优化:解决空语句报错

master
RenFengJiang 8 months ago
parent f1f377f8c1
commit 86a14b9342
  1. 9
      sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/EncryptionAlgorithmChecker.java
  2. 4
      sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/FileAccessChecker.java
  3. 9
      sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ValidatePasswordCheck.java
  4. 15
      sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/VirtualLockUsageChecker.java

@ -43,7 +43,9 @@ public class EncryptionAlgorithmChecker extends SquidCheck<Grammar> {
@Override @Override
public void visitNode(AstNode astNode) { public void visitNode(AstNode astNode) {
var varName = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId).getTokenOriginalValue(); AstNode descendant = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId);
if(descendant != null){
var varName =descendant.getTokenValue();
if(varName.contains("password") && !cache.containsKey(varName)){ if(varName.contains("password") && !cache.containsKey(varName)){
cache.put(varName, astNode); cache.put(varName, astNode);
var next = astNode.getNextAstNode(); var next = astNode.getNextAstNode();
@ -52,10 +54,10 @@ public class EncryptionAlgorithmChecker extends SquidCheck<Grammar> {
if(callNode != null){ if(callNode != null){
var callList = callNode.getDescendants(CxxGrammarImpl.className); var callList = callNode.getDescendants(CxxGrammarImpl.className);
if(!callList.isEmpty()) { if(!callList.isEmpty()) {
var funName = callList.get(callList.size() - 1).getTokenOriginalValue(); var funName = callList.get(callList.size() - 1).getTokenValue();
var paramList = callNode.getDescendants(CxxGrammarImpl.expressionList); var paramList = callNode.getDescendants(CxxGrammarImpl.expressionList);
if("hashpw".equalsIgnoreCase(funName) && paramList.stream().anyMatch(item-> { if("hashpw".equalsIgnoreCase(funName) && paramList.stream().anyMatch(item-> {
var name = item.getTokenOriginalValue(); var name = item.getTokenValue();
return name != null && ("password".equals(name) || "salt".equals(name)); return name != null && ("password".equals(name) || "salt".equals(name));
})){ })){
cache.remove(varName); cache.remove(varName);
@ -70,3 +72,4 @@ public class EncryptionAlgorithmChecker extends SquidCheck<Grammar> {
} }
} }
} }
}

@ -61,7 +61,7 @@ public class FileAccessChecker extends SquidCheck<Grammar> {
} }
private AstNode findIfstreamNode(AstNode node) { private AstNode findIfstreamNode(AstNode node) {
if (node.getToken() != null && "ifstream".equals(node.getTokenOriginalValue())) { if (node.getToken() != null && "ifstream".equals(node.getTokenValue())) {
return node; return node;
} }
for (AstNode child : node.getChildren()) { for (AstNode child : node.getChildren()) {
@ -105,7 +105,7 @@ public class FileAccessChecker extends SquidCheck<Grammar> {
if (parameterDeclarationNode != null) { if (parameterDeclarationNode != null) {
AstNode identifierNode = parameterDeclarationNode.getFirstDescendant(GenericTokenType.IDENTIFIER); AstNode identifierNode = parameterDeclarationNode.getFirstDescendant(GenericTokenType.IDENTIFIER);
if (identifierNode != null) { if (identifierNode != null) {
String ifstreamParam = identifierNode.getTokenOriginalValue(); String ifstreamParam = identifierNode.getTokenValue();
if (!conditionVariables.contains(ifstreamParam)) { if (!conditionVariables.contains(ifstreamParam)) {
getContext().createLineViolation(this, "在访问文件或目录前需要对路径名进行验证", ifstreamNode); getContext().createLineViolation(this, "在访问文件或目录前需要对路径名进行验证", ifstreamNode);
} }

