package com.h3xstream.findsecbugs.taintanalysis;

import com.h3xstream.findsecbugs.FindSecBugsGlobalConfig;
import com.h3xstream.findsecbugs.taintanalysis.Taint;
import com.h3xstream.findsecbugs.taintanalysis.data.UnknownSource;
import com.h3xstream.findsecbugs.taintanalysis.data.UnknownSourceType;
import edu.umd.cs.findbugs.ba.BasicBlock;
import edu.umd.cs.findbugs.ba.DataflowAnalysisException;
import edu.umd.cs.findbugs.ba.DepthFirstSearch;
import edu.umd.cs.findbugs.ba.Edge;
import edu.umd.cs.findbugs.ba.FrameDataflowAnalysis;
import edu.umd.cs.findbugs.ba.Location;
import edu.umd.cs.findbugs.ba.generic.GenericSignatureParser;
import edu.umd.cs.findbugs.classfile.MethodDescriptor;
import edu.umd.cs.findbugs.classfile.analysis.AnnotationValue;
import edu.umd.cs.findbugs.classfile.analysis.MethodInfo;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.bcel.generic.InstructionHandle;
import org.apache.bcel.generic.MethodGen;
import org.eclipse.jdt.core.Signature;
import org.eclipse.osgi.internal.loader.BundleLoader;

/* loaded from: input_file:findsecbugs-plugin.jar:com/h3xstream/findsecbugs/taintanalysis/TaintAnalysis.class */
public class TaintAnalysis extends FrameDataflowAnalysis<Taint, TaintFrame> {
    private final MethodGen methodGen;
    private final MethodInfo methodDescriptor;
    private final TaintFrameModelingVisitor visitor;
    private int parameterStackSize;
    private List<Integer> slotToParameter;
    private static final List<String> TAINTED_ANNOTATIONS;
    static final /* synthetic */ boolean $assertionsDisabled;

    public TaintAnalysis(MethodGen methodGen, DepthFirstSearch depthFirstSearch, MethodDescriptor methodDescriptor, TaintConfig taintConfig, List<TaintFrameAdditionalVisitor> list) {
        super(depthFirstSearch);
        this.methodGen = methodGen;
        this.methodDescriptor = (MethodInfo) methodDescriptor;
        this.visitor = new TaintFrameModelingVisitor(methodGen.getConstantPool(), methodDescriptor, taintConfig, list, methodGen);
        computeParametersInfo(methodDescriptor.getSignature(), methodDescriptor.isStatic());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // edu.umd.cs.findbugs.ba.FrameDataflowAnalysis
    public void mergeValues(TaintFrame taintFrame, TaintFrame taintFrame2, int i) throws DataflowAnalysisException {
        taintFrame2.setValue(i, Taint.merge(taintFrame2.getValue(i), taintFrame.getValue(i)));
    }

    @Override // edu.umd.cs.findbugs.ba.AbstractDataflowAnalysis
    public void transferInstruction(InstructionHandle instructionHandle, BasicBlock basicBlock, TaintFrame taintFrame) throws DataflowAnalysisException {
        this.visitor.setFrameAndLocation(taintFrame, new Location(instructionHandle, basicBlock));
        this.visitor.analyzeInstruction(instructionHandle.getInstruction());
    }

    @Override // edu.umd.cs.findbugs.ba.DataflowAnalysis
    public TaintFrame createFact() {
        return new TaintFrame(this.methodGen.getMaxLocals());
    }

