Skip to content

DATABASE.md

Latest commit

 

History

History
349 lines (267 loc) · 17.1 KB

DATABASE.md

File metadata and controls

349 lines (267 loc) · 17.1 KB

Jar Analyzer Engine — SQLite Database Schema

This document is designed for AI tools (e.g., Claude Code, Cursor, ChatGPT) to understand the database structure generated by Jar Analyzer Engine. Feed this file to your AI assistant before querying jar-analyzer.db.

本文档为 AI 工具(如 Claude Code、Cursor、ChatGPT)设计,帮助 AI 理解 Jar Analyzer Engine 生成的数据库结构。在让 AI 查询 jar-analyzer.db 之前,请先将此文件提供给 AI 作为参考。

Overview / 概述

The engine outputs a single SQLite database file (jar-analyzer.db) containing all analysis results. All class names use JVM internal format with / as the separator (e.g., com/example/service/UserService).

引擎输出单个 SQLite 数据库文件(jar-analyzer.db),包含所有分析结果。所有类名使用 JVM 内部格式,以 / 作为分隔符(例如 com/example/service/UserService)。

Tables / 数据库表

1. jar_table — JAR File Information / JAR 文件信息

Stores metadata about each analyzed JAR file.

Column Type Nullable Description (EN) 说明 (CN)
jid INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
jar_name TEXT NOT NULL JAR file name JAR 文件名
jar_abs_path TEXT NOT NULL JAR file absolute path JAR 文件绝对路径

2. class_table — Class Information / 类信息

Stores information about each discovered class.

Column Type Nullable Description (EN) 说明 (CN)
cid INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid
jar_name TEXT NOT NULL JAR file name (denormalized) JAR 文件名(冗余)
version INTEGER NOT NULL Class file version (e.g., 52 = Java 8) 类文件版本号(如 52 = Java 8)
access INTEGER NOT NULL Access flags (bitmask, see JVM spec) 访问标志位(位掩码,参见 JVM 规范)
class_name TEXT NOT NULL Fully qualified class name (/-separated) 全限定类名(/ 分隔)
super_class_name TEXT NULL Superclass name (null for java/lang/Object) 父类名(java/lang/Object 时为 null)
is_interface INTEGER NOT NULL 1 = interface, 0 = class 1 = 接口,0 = 类

3. class_file_table — Class File Paths / 类文件路径

Maps class names to their physical file paths within JARs.

Column Type Nullable Description (EN) 说明 (CN)
cf_id INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
class_name TEXT NOT NULL Fully qualified class name 全限定类名
path_str TEXT NOT NULL File path within the JAR JAR 内文件路径
jar_name TEXT NOT NULL JAR file name JAR 文件名
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

4. member_table — Fields / Members / 字段/成员

Stores field (member variable) information for each class.

Column Type Nullable Description (EN) 说明 (CN)
mid INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
member_name TEXT NOT NULL Field name 字段名
modifiers INTEGER NOT NULL Access modifiers (bitmask) 访问修饰符(位掩码)
value TEXT NOT NULL Initial value (if constant) 初始值(如果是常量)
method_desc TEXT NOT NULL Field descriptor (JVM type) 字段描述符(JVM 类型)
method_signature TEXT NULL Generic signature (if present) 泛型签名(如果存在)
type_class_name TEXT NOT NULL Field type class name 字段类型类名
class_name TEXT NOT NULL Declaring class name 所属类名
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

5. method_table — Method Information / 方法信息

Stores information about each method in each class.

Column Type Nullable Description (EN) 说明 (CN)
method_id INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
method_name TEXT NOT NULL Method name (e.g., getUserById) 方法名(如 getUserById
method_desc TEXT NOT NULL Method descriptor (e.g., (Ljava/lang/String;)V) 方法描述符(如 (Ljava/lang/String;)V
is_static INTEGER NOT NULL 1 = static, 0 = instance 1 = 静态方法,0 = 实例方法
class_name TEXT NOT NULL Declaring class name 所属类名
access INTEGER NOT NULL Access flags (bitmask) 访问标志位(位掩码)
line_number INTEGER NOT NULL Starting line number in source (-1 if unknown) 源码起始行号(未知时为 -1)
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

6. anno_table — Annotations / 注解信息

Stores class-level and method-level annotations.

Column Type Nullable Description (EN) 说明 (CN)
anno_id INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
anno_name TEXT NOT NULL Annotation class name 注解类名
method_name TEXT NULL Method name (NULL = class-level annotation) 方法名(NULL = 类级注解)
class_name TEXT NULL Declaring class name 所属类名
visible INTEGER NOT NULL 1 = runtime visible, 0 = invisible 1 = 运行时可见,0 = 不可见
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

7. interface_table — Interface Implementations / 接口实现关系

Stores which interfaces each class directly implements.

