Java Code Examples for org.apache.bcel.Constants

The following examples show how to use org.apache.bcel.Constants. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
@Override
public void handleStoreInstruction(StoreInstruction obj) {
    try {
        int numConsumed = obj.consumeStack(cpg);
        if (numConsumed == Constants.UNPREDICTABLE) {
            throw new InvalidBytecodeException("Unpredictable stack consumption");
        }
        int index = obj.getIndex();
        while (numConsumed-- > 0) {
            Taint value = new Taint(getFrame().popValue());
            value.setVariableIndex(index);
            getFrame().setValue(index++, value);
        }
    } catch (DataflowAnalysisException ex) {
        throw new InvalidBytecodeException(ex.toString(), ex);
    }
}
 
Example 2
@Override
public void sawOpcode(int seen) {

    if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("javax/servlet/http/Cookie")
            && getNameConstantOperand().equals("setMaxAge")) {

        Object maxAge = stack.getStackItem(0).getConstant();
        Integer n = (maxAge instanceof Integer) ? (Integer)maxAge : 0;

        //Max age equal or greater than one year
        if (n >= 31536000) {
            bugReporter.reportBug(new BugInstance(this, "COOKIE_PERSISTENT", Priorities.NORMAL_PRIORITY) //
                    .addClass(this).addMethod(this).addSourceLine(this));
        }
    }
}
 
Example 3
Source Project: commons-bcel   Source File: TransitiveHull.java    License: Apache License 2.0 6 votes vote down vote up
private void visitRef(final ConstantCP ccp, final boolean method) {
    final String class_name = ccp.getClass(cp);
    add(class_name);

    final ConstantNameAndType cnat = (ConstantNameAndType) cp.getConstant(ccp.getNameAndTypeIndex(),
            Constants.CONSTANT_NameAndType);

    final String signature = cnat.getSignature(cp);

    if (method) {
        final Type type = Type.getReturnType(signature);

        checkType(type);

        for (final Type type1 : Type.getArgumentTypes(signature)) {
            checkType(type1);
        }
    } else {
        checkType(Type.getType(signature));
    }
}
 
Example 4
Source Project: ApkToolPlus   Source File: LocalVariableInstruction.java    License: Apache License 2.0 6 votes vote down vote up
/**
  * Read needed data (e.g. index) from file.
  * PRE: (ILOAD <= tag <= ALOAD_3) || (ISTORE <= tag <= ASTORE_3)
  */
 protected void initFromFile(ByteSequence bytes, boolean wide)
   throws IOException
 {
   if(wide) {
     n         = bytes.readUnsignedShort();
     length    = 4;
   } else if(((opcode >= Constants.ILOAD) &&
       (opcode <= Constants.ALOAD)) ||
      ((opcode >= Constants.ISTORE) &&
       (opcode <= Constants.ASTORE))) {
     n      = bytes.readUnsignedByte();
     length = 2;
   } else if(opcode <= Constants.ALOAD_3) { // compact load instruction such as ILOAD_2
     n      = (opcode - Constants.ILOAD_0) % 4;
     length = 1;
   } else { // Assert ISTORE_0 <= tag <= ASTORE_3
     n      = (opcode - Constants.ISTORE_0) % 4;
     length = 1;
   }
}
 
Example 5
@Override
public void sawOpcode(int seen) {
    if (seen == Constants.INVOKESTATIC
            && getClassConstantOperand().equals("javax/crypto/Cipher")
            && getNameConstantOperand().equals("getInstance")) {
        OpcodeStack.Item item = stack.getStackItem(getSigConstantOperand().contains(";L") ? 1 : 0);
        if (StackUtils.isConstantString(item)) {
            String cipherValue = (String) item.getConstant();
            // default padding for "RSA" only is PKCS1 so it is not reported
            if (cipherValue.startsWith("RSA/") && cipherValue.endsWith("/NoPadding")) {
                bugReporter.reportBug(new BugInstance(this, RSA_NO_PADDING_TYPE, Priorities.NORMAL_PRIORITY) //
                        .addClass(this).addMethod(this).addSourceLine(this));
            }
        }
    }
}
 
