Package com.mebigfatguy.fbcontrib.detect

Class InconsistentKeyNameCasing

java.lang.Object
edu.umd.cs.findbugs.visitclass.BetterVisitor
edu.umd.cs.findbugs.visitclass.PreorderVisitor
edu.umd.cs.findbugs.visitclass.AnnotationVisitor
edu.umd.cs.findbugs.visitclass.DismantleBytecode
edu.umd.cs.findbugs.BytecodeScanningDetector
com.mebigfatguy.fbcontrib.detect.InconsistentKeyNameCasing
All Implemented Interfaces:
edu.umd.cs.findbugs.Detector, edu.umd.cs.findbugs.Priorities, org.apache.bcel.classfile.Visitor
public class InconsistentKeyNameCasing extends edu.umd.cs.findbugs.BytecodeScanningDetector
looks for calls to HttpRequest.getParameter with parameters of the same name with different cases like 'id' and 'Id'.

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    (package private) static enum 
    InconsistentKeyNameCasing.KeyType
     
    (package private) static class 
    InconsistentKeyNameCasing.SourceInfo
    a holder for location information of a getParameter call

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    (package private) edu.umd.cs.findbugs.BugReporter
    bugReporter
     
    private static final String
    GET_ATTRIBUTE
     
    private static final String
    GET_ATTRIBUTE_SIG
     
    private static final String
    GET_PARAMETER
     
    private static final String
    GET_PARAMETER_SIG
     
    private static final String
    JAKARTA_HTTP_SERVLET_REQUEST
     
    private static final String
    JAKARTA_HTTP_SESSION
     
    private static final String
    JAVAX_HTTP_SERVLET_REQUEST
     
    private static final String
    JAVAX_HTTP_SESSION
     
    (package private) Map<InconsistentKeyNameCasing.KeyType,Map<String,Map<String,List<InconsistentKeyNameCasing.SourceInfo>>>>
    parmInfo
     
    private static final String
    SET_ATTRIBUTE
     
    private static final String
    SET_ATTRIBUTE_SIG
     
    (package private) edu.umd.cs.findbugs.OpcodeStack
    stack
     

    Fields inherited from class edu.umd.cs.findbugs.visitclass.DismantleBytecode

    codeBytes, lineNumberTable, M_BR, M_CP, M_INT, M_PAD, M_R, M_UINT

    Fields inherited from interface edu.umd.cs.findbugs.Priorities

    EXP_PRIORITY, HIGH_PRIORITY, IGNORE_PRIORITY, LOW_PRIORITY, NORMAL_PRIORITY

  • Constructor Summary

    Constructors
    Constructor
    Description
    InconsistentKeyNameCasing(edu.umd.cs.findbugs.BugReporter reporter)
    constructs a IKNC detector given the reporter to report bugs on

  • Method Summary

    Modifier and Type
    Method
    Description
    private InconsistentKeyNameCasing.KeyType
    isKeyAccessMethod(int seen)
    looks to see if this method is a getAttribute/setAttribute on Session or getParameter on HttpServletRequest
    void
    report()
    implements the visitor to look for the collected parm names, and look for duplicates that are different in casing only.
    void
    sawOpcode(int seen)
    implements the visitor to look for calls to HttpServletRequest.getParameter and collect what the name of the key is.
    void
    visitClassContext(edu.umd.cs.findbugs.ba.ClassContext classContext)
    implements the visitor to create the opcode stack
    void
    visitCode(org.apache.bcel.classfile.Code obj)
    implements the visitor to reset the opcode stack for a new method

    Methods inherited from class edu.umd.cs.findbugs.BytecodeScanningDetector

    getClassContext, shouldVisitCode

    Methods inherited from class edu.umd.cs.findbugs.visitclass.DismantleBytecode

    afterOpcode, areOppositeBranches, atCatchBlock, beforeOpcode, getBranchFallThrough, getBranchOffset, getBranchTarget, getClassConstantOperand, getClassDescriptorOperand, getCodeByte, getConstantRefOperand, getDefaultSwitchOffset, getDottedClassConstantOperand, getFieldDescriptorOperand, getIntConstant, getLongConstant, getMaxPC, getMethodDescriptorOperand, getNameConstantOperand, getNextCodeByte, getNextOpcode, getNextPC, getOpcode, getPC, getPrevOpcode, getRefConstantOperand, getRefFieldIsStatic, getRegisterOperand, getSigConstantOperand, getStringConstantOperand, getSwitchLabels, getSwitchOffsets, getXClassOperand, getXFieldOperand, getXMethodOperand, isBranch, isMethodCall, isRegisterLoad, isRegisterStore, isRegisterStore, isReturn, isShift, isSwitch, isWideOpcode, printOpCode, sawBranchTo, sawClass, sawDouble, sawField, sawFloat, sawIMethod, sawInt, sawLong, sawMethod, sawRegister, sawString, visit

