package com.h3xstream.findsecbugs.injection;

import com.h3xstream.findsecbugs.BCELUtil;
import com.h3xstream.findsecbugs.FindSecBugsGlobalConfig;
import com.h3xstream.findsecbugs.injection.SinksLoader;
import com.h3xstream.findsecbugs.taintanalysis.TaintDataflowEngine;
import com.h3xstream.findsecbugs.taintanalysis.TaintFrameAdditionalVisitor;
import edu.umd.cs.findbugs.BugReporter;
import edu.umd.cs.findbugs.ba.AnalysisContext;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.regex.Pattern;
import org.apache.bcel.Repository;
import org.apache.bcel.generic.ConstantPoolGen;
import org.apache.bcel.generic.InstructionHandle;
import org.apache.bcel.generic.InvokeInstruction;

/* loaded from: input_file:findsecbugs-plugin.jar:com/h3xstream/findsecbugs/injection/BasicInjectionDetector.class */
public abstract class BasicInjectionDetector extends AbstractInjectionDetector {
    private final Map<ClassMethodSignature, InjectionPoint> injectionMap;
    private static final SinksLoader SINKS_LOADER;
    static ClassMethodSignature OBJECT;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: protected */
    public BasicInjectionDetector(BugReporter bugReporter) {
        super(bugReporter);
        this.injectionMap = new HashMap();
        loadCustomSinksConfigFiles();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.h3xstream.findsecbugs.injection.AbstractInjectionDetector
    public InjectionPoint getInjectionPoint(InvokeInstruction invokeInstruction, ConstantPoolGen constantPoolGen, InstructionHandle instructionHandle) {
        if (!$assertionsDisabled && (invokeInstruction == null || constantPoolGen == null)) {
            throw new AssertionError();
        }
        ClassMethodSignature classMethodSignature = new ClassMethodSignature(BCELUtil.getSlashedClassName(constantPoolGen, invokeInstruction), invokeInstruction.getMethodName(constantPoolGen), invokeInstruction.getSignature(constantPoolGen));
        if (OBJECT.equals(classMethodSignature)) {
            return InjectionPoint.NONE;
        }
        InjectionPoint injectionPoint = this.injectionMap.get(classMethodSignature);
        if (injectionPoint != null) {
            return injectionPoint;
        }
        try {
            Iterator<String> it = BCELUtil.getParentClassNames(Repository.lookupClass(invokeInstruction.getClassName(constantPoolGen))).iterator();
            while (it.hasNext()) {
                classMethodSignature.setClassName(it.next());
                InjectionPoint injectionPoint2 = this.injectionMap.get(classMethodSignature);
                if (injectionPoint2 != null) {
                    return injectionPoint2;
                }
            }
        } catch (ClassNotFoundException e) {
            AnalysisContext.reportMissingClass(e);
        }
        return InjectionPoint.NONE;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void loadConfiguredSinks(InputStream inputStream, String str) throws IOException {
        SINKS_LOADER.loadSinks(inputStream, str, new SinksLoader.InjectionPointReceiver() { // from class: com.h3xstream.findsecbugs.injection.BasicInjectionDetector.1
            @Override // com.h3xstream.findsecbugs.injection.SinksLoader.InjectionPointReceiver
            public void receiveInjectionPoint(String str2, InjectionPoint injectionPoint) {
                BasicInjectionDetector.this.addParsedInjectionPoint(str2, injectionPoint);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void loadConfiguredSinks(String str, String str2) {
        SINKS_LOADER.loadConfiguredSinks(str, str2, new SinksLoader.InjectionPointReceiver() { // from class: com.h3xstream.findsecbugs.injection.BasicInjectionDetector.2
            @Override // com.h3xstream.findsecbugs.injection.SinksLoader.InjectionPointReceiver
            public void receiveInjectionPoint(String str3, InjectionPoint injectionPoint) {
                BasicInjectionDetector.this.addParsedInjectionPoint(str3, injectionPoint);
            }
        });
    }

    protected void loadCustomSinksConfigFiles() {
        String customSinksConfigFile = FindSecBugsGlobalConfig.getInstance().getCustomSinksConfigFile(getClass().getSimpleName());
        if (customSinksConfigFile == null || customSinksConfigFile.isEmpty()) {
            return;
        }
        for (String str : customSinksConfigFile.split(File.pathSeparator)) {
            String[] split = str.split(Pattern.quote("|"));
            if (split.length != 2 || split[0].trim().isEmpty() || split[1].trim().isEmpty()) {
                AnalysisContext.logError("Wrong injection config file definition: " + str + ". Syntax: fileName|bugType, example: sql-custom.txt|SQL_INJECTION_HIBERNATE");
            } else {
                loadCustomSinks(split[0], split[1]);
            }
        }
    }

    protected void loadCustomSinks(String str, String str2) {
        File file = new File(str);
        try {
            InputStream fileInputStream = file.exists() ? new FileInputStream(file) : getClass().getClassLoader().getResourceAsStream(str);
            try {
                loadConfiguredSinks(fileInputStream, str2);
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException("Cannot load custom injection sinks from " + str, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void loadSink(String str, String str2) {
        SINKS_LOADER.loadSink(str, str2, new SinksLoader.InjectionPointReceiver() { // from class: com.h3xstream.findsecbugs.injection.BasicInjectionDetector.3
            @Override // com.h3xstream.findsecbugs.injection.SinksLoader.InjectionPointReceiver
            public void receiveInjectionPoint(String str3, InjectionPoint injectionPoint) {
                BasicInjectionDetector.this.addParsedInjectionPoint(str3, injectionPoint);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addParsedInjectionPoint(String str, InjectionPoint injectionPoint) {
        ClassMethodSignature from = ClassMethodSignature.from(str);
        if (!$assertionsDisabled && this.injectionMap.containsKey(from)) {
            throw new AssertionError("Duplicate method name loaded: " + str);
        }
        this.injectionMap.put(from, injectionPoint);
    }

    public void registerVisitor(TaintFrameAdditionalVisitor taintFrameAdditionalVisitor) {
        TaintDataflowEngine.registerAdditionalVisitor(taintFrameAdditionalVisitor);
    }

    static {
        $assertionsDisabled = !BasicInjectionDetector.class.desiredAssertionStatus();
        SINKS_LOADER = new SinksLoader();
        OBJECT = new ClassMethodSignature("java/lang/Object", "<init>", "()V");
    }
}
