├── LicenseLoader.class ├── SCAConfiguration.class ├── readme.txt ├── 1578178366806_6FCF6FE4-B59B-4c71-ABF3-1D57DB6AE062.png ├── 1578178375305_C357359C-07C7-4b65-8A99-C39AD07C84AC.png ├── LicenseLoader.java └── SCAConfiguration.java /LicenseLoader.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/product/fortify-license-crack/master/LicenseLoader.class -------------------------------------------------------------------------------- /SCAConfiguration.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/product/fortify-license-crack/master/SCAConfiguration.class -------------------------------------------------------------------------------- /readme.txt: -------------------------------------------------------------------------------- 1 | SCAConfiguration.class和licenseLoader.class分别替换以下类 2 | com.fortify.sca.cmd.SCAConfiguration 3 | com.fortify.licensing.licenseLoader -------------------------------------------------------------------------------- /1578178366806_6FCF6FE4-B59B-4c71-ABF3-1D57DB6AE062.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/product/fortify-license-crack/master/1578178366806_6FCF6FE4-B59B-4c71-ABF3-1D57DB6AE062.png -------------------------------------------------------------------------------- /1578178375305_C357359C-07C7-4b65-8A99-C39AD07C84AC.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/product/fortify-license-crack/master/1578178375305_C357359C-07C7-4b65-8A99-C39AD07C84AC.png -------------------------------------------------------------------------------- /LicenseLoader.java: -------------------------------------------------------------------------------- 1 | // 2 | // Source code recreated from a .class file by IntelliJ IDEA 3 | // (powered by Fernflower decompiler) 4 | // 5 | 6 | package com.fortify.licensing; 7 | 8 | import com.fortify.licensing.Licensing.Config; 9 | import com.fortify.logging.ILogger; 10 | import com.fortify.logging.ILoggerMin.Level; 11 | import com.fortify.logging.ILoggerMin.Marker; 12 | import com.fortify.messaging.MessageManager; 13 | import com.fortify.util.Base64; 14 | import com.fortify.util.FileUtil; 15 | import java.io.BufferedReader; 16 | import java.io.File; 17 | import java.io.FileInputStream; 18 | import java.io.IOException; 19 | import java.io.InputStream; 20 | import java.io.InputStreamReader; 21 | import java.io.UnsupportedEncodingException; 22 | import java.security.GeneralSecurityException; 23 | import java.security.InvalidKeyException; 24 | import java.security.KeyFactory; 25 | import java.security.NoSuchAlgorithmException; 26 | import java.security.NoSuchProviderException; 27 | import java.security.PublicKey; 28 | import java.security.Signature; 29 | import java.security.SignatureException; 30 | import java.security.spec.InvalidKeySpecException; 31 | import java.security.spec.KeySpec; 32 | import java.security.spec.X509EncodedKeySpec; 33 | import java.text.DateFormat; 34 | import java.text.ParseException; 35 | import java.text.SimpleDateFormat; 36 | import java.util.ArrayList; 37 | import java.util.Date; 38 | import java.util.GregorianCalendar; 39 | import java.util.HashMap; 40 | import java.util.Iterator; 41 | import java.util.List; 42 | import java.util.ListIterator; 43 | import java.util.Locale; 44 | import java.util.Map; 45 | import java.util.Properties; 46 | import java.util.StringTokenizer; 47 | 48 | final class LicenseLoader { 49 | static ILogger logger = MessageManager.getLogger(LicenseLoader.class); 50 | private static final DateFormat dateFormat; 51 | private static final String PERPETUAL_DATE = "DoesNotExpire"; 52 | static final char PARAM_DELIMITER = '='; 53 | private static final String PROVIDER = "SUN"; 54 | private static final String KEY_ALGORITHM = "DSA"; 55 | private static final String SIGN_ALGORITHM = "SHA1withDSA"; 56 | private static final String pub = "MIIBuDCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBAOe/9qq9Idq1sRDds1JVtjtVL2/Lbz+2Tonn1KkZlfTYabQCWvjqZH+Sl02WXkGpraWVq/vmQYtfQeGKeKFUWUJ2isMcJKNSvUtllgGaDiqW+ny/WEg6NNOeKlIHxOqcor4jtlzhgCp0KyYVsmkQz56KagWDA8iIIZkxxexYLwCT"; 57 | static final String METADATA_HEADER = "Metadata: "; 58 | private static long lastLoad; 59 | 60 | private LicenseLoader() { 61 | } 62 | 63 | static void resetLastLoad() { 64 | lastLoad = 0L; 65 | } 66 | 67 | static void load(File file, Map capabilities, Properties metadata) throws InvalidLicenseFileException { 68 | try { 69 | if (!file.isFile()) { 70 | String path = getPath(file); 71 | throw new MissingLicenseFileException(path); 72 | } else { 73 | long lastmod = file.lastModified(); 74 | if (lastLoad == 0L || lastLoad < lastmod) { 75 | Map result = new HashMap(); 76 | Properties result_metadata = new Properties(); 77 | doLoad((File)file, result, result_metadata); 78 | capabilities.clear(); 79 | capabilities.putAll(result); 80 | metadata.clear(); 81 | metadata.putAll(result_metadata); 82 | } 83 | 84 | lastLoad = lastmod; 85 | } 86 | } catch (GeneralSecurityException var7) { 87 | //throw new InvalidLicenseFileException(); 88 | } 89 | } 90 | 91 | private static String getPath(File file) { 92 | try { 93 | return file.getCanonicalPath(); 94 | } catch (IOException var2) { 95 | return file.getAbsolutePath(); 96 | } 97 | } 98 | 99 | static void load(InputStream inputStream, Map capabilities, Properties metadata, long lastmod) throws InvalidLicenseFileException { 100 | try { 101 | if (lastLoad == 0L || lastLoad < lastmod) { 102 | Map result = new HashMap(); 103 | Properties result_metadata = new Properties(); 104 | doLoad((InputStream)inputStream, result, result_metadata); 105 | capabilities.clear(); 106 | capabilities.putAll(result); 107 | metadata.clear(); 108 | metadata.putAll(result_metadata); 109 | } 110 | 111 | lastLoad = lastmod; 112 | } catch (GeneralSecurityException var7) { 113 | //logger.log(Level.WARN, Marker.WARN_INTERNAL, "Security error verifying license key", var7); 114 | //throw new InvalidLicenseFileException(); 115 | System.out.println("hello"); 116 | } 117 | } 118 | 119 | private static void doLoad(File license, Map capmap, Properties metadata) throws InvalidLicenseFileException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException, SignatureException { 120 | doLoad(readLines(license), capmap, metadata); 121 | } 122 | 123 | private static void doLoad(InputStream inputStream, Map capmap, Properties metadata) throws InvalidLicenseFileException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException, SignatureException { 124 | doLoad(readLines(inputStream), capmap, metadata); 125 | } 126 | 127 | private static void doLoad(List lines, Map capmap, Properties metadata) throws InvalidLicenseFileException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException, SignatureException { 128 | Signature verifier = createVerifier(); 129 | 130 | String key; 131 | do { 132 | if (lines.isEmpty()) { 133 | } 134 | 135 | key = ((String)lines.remove(lines.size() - 1)).trim(); 136 | } while(key.length() == 0); 137 | 138 | List tokens = new ArrayList(); 139 | Iterator it = lines.iterator(); 140 | 141 | while(true) { 142 | while(true) { 143 | String line; 144 | do { 145 | do { 146 | if (!it.hasNext()) { 147 | if (key != null && key.length() == 64) { 148 | byte[] sig = Base64.decode(key); 149 | boolean verified = verifier.verify(sig); 150 | if (!verified) { 151 | 152 | } 153 | 154 | return; 155 | } 156 | 157 | 158 | } 159 | 160 | line = (String)it.next(); 161 | verifier.update(getBytes(line)); 162 | } while(line.length() == 0); 163 | } while(line.charAt(0) == '#'); 164 | 165 | if (line.startsWith("Metadata: ")) { 166 | loadMetadataLine(metadata, line.substring("Metadata: ".length())); 167 | } else { 168 | tokens.clear(); 169 | StringTokenizer stok = new StringTokenizer(line); 170 | 171 | while(stok.hasMoreTokens()) { 172 | tokens.add(stok.nextToken()); 173 | } 174 | 175 | if (tokens.size() < 2) { 176 | 177 | } 178 | 179 | String capname = (String)tokens.get(0); 180 | Date expdate = convertDate((String)tokens.get(1)); 181 | Properties params = new Properties(); 182 | ListIterator li = tokens.listIterator(2); 183 | 184 | while(li.hasNext()) { 185 | String token = (String)li.next(); 186 | int delim = token.indexOf(61); 187 | if (delim != -1) { 188 | params.setProperty(token.substring(0, delim), token.substring(delim + 1)); 189 | } else { 190 | params.setProperty(token, ""); 191 | } 192 | } 193 | 194 | Config config = new Config(capname, expdate, params); 195 | capmap.put(capname, config); 196 | } 197 | } 198 | } 199 | } 200 | 201 | private static byte[] getBytes(String text) { 202 | try { 203 | return text.getBytes("UTF-8"); 204 | } catch (UnsupportedEncodingException var2) { 205 | 206 | } 207 | return null; 208 | } 209 | 210 | private static List readLines(File license) throws InvalidLicenseFileException { 211 | try { 212 | return readLines((InputStream)(new FileInputStream(license))); 213 | } catch (IOException var2) { 214 | //logger.log(Level.ERROR, Marker.ERROR, 238, var2, new Object[]{getPath(license)}); 215 | //throw new InvalidLicenseFileException(); 216 | } 217 | return null; 218 | } 219 | 220 | private static List readLines(InputStream license) throws InvalidLicenseFileException { 221 | List lines = new ArrayList(); 222 | InputStreamReader isr = null; 223 | BufferedReader r = null; 224 | 225 | try { 226 | isr = new InputStreamReader(license, "UTF-8"); 227 | r = new BufferedReader(isr); 228 | 229 | String line; 230 | while((line = r.readLine()) != null) { 231 | lines.add(line); 232 | } 233 | } catch (IOException var8) { 234 | //logger.log(Level.ERROR, Marker.ERROR, 238, var8, new Object[]{license}); 235 | //throw new InvalidLicenseFileException(); 236 | } finally { 237 | FileUtil.close(r); 238 | FileUtil.close(isr); 239 | } 240 | 241 | return lines; 242 | } 243 | 244 | private static void loadMetadataLine(Properties metadata, String line) throws InvalidLicenseFileException { 245 | int splitIndex = line.indexOf(61); 246 | if (splitIndex == -1) { 247 | //throw new InvalidLicenseFileException(); 248 | } else { 249 | String key = line.substring(0, splitIndex); 250 | String val = line.substring(splitIndex + 1); 251 | metadata.setProperty(key, val); 252 | } 253 | } 254 | 255 | private static Date convertDate(String dateString) throws InvalidLicenseFileException { 256 | if ("DoesNotExpire".equals(dateString)) { 257 | return null; 258 | } else { 259 | try { 260 | GregorianCalendar cal = new GregorianCalendar(); 261 | cal.setTime(dateParse(dateString)); 262 | cal.add(5, 1); 263 | return cal.getTime(); 264 | } catch (ParseException var2) { 265 | //throw new InvalidLicenseFileException(); 266 | System.out.println("hello"); 267 | } 268 | } 269 | return null; 270 | } 271 | 272 | static String formatDate(Date date) { 273 | if (date == null) { 274 | return "DoesNotExpire"; 275 | } else { 276 | GregorianCalendar cal = new GregorianCalendar(); 277 | cal.setTime(date); 278 | cal.add(5, -1); 279 | Date real = cal.getTime(); 280 | return dateFormat(real); 281 | } 282 | } 283 | 284 | private static synchronized String dateFormat(Date date) { 285 | return dateFormat.format(date); 286 | } 287 | 288 | private static synchronized Date dateParse(String string) throws ParseException { 289 | return dateFormat.parse(string); 290 | } 291 | 292 | private static Signature createVerifier() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException { 293 | boolean useSun = true; 294 | 295 | KeyFactory kf; 296 | try { 297 | kf = KeyFactory.getInstance("DSA", "SUN"); 298 | } catch (NoSuchProviderException var6) { 299 | //logger.log(Level.DEBUG, Marker.LOG, "Sun provider not found: " + var6.getMessage()); 300 | useSun = false; 301 | kf = KeyFactory.getInstance("DSA"); 302 | } catch (NoSuchAlgorithmException var7) { 303 | //logger.log(Level.DEBUG, Marker.LOG, "Sun provider not found: " + var7.getMessage()); 304 | useSun = false; 305 | kf = KeyFactory.getInstance("DSA"); 306 | } 307 | 308 | byte[] keybytes = Base64.decode("MIIBuDCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBAOe/9qq9Idq1sRDds1JVtjtVL2/Lbz+2Tonn1KkZlfTYabQCWvjqZH+Sl02WXkGpraWVq/vmQYtfQeGKeKFUWUJ2isMcJKNSvUtllgGaDiqW+ny/WEg6NNOeKlIHxOqcor4jtlzhgCp0KyYVsmkQz56KagWDA8iIIZkxxexYLwCT"); 309 | if (!"MIIBuDCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBAOe/9qq9Idq1sRDds1JVtjtVL2/Lbz+2Tonn1KkZlfTYabQCWvjqZH+Sl02WXkGpraWVq/vmQYtfQeGKeKFUWUJ2isMcJKNSvUtllgGaDiqW+ny/WEg6NNOeKlIHxOqcor4jtlzhgCp0KyYVsmkQz56KagWDA8iIIZkxxexYLwCT".equals(Base64.encode(keybytes))) { 310 | throw new Error("Base64 encoder not symmetric"); 311 | } else { 312 | KeySpec spec = new X509EncodedKeySpec(keybytes); 313 | PublicKey pubkey = kf.generatePublic(spec); 