    Methods inherited from class edu.umd.cs.findbugs.visitclass.AnnotationVisitor

    getAnnotationParameterAsEnum, getAnnotationParameterAsString, getAnnotationParameterAsStringArray, visitAnnotation, visitAnnotation, visitParameterAnnotation, visitParameterAnnotation, visitSyntheticParameterAnnotation

    Methods inherited from class edu.umd.cs.findbugs.visitclass.PreorderVisitor

    amVisitingMainMethod, asUnsignedByte, doVisitMethod, getClassDescriptor, getClassName, getCode, getConstantPool, getDottedClassName, getDottedFieldSig, getDottedMethodSig, getDottedSuperclassName, getField, getFieldDescriptor, getFieldIsStatic, getFieldName, getFieldSig, getFullyQualifiedFieldName, getFullyQualifiedMethodName, getMethod, getMethodDescriptor, getMethodName, getMethodSig, getMethodVisitOrder, getNumberArguments, getNumberMethodArguments, getPackageName, getSizeOfSurroundingTryBlock, getSizeOfSurroundingTryBlock, getSourceFile, getStringFromIndex, getSuperclassName, getSurroundingCaughtExceptions, getSurroundingCaughtExceptions, getSurroundingCaughtExceptionTypes, getSurroundingTryBlock, getSurroundingTryBlock, getThisClass, getXClass, getXField, getXMethod, hasInterestingClass, hasInterestingMethod, isVisitMethodsInCallOrder, setupVisitorForClass, setVisitMethodsInCallOrder, shouldVisit, toString, visitAfter, visitAfter, visitAnnotationDefault, visitAnnotationEntry, visitBootstrapMethods, visitConstantInvokeDynamic, visitConstantMethodHandle, visitConstantMethodType, visitConstantModule, visitConstantPackage, visitConstantPool, visitEnclosingMethod, visitingField, visitingMethod, visitInnerClasses, visitJavaClass, visitLineNumberTable, visitLocalVariableTable, visitMethodParameters, visitParameterAnnotationEntry, visitStackMap, visitStackMapEntry

    Methods inherited from class edu.umd.cs.findbugs.visitclass.BetterVisitor

    clone, report, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visitCodeException, visitConstantClass, visitConstantDouble, visitConstantFieldref, visitConstantFloat, visitConstantInteger, visitConstantInterfaceMethodref, visitConstantLong, visitConstantMethodref, visitConstantNameAndType, visitConstantString, visitConstantUtf8, visitConstantValue, visitDeprecated, visitExceptionTable, visitField, visitInnerClass, visitLineNumber, visitLocalVariable, visitLocalVariableTypeTable, visitMethod, visitSignature, visitSourceFile, visitSynthetic, visitUnknown

    Methods inherited from class java.lang.Object

    equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface org.apache.bcel.classfile.Visitor

    visitConstantDynamic, visitMethodParameter, visitModule, visitModuleExports, visitModuleMainClass, visitModuleOpens, visitModulePackages, visitModuleProvides, visitModuleRequires, visitNestHost, visitNestMembers, visitRecord, visitRecordComponent, visitStackMapType

  • Field Details

  • Constructor Details

    • InconsistentKeyNameCasing

      public InconsistentKeyNameCasing(edu.umd.cs.findbugs.BugReporter reporter)
      constructs a IKNC detector given the reporter to report bugs on
      Parameters:
      reporter - the sync of bug reports

  • Method Details

    • visitClassContext

      public void visitClassContext(edu.umd.cs.findbugs.ba.ClassContext classContext)
      implements the visitor to create the opcode stack
      Specified by:
      visitClassContext in interface edu.umd.cs.findbugs.Detector
      Overrides:
      visitClassContext in class edu.umd.cs.findbugs.BytecodeScanningDetector
      Parameters:
      classContext - the context object of the currently parsed class

    • visitCode

      public void visitCode(org.apache.bcel.classfile.Code obj)
      implements the visitor to reset the opcode stack for a new method
      Specified by:
      visitCode in interface org.apache.bcel.classfile.Visitor
      Overrides:
      visitCode in class edu.umd.cs.findbugs.visitclass.PreorderVisitor
      Parameters:
      obj - the context object of the currently parsed code block

    • sawOpcode

      public void sawOpcode(int seen)
      implements the visitor to look for calls to HttpServletRequest.getParameter and collect what the name of the key is.
      Overrides:
      sawOpcode in class edu.umd.cs.findbugs.visitclass.DismantleBytecode
      Parameters:
      seen - the opcode of the currently parsed instruction

    • report

      public void report()
      implements the visitor to look for the collected parm names, and look for duplicates that are different in casing only.
      Specified by:
      report in interface edu.umd.cs.findbugs.Detector
      Overrides:
      report in class edu.umd.cs.findbugs.BytecodeScanningDetector

    • isKeyAccessMethod

      @Nullable private InconsistentKeyNameCasing.KeyType isKeyAccessMethod(int seen)
      looks to see if this method is a getAttribute/setAttribute on Session or getParameter on HttpServletRequest
      Parameters:
      seen - the currently parsed opcode
      Returns:
      if it is one of these special methods