package io.joern.scanners.c;

import io.joern.console.QueryBundle;
import io.joern.dataflowengineoss.queryengine.EngineContext;
import io.joern.scanners.Crew$;
import io.joern.scanners.QueryTags$;
import io.shiftleft.codepropertygraph.generated.nodes.Call;
import io.shiftleft.codepropertygraph.generated.traversal.CallTraversalExtGen$;
import io.shiftleft.codepropertygraph.generated.traversal.ExpressionTraversalExtGen$;
import io.shiftleft.console.CodeExamples;
import io.shiftleft.console.Query;
import io.shiftleft.console.Query$;
import io.shiftleft.console.TraversalWithStrRep;
import io.shiftleft.semanticcpg.language.nodemethods.CallMethods$;
import io.shiftleft.semanticcpg.language.nodemethods.CfgNodeMethods$;
import io.shiftleft.semanticcpg.language.types.expressions.generalizations.AstNodeTraversal$;
import overflowdb.traversal.Traversal;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Tuple2;
import scala.collection.IterableOnce;
import scala.collection.StringOps$;
import scala.collection.immutable.List;
import scala.collection.immutable.Map;
import scala.collection.immutable.Seq;
import scala.collection.mutable.Set;
import scala.package$;
import scala.runtime.BoxesRunTime;
import scala.runtime.ScalaRunTime$;

/* compiled from: FileOpRace.scala */
/* loaded from: input_file:io/joern/scanners/c/FileOpRace$.class */
public final class FileOpRace$ implements QueryBundle {
    public static final FileOpRace$ MODULE$ = new FileOpRace$();

    public Query fileOperationRace(EngineContext engineContext) {
        return Query$.MODULE$.make("file-operation-race", Crew$.MODULE$.malte(), "Two file operations on the same path can act on different files", StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n        |Two subsequent file operations are performed on the same path. Depending on the permissions\n        |on this path, an attacker can exploit a race condition and replace the file or directory\n        |the path refers to between these calls.\n        |Use file operations based on file descriptor/pointer/handles instead of paths to avoid this issue.\n        |")), 3.0d, new TraversalWithStrRep(cpg -> {
            Map map = (Map) Predef$.MODULE$.Map().apply(ScalaRunTime$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("access"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("chdir"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("chmod"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("chown"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("creat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("faccessat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("fchmodat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("fopen"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("fstatat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("lchown"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("linkat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2, 4}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("link"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1, 2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("lstat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("mkdirat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("mkdir"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("mkfifoat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("mkfifo"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("mknodat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("mknod"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("openat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("open"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("readlinkat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("readlink"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("renameat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2, 4}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("rename"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1, 2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("rmdir"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("stat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("unlinkat"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{2}))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("unlink"), package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapIntArray(new int[]{1})))}));
            return overflowdb.traversal.package$.MODULE$.iterableToTraversal((IterableOnce) fileCalls$1(io.shiftleft.semanticcpg.language.package$.MODULE$.toNodeTypeStarters(cpg).call(), map).filter(call -> {
                return BoxesRunTime.boxToBoolean($anonfun$fileOperationRace$3(map, call));
            }));
        }, "cpg =>\n        val operations: Map[String, Seq[Int]] = Map(\n          \"access\" -> Seq(1),\n          \"chdir\" -> Seq(1),\n          \"chmod\" -> Seq(1),\n          \"chown\" -> Seq(1),\n          \"creat\" -> Seq(1),\n          \"faccessat\" -> Seq(2),\n          \"fchmodat\" -> Seq(2),\n          \"fopen\" -> Seq(1),\n          \"fstatat\" -> Seq(2),\n          \"lchown\" -> Seq(1),\n          \"linkat\" -> Seq(2, 4),\n          \"link\" -> Seq(1, 2),\n          \"lstat\" -> Seq(1),\n          \"mkdirat\" -> Seq(2),\n          \"mkdir\" -> Seq(1),\n          \"mkfifoat\" -> Seq(2),\n          \"mkfifo\" -> Seq(1),\n          \"mknodat\" -> Seq(2),\n          \"mknod\" -> Seq(1),\n          \"openat\" -> Seq(2),\n          \"open\" -> Seq(1),\n          \"readlinkat\" -> Seq(2),\n          \"readlink\" -> Seq(1),\n          \"renameat\" -> Seq(2, 4),\n          \"rename\" -> Seq(1, 2),\n          \"rmdir\" -> Seq(1),\n          \"stat\" -> Seq(1),\n          \"unlinkat\" -> Seq(2),\n          \"unlink\" -> Seq(1)\n        )\n\n        def fileCalls(calls: Traversal[Call]) =\n          calls.nameExact(operations.keys.toSeq: _*)\n\n        def fileArgs(c: Call) =\n          c.argument.whereNot(_.isLiteral).argumentIndex(operations(c.name): _*)\n\n        fileCalls(cpg.call)\n          .filter(call => {\n            val otherCalls = fileCalls(call.method.ast.isCall).filter(_ != call)\n            val argsForOtherCalls =\n              otherCalls.flatMap(c => fileArgs(c)).code.toSet\n\n            fileArgs(call).code.exists(arg => argsForOtherCalls.contains(arg))\n          })"), (List) package$.MODULE$.List().apply(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{QueryTags$.MODULE$.raceCondition(), QueryTags$.MODULE$.m4default()})), new CodeExamples((List) package$.MODULE$.List().apply(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n          |\n          |void insecure_race(char *path) {\n          |    chmod(path, 0);\n          |    rename(path, \"/some/new/path\");\n          |}\n          |\n          |"))})), (List) package$.MODULE$.List().apply(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n          |\n          |void secure_handle(char *path) {\n          |    FILE *file = fopen(path, \"r\");\n          |    fchown(fileno(file), 0, 0);\n          |}\n          |\n          |"))}))));
    }

