Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.h3xstream.findsecbugs.injection.custom
Class CustomInjectionSource

java.lang.Object
  extended by com.h3xstream.findsecbugs.injection.custom.CustomInjectionSource
All Implemented Interfaces:
InjectionSource
public class CustomInjectionSource
extends Object
implements InjectionSource

Author:
naokikimura

Nested Class Summary
static class CustomInjectionSource.InvokeIdentifier
           
 
Constructor Summary
CustomInjectionSource(Map<CustomInjectionSource.InvokeIdentifier,InjectionPoint> injectableParametersMap)
           
CustomInjectionSource(Properties properties)
           
 
Method Summary
 InjectionPoint getInjectableParameters(org.apache.bcel.generic.InvokeInstruction ins, org.apache.bcel.generic.ConstantPoolGen cpg, org.apache.bcel.generic.InstructionHandle insHandle)
          The implementation should identify method that are susceptible to injection and return parameters index that can injected.
static InjectionSource getInstance(Class<? extends TaintDetector> that)
           
static InjectionSource getInstance(String resourceBaseName)
           
 boolean isCandidate(org.apache.bcel.generic.ConstantPoolGen cpg)
          Before starting intensive analysis on variable flow and iterating on every instruction, this function will make sure the injection type can occurs in the current class base on its constant pool gen.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CustomInjectionSource

public CustomInjectionSource(Properties properties)

CustomInjectionSource

public CustomInjectionSource(Map<CustomInjectionSource.InvokeIdentifier,InjectionPoint> injectableParametersMap)
Method Detail

getInstance

public static InjectionSource getInstance(Class<? extends TaintDetector> that)

getInstance

public static InjectionSource getInstance(String resourceBaseName)

isCandidate

public boolean isCandidate(org.apache.bcel.generic.ConstantPoolGen cpg)
Description copied from interface: InjectionSource
Before starting intensive analysis on variable flow and iterating on every instruction, this function will make sure the injection type can occurs in the current class base on its constant pool gen. All classes dependencies can be found in this pool.

Specified by:
isCandidate in interface InjectionSource
Returns:

getInjectableParameters

public InjectionPoint getInjectableParameters(org.apache.bcel.generic.InvokeInstruction ins,
                                              org.apache.bcel.generic.ConstantPoolGen cpg,
                                              org.apache.bcel.generic.InstructionHandle insHandle)
Description copied from interface: InjectionSource
The implementation should identify method that are susceptible to injection and return parameters index that can injected.

Specified by:
getInjectableParameters in interface InjectionSource
Parameters:
ins - Instruction visit
cpg - ConstantPool (needed to find the class name and method name associate to instruction)
insHandle - instruction handle (needed to look at the instruction around the current instruction)
Returns:
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2015. All rights reserved.