package org.sonar.python.checks.hotspots;

import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.sonar.check.Rule;
import org.sonar.plugins.python.api.SubscriptionCheck;
import org.sonar.plugins.python.api.symbols.Symbol;
import org.sonar.plugins.python.api.tree.CallExpression;
import org.sonar.plugins.python.api.tree.Expression;
import org.sonar.plugins.python.api.tree.Name;
import org.sonar.plugins.python.api.tree.Tree;
import org.sonar.python.checks.AbstractCallExpressionCheck;

@Rule(key = StandardInputCheck.CHECK_KEY)
/* loaded from: input_file:org/sonar/python/checks/hotspots/StandardInputCheck.class */
public class StandardInputCheck extends AbstractCallExpressionCheck {
    public static final String CHECK_KEY = "S4829";
    private static final String MESSAGE = "Make sure that reading the standard input is safe here.";
    private static final Set<String> fileInputFunctions = immutableSet("fileinput.input", "fileinput.FileInput");
    private static final Set<String> sysFunctions = immutableSet("sys.stdin.read", "sys.stdin.readline", "sys.stdin.readlines", "sys.__stdin__.read", "sys.__stdin__.readline", "sys.__stdin__.readlines");
    private static final Set<String> questionableFunctionsBuiltIn = immutableSet("raw_input", "input");
    private static final Set<String> questionablePropertyAccess = immutableSet("sys.stdin", "sys.__stdin__");

    @Override // org.sonar.python.checks.AbstractCallExpressionCheck
    public void initialize(SubscriptionCheck.Context context) {
        context.registerSyntaxNodeConsumer(Tree.Kind.CALL_EXPR, subscriptionContext -> {
            CallExpression syntaxNode = subscriptionContext.syntaxNode();
            if (questionableFunctionsBuiltIn.contains(getFunctionName(syntaxNode.callee()))) {
                subscriptionContext.addIssue(syntaxNode, message());
            } else {
                visitNode(subscriptionContext);
            }
        });
        context.registerSyntaxNodeConsumer(Tree.Kind.NAME, subscriptionContext2 -> {
            Name syntaxNode = subscriptionContext2.syntaxNode();
            if (!isWithinImport(syntaxNode) && isQuestionablePropertyAccess(syntaxNode)) {
                subscriptionContext2.addIssue(syntaxNode, message());
            }
        });
    }

    private static String getFunctionName(Expression expression) {
        return expression.is(new Tree.Kind[]{Tree.Kind.NAME}) ? ((Name) expression).name() : "";
    }

    @Override // org.sonar.python.checks.AbstractCallExpressionCheck
    protected boolean isException(CallExpression callExpression) {
        Symbol calleeSymbol = callExpression.calleeSymbol();
        return (calleeSymbol == null || !fileInputFunctions.contains(calleeSymbol.fullyQualifiedName()) || callExpression.arguments().isEmpty()) ? false : true;
    }

    private static boolean isQuestionablePropertyAccess(Name name) {
        Expression parent = name.parent();
        while (true) {
            Expression expression = parent;
            if (expression == null || expression.is(new Tree.Kind[]{Tree.Kind.CALL_EXPR})) {
                break;
            }
            Expression parent2 = expression.parent();
            if (parent2 != null && parent2.is(new Tree.Kind[]{Tree.Kind.CALL_EXPR}) && ((CallExpression) parent2).callee() == expression) {
                return false;
            }
            parent = parent2;
        }
        Symbol symbol = name.symbol();
        return symbol != null && questionablePropertyAccess.contains(symbol.fullyQualifiedName());
    }

    @Override // org.sonar.python.checks.AbstractCallExpressionCheck
    protected Set<String> functionsToCheck() {
        return (Set) Stream.concat(fileInputFunctions.stream(), sysFunctions.stream()).collect(Collectors.toSet());
    }

    @Override // org.sonar.python.checks.AbstractCallExpressionCheck
    protected String message() {
        return MESSAGE;
    }
}
