package io.joern.scanners.c;

import io.joern.console.CodeExamples$;
import io.joern.console.Query;
import io.joern.console.Query$;
import io.joern.console.QueryBundle;
import io.joern.console.TraversalWithStrRep$;
import io.joern.console.q;
import io.joern.dataflowengineoss.queryengine.EngineContext;
import io.joern.scanners.Crew$;
import io.joern.scanners.QueryTags$;
import io.shiftleft.codepropertygraph.generated.nodes.Call;
import io.shiftleft.codepropertygraph.generated.traversal.CallTraversalExtGen$;
import io.shiftleft.codepropertygraph.generated.traversal.ExpressionTraversalExtGen$;
import io.shiftleft.semanticcpg.language.nodemethods.AstNodeMethods$;
import io.shiftleft.semanticcpg.language.nodemethods.CallMethods$;
import io.shiftleft.semanticcpg.language.nodemethods.CfgNodeMethods$;
import io.shiftleft.semanticcpg.language.package$;
import io.shiftleft.semanticcpg.language.types.expressions.generalizations.AstNodeTraversal$;
import java.io.Serializable;
import overflowdb.traversal.TraversalLogicExt$;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Tuple2;
import scala.collection.Iterator;
import scala.collection.StringOps$;
import scala.collection.immutable.$colon;
import scala.collection.immutable.Map;
import scala.collection.immutable.Nil$;
import scala.collection.immutable.Seq;
import scala.collection.immutable.Set;
import scala.runtime.BoxesRunTime;
import scala.runtime.ModuleSerializationProxy;
import scala.runtime.ScalaRunTime$;

/* compiled from: FileOpRace.scala */
/* loaded from: input_file:io/joern/scanners/c/FileOpRace$.class */
public final class FileOpRace$ implements QueryBundle, Serializable {
    public static final FileOpRace$ MODULE$ = new FileOpRace$();

    private FileOpRace$() {
    }

    private Object writeReplace() {
        return new ModuleSerializationProxy(FileOpRace$.class);
    }

