Added node matching parameter for XXERemediator

pixee · Oct 25, 2024 · 4e25351 · 4e25351
1 parent 10527d4
commit 4e25351
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 12 deletions.
diff --git a/core-codemods/src/main/java/io/codemodder/codemods/SonarXXECodemod.java b/core-codemods/src/main/java/io/codemodder/codemods/SonarXXECodemod.java
@@ -8,6 +8,7 @@
 import io.codemodder.providers.sonar.SonarRemediatingJavaParserChanger;
 import io.codemodder.remediation.GenericRemediationMetadata;
 import io.codemodder.remediation.Remediator;
+import io.codemodder.remediation.WithoutScopePositionMatcher;
 import io.codemodder.remediation.xxe.XXERemediator;
 import io.codemodder.sonar.model.Issue;
 import io.codemodder.sonar.model.SonarFinding;
@@ -30,7 +31,7 @@ public final class SonarXXECodemod extends SonarRemediatingJavaParserChanger {
   public SonarXXECodemod(@ProvidedSonarScan(ruleId = "java:S2755") final RuleIssue issues) {
     super(GenericRemediationMetadata.XXE.reporter(), issues);
     this.issues = Objects.requireNonNull(issues);
-    this.remediationStrategy = new XXERemediator<>();
+    this.remediationStrategy = new XXERemediator<>(new WithoutScopePositionMatcher());
   }
 
   @Override

diff --git a/core-codemods/src/main/java/io/codemodder/codemods/semgrep/SemgrepXXECodemod.java b/core-codemods/src/main/java/io/codemodder/codemods/semgrep/SemgrepXXECodemod.java
@@ -15,6 +15,7 @@
 import io.codemodder.providers.sarif.semgrep.ProvidedSemgrepScan;
 import io.codemodder.remediation.GenericRemediationMetadata;
 import io.codemodder.remediation.Remediator;
+import io.codemodder.remediation.WithoutScopePositionMatcher;
 import io.codemodder.remediation.xxe.XXERemediator;
 import java.util.Optional;
 import javax.inject.Inject;
@@ -47,7 +48,7 @@ public SemgrepXXEDocumentBuilderFactoryCodemod(
                     "java.lang.security.audit.xxe.documentbuilderfactory-disallow-doctype-decl-missing.documentbuilderfactory-disallow-doctype-decl-missing")
             final RuleSarif sarif) {
       super(GenericRemediationMetadata.WEAK_RANDOM.reporter(), sarif);
-      this.remediator = new XXERemediator<>();
+      this.remediator = new XXERemediator<>(new WithoutScopePositionMatcher());
     }
 
     @Override

diff --git a/framework/codemodder-base/src/main/java/io/codemodder/remediation/xxe/XXERemediator.java b/framework/codemodder-base/src/main/java/io/codemodder/remediation/xxe/XXERemediator.java
@@ -3,10 +3,7 @@
 import com.github.javaparser.ast.CompilationUnit;
 import io.codemodder.CodemodFileScanningResult;
 import io.codemodder.codetf.DetectorRule;
-import io.codemodder.remediation.FixCandidateSearcher;
-import io.codemodder.remediation.Remediator;
-import io.codemodder.remediation.SearcherStrategyRemediator;
-import io.codemodder.remediation.WithoutScopePositionMatcher;
+import io.codemodder.remediation.*;
 import java.util.Collection;
 import java.util.Optional;
 import java.util.function.Function;
@@ -16,42 +13,46 @@ public class XXERemediator<T> implements Remediator<T> {
   private final SearcherStrategyRemediator<T> searchStrategyRemediator;
 
   public XXERemediator() {
+    this(NodePositionMatcher.DEFAULT);
+  }
+
+  public XXERemediator(final NodePositionMatcher matcher) {
     this.searchStrategyRemediator =
         new SearcherStrategyRemediator.Builder<T>()
             .withSearcherStrategyPair(
                 new FixCandidateSearcher.Builder<T>()
                     .withMatcher(DocumentBuilderFactoryAndSAXParserAtCreationFixStrategy::match)
-                    .withNodePositionMatcher(new WithoutScopePositionMatcher())
+                    .withNodePositionMatcher(matcher)
                     .build(),
                 new DocumentBuilderFactoryAndSAXParserAtCreationFixStrategy())
             .withSearcherStrategyPair(
                 new FixCandidateSearcher.Builder<T>()
                     .withMatcher(DocumentBuilderFactoryAtNewDBFixStrategy::match)
-                    .withNodePositionMatcher(new WithoutScopePositionMatcher())
+                    .withNodePositionMatcher(matcher)
                     .build(),
                 new DocumentBuilderFactoryAtNewDBFixStrategy())
             .withSearcherStrategyPair(
                 new FixCandidateSearcher.Builder<T>()
                     .withMatcher(SAXParserAtNewSPFixStrategy::match)
-                    .withNodePositionMatcher(new WithoutScopePositionMatcher())
+                    .withNodePositionMatcher(matcher)
                     .build(),
                 new SAXParserAtNewSPFixStrategy())
             .withSearcherStrategyPair(
                 new FixCandidateSearcher.Builder<T>()
                     .withMatcher(DocumentBuilderFactoryAtParseFixStrategy::match)
-                    .withNodePositionMatcher(new WithoutScopePositionMatcher())
+                    .withNodePositionMatcher(matcher)
                     .build(),
                 new DocumentBuilderFactoryAtParseFixStrategy())
             .withSearcherStrategyPair(
                 new FixCandidateSearcher.Builder<T>()
                     .withMatcher(TransformerFactoryAtCreationFixStrategy::match)
-                    .withNodePositionMatcher(new WithoutScopePositionMatcher())
+                    .withNodePositionMatcher(matcher)
                     .build(),
                 new TransformerFactoryAtCreationFixStrategy())
             .withSearcherStrategyPair(
                 new FixCandidateSearcher.Builder<T>()
                     .withMatcher(XMLReaderAtParseFixStrategy::match)
-                    .withNodePositionMatcher(new WithoutScopePositionMatcher())
+                    .withNodePositionMatcher(matcher)
                     .build(),
                 new XMLReaderAtParseFixStrategy())
             .build();