package org.sonar.java.checks.regex;

import java.util.ArrayDeque;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Deque;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import javax.annotation.Nullable;
import org.sonar.check.Rule;
import org.sonar.java.checks.helpers.IntersectAutomataChecker;
import org.sonar.java.checks.helpers.RegexReachabilityChecker;
import org.sonar.java.checks.helpers.RegexTreeHelper;
import org.sonar.java.checks.helpers.SimplifiedRegexCharacterClass;
import org.sonar.java.checks.helpers.SubAutomaton;
import org.sonar.java.checks.regex.AbstractRegexCheckTrackingMatchType;
import org.sonar.plugins.java.api.tree.ExpressionTree;
import org.sonarsource.analyzer.commons.regex.RegexParseResult;
import org.sonarsource.analyzer.commons.regex.ast.AtomicGroupTree;
import org.sonarsource.analyzer.commons.regex.ast.AutomatonState;
import org.sonarsource.analyzer.commons.regex.ast.BackReferenceTree;
import org.sonarsource.analyzer.commons.regex.ast.CharacterClassElementTree;
import org.sonarsource.analyzer.commons.regex.ast.DisjunctionTree;
import org.sonarsource.analyzer.commons.regex.ast.DotTree;
import org.sonarsource.analyzer.commons.regex.ast.GroupTree;
import org.sonarsource.analyzer.commons.regex.ast.RegexBaseVisitor;
import org.sonarsource.analyzer.commons.regex.ast.RegexTree;
import org.sonarsource.analyzer.commons.regex.ast.RepetitionTree;

@Rule(key = "S5852")
/* loaded from: input_file:org/sonar/java/checks/regex/RedosCheck.class */
public class RedosCheck extends AbstractRegexCheckTrackingMatchType {
    private static final String MESSAGE = "Make sure the regex used here, which is vulnerable to %s runtime due to backtracking, cannot lead to denial of service%s.";
    private static final String JAVA8_MESSAGE = " or make sure the code is only run using Java 9 or later";
    private static final String EXP = "exponential";
    private static final String POLY = "polynomial";
    private static final int MAX_TRACKED_REPETITIONS = 10;
    private static final int MAX_REGEX_LENGTH = 1000;
    private boolean regexContainsBackReference;
    private BacktrackingType foundBacktrackingType;
    private final RegexReachabilityChecker reachabilityChecker = new RegexReachabilityChecker(false);
    private final IntersectAutomataChecker intersectionChecker = new IntersectAutomataChecker(false);

    /* loaded from: input_file:org/sonar/java/checks/regex/RedosCheck$BacktrackingFinder.class */
    private class BacktrackingFinder extends RegexBaseVisitor {
        private final boolean isReluctant;
        private final AutomatonState endOfLoop;

        public BacktrackingFinder(boolean z, AutomatonState automatonState) {
            this.isReluctant = z;
            this.endOfLoop = automatonState;
        }

        @Override // org.sonarsource.analyzer.commons.regex.ast.RegexBaseVisitor, org.sonarsource.analyzer.commons.regex.ast.RegexVisitor
        public void visitAtomicGroup(AtomicGroupTree atomicGroupTree) {
            new RedosFinder(atomicGroupTree, atomicGroupTree.continuation(), false, false).visit(atomicGroupTree);
        }

        @Override // org.sonarsource.analyzer.commons.regex.ast.RegexBaseVisitor, org.sonarsource.analyzer.commons.regex.ast.RegexVisitor
        public void visitRepetition(RepetitionTree repetitionTree) {
            if (repetitionTree.isPossessive()) {
                new RedosFinder(repetitionTree, repetitionTree.continuation(), false, false).visit(repetitionTree);
            } else {
                if (!containsIntersections(Arrays.asList(repetitionTree.getElement(), repetitionTree.continuation()))) {
                    super.visitRepetition(repetitionTree);
                    return;
                }
                RedosCheck.this.addBacktracking(this.isReluctant ? BacktrackingType.ALWAYS_EXPONENTIAL : repetitionTree.getQuantifier().isOpenEnded() ? BacktrackingType.QUADRATIC_WHEN_OPTIMIZED : BacktrackingType.LINEAR_WHEN_OPTIMIZED);
                super.visitRepetition(repetitionTree);
            }
        }

