package org.owasp.dependencycheck.analyzer;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.data.cpe.Fields;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.Evidence;
import org.owasp.dependencycheck.utils.Settings;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.class */
public class AssemblyAnalyzer extends AbstractFileTypeAnalyzer {
    private static final String ANALYZER_NAME = "Assembly Analyzer";
    private File grokAssemblyExe = null;
    private DocumentBuilder builder;
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INFORMATION_COLLECTION;
    private static final Set<String> SUPPORTED_EXTENSIONS = newHashSet("dll", "exe");
    private static final Logger LOGGER = Logger.getLogger(AssemblyAnalyzer.class.getName(), "dependencycheck-resources");

    private List<String> buildArgumentList() {
        ArrayList arrayList = new ArrayList();
        if (!"\\".equals(System.getProperty("file.separator"))) {
            if (Settings.getString("analyzer.assembly.mono.path") != null) {
                arrayList.add(Settings.getString("analyzer.assembly.mono.path"));
            } else {
                arrayList.add("mono");
            }
        }
        arrayList.add(this.grokAssemblyExe.getPath());
        return arrayList;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    public void analyzeFileType(Dependency dependency, Engine engine) throws AnalysisException {
        String readLine;
        if (this.grokAssemblyExe == null) {
            LOGGER.warning("analyzer.AssemblyAnalyzer.notdeployed");
            return;
        }
        List<String> buildArgumentList = buildArgumentList();
        buildArgumentList.add(dependency.getActualFilePath());
        ProcessBuilder processBuilder = new ProcessBuilder(buildArgumentList);
        BufferedReader bufferedReader = null;
        try {
            try {
                try {
                    try {
                        Process start = processBuilder.start();
                        BufferedReader bufferedReader2 = new BufferedReader(new InputStreamReader(start.getErrorStream(), "UTF-8"));
                        while (bufferedReader2.ready() && (readLine = bufferedReader2.readLine()) != null) {
                            LOGGER.log(Level.WARNING, "analyzer.AssemblyAnalyzer.grokassembly.stderr", readLine);
                        }
                        Document parse = this.builder.parse(start.getInputStream());
                        try {
                            int waitFor = start.waitFor();
                            if (waitFor == 3) {
                                LOGGER.log(Level.FINE, "analyzer.AssemblyAnalyzer.notassembly", dependency.getActualFilePath());
                                if (bufferedReader2 != null) {
                                    try {
                                        bufferedReader2.close();
                                        return;
                                    } catch (IOException e) {
                                        LOGGER.log(Level.FINEST, "ignore", (Throwable) e);
                                        return;
                                    }
                                }
                                return;
                            }
                            if (waitFor != 0) {
                                LOGGER.log(Level.WARNING, "analyzer.AssemblyAnalyzer.grokassembly.rc", Integer.valueOf(waitFor));
                            }
                            XPath newXPath = XPathFactory.newInstance().newXPath();
                            String evaluate = newXPath.evaluate("/assembly/error", parse);
                            if (evaluate != null && !"".equals(evaluate)) {
                                throw new AnalysisException(evaluate);
                            }
                            String evaluate2 = newXPath.evaluate("/assembly/version", parse);
                            if (evaluate2 != null) {
                                dependency.getVersionEvidence().addEvidence(new Evidence("grokassembly", "version", evaluate2, Confidence.HIGHEST));
                            }
                            String evaluate3 = newXPath.evaluate("/assembly/company", parse);
                            if (evaluate3 != null) {
                                dependency.getVendorEvidence().addEvidence(new Evidence("grokassembly", Fields.VENDOR, evaluate3, Confidence.HIGH));
                            }
                            String evaluate4 = newXPath.evaluate("/assembly/product", parse);
                            if (evaluate4 != null) {
                                dependency.getProductEvidence().addEvidence(new Evidence("grokassembly", Fields.PRODUCT, evaluate4, Confidence.HIGH));
                            }
                            if (bufferedReader2 != null) {
                                try {
                                    bufferedReader2.close();
                                } catch (IOException e2) {
                                    LOGGER.log(Level.FINEST, "ignore", (Throwable) e2);
                                }
                            }
                        } catch (InterruptedException e3) {
                            if (bufferedReader2 != null) {
                                try {
                                    bufferedReader2.close();
                                } catch (IOException e4) {
                                    LOGGER.log(Level.FINEST, "ignore", (Throwable) e4);
                                }
                            }
                        }
                    } catch (Throwable th) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (IOException e5) {
