package org.owasp.dependencycheck.analyzer;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.regex.Pattern;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence;
import org.owasp.dependencycheck.exception.InitializationException;
import org.owasp.dependencycheck.utils.DownloadFailedException;
import org.owasp.dependencycheck.utils.Downloader;
import org.owasp.dependencycheck.utils.FileUtils;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.xml.hints.HintParseException;
import org.owasp.dependencycheck.xml.hints.HintParser;
import org.owasp.dependencycheck.xml.hints.HintRule;
import org.owasp.dependencycheck.xml.hints.Hints;
import org.owasp.dependencycheck.xml.hints.VendorDuplicatingHintRule;
import org.owasp.dependencycheck.xml.suppression.PropertyType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/owasp/dependencycheck/analyzer/HintAnalyzer.class */
public class HintAnalyzer extends AbstractAnalyzer implements Analyzer {
    private static final String ANALYZER_NAME = "Hint Analyzer";
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.PRE_IDENTIFIER_ANALYSIS;
    private static final Logger LOGGER = LoggerFactory.getLogger(HintAnalyzer.class);
    private static final String HINT_RULE_FILE_NAME = "dependencycheck-base-hint.xml";
    private Hints hints;

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer, org.owasp.dependencycheck.analyzer.Analyzer
    public void initialize() throws InitializationException {
        try {
            super.initialize();
            loadHintRules();
        } catch (HintParseException e) {
            LOGGER.debug("Unable to parse hint file", e);
            throw new InitializationException("Unable to parse the hint file", e);
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public void analyze(Dependency dependency, Engine engine) throws AnalysisException {
        for (HintRule hintRule : this.hints.getHintRules()) {
            boolean z = false;
            Iterator<Evidence> it = hintRule.getGivenVendor().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (dependency.getVendorEvidence().getEvidence().contains(it.next())) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                Iterator<Evidence> it2 = hintRule.getGivenProduct().iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    if (dependency.getProductEvidence().getEvidence().contains(it2.next())) {
                        z = true;
                        break;
                    }
                }
            }
            if (!z) {
                Iterator<PropertyType> it3 = hintRule.getFilenames().iterator();
                while (it3.hasNext()) {
                    if (it3.next().matches(dependency.getFileName())) {
                        z = true;
                    }
                }
            }
            if (z) {
                Iterator<Evidence> it4 = hintRule.getAddVendor().iterator();
                while (it4.hasNext()) {
                    dependency.getVendorEvidence().addEvidence(it4.next());
                }
                Iterator<Evidence> it5 = hintRule.getAddProduct().iterator();
                while (it5.hasNext()) {
                    dependency.getProductEvidence().addEvidence(it5.next());
                }
                Iterator<Evidence> it6 = hintRule.getAddVersion().iterator();
                while (it6.hasNext()) {
                    dependency.getVersionEvidence().addEvidence(it6.next());
                }
            }
        }
        Iterator<Evidence> it7 = dependency.getVendorEvidence().iterator();
        ArrayList arrayList = new ArrayList();
        while (it7.hasNext()) {
            Evidence next = it7.next();
            for (VendorDuplicatingHintRule vendorDuplicatingHintRule : this.hints.getVendorDuplicatingHintRules()) {
                if (vendorDuplicatingHintRule.getValue().equalsIgnoreCase(next.getValue(false))) {
                    arrayList.add(new Evidence(next.getSource() + " (hint)", next.getName(), vendorDuplicatingHintRule.getDuplicate(), next.getConfidence()));
                }
            }
        }
        Iterator it8 = arrayList.iterator();
        while (it8.hasNext()) {
            dependency.getVendorEvidence().addEvidence((Evidence) it8.next());
        }
    }

    private void loadHintRules() throws HintParseException {
        File file;
        HintParser hintParser = new HintParser();
        try {
            this.hints = hintParser.parseHints(getClass().getClassLoader().getResourceAsStream(HINT_RULE_FILE_NAME));
        } catch (HintParseException e) {
            LOGGER.error("Unable to parse the base hint data file");
            LOGGER.debug("Unable to parse the base hint data file", e);
        } catch (SAXException e2) {
            LOGGER.error("Unable to parse the base hint data file");
            LOGGER.debug("Unable to parse the base hint data file", e2);
        }
        String string = Settings.getString("hints.file");
        if (string == null) {
            return;
        }
        boolean z = false;
        try {
            try {
                try {
                    if (Pattern.compile("^(https?|file)\\:.*", 2).matcher(string).matches()) {
                        z = true;
                        file = FileUtils.getTempFile("hint", "xml");
                        URL url = new URL(string);
                        try {
                            Downloader.fetchFile(url, file, false);
                        } catch (DownloadFailedException e3) {
                            Downloader.fetchFile(url, file, true);
                        }
                    } else {
                        file = new File(string);
                        if (!file.exists()) {
                            InputStream inputStream = null;
                            try {
                                InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream(string);
                                if (resourceAsStream != null) {
                                    z = true;
                                    file = FileUtils.getTempFile("hint", "xml");
                                    try {
                                        org.apache.commons.io.FileUtils.copyInputStreamToFile(resourceAsStream, file);
                                    } catch (IOException e4) {
                                        throw new HintParseException("Unable to locate suppressions file in classpath", e4);
                                    }
                                }
                                if (resourceAsStream != null) {
                                    resourceAsStream.close();
                                }
                            } catch (Throwable th) {
                                if (0 != 0) {
                                    inputStream.close();
                                }
                                throw th;
                            }
                        }
                    }
                    if (file != null) {
                        try {
                            Hints parseHints = hintParser.parseHints(file);
                            this.hints.getHintRules().addAll(parseHints.getHintRules());
                            this.hints.getVendorDuplicatingHintRules().addAll(parseHints.getVendorDuplicatingHintRules());
                            LOGGER.debug("{} hint rules were loaded.", Integer.valueOf(this.hints.getHintRules().size()));
                            LOGGER.debug("{} duplicating hint rules were loaded.", Integer.valueOf(this.hints.getVendorDuplicatingHintRules().size()));
                        } catch (HintParseException e5) {
                            LOGGER.warn("Unable to parse hint rule xml file '{}'", file.getPath());
                            LOGGER.warn(e5.getMessage());
                            LOGGER.debug("", e5);
                            throw e5;
                        }
                    }
                    if (!z || file == null) {
                        return;
                    }
                    FileUtils.delete(file);
                } catch (MalformedURLException e6) {
                    throw new HintParseException("Configured hint file has an invalid URL", e6);
                }
            } catch (DownloadFailedException e7) {
                throw new HintParseException("Unable to fetch the configured hint file", e7);
            } catch (IOException e8) {
                throw new HintParseException("Unable to create temp file for hints", e8);
            }
        } catch (Throwable th2) {
            if (0 != 0 && 0 != 0) {
                FileUtils.delete((File) null);
            }
            throw th2;
        }
    }
}
