package com.h3xstream.findsecbugs.taintanalysis;

import com.h3xstream.findsecbugs.taintanalysis.Taint;
import edu.umd.cs.findbugs.ba.AbstractFrameModelingVisitor;
import edu.umd.cs.findbugs.ba.DataflowAnalysisException;
import edu.umd.cs.findbugs.ba.InvalidBytecodeException;
import edu.umd.cs.findbugs.ba.Location;
import edu.umd.cs.findbugs.util.ClassName;
import java.util.Collection;
import java.util.Iterator;
import org.apache.bcel.generic.AALOAD;
import org.apache.bcel.generic.ACONST_NULL;
import org.apache.bcel.generic.ConstantPoolGen;
import org.apache.bcel.generic.FieldOrMethod;
import org.apache.bcel.generic.INVOKEINTERFACE;
import org.apache.bcel.generic.INVOKESPECIAL;
import org.apache.bcel.generic.INVOKESTATIC;
import org.apache.bcel.generic.INVOKEVIRTUAL;
import org.apache.bcel.generic.InvokeInstruction;
import org.apache.bcel.generic.LDC;
import org.apache.bcel.generic.LDC2_W;
import org.apache.bcel.generic.LoadInstruction;
import org.apache.bcel.generic.NEW;

/* loaded from: input_file:com/h3xstream/findsecbugs/taintanalysis/TaintFrameModelingVisitor.class */
public class TaintFrameModelingVisitor extends AbstractFrameModelingVisitor<Taint, TaintFrame> {
    private static final String TO_STRING_METHOD = "toString()Ljava/lang/String;";
    private final TaintMethodSummaryMap methodSummaries;
    static final /* synthetic */ boolean $assertionsDisabled;

    public TaintFrameModelingVisitor(ConstantPoolGen constantPoolGen, TaintMethodSummaryMap taintMethodSummaryMap) {
        super(constantPoolGen);
        this.methodSummaries = taintMethodSummaryMap;
    }

    /* renamed from: getDefaultValue, reason: merged with bridge method [inline-methods] */
    public Taint m10getDefaultValue() {
        return new Taint(Taint.State.UNKNOWN);
    }

    public void visitLDC(LDC ldc) {
        pushSafe();
    }

    public void visitLDC2_W(LDC2_W ldc2_w) {
        pushSafe();
        pushSafe();
    }

    public void visitACONST_NULL(ACONST_NULL aconst_null) {
        ((TaintFrame) getFrame()).pushValue(new Taint(Taint.State.NULL));
    }

    public void visitNEW(NEW r3) {
        pushSafe();
    }

    public void handleLoadInstruction(LoadInstruction loadInstruction) {
        int produceStack = loadInstruction.produceStack(this.cpg);
        if (produceStack == -2) {
            throw new InvalidBytecodeException("Unpredictable stack production");
        }
        int index = loadInstruction.getIndex() + produceStack;
        while (true) {
            int i = produceStack;
            produceStack--;
            if (i <= 0) {
                return;
            }
            index--;
            Taint taint = (Taint) ((TaintFrame) getFrame()).getValue(index);
            taint.setLocalVariableIndex(index);
            ((TaintFrame) getFrame()).pushValue(taint);
        }
    }

    public void visitINVOKEINTERFACE(INVOKEINTERFACE invokeinterface) {
        visitInvoke(invokeinterface);
    }

    public void visitINVOKESPECIAL(INVOKESPECIAL invokespecial) {
        visitInvoke(invokespecial);
    }

    public void visitINVOKESTATIC(INVOKESTATIC invokestatic) {
        visitInvoke(invokestatic);
    }

    public void visitINVOKEVIRTUAL(INVOKEVIRTUAL invokevirtual) {
        visitInvoke(invokevirtual);
    }

    public void visitAALOAD(AALOAD aaload) {
        try {
            modelInstruction(aaload, getNumWordsConsumed(aaload), getNumWordsProduced(aaload), new Taint(((Taint) ((TaintFrame) getFrame()).getStackValue(1)).getState()));
        } catch (DataflowAnalysisException e) {
            throw new InvalidBytecodeException("Not enough values on the stack", e);
        }
    }

