List of usage examples for org.objectweb.asm MethodVisitor visitCode
public void visitCode()
From source file:jtaint.ServletAdapter.java
License:Apache License
private void buildServletWrapper(MethodVisitor mv, Klass k, String name, String desc) { mv.visitCode(); Label start = new Label(), end = new Label(), handler = new Label(); mv.visitTryCatchBlock(start, end, handler, null); mv.visitLabel(start);/*from w w w . jav a2s. co m*/ mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("is" + k.simpleName()), "Z"); Label l0 = new Label(); mv.visitJumpInsn(IFEQ, l0); Type[] t = Type.getArgumentTypes(desc); mv.visitVarInsn(ALOAD, 1); mv.visitMethodInsn(INVOKEINTERFACE, t[0].getInternalName(), "getParameterMap", "()Ljava/util/Map;"); mv.visitVarInsn(ALOAD, 1); mv.visitMethodInsn(INVOKEINTERFACE, t[0].getInternalName(), "getRemoteHost", "()Ljava/lang/String;"); mv.visitVarInsn(ALOAD, 1); mv.visitMethodInsn(INVOKEINTERFACE, t[0].getInternalName(), "getRemoteAddr", "()Ljava/lang/String;"); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "preService", "(Ljava/util/Map;Ljava/lang/String;Ljava/lang/String;)V"); mv.visitLabel(l0); if (version == V1_6) mv.visitFrame(F_SAME, 0, null, 0, null); mv.visitVarInsn(ALOAD, 0); int l = 1; for (int i = 0; i < t.length; l += t[i].getSize(), i++) mv.visitVarInsn(t[i].getOpcode(ILOAD), l); mv.visitMethodInsn(INVOKESPECIAL, className, ByteCodeUtil.internalName(name), desc); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("is" + k.simpleName()), "Z"); Label l1 = new Label(); mv.visitJumpInsn(IFEQ, l1); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "postService", "()V"); mv.visitLabel(l1); if (version == V1_6) mv.visitFrame(F_SAME, 0, null, 0, null); mv.visitInsn(RETURN); mv.visitLabel(end); mv.visitLabel(handler); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "java/lang/Throwable" }); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("is" + k.simpleName()), "Z"); Label l2 = new Label(); mv.visitJumpInsn(IFEQ, l2); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "postService", "()V"); mv.visitLabel(l2); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "java/lang/Throwable" }); mv.visitInsn(ATHROW); mv.visitMaxs(Math.max(l, 3), l); mv.visitEnd(); }
From source file:jtaint.ServletAdapter.java
License:Apache License
private void buildGetPathTranslatedWrapper(MethodVisitor mv) { mv.visitCode(); mv.visitVarInsn(ALOAD, 0);/*w w w. ja v a 2s .co m*/ mv.visitMethodInsn(INVOKESPECIAL, className, ByteCodeUtil.internalName("getPathTranslated"), "()Ljava/lang/String;"); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("isHttpServletRequest"), "Z"); Label l0 = new Label(); mv.visitJumpInsn(IFEQ, l0); mv.visitVarInsn(ALOAD, 0); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "getPathTranslated", "(Ljava/lang/String;Ljava/lang/Object;)Ljava/lang/String;"); mv.visitLabel(l0); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "java/lang/String" }); mv.visitInsn(ARETURN); mv.visitMaxs(2, 1); mv.visitEnd(); }
From source file:jtaint.ServletAdapter.java
License:Apache License
private void buildHtmlValidatorWrapper(MethodVisitor mv, String name, String desc) { mv.visitCode(); Type[] t = Type.getArgumentTypes(desc); Type r = Type.getReturnType(desc); mv.visitVarInsn(ALOAD, 0);//from www.j a v a 2 s . com int l = 1; for (int i = 0; i < t.length; l += t[i].getSize(), i++) mv.visitVarInsn(t[i].getOpcode(ILOAD), l); mv.visitMethodInsn(INVOKESPECIAL, className, ByteCodeUtil.internalName(name), desc); Label l0 = new Label(); mv.visitInsn(DUP); mv.visitJumpInsn(IFNULL, l0); mv.visitInsn(DUP); mv.visitMethodInsn(INVOKEVIRTUAL, r.getInternalName(), ByteCodeUtil.internalName("getHtmlValidator"), "()Ljtaint/HtmlValidator;"); mv.visitJumpInsn(IFNONNULL, l0); /* Okay, we