List of usage examples for org.objectweb.asm MethodVisitor visitVarInsn
public void visitVarInsn(final int opcode, final int var)
From source file:jtaint.ServletAdapter.java
License:Apache License
private void buildTaintedReturnWrapper(MethodVisitor mv, Klass k, int access, String name, String desc) { mv.visitCode();/*from www . j av a 2 s . c om*/ Type[] args = Type.getArgumentTypes(desc); Type ret = Type.getReturnType(desc); boolean isStatic = (access & ACC_STATIC) != 0; int l = 0; if (!isStatic) { mv.visitVarInsn(ALOAD, 0); l = 1; } for (int i = 0; i < args.length; l += args[i].getSize(), i++) mv.visitVarInsn(args[i].getOpcode(ILOAD), l); mv.visitMethodInsn(isStatic ? INVOKESTATIC : INVOKESPECIAL, className, ByteCodeUtil.internalName(name), desc); String taintDesc = Type.getMethodDescriptor(ret, new Type[] { ret }); if (k.isExact()) { /* We already know that we need to wrap...no runtime check needed */ mv.visitMethodInsn(INVOKESTATIC, "jtaint/StringUtil", "toTainted", taintDesc); mv.visitInsn(ARETURN); mv.visitMaxs(l, l); mv.visitEnd(); return; } /* Now taint the return type, if we need to */ mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("is" + k.simpleName()), "Z"); Label l0 = new Label(); mv.visitJumpInsn(IFEQ, l0); mv.visitMethodInsn(INVOKESTATIC, "jtaint/StringUtil", "toTainted", taintDesc); mv.visitLabel(l0); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { ret.getInternalName() }); mv.visitInsn(ARETURN); mv.visitMaxs(Math.max(l, 2), l); mv.visitEnd(); }
From source file:jtaint.ServletAdapter.java
License:Apache License
private void buildServletWrapper(MethodVisitor mv, Klass k, String name, String desc) { mv.visitCode();/*from w w w .j a va 2 s . c om*/ Label start = new Label(), end = new Label(), handler = new Label(); mv.visitTryCatchBlock(start, end, handler, null); mv.visitLabel(start); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("is" + k.simpleName()), "Z"); Label l0 = new Label(); mv.visitJumpInsn(IFEQ, l0); Type[] t = Type.getArgumentTypes(desc); mv.visitVarInsn(ALOAD, 1); mv.visitMethodInsn(INVOKEINTERFACE, t[0].getInternalName(), "getParameterMap", "()Ljava/util/Map;"); mv.visitVarInsn(ALOAD, 1); mv.visitMethodInsn(INVOKEINTERFACE, t[0].getInternalName(), "getRemoteHost", "()Ljava/lang/String;"); mv.visitVarInsn(ALOAD, 1); mv.visitMethodInsn(INVOKEINTERFACE, t[0].getInternalName(), "getRemoteAddr", "()Ljava/lang/String;"); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "preService", "(Ljava/util/Map;Ljava/lang/String;Ljava/lang/String;)V"); mv.visitLabel(l0); if (version == V1_6) mv.visitFrame(F_SAME, 0, null, 0, null); mv.visitVarInsn(ALOAD, 0); int l = 1; for (int i = 0; i < t.length; l += t[i].getSize(), i++) mv.visitVarInsn(t[i].getOpcode(ILOAD), l); mv.visitMethodInsn(INVOKESPECIAL, className, ByteCodeUtil.internalName(name), desc); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("is" + k.simpleName()), "Z"); Label l1 = new Label(); mv.visitJumpInsn(IFEQ, l1); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "postService", "()V"); mv.visitLabel(l1); if (version == V1_6) mv.visitFrame(F_SAME, 0, null, 0, null); mv.visitInsn(RETURN); mv.visitLabel(end); mv.visitLabel(handler); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "java/lang/Throwable" }); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("is" + k.simpleName()), "Z"); Label l2 = new Label(); mv.visitJumpInsn(IFEQ, l2); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "postService", "()V"); mv.visitLabel(l2); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "java/lang/Throwable" }); mv.visitInsn(ATHROW); mv.visitMaxs(Math.max(l, 3), l); mv.visitEnd(); }
From source file:jtaint.ServletAdapter.java
License:Apache License
private void buildGetPathTranslatedWrapper(MethodVisitor mv) { mv.visitCode();//w ww . j a v a2 s . c o m mv.visitVarInsn(ALOAD, 0); mv.visitMethodInsn(INVOKESPECIAL, className, ByteCodeUtil.internalName("getPathTranslated"), "()Ljava/lang/String;"); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("isHttpServletRequest"), "Z"); Label l0 = new Label(); mv.visitJumpInsn(IFEQ, l0); mv.visitVarInsn(ALOAD, 0); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "getPathTranslated", "(Ljava/lang/String;Ljava/lang/Object;)Ljava/lang/String;"); mv.visitLabel(l0); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "java/lang/String" }); mv.visitInsn(ARETURN); mv.visitMaxs(2, 1); mv.visitEnd(); }