        @Override // org.sonarsource.analyzer.commons.regex.ast.RegexBaseVisitor, org.sonarsource.analyzer.commons.regex.ast.RegexVisitor
        public void visitDisjunction(DisjunctionTree disjunctionTree) {
            if (containsIntersections(disjunctionTree.getAlternatives())) {
                RedosCheck.this.addBacktracking(this.isReluctant ? BacktrackingType.ALWAYS_EXPONENTIAL : BacktrackingType.LINEAR_WHEN_OPTIMIZED);
            } else {
                super.visitDisjunction(disjunctionTree);
            }
        }

        @Override // org.sonarsource.analyzer.commons.regex.ast.RegexBaseVisitor, org.sonarsource.analyzer.commons.regex.ast.RegexVisitor
        public void visitBackReference(BackReferenceTree backReferenceTree) {
            RedosCheck.this.regexContainsBackReference = true;
        }

        boolean containsIntersections(List<? extends AutomatonState> list) {
            for (int i = 0; i < list.size() - 1; i++) {
                AutomatonState automatonState = list.get(i);
                for (int i2 = i + 1; i2 < list.size(); i2++) {
                    if (RedosCheck.this.intersectionChecker.check(new SubAutomaton(automatonState, this.endOfLoop, false), new SubAutomaton(list.get(i2), this.endOfLoop, false))) {
                        return true;
                    }
                }
            }
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/sonar/java/checks/regex/RedosCheck$BacktrackingType.class */
    public enum BacktrackingType {
        ALWAYS_EXPONENTIAL,
        QUADRATIC_WHEN_OPTIMIZED,
        ALWAYS_QUADRATIC,
        LINEAR_WHEN_OPTIMIZED,
        NO_ISSUE
    }

    /* loaded from: input_file:org/sonar/java/checks/regex/RedosCheck$RedosFinder.class */
    private class RedosFinder extends RegexBaseVisitor {
        private final Deque<RepetitionTree> nonPossessiveRepetitions = new ArrayDeque();
        private final Map<AutomatonState, Boolean> canFailCache = new HashMap();
        private final AutomatonState startOfRegex;
        private final AutomatonState endOfRegex;
        private final boolean isUsedForFullMatch;
        private final boolean isUsedForPartialMatch;

        public RedosFinder(AutomatonState automatonState, AutomatonState automatonState2, boolean z, boolean z2) {
            this.startOfRegex = automatonState;
            this.endOfRegex = automatonState2;
            this.isUsedForFullMatch = z;
            this.isUsedForPartialMatch = z2;
        }

        @Override // org.sonarsource.analyzer.commons.regex.ast.RegexBaseVisitor, org.sonarsource.analyzer.commons.regex.ast.RegexVisitor
        public void visitRepetition(RepetitionTree repetitionTree) {
            if (canFail(repetitionTree.continuation())) {
                if (repetitionTree.isPossessive() || !repetitionTree.getQuantifier().isOpenEnded()) {
                    super.visitRepetition(repetitionTree);
                } else {
                    new BacktrackingFinder(repetitionTree.isReluctant(), repetitionTree.continuation()).visit(repetitionTree.getElement());
                }
                checkForOverlappingRepetitions(repetitionTree);
            }
        }

        private void checkForOverlappingRepetitions(RepetitionTree repetitionTree) {
            if (repetitionTree.getQuantifier().isOpenEnded() && canFail(repetitionTree)) {
                for (RepetitionTree repetitionTree2 : this.nonPossessiveRepetitions) {
                    if (RedosCheck.this.reachabilityChecker.canReach(repetitionTree2, repetitionTree)) {
                        SubAutomaton subAutomaton = new SubAutomaton(repetitionTree2.getElement(), repetitionTree2.continuation(), false);
                        SubAutomaton subAutomaton2 = new SubAutomaton(repetitionTree2.continuation(), repetitionTree, false);
                        SubAutomaton subAutomaton3 = new SubAutomaton(repetitionTree.getElement(), repetitionTree.continuation(), false);
                        if (subAutomatonCanConsume(subAutomaton, subAutomaton2) && automatonIsEmptyOrIntersects(subAutomaton2, subAutomaton3) && RedosCheck.this.intersectionChecker.check(subAutomaton, subAutomaton3)) {
                            RedosCheck.this.addBacktracking(BacktrackingType.ALWAYS_QUADRATIC);
                        }
                    }
                }
                if (overlapsWithImplicitMatchAlls(repetitionTree)) {
                    RedosCheck.this.addBacktracking(BacktrackingType.ALWAYS_QUADRATIC);
                }
                addIfNonPossessive(repetitionTree);
            }
        }

