package org.sonar.java.checks.security;

import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;
import org.sonar.check.Rule;
import org.sonar.java.model.declaration.MethodTreeImpl;
import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
import org.sonar.plugins.java.api.JavaFileScannerContext;
import org.sonar.plugins.java.api.semantic.Symbol;
import org.sonar.plugins.java.api.tree.ClassTree;
import org.sonar.plugins.java.api.tree.IdentifierTree;
import org.sonar.plugins.java.api.tree.MethodTree;
import org.sonar.plugins.java.api.tree.Tree;
import org.sonar.plugins.java.api.tree.VariableTree;

@Rule(key = "S4823")
/* loaded from: input_file:org/sonar/java/checks/security/CommandLineArgumentsCheck.class */
public class CommandLineArgumentsCheck extends IssuableSubscriptionVisitor {
    private static final String ARGS4J_OPTION_ANNOTATION = "org.kohsuke.args4j.Option";
    private static final String ARGS4J_ARGUMENT_ANNOTATION = "org.kohsuke.args4j.Argument";
    private static final String MESSAGE = "Make sure that command line arguments are used safely here.";

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public List<Tree.Kind> nodesToVisit() {
        return Collections.singletonList(Tree.Kind.CLASS);
    }

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public void visitNode(Tree tree) {
        if (hasSemantic()) {
            ClassTree classTree = (ClassTree) tree;
            for (Tree tree2 : classTree.members()) {
                if (tree2.is(Tree.Kind.METHOD)) {
                    MethodTreeImpl methodTreeImpl = (MethodTreeImpl) tree2;
                    if (methodTreeImpl.isMainMethod()) {
                        checkMainMethodArgsUsage(methodTreeImpl);
                    } else if ("run".equals(methodTreeImpl.simpleName().name())) {
                        checkArgs4J(methodTreeImpl.simpleName(), classTree);
                    }
                }
            }
        }
    }

    private void checkArgs4J(IdentifierTree identifierTree, ClassTree classTree) {
        List list = (List) classTree.members().stream().filter(CommandLineArgumentsCheck::hasArgs4JAnnotation).collect(Collectors.toList());
        if (list.isEmpty()) {
            return;
        }
        reportIssue(identifierTree, MESSAGE, (List) list.stream().map(tree -> {
            return new JavaFileScannerContext.Location(StringUtils.EMPTY, tree);
        }).collect(Collectors.toList()), null);
    }

    private static boolean hasArgs4JAnnotation(Tree tree) {
        if (tree.is(Tree.Kind.METHOD)) {
            return hasArgs4JAnnotation(((MethodTree) tree).symbol());
        }
        if (tree.is(Tree.Kind.VARIABLE)) {
            return hasArgs4JAnnotation(((VariableTree) tree).symbol());
        }
        return false;
    }

    private static boolean hasArgs4JAnnotation(Symbol symbol) {
        return symbol.metadata().isAnnotatedWith(ARGS4J_OPTION_ANNOTATION) || symbol.metadata().isAnnotatedWith(ARGS4J_ARGUMENT_ANNOTATION);
    }

    private void checkMainMethodArgsUsage(MethodTree methodTree) {
        VariableTree variableTree = methodTree.parameters().get(0);
        List<IdentifierTree> usages = variableTree.symbol().usages();
        if (usages.isEmpty()) {
            return;
        }
        reportIssue(variableTree, MESSAGE, (List) usages.stream().map(identifierTree -> {
            return new JavaFileScannerContext.Location(StringUtils.EMPTY, identifierTree);
        }).collect(Collectors.toList()), null);
    }
}