Example 6
@Override
    public void sawOpcode(int seen) {
        //printOpCode(seen);

        // getClassConstantOperand().equals("java/net/Socket")

        if (seen == Constants.INVOKEVIRTUAL && ( //List of method mark as external file access
                getNameConstantOperand().equals("sendStickyBroadcast") ||
                        getNameConstantOperand().equals("sendStickyOrderedBroadcast") ||
                        getNameConstantOperand().equals("sendStickyBroadcastAsUser") ||
                        getNameConstantOperand().equals("sendStickyOrderedBroadcastAsUser")
        )) {
//            System.out.println(getSigConstantOperand());
            bugReporter.reportBug(new BugInstance(this, ANDROID_STICKY_BROADCAST_TYPE, Priorities.NORMAL_PRIORITY) //
                    .addClass(this).addMethod(this).addSourceLine(this));
        }
    }
 
Example 7
@Override
    public void sawOpcode(int seen) {
//        printOpCode(seen);

        // getClassConstantOperand().equals("java/net/Socket")

        if (seen == Constants.INVOKEVIRTUAL && ( //List of method mark as external file access
                getNameConstantOperand().equals("getExternalCacheDir") ||
                getNameConstantOperand().equals("getExternalCacheDirs") ||
                getNameConstantOperand().equals("getExternalFilesDir") ||
                getNameConstantOperand().equals("getExternalFilesDirs") ||
                getNameConstantOperand().equals("getExternalMediaDirs")
            )) {
//            System.out.println(getSigConstantOperand());
            bugReporter.reportBug(new BugInstance(this, ANDROID_EXTERNAL_FILE_ACCESS_TYPE, Priorities.NORMAL_PRIORITY) //
                    .addClass(this).addMethod(this).addSourceLine(this));
        }
        else if(seen == Constants.INVOKESTATIC && getClassConstantOperand().equals("android/os/Environment") && (
                getNameConstantOperand().equals("getExternalStorageDirectory") ||
                getNameConstantOperand().equals("getExternalStoragePublicDirectory")
            )) {
            bugReporter.reportBug(new BugInstance(this, ANDROID_EXTERNAL_FILE_ACCESS_TYPE, Priorities.NORMAL_PRIORITY) //
                    .addClass(this).addMethod(this).addSourceLine(this));
        }
    }
 
Example 8
Source Project: vscrawler   Source File: AwkCompilerImpl.java    License: Apache License 2.0 6 votes vote down vote up
private void createResetMethod(String method_name, String field_name) {
	InstructionList tmpIl = new InstructionList();
	// no-arg method
	MethodGen method = new MethodGen(ACC_PUBLIC | ACC_FINAL, Type.VOID, buildArgs(new Class[] {}), new String[] {}, method_name, classname, tmpIl, cp);

	// implement: setXX(ZERO)

	tmpIl.append(InstructionConstants.ALOAD_0);
	tmpIl.append(factory.createFieldAccess(classname, "ZERO", getObjectType(Integer.class), Constants.GETSTATIC));
	tmpIl.append(factory.createFieldAccess(classname, field_name, getObjectType(Object.class), Constants.PUTFIELD));

	tmpIl.append(InstructionFactory.createReturn(Type.VOID));

	method.setMaxStack();
	method.setMaxLocals();
	cg.addMethod(method.getMethod());
	tmpIl.dispose();
}
 
Example 9
Source Project: ApkToolPlus   Source File: ConstantValue.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * @return String representation of constant value.
 */ 
public final String toString() {
  Constant c = constant_pool.getConstant(constantvalue_index);
	
  String   buf;
  int    i;