    private void visitInvoke(InvokeInstruction invokeInstruction) {
        TaintMethodSummary methodSummary = getMethodSummary(invokeInstruction);
        Taint methodTaint = getMethodTaint(methodSummary);
        if (methodTaint.getState() == Taint.State.UNKNOWN) {
            methodTaint.addTaintLocation(getLocation(), false);
        }
        transferTaintToMutables(methodSummary, methodTaint);
        modelInstruction(invokeInstruction, getNumWordsConsumed(invokeInstruction), getNumWordsProduced(invokeInstruction), methodTaint);
    }

    private TaintMethodSummary getMethodSummary(InvokeInstruction invokeInstruction) {
        String str = invokeInstruction.getMethodName(this.cpg) + invokeInstruction.getSignature(this.cpg);
        TaintMethodSummary taintMethodSummary = this.methodSummaries.get(getSlashedClassName(invokeInstruction) + "." + str);
        if (taintMethodSummary == null && TO_STRING_METHOD.equals(str)) {
            taintMethodSummary = TaintMethodSummary.getDefaultToStringSummary();
        }
        return taintMethodSummary;
    }

    private String getSlashedClassName(FieldOrMethod fieldOrMethod) {
        return ClassName.toSlashedClassName(fieldOrMethod.getReferenceType(this.cpg).toString());
    }

    private Taint getMethodTaint(TaintMethodSummary taintMethodSummary) {
        if (taintMethodSummary == null) {
            return m10getDefaultValue();
        }
        if (!taintMethodSummary.hasConstantOutputTaint()) {
            if (taintMethodSummary.hasTransferParameters()) {
                return mergeTransferParameters(taintMethodSummary.getTransferParameters());
            }
            throw new IllegalStateException("invalid method summary");
        }
        Taint taint = new Taint(taintMethodSummary.getOutputTaint());
        if (taint.getState() == Taint.State.TAINTED) {
            taint.addTaintLocation(getLocation(), true);
        }
        return taint;
    }

    private Taint mergeTransferParameters(Collection<Integer> collection) {
        Taint taint = null;
        if (!$assertionsDisabled && collection.isEmpty()) {
            throw new AssertionError();
        }
        Iterator<Integer> it = collection.iterator();
        while (it.hasNext()) {
            try {
                Taint taint2 = (Taint) ((TaintFrame) getFrame()).getStackValue(it.next().intValue());
                taint = taint == null ? taint2 : Taint.merge(taint, taint2);
            } catch (DataflowAnalysisException e) {
                throw new RuntimeException("Bad transfer parameter specification", e);
            }
        }
        if ($assertionsDisabled || taint != null) {
            return taint;
        }
        throw new AssertionError();
    }

    private void transferTaintToMutables(TaintMethodSummary taintMethodSummary, Taint taint) throws RuntimeException {
        if (taintMethodSummary == null || !taintMethodSummary.hasMutableStackIndex()) {
            return;
        }
        try {
            Taint taint2 = (Taint) ((TaintFrame) getFrame()).getStackValue(taintMethodSummary.getMutableStackIndex());
            taint2.setState(taint.getState());
            Iterator<Location> it = taint.getTaintedLocations().iterator();
            while (it.hasNext()) {
                taint2.addTaintLocation(it.next(), true);
            }
            Iterator<Location> it2 = taint.getPossibleTaintedLocations().iterator();
            while (it2.hasNext()) {
                taint2.addTaintLocation(it2.next(), false);
            }
            if (taint2.hasValidLocalVariableIndex()) {
                ((TaintFrame) getFrame()).setValue(taint2.getLocalVariableIndex(), taint);
            }
        } catch (DataflowAnalysisException e) {
            throw new RuntimeException("Bad mutable stack index specification", e);
        }
    }

    private void pushSafe() {
        ((TaintFrame) getFrame()).pushValue(new Taint(Taint.State.SAFE));
    }

    static {
        $assertionsDisabled = !TaintFrameModelingVisitor.class.desiredAssertionStatus();
    }
}
