Package edu.umd.cs.findbugs.detect
Class FindSqlInjection
- java.lang.Object
-
- edu.umd.cs.findbugs.detect.FindSqlInjection
-
- All Implemented Interfaces:
Detector
,Priorities
public class FindSqlInjection extends java.lang.Object implements Detector
Find potential SQL injection vulnerabilities.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private static class
FindSqlInjection.StringAppendState
-
Field Summary
Fields Modifier and Type Field Description (package private) java.util.Set<MethodDescriptor>
allMethods
(package private) BugAccumulator
bugAccumulator
(package private) BugReporter
bugReporter
(package private) ClassContext
classContext
(package private) static java.util.regex.Pattern
closeQuotePattern
private static MethodDescriptor[]
EXECUTE_METHODS
(package private) java.util.Map<MethodDescriptor,int[]>
executeMethods
(package private) org.apache.bcel.classfile.Method
method
(package private) static java.util.regex.Pattern
openQuotePattern
private static java.lang.String[]
PREPARE_STATEMENT_SIGNATURES
(package private) java.util.Map<MethodDescriptor,int[]>
preparedStatementMethods
-
Fields inherited from interface edu.umd.cs.findbugs.Priorities
EXP_PRIORITY, HIGH_PRIORITY, IGNORE_PRIORITY, LOW_PRIORITY, NORMAL_PRIORITY
-
-
Constructor Summary
Constructors Constructor Description FindSqlInjection(BugReporter bugReporter)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private void
analyzeMethod(ClassContext classContext, org.apache.bcel.classfile.Method method)
private BugInstance
generateBugInstance(org.apache.bcel.classfile.JavaClass javaClass, org.apache.bcel.generic.MethodGen methodGen, org.apache.bcel.generic.InstructionHandle handle, FindSqlInjection.StringAppendState stringAppendState, boolean isExecute)
private java.util.Set<ValueNumber>
getPassthruParams(ValueNumberDataflow vnd, org.apache.bcel.classfile.Method method, org.apache.bcel.classfile.JavaClass javaClass)
private org.apache.bcel.generic.InstructionHandle
getPreviousInstruction(org.apache.bcel.generic.InstructionHandle handle, boolean skipNops)
private Location
getPreviousLocation(CFG cfg, Location startLocation, boolean skipNops)
private FindSqlInjection.StringAppendState
getStringAppendState(ClassContext ctx, CFG cfg, org.apache.bcel.generic.ConstantPoolGen cpg)
private Location
getValueNumberCreationLocation(ValueNumberDataflow vnd, ValueNumber vn)
static boolean
isCloseQuote(java.lang.String s)
private boolean
isConstantStringLoad(Location location, org.apache.bcel.generic.ConstantPoolGen cpg)
private boolean
isJava9AndAboveStringAppend(org.apache.bcel.generic.Instruction ins, org.apache.bcel.generic.ConstantPoolGen cpg)
static boolean
isOpenQuote(java.lang.String s)
private boolean
isSafeValue(Location location, org.apache.bcel.generic.ConstantPoolGen cpg)
private boolean
isStringAppend(org.apache.bcel.generic.Instruction ins, org.apache.bcel.generic.ConstantPoolGen cpg)
void
report()
This method is called after all classes to be visited.private FindSqlInjection.StringAppendState
updateJava9AndAboveStringAppendState(ClassContext ctx, Location location, org.apache.bcel.generic.ConstantPoolGen cpg, FindSqlInjection.StringAppendState stringAppendState)
private FindSqlInjection.StringAppendState
updateStringAppendState(Location location, org.apache.bcel.generic.ConstantPoolGen cpg, FindSqlInjection.StringAppendState stringAppendState)
void
visitClassContext(ClassContext classContext)
Visit the ClassContext for a class which should be analyzed for instances of bug patterns.
