• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License").
5  * You may not use this file except in compliance with the License.
6  * A copy of the License is located at
7  *
8  *  http://aws.amazon.com/apache2.0
9  *
10  * or in the "license" file accompanying this file. This file is distributed
11  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12  * express or implied. See the License for the specific language governing
13  * permissions and limitations under the License.
14  */
15 
16 package software.amazon.awssdk.buildtools.findbugs;
17 
18 import edu.umd.cs.findbugs.BugInstance;
19 import edu.umd.cs.findbugs.BugReporter;
20 import edu.umd.cs.findbugs.ba.SignatureParser;
21 import edu.umd.cs.findbugs.bcel.OpcodeStackDetector;
22 import edu.umd.cs.findbugs.classfile.MethodDescriptor;
23 import java.util.AbstractMap.SimpleEntry;
24 import java.util.HashSet;
25 import java.util.Map.Entry;
26 import java.util.Set;
27 import org.apache.bcel.Const;
28 
29 /**
30  * Blocks usage of disallowed methods in the SDK.
31  */
32 public class DisallowMethodCall extends OpcodeStackDetector {
33     private static final Set<Entry<String, String>> PROHIBITED_METHODS = new HashSet<>();
34     private final BugReporter bugReporter;
35 
36     static {
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpHeaders", "headers"))37         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpHeaders", "headers"));
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpResponse", "headers"))38         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpResponse", "headers"));
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpRequest", "headers"))39         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpRequest", "headers"));
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullRequest", "headers"))40         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullRequest", "headers"));
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullResponse", "headers"))41         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullResponse", "headers"));
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullRequest$Builder", "headers"))42         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullRequest$Builder", "headers"));
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullResponse$Builder", "headers"))43         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullResponse$Builder", "headers"));
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpRequest", "rawQueryParameters"))44         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpRequest", "rawQueryParameters"));
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullRequest", "rawQueryParameters"))45         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullRequest", "rawQueryParameters"));
PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullRequest$Builder", "rawQueryParameters"))46         PROHIBITED_METHODS.add(new SimpleEntry<>("software/amazon/awssdk/http/SdkHttpFullRequest$Builder", "rawQueryParameters"));
47     }
48 
DisallowMethodCall(BugReporter bugReporter)49     public DisallowMethodCall(BugReporter bugReporter) {
50         this.bugReporter = bugReporter;
51     }
52 
53     @Override
sawOpcode(int code)54     public void sawOpcode(int code) {
55         switch (code) {
56             case Const.INVOKEVIRTUAL:
57             case Const.INVOKESPECIAL:
58             case Const.INVOKESTATIC:
59             case Const.INVOKEINTERFACE:
60                 handleMethodCall(code);
61                 return;
62             default:
63                 // Ignore - not a method call.
64         }
65     }
66 
handleMethodCall(int code)67     private void handleMethodCall(int code) {
68         MethodDescriptor method = getMethodDescriptorOperand();
69         SignatureParser signature = new SignatureParser(method.getSignature());
70         Entry<String, String> calledMethod = new SimpleEntry<>(method.getSlashedClassName(), method.getName());
71         if (PROHIBITED_METHODS.contains(calledMethod) && signature.getNumParameters() == 0) {
72             bugReporter.reportBug(new BugInstance(this, "SDK_BAD_METHOD_CALL", NORMAL_PRIORITY)
73                                       .addClassAndMethod(this)
74                                       .addSourceLine(this, getPC()));
75         }
76     }
77 }
78