Thread: [Fb-contrib-commit] SF.net SVN: fb-contrib: [815] trunk/fb-contrib/src/com/mebigfatguy/ fbcontrib/
Brought to you by:
dbrosius
Menu
▾
▴
fb-contrib-commit
|
From: <dbr...@us...> - 2007-02-01 08:28:00
|
Revision: 815
http://svn.sourceforge.net/fb-contrib/?rev=815&view=rev
Author: dbrosius
Date: 2007-02-01 00:28:00 -0800 (Thu, 01 Feb 2007)
Log Message:
-----------
more updates - still miles away
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-01 08:15:34 UTC (rev 814)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-01 08:28:00 UTC (rev 815)
@@ -33,6 +33,7 @@
import java.util.regex.Pattern;
import org.apache.bcel.Constants;
+import org.apache.bcel.classfile.ClassParser;
import org.apache.bcel.classfile.JavaClass;
import com.mebigfatguy.fbcontrib.utils.Integer14;
@@ -68,6 +69,12 @@
validMethodsByVersion = new HashMap<Integer, Map<String, Set<String>>>();
}
+ /*
+ * Use BCEL to load class, not URLClassLoader
+ *
+ * ClassParser parser = new ClassParser(is, className);
+ * JavaClass clazz = parser.parse();
+ */
@Override
public void visitClassContext(ClassContext classContext) {
try {
@@ -110,10 +117,24 @@
for (Method m : methods) {
if ((m.getModifiers() & Modifier.PRIVATE) == 0) {
- methodInfos.add(m.toString());
+ String[] mi = m.toString().split("\\(\\)");
+ int dotPos = mi[0].lastIndexOf('.');
+ String name = mi[0].substring(dotPos+1);
+ String sig;
+ if (mi.length == 1)
+ sig = "()";
+ else {
+ if (mi[1].trim().startsWith("throws"))
+ sig = "()";
+ else
+ sig = "(" + mi[1] + ")";
+ }
+ methodInfos.add(name + sig);
}
}
}
+
+
}
}
} catch (ClassNotFoundException cnfe) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-01 09:38:23
|
Revision: 816
http://svn.sourceforge.net/fb-contrib/?rev=816&view=rev
Author: dbrosius
Date: 2007-02-01 01:38:22 -0800 (Thu, 01 Feb 2007)
Log Message:
-----------
getting closer
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-01 08:28:00 UTC (rev 815)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-01 09:38:22 UTC (rev 816)
@@ -19,8 +19,8 @@
package com.mebigfatguy.fbcontrib.detect;
import java.io.File;
-import java.lang.reflect.Method;
-import java.lang.reflect.Modifier;
+import java.io.IOException;
+import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLClassLoader;
@@ -35,6 +35,7 @@
import org.apache.bcel.Constants;
import org.apache.bcel.classfile.ClassParser;
import org.apache.bcel.classfile.JavaClass;
+import org.apache.bcel.classfile.Method;
import com.mebigfatguy.fbcontrib.utils.Integer14;
@@ -47,18 +48,20 @@
{
private static final Map<Integer, String> verRegEx = new HashMap<Integer, String>();
static {
- verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_1), "(jdk|jre)1.1");
- verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_2), "(jdk|jre)1.2");
- verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_3), "(jdk|jre)1.3");
- verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_4), "(jdk|jre)1.4");
- verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_5), "(jdk|jre)1.5");
- verRegEx.put(Integer14.valueOf(50), "jdk1.6");
+ verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_1), "(jdk|j2?re)1.1");
+ verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_2), "(jdk|j2?re)1.2");
+ verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_3), "(jdk|j2?re)1.3");
+ verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_4), "(jdk|j2?re)1.4");
+ verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_5), "(jdk|j2?re)1.5");
