Package com.mebigfatguy.fbcontrib.detect

Class SuspiciousJDKVersionUse

java.lang.Object
edu.umd.cs.findbugs.visitclass.BetterVisitor
edu.umd.cs.findbugs.visitclass.PreorderVisitor
edu.umd.cs.findbugs.visitclass.AnnotationVisitor
edu.umd.cs.findbugs.visitclass.DismantleBytecode
edu.umd.cs.findbugs.BytecodeScanningDetector
com.mebigfatguy.fbcontrib.detect.SuspiciousJDKVersionUse
All Implemented Interfaces:
edu.umd.cs.findbugs.Detector, edu.umd.cs.findbugs.Priorities, org.apache.bcel.classfile.Visitor
public class SuspiciousJDKVersionUse extends edu.umd.cs.findbugs.BytecodeScanningDetector
looks for calls to classes and methods that do not exist in the JDK for which this class is compiled. This can happen if you specify the -source and -target options of the javac compiler, and specify a target that is less than the jdk version of the javac compiler.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private final edu.umd.cs.findbugs.BugReporter
    bugReporter
     
    private Integer
    clsMajorVersion
     
    private static final Map<Integer,Integer>
    HUMAN_VERSIONS
     
    private static final Pattern
    jarPattern
     
    private File
    jdksRoot
     
    private ZipFile
    jdkZip
     
    private final Map<Integer,ZipFile>
    jdkZips
     
    private static Set<String>
    knownJDKJavaxPackageRoots
     
    private static final String
    SJVU_JDKHOME
     
    private final Map<String,String>
    superNames
     
    private final Map<Integer,Map<String,Set<String>>>
    validMethodsByVersion
     
    private static final Map<Integer,String>
    VER_REG_EX
     
    private final Map<String,File>
    versionPaths
     

    Fields inherited from class edu.umd.cs.findbugs.visitclass.DismantleBytecode

    codeBytes, lineNumberTable, M_BR, M_CP, M_INT, M_PAD, M_R, M_UINT

    Fields inherited from interface edu.umd.cs.findbugs.Priorities

    EXP_PRIORITY, HIGH_PRIORITY, IGNORE_PRIORITY, LOW_PRIORITY, NORMAL_PRIORITY

  • Constructor Summary

    Constructors
    Constructor
    Description
    SuspiciousJDKVersionUse(edu.umd.cs.findbugs.BugReporter bugReporter)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    private org.apache.bcel.classfile.Method
    findCalledMethod()
     
    private File
    getRTJarFile()
     
    private static File
    getRTJarFromProperty(Integer requestedVersion)
     
    private boolean
    isJavaXExternal(String className)
    checks to see if this class is a javax.xxxx.Foo class if so, looks to see if the package is at least in the jdk if a whole new package comes into javax in rt.jar, this will be missed.
    private boolean
    isValid(Map<String,Set<String>> validMethods, String clsName)
     
    void
    sawOpcode(int seen)
     
    void
    visitClassContext(edu.umd.cs.findbugs.ba.ClassContext classContext)
     

    Methods inherited from class edu.umd.cs.findbugs.BytecodeScanningDetector

    getClassContext, report, shouldVisitCode

    Methods inherited from class edu.umd.cs.findbugs.visitclass.DismantleBytecode

    afterOpcode, areOppositeBranches, atCatchBlock, beforeOpcode, getBranchFallThrough, getBranchOffset, getBranchTarget, getClassConstantOperand, getClassDescriptorOperand, getCodeByte, getConstantRefOperand, getDefaultSwitchOffset, getDottedClassConstantOperand, getFieldDescriptorOperand, getIntConstant, getLongConstant, getMaxPC, getMethodDescriptorOperand, getNameConstantOperand, getNextCodeByte, getNextOpcode, getNextPC, getOpcode, getPC, getPrevOpcode, getRefConstantOperand, getRefFieldIsStatic, getRegisterOperand, getSigConstantOperand, getStringConstantOperand, getSwitchLabels, getSwitchOffsets, getXClassOperand, getXFieldOperand, getXMethodOperand, isBranch, isMethodCall, isRegisterLoad, isRegisterStore, isRegisterStore, isReturn, isShift, isSwitch, isWideOpcode, printOpCode, sawBranchTo, sawClass, sawDouble, sawField, sawFloat, sawIMethod, sawInt, sawLong, sawMethod, sawRegister, sawString, visit

