package org.sonar.python.checks.hotspots;

import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import javax.annotation.Nullable;
import org.apache.commons.lang.StringUtils;
import org.sonar.check.Rule;
import org.sonar.plugins.python.api.IssueLocation;
import org.sonar.plugins.python.api.PythonCheck;
import org.sonar.plugins.python.api.PythonSubscriptionCheck;
import org.sonar.plugins.python.api.SubscriptionCheck;
import org.sonar.plugins.python.api.SubscriptionContext;
import org.sonar.plugins.python.api.symbols.Symbol;
import org.sonar.plugins.python.api.tree.Argument;
import org.sonar.plugins.python.api.tree.AssignmentExpression;
import org.sonar.plugins.python.api.tree.BinaryExpression;
import org.sonar.plugins.python.api.tree.CallExpression;
import org.sonar.plugins.python.api.tree.Expression;
import org.sonar.plugins.python.api.tree.Name;
import org.sonar.plugins.python.api.tree.RegularArgument;
import org.sonar.plugins.python.api.tree.StringLiteral;
import org.sonar.plugins.python.api.tree.Tree;
import org.sonar.python.checks.Expressions;

@Rule(key = RegexCheck.CHECK_KEY)
/* loaded from: input_file:org/sonar/python/checks/hotspots/RegexCheck.class */
public class RegexCheck extends PythonSubscriptionCheck {
    public static final String CHECK_KEY = "S4784";
    private static final String MESSAGE = "Make sure that using a regular expression is safe here.";
    private static final int REGEX_ARGUMENT = 0;
    private static final Set<String> questionableFunctions = new HashSet(Arrays.asList("django.core.validators.RegexValidator", "django.urls.conf.re_path", "re.compile", "re.match", "re.search", "re.fullmatch", "re.split", "re.findall", "re.finditer", "re.sub", "re.subn", "regex.compile", "regex.match", "regex.search", "regex.fullmatch", "regex.split", "regex.findall", "regex.finditer", "regex.sub", "regex.subn", "regex.subf", "regex.subfn", "regex.splititer"));

    @Override // org.sonar.plugins.python.api.SubscriptionCheck
    public void initialize(SubscriptionCheck.Context context) {
        context.registerSyntaxNodeConsumer(Tree.Kind.CALL_EXPR, subscriptionContext -> {
            CallExpression callExpression = (CallExpression) subscriptionContext.syntaxNode();
            Symbol calleeSymbol = callExpression.calleeSymbol();
            if (calleeSymbol == null || !questionableFunctions.contains(calleeSymbol.fullyQualifiedName()) || callExpression.arguments().isEmpty()) {
                return;
            }
            checkRegexArgument(callExpression.arguments().get(0), subscriptionContext);
        });
    }

    private static void checkRegexArgument(Argument argument, SubscriptionContext subscriptionContext) {
        String str = null;
        IssueLocation issueLocation = null;
        if (argument.is(Tree.Kind.REGULAR_ARGUMENT)) {
            Expression expression = getExpression(((RegularArgument) argument).expression());
            if (expression.is(Tree.Kind.NAME)) {
                Expression expression2 = getExpression(Expressions.singleAssignedValue((Name) expression));
                if (expression2 != null && expression2.is(Tree.Kind.STRING_LITERAL)) {
                    issueLocation = IssueLocation.preciseLocation(expression2, StringUtils.EMPTY);
                    str = Expressions.unescape((StringLiteral) expression2);
                }
            } else if (expression.is(Tree.Kind.STRING_LITERAL)) {
                str = Expressions.unescape((StringLiteral) expression);
            }
            if (str != null && isSuspiciousRegex(str)) {
                PythonCheck.PreciseIssue addIssue = subscriptionContext.addIssue(argument, MESSAGE);
                if (issueLocation != null) {
                    addIssue.secondary(issueLocation);
                }
            }
        }
    }

    private static Expression getExpression(@Nullable Expression expression) {
        Expression removeParentheses = Expressions.removeParentheses(expression);
        if (removeParentheses == null) {
            return null;
        }
        return (removeParentheses.is(Tree.Kind.MODULO) || removeParentheses.is(Tree.Kind.PLUS)) ? getExpression(((BinaryExpression) removeParentheses).leftOperand()) : removeParentheses.is(Tree.Kind.ASSIGNMENT_EXPRESSION) ? getExpression(((AssignmentExpression) removeParentheses).expression()) : removeParentheses;
    }

    private static boolean isSuspiciousRegex(String str) {
        return str.length() > 2 && str.length() - str.replaceAll("[*+{]", StringUtils.EMPTY).length() > 1;
    }
}