  // Print constant to string depending on its type
  switch(c.getTag()) {
  case Constants.CONSTANT_Long:    buf = "" + ((ConstantLong)c).getBytes();    break;
  case Constants.CONSTANT_Float:   buf = "" + ((ConstantFloat)c).getBytes();   break;
  case Constants.CONSTANT_Double:  buf = "" + ((ConstantDouble)c).getBytes();  break;
  case Constants.CONSTANT_Integer: buf = "" + ((ConstantInteger)c).getBytes(); break;
  case Constants.CONSTANT_String:  
    i   = ((ConstantString)c).getStringIndex();
    c   = constant_pool.getConstant(i, Constants.CONSTANT_Utf8);
    buf = "\"" + Utility.convertString(((ConstantUtf8)c).getBytes()) + "\"";
    break;

  default:
    throw new IllegalStateException("Type of ConstValue invalid: " + c);
  }

  return buf;
}
 
Example 10
Source Project: luaj   Source File: JavaBuilder.java    License: MIT License 6 votes vote down vote up
private String createLuaStringField(LuaString value) {
	String name = PREFIX_CONSTANT+constants.size();
	FieldGen fg = new FieldGen(Constants.ACC_STATIC | Constants.ACC_FINAL, 
			TYPE_LUAVALUE, name, cp);
	cg.addField(fg.getField());
	LuaString ls = value.checkstring();
	if ( ls.isValidUtf8() ) {
		init.append(new PUSH(cp, value.tojstring()));
		init.append(factory.createInvoke(STR_LUASTRING, "valueOf",
				TYPE_LUASTRING, ARG_TYPES_STRING, Constants.INVOKESTATIC));
	} else {
		char[] c = new char[ls.m_length];
		for ( int j=0; j<ls.m_length; j++ ) 
			c[j] = (char) (0xff & (int) (ls.m_bytes[ls.m_offset+j]));
		init.append(new PUSH(cp, new String(c)));
		init.append(factory.createInvoke(STR_STRING, "toCharArray",
				TYPE_CHARARRAY, Type.NO_ARGS,
				Constants.INVOKEVIRTUAL));
		init.append(factory.createInvoke(STR_LUASTRING, "valueOf",
				TYPE_LUASTRING, ARG_TYPES_CHARARRAY,
				Constants.INVOKESTATIC));
	}
	init.append(factory.createPutStatic(classname, name, TYPE_LUAVALUE));			
	return name;
}
 
Example 11
Source Project: ApkToolPlus   Source File: InstructionFactory.java    License: Apache License 2.0 6 votes vote down vote up
/** Create an invoke instruction.
 *
 * @param class_name name of the called class
 * @param name name of the called method
 * @param ret_type return type of method
 * @param arg_types argument types of method
 * @param kind how to invoke, i.e., INVOKEINTERFACE, INVOKESTATIC, INVOKEVIRTUAL,
 * or INVOKESPECIAL
 * @see Constants
 */
public InvokeInstruction createInvoke(String class_name, String name, Type ret_type,
			Type[] arg_types, short kind) {
  int    index;
  int    nargs      = 0;
  String signature  = Type.getMethodSignature(ret_type, arg_types);

  for(int i=0; i < arg_types.length; i++) // Count size of arguments
    nargs += arg_types[i].getSize();

  if(kind == Constants.INVOKEINTERFACE)
    index = cp.addInterfaceMethodref(class_name, name, signature);
  else
    index = cp.addMethodref(class_name, name, signature);

  switch(kind) {
  case Constants.INVOKESPECIAL:   return new INVOKESPECIAL(index);
  case Constants.INVOKEVIRTUAL:   return new INVOKEVIRTUAL(index);
  case Constants.INVOKESTATIC:    return new INVOKESTATIC(index);
  case Constants.INVOKEINTERFACE: return new INVOKEINTERFACE(index, nargs + 1);
  default:
    throw new RuntimeException("Oops: Unknown invoke kind:" + kind);
  }
}
 
Example 12
Source Project: ApkToolPlus   Source File: InstructionFactory.java    License: Apache License 2.0 6 votes vote down vote up
/** Create a field instruction.
 *
 * @param class_name name of the accessed class
 * @param name name of the referenced field
 * @param type  type of field
 * @param kind how to access, i.e., GETFIELD, PUTFIELD, GETSTATIC, PUTSTATIC
 * @see Constants
 */
public FieldInstruction createFieldAccess(String class_name, String name, Type type, short kind) {
  int    index;
  String signature  = type.getSignature();

  index = cp.addFieldref(class_name, name, signature);

  switch(kind) {
  case Constants.GETFIELD:  return new GETFIELD(index);
  case Constants.PUTFIELD:  return new PUTFIELD(index);
  case Constants.GETSTATIC: return new GETSTATIC(index);
  case Constants.PUTSTATIC: return new PUTSTATIC(index);

  default:
    throw new RuntimeException("Oops: Unknown getfield kind:" + kind);
  }
}
 
