Java Code Examples for org.apache.bcel.classfile.AnnotationEntry#getElementValuePairs()

The following examples show how to use org.apache.bcel.classfile.AnnotationEntry#getElementValuePairs() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: UnsafeJacksonDeserializationDetector.java    From Android_Code_Arbiter with GNU Lesser General Public License v3.0 6 votes vote down vote up 
private void analyzeField(Field field, JavaClass javaClass) {
    for (AnnotationEntry annotation : field.getAnnotationEntries())  {
        if (ANNOTATION_TYPES.contains(annotation.getAnnotationType()) ||
                annotation.getAnnotationType().contains("JsonTypeInfo")) {
            for (ElementValuePair elementValuePair : annotation.getElementValuePairs()) {
                if ("use".equals((elementValuePair.getNameString())) &&
                        VULNERABLE_USE_NAMES.contains(elementValuePair.getValue().stringifyValue())) {
                    bugReporter.reportBug(new BugInstance(this, DESERIALIZATION_TYPE, HIGH_PRIORITY)
                            .addClass(javaClass)
                            .addString(javaClass.getClassName() + " on field " +
                                    field.getName() + " of type " + field.getType() +
                                    " annotated with " + annotation.toShortString())
                            .addField(FieldAnnotation.fromBCELField(javaClass, field))
                            .addString("")
                    );
                }
            }
        }
    }
}
Example 2
Source File: AnnotationVisitor.java    From spotbugs with GNU Lesser General Public License v2.1 6 votes vote down vote up 
@Override
public void visitAnnotation(Annotations arg0) {
    for (AnnotationEntry ae : arg0.getAnnotationEntries()) {
        boolean runtimeVisible = ae.isRuntimeVisible();
        String name = ClassName.fromFieldSignature(ae.getAnnotationType());
        if (name == null) {
            continue;
        }
        name = ClassName.toDottedClassName(name);
        Map<String, ElementValue> map = new HashMap<>();
        for (ElementValuePair ev : ae.getElementValuePairs()) {
            map.put(ev.getNameString(), ev.getValue());
        }
        visitAnnotation(name, map, runtimeVisible);

    }

}
Example 3
Source File: FieldAnnotationsTestCase.java    From commons-bcel with Apache License 2.0 6 votes vote down vote up 
private void checkAnnotationEntry(final AnnotationEntry a, final String name, final String elementname,
        final String elementvalue)
{
    assertTrue("Expected AnnotationEntry to have name " + name
            + " but it had name " + a.getAnnotationType(), a.getAnnotationType()
            .equals(name));
    assertTrue("Expected AnnotationEntry to have one element but it had "
            + a.getElementValuePairs().length, a.getElementValuePairs().length == 1);
    final ElementValuePair envp = a.getElementValuePairs()[0];
    assertTrue("Expected element name " + elementname + " but was "
            + envp.getNameString(), elementname
            .equals(envp.getNameString()));
    assertTrue("Expected element value " + elementvalue + " but was "
            + envp.getValue().stringifyValue(), elementvalue.equals(envp
            .getValue().stringifyValue()));
}
Example 4
Source File: FieldAnnotationsTestCase.java    From commons-bcel with Apache License 2.0 6 votes vote down vote up 
public void checkValue(final AnnotationEntry a, final String name, final String tostring)
{
    for (int i = 0; i < a.getElementValuePairs().length; i++)
    {
        final ElementValuePair element = a.getElementValuePairs()[i];
        if (element.getNameString().equals(name))
        {
            if (!element.getValue().stringifyValue().equals(tostring))
            {
                fail("Expected element " + name + " to have value "
                        + tostring + " but it had value "
                        + element.getValue().stringifyValue());
            }
            return;
        }
    }
    fail("Didnt find named element " + name);
}
Example 5
Source File: SpringCsrfUnrestrictedRequestMappingDetector.java    From Android_Code_Arbiter with GNU Lesser General Public License v3.0 5 votes vote down vote up 
private static ElementValuePair findMethodAnnotationAttribute(AnnotationEntry requestMappingAnnotation) {
    for (ElementValuePair elementValuePair : requestMappingAnnotation.getElementValuePairs()) {
        if (METHOD_ANNOTATION_ATTRIBUTE_KEY.equals(elementValuePair.getNameString())) {
            return elementValuePair;
        }
    }
    return null;
}
Example 6
Source File: AnnotationVisitor.java    From spotbugs with GNU Lesser General Public License v2.1 5 votes vote down vote up 
@Override
public void visitParameterAnnotation(ParameterAnnotations arg0) {
    ParameterAnnotationEntry[] parameterAnnotationEntries = arg0.getParameterAnnotationEntries();
    int numParametersToMethod = getNumberMethodArguments();
    int offset = 0;
    if (numParametersToMethod > parameterAnnotationEntries.length) {
        offset = 1;
    }
    for (int i = 0; i < parameterAnnotationEntries.length; i++) {
        ParameterAnnotationEntry e = parameterAnnotationEntries[i];
        for (AnnotationEntry ae : e.getAnnotationEntries()) {
            boolean runtimeVisible = ae.isRuntimeVisible();