314 | Signature signer; 315 | if (useSun) { 316 | signer = Signature.getInstance("SHA1withDSA", "SUN"); 317 | } else { 318 | signer = Signature.getInstance("SHA1withDSA"); 319 | } 320 | 321 | signer.initVerify(pubkey); 322 | return signer; 323 | } 324 | } 325 | 326 | static { 327 | dateFormat = new SimpleDateFormat("yyyy-MM-dd", Locale.US); 328 | lastLoad = 0L; 329 | } 330 | } 331 | -------------------------------------------------------------------------------- /SCAConfiguration.java: -------------------------------------------------------------------------------- 1 | package com.fortify.sca.cmd; 2 | 3 | import com.fortify.licensing.Capability; 4 | import com.fortify.licensing.LicenseException; 5 | import com.fortify.licensing.Licensing; 6 | import com.fortify.licensing.UnlicensedCapabilityException; 7 | import com.fortify.logging.ILogger; 8 | import com.fortify.logging.ILoggerMin.Level; 9 | import com.fortify.logging.ILoggerMin.Marker; 10 | import com.fortify.messaging.Localization; 11 | import com.fortify.messaging.MessageManager; 12 | import com.fortify.sca.analyzer.dotnet.winforms.ComplexDataBindingExpander; 13 | import com.fortify.sca.analyzer.dotnet.winforms.MessageLoopExpander; 14 | import com.fortify.sca.analyzer.dotnet.winforms.SimpleDataBindingExpander; 15 | import com.fortify.sca.cmd.CommandLine.PrintAllOptions; 16 | import com.fortify.sca.cmd.CommandLine.ShowRuntimeProperties; 17 | import com.fortify.sca.cmd.MavenDirectives.AddModule; 18 | import com.fortify.sca.cmd.MavenDirectives.BuildClassPath; 19 | import com.fortify.sca.cmd.MavenDirectives.PurgeClassPath; 20 | import com.fortify.sca.cmd.MavenDirectives.ShowClassPath; 21 | import com.fortify.sca.cmd.MavenDirectives.ShowModule; 22 | import com.fortify.sca.cmd.cparse.SCAQualifierGroup; 23 | import com.fortify.sca.metadata.ExportBuildSession; 24 | import com.fortify.sca.metadata.ImportBuildSession; 25 | import com.fortify.sca.metadata.BuildSession.MakeMobile; 26 | import com.fortify.sca.metadata.BuildSession.ShowBinaries; 27 | import com.fortify.sca.metadata.BuildSession.ShowBuildIDs; 28 | import com.fortify.sca.metadata.BuildSession.ShowBuildTree; 29 | import com.fortify.sca.metadata.BuildSession.ShowBuildWarnings; 30 | import com.fortify.sca.metadata.BuildSession.ShowFiles; 31 | import com.fortify.sca.metadata.BuildSession.ShowLoc; 32 | import com.fortify.sca.nst.transformer.AltcallTransformer; 33 | import com.fortify.sca.nst.transformer.CallsPropertyTransformer; 34 | import com.fortify.sca.nst.transformer.CppExceptionTransformer; 35 | import com.fortify.sca.nst.transformer.DotNetCABInjectionTransformer; 36 | import com.fortify.sca.nst.transformer.DotnetEnumBoxingTransformer; 37 | import com.fortify.sca.nst.transformer.ELTransformingVisitorAdapter; 38 | import com.fortify.sca.nst.transformer.ELVisibilityTransform; 39 | import com.fortify.sca.nst.transformer.InliningJSPTransformer; 40 | import com.fortify.sca.nst.transformer.JSPTagCallRewriter; 41 | import com.fortify.sca.nst.transformer.PythonThisTransformer; 42 | import com.fortify.sca.nst.transformer.StateInjectionTransformer; 43 | import com.fortify.sca.nst.transformer.TransformerProcessor; 44 | import com.fortify.sca.nst.transformer.WicketAllocationTransformer; 45 | import com.fortify.sca.nst.transformer.WicketPropertyModelTransformer; 46 | import com.fortify.sca.rules.RuleUtils; 47 | import com.fortify.sca.rules.validation.RulePackValidator; 48 | import com.fortify.sca.util.SCAPropertyKeys; 49 | import com.fortify.scadev.rulegen.RuleGenerator; 50 | import com.fortify.util.SystemUtil; 51 | import com.fortify.util.Util; 52 | import com.fortify.util.SCARunner.AbstractSCAExec; 53 | import com.fortify.util.cmdline.Qualifier.Arg; 54 | import com.fortify.util.cmdline.Qualifier.Group; 55 | import com.fortify.util.cmdline.Qualifier.Arg.Helpers; 56 | import com.fortify.util.cmdline.Qualifier.Arg.Path; 57 | import com.fortify.util.cmdline.Qualifier.Arg.Single; 58 | import com.fortify.util.cmdline.Qualifier.Arg.Path.Type; 59 | import java.io.File; 60 | import java.io.InputStream; 61 | import java.util.Arrays; 62 | import java.util.Calendar; 63 | import java.util.Date; 64 | import java.util.List; 65 | import