package com.h3xstream.findsecbugs.injection;

import edu.umd.cs.findbugs.BugInstance;
import edu.umd.cs.findbugs.BugReporter;
import edu.umd.cs.findbugs.Detector;
import edu.umd.cs.findbugs.ba.BasicBlock;
import edu.umd.cs.findbugs.ba.CFG;
import edu.umd.cs.findbugs.ba.CFGBuilderException;
import edu.umd.cs.findbugs.ba.ClassContext;
import edu.umd.cs.findbugs.ba.DataflowAnalysisException;
import edu.umd.cs.findbugs.ba.Location;
import edu.umd.cs.findbugs.ba.constant.Constant;
import edu.umd.cs.findbugs.ba.constant.ConstantDataflow;
import edu.umd.cs.findbugs.ba.constant.ConstantFrame;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.bcel.classfile.JavaClass;
import org.apache.bcel.classfile.Method;
import org.apache.bcel.generic.AALOAD;
import org.apache.bcel.generic.ConstantPoolGen;
import org.apache.bcel.generic.GETSTATIC;
import org.apache.bcel.generic.Instruction;
import org.apache.bcel.generic.InstructionHandle;
import org.apache.bcel.generic.InvokeInstruction;
import org.apache.bcel.generic.LDC;
import org.apache.bcel.generic.MethodGen;
import org.apache.bcel.generic.NOP;

/* loaded from: input_file:com/h3xstream/findsecbugs/injection/InjectionDetector.class */
public abstract class InjectionDetector implements Detector {
    private BugReporter bugReporter;

    /* JADX INFO: Access modifiers changed from: protected */
    public InjectionDetector(BugReporter bugReporter) {
        this.bugReporter = bugReporter;
    }

    public void visitClassContext(ClassContext classContext) {
        Method[] methods = classContext.getJavaClass().getMethods();
        ConstantPoolGen constantPoolGen = classContext.getConstantPoolGen();
        ArrayList arrayList = new ArrayList();
        for (InjectionSource injectionSource : getInjectionSource()) {
            if (injectionSource.isCandidate(constantPoolGen)) {
                arrayList.add(injectionSource);
            }
        }
        if (arrayList.size() > 0) {
            for (Method method : methods) {
                if (classContext.getMethodGen(method) != null) {
                    try {
                        analyzeMethod(classContext, method, arrayList);
                    } catch (DataflowAnalysisException e) {
                    } catch (CFGBuilderException e2) {
                    }
                }
            }
        }
    }

    private void analyzeMethod(ClassContext classContext, Method method, List<InjectionSource> list) throws DataflowAnalysisException, CFGBuilderException {
        JavaClass javaClass = classContext.getJavaClass();
        MethodGen methodGen = classContext.getMethodGen(method);
        if (methodGen == null) {
            return;
        }
        ConstantPoolGen constantPool = methodGen.getConstantPool();
        CFG cfg = classContext.getCFG(method);
        ConstantDataflow constantDataflow = classContext.getConstantDataflow(method);
        Iterator locationIterator = cfg.locationIterator();
        while (locationIterator.hasNext()) {
            Location location = (Location) locationIterator.next();
            InstructionHandle handle = location.getHandle();
            InvokeInstruction instruction = handle.getInstruction();
            if (instruction instanceof InvokeInstruction) {
                InvokeInstruction invokeInstruction = instruction;
                InjectionPoint injectionPoint = null;
                Iterator<InjectionSource> it = list.iterator();
                while (it.hasNext()) {
                    injectionPoint = it.next().getInjectableParameters(invokeInstruction, constantPool, handle);
                    if (injectionPoint != InjectionPoint.NONE) {
                        break;
                    }
                }
                if (injectionPoint != InjectionPoint.NONE) {
                    ConstantFrame constantFrame = (ConstantFrame) constantDataflow.getFactAtLocation(location);
                    int[] injectableArguments = injectionPoint.getInjectableArguments();
                    int length = injectableArguments.length;
                    int i = 0;
                    while (true) {
                        if (i < length) {
                            int i2 = injectableArguments[i];
                            Constant constant = (Constant) constantFrame.getStackValue(i2);
                            if (constant == null || !constant.isConstantString()) {
                                Location previousLocation = getPreviousLocation(cfg, location, true);
                                for (int i3 = 0; i3 < i2; i3++) {
                                    previousLocation = getPreviousLocation(cfg, previousLocation, true);
                                }
                                if (previousLocation != null && !isSafeValue(previousLocation, constantPool, cfg)) {
                                    BugInstance addSourceLine = new BugInstance(this, injectionPoint.getBugType(), 1).addClass(javaClass).addMethod(javaClass, method).addSourceLine(classContext, method, location);
                                    if (injectionPoint.getInjectableMethod() != null) {
                                        addSourceLine.addString(injectionPoint.getInjectableMethod());
                                    }
                                    this.bugReporter.reportBug(addSourceLine);
                                }
                            }
                            i++;
                        }
                    }
                }
            }
        }
    }

    private InstructionHandle getPreviousInstruction(InstructionHandle instructionHandle, boolean z) {
        while (instructionHandle.getPrev() != null) {
            instructionHandle = instructionHandle.getPrev();
            Instruction instruction = instructionHandle.getInstruction();
            if (!z || !(instruction instanceof NOP)) {
                return instructionHandle;
            }
        }
        return null;
    }

    private Location getPreviousLocation(CFG cfg, Location location, boolean z) {
        InstructionHandle lastInstruction;
        InstructionHandle previousInstruction = getPreviousInstruction(location.getHandle(), z);
        if (previousInstruction != null) {
            return new Location(previousInstruction, location.getBasicBlock());
        }
        BasicBlock basicBlock = location.getBasicBlock();
        do {
            basicBlock = cfg.getPredecessorWithEdgeType(basicBlock, 0);
            if (basicBlock == null) {
                return null;
            }
            lastInstruction = basicBlock.getLastInstruction();
        } while (lastInstruction == null);
        return new Location(lastInstruction, basicBlock);
    }

    private boolean isSafeValue(Location location, ConstantPoolGen constantPoolGen, CFG cfg) throws CFGBuilderException {
        Location previousLocation;
        Location previousLocation2;
        InvokeInstruction instruction = location.getHandle().getInstruction();
        if ((instruction instanceof LDC) || (instruction instanceof GETSTATIC)) {
            return true;
        }
        if (instruction instanceof InvokeInstruction) {
            String methodName = instruction.getMethodName(constantPoolGen);
            if (methodName.startsWith("to") && methodName.endsWith("String") && methodName.length() > 8) {
                return true;
            }
        }
        return (instruction instanceof AALOAD) && (previousLocation = getPreviousLocation(cfg, location, true)) != null && (previousLocation2 = getPreviousLocation(cfg, previousLocation, true)) != null && (previousLocation2.getHandle().getInstruction() instanceof GETSTATIC) && previousLocation2.getHandle().getInstruction().getSignature(constantPoolGen).equals("[Ljava/lang/String;");
    }

    public void report() {
    }

    public abstract InjectionSource[] getInjectionSource();
}
