hiifong/pmd
1
0
Fork 0
forked from phoedos/pmd
Code Pull Requests Activity

Indentation and license

Browse Source
This commit is contained in:
Sergey Gorbaty
2018-04-17 15:27:58 -07:00
parent a3f30476ce
commit 1f7fc0ac8b
2 changed files with 89 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

167
pmd-java/src/main/java/net/sourceforge/pmd/lang/java/rule/security/InsecureCryptoIvRule.java
View File

@ -1,3 +1,7 @@
/**
* BSD-style license; for more info see http://pmd.sourceforge.net/license.html
*/
package net.sourceforge.pmd.lang.java.rule.security;
import java.util.HashSet;
@ -25,112 +29,111 @@ import net.sourceforge.pmd.lang.java.rule.AbstractJavaRule;
* //bad: byte[] ivBytes = "hardcoded".getBytes(); //bad: byte[] ivBytes =
* someString.getBytes();
*
* javax.crypto.spec.IvParameterSpec must not be created from a static
* javax.crypto.spec.IvParameterSpec must not be created from a static sources
*
* @author sergeygorbaty
* @since 6.3
*
*/
public class InsecureCryptoIvRule extends AbstractJavaRule {
public InsecureCryptoIvRule() {
public InsecureCryptoIvRule() {
addRuleChainVisit(ASTCompilationUnit.class);
}
addRuleChainVisit(ASTCompilationUnit.class);
addRuleChainVisit(ASTLiteral.class);
}
@Override
public Object visit(ASTClassOrInterfaceDeclaration node, Object data) {
Set<ASTFieldDeclaration> foundFields = new HashSet<>();
Set<ASTLocalVariableDeclaration> foundLocalVars = new HashSet<>();
Set<String> passedInIvVarNames = new HashSet<>();
@Override
public Object visit(ASTClassOrInterfaceDeclaration node, Object data) {
Set<ASTFieldDeclaration> foundFields = new HashSet<>();
Set<ASTLocalVariableDeclaration> foundLocalVars = new HashSet<>();
Set<String> passedInIvVarNames = new HashSet<>();
// byte[] fields
List<ASTFieldDeclaration> fields = node.findDescendantsOfType(ASTFieldDeclaration.class);
for (ASTFieldDeclaration field : fields) {
foundFields.addAll(extractPrimitiveTypes(field));
}
// byte[] fields
List<ASTFieldDeclaration> fields = node.findDescendantsOfType(ASTFieldDeclaration.class);
for (ASTFieldDeclaration field : fields) {
foundFields.addAll(extractPrimitiveTypes(field));
}
List<ASTLocalVariableDeclaration> localVars = node.findDescendantsOfType(ASTLocalVariableDeclaration.class);
for (ASTLocalVariableDeclaration localVar : localVars) {
// byte[] local vars
foundLocalVars.addAll(extractPrimitiveTypes(localVar));
List<ASTLocalVariableDeclaration> localVars = node.findDescendantsOfType(ASTLocalVariableDeclaration.class);
for (ASTLocalVariableDeclaration localVar : localVars) {
// byte[] local vars
foundLocalVars.addAll(extractPrimitiveTypes(localVar));
// find javax.crypto.spec.IvParameterSpec
ASTClassOrInterfaceType declClassName = localVar.getFirstDescendantOfType(ASTClassOrInterfaceType.class);
if (declClassName != null) {
Class<?> foundClass = declClassName.getTypeDefinition() == null ? null
: declClassName.getTypeDefinition().getType();
// find javax.crypto.spec.IvParameterSpec
ASTClassOrInterfaceType declClassName = localVar.getFirstDescendantOfType(ASTClassOrInterfaceType.class);
if (declClassName != null) {
Class<?> foundClass = declClassName.getTypeDefinition() == null ? null
: declClassName.getTypeDefinition().getType();
if (foundClass != null && foundClass.equals(javax.crypto.spec.IvParameterSpec.class)) {
ASTVariableInitializer init = localVar.getFirstDescendantOfType(ASTVariableInitializer.class);
if (init != null) {
ASTName name = init.getFirstDescendantOfType(ASTName.class);
if (name != null) {
passedInIvVarNames.add(name.getImage());
}
}
if (foundClass != null && foundClass.equals(javax.crypto.spec.IvParameterSpec.class)) {
ASTVariableInitializer init = localVar.getFirstDescendantOfType(ASTVariableInitializer.class);
if (init != null) {
ASTName name = init.getFirstDescendantOfType(ASTName.class);
if (name != null) {
passedInIvVarNames.add(name.getImage());
}
}
}
}
}
}
