优化:解决空语句报错

master
RenFengJiang 8 months ago
parent f1f377f8c1
commit 86a14b9342
  1. 9
      sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/EncryptionAlgorithmChecker.java
  2. 4
      sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/FileAccessChecker.java
  3. 9
      sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ValidatePasswordCheck.java
  4. 15
      sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/VirtualLockUsageChecker.java

@ -43,7 +43,9 @@ public class EncryptionAlgorithmChecker extends SquidCheck<Grammar> {
@Override
public void visitNode(AstNode astNode) {
var varName = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId).getTokenOriginalValue();
AstNode descendant = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId);
if(descendant != null){
var varName =descendant.getTokenValue();
if(varName.contains("password") && !cache.containsKey(varName)){
cache.put(varName, astNode);
var next = astNode.getNextAstNode();
@ -52,10 +54,10 @@ public class EncryptionAlgorithmChecker extends SquidCheck<Grammar> {
if(callNode != null){
var callList = callNode.getDescendants(CxxGrammarImpl.className);
if(!callList.isEmpty()) {
var funName = callList.get(callList.size() - 1).getTokenOriginalValue();
var funName = callList.get(callList.size() - 1).getTokenValue();
var paramList = callNode.getDescendants(CxxGrammarImpl.expressionList);
if("hashpw".equalsIgnoreCase(funName) && paramList.stream().anyMatch(item-> {
var name = item.getTokenOriginalValue();
var name = item.getTokenValue();
return name != null && ("password".equals(name) || "salt".equals(name));
})){
cache.remove(varName);
@ -69,4 +71,5 @@ public class EncryptionAlgorithmChecker extends SquidCheck<Grammar> {
});
}
}
}
}

@ -61,7 +61,7 @@ public class FileAccessChecker extends SquidCheck<Grammar> {
}
private AstNode findIfstreamNode(AstNode node) {
if (node.getToken() != null && "ifstream".equals(node.getTokenOriginalValue())) {
if (node.getToken() != null && "ifstream".equals(node.getTokenValue())) {
return node;
}
for (AstNode child : node.getChildren()) {
@ -105,7 +105,7 @@ public class FileAccessChecker extends SquidCheck<Grammar> {
if (parameterDeclarationNode != null) {
AstNode identifierNode = parameterDeclarationNode.getFirstDescendant(GenericTokenType.IDENTIFIER);
if (identifierNode != null) {
String ifstreamParam = identifierNode.getTokenOriginalValue();
String ifstreamParam = identifierNode.getTokenValue();
if (!conditionVariables.contains(ifstreamParam)) {
getContext().createLineViolation(this, "在访问文件或目录前需要对路径名进行验证", ifstreamNode);
}

@ -40,7 +40,8 @@ public class ValidatePasswordCheck extends SquidCheck<Grammar> {
public void visitNode(AstNode astNode) {
AstNode functionNameNode = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId);
String functionName = functionNameNode.getTokenOriginalValue();
if(functionNameNode != null){
String functionName = functionNameNode.getTokenValue();
//检查函数是否为main
if ("main".equals(functionName)) {
@ -48,6 +49,8 @@ public class ValidatePasswordCheck extends SquidCheck<Grammar> {
}
}
}
private void checkPasswordValidationInMain(AstNode mainFunctionNode) {
AstNode compoundStatement = mainFunctionNode.getFirstDescendant(CxxGrammarImpl.compoundStatement);
@ -58,7 +61,7 @@ public class ValidatePasswordCheck extends SquidCheck<Grammar> {
AstNode declaratorId = initDeclarator.getFirstDescendant(CxxGrammarImpl.declaratorId);
if (declaratorId != null) {
String variableName = declaratorId.getTokenOriginalValue();
String variableName = declaratorId.getTokenValue();
// 检查变量是否命名为password
if ("password".equalsIgnoreCase(variableName)) {
@ -79,7 +82,7 @@ public class ValidatePasswordCheck extends SquidCheck<Grammar> {
if (initializationValue != null) {
String passwordValue = initializationValue.getTokenOriginalValue();
String passwordValue = initializationValue.getTokenValue();
if (!passwordValue.matches(passwordRegex)) {
getContext().createLineViolation(this, "口令不匹配足够复杂度", initializationValue);

@ -43,7 +43,9 @@ public class VirtualLockUsageChecker extends SquidCheck<Grammar> {
@Override
public void visitNode(AstNode astNode) {
String varName = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId).getTokenOriginalValue();
AstNode descendant = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId);
if(descendant != null){
String varName = descendant.getTokenValue();
for (String keyword : keywords) {
if (varName.equals(keyword) && (!caches.equals(keyword) || !caches.get(keyword).equals(varName))) {
@ -54,15 +56,19 @@ public class VirtualLockUsageChecker extends SquidCheck<Grammar> {
}
}
}
private void processNode(AstNode astNode, String keyword) {
String varName = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId).getTokenOriginalValue();
AstNode descendant = astNode.getFirstDescendant(CxxGrammarImpl.declaratorId);
if (descendant != null){
String varName = descendant.getTokenValue();
AstNode currentNode = astNode.getNextAstNode();
while (currentNode != null) {
AstNode callNode = currentNode.getFirstDescendant(CxxGrammarImpl.postfixExpression);
if (callNode != null && callNode.getTokenOriginalValue().equalsIgnoreCase("VirtualLock")) {
if (callNode != null && callNode.getTokenValue().equalsIgnoreCase("VirtualLock")) {
List<AstNode> paramList = callNode.getDescendants(CxxGrammarImpl.expressionList);
if (paramList.stream().anyMatch(item -> item.getTokenOriginalValue().contains(keyword))) {
if (paramList.stream().anyMatch(item -> item.getTokenValue().contains(keyword))) {
caches.get(keyword).remove(varName);
break;
}
@ -70,6 +76,7 @@ public class VirtualLockUsageChecker extends SquidCheck<Grammar> {
currentNode = currentNode.getNextSibling();
}
}
}
@Override
public void leaveFile(AstNode astNode) {

Loading…
Cancel
Save