[Fb-contrib-commit] SF.net SVN: fb-contrib:[1427] trunk/fb-contrib/src/com/mebigfatguy/ fbcontrib/d
Brought to you by:
dbrosius
Menu
▾
▴
[Fb-contrib-commit] SF.net SVN: fb-contrib:[1427] trunk/fb-contrib/src/com/mebigfatguy/ fbcontrib/detect/MoreDumbMethods.java
|
From: <dbr...@us...> - 2010-01-04 04:21:30
|
Revision: 1427
http://fb-contrib.svn.sourceforge.net/fb-contrib/?rev=1427&view=rev
Author: dbrosius
Date: 2010-01-04 04:21:20 +0000 (Mon, 04 Jan 2010)
Log Message:
-----------
New Detector to find a variety of questionable method calls by Chris Peterson
Added Paths:
-----------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/MoreDumbMethods.java
Added: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/MoreDumbMethods.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/MoreDumbMethods.java (rev 0)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/MoreDumbMethods.java 2010-01-04 04:21:20 UTC (rev 1427)
@@ -0,0 +1,131 @@
+/*
+ * fb-contrib - Auxiliary detectors for Java programs
+ * Copyright (C) 2005-2010 Chris Peterson
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+package com.mebigfatguy.fbcontrib.detect;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import edu.umd.cs.findbugs.BugInstance;
+import edu.umd.cs.findbugs.BugReporter;
+import edu.umd.cs.findbugs.BytecodeScanningDetector;
+
+/**
+ * looks for method calls that are unsafe or might indicate bugs.
+ */
+public class MoreDumbMethods extends BytecodeScanningDetector
+{
+ private final static Map<String,String> dumbMethods = new HashMap<String,String>();
+ static {
+ dumbMethods.put("java/lang/Runtime.exit(I)V", "MDM_RUNTIME_EXIT_OR_HALT");
+ dumbMethods.put("java/lang/Runtime.halt(I)V", "MDM_RUNTIME_EXIT_OR_HALT");
+
+ dumbMethods.put("java/lang/Runtime.runFinalization()V", "MDM_RUNFINALIZATION");
+ dumbMethods.put("java/lang/System.runFinalization()V", "MDM_RUNFINALIZATION");
+
+ dumbMethods.put("java/math/BigDecimal.equals(Ljava/lang/Object;)Z", "MDM_BIGDECIMAL_EQUALS");
+
+ //
+ // Network checks
+ //
+ dumbMethods.put("java/net/InetAddress.getLocalHost()Ljava/net/InetAddress;", "MDM_INETADDRESS_GETLOCALHOST");
+
+ dumbMethods.put("java/net/ServerSocket.<init>(I)V", "MDM_PROMISCUOUS_SERVERSOCKET");
+ dumbMethods.put("java/net/ServerSocket.<init>(II)V", "MDM_PROMISCUOUS_SERVERSOCKET");
+ dumbMethods.put("javax/net/ServerSocketFactory.createServerSocket(I)Ljava/net/ServerSocket;", "MDM_PROMISCUOUS_SERVERSOCKET");
+ dumbMethods.put("javax/net/ServerSocketFactory.createServerSocket(II)Ljava/net/ServerSocket;", "MDM_PROMISCUOUS_SERVERSOCKET");
+
+ //
+ // Random Number Generator checks
+ //
+ dumbMethods.put("java/util/Random.<init>()V", "MDM_RANDOM_SEED");
+ dumbMethods.put("java/security/SecureRandom.<init>()V", "MDM_SECURERANDOM");
+ dumbMethods.put("java/security/SecureRandom.<init>([B)V", "MDM_SECURERANDOM");
+ dumbMethods.put("java/security/SecureRandom.getSeed(I)[B", "MDM_SECURERANDOM");
+
+ //
+ // Thread checks
+ //
+ dumbMethods.put("java/lang/Thread.getPriority()I", "MDM_THREAD_PRIORITIES");
