package org.owasp.dependencycheck.analyzer;

import java.io.File;
import java.io.FileFilter;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.HashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.lucene.analysis.shingle.ShingleFilter;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.EvidenceType;
import org.owasp.dependencycheck.exception.InitializationException;
import org.owasp.dependencycheck.utils.Checksum;
import org.owasp.dependencycheck.utils.DependencyVersion;
import org.owasp.dependencycheck.utils.DependencyVersionUtil;
import org.owasp.dependencycheck.utils.FileFilterBuilder;
import org.owasp.dependencycheck.utils.Settings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Experimental
/* loaded from: input_file:WEB-INF/lib/dependency-check-core-5.3.2.jar:org/owasp/dependencycheck/analyzer/CMakeAnalyzer.class */
public class CMakeAnalyzer extends AbstractFileTypeAnalyzer {
    public static final String DEPENDENCY_ECOSYSTEM = "CMAKE";
    private static final int REGEX_OPTIONS = 42;
    private static final Logger LOGGER = LoggerFactory.getLogger(CMakeAnalyzer.class);
    private static final Pattern PROJECT_VERSION = Pattern.compile("^\\s*set\\s*\\(\\s*VERSION\\s*\"([^\"]*)\"\\)", 42);
    private static final Pattern SET_VAR_REGEX = Pattern.compile("^\\s*set\\s*\\(\\s*([a-zA-Z0-9_\\-]*)\\s+\"?([a-zA-Z0-9_\\-\\.\\$\\{\\}]*)\"?\\s*\\)", 42);
    private static final Pattern INL_VAR_REGEX = Pattern.compile("(\\$\\s*\\{([^\\}]*)\\s*\\})", 42);
    private static final Pattern PROJECT = Pattern.compile("^ *project *\\([ \\n]*(\\w+)[ \\n]*.*?\\)", 42);
    private static final Pattern SET_VERSION = Pattern.compile("^\\s*set\\s*\\(\\s*(\\w+)_version\\s+\"?([^\"\\)]*)\\s*\"?\\)", 42);
    private static final FileFilter FILTER = FileFilterBuilder.newInstance().addExtensions(".cmake").addFilenames("CMakeLists.txt").build();

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return "CMake Analyzer";
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return AnalysisPhase.INFORMATION_COLLECTION;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected FileFilter getFileFilter() {
        return FILTER;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationException {
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
        dependency.setEcosystem(DEPENDENCY_ECOSYSTEM);
        File actualFile = dependency.getActualFile();
        String name = actualFile.getName();
        try {
            String trim = FileUtils.readFileToString(actualFile, Charset.defaultCharset()).trim();
            if (StringUtils.isNotBlank(trim)) {
                HashMap<String, String> hashMap = new HashMap<>();
                collectDefinedVariables(dependency, engine, trim, hashMap);
                String str = trim;
                Matcher matcher = INL_VAR_REGEX.matcher(trim);
                while (true) {
                    Matcher matcher2 = matcher;
                    if (!matcher2.find()) {
                        break;
                    }
                    boolean z = false;
                    if (hashMap.containsKey(matcher2.group(2)) && !hashMap.get(matcher2.group(2)).contains(matcher2.group(2))) {
                        str = str.replace(matcher2.group(1), hashMap.get(matcher2.group(2)));
                        matcher2 = INL_VAR_REGEX.matcher(str);
                        z = true;
                    }
                    while (matcher2.find()) {
                        if (hashMap.containsKey(matcher2.group(2)) && !hashMap.get(matcher2.group(2)).contains(matcher2.group(2))) {
                            str = str.replace(matcher2.group(1), hashMap.get(matcher2.group(2)));
                            matcher2 = INL_VAR_REGEX.matcher(str);
                            z = true;
                        }
                    }
                    if (!z) {
                        break;
                    } else {
                        matcher = INL_VAR_REGEX.matcher(str);
                    }
                }
                String str2 = str;
                Matcher matcher3 = PROJECT.matcher(str2);
                int i = 0;
                while (matcher3.find()) {
                    i++;
                    LOGGER.debug(String.format("Found project command match with %d groups: %s", Integer.valueOf(matcher3.groupCount()), matcher3.group(0)));
                    String group = matcher3.group(1);
                    LOGGER.debug("Group 1: {}", group);
                    dependency.addEvidence(EvidenceType.PRODUCT, name, "Project", group, Confidence.HIGH);
                    dependency.addEvidence(EvidenceType.VENDOR, name, "Project", group, Confidence.HIGH);
                    dependency.setName(group);
                    dependency.setDisplayFileName(group);
                }
                if (i > 0) {
                    dependency.addEvidence(EvidenceType.VENDOR, "CmakeAnalyzer", "hint", "gnu", Confidence.MEDIUM);
                }
                LOGGER.debug("Found {} matches.", Integer.valueOf(i));
                Matcher matcher4 = PROJECT_VERSION.matcher(str2);
                while (matcher4.find()) {
                    LOGGER.debug(String.format("Found set version command match with %d groups: %s", Integer.valueOf(matcher4.groupCount()), matcher4.group(0)));
                    String group2 = matcher4.group(1);
                    LOGGER.debug("Group 1: {}", group2);
                    dependency.addEvidence(EvidenceType.VERSION, name, "VERSION", group2, Confidence.HIGH);
                    DependencyVersion parseVersion = DependencyVersionUtil.parseVersion(group2, true);
                    if (parseVersion != null) {
                        dependency.setVersion(parseVersion.toString());
                    }
                }
                analyzeSetVersionCommand(dependency, engine, str2);
            }
        } catch (IOException e) {
            throw new AnalysisException("Problem occurred while reading dependency file.", e);
        }
    }

