package com.h3xstream.findsecbugs.taintanalysis;

import com.h3xstream.findsecbugs.FindSecBugsGlobalConfig;
import com.h3xstream.findsecbugs.taintanalysis.Taint;
import com.ibm.icu.impl.locale.LanguageTag;
import edu.umd.cs.findbugs.ba.AnalysisContext;
import edu.umd.cs.findbugs.ba.CFG;
import edu.umd.cs.findbugs.ba.DepthFirstSearch;
import edu.umd.cs.findbugs.classfile.CheckedAnalysisException;
import edu.umd.cs.findbugs.classfile.IAnalysisCache;
import edu.umd.cs.findbugs.classfile.IMethodAnalysisEngine;
import edu.umd.cs.findbugs.classfile.MethodDescriptor;
import edu.umd.cs.findbugs.io.IO;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.io.UnsupportedEncodingException;
import java.io.Writer;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;
import org.apache.bcel.generic.MethodGen;

/* loaded from: input_file:findsecbugs-plugin.jar:com/h3xstream/findsecbugs/taintanalysis/TaintDataflowEngine.class */
public class TaintDataflowEngine implements IMethodAnalysisEngine<TaintDataflow> {
    private static final FindSecBugsGlobalConfig CONFIG;
    private static final Logger LOGGER;
    private static final String TAINT_CONFIG_PATH = "taint-config/";
    private static final String[] TAINT_CONFIG_FILENAMES;
    private static final String SAFE_ENCODERS_PATH = "safe-encoders/";
    private static final String[] SAFE_ENCODERS_FILENAMES;
    private final TaintConfig taintConfig = new TaintConfig();
    protected static Writer writer;
    private static List<TaintFrameAdditionalVisitor> visitors;
    static final /* synthetic */ boolean $assertionsDisabled;

    public TaintDataflowEngine() {
        for (String str : TAINT_CONFIG_FILENAMES) {
            loadTaintConfig(TAINT_CONFIG_PATH.concat(str), true);
        }
        for (String str2 : SAFE_ENCODERS_FILENAMES) {
            loadTaintConfig(SAFE_ENCODERS_PATH.concat(str2), true);
        }
        loadTaintConfig(TAINT_CONFIG_PATH.concat("taint-sensitive-data.txt"), false);
        if (CONFIG.isTaintedSystemVariables()) {
            loadTaintConfig(TAINT_CONFIG_PATH.concat("tainted-system-variables.txt"), false);
            LOGGER.info("System variables are considered to be tainted");
        }
        String customConfigFile = CONFIG.getCustomConfigFile();
        if (customConfigFile != null && !customConfigFile.isEmpty()) {
            for (String str3 : customConfigFile.split(File.pathSeparator)) {
                addCustomConfig(str3);
            }
        }
        if (CONFIG.isTaintedMainArgument()) {
            return;
        }
        LOGGER.info("The argument of the main method is not considered tainted");
    }

    public static void registerAdditionalVisitor(TaintFrameAdditionalVisitor taintFrameAdditionalVisitor) {
        visitors.add(taintFrameAdditionalVisitor);
    }

    private void loadTaintConfig(String str, boolean z) {
        if (!$assertionsDisabled && (str == null || str.isEmpty())) {
            throw new AssertionError();
        }
        try {
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream(str);
            Throwable th = null;
            try {
                try {
                    this.taintConfig.load(resourceAsStream, z);
                    if (resourceAsStream != null) {
                        if (0 != 0) {
                            try {
                                resourceAsStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            resourceAsStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (IOException e) {
            if (!$assertionsDisabled) {
                throw new AssertionError(e.getMessage());
            }
        }
    }

    private void addCustomConfig(String str) {
        try {
            try {
                File file = new File(str);
                InputStream fileInputStream = file.exists() ? new FileInputStream(file) : getClass().getClassLoader().getResourceAsStream(str);
                if (fileInputStream == null) {
                    throw new IllegalArgumentException(String.format("Could not add custom config. Neither file %s nor resource matching %s found.", file.getAbsolutePath(), str));
                }
                this.taintConfig.load(fileInputStream, false);
                LOGGER.log(Level.INFO, "Custom taint config loaded from {0}", str);
                IO.close(fileInputStream);
            } catch (IOException e) {
                throw new RuntimeException("Cannot load custom taint config from " + str, e);
            }
        } catch (Throwable th) {
            IO.close((InputStream) null);
            throw th;
        }
    }