    @Override // edu.umd.cs.findbugs.ba.DataflowAnalysis
    public void initEntryFact(TaintFrame taintFrame) {
        taintFrame.setValid();
        taintFrame.clearStack();
        String str = this.methodDescriptor.getSlashedClassName() + BundleLoader.DEFAULT_PACKAGE + this.methodDescriptor.getName() + this.methodDescriptor.getSignature();
        boolean isInMainMethod = isInMainMethod();
        int numSlots = taintFrame.getNumSlots();
        int numLocals = taintFrame.getNumLocals();
        for (int i = 0; i < numSlots; i++) {
            Taint taint = new Taint(Taint.State.UNKNOWN);
            if (i < numLocals) {
                if (i < this.parameterStackSize) {
                    int i2 = (this.parameterStackSize - i) - 1;
                    if (isTaintedByAnnotation(i - 1)) {
                        taint = new Taint(Taint.State.TAINTED);
                    } else if (isInMainMethod) {
                        taint = FindSecBugsGlobalConfig.getInstance().isTaintedMainArgument() ? new Taint(Taint.State.TAINTED) : new Taint(Taint.State.SAFE);
                    } else {
                        taint.addParameter(i2);
                    }
                    taint.addSource(new UnknownSource(UnknownSourceType.PARAMETER, taint.getState()).setSignatureMethod(str).setParameterIndex(i2));
                }
                taint.setVariableIndex(i);
            }
            taintFrame.setValue(i, taint);
        }
    }

    private boolean isInMainMethod() {
        return this.methodDescriptor.isStatic() && "main".equals(this.methodDescriptor.getName()) && "([Ljava/lang/String;)V".equals(this.methodDescriptor.getSignature()) && this.methodGen.getMethod().isPublic();
    }

    private boolean isTaintedByAnnotation(int i) {
        if (i < 0 || !this.methodDescriptor.hasParameterAnnotations()) {
            return false;
        }
        Iterator<AnnotationValue> it = this.methodDescriptor.getParameterAnnotations(this.slotToParameter.get(i).intValue()).iterator();
        while (it.hasNext()) {
            if (TAINTED_ANNOTATIONS.contains(it.next().getAnnotationClass().getClassName())) {
                return true;
            }
        }
        return false;
    }

    @Override // edu.umd.cs.findbugs.ba.DataflowAnalysis
    public void meetInto(TaintFrame taintFrame, Edge edge, TaintFrame taintFrame2) throws DataflowAnalysisException {
        if (taintFrame.isValid() && edge.isExceptionEdge()) {
            TaintFrame modifyFrame = modifyFrame(taintFrame, null);
            modifyFrame.clearStack();
            modifyFrame.pushValue(new Taint(Taint.State.UNKNOWN));
            taintFrame = modifyFrame;
        }
        mergeInto(taintFrame, taintFrame2);
    }

    public void finishAnalysis() {
        this.visitor.finishAnalysis();
    }

    private void computeParametersInfo(String str, boolean z) {
        if (!$assertionsDisabled && (str == null || str.isEmpty())) {
            throw new AssertionError();
        }
        int i = z ? 0 : 1;
        Iterator<String> parameterSignatureIterator = new GenericSignatureParser(str).parameterSignatureIterator();
        int i2 = 0;
        this.slotToParameter = new ArrayList();
        while (parameterSignatureIterator.hasNext()) {
            String next = parameterSignatureIterator.next();
            if (next.equals(Signature.SIG_DOUBLE) || next.equals(Signature.SIG_LONG)) {
                i += 2;
                this.slotToParameter.add(Integer.valueOf(i2));
                this.slotToParameter.add(Integer.valueOf(i2));
            } else {
                i++;
                this.slotToParameter.add(Integer.valueOf(i2));
            }
            i2++;
        }
        this.parameterStackSize = i;
    }

    private static List<String> loadFileContent(String str) {
        try {
            InputStream resourceAsStream = TaintAnalysis.class.getClassLoader().getResourceAsStream(str);
            try {
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(resourceAsStream, "utf-8"));
                try {
                    ArrayList arrayList = new ArrayList();
                    while (true) {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        }
                        arrayList.add(readLine.trim());
                    }
                    bufferedReader.close();
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                    return arrayList;
                } catch (Throwable th) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } finally {
            }
        } catch (IOException e) {
            if ($assertionsDisabled) {
                return new ArrayList();
            }
            throw new AssertionError(e.getMessage());
        }
    }

    static {
        $assertionsDisabled = !TaintAnalysis.class.desiredAssertionStatus();
        TAINTED_ANNOTATIONS = loadFileContent("taint-config/taint-param-annotations.txt");
    }
}
