package com.liferay.source.formatter.checks;

import com.liferay.portal.kernel.util.StringUtil;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:com/liferay/source/formatter/checks/JSPXSSVulnerabilitiesCheck.class */
public class JSPXSSVulnerabilitiesCheck extends BaseFileCheck {
    private final Pattern _xssPattern = Pattern.compile("\\s+([^\\s]+)\\s*=\\s*(Bean)?ParamUtil\\.getString\\(");

    @Override // com.liferay.source.formatter.checks.BaseFileCheck
    protected String doProcess(String str, String str2, String str3) {
        return _fixXSSVulnerability(str3);
    }

    private String _fixXSSVulnerability(String str) {
        Matcher matcher = this._xssPattern.matcher(str);
        String str2 = null;
        int i = -1;
        while (true) {
            if (!matcher.find()) {
                break;
            }
            str2 = matcher.group(1);
            i = Math.max(_getTaglibXSSVulnerabilityPos(str, " href=\"<%= " + str2 + " %>"), _getTaglibXSSVulnerabilityPos(str, " value=\"<%= " + str2 + " %>"));
            if (i != -1) {
                break;
            }
            Matcher matcher2 = Pattern.compile("('|\\(\"| \"|\\.)<%= " + str2 + " %>").matcher(str);
            if (matcher2.find()) {
                i = matcher2.start();
                break;
            }
        }
        return i != -1 ? StringUtil.replaceFirst(str, "<%= " + str2 + " %>", "<%= HtmlUtil.escape(" + str2 + ") %>", i) : str;
    }

    /* JADX WARN: Code restructure failed: missing block: B:14:0x005d, code lost:
    
        if (r0.startsWith("<aui:") != false) goto L36;
     */
    /* JADX WARN: Code restructure failed: missing block: B:17:0x0067, code lost:
    
        if (r0.startsWith("<liferay-portlet:") != false) goto L37;
     */
    /* JADX WARN: Code restructure failed: missing block: B:20:0x0071, code lost:
    
        if (r0.startsWith("<liferay-util:") != false) goto L38;
     */
    /* JADX WARN: Code restructure failed: missing block: B:23:0x007b, code lost:
    
        if (r0.startsWith("<portlet:") != false) goto L39;
     */
    /* JADX WARN: Code restructure failed: missing block: B:26:0x007f, code lost:
    
        return r8;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x0002, code lost:
    
        continue;
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x0002, code lost:
    
        continue;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private int _getTaglibXSSVulnerabilityPos(java.lang.String r6, java.lang.String r7) {
        /*
            r5 = this;
            r0 = -1
            r8 = r0
        L2:
            r0 = r6
            r1 = r7
            r2 = r8
            r3 = 1
            int r2 = r2 + r3
            int r0 = r0.indexOf(r1, r2)
            r8 = r0
            r0 = r8
            r1 = -1
            if (r0 != r1) goto L12
            r0 = r8
            return r0
        L12:
            r0 = 0
            r9 = r0
            r0 = r8
            r10 = r0
        L18:
            r0 = r6
            r1 = 60
            r2 = r10
            r3 = 1
            int r2 = r2 - r3
            int r0 = r0.lastIndexOf(r1, r2)
            r10 = r0
            r0 = r10
            r1 = -1
            if (r0 != r1) goto L2c
            r0 = -1
            return r0
        L2c:
            r0 = r6
            r1 = r10
            r2 = 1
            int r1 = r1 + r2
            char r0 = r0.charAt(r1)
            r1 = 37
            if (r0 != r1) goto L3c
            goto L18
        L3c:
            r0 = r6
            r1 = r10
            r2 = r8
            java.lang.String r0 = r0.substring(r1, r2)
            r9 = r0
            r0 = r5
            r1 = r9
            java.lang.String r2 = "<"
            java.lang.String r3 = ">"
            int r0 = r0.getLevel(r1, r2, r3)
            r1 = 1
            if (r0 != r1) goto L18
            goto L56
        L56:
            r0 = r9
            java.lang.String r1 = "<aui:"
            boolean r0 = r0.startsWith(r1)
            if (r0 != 0) goto L80
            r0 = r9
            java.lang.String r1 = "<liferay-portlet:"
            boolean r0 = r0.startsWith(r1)
            if (r0 != 0) goto L80
            r0 = r9
            java.lang.String r1 = "<liferay-util:"
            boolean r0 = r0.startsWith(r1)
            if (r0 != 0) goto L80
            r0 = r9
            java.lang.String r1 = "<portlet:"
            boolean r0 = r0.startsWith(r1)
            if (r0 != 0) goto L80
            r0 = r8
            return r0
        L80:
            goto L2
        */
        throw new UnsupportedOperationException("Method not decompiled: com.liferay.source.formatter.checks.JSPXSSVulnerabilitiesCheck._getTaglibXSSVulnerabilityPos(java.lang.String, java.lang.String):int");
    }
}