+ dumbMethods.put("java/lang/Thread.setPriority(I)V", "MDM_THREAD_PRIORITIES");
+
+ dumbMethods.put("java/lang/Thread.sleep(J)V", "MDM_THREAD_YIELD");
+ dumbMethods.put("java/lang/Thread.sleep(JI)V", "MDM_THREAD_YIELD");
+ dumbMethods.put("java/lang/Thread.yield()V", "MDM_THREAD_YIELD");
+
+ dumbMethods.put("java/lang/Thread.join()V", "MDM_WAIT_WITHOUT_TIMEOUT");
+ dumbMethods.put("java/lang/Object.wait()V", "MDM_WAIT_WITHOUT_TIMEOUT");
+ dumbMethods.put("java/util/concurrent/locks/Condition.await()V", "MDM_WAIT_WITHOUT_TIMEOUT");
+ dumbMethods.put("java/util/concurrent/locks/Lock.lock()V", "MDM_WAIT_WITHOUT_TIMEOUT");
+ dumbMethods.put("java/util/concurrent/locks/Lock.lockInterruptibly()V", "MDM_WAIT_WITHOUT_TIMEOUT");
+ dumbMethods.put("java/util/concurrent/locks/ReentrantLock.lock()V", "MDM_WAIT_WITHOUT_TIMEOUT");
+ dumbMethods.put("java/util/concurrent/locks/ReentrantLock.lockInterruptibly()V", "MDM_WAIT_WITHOUT_TIMEOUT");
+
+ dumbMethods.put("java/util/concurrent/locks/Condition.signal()V", "MDM_SIGNAL_NOT_SIGNALALL");
+
+ dumbMethods.put("java/util/concurrent/locks/Lock.tryLock()Z", "MDM_THREAD_FAIRNESS");
+ dumbMethods.put("java/util/concurrent/locks/ReentrantLock.tryLock()Z", "MDM_THREAD_FAIRNESS");
+
+ dumbMethods.put("java/util/concurrent/locks/ReentrantLock.isHeldByCurrentThread()Z", "MDM_LOCK_ISLOCKED");
+ dumbMethods.put("java/util/concurrent/locks/ReentrantLock.isLocked()Z", "MDM_LOCK_ISLOCKED");
+
+ //
+ // String checks
+ //
+ dumbMethods.put("java/lang/String.<init>([B)V", "MDM_STRING_BYTES_ENCODING");
+ dumbMethods.put("java/lang/String.getBytes()[B", "MDM_STRING_BYTES_ENCODING");
+ dumbMethods.put("java/util/Locale.setDefault(Ljava/util/Locale;)V", "MDM_SETDEFAULTLOCALE");
+ }
+ private final BugReporter bugReporter;
+
+ /**
+ * constructs an MDM detector given the reporter to report bugs on
+ * @param bugReporter the sync of bug reports
+ */
+ public MoreDumbMethods(BugReporter bugReporter) {
+ this.bugReporter = bugReporter;
+ }
+
+ @Override
+ public void sawOpcode(int seen) {
+ if (seen == INVOKEVIRTUAL
+ || seen == INVOKEINTERFACE
+ || seen == INVOKESPECIAL
+ || seen == INVOKESTATIC) {
+ final String bugType = dumbMethods.get(getMethodSignature());
+ if (bugType != null) {
+ reportBug(bugType);
+ }
+ }
+ }
+
+ private String getMethodSignature() {
+ final String className = getClassConstantOperand();
+ final String methodName = getNameConstantOperand();
+ final String methodSig = getSigConstantOperand();
+ return String.format("%s.%s%s", className, methodName, methodSig);
+ }
+
+ private void reportBug(String bugType) {
+ bugReporter.reportBug(new BugInstance(this, bugType, LOW_PRIORITY)
+ .addClass(this)
+ .addMethod(this)
+ .addCalledMethod(this)
+ .addSourceLine(this));
+ }
+}
\ No newline at end of file
Property changes on: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/MoreDumbMethods.java
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: svn:eol-style
+ native
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
