From 228d68a4095e4c5a8e26c87200e1811e8407889f Mon Sep 17 00:00:00 2001 From: RenFengJiang <1111> Date: Fri, 19 Jan 2024 11:54:43 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=EF=BC=9A=E5=88=A0=E9=99=A4?= =?UTF-8?q?=E6=97=A0=E7=94=A8=E4=BB=A3=E7=A0=81=EF=BC=8C=E8=AE=BE=E7=BD=AE?= =?UTF-8?q?=E5=85=A8=E5=B1=80=E5=A3=B0=E6=98=8E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cxx/rules/checkers/SendMessageChecker.java | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/SendMessageChecker.java b/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/SendMessageChecker.java index 237e154..3ef34d9 100644 --- a/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/SendMessageChecker.java +++ b/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/SendMessageChecker.java @@ -36,6 +36,12 @@ public class SendMessageChecker extends SquidCheck { CxxGrammarImpl.functionBody ); } + private static List lists = new ArrayList(){{ + add("weapon"); + add("unit"); + add("param"); + }}; + /** * 访问AST节点 @@ -45,10 +51,7 @@ public class SendMessageChecker extends SquidCheck { @Override public void visitNode(@Nonnull AstNode node) { //创建集合存入违规敏感字段 - List lists = new ArrayList(); - lists.add("weapon"); - lists.add("unit"); - lists.add("param"); + //获取到所有的表达式 List descendants = node.getDescendants(CxxGrammarImpl.expression); for (AstNode des:descendants) { @@ -62,7 +65,8 @@ public class SendMessageChecker extends SquidCheck { if("STRING".equals(astNode.getName())){ }else { - if(lists.contains(astNode.getTokenValue())){ + //判斷其中是否包含敏感字段 + if(lists.contains(astNode.getTokenValue().toLowerCase())){ getContext().createLineViolation(this,"发送敏感信息前应对敏感信息进行加密",des); } }