优化:获取if中参数方法

wuhaoyang
RenFengJiang 10 months ago
parent 7699baf98d
commit 6ad1ea9a4a
  1. 18
      sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/checkers/HttpInputDataChecker.java
  2. 195
      sonar-keyware-plugins-java/src/test/files/HttpInputDataRule.java

@ -8,7 +8,7 @@ package com.keyware.sonar.java.rules.checkers;
import org.sonar.check.Rule;
import org.sonar.java.ast.parser.ArgumentListTreeImpl;
import org.sonar.java.model.expression.AssignmentExpressionTreeImpl;
import org.sonar.java.model.expression.BinaryExpressionTreeImpl;
import org.sonar.java.model.expression.IdentifierTreeImpl;
import org.sonar.java.model.expression.LiteralTreeImpl;
import org.sonar.java.model.expression.MemberSelectExpressionTreeImpl;
@ -54,9 +54,15 @@ public class HttpInputDataChecker extends IssuableSubscriptionVisitor {
@Override
public void visitIfStatement(IfStatementTree tree) {
ExpressionTree condition = tree.condition();
if(condition instanceof AssignmentExpressionTreeImpl){
AssignmentExpressionTreeImpl assignmentExpressionTree = (AssignmentExpressionTreeImpl) condition;
list.add(assignmentExpressionTree.variable().toString());
if (condition instanceof BinaryExpressionTreeImpl) {
BinaryExpressionTreeImpl binaryExpressionTree = (BinaryExpressionTreeImpl) condition;
List<Tree> children = binaryExpressionTree.children();
for (Tree child:children) {
if(child instanceof IdentifierTreeImpl){
IdentifierTreeImpl identifierTree = (IdentifierTreeImpl) child;
list.add(identifierTree.name());
}
}
}
}
@ -87,9 +93,5 @@ public class HttpInputDataChecker extends IssuableSubscriptionVisitor {
}
}
}
}
}

@ -1,8 +1,193 @@
public class HttpInputDataRule {
public static void main(String[] args) {
// 假设有一个HttpServletResponse对象
HttpServletResponse response = new HttpServletResponse();
HttpServletResponse response = new HttpServletResponse() {
@Override
public String getCharacterEncoding() {
return null;
}
@Override
public String getContentType() {
return null;
}
@Override
public ServletOutputStream getOutputStream() throws IOException {
return null;
}
@Override
public PrintWriter getWriter() throws IOException {
return null;
}
@Override
public void setCharacterEncoding(String s) {
}
@Override
public void setContentLength(int i) {
}
@Override
public void setContentLengthLong(long l) {
}
@Override
public void setContentType(String s) {
}
@Override
public void setBufferSize(int i) {
}
@Override
public int getBufferSize() {
return 0;
}
@Override
public void flushBuffer() throws IOException {
}
@Override
public void resetBuffer() {
}
@Override
public boolean isCommitted() {
return false;
}
@Override
public void reset() {
}
@Override
public void setLocale(Locale locale) {
}
@Override
public Locale getLocale() {
return null;
}
@Override
public void addCookie(Cookie cookie) {
}
@Override
public boolean containsHeader(String s) {
return false;
}
@Override
public String encodeURL(String s) {
return null;
}
@Override
public String encodeRedirectURL(String s) {
return null;
}
@Override
public String encodeUrl(String s) {
return null;
}
@Override
public String encodeRedirectUrl(String s) {
return null;
}
@Override
public void sendError(int i, String s) throws IOException {
}
@Override
public void sendError(int i) throws IOException {
}
@Override
public void sendRedirect(String s) throws IOException {
}
@Override
public void setDateHeader(String s, long l) {
}
@Override
public void addDateHeader(String s, long l) {
}
@Override
public void setHeader(String s, String s1) {
}
@Override
public void addHeader(String s, String s1) {
}
@Override
public void setIntHeader(String s, int i) {
}
@Override
public void addIntHeader(String s, int i) {
}
@Override
public void setStatus(int i) {
}
@Override
public void setStatus(int i, String s) {
}
@Override
public int getStatus() {
return 0;
}
@Override
public String getHeader(String s) {
return null;
}
@Override
public Collection<String> getHeaders(String s) {
return null;
}
@Override
public Collection<String> getHeaderNames() {
return null;
}
};
// 设置单个报头
response.setHeader("Content-Type", "text/plain"); // Noncompliant {{HTTP输入数据验证}}
@ -10,10 +195,10 @@ public class HttpInputDataRule {
// 添加多个报头
String a = "Cache-Control";
String b = "no-cache" ;
if(a = "asds"){
if(a == "asds"){
}
if(b = "asds"){
if(b == "asds"){
}
@ -22,4 +207,4 @@ public class HttpInputDataRule {
// 其他操作...
}
}
}
Loading…
Cancel
Save