package org.sonar.java.checks;

import com.google.common.collect.ImmutableList;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Nullable;
import org.sonar.check.Priority;
import org.sonar.check.Rule;
import org.sonar.java.checks.methods.MethodInvocationMatcher;
import org.sonar.java.model.AbstractTypedTree;
import org.sonar.plugins.java.api.tree.ExpressionTree;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.NewArrayTree;
import org.sonar.plugins.java.api.tree.NewClassTree;
import org.sonar.plugins.java.api.tree.Tree;
import org.sonar.squidbridge.annotations.SqaleConstantRemediation;
import org.sonar.squidbridge.annotations.SqaleSubCharacteristic;
import org.sonar.squidbridge.annotations.Tags;

@SqaleSubCharacteristic("INPUT_VALIDATION_AND_REPRESENTATION")
@Rule(key = "S2076", name = "Values passed to OS commands should be sanitized", tags = {Tags.CWE, Tags.OWASP_TOP10, "sans-top25", Tags.SECURITY}, priority = Priority.CRITICAL)
@SqaleConstantRemediation("30min")
/* loaded from: input_file:META-INF/lib/java-checks-3.0.jar:org/sonar/java/checks/OSCommandInjectionCheck.class */
public class OSCommandInjectionCheck extends AbstractInjectionChecker {
    private static final MethodInvocationMatcher RUNTIME_EXEC_MATCHER = MethodInvocationMatcher.create().typeDefinition("java.lang.Runtime").name("exec").withNoParameterConstraint();

    @Override // org.sonar.java.checks.AbstractInjectionChecker, org.sonar.java.ast.visitors.SubscriptionVisitor
    public List<Tree.Kind> nodesToVisit() {
        return ImmutableList.of(Tree.Kind.METHOD_INVOCATION, Tree.Kind.NEW_CLASS);
    }

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public void visitNode(Tree tree) {
        if (hasSemantic()) {
            if (tree.is(Tree.Kind.METHOD_INVOCATION) && RUNTIME_EXEC_MATCHER.matches((MethodInvocationTree) tree, getSemanticModel())) {
                checkForIssue(tree, ((MethodInvocationTree) tree).arguments().get(0));
            } else if (tree.is(Tree.Kind.NEW_CLASS) && ((AbstractTypedTree) tree).getSymbolType().is("java.lang.ProcessBuilder")) {
                Iterator<ExpressionTree> it = ((NewClassTree) tree).arguments().iterator();
                while (it.hasNext()) {
                    checkForIssue(tree, it.next());
                }
            }
        }
    }

    private void checkForIssue(Tree tree, ExpressionTree expressionTree) {
        if (isDynamicArray(expressionTree, tree)) {
            addIssue(expressionTree, "Make sure \"" + this.parameterName + "\" is properly sanitized before use in this OS command.");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private boolean isDynamicArray(@Nullable ExpressionTree expressionTree, Tree tree) {
        if (expressionTree == 0) {
            return false;
        }
        if (!expressionTree.is(Tree.Kind.NEW_ARRAY)) {
            setParameterNameFromArgument(expressionTree);
            return !((AbstractTypedTree) expressionTree).getSymbolType().is("java.lang.String") || isDynamicString(tree, expressionTree, null);
        }
        Iterator<ExpressionTree> it = ((NewArrayTree) expressionTree).initializers().iterator();
        while (it.hasNext()) {
            if (isDynamicString(tree, it.next(), null)) {
                return true;
            }
        }
        return false;
    }
}
