package org.sonar.java.checks.security;

import java.util.Arrays;
import java.util.List;
import org.sonar.check.Rule;
import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
import org.sonar.plugins.java.api.semantic.MethodMatchers;
import org.sonar.plugins.java.api.semantic.Symbol;
import org.sonar.plugins.java.api.tree.IdentifierTree;
import org.sonar.plugins.java.api.tree.MethodInvocationTree;
import org.sonar.plugins.java.api.tree.MethodReferenceTree;
import org.sonar.plugins.java.api.tree.Tree;

@Rule(key = "S4829")
/* loaded from: input_file:org/sonar/java/checks/security/StandardInputReadCheck.class */
public class StandardInputReadCheck extends IssuableSubscriptionVisitor {
    private static final MethodMatchers METHOD_MATCHERS = MethodMatchers.or(MethodMatchers.create().ofTypes("java.lang.System").names("setIn").withAnyParameters().build(), MethodMatchers.create().ofTypes("java.io.Console").name(str -> {
        return str.startsWith("read");
    }).withAnyParameters().build());
    private static final MethodMatchers CLOSE_METHOD = MethodMatchers.create().ofAnyType().names("close").addWithoutParametersMatcher().build();

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public List<Tree.Kind> nodesToVisit() {
        return Arrays.asList(Tree.Kind.METHOD_INVOCATION, Tree.Kind.METHOD_REFERENCE, Tree.Kind.IDENTIFIER);
    }

    @Override // org.sonar.java.ast.visitors.SubscriptionVisitor
    public void visitNode(Tree tree) {
        if (hasSemantic()) {
            if (tree.is(Tree.Kind.METHOD_INVOCATION) && METHOD_MATCHERS.matches((MethodInvocationTree) tree)) {
                reportIssue(tree);
                return;
            }
            if (tree.is(Tree.Kind.METHOD_REFERENCE) && METHOD_MATCHERS.matches((MethodReferenceTree) tree)) {
                reportIssue(tree);
            } else if (tree.is(Tree.Kind.IDENTIFIER)) {
                checkIdentifier((IdentifierTree) tree);
            }
        }
    }

    private void checkIdentifier(IdentifierTree identifierTree) {
        Symbol symbol = identifierTree.symbol();
        if (symbol.isVariableSymbol()) {
            Symbol owner = symbol.owner();
            if (!owner.isUnknown() && owner.type().is("java.lang.System") && symbol.type().is("java.io.InputStream") && identifierTree.name().equals("in") && !isClosingStream(identifierTree.parent())) {
                reportIssue(identifierTree);
            }
        }
    }

    private static boolean isClosingStream(Tree tree) {
        if (tree.is(Tree.Kind.PARENTHESIZED_EXPRESSION) || tree.is(Tree.Kind.MEMBER_SELECT)) {
            return isClosingStream(tree.parent());
        }
        if (tree.is(Tree.Kind.METHOD_INVOCATION)) {
            return CLOSE_METHOD.matches((MethodInvocationTree) tree);
        }
        if (tree.is(Tree.Kind.METHOD_REFERENCE)) {
            return CLOSE_METHOD.matches((MethodReferenceTree) tree);
        }
        return false;
    }

    private void reportIssue(Tree tree) {
        reportIssue(tree, "Make sure that reading the standard input is safe here.");
    }
}