    Methods inherited from class edu.umd.cs.findbugs.visitclass.AnnotationVisitor

    getAnnotationParameterAsEnum, getAnnotationParameterAsString, getAnnotationParameterAsStringArray, visitAnnotation, visitAnnotation, visitParameterAnnotation, visitParameterAnnotation, visitSyntheticParameterAnnotation

    Methods inherited from class edu.umd.cs.findbugs.visitclass.PreorderVisitor

    amVisitingMainMethod, asUnsignedByte, doVisitMethod, getClassDescriptor, getClassName, getCode, getConstantPool, getDottedClassName, getDottedFieldSig, getDottedMethodSig, getDottedSuperclassName, getField, getFieldDescriptor, getFieldIsStatic, getFieldName, getFieldSig, getFullyQualifiedFieldName, getFullyQualifiedMethodName, getMethod, getMethodDescriptor, getMethodName, getMethodSig, getMethodVisitOrder, getNumberArguments, getNumberMethodArguments, getPackageName, getSizeOfSurroundingTryBlock, getSizeOfSurroundingTryBlock, getSourceFile, getStringFromIndex, getSuperclassName, getSurroundingCaughtExceptions, getSurroundingCaughtExceptions, getSurroundingCaughtExceptionTypes, getSurroundingTryBlock, getSurroundingTryBlock, getThisClass, getXClass, getXField, getXMethod, hasInterestingClass, hasInterestingMethod, isVisitMethodsInCallOrder, setupVisitorForClass, setVisitMethodsInCallOrder, shouldVisit, toString, visitAfter, visitAfter, visitAnnotationDefault, visitAnnotationEntry, visitBootstrapMethods, visitCode, visitConstantInvokeDynamic, visitConstantMethodHandle, visitConstantMethodType, visitConstantModule, visitConstantPackage, visitConstantPool, visitEnclosingMethod, visitingField, visitingMethod, visitInnerClasses, visitJavaClass, visitLineNumberTable, visitLocalVariableTable, visitMethodParameters, visitParameterAnnotationEntry, visitStackMap, visitStackMapEntry

    Methods inherited from class edu.umd.cs.findbugs.visitclass.BetterVisitor

    clone, report, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visit, visitCodeException, visitConstantClass, visitConstantDouble, visitConstantFieldref, visitConstantFloat, visitConstantInteger, visitConstantInterfaceMethodref, visitConstantLong, visitConstantMethodref, visitConstantNameAndType, visitConstantString, visitConstantUtf8, visitConstantValue, visitDeprecated, visitExceptionTable, visitField, visitInnerClass, visitLineNumber, visitLocalVariable, visitLocalVariableTypeTable, visitMethod, visitSignature, visitSourceFile, visitSynthetic, visitUnknown

    Methods inherited from class java.lang.Object

    equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface org.apache.bcel.classfile.Visitor

    visitConstantDynamic, visitMethodParameter, visitModule, visitModuleExports, visitModuleMainClass, visitModuleOpens, visitModulePackages, visitModuleProvides, visitModuleRequires, visitNestHost, visitNestMembers, visitRecord, visitRecordComponent, visitStackMapType

  • Field Details

  • Constructor Details

    • SuspiciousJDKVersionUse

      public SuspiciousJDKVersionUse(edu.umd.cs.findbugs.BugReporter bugReporter)

  • Method Details

    • visitClassContext

      public void visitClassContext(edu.umd.cs.findbugs.ba.ClassContext classContext)
      Specified by:
      visitClassContext in interface edu.umd.cs.findbugs.Detector
      Overrides:
      visitClassContext in class edu.umd.cs.findbugs.BytecodeScanningDetector

    • sawOpcode

      public void sawOpcode(int seen)
      Overrides:
      sawOpcode in class edu.umd.cs.findbugs.visitclass.DismantleBytecode

    • findCalledMethod

      @Nullable private org.apache.bcel.classfile.Method findCalledMethod()

    • isValid

      private boolean isValid(Map<String,Set<String>> validMethods, String clsName) throws IOException, ClassNotFoundException
      Throws:
      IOException
      ClassNotFoundException

    • isJavaXExternal

      private boolean isJavaXExternal(String className)
      checks to see if this class is a javax.xxxx.Foo class if so, looks to see if the package is at least in the jdk if a whole new package comes into javax in rt.jar, this will be missed. Need a better solution here.
      Parameters:
      className - the slashed class in question
      Returns:
      whether it is in the default jdk rt.jar

    • getRTJarFile

      @Nullable private File getRTJarFile()

    • getRTJarFromProperty

      @Nullable private static File getRTJarFromProperty(Integer requestedVersion)