    @Override // edu.umd.cs.findbugs.classfile.IAnalysisEngine
    public TaintDataflow analyze(IAnalysisCache iAnalysisCache, MethodDescriptor methodDescriptor) throws CheckedAnalysisException {
        String slashedMethodName;
        TaintMethodConfig taintMethodConfig;
        if (FindSecBugsGlobalConfig.getInstance().isDebugPrintInstructionVisited() || FindSecBugsGlobalConfig.getInstance().isDebugPrintInvocationVisited()) {
            System.out.println("==[ Method: " + methodDescriptor.getName() + " ]==");
        }
        CFG cfg = (CFG) iAnalysisCache.getMethodAnalysis(CFG.class, methodDescriptor);
        DepthFirstSearch depthFirstSearch = (DepthFirstSearch) iAnalysisCache.getMethodAnalysis(DepthFirstSearch.class, methodDescriptor);
        MethodGen methodGen = (MethodGen) iAnalysisCache.getMethodAnalysis(MethodGen.class, methodDescriptor);
        TaintAnalysis taintAnalysis = new TaintAnalysis(methodGen, depthFirstSearch, methodDescriptor, this.taintConfig, visitors);
        TaintDataflow taintDataflow = new TaintDataflow(cfg, taintAnalysis);
        taintDataflow.execute();
        taintAnalysis.finishAnalysis();
        if (CONFIG.isDebugOutputTaintConfigs() && writer != null && (taintMethodConfig = this.taintConfig.get((slashedMethodName = getSlashedMethodName(methodGen)))) != null) {
            try {
                writer.append((CharSequence) slashedMethodName);
                Taint outputTaint = taintMethodConfig.getOutputTaint();
                if (outputTaint != null) {
                    writer.append(':');
                    writeTaint(outputTaint);
                }
                Map<Integer, Taint> parametersOutputTaints = taintMethodConfig.getParametersOutputTaints();
                if (!parametersOutputTaints.isEmpty()) {
                    for (Map.Entry<Integer, Taint> entry : parametersOutputTaints.entrySet()) {
                        writer.append('^');
                        writer.append((CharSequence) Integer.toString(entry.getKey().intValue()));
                        writer.append(':');
                        writeTaint(entry.getValue());
                    }
                }
                writer.append('\n');
                writer.flush();
            } catch (IOException e) {
                AnalysisContext.logError("Cannot write derived configs", e);
            }
        }
        return taintDataflow;
    }

    private void writeTaint(Taint taint) throws IOException {
        if (taint.isUnknown() && taint.hasParameters()) {
            writer.append((CharSequence) taint.getParameters().stream().map((v0) -> {
                return String.valueOf(v0);
            }).collect(Collectors.joining(",")));
            Taint.State nonParametricState = taint.getNonParametricState();
            if (nonParametricState != Taint.State.INVALID) {
                writer.append(',');
                writer.append((CharSequence) nonParametricState.name());
            }
        } else {
            writer.append((CharSequence) taint.getState().name());
        }
        if (taint.hasTags()) {
            writer.append('|');
            writer.append((CharSequence) taint.getTags().stream().map((v0) -> {
                return v0.name();
            }).collect(Collectors.joining(",", "+", "")));
        }
        if (taint.isRemovingTags()) {
            writer.append('|');
            writer.append((CharSequence) taint.getTagsToRemove().stream().map((v0) -> {
                return v0.name();
            }).collect(Collectors.joining(",", LanguageTag.SEP, "")));
        }
    }

    private static String getSlashedMethodName(MethodGen methodGen) {
        return methodGen.getClassName().replace('.', '/') + "." + (methodGen.getName() + methodGen.getSignature());
    }

    @Override // edu.umd.cs.findbugs.classfile.IAnalysisEngine
    public void registerWith(IAnalysisCache iAnalysisCache) {
        iAnalysisCache.registerMethodAnalysisEngine(TaintDataflow.class, this);
    }

    static {
        $assertionsDisabled = !TaintDataflowEngine.class.desiredAssertionStatus();
        CONFIG = FindSecBugsGlobalConfig.getInstance();
        LOGGER = Logger.getLogger(TaintDataflowEngine.class.getName());
        TAINT_CONFIG_FILENAMES = new String[]{"android-taint-sql.txt", "collections.txt", "dropwizard.txt", "guava.txt", "java-ee.txt", "java-lang.txt", "java-net.txt", "jetty.txt", "logging.txt", "other.txt", "portlet.txt", "scala.txt", "sonarqube.txt", "struts2-taint.txt", "wicket.txt"};
        SAFE_ENCODERS_FILENAMES = new String[]{"owasp.txt", "apache-commons.txt", "other.txt"};
        writer = null;
        visitors = new ArrayList();
        if (CONFIG.isDebugOutputTaintConfigs()) {
            try {
                writer = new BufferedWriter(new OutputStreamWriter(new FileOutputStream("derived-config.txt"), "utf-8"));
                LOGGER.info("Derived method configs will be output to derived-config.txt");
            } catch (FileNotFoundException e) {
                AnalysisContext.logError("File for derived configs cannot be created or opened", e);
            } catch (UnsupportedEncodingException e2) {
                if (!$assertionsDisabled) {
                    throw new AssertionError(e2.getMessage());
                }
            }
        }
    }
}
