package io.joern.scanners.c;

import io.joern.console.CodeExamples;
import io.joern.console.Query;
import io.joern.console.Query$;
import io.joern.console.QueryBundle;
import io.joern.console.TraversalWithStrRep;
import io.joern.console.q;
import io.joern.dataflowengineoss.language.nodemethods.ExtendedCfgNodeMethods$;
import io.joern.dataflowengineoss.queryengine.EngineContext;
import io.joern.dataflowengineoss.queryengine.EngineContext$;
import io.joern.dataflowengineoss.semanticsloader.Semantics$;
import io.joern.scanners.Crew$;
import io.joern.scanners.QueryTags$;
import io.shiftleft.codepropertygraph.generated.nodes.Call;
import io.shiftleft.codepropertygraph.generated.traversal.ExpressionTraversalExtGen$;
import io.shiftleft.semanticcpg.language.ICallResolver;
import io.shiftleft.semanticcpg.language.NoResolve$;
import io.shiftleft.semanticcpg.language.callgraphextension.MethodTraversal$;
import io.shiftleft.semanticcpg.language.nodemethods.CallMethods$;
import io.shiftleft.semanticcpg.language.operatorextension.AssignmentTraversal$;
import io.shiftleft.semanticcpg.language.operatorextension.OpAstNodeTraversal$;
import io.shiftleft.semanticcpg.language.package$;
import io.shiftleft.semanticcpg.language.types.expressions.CallTraversal$;
import overflowdb.traversal.Traversal;
import scala.Predef$;
import scala.collection.StringOps$;
import scala.collection.immutable.List;
import scala.runtime.BoxesRunTime;
import scala.runtime.ScalaRunTime$;

/* compiled from: HeapBasedOverflow.scala */
/* loaded from: input_file:io/joern/scanners/c/HeapBasedOverflow$.class */
public final class HeapBasedOverflow$ implements QueryBundle {
    public static final HeapBasedOverflow$ MODULE$ = new HeapBasedOverflow$();
    private static final EngineContext engineContext = new EngineContext(Semantics$.MODULE$.empty(), EngineContext$.MODULE$.apply$default$2());
    private static final ICallResolver resolver = NoResolve$.MODULE$;

    public EngineContext engineContext() {
        return engineContext;
    }

    public ICallResolver resolver() {
        return resolver;
    }

    @q
    public Query mallocMemcpyIntOverflow() {
        return Query$.MODULE$.make("malloc-memcpy-int-overflow", Crew$.MODULE$.fabs(), "Dangerous copy-operation into heap-allocated buffer", "-", 4.0d, new TraversalWithStrRep(cpg -> {
            List l = MethodTraversal$.MODULE$.callIn$extension(package$.MODULE$.toMethodForCallGraph(package$.MODULE$.toNodeTypeStarters(cpg).method(".*malloc$"), Predef$.MODULE$.$conforms()), MODULE$.resolver()).where(traversal -> {
                return OpAstNodeTraversal$.MODULE$.arithmetic$extension(package$.MODULE$.toOpAstNodeTrav(CallTraversal$.MODULE$.argument$extension(package$.MODULE$.toCall(traversal), Predef$.MODULE$.int2Integer(1))));
            }).l();
            return overflowdb.traversal.package$.MODULE$.iterableToTraversal(MethodTraversal$.MODULE$.callIn$extension(package$.MODULE$.toMethodForCallGraph(package$.MODULE$.toNodeTypeStarters(cpg).method("(?i)memcpy"), Predef$.MODULE$.$conforms()), MODULE$.resolver()).l().filter(call -> {
                return BoxesRunTime.boxToBoolean($anonfun$mallocMemcpyIntOverflow$3(l, call));
            }));
        }, "cpg =>\n        val src =\n          cpg.method(\".*malloc$\").callIn.where(_.argument(1).arithmetic).l\n\n        cpg.method(\"(?i)memcpy\").callIn.l.filter { memcpyCall =>\n          memcpyCall\n            .argument(1)\n            .reachableBy(src)\n            .where(_.inAssignment.target.codeExact(memcpyCall.argument(1).code))\n            .whereNot(_.argument(1).codeExact(memcpyCall.argument(3).code))\n            .hasNext\n        }"), (List) scala.package$.MODULE$.List().apply(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{QueryTags$.MODULE$.integers(), QueryTags$.MODULE$.m4default()})), new CodeExamples((List) scala.package$.MODULE$.List().apply(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n          |\n          |int vulnerable(size_t len, char *src) {\n          |  char *dst = malloc(len + 8);\n          |  memcpy(dst, src, len + 7);\n          |}\n          |\n          |"))})), (List) scala.package$.MODULE$.List().apply(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n          |\n          |int non_vulnerable(size_t len, char *src) {\n          | char *dst = malloc(len + 8);\n          | memcpy(dst, src,len + 8);\n          |}\n          |\n          |int non_vulnerable2(size_t len, char *src) {\n          | char *dst = malloc( some_size );\n          | assert(dst);\n          | memcpy(dst, src, some_size );\n          |}\n          |\n          |"))}))));
    }

    public static final /* synthetic */ boolean $anonfun$mallocMemcpyIntOverflow$3(List list, Call call) {
        return ExtendedCfgNodeMethods$.MODULE$.reachableBy$extension(io.joern.dataflowengineoss.language.package$.MODULE$.cfgNodeToMethodsQp(CallMethods$.MODULE$.argument$extension(package$.MODULE$.toCallMethods(call), 1)), ScalaRunTime$.MODULE$.wrapRefArray(new Traversal[]{overflowdb.traversal.package$.MODULE$.iterableToTraversal(list)}), MODULE$.engineContext()).where(traversal -> {
            return ExpressionTraversalExtGen$.MODULE$.codeExact$extension(package$.MODULE$.toExpressionTraversalExtGen(AssignmentTraversal$.MODULE$.target$extension(package$.MODULE$.toAssignmentTrav(OpAstNodeTraversal$.MODULE$.inAssignment$extension(package$.MODULE$.toOpAstNodeTrav(traversal))))), CallMethods$.MODULE$.argument$extension(package$.MODULE$.toCallMethods(call), 1).code());
        }).whereNot(traversal2 -> {
            return ExpressionTraversalExtGen$.MODULE$.codeExact$extension(package$.MODULE$.toExpressionTraversalExtGen(CallTraversal$.MODULE$.argument$extension(package$.MODULE$.toCall(traversal2), Predef$.MODULE$.int2Integer(1))), CallMethods$.MODULE$.argument$extension(package$.MODULE$.toCallMethods(call), 3).code());
        }).hasNext();
    }

    private HeapBasedOverflow$() {
    }
}
