|
|
|
|
@ -2,8 +2,8 @@ package com.keyware.sonar.java.rules.checkers; |
|
|
|
|
|
|
|
|
|
import org.sonar.check.Rule; |
|
|
|
|
import org.sonar.java.ast.visitors.SubscriptionVisitor; |
|
|
|
|
import org.sonar.plugins.java.api.JavaFileScannerContext; |
|
|
|
|
import org.sonar.plugins.java.api.tree.*; |
|
|
|
|
import org.springframework.lang.NonNull; |
|
|
|
|
|
|
|
|
|
import java.util.Arrays; |
|
|
|
|
import java.util.List; |
|
|
|
|
@ -23,12 +23,12 @@ public class RedirectUrlChecker extends SubscriptionVisitor { |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@Override |
|
|
|
|
public void visitNode(Tree tree) { |
|
|
|
|
public void visitNode(@NonNull Tree tree) { |
|
|
|
|
MethodTree methodTree = (MethodTree) tree; |
|
|
|
|
BlockTree block = methodTree.block(); |
|
|
|
|
// 方法的参数列表
|
|
|
|
|
List<? extends VariableTree> parameters = methodTree.parameters(); |
|
|
|
|
if (block != null && !parameters.isEmpty() && isHttpRequestHandlerMethod(methodTree)) { |
|
|
|
|
if (block != null && !parameters.isEmpty() && isHttpRequestHandlerMethod(methodTree) && methodTree.returnType() != null) { |
|
|
|
|
// 判断方法的返回节点的类型为RedirectView 或 String 类型
|
|
|
|
|
if ("RedirectView".equals(methodTree.returnType().toString())) { |
|
|
|
|
// 传递上下文,和方法的参数列表
|
|
|
|
|
@ -40,14 +40,14 @@ public class RedirectUrlChecker extends SubscriptionVisitor { |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
private void checkByStringType(BlockTree block, List<? extends VariableTree> methodParameters) { |
|
|
|
|
for (StatementTree statementTree : block.body()){ |
|
|
|
|
if(statementTree.kind() == Tree.Kind.RETURN_STATEMENT){ |
|
|
|
|
for (StatementTree statementTree : block.body()) { |
|
|
|
|
if (statementTree.kind() == Tree.Kind.RETURN_STATEMENT) { |
|
|
|
|
ReturnStatementTree rs = (ReturnStatementTree) statementTree; |
|
|
|
|
ExpressionTree exprTree = rs.expression(); |
|
|
|
|
if(exprTree != null && !exprTree.is(Tree.Kind.STRING_LITERAL)){ |
|
|
|
|
if(exprTree instanceof BinaryExpressionTree){ |
|
|
|
|
if (exprTree != null && !exprTree.is(Tree.Kind.STRING_LITERAL)) { |
|
|
|
|
if (exprTree instanceof BinaryExpressionTree) { |
|
|
|
|
BinaryExpressionTree bExprTree = (BinaryExpressionTree) exprTree; |
|
|
|
|
if(bExprTree.is(Tree.Kind.PLUS) && bExprTree.leftOperand().is(Tree.Kind.STRING_LITERAL) && bExprTree.rightOperand().is(Tree.Kind.IDENTIFIER)){ |
|
|
|
|
if (bExprTree.is(Tree.Kind.PLUS) && bExprTree.leftOperand().is(Tree.Kind.STRING_LITERAL) && bExprTree.rightOperand().is(Tree.Kind.IDENTIFIER)) { |
|
|
|
|
var identifierTree = (IdentifierTree) bExprTree.rightOperand(); |
|
|
|
|
String argName = identifierTree.name(); |
|
|
|
|
if (methodParameters.stream().anyMatch(parameter -> parameter.simpleName().name().equals(argName))) { |
|
|
|
|
|
Guo XIn
11 months ago