package org.sonar.python.checks.hotspots;

import org.sonar.check.Rule;
import org.sonar.plugins.python.api.PythonSubscriptionCheck;
import org.sonar.plugins.python.api.SubscriptionCheck;
import org.sonar.plugins.python.api.tree.CallExpression;
import org.sonar.plugins.python.api.tree.Name;
import org.sonar.plugins.python.api.tree.Tree;

@Rule(key = "S1523")
/* loaded from: input_file:org/sonar/python/checks/hotspots/DynamicCodeExecutionCheck.class */
public class DynamicCodeExecutionCheck extends PythonSubscriptionCheck {
    private static final String MESSAGE = "Make sure that this dynamic injection or execution of code is safe.";

    public void initialize(SubscriptionCheck.Context context) {
        context.registerSyntaxNodeConsumer(Tree.Kind.CALL_EXPR, subscriptionContext -> {
            CallExpression syntaxNode = subscriptionContext.syntaxNode();
            if (isFuncNameExecOrEval(syntaxNode)) {
                subscriptionContext.addIssue(syntaxNode, MESSAGE);
            }
        });
    }

    private static boolean isFuncNameExecOrEval(CallExpression callExpression) {
        Name callee = callExpression.callee();
        if (!callee.is(new Tree.Kind[]{Tree.Kind.NAME})) {
            return false;
        }
        String name = callee.name();
        return "exec".equals(name) || "eval".equals(name);
    }
}
