Java Code Examples for org.apache.bcel.generic.MethodGen#getClassName()
The following examples show how to use
org.apache.bcel.generic.MethodGen#getClassName() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SourceLineAnnotation.java From spotbugs with GNU Lesser General Public License v2.1 | 6 votes |
|
/**
* Factory method for creating a source line annotation describing the
* source line number for a visited instruction.
*
* @param classContext
* the ClassContext
* @param methodGen
* the MethodGen object representing the method
* @param handle
* the InstructionHandle containing the visited instruction
* @return the SourceLineAnnotation, or null if we do not have line number
* information for the instruction
*/
@Nonnull
public static SourceLineAnnotation fromVisitedInstruction(ClassContext classContext, MethodGen methodGen, String sourceFile,
@Nonnull InstructionHandle handle) {
LineNumberTable table = methodGen.getLineNumberTable(methodGen.getConstantPool());
String className = methodGen.getClassName();
int bytecodeOffset = handle.getPosition();
if (table == null) {
return createUnknown(className, sourceFile, bytecodeOffset, bytecodeOffset);
}
int lineNumber = table.getSourceLine(handle.getPosition());
return new SourceLineAnnotation(className, sourceFile, lineNumber, lineNumber, bytecodeOffset, bytecodeOffset);
}
Example 2
| Source File: SourceLineAnnotation.java From spotbugs with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* Factory method for creating a source line annotation describing an entire
* method.
*
* @param methodGen
* the method being visited
* @return the SourceLineAnnotation, or null if we do not have line number
* information for the method
*/
public static SourceLineAnnotation fromVisitedMethod(MethodGen methodGen, String sourceFile) {
LineNumberTable lineNumberTable = methodGen.getLineNumberTable(methodGen.getConstantPool());
String className = methodGen.getClassName();
int codeSize = methodGen.getInstructionList().getLength();
if (lineNumberTable == null) {
return createUnknown(className, sourceFile, 0, codeSize - 1);
}
return forEntireMethod(className, sourceFile, lineNumberTable, codeSize);
}
Example 3
| Source File: SourceLineAnnotation.java From spotbugs with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* Factory method for creating a source line annotation describing the
* source line numbers for a range of instruction in a method.
*
* @param classContext
* theClassContext
* @param methodGen
* the method
* @param start
* the start instruction
* @param end
* the end instruction (inclusive)
*/
public static SourceLineAnnotation fromVisitedInstructionRange(ClassContext classContext, MethodGen methodGen,
String sourceFile, InstructionHandle start, InstructionHandle end) {
LineNumberTable lineNumberTable = methodGen.getLineNumberTable(methodGen.getConstantPool());
String className = methodGen.getClassName();
if (lineNumberTable == null) {
return createUnknown(className, sourceFile, start.getPosition(), end.getPosition());
}
int startLine = lineNumberTable.getSourceLine(start.getPosition());
int endLine = lineNumberTable.getSourceLine(end.getPosition());
return new SourceLineAnnotation(className, sourceFile, startLine, endLine, start.getPosition(), end.getPosition());
}
Example 4
| Source File: XFactory.java From spotbugs with GNU Lesser General Public License v2.1 | 5 votes |
|
public static XMethod createXMethod(MethodGen methodGen) {
String className = methodGen.getClassName();
String methodName = methodGen.getName();
String methodSig = methodGen.getSignature();
int accessFlags = methodGen.getAccessFlags();
return createXMethod(className, methodName, methodSig, accessFlags);
}
Example 5
| Source File: FindUseOfNonSerializableValue.java From spotbugs with GNU Lesser General Public License v2.1 | 4 votes |
|
private void analyzeMethod(ClassContext classContext, Method method) throws CFGBuilderException, DataflowAnalysisException {
MethodGen methodGen = classContext.getMethodGen(method);
if (methodGen == null) {
return;
}
BitSet bytecodeSet = classContext.getBytecodeSet(method);
if (bytecodeSet == null) {
return;
}
// We don't adequately model instanceof interfaces yet
if (bytecodeSet.get(Const.INSTANCEOF) || bytecodeSet.get(Const.CHECKCAST)) {
return;
}
CFG cfg = classContext.getCFG(method);
TypeDataflow typeDataflow = classContext.getTypeDataflow(method);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
String sourceFile = classContext.getJavaClass().getSourceFileName();
if (DEBUG) {
String methodName = methodGen.getClassName() + "." + methodGen.getName();
