[Fb-contrib-commit] SF.net SVN: fb-contrib:[1650] trunk/fb-contrib/src/com/mebigfatguy/ fbcontrib/
Brought to you by:
dbrosius
Menu
▾
▴
[Fb-contrib-commit] SF.net SVN: fb-contrib:[1650] trunk/fb-contrib/src/com/mebigfatguy/ fbcontrib/detect/ReflectionOnObjectMethods.java
|
From: <dbr...@us...> - 2011-01-22 01:20:22
|
Revision: 1650
http://fb-contrib.svn.sourceforge.net/fb-contrib/?rev=1650&view=rev
Author: dbrosius
Date: 2011-01-22 01:20:16 +0000 (Sat, 22 Jan 2011)
Log Message:
-----------
clone() is declared protected so don't report reflection on clone()
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/ReflectionOnObjectMethods.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/ReflectionOnObjectMethods.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/ReflectionOnObjectMethods.java 2010-12-13 00:09:47 UTC (rev 1649)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/ReflectionOnObjectMethods.java 2011-01-22 01:20:16 UTC (rev 1650)
@@ -1,17 +1,17 @@
/*
* fb-contrib - Auxiliary detectors for Java programs
* Copyright (C) 2005-2010 Dave Brosius
- *
+ *
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
- *
+ *
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
- *
+ *
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
@@ -36,33 +36,33 @@
import edu.umd.cs.findbugs.ba.ClassContext;
/**
- * looks for method calls through reflection on methods found in
+ * looks for method calls through reflection on methods found in
* java.lang.Object. As these methods are always available, there's no
* reason to do this.
*/
public class ReflectionOnObjectMethods extends BytecodeScanningDetector {
-
+
private static final Set<String> objectSigs = new HashSet<String>();
static {
- objectSigs.add("clone()");
+ //objectSigs.add("clone()"); // clone is declared protected
objectSigs.add("equals(Ljava/lang/Object;)");
objectSigs.add("finalize()");
objectSigs.add("getClass()");
objectSigs.add("hashCode()");
- objectSigs.add("notify()");
+ objectSigs.add("notify()");
objectSigs.add("notifyAll()");
objectSigs.add("toString()");
objectSigs.add("wait");
objectSigs.add("wait(J)");
objectSigs.add("wait(JI");
-
+
}
- private BugReporter bugReporter;
+ private final BugReporter bugReporter;
private OpcodeStack stack;
private Map<Integer, String[]> localClassTypes;
private Map<String, String[]> fieldClassTypes;
-
+
/**
* constructs a ROOM detector given the reporter to report bugs on
* @param bugReporter the sync of bug reports
@@ -70,11 +70,11 @@
public ReflectionOnObjectMethods(BugReporter bugReporter) {
this.bugReporter = bugReporter;
}
-
+
/**
* implements the visitor to create the stack and local and field maps
* for Class arrays to be used for getting the reflection method
- *
+ *
* @param classContext the context object of the currently parse class
*/
@Override
@@ -89,7 +89,7 @@
setupVisitorForClass(cls);
doVisitMethod(staticInit);
}
-
+
super.visitClassContext(classContext);
} finally {
stack = null;
@@ -97,10 +97,10 @@
fieldClassTypes = null;
}
}
-
+
/**
* implements the visitor to reset the opcode stack and clear the local variable map@
- *
+ *
* @param obj the context object of the currently parsed code block
*/
@Override
@@ -109,18 +109,18 @@
localClassTypes.clear();
super.visitCode(obj);
}
-
+
/**
* implements the visitor to look for calls that invoke a method through reflection
* where the method is defined in java.lang.Object
- *
+ *
* @param seen the currently parsed opcode
*/
@Override
public void sawOpcode(int seen) {
Integer arraySize = null;
String[] loadedTypes = null;
-
+
try {
switch (seen) {
case ANEWARRAY: {
@@ -132,7 +132,7 @@
}
}
break;
-
+
case AASTORE: {
if (stack.getStackDepth() >= 3) {
OpcodeStack.Item arrayItem = stack.getStackItem(2);
@@ -151,7 +151,7 @@
}
}
break;
-
+
case PUTFIELD:
case PUTSTATIC: {
String name = getNameConstantOperand();
@@ -166,14 +166,14 @@
fieldClassTypes.remove(name);
}
break;
-
+
case GETFIELD:
case GETSTATIC: {
String name = getNameConstantOperand();
- loadedTypes = fieldClassTypes.get(name);
+ loadedTypes = fieldClassTypes.get(name);
}
break;
-
+
case ASTORE_0:
case ASTORE_1:
case ASTORE_2:
@@ -191,17 +191,17 @@
localClassTypes.remove(reg);
}
break;
-
+
case ALOAD_0:
case ALOAD_1:
case ALOAD_2:
case ALOAD_3:
case ALOAD: {
int reg = RegisterUtils.getAStoreReg(this, seen);
- loadedTypes = localClassTypes.get(Integer.valueOf(reg));
- }
+ loadedTypes = localClassTypes.get(Integer.valueOf(reg));
+ }
break;
-
+
case INVOKEVIRTUAL: {
String cls = getClassConstantOperand();
if ("java/lang/Class".equals(cls)) {
@@ -258,14 +258,14 @@
}
}
}
-
+
/**
* builds a string that represents the signature of the method call that is being
* executed though reflection.
- *
+ *
* @param methodName the method name
* @param parmTypes the array of parameter types of the method
- *
+ *
* @return a signature string minus the return type
*/
private String buildReflectionSignature(String methodName, String[] parmTypes) {
@@ -273,25 +273,26 @@
sb.append(methodName);
sb.append("(");
if (parmTypes != null) {
- for (int i = 0; i < parmTypes.length; i++) {
+ for (String type : parmTypes) {
sb.append("L");
- String type = parmTypes[i];
- if (type == null)
+ if (type == null) {
return "";
+ }
sb.append(type);
- if ((type.length() > 1) || ("IJ".indexOf(type) < 0))
+ if ((type.length() > 1) || ("IJ".indexOf(type) < 0)) {
sb.append(";");
+ }
}
}
sb.append(")");
return sb.toString();
}
-
+
/**
* finds the method that is the static initializer for the class
- *
+ *
* @param cls the class to find the initializer for
- *
+ *
* @return the Method of the static initializer or null if this class has none
*/
private Method findStaticInitializer(JavaClass cls) {
@@ -301,7 +302,7 @@
return m;
}
}
-
+
return null;
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
