Package com.mebigfatguy.fbcontrib.detect

Class CustomBuiltXML

java.lang.Object
edu.umd.cs.findbugs.visitclass.BetterVisitor
edu.umd.cs.findbugs.visitclass.PreorderVisitor
edu.umd.cs.findbugs.visitclass.AnnotationVisitor
edu.umd.cs.findbugs.visitclass.DismantleBytecode
edu.umd.cs.findbugs.BytecodeScanningDetector
com.mebigfatguy.fbcontrib.detect.CustomBuiltXML
All Implemented Interfaces:
edu.umd.cs.findbugs.Detector, edu.umd.cs.findbugs.Priorities, org.apache.bcel.classfile.Visitor
public class CustomBuiltXML extends edu.umd.cs.findbugs.BytecodeScanningDetector
looks for methods that build xml based strings by concatenation strings and custom values together. Doing so makes brittle code, that is difficult to modify, validate and understand. It is cleaner to create external xml files that are transformed at runtime, using parameters set through Transformer.setParameter.

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    private static class 
    CustomBuiltXML.XMLPattern
    represents a text pattern that is likely to be an xml snippet, as well as how much confidence that the pattern is infact xml, versus something else.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private edu.umd.cs.findbugs.BugReporter
    bugReporter
     
    private static final String
    CBX_MIN_REPORTABLE_ITEMS
     
    private int
    firstPC
     
    private int
    highReportingThreshold
     
    private int
    lowReportingThreshold
     
    private int
    midReportingThreshold
     
    private edu.umd.cs.findbugs.OpcodeStack
    stack
     
    private static final SignatureBuilder
    XML_SIG_BUILDER
    This builder can be reused with different return types to reduce object creation, provided that param types are unchanged.
    private int
    xmlConfidentCount
     
    private int
    xmlItemCount
     
    private static final List<CustomBuiltXML.XMLPattern>
    xmlPatterns
     

    Fields inherited from class edu.umd.cs.findbugs.visitclass.DismantleBytecode

    codeBytes, lineNumberTable, M_BR, M_CP, M_INT, M_PAD, M_R, M_UINT

    Fields inherited from interface edu.umd.cs.findbugs.Priorities

    EXP_PRIORITY, HIGH_PRIORITY, IGNORE_PRIORITY, LOW_PRIORITY, NORMAL_PRIORITY

  • Constructor Summary

    Constructors
    Constructor
    Description
    CustomBuiltXML(edu.umd.cs.findbugs.BugReporter bugReporter)
    constructs a CBX detector given the reporter to report bugs on

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    sawOpcode(int seen)
    overrides the visitor to find String concatenations including xml strings
    void
    visitClassContext(edu.umd.cs.findbugs.ba.ClassContext classContext)
    overrides the visitor to create and destroy the stack
    void
    visitCode(org.apache.bcel.classfile.Code obj)
    overrides the visitor reset the opcode stack

    Methods inherited from class edu.umd.cs.findbugs.BytecodeScanningDetector

    getClassContext, report, shouldVisitCode

    Methods inherited from class edu.umd.cs.findbugs.visitclass.DismantleBytecode

    afterOpcode, areOppositeBranches, atCatchBlock, beforeOpcode, getBranchFallThrough, getBranchOffset, getBranchTarget, getClassConstantOperand, getClassDescriptorOperand, getCodeByte, getConstantRefOperand, getDefaultSwitchOffset, getDottedClassConstantOperand, getFieldDescriptorOperand, getIntConstant, getLongConstant, getMaxPC, getMethodDescriptorOperand, getNameConstantOperand, getNextCodeByte, getNextOpcode, getNextPC, getOpcode, getPC, getPrevOpcode, getRefConstantOperand, getRefFieldIsStatic, getRegisterOperand, getSigConstantOperand, getStringConstantOperand, getSwitchLabels, getSwitchOffsets, getXClassOperand, getXFieldOperand, getXMethodOperand, isBranch, isMethodCall, isRegisterLoad, isRegisterStore, isRegisterStore, isReturn, isShift, isSwitch, isWideOpcode, printOpCode, sawBranchTo, sawClass, sawDouble, sawField, sawFloat, sawIMethod, sawInt, sawLong, sawMethod, sawRegister, sawString, visit

    Methods inherited from class edu.umd.cs.findbugs.visitclass.AnnotationVisitor

    getAnnotationParameterAsEnum, getAnnotationParameterAsString, getAnnotationParameterAsStringArray, visitAnnotation, visitAnnotation, visitParameterAnnotation, visitParameterAnnotation, visitSyntheticParameterAnnotation

