package org.owasp.dependencycheck.analyzer;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import javax.annotation.concurrent.ThreadSafe;
import org.apache.commons.lang3.StringUtils;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence;
import org.owasp.dependencycheck.dependency.EvidenceType;
import org.owasp.dependencycheck.exception.InitializationException;
import org.owasp.dependencycheck.utils.DownloadFailedException;
import org.owasp.dependencycheck.utils.Downloader;
import org.owasp.dependencycheck.utils.FileUtils;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.xml.hints.EvidenceMatcher;
import org.owasp.dependencycheck.xml.hints.HintParseException;
import org.owasp.dependencycheck.xml.hints.HintParser;
import org.owasp.dependencycheck.xml.hints.HintRule;
import org.owasp.dependencycheck.xml.hints.VendorDuplicatingHintRule;
import org.owasp.dependencycheck.xml.suppression.PropertyType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xml.sax.SAXException;

@ThreadSafe
/* loaded from: input_file:WEB-INF/lib/dependency-check-core-3.0.1.jar:org/owasp/dependencycheck/analyzer/HintAnalyzer.class */
public class HintAnalyzer extends AbstractAnalyzer {
    private static final String HINT_RULE_FILE_NAME = "dependencycheck-base-hint.xml";
    private HintRule[] hints = null;
    private VendorDuplicatingHintRule[] vendorHints;
    private static final String ANALYZER_NAME = "Hint Analyzer";
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) HintAnalyzer.class);
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.PRE_IDENTIFIER_ANALYSIS;

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return Settings.KEYS.ANALYZER_HINT_ENABLED;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    public void prepareAnalyzer(Engine engine) throws InitializationException {
        try {
            loadHintRules();
        } catch (HintParseException e) {
            LOGGER.debug("Unable to parse hint file", (Throwable) e);
            throw new InitializationException("Unable to parse the hint file", e);
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer
    protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
        for (HintRule hintRule : this.hints) {
            boolean z = false;
            Iterator<EvidenceMatcher> it = hintRule.getGivenVendor().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (hasMatchingEvidence(dependency.getEvidence(EvidenceType.VENDOR), it.next())) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                Iterator<EvidenceMatcher> it2 = hintRule.getGivenProduct().iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    if (hasMatchingEvidence(dependency.getEvidence(EvidenceType.PRODUCT), it2.next())) {
                        z = true;
                        break;
                    }
                }
            }
            if (!z) {
                Iterator<EvidenceMatcher> it3 = hintRule.getGivenVersion().iterator();
                while (true) {
                    if (!it3.hasNext()) {
                        break;
                    }
                    if (hasMatchingEvidence(dependency.getEvidence(EvidenceType.VERSION), it3.next())) {
                        z = true;
                        break;
                    }
                }
            }
            if (!z) {
                Iterator<PropertyType> it4 = hintRule.getFilenames().iterator();
                while (true) {
                    if (it4.hasNext()) {
                        if (it4.next().matches(dependency.getFileName())) {
                            z = true;
                            break;
                        }
                    } else {
                        break;
                    }
                }
            }
            if (z) {
                Iterator<Evidence> it5 = hintRule.getAddVendor().iterator();
                while (it5.hasNext()) {
                    dependency.addEvidence(EvidenceType.VENDOR, it5.next());
                }
                Iterator<Evidence> it6 = hintRule.getAddProduct().iterator();
                while (it6.hasNext()) {
                    dependency.addEvidence(EvidenceType.PRODUCT, it6.next());
                }
                Iterator<Evidence> it7 = hintRule.getAddVersion().iterator();
                while (it7.hasNext()) {
                    dependency.addEvidence(EvidenceType.VERSION, it7.next());
                }
                Iterator<EvidenceMatcher> it8 = hintRule.getRemoveVendor().iterator();
                while (it8.hasNext()) {
                    removeMatchingEvidences(dependency, EvidenceType.VENDOR, it8.next());
                }
                Iterator<EvidenceMatcher> it9 = hintRule.getRemoveProduct().iterator();
                while (it9.hasNext()) {
                    removeMatchingEvidences(dependency, EvidenceType.PRODUCT, it9.next());
                }
                Iterator<EvidenceMatcher> it10 = hintRule.getRemoveVersion().iterator();
                while (it10.hasNext()) {
                    removeMatchingEvidences(dependency, EvidenceType.VERSION, it10.next());
                }
            }
        }
        ArrayList arrayList = new ArrayList();
        for (Evidence evidence : dependency.getEvidence(EvidenceType.VENDOR)) {
            for (VendorDuplicatingHintRule vendorDuplicatingHintRule : this.vendorHints) {
                if (vendorDuplicatingHintRule.getValue().equalsIgnoreCase(evidence.getValue())) {
                    arrayList.add(new Evidence(evidence.getSource() + " (hint)", evidence.getName(), vendorDuplicatingHintRule.getDuplicate(), evidence.getConfidence()));
                }
            }
        }
        Iterator it11 = arrayList.iterator();
        while (it11.hasNext()) {
            dependency.addEvidence(EvidenceType.VENDOR, (Evidence) it11.next());
        }
    }

    private boolean hasMatchingEvidence(Set<Evidence> set, EvidenceMatcher evidenceMatcher) {
        Iterator<Evidence> it = set.iterator();
        while (it.hasNext()) {
            if (evidenceMatcher.matches(it.next())) {
                return true;
            }
        }
        return false;
    }

    private void removeMatchingEvidences(Dependency dependency, EvidenceType evidenceType, EvidenceMatcher evidenceMatcher) {
        for (Evidence evidence : dependency.getEvidence(evidenceType)) {
            if (evidenceMatcher.matches(evidence)) {
                dependency.removeEvidence(evidenceType, evidence);
            }
        }
    }

