org.apache.bcel.verifier.VerificationResult Java Examples
The following examples show how to use
org.apache.bcel.verifier.VerificationResult.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ParserTest.java From JQF with BSD 2-Clause "Simplified" License | 6 votes |
@Fuzz public void verifyJavaClass(@From(JavaClassGenerator.class) JavaClass javaClass) throws IOException { try { Repository.addClass(javaClass); Verifier verifier = StatelessVerifierFactory.getVerifier(javaClass.getClassName()); VerificationResult result; result = verifier.doPass1(); assumeThat(result.getMessage(), result.getStatus(), is(VerificationResult.VERIFIED_OK)); result = verifier.doPass2(); assumeThat(result.getMessage(), result.getStatus(), is(VerificationResult.VERIFIED_OK)); for (int i = 0; i < javaClass.getMethods().length; i++) { result = verifier.doPass3a(i); assumeThat(result.getMessage(), result.getStatus(), is(VerificationResult.VERIFIED_OK)); } } finally { Repository.clearCache(); } }
Example #2
Source File: InstConstraintVisitor.java From commons-bcel with Apache License 2.0 | 6 votes |
/** * Ensures the general preconditions of a FieldInstruction instance. */ @Override public void visitFieldInstruction(final FieldInstruction o) { // visitLoadClass(o) has been called before: Every FieldOrMethod // implements LoadClass. // visitCPInstruction(o) has been called before. // A FieldInstruction may be: GETFIELD, GETSTATIC, PUTFIELD, PUTSTATIC final Constant c = cpg.getConstant(o.getIndex()); if (!(c instanceof ConstantFieldref)) { constraintViolated(o, "Index '"+o.getIndex()+"' should refer to a CONSTANT_Fieldref_info structure, but refers to '"+c+"'."); } // the o.getClassType(cpg) type has passed pass 2; see visitLoadClass(o). final Type t = o.getType(cpg); if (t instanceof ObjectType) { final String name = ((ObjectType)t).getClassName(); final Verifier v = VerifierFactory.getVerifier( name ); final VerificationResult vr = v.doPass2(); if (vr.getStatus() != VerificationResult.VERIFIED_OK) { constraintViolated(o, "Class '"+name+"' is referenced, but cannot be loaded and resolved: '"+vr+"'."); } } }
Example #3
Source File: Pass3aVerifier.java From commons-bcel with Apache License 2.0 | 5 votes |
/** * Assures the generic preconditions of a LoadClass instance. * The referenced class is loaded and pass2-verified. */ @Override public void visitLoadClass(final LoadClass loadClass) { final ObjectType t = loadClass.getLoadClassType(constantPoolGen); if (t != null) {// null means "no class is loaded" final Verifier v = VerifierFactory.getVerifier(t.getClassName()); final VerificationResult vr = v.doPass1(); if (vr.getStatus() != VerificationResult.VERIFIED_OK) { constraintViolated((Instruction) loadClass, "Class '"+loadClass.getLoadClassType(constantPoolGen).getClassName()+"' is referenced, but cannot be loaded: '"+vr+"'."); } } }
Example #4
Source File: Pass2Verifier.java From commons-bcel with Apache License 2.0 | 5 votes |
/** * Returns a LocalVariablesInfo object containing information * about the usage of the local variables in the Code attribute * of the said method or <B>null</B> if the class file this * Pass2Verifier operates on could not be pass-2-verified correctly. * The method number method_nr is the method you get using * <B>Repository.lookupClass(myOwner.getClassname()).getMethods()[method_nr];</B>. * You should not add own information. Leave that to JustIce. */ public LocalVariablesInfo getLocalVariablesInfo(final int methodNr) { if (this.verify() != VerificationResult.VR_OK) { return null; // It's cached, don't worry. } if (methodNr < 0 || methodNr >= localVariablesInfos.length) { throw new AssertionViolatedException("Method number out of range."); } return localVariablesInfos[methodNr]; }
Example #5
Source File: InstConstraintVisitor.java From commons-bcel with Apache License 2.0 | 5 votes |
/** * Assures the generic preconditions of a LoadClass instance. * The referenced class is loaded and pass2-verified. */ @Override public void visitLoadClass(final LoadClass o) { final ObjectType t = o.getLoadClassType(cpg); if (t != null) {// null means "no class is loaded" final Verifier v = VerifierFactory.getVerifier(t.getClassName()); final VerificationResult vr = v.doPass2(); if (vr.getStatus() != VerificationResult.VERIFIED_OK) { constraintViolated((Instruction) o, "Class '"+o.getLoadClassType(cpg).getClassName()+ "' is referenced, but cannot be loaded and resolved: '"+vr+"'."); } } }