for (ASTFieldDeclaration foundField : foundFields) {
if (passedInIvVarNames.contains(foundField.getVariableName())) {
validateProperIv(data, foundField.getFirstDescendantOfType(ASTVariableInitializer.class));
}
}
for (ASTFieldDeclaration foundField : foundFields) {
if (passedInIvVarNames.contains(foundField.getVariableName())) {
validateProperIv(data, foundField.getFirstDescendantOfType(ASTVariableInitializer.class));
}
}
for (ASTLocalVariableDeclaration foundLocalVar : foundLocalVars) {
if (passedInIvVarNames.contains(foundLocalVar.getVariableName())) {
validateProperIv(data, foundLocalVar.getFirstDescendantOfType(ASTVariableInitializer.class));
}
}
for (ASTLocalVariableDeclaration foundLocalVar : foundLocalVars) {
if (passedInIvVarNames.contains(foundLocalVar.getVariableName())) {
validateProperIv(data, foundLocalVar.getFirstDescendantOfType(ASTVariableInitializer.class));
}
}
}
}
return data;
}
return data;
}
private Set<ASTLocalVariableDeclaration> extractPrimitiveTypes(ASTLocalVariableDeclaration localVar) {
List<ASTPrimitiveType> types = localVar.findDescendantsOfType(ASTPrimitiveType.class);
Set<ASTLocalVariableDeclaration> retVal = new HashSet<>();
extractPrimitiveTypesInner(retVal, localVar, types);
private Set<ASTLocalVariableDeclaration> extractPrimitiveTypes(ASTLocalVariableDeclaration localVar) {
List<ASTPrimitiveType> types = localVar.findDescendantsOfType(ASTPrimitiveType.class);
Set<ASTLocalVariableDeclaration> retVal = new HashSet<>();
extractPrimitiveTypesInner(retVal, localVar, types);
return retVal;
}
return retVal;
}
private Set<ASTFieldDeclaration> extractPrimitiveTypes(ASTFieldDeclaration field) {
List<ASTPrimitiveType> types = field.findDescendantsOfType(ASTPrimitiveType.class);
Set<ASTFieldDeclaration> retVal = new HashSet<>();
private Set<ASTFieldDeclaration> extractPrimitiveTypes(ASTFieldDeclaration field) {
List<ASTPrimitiveType> types = field.findDescendantsOfType(ASTPrimitiveType.class);
Set<ASTFieldDeclaration> retVal = new HashSet<>();
extractPrimitiveTypesInner(retVal, field, types);
extractPrimitiveTypesInner(retVal, field, types);
return retVal;
}
return retVal;
}
private <T> void extractPrimitiveTypesInner(Set<T> retVal, T field, List<ASTPrimitiveType> types) {
for (ASTPrimitiveType type : types) {
if (type.hasImageEqualTo("byte")) {
ASTReferenceType parent = type.getFirstParentOfType(ASTReferenceType.class);
if (parent != null) {
retVal.add(field);
}
}
}
}
private <T> void extractPrimitiveTypesInner(Set<T> retVal, T field, List<ASTPrimitiveType> types) {
for (ASTPrimitiveType type : types) {
if (type.hasImageEqualTo("byte")) {
ASTReferenceType parent = type.getFirstParentOfType(ASTReferenceType.class);
if (parent != null) {
retVal.add(field);
}
}
}
}
private void validateProperIv(Object data, ASTVariableInitializer varInit) {
// hard coded array
ASTArrayInitializer arrayInit = varInit.getFirstDescendantOfType(ASTArrayInitializer.class);
if (arrayInit != null) {
addViolation(data, varInit);
}
private void validateProperIv(Object data, ASTVariableInitializer varInit) {
// hard coded array
ASTArrayInitializer arrayInit = varInit.getFirstDescendantOfType(ASTArrayInitializer.class);
if (arrayInit != null) {
addViolation(data, varInit);
}
// string literal
ASTLiteral literal = varInit.getFirstDescendantOfType(ASTLiteral.class);
if (literal != null && literal.isStringLiteral()) {
addViolation(data, varInit);
}
// string literal
ASTLiteral literal = varInit.getFirstDescendantOfType(ASTLiteral.class);
if (literal != null && literal.isStringLiteral()) {
addViolation(data, varInit);
}
}
}
}

4
pmd-java/src/test/java/net/sourceforge/pmd/lang/java/rule/security/SecurityRulesTest.java
View File

@ -1,3 +1,7 @@
/**
* BSD-style license; for more info see http://pmd.sourceforge.net/license.html
*/
package net.sourceforge.pmd.lang.java.rule.security;
import net.sourceforge.pmd.testframework.SimpleAggregatorTst;