[Fb-contrib-commit] SF.net SVN: fb-contrib: [573] trunk/fb-contrib/samples

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 573
Author:   dbrosius
Date:     2006-06-28 11:59:10 -0700 (Wed, 28 Jun 2006)
ViewCVS:  http://svn.sourceforge.net/fb-contrib/?rev=573&view=rev

Log Message:
-----------
If a java.lang.Object method is called on an instance of a jdbc class, that's ok - don't report

Modified Paths:
--------------
    trunk/fb-contrib/samples/JVR_Sample.java
    trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/JDBCVendorReliance.java
Modified: trunk/fb-contrib/samples/JVR_Sample.java
===================================================================

--- trunk/fb-contrib/samples/JVR_Sample.java	2006-06-21 02:08:15 UTC (rev 572)
+++ trunk/fb-contrib/samples/JVR_Sample.java	2006-06-28 18:59:10 UTC (rev 573)
@@ -13,6 +13,12 @@
 		VendorBlob vb = (VendorBlob)rs.getBlob(1);
 		return vb.convertBlobToString();
 	}
+	
+	public String falsePositive(ResultSet rs) throws SQLException
+	{
+		Blob vb = rs.getBlob(1);
+		return vb.getClass().getName();
+	}
 }
 
 class VendorBlob implements Blob

Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/JDBCVendorReliance.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/JDBCVendorReliance.java	2006-06-21 02:08:15 UTC (rev 572)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/JDBCVendorReliance.java	2006-06-28 18:59:10 UTC (rev 573)
@@ -98,7 +98,7 @@
 			if ((seen == INVOKEVIRTUAL)
             ||  (seen == INVOKEINTERFACE)) {
 				String clsName = getClassConstantOperand();
-                if (!isJDBCClass(clsName)) {
+                if (!"java/lang/Object".equals(clsName) && !isJDBCClass(clsName)) {
 					int parmCnt = Type.getArgumentTypes(getSigConstantOperand()).length;
 					if (stack.getStackDepth() > parmCnt) {
 						OpcodeStack.Item itm = stack.getStackItem(parmCnt);
@@ -158,7 +158,7 @@
         if (clsName.endsWith(";"))
             clsName = clsName.substring(1, clsName.length() - 1);
         clsName = clsName.replace('.', '/');
-        
+                
         if (!clsName.startsWith("java/sql/")
         &&  !clsName.startsWith("javax/sql/"))
             return false;


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



