修改优化准则以及被测件

sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/IntegerCountVerifyChecker.java

@@ -96,12 +96,14 @@ public class IntegerCountVerifyChecker extends SquidCheck<Grammar> {
             }else if("std".equals(stList.getTokenValue())){
                 //获取到方法名称
                 AstNode firstDescendant = stList.getFirstDescendant(CxxGrammarImpl.qualifiedId);
+                if (firstDescendant!=null){
                     List<AstNode> children = firstDescendant.getChildren();
                     for(AstNode desc : children){
                         //判断是否是用户输入方法
                         if("cin".equals(desc.getTokenValue())){
                             //获取用户输入中的参数变量
                             AstNode descendant = stList.getFirstDescendant(CxxGrammarImpl.shiftExpression);
+                            if (descendant!=null){
                                 List<AstNode> descendantChildren = descendant.getChildren();
                                 for(AstNode dant:descendantChildren){
                                     if("IDENTIFIER".equals(dant.getName())){
@@ -115,6 +117,8 @@ public class IntegerCountVerifyChecker extends SquidCheck<Grammar> {
                         }
                     }
                 }
+            }
+        }
         return cinList;
     }
 

sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/PathVerifyChecker.java

@@ -50,6 +50,7 @@ public class PathVerifyChecker extends SquidCheck<Grammar> {
     public void visitNode(@Nonnull AstNode node) {
         //获取参数
         AstNode firstDescendant = node.getFirstDescendant(CxxGrammarImpl.initializer);
+        if (firstDescendant!=null){
             List<AstNode> children = firstDescendant.getChildren();
             for(AstNode chil : children){
                 //判断参数类型
@@ -64,6 +65,7 @@ public class PathVerifyChecker extends SquidCheck<Grammar> {
                 }
             }
         }
+    }
 
     //判断是不是路径
     public static boolean isPath(String str) {

sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/UserInputPasswordChecker.java

@@ -82,5 +82,6 @@ public class UserInputPasswordChecker extends SquidCheck<Grammar> {
     @Override
     public void leaveFile(@Nullable AstNode astNode) {
         fieldsMap.values().forEach(node -> getContext().createLineViolation(this, "用户输入口令时对口令域进行掩饰，通常，用户输入的每一个字符都应该以“*”形式回显", node));
+        fieldsMap.clear();
     }
 }

sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ValidatePasswordCheck.java

@@ -82,7 +82,6 @@ public class ValidatePasswordCheck extends SquidCheck<Grammar> {
                 String passwordValue = initializationValue.getTokenOriginalValue();
 
                 if (!passwordValue.matches(passwordRegex)) {
-                    System.out.println("未通过正则校验的口令："+passwordValue);
                     getContext().createLineViolation(this, "口令不匹配足够复杂度", initializationValue);
                 }
             }

sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/VerificationPathChecker.java

@@ -16,10 +16,12 @@ import org.sonar.cxx.squidbridge.annotations.ActivatedByDefault;
 import org.sonar.cxx.squidbridge.annotations.SqaleConstantRemediation;
 import org.sonar.cxx.squidbridge.checks.SquidCheck;
 
-import java.util.ArrayList;
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
 import java.util.List;
 
-import static com.sonar.cxx.sslr.api.GenericTokenType.IDENTIFIER;
 
 @Rule(key = "VerificationPathChecker", name = "在构建路径名前对数据进行校验", description = "对输入数据进行校验", priority = Priority.INFO, tags = {"28suo"})
 @ActivatedByDefault
@@ -28,23 +30,28 @@ public class VerificationPathChecker extends SquidCheck<Grammar> {
 
     @Override
     public void init() {
-        // 订阅要检查AST节点类型，用于在visitNode方法中检查该类型节点
-        this.subscribeTo(
-                CxxGrammarImpl.functionBody
-        );
+        this.subscribeTo(CxxGrammarImpl.functionBody);
     }
+
     public void visitNode(AstNode astNode) {
         List<AstNode> descendants = astNode.getDescendants(CxxGrammarImpl.statement);
         for (AstNode ast : descendants) {
-            List<AstNode> descendants1 = ast.getDescendants(CxxGrammarImpl.shiftExpression);
-            for (AstNode desc :descendants1) {
+            if (processAst(ast)) {
+                break;
+            }
+        }
+    }
+
+    private boolean processAst(AstNode ast) {
+        List<AstNode> innerDescendants = ast.getDescendants(CxxGrammarImpl.shiftExpression);
+        for (AstNode desc : innerDescendants) {
             if ("cin".equals(desc.getTokenValue())) {
                 List<AstNode> children = desc.getChildren();
                 for (AstNode chil : children) {
                     if ("IDENTIFIER".equals(chil.getName())) {
                         if (chil.getTokenValue().toLowerCase().contains("path")) {
                             boolean boo = true;
-                                List<AstNode> exprs = astNode.getDescendants(CxxGrammarImpl.postfixExpression);
+                            List<AstNode> exprs = ast.getDescendants(CxxGrammarImpl.postfixExpression);
                             for (AstNode expr : exprs) {
                                 if (expr.getTokenValue().contains("check") || expr.getTokenValue().contains("verify") || expr.getTokenValue().contains("valid")) {
                                     List<AstNode> astNodeList = expr.getDescendants(CxxGrammarImpl.expressionList);
@@ -55,18 +62,34 @@ public class VerificationPathChecker extends SquidCheck<Grammar> {
                                     }
                                 }
                             }
-                                if(boo){
+                            int lineNumber = chil.getTokenLine();
+                            if (boo && isLineInFile(lineNumber)) {
                                 getContext().createLineViolation(this, "在构建路径名前对数据进行校验", chil);
-                                }
+                                return true;
                             }
                         }
                     }
                 }
 