Example #6
Source File: Pass2Verifier.java From commons-bcel with Apache License 2.0 | 4 votes |
/** * Ensures that every class has a super class and that * <B>final</B> classes are not subclassed. * This means, the class this Pass2Verifier operates * on has proper super classes (transitively) up to * java.lang.Object. * The reason for really loading (and Pass1-verifying) * all of those classes here is that we need them in * Pass2 anyway to verify no final methods are overridden * (that could be declared anywhere in the ancestor hierarchy). * * @throws ClassConstraintException otherwise. */ private void every_class_has_an_accessible_superclass() { try { final Set<String> hs = new HashSet<>(); // save class names to detect circular inheritance JavaClass jc = Repository.lookupClass(myOwner.getClassName()); int supidx = -1; while (supidx != 0) { supidx = jc.getSuperclassNameIndex(); if (supidx == 0) { if (jc != Repository.lookupClass(Type.OBJECT.getClassName())) { throw new ClassConstraintException("Superclass of '"+jc.getClassName()+ "' missing but not "+Type.OBJECT.getClassName()+" itself!"); } } else{ final String supername = jc.getSuperclassName(); if (! hs.add(supername)) { // If supername already is in the list throw new ClassConstraintException("Circular superclass hierarchy detected."); } final Verifier v = VerifierFactory.getVerifier(supername); final VerificationResult vr = v.doPass1(); if (vr != VerificationResult.VR_OK) { throw new ClassConstraintException("Could not load in ancestor class '"+supername+"'."); } jc = Repository.lookupClass(supername); if (jc.isFinal()) { throw new ClassConstraintException("Ancestor class '"+supername+ "' has the FINAL access modifier and must therefore not be subclassed."); } } } } catch (final ClassNotFoundException e) { // FIXME: this might not be the best way to handle missing classes. throw new AssertionViolatedException("Missing class: " + e, e); } }
Example #7
Source File: InstConstraintVisitor.java From commons-bcel with Apache License 2.0 | 4 votes |
/** * Ensures the specific preconditions of the said instruction. */ @Override public void visitINVOKEINTERFACE(final INVOKEINTERFACE o) { // Method is not native, otherwise pass 3 would not happen. final int count = o.getCount(); if (count == 0) { constraintViolated(o, "The 'count' argument must not be 0."); } // It is a ConstantInterfaceMethodref, Pass 3a made it sure. // TODO: Do we want to do anything with it? //ConstantInterfaceMethodref cimr = (ConstantInterfaceMethodref) (cpg.getConstant(o.getIndex())); // the o.getClassType(cpg) type has passed pass 2; see visitLoadClass(o). final Type t = o.getType(cpg); if (t instanceof ObjectType) { final String name = ((ObjectType)t).getClassName(); final Verifier v = VerifierFactory.getVerifier( name ); final VerificationResult vr = v.doPass2(); if (vr.getStatus() != VerificationResult.VERIFIED_OK) { constraintViolated(o, "Class '"+name+"' is referenced, but cannot be loaded and resolved: '"+vr+"'."); } } final Type[] argtypes = o.getArgumentTypes(cpg); final int nargs = argtypes.length; for (int i=nargs-1; i>=0; i--) { final Type fromStack = stack().peek( (nargs-1) - i ); // 0 to nargs-1 Type fromDesc = argtypes[i]; if (fromDesc == Type.BOOLEAN || fromDesc == Type.BYTE || fromDesc == Type.CHAR || fromDesc == Type.SHORT) { fromDesc = Type.INT; } if (! fromStack.equals(fromDesc)) { if (fromStack instanceof ReferenceType && fromDesc instanceof ReferenceType) { final ReferenceType rFromStack = (ReferenceType) fromStack; //ReferenceType rFromDesc = (ReferenceType) fromDesc; // TODO: This can only be checked when using Staerk-et-al's "set of object types" // instead of a "wider cast object type" created during verification. //if ( ! rFromStack.isAssignmentCompatibleWith(rFromDesc) ) { // constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+ // "' on the stack (which is not assignment compatible)."); //} referenceTypeIsInitialized(o, rFromStack); } else{ constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+"' on the stack."); } } } Type objref = stack().peek(nargs); if (objref == Type.NULL) { return; } if (! (objref instanceof ReferenceType) ) { constraintViolated(o, "Expecting a reference type as 'objectref' on the stack, not a '"+objref+"'."); } referenceTypeIsInitialized(o, (ReferenceType) objref); if (!