+ verRegEx.put(Integer14.valueOf(50), "(jdk|j2?re)1.6");
}
private static final Pattern jarPattern = Pattern.compile("jar:file:/*([^!]*)");
private Map<String, File> versionPaths;
private Map<Integer, Map<String, Set<String>>> validMethodsByVersion;
+ private Map<String, String> superNames;
private File jdksRoot = null;
+ JavaClass cls;
private URLClassLoader jdkLoader;
private Integer clsMajorVersion;
private BugReporter bugReporter;
@@ -67,25 +70,23 @@
this.bugReporter = bugReporter;
versionPaths = new HashMap<String, File>();
validMethodsByVersion = new HashMap<Integer, Map<String, Set<String>>>();
+ superNames = new HashMap<String, String>();
}
- /*
- * Use BCEL to load class, not URLClassLoader
- *
- * ClassParser parser = new ClassParser(is, className);
- * JavaClass clazz = parser.parse();
- */
@Override
public void visitClassContext(ClassContext classContext) {
try {
- JavaClass cls = classContext.getJavaClass();
+ cls = classContext.getJavaClass();
clsMajorVersion = Integer14.valueOf(cls.getMajor());
File rtJar = getRTJarFile(cls);
- jdkLoader = new URLClassLoader(new URL[] {rtJar.toURL()});
- super.visitClassContext(classContext);
+ if (rtJar != null) {
+ jdkLoader = new URLClassLoader(new URL[] {rtJar.toURL()});
+ super.visitClassContext(classContext);
+ }
} catch (MalformedURLException mue) {
//Hmm, what to do
} finally {
+ cls = null;
jdkLoader = null;
}
}
@@ -94,6 +95,8 @@
public void sawOpcode(int seen) {
String clsName = null;
+ InputStream is = null;
+
try {
if ((seen == INVOKEVIRTUAL)
|| (seen == INVOKEINTERFACE)
@@ -107,42 +110,70 @@
validMethods = new HashMap<String, Set<String>>();
validMethodsByVersion.put(clsMajorVersion, validMethods);
}
- Set<String> methodInfos = validMethods.get(clsName);
- if (methodInfos == null) {
- Class c = jdkLoader.loadClass(clsName.replace('/', '.'));
- Method[] methods = c.getDeclaredMethods();
-
- methodInfos = new HashSet<String>();
- validMethods.put(clsName, methodInfos);
-
- for (Method m : methods) {
- if ((m.getModifiers() & Modifier.PRIVATE) == 0) {
- String[] mi = m.toString().split("\\(\\)");
- int dotPos = mi[0].lastIndexOf('.');
- String name = mi[0].substring(dotPos+1);
- String sig;
- if (mi.length == 1)
- sig = "()";
- else {
- if (mi[1].trim().startsWith("throws"))
- sig = "()";
- else
- sig = "(" + mi[1] + ")";
- }
- methodInfos.add(name + sig);
- }
- }
+
+ if (!isValid(validMethods, clsName)) {
+ bugReporter.reportBug(new BugInstance(this, "SJVU_SUSPICIOUS_JDK_VERSION_USE", HIGH_PRIORITY)
+ .addClass(this)
+ .addMethod(this)
+ .addSourceLine(this));
}
+ }
+ }
+ } catch (Exception e) {
+ // Hmm what to do
+ } finally {
+ if (is != null) {
+ try {
+ is.close();
+ } catch (IOException ioe) {
+ }
+ }
+ }
+ }
+
+ private boolean isValid(Map<String, Set<String>> validMethods, String clsName) throws IOException, ClassNotFoundException {
+ InputStream is = null;
+
+ try {
+ Set<String> methodInfos = validMethods.get(clsName);
+ if (methodInfos == null) {
+ is = jdkLoader.getResourceAsStream(clsName + ".class");
+ if (is != null) {
+ ClassParser parser = new ClassParser(is, clsName);
+ JavaClass calledClass = parser.parse();
+ superNames.put(clsName, calledClass.getSuperclassName().replace('.', '/'));
+ Method[] methods = calledClass.getMethods();
+ methodInfos = new HashSet<String>();
+ validMethods.put(clsName, methodInfos);
+
+ for (Method m : methods) {
+ if (!m.isPrivate())