Example 13
Source Project: ApkToolPlus   Source File: ClassParser.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Read information about the class and its super class.
 * @throws  IOException
 * @throws  ClassFormatException
 */
private final void readClassInfo() throws IOException, ClassFormatException
{
  access_flags = file.readUnsignedShort();

  /* Interfaces are implicitely abstract, the flag should be set
   * according to the JVM specification.
   */
  if((access_flags & Constants.ACC_INTERFACE) != 0)
    access_flags |= Constants.ACC_ABSTRACT;

  if(((access_flags & Constants.ACC_ABSTRACT) != 0) && 
     ((access_flags & Constants.ACC_FINAL)    != 0 ))
    throw new ClassFormatException("Class can't be both final and abstract");

  class_name_index      = file.readUnsignedShort();
  superclass_name_index = file.readUnsignedShort();
}
 
Example 14
Source Project: ApkToolPlus   Source File: InstructionFactory.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * @param type type of elements of array, i.e., array.getElementType()
 */
public static ArrayInstruction createArrayLoad(Type type) {
  switch(type.getType()) {
  case Constants.T_BOOLEAN:
  case Constants.T_BYTE:   return BALOAD;
  case Constants.T_CHAR:   return CALOAD;
  case Constants.T_SHORT:  return SALOAD;
  case Constants.T_INT:    return IALOAD;
  case Constants.T_FLOAT:  return FALOAD;
  case Constants.T_DOUBLE: return DALOAD;
  case Constants.T_LONG:   return LALOAD;
  case Constants.T_ARRAY:
  case Constants.T_OBJECT: return AALOAD;
  default:       throw new RuntimeException("Invalid type " + type);
  }
}
 
Example 15
Source Project: ApkToolPlus   Source File: InstructionFactory.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * @param type type of elements of array, i.e., array.getElementType()
 */
public static ArrayInstruction createArrayStore(Type type) {
  switch(type.getType()) {
  case Constants.T_BOOLEAN:
  case Constants.T_BYTE:   return BASTORE;
  case Constants.T_CHAR:   return CASTORE;
  case Constants.T_SHORT:  return SASTORE;
  case Constants.T_INT:    return IASTORE;
  case Constants.T_FLOAT:  return FASTORE;
  case Constants.T_DOUBLE: return DASTORE;
  case Constants.T_LONG:   return LASTORE;
  case Constants.T_ARRAY:
  case Constants.T_OBJECT: return AASTORE;
  default:       throw new RuntimeException("Invalid type " + type);
  }
}
 
Example 16
Source Project: ApkToolPlus   Source File: ExceptionTable.java    License: Apache License 2.0 6 votes vote down vote up
/**
  * @return String representation, i.e., a list of thrown exceptions.
  */ 
 public final String toString() {
   StringBuffer buf = new StringBuffer("");
   String       str;

   for(int i=0; i < number_of_exceptions; i++) {
     str = constant_pool.getConstantString(exception_index_table[i],
				    Constants.CONSTANT_Class);
     buf.append(Utility.compactClassName(str, false));

     if(i < number_of_exceptions - 1)
buf.append(", ");
   }

   return buf.toString();    
 }
 
Example 17
Source Project: ApkToolPlus   Source File: InvokeInstruction.java    License: Apache License 2.0 6 votes vote down vote up
/**
  * Also works for instructions whose stack effect depends on the
  * constant pool entry they reference.
  * @return Number of words consumed from stack by this instruction
  */
 public int consumeStack(ConstantPoolGen cpg) {
     String signature = getSignature(cpg);
     Type[] args      = Type.getArgumentTypes(signature);
     int    sum;