Column Type Nullable Description (EN) 说明 (CN)
iid INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
interface_name TEXT NOT NULL Interface class name 接口类名
class_name TEXT NOT NULL Implementing class name 实现类名
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

8. method_call_table — Method Call Relationships / 方法调用关系

Core table. Stores caller → callee relationships extracted from bytecode.

Column Type Nullable Description (EN) 说明 (CN)
mc_id INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
caller_method_name TEXT NOT NULL Caller method name 调用方方法名
caller_class_name TEXT NOT NULL Caller class name 调用方类名
caller_method_desc TEXT NOT NULL Caller method descriptor 调用方方法描述符
caller_jar_id INTEGER NOT NULL Caller's JAR id 调用方所在 JAR id
callee_method_name TEXT NOT NULL Callee method name 被调方方法名
callee_method_desc TEXT NOT NULL Callee method descriptor 被调方方法描述符
callee_class_name TEXT NOT NULL Callee class name 被调方类名
callee_jar_id INTEGER NOT NULL Callee's JAR id 被调方所在 JAR id
op_code INTEGER NOT NULL JVM invoke opcode (see below) JVM 调用指令(见下表)

op_code values / 调用指令值:

Value Instruction Description
182 invokevirtual Virtual method call / 虚方法调用
183 invokespecial Constructor / super call / 构造方法/super 调用
184 invokestatic Static method call / 静态方法调用
185 invokeinterface Interface method call / 接口方法调用
186 invokedynamic Lambda / method reference / Lambda/方法引用

9. method_impl_table — Method Implementation / Override / 方法实现/Override 关系

Stores method override mappings: which subclass provides an implementation for a parent method.

Column Type Nullable Description (EN) 说明 (CN)
impl_id INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
class_name TEXT NOT NULL Parent class/interface name 父类/接口类名
method_name TEXT NOT NULL Method name 方法名
method_desc TEXT NOT NULL Method descriptor 方法描述符
impl_class_name TEXT NOT NULL Implementing subclass name 实现子类名
class_jar_id INTEGER NOT NULL Parent class JAR id 父类所在 JAR id
impl_class_jar_id INTEGER NOT NULL Implementing class JAR id 实现类所在 JAR id

10. string_table — String Constants / 字符串常量

Stores string constants extracted from LDC bytecode instructions and annotations.

Column Type Nullable Description (EN) 说明 (CN)
sid INTEGER NOT NULL Primary key (auto-increment) 主键(自增)
value TEXT NOT NULL String value 字符串值
access INTEGER NOT NULL Method access flags 方法访问标志位
method_desc TEXT NOT NULL Method descriptor 方法描述符
method_name TEXT NOT NULL Method name 方法名
class_name TEXT NOT NULL Class name 类名
jar_name TEXT NOT NULL JAR file name JAR 文件名
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

11. spring_controller_table — Spring Controllers / Spring 控制器

Stores classes identified as Spring controllers (@Controller / @RestController).

Column Type Nullable Description (EN) 说明 (CN)
sc_id INTEGER Primary key (auto-increment) 主键(自增)
class_name TEXT NOT NULL Controller class name 控制器类名
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

12. spring_method_table — Spring Request Mappings / Spring 路由映射

Stores Spring MVC request mappings (URL → method).

Column Type Nullable Description (EN) 说明 (CN)
sm_id INTEGER Primary key (auto-increment) 主键(自增)
class_name TEXT NOT NULL Controller class name 控制器类名
method_name TEXT NOT NULL Handler method name 处理方法名
method_desc TEXT NOT NULL Method descriptor 方法描述符
restful_type TEXT NOT NULL HTTP method (GET, POST, PUT, DELETE, PATCH, REQUEST) HTTP 方法
path TEXT NOT NULL Full URL path (basePath + methodPath) 完整 URL 路径
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

13. spring_interceptor_table — Spring Interceptors / Spring 拦截器

Stores classes identified as Spring HandlerInterceptor implementations.

Column Type Nullable Description (EN) 说明 (CN)
si_id INTEGER Primary key (auto-increment) 主键(自增)
class_name TEXT NOT NULL Interceptor class name 拦截器类名
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

14. java_web_table — JavaWeb Components / JavaWeb 组件

Stores traditional JavaWeb components (Servlet, Filter, Listener).