+ methodInfos.add(m.getName() + m.getSignature());
+ }
+
}
+ else {
+ return true;
+ }
+
}
- } catch (ClassNotFoundException cnfe) {
- if (clsName.startsWith("java/")) {
- bugReporter.reportBug(new BugInstance(this, "SJVU_SUSPICIOUS_JDK_VERSION_USE", NORMAL_PRIORITY)
- .addClass(this)
- .addMethod(this)
- .addSourceLine(this));
+
+ String wantedMethod = getNameConstantOperand() + getSigConstantOperand();
+ if (methodInfos.contains(wantedMethod))
+ return true;
+ else if ("java/lang/Object".equals(clsName))
+ return false;
+ else
+ return isValid(validMethods, superNames.get(clsName));
+ }
+ finally {
+ if (is != null) {
+ try {
+ is.close();
+ } catch (IOException ioe) {
+ }
}
}
}
@@ -175,25 +206,26 @@
return null;
jdksRoot = new File(URLDecoder.decode(jdksRoot.getParentFile().getPath()));
-
- File[] possibleJdks = jdksRoot.listFiles();
- for (File possibleJdk : possibleJdks) {
- m = verPat.matcher(possibleJdk.getName());
- if (m.find()) {
- File wantedRtJar = new File(possibleJdk, "lib/rt.jar");
- if (!wantedRtJar.exists()) {
- wantedRtJar = new File(possibleJdk, "jre/lib/rt.jar");
- if (!wantedRtJar.exists())
- return null;
- }
- versionPaths.put(versionStr, wantedRtJar);
- return wantedRtJar;
- }
- }
}
}
}
+ File[] possibleJdks = jdksRoot.listFiles();
+ for (File possibleJdk : possibleJdks) {
+ Pattern verPat = Pattern.compile(versionStr);
+ Matcher m = verPat.matcher(possibleJdk.getName());
+ if (m.find()) {
+ File wantedRtJar = new File(possibleJdk, "lib/rt.jar");
+ if (!wantedRtJar.exists()) {
+ wantedRtJar = new File(possibleJdk, "jre/lib/rt.jar");
+ if (!wantedRtJar.exists())
+ return null;
+ }
+ versionPaths.put(versionStr, wantedRtJar);
+ return wantedRtJar;
+ }
+ }
+
return null;
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-02 05:15:46
|
Revision: 819
http://svn.sourceforge.net/fb-contrib/?rev=819&view=rev
Author: dbrosius
Date: 2007-02-01 21:15:46 -0800 (Thu, 01 Feb 2007)
Log Message:
-----------
guard against npes
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:14:33 UTC (rev 818)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:15:46 UTC (rev 819)
@@ -231,19 +231,21 @@
}
}
- File[] possibleJdks = jdksRoot.listFiles();
- for (File possibleJdk : possibleJdks) {
- Pattern verPat = Pattern.compile(versionStr);
- Matcher m = verPat.matcher(possibleJdk.getName());
- if (m.find()) {
- File wantedRtJar = new File(possibleJdk, "lib/rt.jar");
- if (!wantedRtJar.exists()) {
- wantedRtJar = new File(possibleJdk, "jre/lib/rt.jar");
- if (!wantedRtJar.exists())
- return null;
+ if (jdksRoot != null) {
+ File[] possibleJdks = jdksRoot.listFiles();
+ for (File possibleJdk : possibleJdks) {
+ Pattern verPat = Pattern.compile(versionStr);
+ Matcher m = verPat.matcher(possibleJdk.getName());
+ if (m.find()) {
+ File wantedRtJar = new File(possibleJdk, "lib/rt.jar");
+ if (!wantedRtJar.exists()) {
+ wantedRtJar = new File(possibleJdk, "jre/lib/rt.jar");
+ if (!wantedRtJar.exists())
+ return null;
+ }
+ versionPaths.put(versionStr, wantedRtJar);
+ return wantedRtJar;
}
- versionPaths.put(versionStr, wantedRtJar);
- return wantedRtJar;
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-02 05:18:11
|
Revision: 820
http://svn.sourceforge.net/fb-contrib/?rev=820&view=rev
Author: dbrosius
Date: 2007-02-01 21:18:10 -0800 (Thu, 01 Feb 2007)
Log Message:
-----------
guard against npes
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:15:46 UTC (rev 819)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:18:10 UTC (rev 820)
