sonarqube-plugins
/
sonar-keyware
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: sonarqube-plugins:88a121b7dc25cb1313ba78cfe9a3d649c7a40268
Branches Tags
sonarqube-plugins:master
sonarqube-plugins:wuhaoyang
..
compare: sonarqube-plugins:63ffdf647b7726c89086f3e7397795c4269e53a0
Branches Tags
sonarqube-plugins:master
sonarqube-plugins:wuhaoyang

No commits in common. '88a121b7dc25cb1313ba78cfe9a3d649c7a40268' and '63ffdf647b7726c89086f3e7397795c4269e53a0' have entirely different histories.
88a121b7dc ... 63ffdf647b

5 changed files with 79 additions and 125 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats
  1. 67
      pom.xml
  2. 3
      sonar-keyware-plugins-cxx/pom.xml
  3. 16
      sonar-keyware-plugins-java/pom.xml
  4. 39
      sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/checkers/UploadFileVerifyChecker.java
  5. 3
      sonar-keyware-plugins-java/src/test/java/com/keyware/sonar/java/rules/checkers/UploadFileVerifyCheckerTest.java

67
pom.xml
Unescape View File

@ -36,33 +36,14 @@
</scm> </scm>
<developers> <developers>
<developer> <developer><id>guoxin</id><name>GuoXin</name><organization>Keyware</organization></developer>
<id>guoxin</id> <developer><id>renfengjiang</id><name>RenFengJiang</name><organization>Keyware</organization></developer>
<name>GuoXin</name> <developer><id>renfengshan</id><name>RenFengShan</name><organization>Keyware</organization></developer>
<organization>Keyware</organization> <developer><id>wuhaoyang</id><name>WuHaoYang</name><organization>Keyware</organization></developer>
</developer> <developer><id>zhangchenbao</id><name>ZhangChenBao</name><organization>Keyware</organization></developer>
<developer>
<id>renfengjiang</id>
<name>RenFengJiang</name>
<organization>Keyware</organization>
</developer>
<developer>
<id>renfengshan</id>
<name>RenFengShan</name>
<organization>Keyware</organization>
</developer>
<developer>
<id>wuhaoyang</id>
<name>WuHaoYang</name>
<organization>Keyware</organization>
</developer>
<developer>
<id>zhangchenbao</id>
<name>ZhangChenBao</name>
<organization>Keyware</organization>
</developer>
</developers> </developers>
<properties> <properties>
<java.version>11</java.version> <java.version>11</java.version>
<jdk.min.version>11</jdk.min.version> <jdk.min.version>11</jdk.min.version>
@ -71,7 +52,6 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<sonar.java.version>7.24.0.32100</sonar.java.version> <sonar.java.version>7.24.0.32100</sonar.java.version>
<version.jacoco.plugin>0.8.10</version.jacoco.plugin> <version.jacoco.plugin>0.8.10</version.jacoco.plugin>
<junit.jupiter.version>5.9.1</junit.jupiter.version>
<aggregate.report.dir>integration-tests/target/site/jacoco-aggregate/jacoco.xml</aggregate.report.dir> <aggregate.report.dir>integration-tests/target/site/jacoco-aggregate/jacoco.xml</aggregate.report.dir>
</properties> </properties>
@ -96,41 +76,6 @@
<type>pom</type> <type>pom</type>
<scope>import</scope> <scope>import</scope>
</dependency> </dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId>
<version>${junit.jupiter.version}</version>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-api</artifactId>
</exclusion>
<exclusion>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-api</artifactId>
<version>${junit.jupiter.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<version>${junit.jupiter.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-migrationsupport</artifactId>
<version>${junit.jupiter.version}</version>
<scope>test</scope>
</dependency>
</dependencies> </dependencies>
</dependencyManagement> </dependencyManagement>
</project> </project>

