Examples of edu.umd.cs.findbugs.ba.constant.Constant

• edu.umd.cs.findbugs.ba.constant.Constant
  Abstract dataflow value representing a value which may or may not be a constant. @see edu.umd.cs.findbugs.ba.constant.ConstantAnalysis @author David Hovemeyer

            if (iins.getName(cpg).equals("getConnection")
                    && iins.getSignature(cpg).equals(
                            "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/sql/Connection;")
                            && iins.getClassName(cpg).equals("java.sql.DriverManager")) {
                Constant operandValue = frame.getTopValue();
                if (operandValue.isConstantString()) {
                    String password = operandValue.getConstantString();
                    if (password.length() == 0) {
                        bugAccumulator.accumulateBug(new BugInstance(this, "DMI_EMPTY_DB_PASSWORD", NORMAL_PRIORITY)
                        .addClassAndMethod(methodGen, sourceFile), classContext, methodGen, sourceFile, location);
                    } else {
                        bugAccumulator.accumulateBug(new BugInstance(this, "DMI_CONSTANT_DB_PASSWORD", NORMAL_PRIORITY)
                        .addClassAndMethod(methodGen, sourceFile), classContext, methodGen, sourceFile, location);
                    }

                }
            }

            if (iins.getName(cpg).equals("substring") && iins.getSignature(cpg).equals("(I)Ljava/lang/String;")
                    && iins.getClassName(cpg).equals("java.lang.String")) {

                Constant operandValue = frame.getTopValue();
                if (!operandValue.isConstantInteger()) {
                    continue;
                }
                int v = operandValue.getConstantInt();
                if (v == 0) {
                    bugAccumulator.accumulateBug(new BugInstance(this, "DMI_USELESS_SUBSTRING", NORMAL_PRIORITY)
                    .addClassAndMethod(methodGen, sourceFile), classContext, methodGen, sourceFile, location);
                }

            } else if (iins.getName(cpg).equals("<init>") && iins.getSignature(cpg).equals("(Ljava/lang/String;)V")
                    && iins.getClassName(cpg).equals("java.io.File")) {

                Constant operandValue = frame.getTopValue();
                if (!operandValue.isConstantString()) {
                    continue;
                }
                String v = operandValue.getConstantString();
                if (isAbsoluteFileName(v) && !v.startsWith("/etc/") && !v.startsWith("/dev/")
                        && !v.startsWith("/proc")) {
                    int priority = NORMAL_PRIORITY;
                    if (v.startsWith("/tmp")) {
                        priority = LOW_PRIORITY;

            }
            InvokeInstruction invoke = (InvokeInstruction) ins;
            if (isDatabaseSink(invoke, cpg)) {
                ConstantFrame frame = dataflow.getFactAtLocation(location);
                int numArguments = frame.getNumArguments(invoke, cpg);
                Constant value = frame.getStackValue(numArguments - 1);

                if (!value.isConstantString()) {
                    // TODO: verify it's the same string represented by
                    // stringAppendState
                    // FIXME: will false positive on const/static strings
                    // returns by methods
                    Location prev = getPreviousLocation(cfg, location, true);