[Fb-contrib-commit] SF.net SVN: fb-contrib: [829] trunk/fb-contrib/src/com/mebigfatguy/ fbcontrib/
Brought to you by:
dbrosius
Menu
▾
▴
[Fb-contrib-commit] SF.net SVN: fb-contrib: [829] trunk/fb-contrib/src/com/mebigfatguy/ fbcontrib/detect/SuspiciousJDKVersionUse.java
|
From: <dbr...@us...> - 2007-02-02 08:11:02
|
Revision: 829
http://svn.sourceforge.net/fb-contrib/?rev=829&view=rev
Author: dbrosius
Date: 2007-02-02 00:11:00 -0800 (Fri, 02 Feb 2007)
Log Message:
-----------
hmm, twas wrong. can look at abstract classes, but for some reason method calls on abstract classes where the method is actually defined in an interface are still seen as INVOKEVIRTUAL, not INVOKEINTERFACE. So handle this.
Modified Paths:
--------------
trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
Modified: trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java
===================================================================
--- trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 07:37:53 UTC (rev 828)
+++ trunk/fb-contrib/src/com/mebigfatguy/fbcontrib/detect/SuspiciousJDKVersionUse.java 2007-02-02 08:11:00 UTC (rev 829)
@@ -35,6 +35,7 @@
import java.util.zip.ZipFile;
import org.apache.bcel.Constants;
+import org.apache.bcel.Repository;
import org.apache.bcel.classfile.ClassParser;
import org.apache.bcel.classfile.JavaClass;
import org.apache.bcel.classfile.Method;
@@ -80,9 +81,6 @@
public void visitClassContext(ClassContext classContext) {
try {
cls = classContext.getJavaClass();
- if (cls.isAbstract())
- return;
-
clsMajorVersion = Integer14.valueOf(cls.getMajor());
File rtJar = getRTJarFile();
if (rtJar == null)
@@ -123,6 +121,10 @@
clsName = getClassConstantOperand();
if ((clsName.startsWith("java/"))
|| (clsName.startsWith("javax/"))) {
+ Method m = findCalledMethod();
+ if (m == null)
+ return;
+
Map<String, Set<String>> validMethods = validMethodsByVersion.get(clsMajorVersion);
if (validMethods == null) {
validMethods = new HashMap<String, Set<String>>();
@@ -150,6 +152,25 @@
}
}
+ private Method findCalledMethod() {
+ try {
+ JavaClass cls = Repository.lookupClass(getClassConstantOperand());
+ Method[] methods = cls.getMethods();
+ String calledMethod = getNameConstantOperand();
+ String calledSignature = getSigConstantOperand();
+ for (Method m : methods) {
+ if (m.getName().equals(calledMethod) && m.getSignature().equals(calledSignature)) {
+ return m;
+ }
+ }
+
+ return null;
+ } catch (ClassNotFoundException cnfe) {
+ bugReporter.reportMissingClass(cnfe);
+ return null;
+ }
+ }
+
private boolean isValid(Map<String, Set<String>> validMethods, String clsName) throws IOException, ClassNotFoundException {
InputStream is = null;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