3
sonar-keyware-plugins-cxx/pom.xml
Unescape View File

@ -44,6 +44,7 @@
<mockito-all.version>1.10.19</mockito-all.version> <mockito-all.version>1.10.19</mockito-all.version>
<mockito-core.version>5.8.0</mockito-core.version> <mockito-core.version>5.8.0</mockito-core.version>
<assertj-core.version>3.24.2</assertj-core.version> <assertj-core.version>3.24.2</assertj-core.version>
<junit-jupiter.version>5.9.1</junit-jupiter.version>
</properties> </properties>
<dependencies> <dependencies>
@ -113,11 +114,13 @@
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId> <artifactId>junit-jupiter-engine</artifactId>
<version>${junit-jupiter.version}</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-api</artifactId> <artifactId>junit-jupiter-api</artifactId>
<version>${junit-jupiter.version}</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
</dependencies> </dependencies>

16
sonar-keyware-plugins-java/pom.xml
Unescape View File

@ -50,11 +50,6 @@
<version>${sonar.java.version}</version> <version>${sonar.java.version}</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>org.assertj</groupId>
<artifactId>assertj-core</artifactId>
<scope>test</scope>
</dependency>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId> <artifactId>junit-jupiter</artifactId>
@ -62,17 +57,12 @@
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-api</artifactId> <artifactId>junit-jupiter-migrationsupport</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.assertj</groupId>
<artifactId>junit-jupiter-migrationsupport</artifactId> <artifactId>assertj-core</artifactId>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
</dependencies> </dependencies>

39
sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/checkers/UploadFileVerifyChecker.java
Unescape View File