@@ -176,13 +176,15 @@
}
}
- String wantedMethod = getNameConstantOperand() + getSigConstantOperand();
- if (methodInfos.contains(wantedMethod))
- return true;
- else if ("java/lang/Object".equals(clsName))
- return false;
- else
- return isValid(validMethods, superNames.get(clsName));
+ if (methodInfos != null) {
+ String wantedMethod = getNameConstantOperand() + getSigConstantOperand();
+ if (methodInfos.contains(wantedMethod))
+ return true;
+ else if ("java/lang/Object".equals(clsName))
+ return false;
+ else
+ return isValid(validMethods, superNames.get(clsName));
+ }
}
finally {
if (is != null) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-02 05:20:11
|
Revision: 821
http://svn.sourceforge.net/fb-contrib/?rev=821&view=rev
Author: dbrosius
Date: 2007-02-01 21:20:10 -0800 (Thu, 01 Feb 2007)
Log Message:
-----------
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:18:10 UTC (rev 820)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:20:10 UTC (rev 821)
@@ -185,6 +185,8 @@
else
return isValid(validMethods, superNames.get(clsName));
}
+
+ return true;
}
finally {
if (is != null) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-02 05:26:21
|
Revision: 822
http://svn.sourceforge.net/fb-contrib/?rev=822&view=rev
Author: dbrosius
Date: 2007-02-01 21:26:19 -0800 (Thu, 01 Feb 2007)
Log Message:
-----------
allow for specifying the old jdk home thru system property
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:20:10 UTC (rev 821)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:26:19 UTC (rev 822)
@@ -58,6 +58,7 @@
verRegEx.put(Integer14.valueOf(50), "(jdk|j2?re)1.6");
}
private static final Pattern jarPattern = Pattern.compile("jar:file:/*([^!]*)");
+ private static final String SJVU_JDKHOME = "fb-contrib.sjvu.jdkhome";
private Map<String, File> versionPaths;
private Map<Integer, Map<String, Set<String>>> validMethodsByVersion;
@@ -81,6 +82,9 @@
cls = classContext.getJavaClass();
clsMajorVersion = Integer14.valueOf(cls.getMajor());
File rtJar = getRTJarFile(cls);
+ if (rtJar == null)
+ rtJar = getRTJarFromProperty();
+
if (rtJar != null) {
jdkZip = new ZipFile(rtJar);
super.visitClassContext(classContext);
@@ -255,4 +259,19 @@
return null;
}
+
+ private File getRTJarFromProperty() {
+ String jdkHome = System.getProperty(SJVU_JDKHOME);
+ if (jdkHome == null)
+ return null;
+
+ File rtJar = new File(jdkHome, "lib/rt.jar");
+ if (rtJar.exists())
+ return rtJar;
+ rtJar = new File(jdkHome, "jre/lib/rt.jar");
+ if (rtJar.exists())
+ return rtJar;
+
+ return null;
+ }
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-02 05:31:03
|
Revision: 823
http://svn.sourceforge.net/fb-contrib/?rev=823&view=rev
Author: dbrosius
Date: 2007-02-01 21:31:01 -0800 (Thu, 01 Feb 2007)
Log Message:
-----------
report when the old jdk home can't be found
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:26:19 UTC (rev 822)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:31:01 UTC (rev 823)
@@ -88,6 +88,10 @@
if (rtJar != null) {
jdkZip = new ZipFile(rtJar);
super.visitClassContext(classContext);
+ } else {
+ ClassNotFoundException cnfe = new ClassNotFoundException("The JDK rt.jar for class version " + clsMajorVersion + " was not found. The system property 'fb-contrib.sjvu.jdkhome' can be used to specify the location.");
+ cnfe.fillInStackTrace();
+ bugReporter.reportMissingClass(cnfe);
}
} catch (Exception ze) {
// Hmm what to do?