    /* JADX WARN: Failed to calculate best type for var: r13v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r14v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 13, insn: 0x012b: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r13 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:69:0x012b */
    /* JADX WARN: Not initialized variable reg: 14, insn: 0x0130: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r14 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:71:0x0130 */
    /* JADX WARN: Type inference failed for: r13v0, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r14v0, types: [java.lang.Throwable] */
    private void loadHintRules() throws HintParseException {
        File file;
        ?? r13;
        ?? r14;
        HintParser hintParser = new HintParser();
        try {
            hintParser.parseHints(FileUtils.getResourceAsStream(HINT_RULE_FILE_NAME));
            List<HintRule> hintRules = hintParser.getHintRules();
            List<VendorDuplicatingHintRule> vendorDuplicatingHintRules = hintParser.getVendorDuplicatingHintRules();
            String string = getSettings().getString(Settings.KEYS.HINTS_FILE);
            if (string != null) {
                boolean z = false;
                try {
                    try {
                        try {
                            if (Pattern.compile("^(https?|file)\\:.*", 2).matcher(string).matches()) {
                                z = true;
                                file = getSettings().getTempFile("hint", "xml");
                                URL url = new URL(string);
                                Downloader downloader = new Downloader(getSettings());
                                try {
                                    downloader.fetchFile(url, file, false);
                                } catch (DownloadFailedException e) {
                                    downloader.fetchFile(url, file, true);
                                }
                            } else {
                                file = new File(string);
                                if (!file.exists()) {
                                    try {
                                        InputStream resourceAsStream = FileUtils.getResourceAsStream(string);
                                        Throwable th = null;
                                        if (resourceAsStream != null) {
                                            z = true;
                                            file = getSettings().getTempFile("hint", "xml");
                                            try {
                                                org.apache.commons.io.FileUtils.copyInputStreamToFile(resourceAsStream, file);
                                            } catch (IOException e2) {
                                                throw new HintParseException("Unable to locate hints file in classpath", e2);
                                            }
                                        }
                                        if (resourceAsStream != null) {
                                            if (0 != 0) {
                                                try {
                                                    resourceAsStream.close();
                                                } catch (Throwable th2) {
                                                    th.addSuppressed(th2);
                                                }
                                            } else {
                                                resourceAsStream.close();
                                            }
                                        }
                                    } catch (Throwable th3) {
                                        if (r13 != 0) {
                                            if (r14 != 0) {
                                                try {
                                                    r13.close();
                                                } catch (Throwable th4) {
                                                    r14.addSuppressed(th4);
                                                }
                                            } else {
                                                r13.close();
                                            }
                                        }
                                        throw th3;
                                    }
                                }
                            }
                            if (file != null) {
                                try {
                                    hintParser.parseHints(file);
                                    if (hintParser.getHintRules() != null && !hintParser.getHintRules().isEmpty()) {
                                        hintRules.addAll(hintParser.getHintRules());
                                    }
                                    if (hintParser.getVendorDuplicatingHintRules() != null && !hintParser.getVendorDuplicatingHintRules().isEmpty()) {
                                        vendorDuplicatingHintRules.addAll(hintParser.getVendorDuplicatingHintRules());
                                    }
                                } catch (HintParseException e3) {
                                    LOGGER.warn("Unable to parse hint rule xml file '{}'", file.getPath());
                                    LOGGER.warn(e3.getMessage());
                                    LOGGER.debug(StringUtils.EMPTY, (Throwable) e3);
                                    throw e3;
                                }
                            }
                            if (z && file != null) {
                                FileUtils.delete(file);
                            }
                        } catch (Throwable th5) {
                            if (0 != 0 && 0 != 0) {
                                FileUtils.delete(null);
                            }
                            throw th5;
                        }
                    } catch (DownloadFailedException e4) {
                        throw new HintParseException("Unable to fetch the configured hint file", e4);
                    }
                } catch (MalformedURLException e5) {
                    throw new HintParseException("Configured hint file has an invalid URL", e5);
                } catch (IOException e6) {
                    throw new HintParseException("Unable to create temp file for hints", e6);
                }
            }
            this.hints = (HintRule[]) hintRules.toArray(new HintRule[hintRules.size()]);
            this.vendorHints = (VendorDuplicatingHintRule[]) vendorDuplicatingHintRules.toArray(new VendorDuplicatingHintRule[vendorDuplicatingHintRules.size()]);
            LOGGER.debug("{} hint rules were loaded.", Integer.valueOf(this.hints.length));
            LOGGER.debug("{} duplicating hint rules were loaded.", Integer.valueOf(this.vendorHints.length));
        } catch (SAXException e7) {
            throw new HintParseException("Error parsing hinits: " + e7.getMessage(), e7);
        }
    }
}