From source file:jtaint.ServletAdapter.java
License:Apache License
private void buildHtmlValidatorWrapper(MethodVisitor mv, String name, String desc) { mv.visitCode();/*from w w w.j ava2 s .c o m*/ Type[] t = Type.getArgumentTypes(desc); Type r = Type.getReturnType(desc); mv.visitVarInsn(ALOAD, 0); int l = 1; for (int i = 0; i < t.length; l += t[i].getSize(), i++) mv.visitVarInsn(t[i].getOpcode(ILOAD), l); mv.visitMethodInsn(INVOKESPECIAL, className, ByteCodeUtil.internalName(name), desc); Label l0 = new Label(); mv.visitInsn(DUP); mv.visitJumpInsn(IFNULL, l0); mv.visitInsn(DUP); mv.visitMethodInsn(INVOKEVIRTUAL, r.getInternalName(), ByteCodeUtil.internalName("getHtmlValidator"), "()Ljtaint/HtmlValidator;"); mv.visitJumpInsn(IFNONNULL, l0); /* Okay, we have a valid print object and null html validator, time * to initialize... */ mv.visitInsn(DUP); mv.visitVarInsn(ALOAD, 0); mv.visitMethodInsn(INVOKESTATIC, "jtaint/HttpUtil", "getHtmlValidator", "(Ljava/lang/Object;)Ljtaint/HtmlValidator;"); mv.visitMethodInsn(INVOKEVIRTUAL, r.getInternalName(), ByteCodeUtil.internalName("setHtmlValidator"), "(Ljtaint/HtmlValidator;)V"); mv.visitLabel(l0); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { r.getInternalName() }); mv.visitInsn(ARETURN); mv.visitMaxs(Math.max(l, 3), l); mv.visitEnd(); }
From source file:jtaint.SqlAdapter.java
License:Apache License
public MethodVisitor visitMethod(final int access, final String name, final String desc, String signature, String[] exceptions) {//from w ww. j av a2 s . c om MethodVisitor mv = cv.visitMethod(access, name, desc, signature, exceptions); if ("<init>".equals(name)) { if (isConnection) mv = new LockObjectInitAdapter(mv, className, access, name, desc); return mv; } MethodDecl md = new MethodDecl(access, name, desc); final Klass k = (Klass) instrumentedMethods.get(md); if (k == null || (k.isExact() && !className.equals(k.internalName()))) return mv; return new SimpleAdviceAdapter(mv, className, access, name, desc) { protected void onMethodEnter() { mv.visitVarInsn(ALOAD, 1); mv.visitVarInsn(ALOAD, 0); mv.visitMethodInsn(INVOKESTATIC, "jtaint/SqlUtil", "validateSql" + k.simpleName(), "(Ljava/lang/String;Ljava/lang/Object;)V"); } public void visitMaxs(int nStack, int nLocals) { mv.visitMaxs(Math.max(2, nStack), nLocals); } }; }
From source file:jtaint.SqlAdapter.java
License:Apache License
private void addSqlValidator() { MethodVisitor mv = cv.visitMethod(ACC_PUBLIC //[ifJava4] + ACC_SYNCHRONIZED// www.ja v a 2s. c o m //[fiJava4] , ByteCodeUtil.internalName("sqlValidator"), "()Ljtaint/SqlValidator;", null, null); mv.visitCode(); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("validator"), "Ljtaint/SqlValidator;"); mv.visitInsn(DUP); Label l0 = new Label(); mv.visitJumpInsn(IFNULL, l0); mv.visitInsn(ARETURN); mv.visitLabel(l0); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "jtaint/SqlValidator" }); mv.visitInsn(POP); /* XXX This is an industrial-sized barrel of fun. We have to avoid * infinite recursion here when initializing the validator field -- * i.e. when sqlValidator is called for the first time. In this case, * what can happen is: * connection.sqlValidator -> jtaint.SqlUtil.getSqlValidator * -> Connection.getDatabaseMetadata * -> Connection.sqlValidator -> * -> jtaint.SqlUtil.getSqlValidator * -> Connection.getDatabaseMetadata * ... (repeat last three steps forever), where -> denotes a method call * So if we ever find that we already own the lock that we are about * to acquire, then we return an EmptySqlValidator to break * the recursion(Note that once the recursion unwinds, the validator * field will be correctly set, so we will begin returning the correct * sql validator. This corner case applies only during initialization). */ mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("lockObj"), "Ljava/lang/Object;"); mv.visitInsn(DUP); mv.visitMethodInsn(INVOKESTATIC, "java/lang/Thread", "holdsLock", "(Ljava/lang/Object;)Z"); Label l1 = new