package org.sonar.java.se.checks;

import java.util.List;
import javax.annotation.Nullable;
import org.sonar.java.se.CheckerContext;
import org.sonar.java.se.FlowComputation;
import org.sonar.java.se.ProgramState;
import org.sonar.java.se.checks.XxeProcessingCheck;
import org.sonar.java.se.constraint.Constraint;
import org.sonar.java.se.constraint.ConstraintManager;
import org.sonar.java.se.constraint.ConstraintsByDomain;
import org.sonar.java.se.symbolicvalues.SymbolicValue;
import org.sonar.plugins.java.api.semantic.MethodMatchers;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.Tree;

/* loaded from: input_file:org/sonar/java/se/checks/AbstractXMLProcessing.class */
public abstract class AbstractXMLProcessing extends SECheck {

    /* loaded from: input_file:org/sonar/java/se/checks/AbstractXMLProcessing$PreStatementVisitor.class */
    private class PreStatementVisitor extends CheckerTreeNodeVisitor {
        private final CheckerContext context;

        private PreStatementVisitor(CheckerContext checkerContext) {
            super(checkerContext.getState());
            this.context = checkerContext;
        }

        public void visitMethodInvocation(MethodInvocationTree methodInvocationTree) {
            if (AbstractXMLProcessing.this.getParsingMethods().matches(methodInvocationTree)) {
                SymbolicValue peekValue = this.programState.peekValue(methodInvocationTree.arguments().size());
                if (peekValue instanceof XxeProcessingCheck.XxeSymbolicValue) {
                    XxeProcessingCheck.XxeSymbolicValue xxeSymbolicValue = (XxeProcessingCheck.XxeSymbolicValue) peekValue;
                    AbstractXMLProcessing.this.reportIfNotSecured(this.context, xxeSymbolicValue, this.programState.getConstraints(xxeSymbolicValue));
                }
            }
        }
    }

    @Override // org.sonar.java.se.checks.SECheck
    public ProgramState checkPreStatement(CheckerContext checkerContext, Tree tree) {
        PreStatementVisitor preStatementVisitor = new PreStatementVisitor(checkerContext);
        tree.accept(preStatementVisitor);
        return preStatementVisitor.programState;
    }

    protected abstract MethodMatchers getParsingMethods();

    @Override // org.sonar.java.se.checks.SECheck
    public void checkEndOfExecutionPath(CheckerContext checkerContext, ConstraintManager constraintManager) {
        ProgramState state = checkerContext.getState();
        if (state.exitingOnRuntimeException()) {
            return;
        }
        SymbolicValue peekValue = state.peekValue();
        if (peekValue instanceof XxeProcessingCheck.XxeSymbolicValue) {
            XxeProcessingCheck.XxeSymbolicValue xxeSymbolicValue = (XxeProcessingCheck.XxeSymbolicValue) peekValue;
            reportIfNotSecured(checkerContext, xxeSymbolicValue, state.getConstraints(xxeSymbolicValue));
        }
    }

    private void reportIfNotSecured(CheckerContext checkerContext, XxeProcessingCheck.XxeSymbolicValue xxeSymbolicValue, @Nullable ConstraintsByDomain constraintsByDomain) {
        if (xxeSymbolicValue.isField || !isUnSecuredByProperty(constraintsByDomain)) {
            return;
        }
        checkerContext.reportIssue(getIssueLocation(checkerContext, xxeSymbolicValue), this, getMessage());
    }

    protected abstract boolean isUnSecuredByProperty(@Nullable ConstraintsByDomain constraintsByDomain);

    protected abstract String getMessage();

    protected abstract boolean shouldTrackConstraint(Constraint constraint);

    protected abstract List<Class<? extends Constraint>> getDomains();

    private Tree getIssueLocation(CheckerContext checkerContext, XxeProcessingCheck.XxeSymbolicValue xxeSymbolicValue) {
        return (Tree) FlowComputation.flowWithoutExceptions(checkerContext.getNode(), xxeSymbolicValue, this::shouldTrackConstraint, getDomains(), 1).stream().findFirst().flatMap(flow -> {
            return flow.elements().stream().findFirst();
        }).map(location -> {
            return location.syntaxNode;
        }).orElse(xxeSymbolicValue.init);
    }
}