        private boolean subAutomatonCanConsume(SubAutomaton subAutomaton, SubAutomaton subAutomaton2) {
            return RegexTreeHelper.canReachWithoutConsumingInputOrGoingThroughBoundaries(subAutomaton.end, subAutomaton2.end) || RedosCheck.this.intersectionChecker.check(subAutomaton, subAutomaton2);
        }

        private boolean automatonIsEmptyOrIntersects(SubAutomaton subAutomaton, SubAutomaton subAutomaton2) {
            return RegexTreeHelper.canReachWithoutConsumingInputOrGoingThroughBoundaries(subAutomaton.start, subAutomaton.end) || RedosCheck.this.intersectionChecker.check(subAutomaton, subAutomaton2);
        }

        private void addIfNonPossessive(RepetitionTree repetitionTree) {
            if (repetitionTree.isPossessive()) {
                return;
            }
            this.nonPossessiveRepetitions.add(repetitionTree);
            if (this.nonPossessiveRepetitions.size() > 10) {
                this.nonPossessiveRepetitions.removeFirst();
            }
        }

        private boolean overlapsWithImplicitMatchAlls(RepetitionTree repetitionTree) {
            return this.isUsedForPartialMatch && RegexTreeHelper.canReachWithoutConsumingInputOrGoingThroughBoundaries(this.startOfRegex, repetitionTree);
        }

        @Override // org.sonarsource.analyzer.commons.regex.ast.RegexBaseVisitor, org.sonarsource.analyzer.commons.regex.ast.RegexVisitor
        public void visitBackReference(BackReferenceTree backReferenceTree) {
            RedosCheck.this.regexContainsBackReference = true;
        }

        private boolean canFail(AutomatonState automatonState) {
            return canFail(automatonState, (this.isUsedForFullMatch || RegexTreeHelper.isAnchoredAtEnd(automatonState)) ? false : true);
        }

        private boolean canFail(AutomatonState automatonState, boolean z) {
            if (this.canFailCache.containsKey(automatonState)) {
                return this.canFailCache.get(automatonState).booleanValue();
            }
            this.canFailCache.put(automatonState, true);
            if (automatonState.incomingTransitionType() != AutomatonState.TransitionType.EPSILON) {
                return true;
            }
            if (canMatchAnything(automatonState)) {
                z = true;
                automatonState = automatonState.continuation();
            }
            if (z && RegexTreeHelper.canReachWithoutConsumingInput(automatonState, this.endOfRegex)) {
                this.canFailCache.put(automatonState, false);
                return false;
            }
            Iterator<? extends AutomatonState> it = automatonState.successors().iterator();
            while (it.hasNext()) {
                if (!canFail(it.next(), z)) {
                    this.canFailCache.put(automatonState, false);
                    return false;
                }
            }
            return true;
        }

        private boolean canMatchAnything(AutomatonState automatonState) {
            if (!(automatonState instanceof RepetitionTree)) {
                return false;
            }
            RepetitionTree repetitionTree = (RepetitionTree) automatonState;
            return repetitionTree.getQuantifier().getMinimumRepetitions() == 0 && repetitionTree.getQuantifier().isOpenEnded() && canMatchAnyCharacter(repetitionTree.getElement());
        }

