package org.sonar.python.checks.hotspots;

import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.sonar.check.Rule;
import org.sonar.python.SubscriptionCheck;
import org.sonar.python.SubscriptionContext;
import org.sonar.python.api.tree.PyCallExpressionTree;
import org.sonar.python.api.tree.PyExpressionTree;
import org.sonar.python.api.tree.PyNameTree;
import org.sonar.python.api.tree.PyQualifiedExpressionTree;
import org.sonar.python.api.tree.Tree;
import org.sonar.python.checks.AbstractCallExpressionCheck;
import org.sonar.python.semantic.Symbol;

@Rule(key = StandardInputCheck.CHECK_KEY)
/* loaded from: input_file:org/sonar/python/checks/hotspots/StandardInputCheck.class */
public class StandardInputCheck extends AbstractCallExpressionCheck {
    public static final String CHECK_KEY = "S4829";
    private static final String MESSAGE = "Make sure that reading the standard input is safe here.";
    private static final Set<String> questionableFunctions = immutableSet("fileinput.input", "fileinput.FileInput");
    private static final Set<String> questionableFunctionsBuiltIn = immutableSet("raw_input", "input", "sys.stdin.read", "sys.stdin.readline", "sys.stdin.readlines", "sys.__stdin__.read", "sys.__stdin__.readline", "sys.__stdin__.readlines");
    private static final Set<String> questionablePropertyAccess = immutableSet("sys.stdin", "sys.__stdin__");

    @Override // org.sonar.python.checks.AbstractCallExpressionCheck, org.sonar.python.SubscriptionCheck
    public void initialize(SubscriptionCheck.Context context) {
        context.registerSyntaxNodeConsumer(Tree.Kind.CALL_EXPR, subscriptionContext -> {
            PyCallExpressionTree pyCallExpressionTree = (PyCallExpressionTree) subscriptionContext.syntaxNode();
            if (questionableFunctionsBuiltIn.contains(getFunctionName(pyCallExpressionTree.callee()))) {
                subscriptionContext.addIssue(pyCallExpressionTree, message());
            } else {
                visitNode(subscriptionContext);
            }
        });
        context.registerSyntaxNodeConsumer(Tree.Kind.NAME, subscriptionContext2 -> {
            PyNameTree pyNameTree = (PyNameTree) subscriptionContext2.syntaxNode();
            if (!isWithinImport(pyNameTree) && isQuestionablePropertyAccess(pyNameTree, subscriptionContext2)) {
                subscriptionContext2.addIssue(pyNameTree, message());
            }
        });
    }

    private static String getFunctionName(PyExpressionTree pyExpressionTree) {
        String str = StringUtils.EMPTY;
        if (pyExpressionTree.is(Tree.Kind.QUALIFIED_EXPR)) {
            PyQualifiedExpressionTree pyQualifiedExpressionTree = (PyQualifiedExpressionTree) pyExpressionTree;
            str = getFunctionName(pyQualifiedExpressionTree.qualifier()) + "." + pyQualifiedExpressionTree.name().name();
        } else if (pyExpressionTree.is(Tree.Kind.NAME)) {
            str = ((PyNameTree) pyExpressionTree).name();
        }
        return str;
    }

    @Override // org.sonar.python.checks.AbstractCallExpressionCheck
    protected boolean isException(PyCallExpressionTree pyCallExpressionTree) {
        return !pyCallExpressionTree.arguments().isEmpty();
    }

    private static boolean isQuestionablePropertyAccess(PyNameTree pyNameTree, SubscriptionContext subscriptionContext) {
        Symbol symbol = subscriptionContext.symbolTable().getSymbol(pyNameTree);
        return symbol != null && questionablePropertyAccess.contains(symbol.qualifiedName());
    }

    @Override // org.sonar.python.checks.AbstractCallExpressionCheck
    protected Set<String> functionsToCheck() {
        return questionableFunctions;
    }

    @Override // org.sonar.python.checks.AbstractCallExpressionCheck
    protected String message() {
        return MESSAGE;
    }
}