@ -40,7 +40,8 @@ public class ValidatePasswordCheck extends SquidCheck<Grammar> {
public void visitNode(AstNode astNode) { public void visitNode(AstNode astNode) {
AstNode functionNameNode = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId); AstNode functionNameNode = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId);
String functionName = functionNameNode.getTokenOriginalValue(); if(functionNameNode != null){
String functionName = functionNameNode.getTokenValue();
//检查函数是否为main //检查函数是否为main
if ("main".equals(functionName)) { if ("main".equals(functionName)) {
@ -48,6 +49,8 @@ public class ValidatePasswordCheck extends SquidCheck<Grammar> {
} }
} }
}
private void checkPasswordValidationInMain(AstNode mainFunctionNode) { private void checkPasswordValidationInMain(AstNode mainFunctionNode) {
AstNode compoundStatement = mainFunctionNode.getFirstDescendant(CxxGrammarImpl.compoundStatement); AstNode compoundStatement = mainFunctionNode.getFirstDescendant(CxxGrammarImpl.compoundStatement);
@ -58,7 +61,7 @@ public class ValidatePasswordCheck extends SquidCheck<Grammar> {
AstNode declaratorId = initDeclarator.getFirstDescendant(CxxGrammarImpl.declaratorId); AstNode declaratorId = initDeclarator.getFirstDescendant(CxxGrammarImpl.declaratorId);
if (declaratorId != null) { if (declaratorId != null) {
String variableName = declaratorId.getTokenOriginalValue(); String variableName = declaratorId.getTokenValue();
// 检查变量是否命名为password // 检查变量是否命名为password
if ("password".equalsIgnoreCase(variableName)) { if ("password".equalsIgnoreCase(variableName)) {
@ -79,7 +82,7 @@ public class ValidatePasswordCheck extends SquidCheck<Grammar> {
if (initializationValue != null) { if (initializationValue != null) {
String passwordValue = initializationValue.getTokenOriginalValue(); String passwordValue = initializationValue.getTokenValue();
if (!passwordValue.matches(passwordRegex)) { if (!passwordValue.matches(passwordRegex)) {
getContext().createLineViolation(this, "口令不匹配足够复杂度", initializationValue); getContext().createLineViolation(this, "口令不匹配足够复杂度", initializationValue);

@ -43,7 +43,9 @@ public class VirtualLockUsageChecker extends SquidCheck<Grammar> {
@Override @Override
public void visitNode(AstNode astNode) { public void visitNode(AstNode astNode) {
String varName = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId).getTokenOriginalValue(); AstNode descendant = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId);
if(descendant != null){
String varName = descendant.getTokenValue();
for (String keyword : keywords) { for (String keyword : keywords) {
if (varName.equals(keyword) && (!caches.equals(keyword) || !caches.get(keyword).equals(varName))) { if (varName.equals(keyword) && (!caches.equals(keyword) || !caches.get(keyword).equals(varName))) {
@ -54,15 +56,19 @@ public class VirtualLockUsageChecker extends SquidCheck<Grammar> {
} }
} }
}
private void processNode(AstNode astNode, String keyword) { private void processNode(AstNode astNode, String keyword) {
String varName = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId).getTokenOriginalValue(); AstNode descendant = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId);
if (descendant != null){
String varName = descendant.getTokenValue();
AstNode currentNode = astNode.getNextAstNode(); AstNode currentNode = astNode.getNextAstNode();
while (currentNode != null) { while (currentNode != null) {
AstNode callNode = currentNode.getFirstDescendant(CxxGrammarImpl.postfixExpression); AstNode callNode = currentNode.getFirstDescendant(CxxGrammarImpl.postfixExpression);
if (callNode != null && callNode.getTokenOriginalValue().equalsIgnoreCase("VirtualLock")) { if (callNode != null && callNode.getTokenValue().equalsIgnoreCase("VirtualLock")) {
List<AstNode> paramList = callNode.getDescendants(CxxGrammarImpl.expressionList); List<AstNode> paramList = callNode.getDescendants(CxxGrammarImpl.expressionList);
if (paramList.stream().anyMatch(item -> item.getTokenOriginalValue().contains(keyword))) { if (paramList.stream().anyMatch(item -> item.getTokenValue().contains(keyword))) {
caches.get(keyword).remove(varName); caches.get(keyword).remove(varName);
break; break;
} }
@ -70,6 +76,7 @@ public class VirtualLockUsageChecker extends SquidCheck<Grammar> {
currentNode = currentNode.getNextSibling(); currentNode = currentNode.getNextSibling();
} }
} }
}
@Override @Override
public void leaveFile(AstNode astNode) { public void leaveFile(AstNode astNode) {

Loading…
Cancel
Save