System.out.println("Checking " + methodName);
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
InstructionHandle handle = location.getHandle();
Instruction ins = handle.getInstruction();
Use use = getUse(cpg, ins);
if (use == null) {
continue;
}
TypeFrame frame = typeDataflow.getFactAtLocation(location);
if (!frame.isValid()) {
// This basic block is probably dead
continue;
}
Type operandType = frame.getTopValue();
if (operandType.equals(TopType.instance())) {
// unreachable
continue;
}
if (!(operandType instanceof ReferenceType)) {
// Shouldn't happen - illegal bytecode
continue;
}
ReferenceType refType = (ReferenceType) operandType;
if (refType.equals(NullType.instance())) {
continue;
}
try {
double isSerializable = DeepSubtypeAnalysis.isDeepSerializable(refType);
if (isSerializable < 0.9) {
SourceLineAnnotation sourceLineAnnotation = SourceLineAnnotation.fromVisitedInstruction(classContext,
methodGen, sourceFile, handle);
ReferenceType problem = DeepSubtypeAnalysis.getLeastSerializableTypeComponent(refType);
String pattern;
switch (use) {
case PASSED_TO_WRITE_OBJECT:
pattern = "DMI_NONSERIALIZABLE_OBJECT_WRITTEN";
double isRemote = DeepSubtypeAnalysis.isDeepRemote(refType);
if (isRemote >= 0.9) {
continue;
}
if (isSerializable < isRemote) {
isSerializable = isRemote;
}
break;
case STORE_INTO_HTTP_SESSION:
pattern = "J2EE_STORE_OF_NON_SERIALIZABLE_OBJECT_INTO_SESSION";
break;
default:
throw new IllegalStateException();
}
bugAccumulator.accumulateBug(new BugInstance(this, pattern,
isSerializable < 0.15 ? HIGH_PRIORITY : isSerializable > 0.5 ? LOW_PRIORITY : NORMAL_PRIORITY)
.addClassAndMethod(methodGen, sourceFile).addType(problem).describe(TypeAnnotation.FOUND_ROLE),
sourceLineAnnotation);
}
} catch (ClassNotFoundException e) {
// ignore
}
}
}
Example 6
| Source File: FindNonSerializableStoreIntoSession.java From spotbugs with GNU Lesser General Public License v2.1 | 4 votes |
|
private void analyzeMethod(ClassContext classContext, Method method) throws CFGBuilderException, DataflowAnalysisException {
MethodGen methodGen = classContext.getMethodGen(method);
if (methodGen == null) {
return;
}
BitSet bytecodeSet = classContext.getBytecodeSet(method);
if (bytecodeSet == null) {
return;
}
// We don't adequately model instanceof interfaces yet
if (bytecodeSet.get(Const.INSTANCEOF) || bytecodeSet.get(Const.CHECKCAST)) {
return;
}
CFG cfg = classContext.getCFG(method);
TypeDataflow typeDataflow = classContext.getTypeDataflow(method);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
String sourceFile = classContext.getJavaClass().getSourceFileName();
if (DEBUG) {
String methodName = methodGen.getClassName() + "." + methodGen.getName();
System.out.println("Checking " + methodName);
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
InstructionHandle handle = location.getHandle();
Instruction ins = handle.getInstruction();
if (!(ins instanceof INVOKEINTERFACE)) {
continue;
}
INVOKEINTERFACE invoke = (INVOKEINTERFACE) ins;
String mName = invoke.getMethodName(cpg);
if (!"setAttribute".equals(mName)) {
continue;
}
String cName = invoke.getClassName(cpg);
if (!"javax.servlet.http.HttpSession".equals(cName)) {
continue;
}
TypeFrame frame = typeDataflow.getFactAtLocation(location);
if (!frame.isValid()) {
// This basic block is probably dead
continue;
}
Type operandType = frame.getTopValue();
if (operandType.equals(TopType.instance())) {
// unreachable
continue;
}
if (!(operandType instanceof ReferenceType)) {
// Shouldn't happen - illegal bytecode
continue;
}
ReferenceType refType = (ReferenceType) operandType;
if (refType.equals(NullType.instance())) {
continue;
}
try {
double isSerializable = DeepSubtypeAnalysis.isDeepSerializable(refType);
if (isSerializable < 0.9) {
SourceLineAnnotation sourceLineAnnotation = SourceLineAnnotation.fromVisitedInstruction(classContext,
methodGen, sourceFile, handle);
ReferenceType problem = DeepSubtypeAnalysis.getLeastSerializableTypeComponent(refType);
bugAccumulator.accumulateBug(new BugInstance(this, "J2EE_STORE_OF_NON_SERIALIZABLE_OBJECT_INTO_SESSION",
isSerializable < 0.15 ? HIGH_PRIORITY : isSerializable > 0.5 ? LOW_PRIORITY : NORMAL_PRIORITY)
.addClassAndMethod(methodGen, sourceFile).addType(problem).describe(TypeAnnotation.FOUND_ROLE),
sourceLineAnnotation);
}
} catch (ClassNotFoundException e) {
// ignore
}
}
}
Example 7
| Source File: FindNonSerializableValuePassedToWriteObject.java From spotbugs with GNU Lesser General Public License v2.1 | 4 votes |
|
private void analyzeMethod(ClassContext classContext, Method method) throws CFGBuilderException, DataflowAnalysisException {
