package io.joern.scanners.java;

import flatgraph.traversal.GenericSteps$;
import io.joern.console.CodeSnippet$;
import io.joern.console.MultiFileCodeExamples;
import io.joern.console.MultiFileCodeExamples$;
import io.joern.console.Query;
import io.joern.console.Query$;
import io.joern.console.QueryBundle;
import io.joern.console.TraversalWithStrRep;
import io.joern.console.TraversalWithStrRep$;
import io.joern.console.q;
import io.joern.dataflowengineoss.language.ExtendedCfgNode$;
import io.joern.dataflowengineoss.queryengine.EngineContext;
import io.joern.scanners.Crew$;
import io.joern.scanners.QueryTags$;
import io.shiftleft.codepropertygraph.generated.Cpg;
import io.shiftleft.codepropertygraph.generated.traversals.TraversalPropertyName$;
import io.shiftleft.codepropertygraph.generated.traversals.TraversalPropertyOrder$;
import io.shiftleft.semanticcpg.language.ICallResolver;
import io.shiftleft.semanticcpg.language.NoResolve$;
import io.shiftleft.semanticcpg.language.package$;
import io.shiftleft.semanticcpg.language.types.expressions.CallTraversal$;
import io.shiftleft.semanticcpg.language.types.structure.MethodParameterTraversal$;
import java.io.Serializable;
import scala.Predef$;
import scala.collection.IterableOnce;
import scala.collection.Iterator;
import scala.collection.StringOps$;
import scala.collection.immutable.$colon;
import scala.collection.immutable.List;
import scala.collection.immutable.Nil$;
import scala.runtime.ModuleSerializationProxy;
import scala.runtime.ScalaRunTime$;

/* compiled from: SpringExpressionLanguageInjection.scala */
/* loaded from: input_file:io/joern/scanners/java/SpringExpressionLanguageInjection$.class */
public final class SpringExpressionLanguageInjection$ implements QueryBundle, Serializable {
    public static final SpringExpressionLanguageInjection$ MODULE$ = new SpringExpressionLanguageInjection$();
    private static final ICallResolver resolver = NoResolve$.MODULE$;

    private SpringExpressionLanguageInjection$() {
    }

    private Object writeReplace() {
        return new ModuleSerializationProxy(SpringExpressionLanguageInjection$.class);
    }

    public ICallResolver resolver() {
        return resolver;
    }

    @q
    public Query SpelInject(EngineContext engineContext) {
        String SJ1iu = Crew$.MODULE$.SJ1iu();
        String stripMargin$extension = StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n        | In a SpEL injection, if user-controlled input is directly parsed and evaluated as a SpEL expression without validation, attackers can execute arbitrary expressions.\n        |"));
        TraversalWithStrRep apply = TraversalWithStrRep$.MODULE$.apply(cpg -> {
            return package$.MODULE$.iterableOnceToIterator(GenericSteps$.MODULE$.l$extension(package$.MODULE$.iterableToGenericSteps(ExtendedCfgNode$.MODULE$.reachableBy$extension(io.joern.dataflowengineoss.language.package$.MODULE$.toExtendedCfgNode(sink$1(cpg)), source$1(cpg), ScalaRunTime$.MODULE$.genericWrapArray(new IterableOnce[0]), engineContext))));
        }, "{ cpg =>\n\n        def source =\n          cpg.parameter.where(_.annotation.name(\"RequestParam\")).where(_.name(\"expression\"))\n\n        def sink =\n          cpg.call.name(\"parseExpression\").argument.order(2).l\n\n        sink.reachableBy(source).l\n\n      }");
        List colonVar = new $colon.colon(QueryTags$.MODULE$.badfn(), new $colon.colon(QueryTags$.MODULE$.m4default(), Nil$.MODULE$));
        MultiFileCodeExamples apply2 = MultiFileCodeExamples$.MODULE$.apply(new $colon.colon(new $colon.colon(CodeSnippet$.MODULE$.apply(StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n      |import org.springframework.expression.ExpressionParser;\n      |import org.springframework.expression.spel.standard.SpelExpressionParser;\n      |import org.springframework.web.bind.annotation.GetMapping;\n      |import org.springframework.web.bind.annotation.RequestParam;\n      |import org.springframework.web.bind.annotation.RestController;\n      |@RestController\n      |public class SpelInjectionController {\n      |private final ExpressionParser parser = new SpelExpressionParser();\n\n      |@GetMapping(\"/evaluate\")\n      |public String evaluateExpression(@RequestParam String expression) {\n      |// This line is vulnerable to SpEL injection as it directly evaluates user input\n      |Object result = parser.parseExpression(expression).getValue();\n      |return \"Evaluation result: \" + result;\n      |}\n      |}\n      |")), "Positive.kt"), Nil$.MODULE$), Nil$.MODULE$), new $colon.colon(new $colon.colon(CodeSnippet$.MODULE$.apply(StringOps$.MODULE$.stripMargin$extension(Predef$.MODULE$.augmentString("\n      |import org.springframework.expression.ExpressionParser;\n      |import org.springframework.expression.spel.standard.SpelExpressionParser;\n      |import org.springframework.web.bind.annotation.GetMapping;\n      |import org.springframework.web.bind.annotation.RequestParam;\n      |import org.springframework.web.bind.annotation.RestController;\n      |@RestController\n      |public class SpelInjectionController {\n      |private final ExpressionParser parser = new SpelExpressionParser();\n\n      |@GetMapping(\"/evaluate\")\n      |public String evaluateExpression(@RequestParam String expression) {\n      |return \"NOT VULNERABLE\";\n      |}\n      |}\n      |")), "Negative.kt"), Nil$.MODULE$), Nil$.MODULE$));
        return Query$.MODULE$.make("Spring-Expression-Language-Injection", SJ1iu, "Spring-Expression-Language-Injection: The value is taken from user input and passed to ExpressionParser!!", stripMargin$extension, 8.0d, apply, colonVar, Query$.MODULE$.make$default$8(), apply2);
    }

    private final Iterator source$1(Cpg cpg) {
        return GenericSteps$.MODULE$.where$extension(package$.MODULE$.iterableToGenericSteps(GenericSteps$.MODULE$.where$extension(package$.MODULE$.iterableToGenericSteps(package$.MODULE$.toNodeTypeStarters(cpg).parameter()), iterator -> {
            return TraversalPropertyName$.MODULE$.name$extension(package$.MODULE$.accessPropertyNameTraversal(MethodParameterTraversal$.MODULE$.annotation$extension(package$.MODULE$.iterOnceToMethodParameterInTrav(iterator))), "RequestParam");
        })), iterator2 -> {
            return TraversalPropertyName$.MODULE$.name$extension(package$.MODULE$.accessPropertyNameTraversal(iterator2), "expression");
        });
    }

    private final List sink$1(Cpg cpg) {
        return GenericSteps$.MODULE$.l$extension(package$.MODULE$.iterableToGenericSteps(TraversalPropertyOrder$.MODULE$.order$extension(package$.MODULE$.accessPropertyOrderTraversal(CallTraversal$.MODULE$.argument$extension(package$.MODULE$.iterOnceToOriginalCallTrav(TraversalPropertyName$.MODULE$.name$extension(package$.MODULE$.accessPropertyNameTraversal(package$.MODULE$.toGeneratedNodeStarters(cpg).call()), "parseExpression")))), 2)));
    }
}
