Skip to content

Commit

Permalink
fix #425, add Lorg/glassfish/jersey/server/CloseableService; as a val…
Browse files Browse the repository at this point in the history 
…id Context class
  • Loading branch information
@mebigfatguy
mebigfatguy committed Nov 24, 2023
1 parent 7a86c04 commit 84211f9
Showing 1 changed file with 28 additions and 20 deletions.
48 changes: 28 additions & 20 deletions src/main/java/com/mebigfatguy/fbcontrib/detect/JAXRSIssues.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,9 @@ public class JAXRSIssues extends PreorderVisitor implements Detector {
"Ljavax/servlet/ServletConfig;",
"Ljavax/servlet/ServletContext;",
"Ljavax/servlet/http/HttpServletRequest;",
"Ljavax/servlet/http/HttpServletResponse;"
"Ljavax/servlet/http/HttpServletResponse;",

"Lorg/glassfish/jersey/server/CloseableService;"
//@formatter:on
);

Expand Down Expand Up @@ -142,29 +144,31 @@ public void visitMethod(Method obj) {
for (AnnotationEntry entry : obj.getAnnotationEntries()) {
String annotationType = entry.getAnnotationType();
switch (annotationType) {
case "Ljavax/ws/rs/GET;":
hasGet = true;
isJAXRS = true;
case "Ljavax/ws/rs/GET;":
hasGet = true;
isJAXRS = true;
break;

case "Ljavax/ws/rs/Consumes;":
hasConsumes = true;
case "Ljavax/ws/rs/Consumes;":
hasConsumes = true;
break;

case "Ljavax/ws/rs/Path;":
path = getDefaultAnnotationValue(entry);
case "Ljavax/ws/rs/Path;":
path = getDefaultAnnotationValue(entry);
break;

default:
// it is fine that GET is not captured here
if (METHOD_ANNOTATIONS.contains(annotationType)) {
isJAXRS = true;
}
default:
// it is fine that GET is not captured here
if (METHOD_ANNOTATIONS.contains(annotationType)) {
isJAXRS = true;
}
break;
}

if (hasGet && hasConsumes) {
bugReporter.reportBug(new BugInstance(this, BugType.JXI_GET_ENDPOINT_CONSUMES_CONTENT.name(), NORMAL_PRIORITY).addClass(this).addMethod(this));
bugReporter.reportBug(
new BugInstance(this, BugType.JXI_GET_ENDPOINT_CONSUMES_CONTENT.name(), NORMAL_PRIORITY)
.addClass(this).addMethod(this));
break;
}
}
Expand Down Expand Up @@ -192,26 +196,30 @@ private void processJAXRSMethod(Method m, String path, boolean hasConsumes) {
if ((path != null) && "Ljavax/ws/rs/PathParam;".equals(annotationType)) {
String parmPath = getDefaultAnnotationValue(a);
if ((parmPath != null) && (!path.matches(".*\\{" + parmPath + "\\b.*"))) {
bugReporter.reportBug(new BugInstance(this, BugType.JXI_PARM_PARAM_NOT_FOUND_IN_PATH.name(), NORMAL_PRIORITY).addClass(this)
bugReporter.reportBug(new BugInstance(this,
BugType.JXI_PARM_PARAM_NOT_FOUND_IN_PATH.name(), NORMAL_PRIORITY).addClass(this)
.addMethod(this).addString("Path param: " + parmPath));
}
} else if ("Ljavax/ws/rs/core/Context;".equals(annotationType)) {
String parmSig = parmTypes[parmIndex].getSignature();
if (!VALID_CONTEXT_TYPES.contains(parmSig)) {
bugReporter.reportBug(new BugInstance(this, BugType.JXI_INVALID_CONTEXT_PARAMETER_TYPE.name(), NORMAL_PRIORITY).addClass(this)
.addMethod(this).addString("Parameter signature: " + parmSig));
bugReporter.reportBug(new BugInstance(this,
BugType.JXI_INVALID_CONTEXT_PARAMETER_TYPE.name(), NORMAL_PRIORITY)
.addClass(this).addMethod(this).addString("Parameter signature: " + parmSig));
}
}
}
}

if (!foundParamAnnotation) {

if ((!sawBareParm) && (hasConsumes || NATIVE_JAXRS_TYPES.contains(parmTypes[parmIndex].getSignature()))) {
if ((!sawBareParm)
&& (hasConsumes || NATIVE_JAXRS_TYPES.contains(parmTypes[parmIndex].getSignature()))) {
sawBareParm = true;
} else {
bugReporter.reportBug(new BugInstance(this, BugType.JXI_UNDEFINED_PARAMETER_SOURCE_IN_ENDPOINT.name(), NORMAL_PRIORITY).addClass(this)
.addMethod(this).addString("Parameter " + (parmIndex + 1)));
bugReporter.reportBug(new BugInstance(this,
BugType.JXI_UNDEFINED_PARAMETER_SOURCE_IN_ENDPOINT.name(), NORMAL_PRIORITY)
.addClass(this).addMethod(this).addString("Parameter " + (parmIndex + 1)));
break;
}

Expand Down

0 comments on commit 84211f9

Please sign in to comment.