package com.sonatype.insight.scanner.call.flow.analyzer.wala;

import com.ibm.wala.ipa.callgraph.CGNode;
import com.ibm.wala.ipa.callgraph.CallGraph;
import com.sonatype.clm.dto.model.signature.ComponentWithSignatures;
import com.sonatype.clm.dto.model.signature.ComponentWithSignaturesList;
import com.sonatype.clm.dto.model.signature.Signature;
import com.sonatype.clm.dto.model.signature.VulnerabilitySignatureAnalysisDTO;
import com.sonatype.insight.scanner.call.flow.analyzer.CallFlowGraphHandler;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import java.util.stream.Collectors;
import org.slf4j.Logger;

/* loaded from: input_file:com/sonatype/insight/scanner/call/flow/analyzer/wala/WalaCallFlowGraphHandler.class */
public class WalaCallFlowGraphHandler implements CallFlowGraphHandler {
    static final String ANALYZER_VERSION = "1.0.0";
    private final Logger log;
    private final CallGraph callGraph;
    private final Set<Signature> vulnerableComponentsSignatures = new HashSet();

    public WalaCallFlowGraphHandler(Logger logger, CallGraph callGraph) {
        this.log = logger;
        this.callGraph = callGraph;
    }

    @Override // com.sonatype.insight.scanner.call.flow.analyzer.CallFlowGraphHandler
    public VulnerabilitySignatureAnalysisDTO buildVulnerabilitySignatureAnalysis(ComponentWithSignaturesList componentWithSignaturesList) {
        addVulnerableComponents(componentWithSignaturesList);
        VulnerabilitySignatureAnalysisDTO vulnerabilitySignatureAnalysisDTO = new VulnerabilitySignatureAnalysisDTO();
        vulnerabilitySignatureAnalysisDTO.analyzer = new VulnerabilitySignatureAnalysisDTO.AnalyzerDTO();
        vulnerabilitySignatureAnalysisDTO.analyzer.name = WalaCallFlowGraphHandler.class.getName();
        vulnerabilitySignatureAnalysisDTO.analyzer.version = ANALYZER_VERSION;
        vulnerabilitySignatureAnalysisDTO.signatures = new ArrayList(this.vulnerableComponentsSignatures.size());
        for (Signature signature : this.vulnerableComponentsSignatures) {
            VulnerabilitySignatureAnalysisDTO.SignatureDTO signatureDTO = new VulnerabilitySignatureAnalysisDTO.SignatureDTO();
            signatureDTO.anchor = signature.getAnchor();
            VulnerabilitySignatureAnalysisDTO.TraceDTO traceDTO = new VulnerabilitySignatureAnalysisDTO.TraceDTO();
            traceDTO.functionDescriptor = signature.getFunctionSignature().getFunctionDescriptor();
            traceDTO.functionParameters = signature.getFunctionSignature().getFunctionParameters();
            signatureDTO.traces = Collections.singletonList(traceDTO);
            vulnerabilitySignatureAnalysisDTO.signatures.add(signatureDTO);
        }
        return vulnerabilitySignatureAnalysisDTO;
    }

    private void addVulnerableComponents(ComponentWithSignaturesList componentWithSignaturesList) {
        if (componentWithSignaturesList == null || componentWithSignaturesList.getComponents().isEmpty()) {
            this.log.info("No vulnerable components to add to call flow graph");
            return;
        }
        this.log.info("Adding vulnerable components to call flow graph");
        for (CGNode cGNode : this.callGraph) {
            Iterator<ComponentWithSignatures> it = componentWithSignaturesList.getComponents().iterator();
            while (true) {
                if (it.hasNext()) {
                    Set set = (Set) it.next().getSignatures().stream().filter(signature -> {
                        return cGNode.getMethod().getSignature().contains(sanitizeSignature(signature));
                    }).collect(Collectors.toSet());
                    if (!set.isEmpty()) {
                        this.vulnerableComponentsSignatures.addAll(set);
                        break;
                    }
                }
            }
        }
    }

    private String sanitizeSignature(Signature signature) {
        return signature.getFunctionSignature().getFunctionDescriptor().substring(0, signature.getFunctionSignature().getFunctionDescriptor().indexOf(40)).replace('/', '.');
    }
}
