package com.cflint.plugins.core;

import cfml.parsing.cfscript.CFExpression;
import cfml.parsing.cfscript.CFFunctionExpression;
import com.cflint.BugList;
import com.cflint.CF;
import com.cflint.plugins.CFLintScannerAdapter;
import com.cflint.plugins.Context;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import net.htmlparser.jericho.Element;

/* loaded from: input_file:com/cflint/plugins/core/QueryParamChecker.class */
public class QueryParamChecker extends CFLintScannerAdapter {
    @Override // com.cflint.plugins.CFLintScannerAdapter, com.cflint.plugins.CFLintScanner
    public void expression(CFExpression cFExpression, Context context, BugList bugList) {
        if (cFExpression instanceof CFFunctionExpression) {
            CFFunctionExpression cFFunctionExpression = (CFFunctionExpression) cFExpression;
            if ("setSql".equalsIgnoreCase(cFFunctionExpression.getFunctionName()) || ("queryExecute".equalsIgnoreCase(cFFunctionExpression.getFunctionName()) && !cFFunctionExpression.getArgs().isEmpty())) {
                if (Pattern.compile(".*#(?:##)?([^#]+)(?:##)?#($|[^#]).*", 32).matcher(cFFunctionExpression.getArgs().get(0).Decompile(0)).matches()) {
                    context.addMessage("QUERYPARAM_REQ", cFFunctionExpression.getName());
                }
            }
        }
    }

    @Override // com.cflint.plugins.CFLintScannerAdapter, com.cflint.plugins.CFLintScanner
    public void element(Element element, Context context, BugList bugList) {
        if (!element.getName().equalsIgnoreCase(CF.CFQUERY) || "query".equalsIgnoreCase(element.getAttributeValue(CF.DBTYPE))) {
            return;
        }
        String replaceAll = element.getContent().toString().replaceAll("<[cC][fF][qQ][uU][eE][rR][yY][pP][aA][rR][aA][mM][^>]*>", "");
        if (replaceAll.indexOf(35) >= 0) {
            List<Integer> determineIgnoreLines = determineIgnoreLines(element);
            Matcher matcher = Pattern.compile("#(?:##)?([^#]+)(?:##)?#($|[^#])", 32).matcher(replaceAll);
            while (matcher.find()) {
                if (matcher.groupCount() >= 1) {
                    int startLine = context.startLine() + countNewLinesUpTo(replaceAll, matcher.start());
                    int end = element.getStartTag().getEnd() + 1 + matcher.start();
                    String group = matcher.group(1);
                    if (!determineIgnoreLines.contains(Integer.valueOf(startLine))) {
                        context.addMessage("CFQUERYPARAM_REQ", group, Integer.valueOf(startLine), Integer.valueOf(end));
                    }
                }
            }
        }
    }

    private List<Integer> determineIgnoreLines(Element element) {
        ArrayList arrayList = new ArrayList();
        for (Element element2 : element.getChildElements()) {
            if (CF.COMMENT.equals(element2.getName()) && element2.toString().contains("@CFLintIgnore") && element2.toString().contains("CFQUERYPARAM_REQ")) {
                int row = element2.getSource().getRow(element2.getEnd());
                arrayList.add(Integer.valueOf(row));
                arrayList.add(Integer.valueOf(row + 1));
                arrayList.add(Integer.valueOf(element2.getSource().getRow(element2.getBegin())));
            } else {
                arrayList.addAll(determineIgnoreLines(element2));
            }
        }
        return arrayList;
    }

    public int countNewLinesUpTo(String str, int i) {
        return Math.max(0, (i > str.length() ? str : str.substring(0, i)).split("\\R").length - 1);
    }
}