have a valid print object and null html validator, time * to initialize... */ mv.visitInsn(DUP); mv.visitVarInsn(ALOAD, 0); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "getHtmlValidator", "(Ljava/lang/Object;)Ljtaint/HtmlValidator;"); mv.visitMethodInsn(INVOKEVIRTUAL, r.getInternalName(), ByteCodeUtil.internalName("setHtmlValidator"), "(Ljtaint/HtmlValidator;)V"); mv.visitLabel(l0); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { r.getInternalName() }); mv.visitInsn(ARETURN); mv.visitMaxs(Math.max(l, 3), l); mv.visitEnd(); }
From source file:jtaint.SqlAdapter.java
License:Apache License
private void addSqlValidator() { MethodVisitor mv = cv.visitMethod(ACC_PUBLIC //[ifJava4] + ACC_SYNCHRONIZED// w w w .j av a2s . co m //[fiJava4] , ByteCodeUtil.internalName("sqlValidator"), "()Ljtaint/SqlValidator;", null, null); mv.visitCode(); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("validator"), "Ljtaint/SqlValidator;"); mv.visitInsn(DUP); Label l0 = new Label(); mv.visitJumpInsn(IFNULL, l0); mv.visitInsn(ARETURN); mv.visitLabel(l0); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "jtaint/SqlValidator" }); mv.visitInsn(POP); /* XXX This is an industrial-sized barrel of fun. We have to avoid * infinite recursion here when initializing the validator field -- * i.e. when sqlValidator is called for the first time. In this case, * what can happen is: * connection.sqlValidator -> jtaint.SqlUtil.getSqlValidator * -> Connection.getDatabaseMetadata * -> Connection.sqlValidator -> * -> jtaint.SqlUtil.getSqlValidator * -> Connection.getDatabaseMetadata * ... (repeat last three steps forever), where -> denotes a method call * So if we ever find that we already own the lock that we are about * to acquire, then we return an EmptySqlValidator to break * the recursion(Note that once the recursion unwinds, the validator * field will be correctly set, so we will begin returning the correct * sql validator. This corner case applies only during initialization). */ mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("lockObj"), "Ljava/lang/Object;"); mv.visitInsn(DUP); mv.visitMethodInsn(INVOKESTATIC, "java/lang/Thread", "holdsLock", "(Ljava/lang/Object;)Z"); Label l1 = new Label(); mv.visitJumpInsn(IFEQ, l1); /* Break the recursion */ mv.visitFieldInsn(GETSTATIC, "jtaint/EmptySqlValidator", "INSTANCE", "Ljtaint/EmptySqlValidator;"); mv.visitInsn(ARETURN); /* No recursion -- acquire the lock and initialize our field */ mv.visitLabel(l1); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "java/lang/Object" }); mv.visitInsn(DUP); mv.visitInsn(MONITORENTER); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("validator"), "Ljtaint/SqlValidator;"); mv.visitInsn(DUP); Label l2 = new Label(); mv.visitJumpInsn(IFNULL, l2); mv.visitInsn(SWAP); mv.visitInsn(MONITOREXIT); mv.visitInsn(ARETURN); mv.visitLabel(l2); if (version == V1_6) mv.visitFrame(F_FULL, 1, new Object[] { className }, 2, new Object[] { "java/lang/Object", "jtaint/SqlValidator" }); mv.visitInsn(POP); mv.visitVarInsn(ALOAD, 0); mv.visitInsn(DUP); mv.visitMethodInsn(INVOKESTATIC, "jtaint/SqlUtil", "getSqlValidator", "(Ljava/lang/Object;)Ljtaint/SqlValidator;"); mv.visitInsn(DUP_X1); mv.visitFieldInsn(PUTFIELD, className, ByteCodeUtil.internalName("validator"), "Ljtaint/SqlValidator;"); mv.visitInsn(SWAP); mv.visitInsn(MONITOREXIT); mv.visitInsn(ARETURN); mv.visitMaxs(4, 1); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Wrap String methods that create new Strings so that taint is propagated. * Wrappers call the original method, and then call a helper routine in * jtaint with the original String object, method arguments, and