package com.h3xstream.findsecbugs.n;

import edu.umd.cs.findbugs.BugInstance;
import edu.umd.cs.findbugs.BugReporter;
import edu.umd.cs.findbugs.Detector;
import edu.umd.cs.findbugs.ba.CFGBuilderException;
import edu.umd.cs.findbugs.ba.ClassContext;
import edu.umd.cs.findbugs.ba.Location;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.apache.bcel.classfile.AnnotationEntry;
import org.apache.bcel.classfile.JavaClass;
import org.apache.bcel.classfile.Method;
import org.apache.bcel.generic.ConstantPoolGen;
import org.apache.bcel.generic.INVOKEVIRTUAL;
import org.apache.bcel.generic.LDC;

/* compiled from: SpringUnvalidatedRedirectDetector.java */
/* loaded from: classes.dex */
public class a implements Detector {
    private static final String a = "SPRING_UNVALIDATED_REDIRECT";
    private static final List<String> b = Arrays.asList("Lorg/springframework/web/bind/annotation/RequestMapping;", "Lorg/springframework/web/bind/annotation/GetMapping;", "Lorg/springframework/web/bind/annotation/PostMapping;", "Lorg/springframework/web/bind/annotation/PutMapping;", "Lorg/springframework/web/bind/annotation/DeleteMapping;", "Lorg/springframework/web/bind/annotation/PatchMapping;");
    private BugReporter c;

    public a(BugReporter bugReporter) {
        this.c = bugReporter;
    }

    private void a(Method method, ClassContext classContext) {
        JavaClass javaClass = classContext.getJavaClass();
        ConstantPoolGen constantPoolGen = classContext.getConstantPoolGen();
        Iterator locationIterator = classContext.getCFG(method).locationIterator();
        while (locationIterator.hasNext()) {
            Location location = (Location) locationIterator.next();
            INVOKEVIRTUAL instruction = location.getHandle().getInstruction();
            if (instruction instanceof INVOKEVIRTUAL) {
                INVOKEVIRTUAL invokevirtual = instruction;
                if ("java.lang.StringBuilder".equals(invokevirtual.getClassName(constantPoolGen)) && "append".equals(invokevirtual.getMethodName(constantPoolGen))) {
                    LDC instruction2 = location.getHandle().getPrev().getInstruction();
                    if (instruction2 instanceof LDC) {
                        Object value = instruction2.getValue(constantPoolGen);
                        if ((value instanceof String) && "redirect:".equals((String) value)) {
                            BugInstance bugInstance = new BugInstance(this, a, 2);
                            bugInstance.addClass(javaClass).addMethod(javaClass, method).addSourceLine(classContext, method, location);
                            this.c.reportBug(bugInstance);
                        }
                    }
                }
            }
        }
    }

    private boolean a(JavaClass javaClass) {
        for (Method method : javaClass.getMethods()) {
            for (AnnotationEntry annotationEntry : method.getAnnotationEntries()) {
                if (b.contains(annotationEntry.getAnnotationType())) {
                    return true;
                }
            }
        }
        return false;
    }

    public void a() {
    }

    public void a(ClassContext classContext) {
        JavaClass javaClass = classContext.getJavaClass();
        if (a(javaClass)) {
            Method[] methods = javaClass.getMethods();
            for (Method method : methods) {
                try {
                    a(method, classContext);
                } catch (CFGBuilderException e) {
                }
            }
        }
    }
}
