forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathJMX.qll
More file actions
88 lines (78 loc) · 2.79 KB
/
JMX.qll
File metadata and controls
88 lines (78 loc) · 2.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
/**
* Provides classes and predicates for working with JMX bean types.
*/
import Type
/** A managed bean. */
abstract class ManagedBean extends Interface { }
/** An `MBean`. */
class MBean extends ManagedBean {
MBean() { this.getQualifiedName().matches("%MBean%") }
}
/** An `MXBean`. */
class MXBean extends ManagedBean {
MXBean() {
this.getQualifiedName().matches("%MXBean%") or
this.getAnAnnotation().getType().hasQualifiedName("javax.management", "MXBean")
}
}
/**
* An managed bean implementation which is seen to be registered with the `MBeanServer`, directly or
* indirectly.
*/
class RegisteredManagedBeanImpl extends Class {
RegisteredManagedBeanImpl() {
getAnAncestor() instanceof ManagedBean and
exists(JMXRegistrationCall registerCall | registerCall.getObjectArgument().getType() = this)
}
/**
* Gets a managed bean that this registered bean class implements.
*/
ManagedBean getAnImplementedManagedBean() { result = getAnAncestor() }
}
/**
* A call that registers an object with the `MBeanServer`, directly or indirectly.
*/
class JMXRegistrationCall extends MethodAccess {
JMXRegistrationCall() { getCallee() instanceof JMXRegistrationMethod }
/**
* Gets the argument that represents the object in the registration call.
*/
Expr getObjectArgument() {
result = getArgument(getCallee().(JMXRegistrationMethod).getObjectPosition())
}
}
/**
* A method used to register `MBean` and `MXBean` instances with the `MBeanServer`.
*
* This is either the `registerMBean` method on `MBeanServer`, or it is a wrapper around that
* registration method.
*/
class JMXRegistrationMethod extends Method {
JMXRegistrationMethod() {
// A direct registration with the `MBeanServer`.
getDeclaringType().hasQualifiedName("javax.management", "MBeanServer") and
getName() = "registerMBean"
or
// The `MBeanServer` is often wrapped by an application specific management class, so identify
// methods that wrap a call to another `JMXRegistrationMethod`.
exists(JMXRegistrationCall c |
// This must be a call to another JMX registration method, where the object argument is an access
// of one of the parameters of this method.
c.getObjectArgument().(VarAccess).getVariable() = getAParameter()
)
}
/**
* Gets the position of the parameter through which the "object" to be registered is passed.
*/
int getObjectPosition() {
// Passed as the first argument to `registerMBean`.
getDeclaringType().hasQualifiedName("javax.management", "MBeanServer") and
getName() = "registerMBean" and
result = 0
or
// Identify the position in this method where the object parameter should be passed.
exists(JMXRegistrationCall c |
c.getObjectArgument().(VarAccess).getVariable() = getParameter(result)
)
}
}