From 595d32a93ded60685682780362f4649a8728fb05 Mon Sep 17 00:00:00 2001 From: Antony Stubbs Date: Thu, 29 Jul 2021 12:20:16 +0100 Subject: [PATCH] fix: Validate user input #199 Protect in one place for out of range. --- .../jboss/forge/roaster/ParserException.java | 2 +- .../forge/roaster/model/impl/MethodImpl.java | 37 ++++++++++++------- 2 files changed, 25 insertions(+), 14 deletions(-) diff --git a/api/src/main/java/org/jboss/forge/roaster/ParserException.java b/api/src/main/java/org/jboss/forge/roaster/ParserException.java index bdfada21..4577bf12 100644 --- a/api/src/main/java/org/jboss/forge/roaster/ParserException.java +++ b/api/src/main/java/org/jboss/forge/roaster/ParserException.java @@ -79,7 +79,7 @@ public ParserException(final String message, final Throwable cause) */ public ParserException(String message, List problems) { - super(message); + super(message + "\n" + problems.toString()); this.problems = problems; } diff --git a/impl/src/main/java/org/jboss/forge/roaster/model/impl/MethodImpl.java b/impl/src/main/java/org/jboss/forge/roaster/model/impl/MethodImpl.java index 667f937e..7efc1d3e 100644 --- a/impl/src/main/java/org/jboss/forge/roaster/model/impl/MethodImpl.java +++ b/impl/src/main/java/org/jboss/forge/roaster/model/impl/MethodImpl.java @@ -130,10 +130,25 @@ public MethodImpl(final O parent, final String method) init(parent); String stub = "public class Stub { " + method + " }"; + List> methods = getMethodSources(stub); + MethodSource javaClassSourceMethodSource = methods.get(0); + MethodDeclaration newMethod = (MethodDeclaration) javaClassSourceMethodSource.getInternal(); + this.method = (MethodDeclaration) ASTNode.copySubtree(cu.getAST(), newMethod); + } + + private List> getMethodSources(final String stub) + { + List problems = Roaster.validateSnippet(stub); + if (!problems.isEmpty()) + { + throw new IllegalArgumentException("Invalid method code. " + problems); + } + JavaClassSource temp = (JavaClassSource) Roaster.parse(stub); List> methods = temp.getMethods(); - MethodDeclaration newMethod = (MethodDeclaration) methods.get(0).getInternal(); - this.method = (MethodDeclaration) ASTNode.copySubtree(cu.getAST(), newMethod); + if (methods.isEmpty()) + throw new IllegalArgumentException("No methods found - check your method syntax"); + return methods; } @Override @@ -142,7 +157,7 @@ public String toSignature() StringBuilder signature = new StringBuilder(); signature.append(Visibility.PACKAGE_PRIVATE == this.getVisibility() ? "" : this.getVisibility() - .scope()); + .scope()); signature.append(" "); signature.append(this.getName()).append("("); List> parameters = this.getParameters(); @@ -266,11 +281,10 @@ public MethodSource setBody(final String body) List problems = Roaster.validateSnippet(body); if (problems.size() > 0) { - throw new ParserException(problems); + throw new ParserException("Parse error in:\n" + body, problems); } String stub = "public class Stub { public void method() {" + body + "} }"; - JavaClassSource temp = (JavaClassSource) Roaster.parse(stub); - List> methods = temp.getMethods(); + List> methods = getMethodSources(stub); Block block = ((MethodDeclaration) methods.get(0).getInternal()).getBody(); block = (Block) ASTNode.copySubtree(method.getAST(), block); method.setBody(block); @@ -336,8 +350,7 @@ public MethodSource setReturnType(final String typeName) String typeToUse = Types.toResolvedType(typeName, getOrigin()); String stub = "public class Stub { public " + typeToUse + " method() {} }"; - JavaClassSource temp = (JavaClassSource) Roaster.parse(stub); - List> methods = temp.getMethods(); + List> methods = getMethodSources(stub); org.eclipse.jdt.core.dom.Type returnType = ((MethodDeclaration) methods.get(0).getInternal()).getReturnType2(); returnType = (org.eclipse.jdt.core.dom.Type) ASTNode.copySubtree(method.getAST(), returnType); @@ -494,8 +507,7 @@ public MethodSource setName(final String name) public MethodSource setParameters(final String parameters) { String stub = "public class Stub { public void method( " + parameters + " ) {} }"; - JavaClassSource temp = (JavaClassSource) Roaster.parse(stub); - List> methods = temp.getMethods(); + List> methods = getMethodSources(stub); List astParameters = ((MethodDeclaration) methods.get(0).getInternal()).parameters(); method.parameters().clear(); @@ -791,7 +803,7 @@ public MethodSource removeTypeVariable(String name) { @SuppressWarnings("unchecked") List typeParameters = method.typeParameters(); - for (Iterator iter = typeParameters.iterator(); iter.hasNext();) + for (Iterator iter = typeParameters.iterator(); iter.hasNext(); ) { if (Objects.equals(name, iter.next().getName().getIdentifier())) { @@ -834,8 +846,7 @@ public ParameterSource addParameter(String type, String name) } String stub = "public class Stub { public void method( " + resolvedType + " " + name + " ) {} }"; - JavaClassSource temp = (JavaClassSource) Roaster.parse(stub); - List> methods = temp.getMethods(); + List> methods = getMethodSources(stub); List astParameters = ((MethodDeclaration) methods.get(0).getInternal()).parameters(); ParameterSource param = null;