    @q
    public Query fileOperationRace(EngineContext engineContext) {
        return Query$.MODULE$.make("file-operation-race", Crew$.MODULE$.malte(), "Two file operations on the same path can act on different files", StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n        |Two subsequent file operations are performed on the same path. Depending on the permissions\n        |on this path, an attacker can exploit a race condition and replace the file or directory\n        |the path refers to between these calls.\n        |Use file operations based on file descriptor/pointer/handles instead of paths to avoid this issue.\n        |")), 3.0d, TraversalWithStrRep$.MODULE$.apply(cpg -> {
            Map map = (Map) Predef$.MODULE$.Map().apply(ScalaRunTime$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("access"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("chdir"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("chmod"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("chown"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("creat"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("faccessat"), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("fchmodat"), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("fopen"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("fstatat"), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("lchown"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("linkat"), new $colon.colon(BoxesRunTime.boxToInteger(2), new $colon.colon(BoxesRunTime.boxToInteger(4), Nil$.MODULE$))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("link"), new $colon.colon(BoxesRunTime.boxToInteger(1), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("lstat"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("mkdirat"), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("mkdir"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("mkfifoat"), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("mkfifo"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("mknodat"), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("mknod"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("openat"), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("open"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("readlinkat"), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("readlink"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("renameat"), new $colon.colon(BoxesRunTime.boxToInteger(2), new $colon.colon(BoxesRunTime.boxToInteger(4), Nil$.MODULE$))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("rename"), new $colon.colon(BoxesRunTime.boxToInteger(1), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("rmdir"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("stat"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("unlinkat"), new $colon.colon(BoxesRunTime.boxToInteger(2), Nil$.MODULE$)), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("unlink"), new $colon.colon(BoxesRunTime.boxToInteger(1), Nil$.MODULE$))}));
            return fileCalls$1(map, package$.MODULE$.toNodeTypeStarters(cpg).call()).filter(call -> {
                Set set = ExpressionTraversalExtGen$.MODULE$.code$extension(package$.MODULE$.toExpressionTraversalExtGen(fileCalls$1(map, AstNodeTraversal$.MODULE$.isCall$extension(package$.MODULE$.iterOnceToAstNodeTraversal(AstNodeMethods$.MODULE$.ast$extension(package$.MODULE$.cfgNodeToAsNode(CfgNodeMethods$.MODULE$.method$extension(package$.MODULE$.toCfgNodeMethods(call))))))).filter(call -> {
                    return call != null ? !call.equals(call) : call != null;
                }).flatMap(call2 -> {
                    return fileArgs$1(map, call2);
                }))).toSet();
                return ExpressionTraversalExtGen$.MODULE$.code$extension(package$.MODULE$.toExpressionTraversalExtGen(fileArgs$1(map, call))).exists(str -> {
                    return set.contains(str);
                });
            });
        }, "{ cpg =>\n        val operations: Map[String, Seq[Int]] = Map(\n          \"access\"     -> Seq(1),\n          \"chdir\"      -> Seq(1),\n          \"chmod\"      -> Seq(1),\n          \"chown\"      -> Seq(1),\n          \"creat\"      -> Seq(1),\n          \"faccessat\"  -> Seq(2),\n          \"fchmodat\"   -> Seq(2),\n          \"fopen\"      -> Seq(1),\n          \"fstatat\"    -> Seq(2),\n          \"lchown\"     -> Seq(1),\n          \"linkat\"     -> Seq(2, 4),\n          \"link\"       -> Seq(1, 2),\n          \"lstat\"      -> Seq(1),\n          \"mkdirat\"    -> Seq(2),\n          \"mkdir\"      -> Seq(1),\n          \"mkfifoat\"   -> Seq(2),\n          \"mkfifo\"     -> Seq(1),\n          \"mknodat\"    -> Seq(2),\n          \"mknod\"      -> Seq(1),\n          \"openat\"     -> Seq(2),\n          \"open\"       -> Seq(1),\n          \"readlinkat\" -> Seq(2),\n          \"readlink\"   -> Seq(1),\n          \"renameat\"   -> Seq(2, 4),\n          \"rename\"     -> Seq(1, 2),\n          \"rmdir\"      -> Seq(1),\n          \"stat\"       -> Seq(1),\n          \"unlinkat\"   -> Seq(2),\n          \"unlink\"     -> Seq(1)\n        )\n\n        def fileCalls(calls: Iterator[Call]) =\n          calls.nameExact(operations.keys.toSeq*)\n\n        def fileArgs(c: Call) =\n          c.argument.whereNot(_.isLiteral).argumentIndex(operations(c.name)*)\n\n        fileCalls(cpg.call)\n          .filter(call => {\n            val otherCalls = fileCalls(call.method.ast.isCall).filter(_ != call)\n            val argsForOtherCalls =\n              otherCalls.flatMap(c => fileArgs(c)).code.toSet\n\n            fileArgs(call).code.exists(arg => argsForOtherCalls.contains(arg))\n          })\n      }"), new $colon.colon(QueryTags$.MODULE$.raceCondition(), new $colon.colon(QueryTags$.MODULE$.m4default(), Nil$.MODULE$)), CodeExamples$.MODULE$.apply(new $colon.colon(StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n          |\n          |void insecure_race(char *path) {\n          |    chmod(path, 0);\n          |    rename(path, \"/some/new/path\");\n          |}\n          |\n          |")), Nil$.MODULE$), new $colon.colon(StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n          |\n          |void secure_handle(char *path) {\n          |    FILE *file = fopen(path, \"r\");\n          |    fchown(fileno(file), 0, 0);\n          |}\n          |\n          |")), Nil$.MODULE$)), Query$.MODULE$.make$default$9());
    }

    private final Iterator fileCalls$1(Map map, Iterator iterator) {
        return CallTraversalExtGen$.MODULE$.nameExact$extension(package$.MODULE$.toCallTraversalExtGen(iterator), map.keys().toSeq());
    }

    private final Iterator fileArgs$1(Map map, Call call) {
        return ExpressionTraversalExtGen$.MODULE$.argumentIndex$extension(package$.MODULE$.toExpressionTraversalExtGen(TraversalLogicExt$.MODULE$.whereNot$extension(package$.MODULE$.toTraversalLogicExt(CallMethods$.MODULE$.argument$extension(package$.MODULE$.toCallMethods(call))), iterator -> {
            return AstNodeTraversal$.MODULE$.isLiteral$extension(package$.MODULE$.iterOnceToAstNodeTraversal(iterator));
        })), (Seq) map.apply(call.name()));
    }
}