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-02 05:45:55
|
Revision: 826
http://svn.sourceforge.net/fb-contrib/?rev=826&view=rev
Author: dbrosius
Date: 2007-02-01 21:45:55 -0800 (Thu, 01 Feb 2007)
Log Message:
-----------
remove unused vars
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:37:54 UTC (rev 825)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:45:55 UTC (rev 826)
@@ -81,7 +81,7 @@
try {
cls = classContext.getJavaClass();
clsMajorVersion = Integer14.valueOf(cls.getMajor());
- File rtJar = getRTJarFile(cls);
+ File rtJar = getRTJarFile();
if (rtJar == null)
rtJar = getRTJarFromProperty();
@@ -206,7 +206,7 @@
}
}
- private File getRTJarFile(JavaClass cls){
+ private File getRTJarFile(){
String versionStr = verRegEx.get(clsMajorVersion);
if (versionStr == null)
return null;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-02 07:37:53
|
Revision: 828
http://svn.sourceforge.net/fb-contrib/?rev=828&view=rev
Author: dbrosius
Date: 2007-02-01 23:37:53 -0800 (Thu, 01 Feb 2007)
Log Message:
-----------
don't check abstract classes
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 05:47:45 UTC (rev 827)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 07:37:53 UTC (rev 828)
@@ -80,6 +80,9 @@
public void visitClassContext(ClassContext classContext) {
try {
cls = classContext.getJavaClass();
+ if (cls.isAbstract())
+ return;
+
clsMajorVersion = Integer14.valueOf(cls.getMajor());
File rtJar = getRTJarFile();
if (rtJar == null)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-02 08:11:02
|
Revision: 829
http://svn.sourceforge.net/fb-contrib/?rev=829&view=rev
Author: dbrosius
Date: 2007-02-02 00:11:00 -0800 (Fri, 02 Feb 2007)
Log Message:
-----------
hmm, twas wrong. can look at abstract classes, but for some reason method calls on abstract classes where the method is actually defined in an interface are still seen as INVOKEVIRTUAL, not INVOKEINTERFACE. So handle this.
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 07:37:53 UTC (rev 828)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 08:11:00 UTC (rev 829)
@@ -35,6 +35,7 @@
import java.util.zip.ZipFile;
import org.apache.bcel.Constants;
+import org.apache.bcel.Repository;
import org.apache.bcel.classfile.ClassParser;
import org.apache.bcel.classfile.JavaClass;
import org.apache.bcel.classfile.Method;
@@ -80,9 +81,6 @@
public void visitClassContext(ClassContext classContext) {
try {
cls = classContext.getJavaClass();
- if (cls.isAbstract())
- return;
-
clsMajorVersion = Integer14.valueOf(cls.getMajor());
File rtJar = getRTJarFile();
if (rtJar == null)
@@ -123,6 +121,10 @@
clsName = getClassConstantOperand();
if ((clsName.startsWith("java/"))
|| (clsName.startsWith("javax/"))) {
+ Method m = findCalledMethod();
+ if (m == null)
+ return;
+
Map<String, Set<String>> validMethods = validMethodsByVersion.get(clsMajorVersion);
if (validMethods == null) {
validMethods = new HashMap<String, Set<String>>();
@@ -150,6 +152,25 @@
}
}
+ private Method findCalledMethod() {
+ try {
+ JavaClass cls = Repository.lookupClass(getClassConstantOperand());
+ Method[] methods = cls.getMethods();
+ String calledMethod = getNameConstantOperand();
+ String calledSignature = getSigConstantOperand();
+ for (Method m : methods) {
+ if (m.getName().equals(calledMethod) && m.getSignature().equals(calledSignature)) {
+ return m;
+ }
+ }
+
+ return null;
+ } catch (ClassNotFoundException cnfe) {
+ bugReporter.reportMissingClass(cnfe);
+ return null;
+ }
+ }
+
private boolean isValid(Map<String, Set<String>> validMethods, String clsName) throws IOException, ClassNotFoundException {
InputStream is = null;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-04 07:23:47
|
Revision: 836
http://svn.sourceforge.net/fb-contrib/?rev=836&view=rev
Author: dbrosius
Date: 2007-02-03 23:23:47 -0800 (Sat, 03 Feb 2007)
Log Message:
-----------
kruft cleanup
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-04 03:29:45 UTC (rev 835)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-04 07:23:47 UTC (rev 836)
@@ -112,7 +112,6 @@
public void sawOpcode(int seen) {
String clsName = null;
- InputStream is = null;
try {