                                LOGGER.log(Level.FINEST, "ignore", (Throwable) e5);
                            }
                        }
                        throw th;
                    }
                } catch (XPathExpressionException e6) {
                    throw new AnalysisException(e6);
                }
            } catch (SAXException e7) {
                throw new AnalysisException("Couldn't parse GrokAssembly result", e7);
            }
        } catch (IOException e8) {
            throw new AnalysisException(e8);
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    public void initializeFileTypeAnalyzer() throws Exception {
        File createTempFile = File.createTempFile("GKA", ".exe", Settings.getTempDirectory());
        FileOutputStream fileOutputStream = null;
        InputStream inputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(createTempFile);
                inputStream = AssemblyAnalyzer.class.getClassLoader().getResourceAsStream("GrokAssembly.exe");
                byte[] bArr = new byte[4096];
                while (true) {
                    int read = inputStream.read(bArr);
                    if (read < 0) {
                        break;
                    } else {
                        fileOutputStream.write(bArr, 0, read);
                    }
                }
                this.grokAssemblyExe = createTempFile;
                this.grokAssemblyExe.deleteOnExit();
                LOGGER.log(Level.FINE, "analyzer.AssemblyAnalyzer.grokassembly.deployed", this.grokAssemblyExe.getPath());
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th) {
                        LOGGER.fine("Error closing output stream");
                    }
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        LOGGER.fine("Error closing input stream");
                    }
                }
                BufferedReader bufferedReader = null;
                try {
                    try {
                        Process start = new ProcessBuilder(buildArgumentList()).start();
                        bufferedReader = new BufferedReader(new InputStreamReader(start.getErrorStream(), "UTF-8"));
                        while (bufferedReader.ready() && bufferedReader.readLine() != null) {
                        }
                        String evaluate = XPathFactory.newInstance().newXPath().evaluate("/assembly/error", DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(start.getInputStream()));
                        if (start.waitFor() != 1 || evaluate == null || "".equals(evaluate)) {
                            LOGGER.warning("An error occurred with the .NET AssemblyAnalyzer, please see the log for more details.");
                            LOGGER.fine("GrokAssembly.exe is not working properly");
                            this.grokAssemblyExe = null;
                            setEnabled(false);
                            throw new AnalysisException("Could not execute .NET AssemblyAnalyzer");
                        }
                        if (bufferedReader != null) {
                            try {
                                bufferedReader.close();
                            } catch (IOException e) {
                                LOGGER.log(Level.FINEST, "ignore", (Throwable) e);
                            }
                        }
                        this.builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
                    } catch (Throwable th3) {
                        if (bufferedReader != null) {
                            try {
                                bufferedReader.close();
                            } catch (IOException e2) {
                                LOGGER.log(Level.FINEST, "ignore", (Throwable) e2);
                            }
                        }
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (th4 instanceof AnalysisException) {
                        throw ((AnalysisException) th4);
                    }
                    LOGGER.warning("analyzer.AssemblyAnalyzer.grokassembly.initialization.failed");
                    LOGGER.log(Level.FINE, "analyzer.AssemblyAnalyzer.grokassembly.initialization.message", th4.getMessage());
                    setEnabled(false);
                    throw new AnalysisException("An error occured with the .NET AssemblyAnalyzer", th4);
                }
            } catch (Throwable th5) {
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th6) {
                        LOGGER.fine("Error closing output stream");
                    }
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th7) {
                        LOGGER.fine("Error closing input stream");
                    }
                }
                throw th5;
            }
        } catch (IOException e3) {
            setEnabled(false);
            LOGGER.log(Level.WARNING, "analyzer.AssemblyAnalyzer.grokassembly.notdeployed", e3.getMessage());
            throw new AnalysisException("Could not extract GrokAssembly.exe", e3);
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer, org.owasp.dependencycheck.analyzer.Analyzer
    public void close() throws Exception {
        super.close();
        try {
            if (this.grokAssemblyExe != null && !this.grokAssemblyExe.delete()) {
                this.grokAssemblyExe.deleteOnExit();
            }
        } catch (SecurityException e) {
            LOGGER.fine("analyzer.AssemblyAnalyzer.grokassembly.notdeleted");
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    public Set<String> getSupportedExtensions() {
        return SUPPORTED_EXTENSIONS;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractFileTypeAnalyzer
    protected String getAnalyzerEnabledSettingKey() {
        return "analyzer.assembly.enabled";
    }
}