Label(); mv.visitJumpInsn(IFEQ, l1); /* Break the recursion */ mv.visitFieldInsn(GETSTATIC, "jtaint/EmptySqlValidator", "INSTANCE", "Ljtaint/EmptySqlValidator;"); mv.visitInsn(ARETURN); /* No recursion -- acquire the lock and initialize our field */ mv.visitLabel(l1); if (version == V1_6) mv.visitFrame(F_SAME1, 0, null, 1, new Object[] { "java/lang/Object" }); mv.visitInsn(DUP); mv.visitInsn(MONITORENTER); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, ByteCodeUtil.internalName("validator"), "Ljtaint/SqlValidator;"); mv.visitInsn(DUP); Label l2 = new Label(); mv.visitJumpInsn(IFNULL, l2); mv.visitInsn(SWAP); mv.visitInsn(MONITOREXIT); mv.visitInsn(ARETURN); mv.visitLabel(l2); if (version == V1_6) mv.visitFrame(F_FULL, 1, new Object[] { className }, 2, new Object[] { "java/lang/Object", "jtaint/SqlValidator" }); mv.visitInsn(POP); mv.visitVarInsn(ALOAD, 0); mv.visitInsn(DUP); mv.visitMethodInsn(INVOKESTATIC, "jtaint/SqlUtil", "getSqlValidator", "(Ljava/lang/Object;)Ljtaint/SqlValidator;"); mv.visitInsn(DUP_X1); mv.visitFieldInsn(PUTFIELD, className, ByteCodeUtil.internalName("validator"), "Ljtaint/SqlValidator;"); mv.visitInsn(SWAP); mv.visitInsn(MONITOREXIT); mv.visitInsn(ARETURN); mv.visitMaxs(4, 1); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Wrap String methods that create new Strings so that taint is propagated. * Wrappers call the original method, and then call a helper routine in * jtaint with the original String object, method arguments, and the * return value from the original method. The jtaint helper then * returns a String with the appropriate taint value. *//*from ww w . ja va 2s . co m*/ private void buildTaintWrapper(MethodVisitor mv, String name, String desc) { mv.visitCode(); Type[] t = Type.getArgumentTypes(desc); mv.visitVarInsn(ALOAD, 0); int l = 1; for (int i = 0; i < t.length; l += t[i].getSize(), i++) mv.visitVarInsn(t[i].getOpcode(ILOAD), l); mv.visitMethodInsn(INVOKEVIRTUAL, className, ByteCodeUtil.internalName(name), desc); mv.visitVarInsn(ASTORE, l); mv.visitVarInsn(ALOAD, 0); l = 1; for (int i = 0; i < t.length; l += t[i].getSize(), i++) mv.visitVarInsn(t[i].getOpcode(ILOAD), l); mv.visitVarInsn(ALOAD, l); /* We call the jtaint helper method by passing the arguments * this_object, arg1, arg2, ..., argN, result_object, so append * and prepend an extra java/lang/String object to the arg list. */ Type[] u = new Type[t.length + 2]; Type stringType = Type.getObjectType("java/lang/String"); u[0] = u[u.length - 1] = stringType; System.arraycopy(t, 0, u, 1, t.length); String helperDesc = Type.getMethodDescriptor(stringType, u); mv.visitMethodInsn(INVOKESTATIC, "jtaint/StringUtil", name, helperDesc); mv.visitInsn(ARETURN); mv.visitMaxs(l + 1, l + 1); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Force to{Upper/Lower}Case() to return * to{Upper/LowerCase}(java.util.Locale.getDefault()) *///from w w w . j av a2 s . c om private void replaceChangeCase(MethodVisitor mv, String name) { mv.visitCode(); mv.visitVarInsn(ALOAD, 0); mv.visitMethodInsn(INVOKESTATIC, "java/util/Locale", "getDefault", "()Ljava/util/Locale;"); mv.visitMethodInsn(INVOKEVIRTUAL, className, name, "(Ljava/util/Locale;)Ljava/lang/String;"); mv.visitInsn(ARETURN); mv.visitMaxs(2, 1); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Force substring(begin) to return substring(begin, this.count) */ private void replaceSubstring(MethodVisitor mv) { mv.visitCode();/* w w w . j a v a 2 s. co m*/ mv.visitVarInsn(ALOAD, 0); mv.visitVarInsn(ILOAD, 1); mv.visitVarInsn(ALOAD, 0); mv.visitFieldInsn(GETFIELD, className, "count", "I"); mv.visitMethodInsn(INVOKEVIRTUAL, className, "substring", "(II)Ljava/lang/String;"); mv.visitInsn(ARETURN); mv.visitMaxs(3, 2); mv.visitEnd(); }
From source file:jtaint.StringAdapter.java
License:Apache License
/** Force subSequence(begin, end) to return substring(begin, end) */ private void replaceSubSequence(MethodVisitor mv) { mv.visitCode();/*from w w w. ja v a 2 s . co m*/ mv.visitVarInsn(ALOAD, 0); mv.visitVarInsn(ILOAD, 1); mv.visitVarInsn(ILOAD, 2); mv.visitMethodInsn(INVOKEVIRTUAL, className, "substring", "(II)Ljava/lang/String;"); mv.visitInsn(ARETURN); mv.visitMaxs(3, 3); mv.visitEnd(); }