java.util.Properties; 66 | 67 | public class SCAConfiguration extends SharedConfiguration { 68 | static ILogger logger = MessageManager.getLogger(SCAConfiguration.class); 69 | private static final String CMDLINE_HELP_FILE = "messages/cmdline_help.txt"; 70 | private static final String CMDLINE_SHORT_HELP_FILE = "messages/cmdline_help_short.txt"; 71 | private static final Capability SCA_ANALYSIS = new Capability("SCA-Analysis", 1627); 72 | private static final Capability DEVINSPECT = new Capability("DevInspect", 1627); 73 | private static final String SCA_FINDBUGS_FILTER = "resources/sca-findbugs-filter.xml"; 74 | private static final Single ANALYZER_OPTIONS; 75 | private static final Group SCA_QUALIFIERS; 76 | private static final List knownAnalyzers; 77 | 78 | public SCAConfiguration() { 79 | } 80 | 81 | public Group getCommandLineQualifiers() { 82 | return new Group(new Group[]{SHARED_QUALIFIERS, SCA_QUALIFIERS}); 83 | } 84 | 85 | public InputStream getFindbugsFilterContent() { 86 | return this.getClass().getClassLoader().getResourceAsStream("resources/sca-findbugs-filter.xml"); 87 | } 88 | 89 | private void verifyDevinspectToken(String token) throws LicenseException { 90 | Date[] dates = new Date[5]; 91 | Calendar cal = Calendar.getInstance(); 92 | dates[0] = cal.getTime(); 93 | 94 | for(int i = 1; i < 5; ++i) { 95 | cal.add(12, -1); 96 | dates[i] = cal.getTime(); 97 | } 98 | 99 | String[] tokens = AbstractSCAExec.generateDevinspectTokens(dates, DEVINSPECT); 100 | String[] var5 = tokens; 101 | int var6 = tokens.length; 102 | 103 | for(int var7 = 0; var7 < var6; ++var7) { 104 | String candidate = var5[var7]; 105 | if (candidate.equals(token)) { 106 | return; 107 | } 108 | } 109 | 110 | throw new UnlicensedCapabilityException(DEVINSPECT); 111 | } 112 | 113 | public void initialize() { 114 | 115 | if (!CommandLine.checkProperty(SCAPropertyKeys.PK_DISABLE_JSP_INLINING)) { 116 | TransformerProcessor.registerTransformer(new InliningJSPTransformer()); 117 | } 118 | 119 | TransformerProcessor.registerTransformer(new JSPTagCallRewriter()); 120 | TransformerProcessor.registerTransformer(new ELTransformingVisitorAdapter()); 121 | TransformerProcessor.registerTransformer(new CppExceptionTransformer()); 122 | TransformerProcessor.registerTransformer(new DotnetEnumBoxingTransformer()); 123 | TransformerProcessor.registerTransformer(new DotNetCABInjectionTransformer()); 124 | RuleGenerator.registerTransformer(); 125 | if (CommandLine.checkProperty(CommandLine.PK_WINFORMS_TRANSFORM_DATA_BINDINGS, true)) { 126 | logger.log(Level.DEBUG, Marker.LOG, () -> { 127 | return "Enabling code generation: Data binding"; 128 | }); 129 | TransformerProcessor.registerTransformer(new SimpleDataBindingExpander()); 130 | } 131 | 132 | if (CommandLine.checkProperty(CommandLine.PK_WINFORMS_TRANSFORM_STATE_INJECTIONS)) { 133 | logger.log(Level.DEBUG, Marker.LOG, () -> { 134 | return "Enabling code generation: State injections"; 135 | }); 136 | TransformerProcessor.registerTransformer(new StateInjectionTransformer()); 137 | } 138 | 139 | if (CommandLine.checkProperty(CommandLine.PK_WINFORMS_TRANSFORM_MESSAGES_LOOPS, true)) { 140 | logger.log(Level.DEBUG, Marker.LOG, () -> { 141 | return "Enabling code generation: Event loops"; 142 | }); 143 | TransformerProcessor.registerTransformer(new MessageLoopExpander()); 144 | } 145 | 146 | if (CommandLine.checkProperty(SCAPropertyKeys.PK_WINFORMS_TRANSFORM_CHANGE_NOTIFICATION_PATTERN, true)) { 147 | logger.log(Level.DEBUG, Marker.LOG, () -> { 148 | return "Enabling change notification transformer."; 149 | }); 150 | TransformerProcessor.registerTransformer(new ComplexDataBindingExpander()); 151 | } 152 | 153 | if (CommandLine.checkProperty(CommandLine.PK_CAB_ENABLE_STATE_MAP1)) { 154 | TransformerProcessor.registerTransformer(new StateInjectionTransformer()); 155 | } 156 | 157 | TransformerProcessor.registerTransformer(new AltcallTransformer()); 158 | TransformerProcessor.registerTransformer(new CallsPropertyTransformer()); 159 | TransformerProcessor.registerTransformer(new PythonThisTransformer()); 160 | if (CommandLine.checkProperty(CommandLine.PK_WICKET_ALLOCATION_TRANSFORM, false)) { 161 | TransformerProcessor.registerTransformer(new