(objref instanceof ObjectType)) { if (!(objref instanceof ArrayType)) { // could be a ReturnaddressType constraintViolated(o, "Expecting an ObjectType as 'objectref' on the stack, not a '"+objref+"'."); } else{ objref = GENERIC_ARRAY; } } // String objref_classname = ((ObjectType) objref).getClassName(); // String theInterface = o.getClassName(cpg); // TODO: This can only be checked if we're using Staerk-et-al's "set of object types" // instead of "wider cast object types" generated during verification. //if ( ! Repository.implementationOf(objref_classname, theInterface) ) { // constraintViolated(o, "The 'objref' item '"+objref+"' does not implement '"+theInterface+"' as expected."); //} int counted_count = 1; // 1 for the objectref for (int i=0; i<nargs; i++) { counted_count += argtypes[i].getSize(); } if (count != counted_count) { constraintViolated(o, "The 'count' argument should probably read '"+counted_count+"' but is '"+count+"'."); } }
Example #8
Source File: InstConstraintVisitor.java From commons-bcel with Apache License 2.0 | 4 votes |
/** * Ensures the specific preconditions of the said instruction. */ @Override public void visitINVOKESPECIAL(final INVOKESPECIAL o) { try { // Don't init an object twice. if ( (o.getMethodName(cpg).equals(Const.CONSTRUCTOR_NAME)) && (!(stack().peek(o.getArgumentTypes(cpg).length) instanceof UninitializedObjectType)) ) { constraintViolated(o, "Possibly initializing object twice."+ " A valid instruction sequence must not have an uninitialized object on the operand stack or in a local variable"+ " during a backwards branch, or in a local variable in code protected by an exception handler."+ " Please see The Java Virtual Machine Specification, Second Edition, 4.9.4 (pages 147 and 148) for details."); } // the o.getClassType(cpg) type has passed pass 2; see visitLoadClass(o). final Type t = o.getType(cpg); if (t instanceof ObjectType) { final String name = ((ObjectType)t).getClassName(); final Verifier v = VerifierFactory.getVerifier( name ); final VerificationResult vr = v.doPass2(); if (vr.getStatus() != VerificationResult.VERIFIED_OK) { constraintViolated(o, "Class '"+name+"' is referenced, but cannot be loaded and resolved: '"+vr+"'."); } } final Type[] argtypes = o.getArgumentTypes(cpg); final int nargs = argtypes.length; for (int i=nargs-1; i>=0; i--) { final Type fromStack = stack().peek( (nargs-1) - i ); // 0 to nargs-1 Type fromDesc = argtypes[i]; if (fromDesc == Type.BOOLEAN || fromDesc == Type.BYTE || fromDesc == Type.CHAR || fromDesc == Type.SHORT) { fromDesc = Type.INT; } if (! fromStack.equals(fromDesc)) { if (fromStack instanceof ReferenceType && fromDesc instanceof ReferenceType) { final ReferenceType rFromStack = (ReferenceType) fromStack; final ReferenceType rFromDesc = (ReferenceType) fromDesc; // TODO: This can only be checked using Staerk-et-al's "set of object types", not // using a "wider cast object type". if ( ! rFromStack.isAssignmentCompatibleWith(rFromDesc) ) { constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+ "' on the stack (which is not assignment compatible)."); } referenceTypeIsInitialized(o, rFromStack); } else{ constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+"' on the stack."); } } } Type objref = stack().peek(nargs); if (objref == Type.NULL) { return; } if (! (objref instanceof ReferenceType) ) { constraintViolated(o, "Expecting a reference type as 'objectref' on the stack, not a '"+objref+"'."); } String objref_classname = null; if ( !(o.getMethodName(cpg).equals(Const.CONSTRUCTOR_NAME))) { referenceTypeIsInitialized(o, (ReferenceType) objref); if (!(objref instanceof ObjectType)) { if (!(objref instanceof ArrayType)) { // could be a ReturnaddressType constraintViolated(o, "Expecting an ObjectType as 'objectref' on the stack, not a '"+objref+"'."); } else{ objref = GENERIC_ARRAY; } } objref_classname = ((ObjectType) objref).getClassName(); } else{ if (!(objref instanceof UninitializedObjectType)) { constraintViolated(o, "Expecting an UninitializedObjectType as 'objectref' on the stack, not a '"+objref+ "'. Otherwise, you couldn't invoke a method since an array has no methods (not to speak of a return address)."); } objref_classname = ((UninitializedObjectType) objref).getInitialized().getClassName(); } final String theClass = o.getClassName(cpg); if ( ! Repository.instanceOf(objref_classname, theClass) ) { constraintViolated(o, "The 'objref' item '"+objref+"' does not implement '"+theClass+"' as expected."); } } catch (final ClassNotFoundException e) { // FIXME: maybe not the best way to handle this throw new AssertionViolatedException("Missing class: " + e, e); } }
