How to fetch all variable in java class #7129
-
|
When I use codeql for java, there is a case that i need. /**
* 删除
*/
@RequestMapping(value = "/carousels", method = RequestMethod.DELETE)
@ApiOperation(value = "批量删除轮播图信息", notes = "批量删除轮播图信息")
public Result delete(@RequestBody BatchIdParam batchIdParam, @TokenToAdminUser AdminUserToken adminUser) {
logger.info("adminUser:{}", adminUser.toString());and the Parameter is not a primary type, so i wanna search the variable in the Class AdminUserToken @Data
public class AdminUserToken {
private Long adminUserId;
private String token;
private Date updateTime;
private Date expireTime;
}how could I use codeql to fetch the variable like from Class cls//Field field//int j , VarAccess type, Variable var
where
cls.getQualifiedName().matches("%AdminUserToken%")
select cls, cls.getAField(), cls.getFile().toString(), "cls2"
// select method, getAllData(method, 0), getValueUrl(anno) |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
OK, I got it. get a copy of lombok.jarwget https://projectlombok.org/downloads/lombok.jar -O "lombok.jar" run "delombok" on the source files and write the generated files to a folder named "delombok"java -jar "lombok.jar" delombok -n --onlyChanged . -d "delombok" remove "generated by" commentsfind "delombok" -name '*.java' -exec sed '/Generated by delombok/d' -i '{}' ';' remove any left-over import statementsfind "delombok" -name '*.java' -exec sed '/import lombok/d' -i '{}' ';' copy delombok'd files over the original onescp -r "delombok/." "./" remove the "delombok" folderrm -rf "delombok" |
Beta Was this translation helpful? Give feedback.
OK, I got it.
The reason why i can not get field in AdminUserToken is that AdminUserToken is Lombok-ed type,
So we can decode lombok and recreate the database.
get a copy of lombok.jar
wget https://projectlombok.org/downloads/lombok.jar -O "lombok.jar"
run "delombok" on the source files and write the generated files to a folder named "delombok"
java -jar "lombok.jar" delombok -n --onlyChanged . -d "delombok"
remove "generated by" comments
find "delombok" -name '*.java' -exec sed '/Generated by delombok/d' -i '{}' ';'
remove any left-over import statements
find "delombok" -name '*.java' -exec sed '/import lombok/d' -i '{}' ';'
copy delombok'd files over the original ones
cp -r "delombok/."…