        /* JADX WARN: Multi-variable type inference failed */
        private boolean canMatchAnyCharacter(RegexTree regexTree) {
            SimplifiedRegexCharacterClass simplifiedRegexCharacterClass = new SimplifiedRegexCharacterClass();
            for (RegexTree regexTree2 : collectSingleCharacters(regexTree, new ArrayList())) {
                if (regexTree2.is(RegexTree.Kind.DOT)) {
                    simplifiedRegexCharacterClass.add((DotTree) regexTree2);
                } else {
                    simplifiedRegexCharacterClass.add((CharacterClassElementTree) regexTree2);
                }
            }
            return simplifiedRegexCharacterClass.matchesAnyCharacter();
        }

        private List<RegexTree> collectSingleCharacters(@Nullable RegexTree regexTree, List<RegexTree> list) {
            if (regexTree == null) {
                return list;
            }
            if ((regexTree instanceof CharacterClassElementTree) || regexTree.is(RegexTree.Kind.DOT)) {
                list.add(regexTree);
            } else if (regexTree.is(RegexTree.Kind.DISJUNCTION)) {
                Iterator<RegexTree> it = ((DisjunctionTree) regexTree).getAlternatives().iterator();
                while (it.hasNext()) {
                    collectSingleCharacters(it.next(), list);
                }
            } else if (regexTree instanceof GroupTree) {
                collectSingleCharacters(((GroupTree) regexTree).getElement(), list);
            } else if (regexTree.is(RegexTree.Kind.REPETITION)) {
                RepetitionTree repetitionTree = (RepetitionTree) regexTree;
                if (repetitionTree.getQuantifier().getMinimumRepetitions() <= 1) {
                    collectSingleCharacters(repetitionTree.getElement(), list);
                }
            }
            return list;
        }
    }

    private boolean isJava9OrHigher() {
        return this.context.getJavaVersion().isNotSet() || this.context.getJavaVersion().asInt() >= 9;
    }

    private Optional<String> message() {
        boolean z = !this.regexContainsBackReference;
        boolean z2 = isJava9OrHigher() && z;
        switch (this.foundBacktrackingType) {
            case ALWAYS_EXPONENTIAL:
                return Optional.of(String.format(MESSAGE, EXP, ""));
            case QUADRATIC_WHEN_OPTIMIZED:
                Object[] objArr = new Object[2];
                objArr[0] = z2 ? POLY : EXP;
                objArr[1] = "";
                return Optional.of(String.format(MESSAGE, objArr));
            case LINEAR_WHEN_OPTIMIZED:
                if (z2) {
                    return Optional.empty();
                }
                Object[] objArr2 = new Object[2];
                objArr2[0] = EXP;
                objArr2[1] = z ? JAVA8_MESSAGE : "";
                return Optional.of(String.format(MESSAGE, objArr2));
            case ALWAYS_QUADRATIC:
                return Optional.of(String.format(MESSAGE, POLY, ""));
            case NO_ISSUE:
                return Optional.empty();
            default:
                throw new IllegalStateException("This line is not actually reachable");
        }
    }

    @Override // org.sonar.java.checks.regex.AbstractRegexCheckTrackingMatchType
    public void checkRegex(RegexParseResult regexParseResult, ExpressionTree expressionTree, AbstractRegexCheckTrackingMatchType.MatchType matchType) {
        if (regexParseResult.getResult().getText().length() > 1000) {
            return;
        }
        this.regexContainsBackReference = false;
        this.foundBacktrackingType = BacktrackingType.NO_ISSUE;
        this.reachabilityChecker.clearCache();
        this.intersectionChecker.clearCache();
        new RedosFinder(regexParseResult.getStartState(), regexParseResult.getFinalState(), matchType == AbstractRegexCheckTrackingMatchType.MatchType.FULL || matchType == AbstractRegexCheckTrackingMatchType.MatchType.BOTH, matchType == AbstractRegexCheckTrackingMatchType.MatchType.PARTIAL || matchType == AbstractRegexCheckTrackingMatchType.MatchType.BOTH).visit(regexParseResult);
        message().ifPresent(str -> {
            reportIssue(methodOrAnnotationName(expressionTree), str, (Integer) null, Collections.emptyList());
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void addBacktracking(BacktrackingType backtrackingType) {
        if (backtrackingType.ordinal() < this.foundBacktrackingType.ordinal()) {
            this.foundBacktrackingType = backtrackingType;
        }
    }
}