Example #9
Source File: InstConstraintVisitor.java From commons-bcel with Apache License 2.0 | 4 votes |
/** * Ensures the specific preconditions of the said instruction. */ @Override public void visitINVOKESTATIC(final INVOKESTATIC o) { try { // Method is not native, otherwise pass 3 would not happen. final Type t = o.getType(cpg); if (t instanceof ObjectType) { final String name = ((ObjectType)t).getClassName(); final Verifier v = VerifierFactory.getVerifier( name ); final VerificationResult vr = v.doPass2(); if (vr.getStatus() != VerificationResult.VERIFIED_OK) { constraintViolated(o, "Class '"+name+"' is referenced, but cannot be loaded and resolved: '"+vr+"'."); } } final Type[] argtypes = o.getArgumentTypes(cpg); final int nargs = argtypes.length; for (int i=nargs-1; i>=0; i--) { final Type fromStack = stack().peek( (nargs-1) - i ); // 0 to nargs-1 Type fromDesc = argtypes[i]; if (fromDesc == Type.BOOLEAN || fromDesc == Type.BYTE || fromDesc == Type.CHAR || fromDesc == Type.SHORT) { fromDesc = Type.INT; } if (! fromStack.equals(fromDesc)) { if (fromStack instanceof ReferenceType && fromDesc instanceof ReferenceType) { final ReferenceType rFromStack = (ReferenceType) fromStack; final ReferenceType rFromDesc = (ReferenceType) fromDesc; // TODO: This check can possibly only be done using Staerk-et-al's "set of object types" // instead of a "wider cast object type" created during verification. if ( ! rFromStack.isAssignmentCompatibleWith(rFromDesc) ) { constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+ "' on the stack (which is not assignment compatible)."); } referenceTypeIsInitialized(o, rFromStack); } else{ constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+"' on the stack."); } } } } catch (final ClassNotFoundException e) { // FIXME: maybe not the best way to handle this throw new AssertionViolatedException("Missing class: " + e, e); } }
Example #10
Source File: InstConstraintVisitor.java From commons-bcel with Apache License 2.0 | 4 votes |
/** * Ensures the specific preconditions of the said instruction. */ @Override public void visitINVOKEVIRTUAL(final INVOKEVIRTUAL o) { try { // the o.getClassType(cpg) type has passed pass 2; see visitLoadClass(o). final Type t = o.getType(cpg); if (t instanceof ObjectType) { final String name = ((ObjectType)t).getClassName(); final Verifier v = VerifierFactory.getVerifier( name ); final VerificationResult vr = v.doPass2(); if (vr.getStatus() != VerificationResult.VERIFIED_OK) { constraintViolated(o, "Class '"+name+"' is referenced, but cannot be loaded and resolved: '"+vr+"'."); } } final Type[] argtypes = o.getArgumentTypes(cpg); final int nargs = argtypes.length; for (int i=nargs-1; i>=0; i--) { final Type fromStack = stack().peek( (nargs-1) - i ); // 0 to nargs-1 Type fromDesc = argtypes[i]; if (fromDesc == Type.BOOLEAN || fromDesc == Type.BYTE || fromDesc == Type.CHAR || fromDesc == Type.SHORT) { fromDesc = Type.INT; } if (! fromStack.equals(fromDesc)) { if (fromStack instanceof ReferenceType && fromDesc instanceof ReferenceType) { final ReferenceType rFromStack = (ReferenceType) fromStack; final ReferenceType rFromDesc = (ReferenceType) fromDesc; // TODO: This can possibly only be checked when using Staerk-et-al's "set of object types" instead // of a single "wider cast object type" created during verification. if ( ! rFromStack.isAssignmentCompatibleWith(rFromDesc) ) { constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+ "' on the stack (which is not assignment compatible)."); } referenceTypeIsInitialized(o, rFromStack); } else{ constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+"' on the stack."); } } } Type objref = stack().peek(nargs); if (objref == Type.NULL) { return; } if (! (objref instanceof ReferenceType) ) { constraintViolated(o, "Expecting a reference type as 'objectref' on the stack, not a '"+objref+"'."); } referenceTypeIsInitialized(o, (ReferenceType) objref); if (!