     if(opcode == Constants.INVOKESTATIC)
sum = 0;
     else
sum = 1;  // this reference

     int n = args.length;
     for (int i = 0; i < n; i++)
sum += args[i].getSize();

     return sum;
  }
 
Example 18
Source Project: ApkToolPlus   Source File: BasicType.java    License: Apache License 2.0 6 votes vote down vote up
public static final BasicType getType(byte type) {
  switch(type) {
  case Constants.T_VOID:    return VOID;
  case Constants.T_BOOLEAN: return BOOLEAN;
  case Constants.T_BYTE:    return BYTE;
  case Constants.T_SHORT:   return SHORT;
  case Constants.T_CHAR:    return CHAR;
  case Constants.T_INT:     return INT;
  case Constants.T_LONG:    return LONG;
  case Constants.T_DOUBLE:  return DOUBLE;
  case Constants.T_FLOAT:   return FLOAT;

  default:
    throw new ClassGenException("Invalid type: " + type);
  }
}
 
Example 19
Source Project: ApkToolPlus   Source File: Pass2Verifier.java    License: Apache License 2.0 5 votes vote down vote up
public void visitConstantInterfaceMethodref(ConstantInterfaceMethodref obj){
	if (obj.getTag() != Constants.CONSTANT_InterfaceMethodref){
		throw new ClassConstraintException("ConstantInterfaceMethodref '"+tostring(obj)+"' has wrong tag!");
	}
	int name_and_type_index = obj.getNameAndTypeIndex();
	ConstantNameAndType cnat = (ConstantNameAndType) (cp.getConstant(name_and_type_index));
	String name = ((ConstantUtf8) (cp.getConstant(cnat.getNameIndex()))).getBytes(); // Field or Method name
	if (!validInterfaceMethodName(name)){
		throw new ClassConstraintException("Invalid (interface) method name '"+name+"' referenced by '"+tostring(obj)+"'.");
	}

	int class_index = obj.getClassIndex();
	ConstantClass cc = (ConstantClass) (cp.getConstant(class_index));
	String className = ((ConstantUtf8) (cp.getConstant(cc.getNameIndex()))).getBytes(); // Class Name in internal form
	if (! validClassName(className)){
		throw new ClassConstraintException("Illegal class name '"+className+"' used by '"+tostring(obj)+"'.");
	}

	String sig  = ((ConstantUtf8) (cp.getConstant(cnat.getSignatureIndex()))).getBytes(); // Field or Method signature(=descriptor)
				
	try{
		Type   t  = Type.getReturnType(sig);
		if ( name.equals(STATIC_INITIALIZER_NAME) && (t != Type.VOID) ){
			addMessage("Class or interface initialization method '"+STATIC_INITIALIZER_NAME+"' usually has VOID return type instead of '"+t+"'. Note this is really not a requirement of The Java Virtual Machine Specification, Second Edition.");
		}
	}
	catch (ClassFormatError cfe){
		// Well, BCEL sometimes is a little harsh describing exceptional situations.
		throw new ClassConstraintException("Illegal descriptor (==signature) '"+sig+"' used by '"+tostring(obj)+"'.");
	}

}
 
Example 20
Source Project: ApkToolPlus   Source File: Pass2Verifier.java    License: Apache License 2.0 5 votes vote down vote up
public void visitConstantFieldref(ConstantFieldref obj){
	if (obj.getTag() != Constants.CONSTANT_Fieldref){
		throw new ClassConstraintException("Wrong constant tag in '"+tostring(obj)+"'.");
	}
	checkIndex(obj, obj.getClassIndex(), CONST_Class);
	checkIndex(obj, obj.getNameAndTypeIndex(), CONST_NameAndType);
}
 
Example 21
Source Project: luaj   Source File: JavaBuilder.java    License: MIT License 5 votes vote down vote up
public void binaryop(int o) {
	String op;
	switch (o) {
		default: 
		case Lua.OP_ADD: op = "add"; break;
		case Lua.OP_SUB: op = "sub"; break;
		case Lua.OP_MUL: op = "mul"; break;
		case Lua.OP_DIV: op = "div"; break;
		case Lua.OP_MOD: op = "mod"; break;
		case Lua.OP_POW: op = "pow"; break;
	}
       append(factory.createInvoke(STR_LUAVALUE, op, TYPE_LUAVALUE, ARG_TYPES_LUAVALUE, Constants.INVOKEVIRTUAL));
}
 