    private void collectDefinedVariables(Dependency dependency, Engine engine, String str, HashMap<String, String> hashMap) {
        Matcher matcher = SET_VAR_REGEX.matcher(str);
        int i = 0;
        while (matcher.find()) {
            i++;
            LOGGER.debug("Found set variable command match with {} groups: {}", Integer.valueOf(matcher.groupCount()), matcher.group(0));
            String group = matcher.group(1);
            String group2 = matcher.group(2);
            LOGGER.debug("Group 1: {}", group);
            LOGGER.debug("Group 2: {}", group2);
            hashMap.put(group, group2);
        }
        LOGGER.debug("Found {} matches.", Integer.valueOf(i));
    }

    private void analyzeSetVersionCommand(Dependency dependency, Engine engine, String str) {
        DependencyVersion parseVersion;
        Dependency dependency2 = dependency;
        Matcher matcher = SET_VERSION.matcher(str);
        int i = 0;
        while (matcher.find()) {
            i++;
            LOGGER.debug("Found project command match with {} groups: {}", Integer.valueOf(matcher.groupCount()), matcher.group(0));
            String group = matcher.group(1);
            String group2 = matcher.group(2);
            LOGGER.debug("Group 1: {}", group);
            LOGGER.debug("Group 2: {}", group2);
            if (group.startsWith("ALIASOF_")) {
                group = group.replaceFirst("ALIASOF_", "");
            }
            if (group.startsWith(ShingleFilter.DEFAULT_FILLER_TOKEN)) {
                group = group.substring(1);
            }
            if (i > 1) {
                dependency2 = new Dependency(dependency.getActualFile(), true);
                dependency2.setEcosystem(DEPENDENCY_ECOSYSTEM);
                String format = String.format("%s:%s", dependency.getFilePath(), group);
                dependency2.setFilePath(format);
                dependency2.setSha1sum(Checksum.getSHA1Checksum(format));
                dependency2.setSha256sum(Checksum.getSHA256Checksum(format));
                dependency2.setMd5sum(Checksum.getMD5Checksum(format));
                engine.addDependency(dependency2);
            }
            String fileName = dependency2.getFileName();
            dependency2.addEvidence(EvidenceType.PRODUCT, fileName, "Product", group, Confidence.MEDIUM);
            dependency2.addEvidence(EvidenceType.VENDOR, fileName, "Vendor", group, Confidence.MEDIUM);
            dependency2.addEvidence(EvidenceType.VERSION, fileName, "Version", group2, Confidence.MEDIUM);
            if (group.toLowerCase().endsWith("lib")) {
                dependency2 = new Dependency(dependency.getActualFile(), true);
                dependency2.setEcosystem(DEPENDENCY_ECOSYSTEM);
                String format2 = String.format("%s:%s", dependency.getFilePath(), group);
                dependency2.setFilePath(format2);
                dependency2.setSha1sum(Checksum.getSHA1Checksum(format2));
                dependency2.setSha256sum(Checksum.getSHA256Checksum(format2));
                dependency2.setMd5sum(Checksum.getMD5Checksum(format2));
                engine.addDependency(dependency2);
                group = "lib" + group.toLowerCase().substring(0, group.length() - 3);
                dependency2.addEvidence(EvidenceType.PRODUCT, fileName, "Product", group, Confidence.MEDIUM);
                dependency2.addEvidence(EvidenceType.VENDOR, fileName, "Vendor", group, Confidence.MEDIUM);
                dependency2.addEvidence(EvidenceType.VERSION, fileName, "Version", group2, Confidence.MEDIUM);
            }
            if (StringUtils.isEmpty(dependency2.getName())) {
                dependency2.setName(group);
                dependency2.setDisplayFileName(group);
            }
            if (StringUtils.isEmpty(dependency2.getVersion()) && (parseVersion = DependencyVersionUtil.parseVersion(group2, true)) != null) {
                dependency2.setVersion(parseVersion.toString());
            }
        }
        LOGGER.debug("Found {} matches.", Integer.valueOf(i));
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return Settings.KEYS.ANALYZER_CMAKE_ENABLED;
    }
}