-
-
-
Field Detail
-
PREPARE_STATEMENT_SIGNATURES
private static final java.lang.String[] PREPARE_STATEMENT_SIGNATURES
-
EXECUTE_METHODS
private static final MethodDescriptor[] EXECUTE_METHODS
-
bugReporter
BugReporter bugReporter
-
bugAccumulator
BugAccumulator bugAccumulator
-
preparedStatementMethods
final java.util.Map<MethodDescriptor,int[]> preparedStatementMethods
-
executeMethods
final java.util.Map<MethodDescriptor,int[]> executeMethods
-
allMethods
final java.util.Set<MethodDescriptor> allMethods
-
openQuotePattern
static final java.util.regex.Pattern openQuotePattern
-
closeQuotePattern
static final java.util.regex.Pattern closeQuotePattern
-
method
org.apache.bcel.classfile.Method method
-
classContext
ClassContext classContext
-
-
Constructor Detail
-
FindSqlInjection
public FindSqlInjection(BugReporter bugReporter)
-
-
Method Detail
-
visitClassContext
public void visitClassContext(ClassContext classContext)
Description copied from interface:Detector
Visit the ClassContext for a class which should be analyzed for instances of bug patterns.- Specified by:
visitClassContext
in interfaceDetector
- Parameters:
classContext
- the ClassContext
-
isStringAppend
private boolean isStringAppend(org.apache.bcel.generic.Instruction ins, org.apache.bcel.generic.ConstantPoolGen cpg)
-
isJava9AndAboveStringAppend
private boolean isJava9AndAboveStringAppend(org.apache.bcel.generic.Instruction ins, org.apache.bcel.generic.ConstantPoolGen cpg)
-
isConstantStringLoad
private boolean isConstantStringLoad(Location location, org.apache.bcel.generic.ConstantPoolGen cpg)
-
isOpenQuote
public static boolean isOpenQuote(java.lang.String s)
-
isCloseQuote
public static boolean isCloseQuote(java.lang.String s)
-
updateStringAppendState
private FindSqlInjection.StringAppendState updateStringAppendState(Location location, org.apache.bcel.generic.ConstantPoolGen cpg, FindSqlInjection.StringAppendState stringAppendState)
-
updateJava9AndAboveStringAppendState
private FindSqlInjection.StringAppendState updateJava9AndAboveStringAppendState(ClassContext ctx, Location location, org.apache.bcel.generic.ConstantPoolGen cpg, FindSqlInjection.StringAppendState stringAppendState)
-
getStringAppendState
private FindSqlInjection.StringAppendState getStringAppendState(ClassContext ctx, CFG cfg, org.apache.bcel.generic.ConstantPoolGen cpg) throws CFGBuilderException
- Throws:
CFGBuilderException
-
isSafeValue
private boolean isSafeValue(Location location, org.apache.bcel.generic.ConstantPoolGen cpg) throws CFGBuilderException
- Throws:
CFGBuilderException
-
getPreviousInstruction
@CheckForNull private org.apache.bcel.generic.InstructionHandle getPreviousInstruction(org.apache.bcel.generic.InstructionHandle handle, boolean skipNops)
-
getPreviousLocation
@CheckForNull private Location getPreviousLocation(CFG cfg, Location startLocation, boolean skipNops)
-
generateBugInstance
private BugInstance generateBugInstance(org.apache.bcel.classfile.JavaClass javaClass, org.apache.bcel.generic.MethodGen methodGen, org.apache.bcel.generic.InstructionHandle handle, FindSqlInjection.StringAppendState stringAppendState, boolean isExecute)
-
analyzeMethod
private void analyzeMethod(ClassContext classContext, org.apache.bcel.classfile.Method method) throws DataflowAnalysisException, CFGBuilderException
-
getValueNumberCreationLocation
private Location getValueNumberCreationLocation(ValueNumberDataflow vnd, ValueNumber vn)
-
getPassthruParams
private java.util.Set<ValueNumber> getPassthruParams(ValueNumberDataflow vnd, org.apache.bcel.classfile.Method method, org.apache.bcel.classfile.JavaClass javaClass)
-
-