(objref instanceof ObjectType)) { if (!(objref instanceof ArrayType)) { // could be a ReturnaddressType constraintViolated(o, "Expecting an ObjectType as 'objectref' on the stack, not a '"+objref+"'."); } else{ objref = GENERIC_ARRAY; } } final String objref_classname = ((ObjectType) objref).getClassName(); final String theClass = o.getClassName(cpg); if ( ! Repository.instanceOf(objref_classname, theClass) ) { constraintViolated(o, "The 'objref' item '"+objref+"' does not implement '"+theClass+"' as expected."); } } catch (final ClassNotFoundException e) { // FIXME: maybe not the best way to handle this throw new AssertionViolatedException("Missing class: " + e, e); } }
Example #11
Source File: Pass3bVerifier.java From commons-bcel with Apache License 2.0 | 4 votes |
/** * Pass 3b implements the data flow analysis as described in the Java Virtual * Machine Specification, Second Edition. * Later versions will use LocalVariablesInfo objects to verify if the * verifier-inferred types and the class file's debug information (LocalVariables * attributes) match [TODO]. * * @see org.apache.bcel.verifier.statics.LocalVariablesInfo * @see org.apache.bcel.verifier.statics.Pass2Verifier#getLocalVariablesInfo(int) */ @Override public VerificationResult do_verify() { if (! myOwner.doPass3a(methodNo).equals(VerificationResult.VR_OK)) { return VerificationResult.VR_NOTYET; } // Pass 3a ran before, so it's safe to assume the JavaClass object is // in the BCEL repository. JavaClass jc; try { jc = Repository.lookupClass(myOwner.getClassName()); } catch (final ClassNotFoundException e) { // FIXME: maybe not the best way to handle this throw new AssertionViolatedException("Missing class: " + e, e); } final ConstantPoolGen constantPoolGen = new ConstantPoolGen(jc.getConstantPool()); // Init Visitors final InstConstraintVisitor icv = new InstConstraintVisitor(); icv.setConstantPoolGen(constantPoolGen); final ExecutionVisitor ev = new ExecutionVisitor(); ev.setConstantPoolGen(constantPoolGen); final Method[] methods = jc.getMethods(); // Method no "methodNo" exists, we ran Pass3a before on it! try{ final MethodGen mg = new MethodGen(methods[methodNo], myOwner.getClassName(), constantPoolGen); icv.setMethodGen(mg); ////////////// DFA BEGINS HERE //////////////// if (! (mg.isAbstract() || mg.isNative()) ) { // IF mg HAS CODE (See pass 2) final ControlFlowGraph cfg = new ControlFlowGraph(mg); // Build the initial frame situation for this method. final Frame f = new Frame(mg.getMaxLocals(),mg.getMaxStack()); if ( !mg.isStatic() ) { if (mg.getName().equals(Const.CONSTRUCTOR_NAME)) { Frame.setThis(new UninitializedObjectType(ObjectType.getInstance(jc.getClassName()))); f.getLocals().set(0, Frame.getThis()); } else{ Frame.setThis(null); f.getLocals().set(0, ObjectType.getInstance(jc.getClassName())); } } final Type[] argtypes = mg.getArgumentTypes(); int twoslotoffset = 0; for (int j=0; j<argtypes.length; j++) { if (argtypes[j] == Type.SHORT || argtypes[j] == Type.BYTE || argtypes[j] == Type.CHAR || argtypes[j] == Type.BOOLEAN) { argtypes[j] = Type.INT; } f.getLocals().set(twoslotoffset + j + (mg.isStatic()?0:1), argtypes[j]); if (argtypes[j].getSize() == 2) { twoslotoffset++; f.getLocals().set(twoslotoffset + j + (mg.isStatic()?0:1), Type.UNKNOWN); } } circulationPump(mg,cfg, cfg.contextOf(mg.getInstructionList().getStart()), f, icv, ev); } } catch (final VerifierConstraintViolatedException ce) { ce.extendMessage("Constraint violated in method '"+methods[methodNo]+"':\n",""); return new VerificationResult(VerificationResult.VERIFIED_REJECTED, ce.getMessage()); } catch (final RuntimeException re) { // These are internal errors final StringWriter sw = new StringWriter(); final PrintWriter pw = new PrintWriter(sw); re.printStackTrace(pw); throw new AssertionViolatedException("Some RuntimeException occured while verify()ing class '"+jc.getClassName()+ "', method '"+methods[methodNo]+"'. Original RuntimeException's stack trace:\n---\n"+sw+"---\n", re); } return VerificationResult.VR_OK; }