Skip to content

Java Analyzer Enhancement Completion Guide

Status: Helper function added, ready for security check enhancements File: src/lib/analyzers/java-analyzer.ts Total Checks: 18 security vulnerabilities

✅ Completed Setup

  1. ✅ Imports added (calculateSeverityScore, getComplianceMapping)
  2. ✅ Helper function createSecurityVulnerability() added
  3. ⏳ Ready to enhance all 18 security checks

Java Security Checks to Enhance

Pattern to Follow

Replace each current vulnerability push with:

vulnerabilities.push(this.createSecurityVulnerability(
  'vulnerability-type',  // From severity-scoring.ts
  'Clear message',
  'Specific suggestion',
  lineNumber,
  'Attack description',
  'Exploit example',
  ['Impact 1', 'Impact 2', 'Impact 3'],
  'Before: vulnerable code',
  'After: secure code',
  'Explanation of fix'
));

18 Checks to Update

1. SQL Injection (CRITICAL - 9.8)

Type: sql-injection Current line: ~1010 Pattern: executeQuery.*\+ Exploit: stmt.executeQuery("SELECT * FROM users WHERE id = " + userId) where userId = " OR 1=1 --"

2. Command Injection - Runtime.exec (CRITICAL - 9.8)

Type: command-injection Current line: ~1020 Pattern: Runtime\.getRuntime\(\)\.exec\( Exploit: Runtime.getRuntime().exec("ls " + userInput) where userInput = "; rm -rf /"

3. Command Injection - ProcessBuilder (CRITICAL - 9.8)

Type: command-injection Current line: ~1030 Pattern: new ProcessBuilder\(.*\+ Exploit: Similar to Runtime.exec

4. LDAP Injection (HIGH - 8.1)

Type: ldap-injection Current line: ~1040 Pattern: new InitialDirContext\(.*\+ Exploit: LDAP query manipulation

5. XPath Injection (HIGH - 8.1)

Type: xpath-injection Current line: ~1050 Pattern: XPathExpression.*evaluate\(.*\+ Exploit: XML query manipulation

6. Insecure Deserialization - ObjectInputStream (CRITICAL - 9.8)

Type: deserialization Current line: ~1060 Pattern: new ObjectInputStream\( Exploit: Arbitrary code execution via malicious serialized objects

7. XXE (XML External Entity) (HIGH - 8.2)

Type: xxe Current line: ~1070 Pattern: DocumentBuilderFactory Exploit: XML parser reads arbitrary files or makes network requests

8. Hardcoded Credentials (CRITICAL - 9.1)

Type: hardcoded-credentials Current line: ~1080 Pattern: (password|secret|key).*=.*" Exploit: Credentials visible in source code

9. Random() for Security (MEDIUM - 5.3)

Type: weak-random Current line: ~1090 Pattern: new Random\(\) Exploit: Predictable random numbers for session IDs

10. MD5 Hashing (MEDIUM - 5.9)

Type: weak-hash-md5 Current line: ~1100 Pattern: MessageDigest\.getInstance\("MD5"\) Exploit: MD5 collisions, rainbow tables

11. SHA1 Hashing (MEDIUM - 5.9)

Type: weak-hash-sha1 Current line: ~1110 Pattern: MessageDigest\.getInstance\("SHA-1"\) Exploit: SHA1 collisions

12. ECB Mode Encryption (MEDIUM - 5.3)

Type: ecb-mode-encryption Current line: ~1120 Pattern: Cipher\.getInstance\(".*ECB.*"\) Exploit: ECB mode reveals patterns in encrypted data

13. Path Traversal (HIGH - 7.5)

Type: path-traversal Current line: ~1130 Pattern: new File\(.*\+.*\) Exploit: new File(basePath + userFile) where userFile = "../../etc/passwd"

14. File Upload Without Validation (HIGH - 7.5)

Type: file-upload-no-validation Current line: ~1140 Pattern: \.upload\( Exploit: Upload of malicious files (JSP, executable)

15. Unsafe Reflection (HIGH - 7.5)

Type: unsafe-reflection Current line: ~1150 Pattern: Class\.forName\(.*\+ Exploit: Load arbitrary classes, potential RCE

16. Unhandled NullPointerException (LOW - 2.6)

Type: null-pointer-unhandled Current line: ~1160 Pattern: Missing null checks Impact: Application crashes, info disclosure

17. System.out.println (LOW - 2.6)

Type: system-out-println Current line: ~1170 Pattern: System\.out\.println\( Impact: Sensitive data in logs

18. printStackTrace() (LOW - 3.7)

Type: printstacktrace Current line: ~1180 Pattern: \.printStackTrace\(\) Impact: Stack traces expose internal structure

Implementation Steps

  1. Find each security check in analyzeSecurity() method
  2. Replace the simple vulnerabilities.push({...}) with enhanced version
  3. Use appropriate vulnerability type from severity-scoring.ts
  4. Add detailed attack description
  5. Provide realistic exploit example
  6. List real-world impacts
  7. Show before/after code remediation
  8. Explain the fix

Example Enhancement

Before:

if (trimmed.match(/executeQuery.*\+/)) {
  vulnerabilities.push({
    severity: 'high',
    message: 'SQL Injection risk',
    suggestion: 'Use PreparedStatement',
    line: lineNumber
  });
}

After:

if (trimmed.match(/executeQuery.*\+/)) {
  vulnerabilities.push(this.createSecurityVulnerability(
    'sql-injection',
    'SQL Injection vulnerability detected',
    'Use PreparedStatement with parameterized queries',
    lineNumber,
    'String concatenation in SQL queries allows attackers to inject malicious SQL code, bypassing authentication and accessing the database.',
    'stmt.executeQuery("SELECT * FROM users WHERE id = " + userId) where userId = "\\" OR 1=1 --"',
    [
      'Full database access',
      'Authentication bypass',
      'Data exfiltration',
      'Data destruction'
    ],
    'Statement stmt = conn.createStatement();\nstmt.executeQuery("SELECT * FROM users WHERE id = " + userId);',
    'PreparedStatement pstmt = conn.prepareStatement("SELECT * FROM users WHERE id = ?");\npstmt.setInt(1, userId);\nResultSet rs = pstmt.executeQuery();',
    'Use PreparedStatement with placeholders (?) for all user inputs. Never concatenate user input into SQL queries'
  ));
}

Testing After Completion

  1. Analyze Java code with security vulnerabilities
  2. Verify CVSS scores display correctly
  3. Check compliance mappings (OWASP, CWE, PCI-DSS)
  4. Confirm attack vectors and remediation show properly
  5. Test sorting by severity (CRITICAL first)

Estimated Time: 40-50 minutes to complete all 18 checks Next Step After Java: Create UI components to display enhanced security data