Column Type Nullable Description (EN) 说明 (CN)
jw_id INTEGER Primary key (auto-increment) 主键(自增)
type_name TEXT NOT NULL Component type: Servlet, Filter, Listener, Interceptor 组件类型
class_name TEXT NOT NULL Component class name 组件类名
jar_id INTEGER NOT NULL FK → jar_table.jid 外键 → jar_table.jid

Table Relationships / 表关联关系

jar_table (jid)
    │
    ├── class_table (jar_id)
    ├── class_file_table (jar_id)
    ├── member_table (jar_id)
    ├── method_table (jar_id)
    ├── anno_table (jar_id)
    ├── interface_table (jar_id)
    ├── method_call_table (caller_jar_id, callee_jar_id)
    ├── method_impl_table (class_jar_id, impl_class_jar_id)
    ├── string_table (jar_id)
    ├── spring_controller_table (jar_id)
    ├── spring_method_table (jar_id)
    ├── spring_interceptor_table (jar_id)
    └── java_web_table (jar_id)

Key join patterns / 常用关联查询模式:

  • Class → Methods: class_table.class_name = method_table.class_name
  • Class → Fields: class_table.class_name = member_table.class_name
  • Class → Interfaces: class_table.class_name = interface_table.class_name
  • Method → Callers: method_call_table.callee_class_name + callee_method_name + callee_method_desc
  • Method → Callees: method_call_table.caller_class_name + caller_method_name + caller_method_desc
  • Method → Strings: string_table.class_name + method_name + method_desc
  • Method → Override Impls: method_impl_table.class_name + method_name + method_desc
  • Controller → Routes: spring_controller_table.class_name = spring_method_table.class_name

Common AI Analysis Queries / 常用 AI 分析查询

-- 1. List all web entry points (Spring routes + Servlets/Filters)
--    列出所有 Web 入口点
SELECT 'Spring' AS source, sm.path, sm.restful_type, sm.class_name, sm.method_name
FROM spring_method_table sm
UNION ALL
SELECT jw.type_name AS source, '' AS path, '' AS restful_type, jw.class_name, '' AS method_name
FROM java_web_table jw
ORDER BY source, path;

-- 2. Trace callers of a dangerous method (e.g., Runtime.exec)
--    追踪危险方法的调用者(如 Runtime.exec)
SELECT caller_class_name, caller_method_name, caller_method_desc
FROM method_call_table
WHERE callee_class_name = 'java/lang/Runtime'
  AND callee_method_name = 'exec';

-- 3. Find all classes implementing Serializable (deserialization analysis)
--    查找所有实现 Serializable 的类(反序列化分析)
SELECT class_name
FROM interface_table
WHERE interface_name = 'java/io/Serializable';

-- 4. Search for sensitive hardcoded strings
--    搜索硬编码敏感字符串
SELECT class_name, method_name, value
FROM string_table
WHERE value LIKE '%password%'
   OR value LIKE '%secret%'
   OR value LIKE '%token%'
   OR value LIKE '%jdbc:%';

-- 5. Find method override/implementation chain
--    查找方法的 Override/实现链
SELECT impl_class_name, method_name, method_desc
FROM method_impl_table
WHERE class_name = 'com/example/service/BaseService'
  AND method_name = 'process';

-- 6. List all Spring interceptors (authorization audit)
--    列出所有 Spring 拦截器(权限审计)
SELECT class_name FROM spring_interceptor_table;

-- 7. Multi-level call chain tracing (caller's callers)
--    多级调用链追踪(调用者的调用者)
WITH RECURSIVE call_chain AS (
    SELECT caller_class_name, caller_method_name, caller_method_desc,
           callee_class_name, callee_method_name, callee_method_desc, 1 AS depth
    FROM method_call_table
    WHERE callee_class_name = 'java/lang/Runtime' AND callee_method_name = 'exec'
    UNION ALL
    SELECT mc.caller_class_name, mc.caller_method_name, mc.caller_method_desc,
           mc.callee_class_name, mc.callee_method_name, mc.callee_method_desc, cc.depth + 1
    FROM method_call_table mc
    JOIN call_chain cc ON mc.callee_class_name = cc.caller_class_name
                      AND mc.callee_method_name = cc.caller_method_name
                      AND mc.callee_method_desc = cc.caller_method_desc
    WHERE cc.depth < 5
)
SELECT DISTINCT caller_class_name, caller_method_name, depth
FROM call_chain
ORDER BY depth;

Notes for AI / AI 注意事项

  1. Class name format / 类名格式: All class names use JVM internal format with / separator, not . (e.g., com/example/MyClass, NOT com.example.MyClass).
  2. Method descriptor / 方法描述符: Uses JVM descriptor format (e.g., (Ljava/lang/String;I)V means void method(String, int)). Common type descriptors:
    • V = void, Z = boolean, B = byte, C = char, S = short, I = int, J = long, F = float, D = double
    • L<classname>; = object type, [ = array prefix
  3. Access flags / 访问标志: Bitmask values — 1 = public, 2 = private, 4 = protected, 8 = static, 16 = final, 512 = interface, 1024 = abstract.
  4. Quick mode / 快速模式: When --quick is used, tables method_impl_table, string_table, spring_*, and java_web_table will be empty.
  5. jar_id everywhere: Every table has a jar_id column linking back to jar_table.jid, useful for filtering results by source JAR.