    private static final Traversal fileCalls$1(Traversal traversal, Map map) {
        return CallTraversalExtGen$.MODULE$.nameExact$extension(io.shiftleft.semanticcpg.language.package$.MODULE$.toCallTraversalExtGen(traversal), map.keys().toSeq());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final Traversal fileArgs$1(Call call, Map map) {
        return ExpressionTraversalExtGen$.MODULE$.argumentIndex$extension(io.shiftleft.semanticcpg.language.package$.MODULE$.toExpressionTraversalExtGen(CallMethods$.MODULE$.argument$extension(io.shiftleft.semanticcpg.language.package$.MODULE$.toCallMethods(call)).whereNot(traversal -> {
            return AstNodeTraversal$.MODULE$.isLiteral$extension(io.shiftleft.semanticcpg.language.package$.MODULE$.toAstNode(traversal, Predef$.MODULE$.$conforms()));
        })), (Seq) map.apply(call.name()));
    }

    public static final /* synthetic */ boolean $anonfun$fileOperationRace$5(Call call, Call call2) {
        return call2 != null ? !call2.equals(call) : call != null;
    }

    public static final /* synthetic */ boolean $anonfun$fileOperationRace$3(Map map, Call call) {
        Set set = ExpressionTraversalExtGen$.MODULE$.code$extension(io.shiftleft.semanticcpg.language.package$.MODULE$.toExpressionTraversalExtGen((Traversal) ((Traversal) fileCalls$1(AstNodeTraversal$.MODULE$.isCall$extension(io.shiftleft.semanticcpg.language.package$.MODULE$.toAstNode(AstNodeTraversal$.MODULE$.ast$extension(io.shiftleft.semanticcpg.language.package$.MODULE$.toAstNode(CfgNodeMethods$.MODULE$.method$extension(io.shiftleft.semanticcpg.language.package$.MODULE$.toCfgNodeMethods(call)), method -> {
            return io.shiftleft.semanticcpg.language.package$.MODULE$.toTraversal(method);
        })), Predef$.MODULE$.$conforms())), map).filter(call2 -> {
            return BoxesRunTime.boxToBoolean($anonfun$fileOperationRace$5(call, call2));
        })).flatMap(call3 -> {
            return fileArgs$1(call3, map);
        }))).toSet();
        return ExpressionTraversalExtGen$.MODULE$.code$extension(io.shiftleft.semanticcpg.language.package$.MODULE$.toExpressionTraversalExtGen(fileArgs$1(call, map))).exists(str -> {
            return BoxesRunTime.boxToBoolean(set.contains(str));
        });
    }

    private FileOpRace$() {
    }
}