the * return value from the original method. The jtaint helper then * returns a String with the appropriate taint value. *///from w w w .jav a 2 s .c om private void buildTaintWrapper(MethodVisitor mv, String name, String desc) { mv.visitCode(); Type[] t = Type.getArgumentTypes(desc); mv.visitVarInsn(ALOAD, 0); int l = 1; for (int i = 0; i < t.length; l += t[i].getSize(), i++) mv.visitVarInsn(t[i].getOpcode(ILOAD), l); mv.visitMethodInsn(INVOKEVIRTUAL, className, ByteCodeUtil.internalName(name), desc); mv.visitVarInsn(ASTORE, l); mv.visitVarInsn(ALOAD, 0); l = 1; for (int i = 0; i < t.length; l += t[i].getSize(), i++) mv.visitVarInsn(t[i].getOpcode(ILOAD), l); mv.visitVarInsn(ALOAD, l); /* We call the jtaint helper method by passing the arguments * this_object, arg1, arg2, ..., argN, result_object, so append * and prepend an extra java/lang/String object to the arg list. */ Type[] u = new Type[t.length + 2]; Type stringType = Type.getObjectType("java/lang/String"); u[0] = u[u.length - 1] = stringType; System.arraycopy(t, 0, u, 1, t.length); String helperDesc = Type.getMethodDescriptor(stringType, u); mv.visitMethodInsn(INVOKESTATIC, "jtaint/StringUtil", name, helperDesc); mv.visitInsn(ARETURN); mv.visitMaxs(l + 1, l + 1); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Force to{Upper/Lower}Case() to return * to{Upper/LowerCase}(java.util.Locale.getDefault()) *///from w w w .ja v a 2 s . c om private void replaceChangeCase(MethodVisitor mv, String name) { mv.visitCode(); mv.visitVarInsn(ALOAD, 0); mv.visitMethodInsn(INVOKESTATIC, "java/util/Locale", "getDefault", "()Ljava/util/Locale;"); mv.visitMethodInsn(INVOKEVIRTUAL, className, name, "(Ljava/util/Locale;)Ljava/lang/String;"); mv.visitInsn(ARETURN); mv.visitMaxs(2, 1); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Force substring(begin) to return substring(begin, this.count) */ private void replaceSubstring(MethodVisitor mv) { mv.visitCode(); mv.visitVarInsn(ALOAD, 0);/*from w w w. ja v a 2 s .co m*/ mv.visitVarInsn(ILOAD, 1); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, "count", "I"); mv.visitMethodInsn(INVOKEVIRTUAL, className, "substring", "(II)Ljava/lang/String;"); mv.visitInsn(ARETURN); mv.visitMaxs(3, 2); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Force subSequence(begin, end) to return substring(begin, end) */ private void replaceSubSequence(MethodVisitor mv) { mv.visitCode(); mv.visitVarInsn(ALOAD, 0);//from w w w. j a va 2 s. c o m mv.visitVarInsn(ILOAD, 1); mv.visitVarInsn(ILOAD, 2); mv.visitMethodInsn(INVOKEVIRTUAL, className, "substring", "(II)Ljava/lang/String;"); mv.visitInsn(ARETURN); mv.visitMaxs(3, 3); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Force the StringBuilder/StringBuffer constructors to convert to * a String and invoke the String constructor *//*from w w w . j a v a 2 s. c o m*/ private void replaceConstructorStringBuilder(MethodVisitor mv, String name) { mv.visitCode(); mv.visitVarInsn(ALOAD, 0); mv.visitVarInsn(ALOAD, 1); mv.visitMethodInsn(INVOKEVIRTUAL, name, "toString", "()Ljava/lang/String;"); mv.visitMethodInsn(INVOKESPECIAL, className, "<init>", "(Ljava/lang/String;)V"); mv.visitInsn(RETURN); mv.visitMaxs(2, 2); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Force the String constructor to just copy all fields */ private void replaceConstructorString(MethodVisitor mv) { mv.visitCode(); mv.visitVarInsn(ALOAD, 0);//from w w w .j a v a 2s. c o m mv.visitMethodInsn(INVOKESPECIAL, "java/lang/Object", "<init>", "()V"); copyField(mv, "offset", "I"); copyField(mv, "count", "I"); copyField(mv, "value", "[C"); copyField(mv, ByteCodeUtil.internalName("tainted"), "Z"); mv.visitInsn(RETURN); mv.visitMaxs(2, 2); mv.visitEnd(); }