package edu.umd.cs.findbugs.detect;

import edu.umd.cs.findbugs.BugReporter;
import edu.umd.cs.findbugs.NonReportingDetector;
import edu.umd.cs.findbugs.ba.AnalysisContext;
import edu.umd.cs.findbugs.ba.XClass;
import edu.umd.cs.findbugs.ba.XFactory;
import edu.umd.cs.findbugs.ba.XMethod;
import edu.umd.cs.findbugs.ba.ch.Subtypes2;
import edu.umd.cs.findbugs.bcel.OpcodeStackDetector;
import edu.umd.cs.findbugs.classfile.CheckedAnalysisException;
import edu.umd.cs.findbugs.classfile.ClassDescriptor;
import edu.umd.cs.findbugs.classfile.DescriptorFactory;
import edu.umd.cs.findbugs.classfile.Global;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import org.apache.bcel.classfile.JavaClass;

/* loaded from: input_file:com/qihoo/fireline/jar/fireline.jar:findbugs.jar:edu/umd/cs/findbugs/detect/ExplicitSerialization.class */
public class ExplicitSerialization extends OpcodeStackDetector implements NonReportingDetector {
    static final XMethod writeObject = XFactory.createXMethod("java.io.ObjectOutputStream", "writeObject", "(Ljava/lang/Object;)V", false);
    static final XMethod readObject = XFactory.createXMethod("java.io.ObjectInputStream", "readObject", "()Ljava/lang/Object;", false);
    static final ClassDescriptor ObjectOutputStream = DescriptorFactory.createClassDescriptor((Class<?>) ObjectOutputStream.class);
    static final ClassDescriptor ObjectInputStream = DescriptorFactory.createClassDescriptor((Class<?>) ObjectInputStream.class);
    final UnreadFieldsData unreadFields = AnalysisContext.currentAnalysisContext().getUnreadFieldsData();
    final BugReporter bugReporter;

    public ExplicitSerialization(BugReporter bugReporter) {
        this.bugReporter = bugReporter;
    }

    @Override // edu.umd.cs.findbugs.visitclass.PreorderVisitor
    public boolean shouldVisit(JavaClass javaClass) {
        XClass xClass = getXClass();
        return xClass.getCalledClassDescriptors().contains(ObjectOutputStream) || xClass.getCalledClassDescriptors().contains(ObjectInputStream);
    }

    @Override // edu.umd.cs.findbugs.bcel.OpcodeStackDetector, edu.umd.cs.findbugs.visitclass.DismantleBytecode
    public void sawOpcode(int i) {
        String str;
        if (i == 182 && writeObject.equals(getXMethodOperand())) {
            String signature = this.stack.getStackItem(0).getSignature();
            while (true) {
                str = signature;
                if (str.charAt(0) != '[') {
                    break;
                } else {
                    signature = str.substring(1);
                }
            }
            ClassDescriptor createClassDescriptorFromFieldSignature = DescriptorFactory.createClassDescriptorFromFieldSignature(str);
            if (createClassDescriptorFromFieldSignature == null || !Subtypes2.instanceOf(createClassDescriptorFromFieldSignature, (Class<?>) Serializable.class)) {
                return;
            }
            try {
                XClass xClass = (XClass) Global.getAnalysisCache().getClassAnalysis(XClass.class, createClassDescriptorFromFieldSignature);
                if (xClass.isInterface() || xClass.isSynthetic() || xClass.isAbstract()) {
                    return;
                } else {
                    this.unreadFields.strongEvidenceForIntendedSerialization(createClassDescriptorFromFieldSignature);
                }
            } catch (CheckedAnalysisException e) {
                this.bugReporter.logError("Error looking up xClass of " + createClassDescriptorFromFieldSignature, e);
            }
        }
        if (i == 192) {
            if (readObject.equals(this.stack.getStackItem(0).getReturnValueOf())) {
                ClassDescriptor classDescriptorOperand = getClassDescriptorOperand();
                if (Subtypes2.instanceOf(classDescriptorOperand, (Class<?>) Serializable.class)) {
                    try {
                        XClass xClass2 = (XClass) Global.getAnalysisCache().getClassAnalysis(XClass.class, classDescriptorOperand);
                        if (xClass2.isInterface() || xClass2.isSynthetic() || xClass2.isAbstract()) {
                            return;
                        }
                        this.unreadFields.strongEvidenceForIntendedSerialization(classDescriptorOperand);
                    } catch (CheckedAnalysisException e2) {
                        this.bugReporter.logError("Error looking up xClass of " + classDescriptorOperand, e2);
                    }
                }
            }
        }
    }
}