            String name = ClassName.fromFieldSignature(ae.getAnnotationType());
            if (name == null) {
                continue;
            }
            name = ClassName.toDottedClassName(name);
            Map<String, ElementValue> map = new HashMap<>();
            for (ElementValuePair ev : ae.getElementValuePairs()) {
                map.put(ev.getNameString(), ev.getValue());
            }
            visitParameterAnnotation(offset + i, name, map, runtimeVisible);

        }
    }
}
Example 7
Source File: CheckReturnAnnotationDatabase.java    From spotbugs with GNU Lesser General Public License v2.1 5 votes vote down vote up 
private CheckReturnValueAnnotation createJSR305Annotation(AnnotationEntry entry) {
    for (ElementValuePair pair : entry.getElementValuePairs()) {
        if (pair.getNameString().equals("when")) {
            return CheckReturnValueAnnotation.createFor(When.valueOf(pair.getValue().stringifyValue()));
        }
    }
    // use default value
    return CheckReturnValueAnnotation.createFor(When.ALWAYS);
}
Example 8
Source File: CheckReturnAnnotationDatabase.java    From spotbugs with GNU Lesser General Public License v2.1 5 votes vote down vote up 
private CheckReturnValueAnnotation createSpotBugsAnnotation(AnnotationEntry entry) {
    for (ElementValuePair pair : entry.getElementValuePairs()) {
        if (pair.getNameString().equals("confidence")) {
            return CheckReturnValueAnnotation.parse(pair.getValue().stringifyValue());
        }
    }
    // use default value
    return CheckReturnValueAnnotation.parse(Confidence.MEDIUM.name());
}
Example 9
Source File: GeneratingAnnotatedClassesTestCase.java    From commons-bcel with Apache License 2.0 5 votes vote down vote up 
private void assertArrayElementValue(final int nExpectedArrayValues, final AnnotationEntry anno)
{
    final ElementValuePair elementValuePair = anno.getElementValuePairs()[0];
    assertEquals("value", elementValuePair.getNameString());
    final ArrayElementValue ev = (ArrayElementValue) elementValuePair.getValue();
    final ElementValue[] eva = ev.getElementValuesArray();
    assertEquals(nExpectedArrayValues, eva.length);
}
Example 10
Source File: GeneratingAnnotatedClassesTestCase.java    From commons-bcel with Apache License 2.0 5 votes vote down vote up 
private void assertSimpleElementValue(final AnnotationEntry anno)
{
    final ElementValuePair elementValuePair = anno.getElementValuePairs()[0];
    assertEquals("id", elementValuePair.getNameString());
    final SimpleElementValue ev = (SimpleElementValue)elementValuePair.getValue();
    assertEquals(42, ev.getValueInt());
}