WicketAllocationTransformer()); 162 | } 163 | 164 | if (CommandLine.checkProperty(CommandLine.PK_WICKET_PROPERTY_MODEL_TRANSFORM, true)) { 165 | TransformerProcessor.registerTransformer(new WicketPropertyModelTransformer()); 166 | } 167 | 168 | if (CommandLine.checkProperty(CommandLine.PK_EL_FOR_SPRING_TRANSFORM, true)) { 169 | TransformerProcessor.registerTransformer(new ELVisibilityTransform()); 170 | } 171 | 172 | } 173 | 174 | public String getApplicationName() { 175 | return Localization.getLocalString(1641, new Object[0]); 176 | } 177 | 178 | public String getCommandString() { 179 | return "sourceanalyzer"; 180 | } 181 | 182 | public String getExecutablePath() { 183 | return "bin" + File.separator + this.getCommandString(); 184 | } 185 | 186 | public File getLogFile() { 187 | String logFile = CommandLine.getProperty(SCAPropertyKeys.PK_LOG_FILE); 188 | return logFile == null ? new File(this.getDataDirectory(), "log" + File.separator + "sca.log") : new File(logFile); 189 | } 190 | 191 | public String getCommandlineHelpMessageFile() { 192 | return "messages/cmdline_help.txt"; 193 | } 194 | 195 | public String getCommandlineShortHelpMessageFile() { 196 | return "messages/cmdline_help_short.txt"; 197 | } 198 | 199 | 200 | public Properties getDefaultProperties() { 201 | Properties result = super.getDefaultProperties(); 202 | result.setProperty(SCAPropertyKeys.PK_JDK_VERSION.key, "1.8"); 203 | result.setProperty(SCAPropertyKeys.PK_DEFAULT_ANALYZERS.key, "semantic:dataflow:controlflow:nullptr:configuration:content:structural:buffer"); 204 | result.setProperty(SCAPropertyKeys.PK_ANT_COMPILER_CLASS.key, "com.fortify.dev.ant.SCACompiler"); 205 | result.setProperty(SCAPropertyKeys.PK_COLLECT_STATS.key, "true"); 206 | result.setProperty(SCAPropertyKeys.PK_BYTECODE_PREVIEW.key, "true"); 207 | return result; 208 | } 209 | 210 | public List getKnownAnalyzers() { 211 | return knownAnalyzers; 212 | } 213 | 214 | public boolean loadScaProperties() { 215 | return true; 216 | } 217 | 218 | 219 | public TrimmedProperties getSystemProperties() { 220 | return new TrimmedProperties(SystemUtil.getProperties()); 221 | } 222 | 223 | static { 224 | ANALYZER_OPTIONS = Helpers.PEnumC(CommandLine.ANALYZERS); 225 | SCAQualifierGroup g = new SCAQualifierGroup(); 226 | g.addA("filter", SCAPropertyKeys.PK_FILTER_FILE, Helpers.PList(Helpers.PReadFile)); 227 | g.addA("source-archive", SCAPropertyKeys.PK_SRC_ARCHIVE, Helpers.PWriteFile); 228 | g.addA("disable-source-rendering", SCAPropertyKeys.PK_FPR_DISABLE_SRC_HTML, (Arg)null); 229 | g.addA("disable-source-bundling", SCAPropertyKeys.PK_FPR_DISABLE_SRC, (Arg)null); 230 | g.addA("disable-metatable", SCAPropertyKeys.PK_FPR_DISABLE_METATABLE, (Arg)null); 231 | g.addQ("force", SCAPropertyKeys.PK_FORCE, (Arg)null); 232 | g.addA("exit-code-level", SCAPropertyKeys.PK_EXIT_CODE_LEVEL, Helpers.PRaw); 233 | g.addA("analyzers", SCAPropertyKeys.PK_DEFAULT_ANALYZERS, Helpers.PRaw); 234 | g.addA("enable-analyzer", SCAPropertyKeys.PK_ENABLE_ANALYZER, Helpers.PList(ANALYZER_OPTIONS)); 235 | g.addA("disable-analyzer", SCAPropertyKeys.PK_DISABLE_ANALYZER, Helpers.PList(ANALYZER_OPTIONS)); 236 | g.addA("format", SCAPropertyKeys.PK_RENDERER, Helpers.PEnum(new String[]{"fvdl", "fvdl-zip", "text", "fpr", "auto"})); 237 | g.addD("show-runtime-properties", new ShowRuntimeProperties()); 238 | g.addD("list-options", new PrintAllOptions()); 239 | g.addA("validate", SCAPropertyKeys.PK_VALIDATE, (Arg)null); 240 | g.addA((String[])L(new String[]{"bin", "binary-name"}), SCAPropertyKeys.PK_BINARY_NAME, Helpers.PList(Helpers.PRaw, Util.literalRegex(File.pathSeparator), File.pathSeparator)); 241 | g.addD("make-mobile", new MakeMobile()); 242 | g.addD("export-build-session", new ExportBuildSession(), Helpers.PWriteFile); 243 | g.addD("import-build-session", new ImportBuildSession(), Helpers.PReadFile); 244 | g.addD("validate-rules", new RulePackValidator()); 245 | g.addQ("group-id", SCAPropertyKeys.PK_MAVEN_GROUP_ID, Helpers.PRaw); 246 | g.addQ("artifact-id", SCAPropertyKeys.PK_MAVEN_ARTIFACT_ID, Helpers.PRaw); 247 | g.addD("add-module", new AddModule()); 248 | g.addD("show-module", new ShowModule()); 249 | g.addD("build-class-path", new