package org.sonar.java.checks.security;

import java.util.function.Predicate;
import org.sonar.check.Rule;
import org.sonar.plugins.java.api.JavaFileScanner;
import org.sonar.plugins.java.api.JavaFileScannerContext;
import org.sonar.plugins.java.api.semantic.Type;
import org.sonar.plugins.java.api.tree.BaseTreeVisitor;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.MethodTree;
import org.sonar.plugins.java.api.tree.Tree;
import org.sonar.plugins.java.api.tree.VariableTree;

@Rule(key = "S5042")
/* loaded from: input_file:org/sonar/java/checks/security/ZipEntryCheck.class */
public class ZipEntryCheck extends BaseTreeVisitor implements JavaFileScanner {
    private static final Predicate<Type> IS_ZIP_ENTRY = type -> {
        return type.isSubtypeOf("java.util.zip.ZipEntry") || type.isSubtypeOf("org.apache.commons.compress.archivers.ArchiveEntry");
    };
    private static final String ISSUE_MESSAGE = "Make sure that expanding this archive file is safe here.";
    private JavaFileScannerContext context;

    @Override // org.sonar.plugins.java.api.JavaFileScanner
    public void scanFile(JavaFileScannerContext javaFileScannerContext) {
        if (javaFileScannerContext.getSemanticModel() == null) {
            return;
        }
        this.context = javaFileScannerContext;
        scan(javaFileScannerContext.getTree());
    }

    @Override // org.sonar.plugins.java.api.tree.BaseTreeVisitor, org.sonar.plugins.java.api.tree.TreeVisitor
    public void visitVariable(VariableTree variableTree) {
        if (isField(variableTree)) {
            return;
        }
        super.visitVariable(variableTree);
    }

    private static boolean isField(VariableTree variableTree) {
        return variableTree.symbol().owner().isTypeSymbol();
    }

    @Override // org.sonar.plugins.java.api.tree.BaseTreeVisitor, org.sonar.plugins.java.api.tree.TreeVisitor
    public void visitMethod(MethodTree methodTree) {
        if (methodTree.block() == null || methodTree.is(Tree.Kind.CONSTRUCTOR)) {
            return;
        }
        methodTree.parameters().stream().filter(variableTree -> {
            return IS_ZIP_ENTRY.test(variableTree.symbol().type());
        }).forEach(variableTree2 -> {
            this.context.reportIssue(this, variableTree2, ISSUE_MESSAGE);
        });
        super.visitMethod(methodTree);
    }

    @Override // org.sonar.plugins.java.api.tree.BaseTreeVisitor, org.sonar.plugins.java.api.tree.TreeVisitor
    public void visitMethodInvocation(MethodInvocationTree methodInvocationTree) {
        if (IS_ZIP_ENTRY.test(methodInvocationTree.symbolType())) {
            this.context.reportIssue(this, methodInvocationTree, ISSUE_MESSAGE);
        }
        super.visitMethodInvocation(methodInvocationTree);
    }
}