    Methods inherited from class edu.umd.cs.findbugs.visitclass.PreorderVisitor

    amVisitingMainMethod, asUnsignedByte, doVisitMethod, getClassDescriptor, getClassName, getCode, getConstantPool, getDottedClassName, getDottedFieldSig, getDottedMethodSig, getDottedSuperclassName, getField, getFieldDescriptor, getFieldIsStatic, getFieldName, getFieldSig, getFullyQualifiedFieldName, getFullyQualifiedMethodName, getMethod, getMethodDescriptor, getMethodName, getMethodSig, getMethodVisitOrder, getNumberArguments, getNumberMethodArguments, getPackageName, getSizeOfSurroundingTryBlock, getSizeOfSurroundingTryBlock, getSourceFile, getStringFromIndex, getSuperclassName, getSurroundingCaughtExceptions, getSurroundingCaughtExceptions, getSurroundingCaughtExceptionTypes, getSurroundingTryBlock, getSurroundingTryBlock, getThisClass, getXClass, getXField, getXMethod, hasInterestingClass, hasInterestingMethod, isVisitMethodsInCallOrder, setupVisitorForClass, setVisitMethodsInCallOrder, shouldVisit, toString, visitAfter, visitAfter, visitAnnotationDefault, visitAnnotationEntry, visitBootstrapMethods, visitConstantInvokeDynamic, visitConstantMethodHandle, visitConstantMethodType, visitConstantModule, visitConstantPackage, visitConstantPool, visitEnclosingMethod, visitingField, visitingMethod, visitInnerClasses, visitJavaClass, visitLineNumberTable, visitLocalVariableTable, visitMethodParameters, visitParameterAnnotationEntry, visitStackMap, visitStackMapEntry

    Methods inherited from class edu.umd.cs.findbugs.visitclass.BetterVisitor

    clone, report, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visitCodeException, visitConstantClass, visitConstantDouble, visitConstantFieldref, visitConstantFloat, visitConstantInteger, visitConstantInterfaceMethodref, visitConstantLong, visitConstantMethodref, visitConstantNameAndType, visitConstantString, visitConstantUtf8, visitConstantValue, visitDeprecated, visitExceptionTable, visitField, visitInnerClass, visitLineNumber, visitLocalVariable, visitLocalVariableTypeTable, visitMethod, visitSignature, visitSourceFile, visitSynthetic, visitUnknown

    Methods inherited from class java.lang.Object

    equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface org.apache.bcel.classfile.Visitor

    visitConstantDynamic, visitMethodParameter, visitModule, visitModuleExports, visitModuleMainClass, visitModuleOpens, visitModulePackages, visitModuleProvides, visitModuleRequires, visitNestHost, visitNestMembers, visitRecord, visitRecordComponent, visitStackMapType

  • Field Details

    • xmlPatterns

      private static final List<CustomBuiltXML.XMLPattern> xmlPatterns

    • CBX_MIN_REPORTABLE_ITEMS

      private static final String CBX_MIN_REPORTABLE_ITEMS
      See Also:

    • XML_SIG_BUILDER

      private static final SignatureBuilder XML_SIG_BUILDER
      This builder can be reused with different return types to reduce object creation, provided that param types are unchanged.

    • bugReporter

      private edu.umd.cs.findbugs.BugReporter bugReporter

    • stack

      private edu.umd.cs.findbugs.OpcodeStack stack

    • xmlItemCount

      private int xmlItemCount

    • xmlConfidentCount

      private int xmlConfidentCount

    • lowReportingThreshold

      private int lowReportingThreshold

    • midReportingThreshold

      private int midReportingThreshold

    • highReportingThreshold

      private int highReportingThreshold

    • firstPC

      private int firstPC

  • Constructor Details

    • CustomBuiltXML

      public CustomBuiltXML(edu.umd.cs.findbugs.BugReporter bugReporter)
      constructs a CBX detector given the reporter to report bugs on
      Parameters:
      bugReporter - the sync of bug reports

  • Method Details

    • visitClassContext

      public void visitClassContext(edu.umd.cs.findbugs.ba.ClassContext classContext)
      overrides the visitor to create and destroy the stack
      Specified by:
      visitClassContext in interface edu.umd.cs.findbugs.Detector
      Overrides:
      visitClassContext in class edu.umd.cs.findbugs.BytecodeScanningDetector
      Parameters:
      classContext - the context object of the currently parsed class

    • visitCode

      public void visitCode(org.apache.bcel.classfile.Code obj)
      overrides the visitor reset the opcode stack
      Specified by:
      visitCode in interface org.apache.bcel.classfile.Visitor
      Overrides:
      visitCode in class edu.umd.cs.findbugs.visitclass.PreorderVisitor
      Parameters:
      obj - the code object of the currently parsed method

    • sawOpcode

      public void sawOpcode(int seen)
      overrides the visitor to find String concatenations including xml strings
      Overrides:
      sawOpcode in class edu.umd.cs.findbugs.visitclass.DismantleBytecode
      Parameters:
      seen - the opcode that is being visited