| Code with Finding: |
class InstConstraintVisitor {
/**
* Ensures the specific preconditions of the said instruction.
*/
@Override
public void visitINVOKESPECIAL(INVOKESPECIAL o){
try {
// Don't init an object twice.
if ( (o.getMethodName(cpg).equals(Const.CONSTRUCTOR_NAME)) &&
(!(stack().peek(o.getArgumentTypes(cpg).length) instanceof UninitializedObjectType)) ){
constraintViolated(o, "Possibly initializing object twice."+
" A valid instruction sequence must not have an uninitialized object on the operand stack or in a local variable"+
" during a backwards branch, or in a local variable in code protected by an exception handler."+
" Please see The Java Virtual Machine Specification, Second Edition, 4.9.4 (pages 147 and 148) for details.");
}
// the o.getClassType(cpg) type has passed pass 2; see visitLoadClass(o).
Type t = o.getType(cpg);
if (t instanceof ObjectType){
String name = ((ObjectType)t).getClassName();
Verifier v = VerifierFactory.getVerifier( name );
VerificationResult vr = v.doPass2();
if (vr.getStatus() != VerificationResult.VERIFIED_OK){
constraintViolated(o, "Class '"+name+"' is referenced, but cannot be loaded and resolved: '"+vr+"'.");
}
}
Type[] argtypes = o.getArgumentTypes(cpg);
int nargs = argtypes.length;
for (int i=nargs-1; i>=0; i--){
Type fromStack = stack().peek( (nargs-1) - i ); // 0 to nargs-1
Type fromDesc = argtypes[i];
if (fromDesc == Type.BOOLEAN ||
fromDesc == Type.BYTE ||
fromDesc == Type.CHAR ||
fromDesc == Type.SHORT){
fromDesc = Type.INT;
}
if (! fromStack.equals(fromDesc)){
if (fromStack instanceof ReferenceType && fromDesc instanceof ReferenceType){
ReferenceType rFromStack = (ReferenceType) fromStack;
ReferenceType rFromDesc = (ReferenceType) fromDesc;
// TODO: This can only be checked using Staerk-et-al's "set of object types", not
// using a "wider cast object type".
if ( ! rFromStack.isAssignmentCompatibleWith(rFromDesc) ){
constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+
"' on the stack (which is not assignment compatible).");
}
referenceTypeIsInitialized(o, rFromStack);
}
else{
constraintViolated(o, "Expecting a '"+fromDesc+"' but found a '"+fromStack+"' on the stack.");
}
}
}
Type objref = stack().peek(nargs);
if (objref == Type.NULL){
return;
}
if (! (objref instanceof ReferenceType) ){
constraintViolated(o, "Expecting a reference type as 'objectref' on the stack, not a '"+objref+"'.");
}
String objref_classname = null;
if ( !(o.getMethodName(cpg).equals(Const.CONSTRUCTOR_NAME))){
referenceTypeIsInitialized(o, (ReferenceType) objref);
if (!(objref instanceof ObjectType)){
if (!(objref instanceof ArrayType)){ // could be a ReturnaddressType
constraintViolated(o, "Expecting an ObjectType as 'objectref' on the stack, not a '"+objref+"'.");
}
else{
objref = GENERIC_ARRAY;
}
}
objref_classname = ((ObjectType) objref).getClassName();
}
else{
if (!(objref instanceof UninitializedObjectType)){
constraintViolated(o, "Expecting an UninitializedObjectType as 'objectref' on the stack, not a '"+objref+
"'. Otherwise, you couldn't invoke a method since an array has no methods (not to speak of a return address).");
}
objref_classname = ((UninitializedObjectType) objref).getInitialized().getClassName();
}
String theClass = o.getClassName(cpg);
if ( ! Repository.instanceOf(objref_classname, theClass) ){
constraintViolated(o, "The 'objref' item '"+objref+"' does not implement '"+theClass+"' as expected.");
}
} catch (ClassNotFoundException e) {
// FIXME: maybe not the best way to handle this
throw new AssertionViolatedException("Missing class: " + e, e);
}
}
}
|