Example 22
Source Project: commons-bcel   Source File: Package.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Add this class to allClasses. Then go through all its dependents
 * and add them to the dependents list if they are not in allClasses
 */
void addDependents(final JavaClass clazz) throws IOException {
    final String name = clazz.getClassName().replace('.', '/');
    allClasses.put(name, clazz);
    final ConstantPool pool = clazz.getConstantPool();
    for (int i = 1; i < pool.getLength(); i++) {
        final Constant cons = pool.getConstant(i);
        //System.out.println("("+i+") " + cons );
        if (cons != null && cons.getTag() == Constants.CONSTANT_Class) {
            final int idx = ((ConstantClass) pool.getConstant(i)).getNameIndex();
            final String clas = ((ConstantUtf8) pool.getConstant(idx)).getBytes();
            addClassString(clas, name);
        }
    }
}
 
Example 23
Source Project: ApkToolPlus   Source File: LocalVariableTable.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * @param name_index Index in constant pool to `LocalVariableTable'
 * @param length Content length in bytes
 * @param local_variable_table Table of local variables
 * @param constant_pool Array of constants
 */
public LocalVariableTable(int name_index, int length,
	    LocalVariable[] local_variable_table,
	    ConstantPool    constant_pool)
{
  super(Constants.ATTR_LOCAL_VARIABLE_TABLE, name_index, length, constant_pool);
  setLocalVariableTable(local_variable_table);
}
 
Example 24
Source Project: ApkToolPlus   Source File: Pass2Verifier.java    License: Apache License 2.0 5 votes vote down vote up
public void visitConstantMethodref(ConstantMethodref obj){
	if (obj.getTag() != Constants.CONSTANT_Methodref){
		throw new ClassConstraintException("ConstantMethodref '"+tostring(obj)+"' has wrong tag!");
	}
	int name_and_type_index = obj.getNameAndTypeIndex();
	ConstantNameAndType cnat = (ConstantNameAndType) (cp.getConstant(name_and_type_index));
	String name = ((ConstantUtf8) (cp.getConstant(cnat.getNameIndex()))).getBytes(); // Field or Method name
	if (!validClassMethodName(name)){
		throw new ClassConstraintException("Invalid (non-interface) method name '"+name+"' referenced by '"+tostring(obj)+"'.");
	}

	int class_index = obj.getClassIndex();
	ConstantClass cc = (ConstantClass) (cp.getConstant(class_index));
	String className = ((ConstantUtf8) (cp.getConstant(cc.getNameIndex()))).getBytes(); // Class Name in internal form
	if (! validClassName(className)){
		throw new ClassConstraintException("Illegal class name '"+className+"' used by '"+tostring(obj)+"'.");
	}

	String sig  = ((ConstantUtf8) (cp.getConstant(cnat.getSignatureIndex()))).getBytes(); // Field or Method signature(=descriptor)
				
	try{
		Type   t  = Type.getReturnType(sig);
		if ( name.equals(CONSTRUCTOR_NAME) && (t != Type.VOID) ){
			throw new ClassConstraintException("Instance initialization method must have VOID return type.");
		}
	}
	catch (ClassFormatError cfe){
		// Well, BCEL sometimes is a little harsh describing exceptional situations.
		throw new ClassConstraintException("Illegal descriptor (==signature) '"+sig+"' used by '"+tostring(obj)+"'.");
	}
}
 
Example 25
Source Project: luaj   Source File: JavaBuilder.java    License: MIT License 5 votes vote down vote up
public void closureInitUpvalueFromUpvalue(String protoname, int newup, int upindex) {
	boolean isrw = pi.isReadWriteUpvalue( pi.upvals[upindex] ); 
	Type uptype = isrw? (Type) TYPE_LOCALUPVALUE: (Type) TYPE_LUAVALUE;
	String srcname = upvalueName(upindex);
	String destname = upvalueName(newup);
	append(InstructionConstants.THIS);
	append(factory.createFieldAccess(classname, srcname, uptype, Constants.GETFIELD));
	append(factory.createFieldAccess(protoname, destname, uptype, Constants.PUTFIELD));
}
 
