if (iins.getName(cpg).equals("getConnection")
&& iins.getSignature(cpg).equals(
"(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/sql/Connection;")
&& iins.getClassName(cpg).equals("java.sql.DriverManager")) {
Constant operandValue = frame.getTopValue();
if (operandValue.isConstantString()) {
String password = operandValue.getConstantString();
if (password.length() == 0) {
bugAccumulator.accumulateBug(new BugInstance(this, "DMI_EMPTY_DB_PASSWORD", NORMAL_PRIORITY)
.addClassAndMethod(methodGen, sourceFile), classContext, methodGen, sourceFile, location);
} else {
bugAccumulator.accumulateBug(new BugInstance(this, "DMI_CONSTANT_DB_PASSWORD", NORMAL_PRIORITY)
.addClassAndMethod(methodGen, sourceFile), classContext, methodGen, sourceFile, location);
}
}
}
if (iins.getName(cpg).equals("substring") && iins.getSignature(cpg).equals("(I)Ljava/lang/String;")
&& iins.getClassName(cpg).equals("java.lang.String")) {
Constant operandValue = frame.getTopValue();
if (!operandValue.isConstantInteger()) {
continue;
}
int v = operandValue.getConstantInt();
if (v == 0) {
bugAccumulator.accumulateBug(new BugInstance(this, "DMI_USELESS_SUBSTRING", NORMAL_PRIORITY)
.addClassAndMethod(methodGen, sourceFile), classContext, methodGen, sourceFile, location);
}
} else if (iins.getName(cpg).equals("<init>") && iins.getSignature(cpg).equals("(Ljava/lang/String;)V")
&& iins.getClassName(cpg).equals("java.io.File")) {
Constant operandValue = frame.getTopValue();
if (!operandValue.isConstantString()) {
continue;
}
String v = operandValue.getConstantString();
if (isAbsoluteFileName(v) && !v.startsWith("/etc/") && !v.startsWith("/dev/")
&& !v.startsWith("/proc")) {
int priority = NORMAL_PRIORITY;
if (v.startsWith("/tmp")) {
priority = LOW_PRIORITY;