@ -41,11 +41,11 @@ public class UploadFileVerifyChecker extends IssuableSubscriptionVisitor {
if(boo){ if(boo){
// 获取文件名称类型判断是否配置文件权限 // 获取文件名称类型判断是否配置文件权限
var interiorInvoIf = new InteriorInvoIf(); var interiorInvoIf = new InteriorInvoIf();
((MethodTree) tree).block().accept(interiorInvoIf); interiorInvoIf.check(((MethodTree) tree).block());
if(interiorInvoIf.fileType != ""){ if(interiorInvoIf.fileType != ""){
// 判断是否对文件后缀进行限制 // 判断是否对文件后缀进行限制
NodeIf nodeIf = new NodeIf(interiorInvoIf.fileType); NodeIf nodeIf = new NodeIf(interiorInvoIf.fileType);
((MethodTree) tree).block().accept(nodeIf); nodeIf.check(((MethodTree) tree).block());
if (nodeIf.boo){ if (nodeIf.boo){
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型");
} }
@ -53,7 +53,7 @@ public class UploadFileVerifyChecker extends IssuableSubscriptionVisitor {
if(interiorInvoIf.fileName != ""){ if(interiorInvoIf.fileName != ""){
// 判断是否对文件后缀进行限制 // 判断是否对文件后缀进行限制
NodeIf nodeIf = new NodeIf(interiorInvoIf.fileName); NodeIf nodeIf = new NodeIf(interiorInvoIf.fileName);
((MethodTree) tree).block().accept(nodeIf); nodeIf.check(((MethodTree) tree).block());
if (nodeIf.boo){ if (nodeIf.boo){
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型");
} }
@ -65,8 +65,7 @@ public class UploadFileVerifyChecker extends IssuableSubscriptionVisitor {
if(interiorInvoIf.sizeName != ""){ if(interiorInvoIf.sizeName != ""){
// 判断是否对文件大小进行限制 // 判断是否对文件大小进行限制
NodeIf nodeIf = new NodeIf(interiorInvoIf.sizeName); NodeIf nodeIf = new NodeIf(interiorInvoIf.sizeName);
//nodeIf.check(((MethodTree) tree).block()); nodeIf.check(((MethodTree) tree).block());
((MethodTree) tree).block().accept(nodeIf);
if (nodeIf.boo){ if (nodeIf.boo){
context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"); context.reportIssue(this, node.simpleName(), "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型");
} }
@ -80,7 +79,7 @@ public class UploadFileVerifyChecker extends IssuableSubscriptionVisitor {
} }
// 內部文件名称类型获取类 // 內部文件名称类型获取类
private class InteriorInvoIf extends BaseTreeVisitor { private class InteriorInvoIf extends IssuableSubscriptionVisitor{
// 文件全名字 // 文件全名字
public String fileName = ""; public String fileName = "";
// 文件后缀名 // 文件后缀名
@ -91,9 +90,15 @@ public class UploadFileVerifyChecker extends IssuableSubscriptionVisitor {
public boolean privType = true; public boolean privType = true;
@Override @Override
public void visitMethodInvocation(MethodInvocationTree tree) { public List<Tree.Kind> nodesToVisit() {
return Collections.singletonList(Tree.Kind.METHOD_INVOCATION);
}
@Override
public void visitNode(Tree tree){
MethodInvocationTree methodInvocationTree = (MethodInvocationTree) tree;
// 获取到方法调用的参数 // 获取到方法调用的参数
ExpressionTree expressionTree = tree.methodSelect(); ExpressionTree expressionTree = methodInvocationTree.methodSelect();
if(expressionTree instanceof MemberSelectExpressionTree){ if(expressionTree instanceof MemberSelectExpressionTree){
MemberSelectExpressionTree expressionTree1 = (MemberSelectExpressionTree) expressionTree; MemberSelectExpressionTree expressionTree1 = (MemberSelectExpressionTree) expressionTree;
// 对调用方法进行判断 // 对调用方法进行判断
@ -132,22 +137,32 @@ public class UploadFileVerifyChecker extends IssuableSubscriptionVisitor {
} }
} }
} }
public void check(Tree tree){
this.scanTree(tree);
}
} }
public class NodeIf extends BaseTreeVisitor { public class NodeIf extends IssuableSubscriptionVisitor{
private String name; private String name;
public boolean boo = true; public boolean boo = true;
@Override
public List<Tree.Kind> nodesToVisit() {
return Collections.singletonList(Tree.Kind.IF_STATEMENT);
}
public NodeIf(String name) { public NodeIf(String name) {
this.name = name; this.name = name;
} }
public void check(Tree tree){
this.scanTree(tree);
}
@Override @Override
public void visitIfStatement(IfStatementTree tree) { public void visitNode(Tree tree){
IfStatementTree tree1 = (IfStatementTree) tree;
// 获取到if表达式 // 获取到if表达式
ExpressionTree condition = tree.condition(); ExpressionTree condition = tree1.condition();
if(condition instanceof BinaryExpressionTree){ if(condition instanceof BinaryExpressionTree){
BinaryExpressionTree binaryExpressionTree = (BinaryExpressionTree) condition; BinaryExpressionTree binaryExpressionTree = (BinaryExpressionTree) condition;
// 判断是否进行if判断 // 判断是否进行if判断

3
sonar-keyware-plugins-java/src/test/java/com/keyware/sonar/java/rules/checkers/UploadFileVerifyCheckerTest.java
Unescape View File

@ -6,6 +6,7 @@
*/ */
package com.keyware.sonar.java.rules.checkers; package com.keyware.sonar.java.rules.checkers;
import com.keyware.sonar.java.utils.FilesUtils;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.sonar.java.checks.verifier.CheckVerifier; import org.sonar.java.checks.verifier.CheckVerifier;
@ -30,7 +31,7 @@ public class UploadFileVerifyCheckerTest {
CheckVerifier.newVerifier() CheckVerifier.newVerifier()
.onFile("src/test/files/UploadFileVerifyRule.java") .onFile("src/test/files/UploadFileVerifyRule.java")
.withCheck(rule) .withCheck(rule)
// .withClassPath(FilesUtils.getClassPath("target/test-jars")) .withClassPath(FilesUtils.getClassPath("target/test-jars"))
.verifyIssues(); .verifyIssues();
} }
} }

Write Preview
Loading…
Cancel
Save