package org.sonar.java.checks.security;

import java.util.Arrays;
import java.util.List;
import org.sonar.check.Rule;
import org.sonar.java.checks.LoggerClassCheck;
import org.sonar.java.checks.helpers.ExpressionsHelper;
import org.sonar.java.checks.methods.AbstractMethodDetection;
import org.sonar.plugins.java.api.semantic.MethodMatchers;
import org.sonar.plugins.java.api.tree.ClassTree;
import org.sonar.plugins.java.api.tree.ExpressionTree;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.NewClassTree;
import org.sonar.plugins.java.api.tree.Tree;
import org.sonar.plugins.java.api.tree.TypeTree;

@Rule(key = "S4792")
/* loaded from: input_file:org/sonar/java/checks/security/LogConfigurationCheck.class */
public class LogConfigurationCheck extends AbstractMethodDetection {
    private static final String LOG4J_CONFIGURATOR = "org.apache.logging.log4j.core.config.Configurator";
    private static final String LOG4J_CONFIGURATION_SOURCE = "org.apache.logging.log4j.core.config.ConfigurationSource";
    private static final String MESSAGE = "Make sure that this logger's configuration is safe.";
    private static final String SET_LEVEL = "setLevel";
    private static final String ADD_APPENDER = "addAppender";

    @Override // org.sonar.java.checks.methods.AbstractMethodDetection
    public List<Tree.Kind> nodesToVisit() {
        return Arrays.asList(Tree.Kind.METHOD_INVOCATION, Tree.Kind.NEW_CLASS, Tree.Kind.METHOD_REFERENCE, Tree.Kind.CLASS);
    }

    @Override // org.sonar.java.checks.methods.AbstractMethodDetection
    protected MethodMatchers getMethodInvocationMatchers() {
        return MethodMatchers.or(new MethodMatchers[]{MethodMatchers.create().ofTypes(new String[]{"org.apache.logging.log4j.core.config.builder.api.ConfigurationBuilderFactory"}).names(new String[]{"newConfigurationBuilder"}).addWithoutParametersMatcher().build(), MethodMatchers.create().ofTypes(new String[]{LOG4J_CONFIGURATOR}).names(new String[]{"setAllLevels", SET_LEVEL, "setRootLevel"}).withAnyParameters().build(), MethodMatchers.create().ofTypes(new String[]{"org.apache.logging.log4j.core.config.Configuration"}).names(new String[]{ADD_APPENDER}).withAnyParameters().build(), MethodMatchers.create().ofTypes(new String[]{"org.apache.logging.log4j.core.config.LoggerConfig"}).names(new String[]{ADD_APPENDER, SET_LEVEL}).withAnyParameters().build(), MethodMatchers.create().ofTypes(new String[]{"org.apache.logging.log4j.core.LoggerContext"}).names(new String[]{"setConfigLocation"}).withAnyParameters().build(), MethodMatchers.create().ofTypes(new String[]{LOG4J_CONFIGURATION_SOURCE}).names(new String[]{"<init>", "fromResource", "fromUri"}).withAnyParameters().build(), MethodMatchers.create().ofTypes(new String[]{"java.util.logging.LogManager"}).names(new String[]{"readConfiguration"}).withAnyParameters().build(), MethodMatchers.create().ofTypes(new String[]{"java.util.logging.Logger"}).names(new String[]{SET_LEVEL, "addHandler"}).withAnyParameters().build(), MethodMatchers.create().ofTypes(new String[]{"ch.qos.logback.classic.Logger"}).names(new String[]{ADD_APPENDER, SET_LEVEL}).withAnyParameters().build(), MethodMatchers.create().ofTypes(new String[]{"ch.qos.logback.classic.joran.JoranConfigurator"}).constructor().withAnyParameters().build(), MethodMatchers.create().ofTypes(new String[]{"java.lang.System"}).names(new String[]{"setProperty"}).addParametersMatcher(new String[]{LoggerClassCheck.STRING, LoggerClassCheck.STRING}).build()});
    }

    @Override // org.sonar.java.checks.methods.AbstractMethodDetection
    public void visitNode(Tree tree) {
        if (tree.is(new Tree.Kind[]{Tree.Kind.CLASS})) {
            checkConfigurationFactoryExtension((ClassTree) tree);
        } else {
            super.visitNode(tree);
        }
    }

    private void checkConfigurationFactoryExtension(ClassTree classTree) {
        TypeTree superClass = classTree.superClass();
        if (superClass == null || !superClass.symbolType().is("org.apache.logging.log4j.core.config.ConfigurationFactory")) {
            return;
        }
        reportIssue(superClass, MESSAGE);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.sonar.java.checks.methods.AbstractMethodDetection
    public void onMethodInvocationFound(MethodInvocationTree methodInvocationTree) {
        if (!methodInvocationTree.symbol().name().equals("setProperty")) {
            reportIssue(methodInvocationTree, MESSAGE);
        } else if ("logback.configurationFile".equals(ExpressionsHelper.getConstantValueAsString((ExpressionTree) methodInvocationTree.arguments().get(0)).value())) {
            reportIssue(methodInvocationTree, MESSAGE);
        }
    }

    @Override // org.sonar.java.checks.methods.AbstractMethodDetection
    protected void onConstructorFound(NewClassTree newClassTree) {
        reportIssue(newClassTree, MESSAGE);
    }
}