Example 26
Source Project: luaj   Source File: JavaBuilder.java    License: MIT License 5 votes vote down vote up
public void createUpvalues(int pc, int firstslot, int numslots) {
	for ( int i=0; i<numslots; i++ ) {
		int slot = firstslot + i;
		boolean isupcreate = pi.isUpvalueCreate(pc, slot);
		if ( isupcreate ) {
			int index = findSlotIndex( slot, true );
			append(factory.createInvoke(classname, "newupn", TYPE_LOCALUPVALUE, ARG_TYPES_NONE, Constants.INVOKESTATIC));
			append(new ASTORE(index));
		}
	}
}
 
Example 27
@Override
public void sawOpcode(int seen) {
    if ((seen != Constants.INVOKESTATIC
            || !getClassConstantOperand().equals("javax/crypto/Cipher"))
            || !getNameConstantOperand().equals("getInstance")) {
        return;
    }
    OpcodeStack.Item item = stack.getStackItem(getSigConstantOperand().contains(";L") ? 1 : 0);
    String cipherValue;
    if (StackUtils.isConstantString(item)) {
        cipherValue = (String) item.getConstant();
    } else {
        return;
    }
    if (INSECURE_ECB_MODES.matcher(cipherValue).matches()) {
        reportBug(ECB_MODE_TYPE);
    }
    if (cipherValue.contains("/CBC/PKCS5Padding")) {
        reportBug(PADDING_ORACLE_TYPE);
    }

    //Some cipher will not have mode specified (ie: "RSA" .. issue GitHub #24)
    if (!AUTHENTICATED_CIPHER_MODES.matcher(cipherValue).matches()
            && !cipherValue.startsWith("RSA")) {
        reportBug(CIPHER_INTEGRITY_TYPE);
    }
}
 
Example 28
@Override
    public void sawOpcode(int seen) {
        //printOpCode(seen);

//  FreemarkerDetector: [0113]  invokevirtual   freemarker/template/Template.process (Ljava/lang/Object;Ljava/io/Writer;)V

        if (seen == Constants.INVOKEVIRTUAL && getClassConstantOperand().equals("freemarker/template/Template")
                && getNameConstantOperand().equals("process")) {

            bugReporter.reportBug(new BugInstance(this, FREEMARKER_TYPE, Priorities.NORMAL_PRIORITY) //
                    .addClass(this).addMethod(this).addSourceLine(this));
        }
    }
 
Example 29
Source Project: luaj   Source File: JavaBuilder.java    License: MIT License 5 votes vote down vote up
public void convertToUpvalue(int pc, int slot) {
	boolean isupassign = pi.isUpvalueAssign(pc, slot);
	if ( isupassign ) {
		int index = findSlotIndex( slot, false );
		append(new ALOAD(index));
		append(factory.createInvoke(classname, "newupl", TYPE_LOCALUPVALUE,  ARG_TYPES_LUAVALUE, Constants.INVOKESTATIC));
		int upindex = findSlotIndex( slot, true );
		append(new ASTORE(upindex));
	}
}
 
Example 30
@Override
    public void sawOpcode(int seen) {
        //printOpCode(seen);

        // getClassConstantOperand().equals("java/net/Socket")

        if (seen == Constants.INVOKEVIRTUAL &&  //List of method mark as external file access
                getNameConstantOperand().equals("registerReceiver") &&
                (getSigConstantOperand().contains("(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;)") ||
                 getSigConstantOperand().contains("(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;I)"))) {
//            System.out.println(getSigConstantOperand());
            bugReporter.reportBug(new BugInstance(this, ANDROID_REGISTER_RECEIVER_NOPERMISSION_TYPE, Priorities.NORMAL_PRIORITY) //
                    .addClass(this).addMethod(this).addSourceLine(this));
        }
    }