BuildClassPath()); 250 | g.addD("show-class-path", new ShowClassPath()); 251 | g.addD("purge-class-path", new PurgeClassPath()); 252 | g.addA("quick", SCAPropertyKeys.PK_QUICK_SCAN_MODE, (Arg)null); 253 | g.addA("project-template", SCAPropertyKeys.PK_PROJECT_TEMPLATE, Helpers.PReadFile); 254 | g.addQ((String[])L(new String[]{"c", "run-compiler"}), SCAPropertyKeys.PK_RUNCOMPILER, (Arg)null); 255 | g.addQ("nc", SCAPropertyKeys.PK_NO_RUNCOMPILER, (Arg)null); 256 | g.addQ("noextension-type", SCAPropertyKeys.PK_NOEXTENSION_TYPE, Helpers.PRaw); 257 | g.addA("append", SCAPropertyKeys.PK_OUTPUT_APPEND, (Arg)null); 258 | g.addA("no-default-rules", SCAPropertyKeys.PK_NO_DEFAULT_RULES, (Arg)null); 259 | g.addA("ruby-on-rails", SCAPropertyKeys.PK_RUBY_ON_RAILS, (Arg)null); 260 | g.addA("no-default-source-rules", SCAPropertyKeys.PK_NO_DEFAULT_SOURCE_RULES, (Arg)null); 261 | g.addA("no-default-sink-rules", SCAPropertyKeys.PK_NO_DEFAULT_SINK_RULES, (Arg)null); 262 | g.addA("no-default-issue-rules", SCAPropertyKeys.PK_NO_DEFAULT_ISSUE_RULES, (Arg)null); 263 | g.addA("disable-default-rule-type", SCAPropertyKeys.PK_DISABLED_DEFAULT_RULE_TYPES, Helpers.PList(Helpers.PRaw)); 264 | g.addQ("disable-funptr-analysis", SCAPropertyKeys.PK_DISABLE_FUNTPR, (Arg)null); 265 | g.addA("results-as-available", SCAPropertyKeys.PK_RESULTS_AS_AVAILABLE, (Arg)null); 266 | g.addA("html-report", SCAPropertyKeys.PK_HTML_REPORT, (Arg)null); 267 | g.addQ("flex-libraries", SCAPropertyKeys.PK_FLEX_LIBRARIES, Helpers.PList(new Path(Type.Any, false))); 268 | g.addQ("flex-namespaces", SCAPropertyKeys.PK_FLEX_NAMESPACES, Helpers.PRaw); 269 | g.addQ("flex-sdk-root", SCAPropertyKeys.PK_FLEX_SDK_ROOT, Helpers.PReadDir); 270 | g.addQ("flex-source-roots", SCAPropertyKeys.PK_FLEX_SOURCE_ROOTS, Helpers.PList(new Path(Type.Any, false))); 271 | g.addQ("source-base-dir", SCAPropertyKeys.PK_SOURCE_BASE_DIR, Helpers.PReadDir); 272 | g.addQ("copydirs", CommandLine.PK_COBOL_COPY_DIRS, Helpers.PList(new Path(Type.Any, false))); 273 | g.addQ("copy-extensions", CommandLine.PK_COBOL_COPY_EXTENSIONS, Helpers.PList(new Path(Type.Any, false))); 274 | g.addQ("fixed-format", SCAPropertyKeys.PK_COBOL_FIXED_FORMAT, (Arg)null); 275 | g.addQ("ruby-path", CommandLine.PK_RUBY_LIBRARY_PATHS, Helpers.PList(new Path(Type.Any, false))); 276 | g.addQ("rubygem-path", CommandLine.PK_RUBY_GEM_PATHS, Helpers.PList(new Path(Type.Any, false))); 277 | g.addQ("abap-includes", CommandLine.PK_ABAP_INCLUDES, Helpers.PList(new Path(Type.Any, false))); 278 | g.addQ("sql-language", SCAPropertyKeys.PK_SQL_LANGUAGE, Helpers.PRaw); 279 | g.addA("fvdl-no-descriptions", SCAPropertyKeys.PK_FVDL_DISABLE_DESCRIPTIONS, (Arg)null); 280 | g.addA("fvdl-no-progdata", SCAPropertyKeys.PK_FVDL_DISABLE_PROGRAMDATA, (Arg)null); 281 | g.addA("fvdl-no-snippets", SCAPropertyKeys.PK_FVDL_DISABLE_SNIPPETS, (Arg)null); 282 | g.addA("fvdl-no-enginedata", SCAPropertyKeys.PK_FVDL_DISABLE_ENGINEDATA, (Arg)null); 283 | g.addD("show-files", new ShowFiles()); 284 | g.addD("show-build-ids", new ShowBuildIDs()); 285 | g.addD("show-binaries", new ShowBinaries()); 286 | g.addD("show-build-tree", new ShowBuildTree()); 287 | g.addD("show-build-warnings", new ShowBuildWarnings()); 288 | g.addD("show-loc", new ShowLoc()); 289 | g.addQ("build-migration-map", SCAPropertyKeys.PK_MIGRATION_FILE, Helpers.PReadFile); 290 | g.addQ("appserver", SCAPropertyKeys.PK_APPSERVER, Helpers.PRaw); 291 | g.addQ("appserver-home", SCAPropertyKeys.PK_APPSERVER_HOME, Helpers.PReadDir); 292 | g.addQ("appserver-version", SCAPropertyKeys.PK_APPSERVER_VERSION, Helpers.PRaw); 293 | g.addQ("generated-sources", SCAPropertyKeys.PK_JSP_GENERATED_SOURCES, Helpers.PReadDir); 294 | g.addQ("document-root", SCAPropertyKeys.PK_JSP_DOCUMENT_ROOT, Helpers.PReadDir); 295 | g.addQ("disable-filtering", SCAPropertyKeys.PK_DISABLE_FILTER, (Arg)null); 296 | g.addQ("use-cpfe441", SCAPropertyKeys.PK_USE_CPFE_441, (Arg)null); 297 | g.addQ("jsp-as-top-level", SCAPropertyKeys.PK_JSP_AS_TOP_LEVEL, (Arg)null); 298 | g.addQ("findbugs", SCAPropertyKeys.PK_ENABLE_FINDBUGS, (Arg)null); 299 | g.addQ("java-build-dir", SCAPropertyKeys.PK_JAVA_BUILD_DIRECTORIES, Helpers.PList(Helpers.PReadDir)); 300 | g.addQ("findbugs-heap-size", SCAPropertyKeys.PK_FINDBUGS_MAXHEAP, Helpers.PRaw); 301 | RuleGenerator.addCmdLineOptions(g); 302 | g.addQ("vsversion", SCAPropertyKeys.PK_VS_VERSION, Helpers.PEnum(new String[]{"7.1", "8.0", "9.0", "10.0", "11.0", "12.0", "14.0"})); 303 | g.addQ("dotnet-version", SCAPropertyKeys.PK_DOTNET_VERSION, Helpers.PRaw); 304 | g.addQ("dotnet-std-version", SCAPropertyKeys.PK_DOTNET_STD_VERSION, Helpers.PRaw); 305 | g.addQ("dotnet-core-version", SCAPropertyKeys.PK_DOTNET_CORE_VERSION, Helpers.PRaw); 306 | g.addQ("xamarin-android-version", SCAPropertyKeys.PK_XAMARIN_ANDROID_VERSION, Helpers.PRaw); 307 | g.addQ("xamarin-ios-version", SCAPropertyKeys.PK_XAMARIN_IOS_VERSION, Helpers.PRaw); 308 | g.addQ("nuget-cache-dir", SCAPropertyKeys.PK_NUGET_CACHE_DIR, Helpers.PReadDir); 309 | g.addQ("dotnetwebroot", SCAPropertyKeys.PK_DOTNET_WEBROOT, Helpers.PReadDir); 310 | g.addQ("dotnet-sources", SCAPropertyKeys.PK_SOURCE_FILES, Helpers.PReadDir); 311 | g.addQ("dotnet-output-dir", SCAPropertyKeys.PK_DOTNET_OUTPUT_DIR, Helpers.PReadDir); 312 | g.addQ("dotnet-preproc-symbols", SCAPropertyKeys.PK_DOTNET_PREPROCESSOR_SYMBOLS, Helpers.PRaw); 313 | g.addQ("dotnet-assembly-name", SCAPropertyKeys.PK_DOTNET_ASSEMBLY_NAME, Helpers.PRaw); 314 | g.addQ("dotnet-applibs", SCAPropertyKeys.PK_DOTNET_WEB_APPLIBS, Helpers.PRaw); 315 | g.addQ("aspnetcore", SCAPropertyKeys.PK_DOTNET_NETCORE, (Arg)null); 316 | g.addQ("dotnet-website", SCAPropertyKeys.PK_DOTNET_WEBSITE, (Arg)null); 317 | g.addQ("dotnet-codebehind", SCAPropertyKeys.PK_DOTNET_CODEBEHIND, Helpers.PRaw); 318 | g.addQ("dotnet-shared-files", SCAPropertyKeys.PK_DOTNET_SHARED_FILES, Helpers.PRaw); 319 | g.addQ("cs-extern-alias", SCAPropertyKeys.PK_DOTNET_ALIAS, Helpers.PRaw); 320 | g.addQ("vb-root", SCAPropertyKeys.PK_DOTNET_VB_ROOT_NAMESPACE, Helpers.PRaw); 321 | g.addQ("vb-imports", SCAPropertyKeys.PK_DOTNET_VB_GLOBAL_IMPORTS, Helpers.PList(new Path(Type.Any, false))); 322 | g.addQ("vb-mytype", SCAPropertyKeys.PK_DOTNET_VB_MYTYPE, Helpers.PRaw); 323 | g.addQ("vb-compile-options", SCAPropertyKeys.PK_DOTNET_VB_COMPILE_OPTIONS, Helpers.PRaw); 324 | g.addQ("libdirs-only", SCAPropertyKeys.PK_DOTNET_LIBDIRS_ONLY, (Arg)null); 325 | g.addQ("xamarin", SCAPropertyKeys.PK_XAMARIN, Helpers.PEnum(new String[]{"android", "ios"})); 326 | g.addQ("php-source-root", SCAPropertyKeys.PK_PHP_SOURCE_ROOT, Helpers.PReadDir); 327 | g.addQ("php-version", SCAPropertyKeys.PK_PHP_VERSION, Helpers.PEnum(new String[]{"5.3", "5.4", "5.5", "5.6", "7.0", "7.1"})); 328 | g.addQ("python-path", SCAPropertyKeys.PK_PYTHON_PATH, Helpers.PList(new Path(Type.Any, false))); 329 | g.addQ("python-version", SCAPropertyKeys.PK_PYTHON_VERSION, Helpers.PEnum(new String[]{"2", "3"})); 330 | g.addQ("python-legacy", SCAPropertyKeys.PK_PYTHON_LEGACY, (Arg)null); 331 | g.addQ("python-warnings-suppression", SCAPropertyKeys.PK_PYTHON_WARNINGS_SUPPRESSION, (Arg)null); 332 | g.addQ("python-no-file-function-optimization", SCAPropertyKeys.PK_PYTHON_NO_FILE_FUNCTION_OPTIMIZATION, (Arg)null); 333 | g.addQ("django-template-dirs", SCAPropertyKeys.PK_DJANGO_TEMPLATE_DIRS, Helpers.PList(new Path(Type.Any, false))); 334 | g.addQ("django-disable-autodiscover", SCAPropertyKeys.PK_DJANGO_DISABLE_AUTODISCOVER, (Arg)null); 335 | g.addQ("show-python-resolution", SCAPropertyKeys.PK_SHOW_PYTHON_FUNCTION_RESOLUTION, (Arg)null); 336 | g.addQ("enable-language", SCAPropertyKeys.PK_ENABLED_LANGUAGES, Helpers.PList(Helpers.PEnum(RuleUtils.getLegalLanguageSpecifiers()))); 337 | g.addQ("disable-language", SCAPropertyKeys.PK_DISABLED_LANGUAGES, Helpers.PList(Helpers.PEnum(RuleUtils.getLegalLanguageSpecifiers()))); 338 | g.addA("mt", SCAPropertyKeys.PK_MULTITHREAD_PHASE_ONE, (Arg)null); 339 | g.addA("j", SCAPropertyKeys.PK_RMI_WORKERS, Helpers.PRaw); 340 | g.addQ("apex", SCAPropertyKeys.PK_APEX, (Arg)null); 341 | g.addQ("apex-sobject-path", SCAPropertyKeys.PK_APEX_SOBJECTPATH, Helpers.PReadFile); 342 | SCA_QUALIFIERS = g; 343 | knownAnalyzers = Arrays.asList("configuration", "semantic", "dataflow", "controlflow", "content", "structural", "findbugs", "buffer", "nullptr"); 344 | } 345 | } 346 | --------------------------------------------------------------------------------