package testcode.taint;

import javax.servlet.http.HttpServletRequest;
import org.hibernate.SessionFactory;

/* loaded from: input_file:testcode/taint/ParameterTaintBackPropagation.class */
public class ParameterTaintBackPropagation {
    private HttpServletRequest request;
    private SessionFactory sessionFactory;

    public void taintedUsingPropagatedParameter() {
        StringBuffer stringBuffer = new StringBuffer();
        appendRequestParameter1(0L, stringBuffer, 0L, "param", 0L);
        this.sessionFactory.openSession().createQuery("FROM comment WHERE userId=" + stringBuffer.toString());
    }

    public void safeByParameterBackPropagation() {
        StringBuffer stringBuffer = new StringBuffer();
        appendString(stringBuffer, "param");
        this.sessionFactory.openSession().createQuery("FROM comment WHERE userId=" + stringBuffer.toString());
    }

    public void safeByTagBackPropagation() {
        String parameter = this.request.getParameter("tainted");
        checkIsNum(parameter);
        this.sessionFactory.openSession().createQuery("FROM comment WHERE userId=" + parameter);
    }

    private boolean appendRequestParameter1(long j, StringBuffer stringBuffer, long j2, String str, long j3) {
        return appendRequestParameter(j, stringBuffer, j2, str, j3);
    }

    private boolean appendRequestParameter(long j, StringBuffer stringBuffer, long j2, String str, long j3) {
        String parameter = this.request.getParameter(str);
        if (parameter != null) {
            stringBuffer.append(parameter);
            return true;
        }
        stringBuffer.append(j + j2 + j3);
        return false;
    }

    private boolean appendString(StringBuffer stringBuffer, String str) {
        stringBuffer.append(str);
        return true;
    }

    private void checkIsNum(String str) {
        Long.parseLong(str);
    }
}