if ((seen == INVOKEVIRTUAL) //Interfaces are more difficult, ignore for now
@@ -142,13 +141,6 @@
}
} catch (Exception e) {
// Hmm what to do
- } finally {
- if (is != null) {
- try {
- is.close();
- } catch (IOException ioe) {
- }
- }
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-02-04 07:45:50
|
Revision: 837
http://svn.sourceforge.net/fb-contrib/?rev=837&view=rev
Author: dbrosius
Date: 2007-02-03 23:45:50 -0800 (Sat, 03 Feb 2007)
Log Message:
-----------
better message
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-04 07:23:47 UTC (rev 836)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-04 07:45:50 UTC (rev 837)
@@ -58,6 +58,15 @@
verRegEx.put(Integer14.valueOf(Constants.MAJOR_1_5), "(jdk|j2?re)1.5");
verRegEx.put(Integer14.valueOf(50), "(jdk|j2?re)1.6");
}
+ private static final Map<Integer, String> versionStrings = new HashMap<Integer, String>();
+ static {
+ versionStrings.put(Integer14.valueOf(Constants.MAJOR_1_1), "JDK 1.1");
+ versionStrings.put(Integer14.valueOf(Constants.MAJOR_1_2), "JDK 1.2");
+ versionStrings.put(Integer14.valueOf(Constants.MAJOR_1_3), "JDK 1.3");
+ versionStrings.put(Integer14.valueOf(Constants.MAJOR_1_4), "JDK 1.4");
+ versionStrings.put(Integer14.valueOf(Constants.MAJOR_1_5), "JDK 1.5");
+ versionStrings.put(Integer14.valueOf(50), "JDK 1.6");
+ }
private static final Pattern jarPattern = Pattern.compile("jar:file:/*([^!]*)");
private static final String SJVU_JDKHOME = "fb-contrib.sjvu.jdkhome";
@@ -90,7 +99,12 @@
jdkZip = new ZipFile(rtJar);
super.visitClassContext(classContext);
} else {
- ClassNotFoundException cnfe = new ClassNotFoundException("The JDK rt.jar for class version " + clsMajorVersion + " was not found. The system property 'fb-contrib.sjvu.jdkhome' can be used to specify the location.");
+ String version = versionStrings.get(clsMajorVersion);
+ ClassNotFoundException cnfe;
+ if (version != null)
+ cnfe = new ClassNotFoundException("The " + version + " rt.jar was not found. This file is needed for finding invalid methods with the SuspiciousJDKVersionUse detector. The system property 'fb-contrib.sjvu.jdkhome' can be used to specify the location of the appropriate JDK.");
+ else
+ cnfe = new ClassNotFoundException("The JDK's rt.jar for classes with class version " + clsMajorVersion + " was not found. This file is needed for finding invalid methods with the SuspiciousJDKVersionUse detector. The system property 'fb-contrib.sjvu.jdkhome' can be used to specify the location of the appropriate JDK.");
cnfe.fillInStackTrace();
bugReporter.reportMissingClass(cnfe);
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <dbr...@us...> - 2007-03-11 15:06:36
|
Revision: 878
http://svn.sourceforge.net/fb-contrib/?rev=878&view=rev
Author: dbrosius
Date: 2007-03-11 08:06:35 -0700 (Sun, 11 Mar 2007)
Log Message:
-----------
no need to check new against null
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-03-11 14:31:03 UTC (rev 877)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-03-11 15:06:35 UTC (rev 878)
@@ -187,24 +187,18 @@
ZipEntry ze = jdkZip.getEntry(clsName + ".class");
if (ze != null) {
is = new BufferedInputStream(jdkZip.getInputStream(ze));
- if (is != null) {
- ClassParser parser = new ClassParser(is, clsName);
- JavaClass calledClass = parser.parse();
-
- superNames.put(clsName, calledClass.getSuperclassName().replace('.', '/'));
- Method[] methods = calledClass.getMethods();
-
- methodInfos = new HashSet<String>();
- validMethods.put(clsName, methodInfos);
-
- for (Method m : methods) {
- methodInfos.add(m.getName() + m.getSignature());
- }
-
+ ClassParser parser = new ClassParser(is, clsName);
+ JavaClass calledClass = parser.parse();
+
+ superNames.put(clsName, calledClass.getSuperclassName().replace('.', '/'));
+ Method[] methods = calledClass.getMethods();
+
+ methodInfos = new HashSet<String>();
+ validMethods.put(clsName, methodInfos);
+
+ for (Method m : methods) {
+ methodInfos.add(m.getName() + m.getSignature());
}
- else {
- return true;
- }
} else if (clsName.startsWith("java/")) {
bugReporter.reportBug(new BugInstance(this, "SJVU_SUSPICIOUS_JDK_VERSION_USE", HIGH_PRIORITY)
.addClass(this)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X