Package com.h3xstream.findsecbugs.password

Class AbstractHardcodedPasswordEqualsDetector

    • Constructor Detail

      • AbstractHardcodedPasswordEqualsDetector

        protected AbstractHardcodedPasswordEqualsDetector​(edu.umd.cs.findbugs.BugReporter bugReporter)

    • Method Detail

      • getPriorityFromTaintFrame

        protected int getPriorityFromTaintFrame​(TaintFrame fact,
                                        int offset)
                                 throws edu.umd.cs.findbugs.ba.DataflowAnalysisException
        Description copied from class: AbstractInjectionDetector
        The default implementation of getPriorityFromTaintFrame() can be overridden if the detector must base its priority on multiple parameters or special conditions like constant values. By default, this method will call the getPriority() method with the parameter taint at the specified offset.
        Overrides:
        getPriorityFromTaintFrame in class AbstractInjectionDetector
        Parameters:
        fact - The TaintFrame for the inspected instruction call.
        offset - The offset of the checked parameter.
        Returns:
        Priorities interface values from 1 to 5 (Enum-like interface)
        Throws:
        edu.umd.cs.findbugs.ba.DataflowAnalysisException - An exception thrown when the TaintFrame cannot be analyzed.

      • visitInvoke

        public void visitInvoke​(org.apache.bcel.generic.InvokeInstruction instruction,
                        org.apache.bcel.generic.MethodGen methodGen,
                        TaintFrame frameType,
                        List<Taint> parameters,
                        org.apache.bcel.generic.ConstantPoolGen cpg)
        Description copied from interface: TaintFrameAdditionalVisitor
        This method will be triggered for every method invocation (static, interface, special and virtual). The constant pool allowed the resolution of method name, field name, constant strings, etc. The taintframe
        Specified by:
        visitInvoke in interface TaintFrameAdditionalVisitor
        methodGen - Method
        frameType - Frame representation after the invoke (results)
        parameters - Stack representation just before the invoke

      • visitReturn

        public void visitReturn​(org.apache.bcel.generic.MethodGen methodGen,
                        Taint returnValue,
                        org.apache.bcel.generic.ConstantPoolGen cpg)
                 throws Exception
        Specified by:
        visitReturn in interface TaintFrameAdditionalVisitor
        Parameters:
        methodGen - Method
        returnValue - State of the returned value.
        Throws:
        Exception

      • visitLoad

        public void visitLoad​(org.apache.bcel.generic.LoadInstruction instruction,
                      org.apache.bcel.generic.MethodGen methodGen,
                      TaintFrame frameType,
                      int numProduced,
                      org.apache.bcel.generic.ConstantPoolGen cpg)
        Specified by:
        visitLoad in interface TaintFrameAdditionalVisitor