             }
+        }
+        return false;
+    }
 
-
+    private boolean isLineInFile(int lineNumber) {
+        try {
+            int totalLines = countLines(getContext().getFile());
+            return lineNumber <= totalLines;
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
     }
 
+    public int countLines(File file) throws IOException {
+        try (BufferedReader reader = new BufferedReader(new FileReader(file))) {
+            int lines = 0;
+            while (reader.readLine() != null) lines++;
+            return lines;
+        }
     }
 }

sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/VirtualLockUsageChecker.java

@@ -46,7 +46,7 @@ public class VirtualLockUsageChecker extends SquidCheck<Grammar> {
         String varName = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId).getTokenOriginalValue();
 
         for (String keyword : keywords) {
-            if (varName.contains(keyword) && (!caches.containsKey(keyword) || !caches.get(keyword).containsKey(varName))) {
+            if (varName.equals(keyword) && (!caches.equals(keyword) || !caches.get(keyword).equals(varName))) {
                 caches.putIfAbsent(keyword, new HashMap<>());
                 caches.get(keyword).put(varName, astNode);
                 processNode(astNode, keyword);
@@ -79,7 +79,6 @@ public class VirtualLockUsageChecker extends SquidCheck<Grammar> {
     private void reportViolations() {
         caches.values().forEach(cache ->
                 cache.values().forEach(item -> {
-                    System.out.println("特定字段"+item.getFirstDescendant(CxxGrammarImpl.declaratorId).getTokenOriginalValue()+"未使用VirtualLock()函数锁定存放敏感信息的内存");
                     getContext().createLineViolation(this, "特定字段未使用VirtualLock()函数锁定存放敏感信息的内存", item);
                 })
         );

sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/VerificationPathCheckerTest.java

@@ -21,7 +21,7 @@ public class VerificationPathCheckerTest {
         var tester = CxxFileTesterHelper.create("VerificationPathChecker.cc");
         SourceFile file = CxxAstScanner.scanSingleInputFile(tester.asInputFile(), checker);
         CheckMessagesVerifier.verify(file.getCheckMessages())
-                .next().atLine(12).withMessage("在构建路径名前对数据进行校验")
+                .next().atLine(11).withMessage("在构建路径名前对数据进行校验")
                 .noMore();
     }
 }

sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/VirtualLockUsageCheckerTest.java

@@ -30,6 +30,8 @@ public class VirtualLockUsageCheckerTest {
         SourceFile file = CxxAstScanner.scanSingleInputFile(tester.asInputFile(), checker);
         CheckMessagesVerifier.verify(file.getCheckMessages())
                 .next().atLine(8).withMessage("特定字段未使用VirtualLock()函数锁定存放敏感信息的内存")
+                .next().atLine(10).withMessage("特定字段未使用VirtualLock()函数锁定存放敏感信息的内存")
+                .next().atLine(12).withMessage("特定字段未使用VirtualLock()函数锁定存放敏感信息的内存")
                 .noMore();
     }
 }

sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/VerificationPathChecker.cc

@@ -3,12 +3,11 @@
 using namespace std;
 
 // 假设以下两个函数用于检查和验证路径
-void checkPath(const std::string& path);
-void verifyPath(const std::string& path);
+void checkPath(const string& path);
+void verifyPath(const string& path);
 
 int main(){
     string userPath;
-    cout << "Enter a path: ";
     cin >> userPath;
 
     // 在获取用户输入之后立即对其进行验证

sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/VirtualLockUsageChecker.cc

@@ -7,9 +7,9 @@ int main() {
 
    string add = "北京市"; //error
 
-//   string keyword2 = "北京市"; //error
-//
-//   string keyword3 = "北京市"; //error
+   string keyword2 = "北京市"; //error
+
+   string keyword3 = "北京市"; //error
 
    // 利用vector<char>管理内存
 //   vector<char> addressBuffer(add.begin(), add.end());