MethodGen methodGen = classContext.getMethodGen(method);
if (methodGen == null) {
return;
}
BitSet bytecodeSet = classContext.getBytecodeSet(method);
if (bytecodeSet == null) {
return;
}
// We don't adequately model instanceof interfaces yet
if (bytecodeSet.get(Const.INSTANCEOF) || bytecodeSet.get(Const.CHECKCAST)) {
return;
}
CFG cfg = classContext.getCFG(method);
TypeDataflow typeDataflow = classContext.getTypeDataflow(method);
ConstantPoolGen cpg = classContext.getConstantPoolGen();
String sourceFile = classContext.getJavaClass().getSourceFileName();
if (DEBUG) {
String methodName = methodGen.getClassName() + "." + methodGen.getName();
System.out.println("Checking " + methodName);
}
for (Iterator<Location> i = cfg.locationIterator(); i.hasNext();) {
Location location = i.next();
InstructionHandle handle = location.getHandle();
Instruction ins = handle.getInstruction();
if (!(ins instanceof InvokeInstruction)) {
continue;
}
InvokeInstruction invoke = (InvokeInstruction) ins;
String mName = invoke.getMethodName(cpg);
if (!"writeObject".equals(mName)) {
continue;
}
String cName = invoke.getClassName(cpg);
if (!"java.io.ObjectOutput".equals(cName) && !"java.io.ObjectOutputStream".equals(cName)) {
continue;
}
TypeFrame frame = typeDataflow.getFactAtLocation(location);
if (!frame.isValid()) {
// This basic block is probably dead
continue;
}
Type operandType = frame.getTopValue();
if (operandType.equals(TopType.instance())) {
// unreachable
continue;
}
if (!(operandType instanceof ReferenceType)) {
// Shouldn't happen - illegal bytecode
continue;
}
ReferenceType refType = (ReferenceType) operandType;
if (refType.equals(NullType.instance())) {
continue;
}
try {
double isSerializable = DeepSubtypeAnalysis.isDeepSerializable(refType);
if (isSerializable >= 0.9) {
continue;
}
ReferenceType problem = DeepSubtypeAnalysis.getLeastSerializableTypeComponent(refType);
double isRemote = DeepSubtypeAnalysis.isDeepRemote(refType);
if (isRemote >= 0.9) {
continue;
}
if (isSerializable < isRemote) {
isSerializable = isRemote;
}
SourceLineAnnotation sourceLineAnnotation = SourceLineAnnotation.fromVisitedInstruction(classContext,
methodGen, sourceFile, handle);
bugReporter.reportBug(new BugInstance(this, "DMI_NONSERIALIZABLE_OBJECT_WRITTEN",
isSerializable < 0.15 ? HIGH_PRIORITY : isSerializable > 0.5 ? LOW_PRIORITY : NORMAL_PRIORITY)
.addClassAndMethod(methodGen, sourceFile).addType(problem).describe(TypeAnnotation.FOUND_ROLE)
.addSourceLine(sourceLineAnnotation));
} catch (ClassNotFoundException e) {
// ignore
}
}
}
Example 8
| Source File: ASTFunAppl.java From commons-bcel with Apache License 2.0 | 4 votes |
|
/**
* Fifth pass, produce Java byte code.
*/
@Override
public void byte_code(final InstructionList il, final MethodGen method, final ConstantPoolGen cp) {
final String fname = name.getName();
// Function f = function;
//ASTIdent fun = f.getName();
// ASTIdent[] args = f.getArgs();
final String class_name = method.getClassName();
if(fname.equals("READ")) {
il.append(new INVOKESTATIC(cp.addMethodref(class_name,
"_readInt",
"()I")));
} else if(fname.equals("WRITE")) {
exprs[0].byte_code(il, method, cp);
ASTFunDecl.pop();
il.append(new INVOKESTATIC(cp.addMethodref(class_name,
"_writeInt",
"(I)I")));
}
else { // Normal function
final int size = exprs.length;
Type[] argv = null;
if(exprs != null) {
argv = new Type[size];
for(int i=0; i < size; i++) {
argv[i] = Type.INT;
exprs[i].byte_code(il, method, cp);
}
//ASTFunDecl.push(size);
}
ASTFunDecl.pop(size);
// Function call
il.append(new INVOKESTATIC(cp.addMethodref(class_name,
fname,
Type.getMethodSignature(Type.INT,
argv))));
}
ASTFunDecl.push();
}
Example 9
| Source File: BugInstance.java From spotbugs with GNU Lesser General Public License v2.1 | 3 votes |
|
/**
* Add a method annotation. If this is the first method annotation added, it
* becomes the primary method annotation. If the method has source line
* information, then a SourceLineAnnotation is added to the method.
*
* @param methodGen
* the MethodGen object for the method
* @param sourceFile
* source file method is defined in
* @return this object
*/
@Nonnull
public BugInstance addMethod(MethodGen methodGen, String sourceFile) {
String className = methodGen.getClassName();
MethodAnnotation methodAnnotation = new MethodAnnotation(className, methodGen.getName(), methodGen.getSignature(),
methodGen.isStatic());
addMethod(methodAnnotation);
addSourceLinesForMethod(methodAnnotation, SourceLineAnnotation.fromVisitedMethod(methodGen, sourceFile));
return this;
}
