("MDM_WAIT_WITHOUT_TIMEOUT"));
 		.put("java/util/concurrent/locks/Condition.await()V",	new ReportInfo("MDM_WAIT_WITHOUT_TIMEOUT"));
 		.put("java/util/concurrent/locks/Lock.lock()V",			new ReportInfo("MDM_WAIT_WITHOUT_TIMEOUT"));
 		.put("java/util/concurrent/locks/Lock.lockInterruptibly()V",	new ReportInfo("MDM_WAIT_WITHOUT_TIMEOUT"));
		.put("java/util/concurrent/locks/ReentrantLock.lock()V",	new ReportInfo("MDM_WAIT_WITHOUT_TIMEOUT"));
		.put("java/util/concurrent/locks/ReentrantLock.lockInterruptibly()V",	new ReportInfo("MDM_WAIT_WITHOUT_TIMEOUT"));
		.put("java/util/concurrent/locks/Condition.signal()V",	new ReportInfo("MDM_SIGNAL_NOT_SIGNALALL"));
		.put("java/util/concurrent/locks/Lock.tryLock()Z",			new ReportInfo("MDM_THREAD_FAIRNESS"));
		.put("java/util/concurrent/locks/ReentrantLock.tryLock()Z",	new ReportInfo("MDM_THREAD_FAIRNESS"));
		.put("java/util/concurrent/locks/ReentrantLock.isHeldByCurrentThread()Z",	new ReportInfo("MDM_LOCK_ISLOCKED"));
		.put("java/util/concurrent/locks/ReentrantLock.isLocked()Z",	new ReportInfo("MDM_LOCK_ISLOCKED"));
		//
		// String checks
		//
		.put("java/lang/String.<init>([B)V",		new ReportInfo("MDM_STRING_BYTES_ENCODING"));
		.put("java/lang/String.getBytes()[B",	new ReportInfo("MDM_STRING_BYTES_ENCODING"));
		.put("java/util/Locale.setDefault(Ljava/util/Locale;)V"new ReportInfo("MDM_SETDEFAULTLOCALE"));
	}
	private final BugReporter bugReporter;

constructs an MDM detector given the reporter to report bugs on

Parameters:
bugReporter the sync of bug reports
	public MoreDumbMethods(BugReporter bugReporter) {
		this. = bugReporter;
	}
	public void visitClassContext(ClassContext classContext) {
	    if (classContext.getJavaClass().getMajor() <= ) {
	        .put("java/security/SecureRandom.<init>()V",     new ReportInfo("MDM_SECURERANDOM"));
	        .put("java/security/SecureRandom.<init>([B)V",   new ReportInfo("MDM_SECURERANDOM"));
	        .put("java/security/SecureRandom.getSeed(I)[B",  new ReportInfo("MDM_SECURERANDOM"));
	    } else {
	        .remove("java/security/SecureRandom.<init>()V");
	        .remove("java/security/SecureRandom.<init>([B)V");
	        .remove("java/security/SecureRandom.getSeed(I)[B");
	    }
	    
	    // TODO Auto-generated method stub
	    super.visitClassContext(classContext);
	}
	public void sawOpcode(int seen) {
		if (seen ==  
			|| seen == 
			|| seen == 
			|| seen == ) {	
			if (info != null) {
				reportBug(info);
			}
		}
	}
		final String className  = getClassConstantOperand();
		final String methodName = getNameConstantOperand();
		final String methodSig  = getSigConstantOperand();
		return String.format("%s.%s%s"classNamemethodNamemethodSig);
	}
	private void reportBug(ReportInfo info) {
				.addClass(this)
				.addMethod(this)
	}
New to GrepCode? Check out our FAQ X