package org.sonar.python.checks;

import java.util.List;
import java.util.Set;
import java.util.stream.Stream;
import org.sonar.check.Rule;
import org.sonar.plugins.python.api.PythonSubscriptionCheck;
import org.sonar.plugins.python.api.SubscriptionCheck;
import org.sonar.plugins.python.api.symbols.Symbol;
import org.sonar.plugins.python.api.tree.Argument;
import org.sonar.plugins.python.api.tree.CallExpression;
import org.sonar.plugins.python.api.tree.Expression;
import org.sonar.plugins.python.api.tree.Name;
import org.sonar.plugins.python.api.tree.RegularArgument;
import org.sonar.plugins.python.api.tree.Tree;
import org.sonar.python.cfg.fixpoint.ReachingDefinitionsAnalysis;
import org.sonar.python.checks.utils.Expressions;
import org.sonar.python.tree.TreeUtils;

@Rule(key = "S6985")
/* loaded from: input_file:org/sonar/python/checks/TorchLoadLeadsToUntrustedCodeExecutionCheck.class */
public class TorchLoadLeadsToUntrustedCodeExecutionCheck extends PythonSubscriptionCheck {
    public static final String TORCH_LOAD = "torch.load";
    public static final String MESSAGE = "Replace this call with a safe alternative.";
    public static final String PYTHON_FALSE = "False";
    public static final String WEIGHTS_ONLY = "weights_only";
    private ReachingDefinitionsAnalysis reachingDefinitionsAnalysis;

    public void initialize(SubscriptionCheck.Context context) {
        context.registerSyntaxNodeConsumer(Tree.Kind.FILE_INPUT, subscriptionContext -> {
            this.reachingDefinitionsAnalysis = new ReachingDefinitionsAnalysis(subscriptionContext.pythonFile());
        });
        context.registerSyntaxNodeConsumer(Tree.Kind.CALL_EXPR, subscriptionContext2 -> {
            CallExpression syntaxNode = subscriptionContext2.syntaxNode();
            Symbol calleeSymbol = syntaxNode.calleeSymbol();
            if (calleeSymbol != null && TORCH_LOAD.equals(calleeSymbol.fullyQualifiedName()) && isWeightsOnlyNotFoundOrSetToFalse(syntaxNode.arguments())) {
                subscriptionContext2.addIssue(syntaxNode.callee(), MESSAGE);
            }
        });
    }

    private boolean isWeightsOnlyNotFoundOrSetToFalse(List<Argument> list) {
        RegularArgument argumentByKeyword = TreeUtils.argumentByKeyword(WEIGHTS_ONLY, list);
        if (argumentByKeyword == null) {
            return !Expressions.containsSpreadOperator(list);
        }
        Expression expression = argumentByKeyword.expression();
        if (!(expression instanceof Name)) {
            return false;
        }
        Name name = (Name) expression;
        return PYTHON_FALSE.equals(name.name()) || isNameSetToFalse(name);
    }

    private boolean isNameSetToFalse(Name name) {
        Set valuesAtLocation = this.reachingDefinitionsAnalysis.valuesAtLocation(name);
        if (valuesAtLocation.size() == 1) {
            Stream map = valuesAtLocation.stream().flatMap(TreeUtils.toStreamInstanceOfMapper(Name.class)).map((v0) -> {
                return v0.name();
            });
            String str = PYTHON_FALSE;
            if (map.allMatch((v1) -> {
                return r1.equals(v1);
            })) {
                return true;
            }
        }
        return false;
    }
}
