package com.contrastsecurity.agent.plugins.rasp.rules.redos;

import com.contrastsecurity.agent.A;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.apps.exclusions.e;
import com.contrastsecurity.agent.config.ConfigProperty;
import com.contrastsecurity.agent.http.HttpManager;
import com.contrastsecurity.agent.http.HttpRequest;
import com.contrastsecurity.agent.http.MultipartItem;
import com.contrastsecurity.agent.instr.InstrumentationContext;
import com.contrastsecurity.agent.messages.app.activity.defend.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.defend.details.UserInputDTM;
import com.contrastsecurity.agent.messages.app.settings.ExceptionInputTypeDTM;
import com.contrastsecurity.agent.plugins.rasp.AttackBlockedException;
import com.contrastsecurity.agent.plugins.rasp.InterfaceC0094d;
import com.contrastsecurity.agent.plugins.rasp.ProtectManager;
import com.contrastsecurity.agent.plugins.rasp.X;
import com.contrastsecurity.agent.plugins.rasp.Z;
import com.contrastsecurity.agent.plugins.rasp.rules.l;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.org.objectweb.asm.ClassVisitor;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.Map;
import java.util.regex.Pattern;

/* compiled from: ReDoSRule.java */
/* loaded from: input_file:com/contrastsecurity/agent/plugins/rasp/rules/redos/j.class */
public final class j extends X<ReDoSDetailsDTM> implements com.contrastsecurity.agent.plugins.rasp.rules.g, l<ReDoSDetailsDTM, ContrastReDoSDispatcher> {
    public static final String b = "redos";
    private final ApplicationManager c;
    private final InterfaceC0094d d;
    private final com.contrastsecurity.agent.instr.h<ContrastReDoSDispatcher> e;
    private final HttpManager f;
    private final ProtectManager g;
    private final Z<ReDoSDetailsDTM> h;
    private static final Logger i = LoggerFactory.getLogger(j.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: ReDoSRule.java */
    /* loaded from: input_file:com/contrastsecurity/agent/plugins/rasp/rules/redos/j$a.class */
    public static class a extends Exception {
        private a() {
        }
    }

    @Inject
    public j(ApplicationManager applicationManager, InterfaceC0094d interfaceC0094d, com.contrastsecurity.agent.instr.h<ContrastReDoSDispatcher> hVar, HttpManager httpManager, ProtectManager protectManager, Z<ReDoSDetailsDTM> z) {
        this.c = applicationManager;
        this.d = interfaceC0094d;
        this.e = hVar;
        this.f = httpManager;
        this.g = protectManager;
        this.h = z;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public Z<ReDoSDetailsDTM> getRuleId() {
        return this.h;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public ConfigProperty getModeOverrideKey() {
        return ConfigProperty.PROTECT_REDOS_MODE;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.X
    public void onParametersResolved(HttpRequest httpRequest) {
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.m
    public ClassVisitor onInstrumentingClass(com.contrastsecurity.agent.instr.f<ContrastReDoSDispatcher> fVar, ClassVisitor classVisitor, InstrumentationContext instrumentationContext) {
        if ("java.util.regex.Pattern".equals(instrumentationContext.getClassName())) {
            classVisitor = new c(fVar, instrumentationContext, classVisitor);
            instrumentationContext.setRequiresTransforming(true);
            instrumentationContext.getChanger().addAdapter("PatternMatcherCreationVisitor");
        }
        return classVisitor;
    }

    @A
    public void a(int i2, String str, CharSequence charSequence, long j) {
        boolean z = false;
        try {
            com.contrastsecurity.agent.apps.exclusions.g exclusionProcessor = this.c.current().getExclusionProcessor();
            if (exclusionProcessor != null) {
                String charSequence2 = charSequence.toString();
                z = this.g.canBlock(this);
                UserInputDTM a2 = a(exclusionProcessor, charSequence2);
                ReDoSDetailsDTM reDoSDetailsDTM = new ReDoSDetailsDTM(i2, System.currentTimeMillis() - j, str, a2.getValue());
                if (this.g.isDisabledByCodeExclusion(this)) {
                    return;
                } else {
                    this.d.a(this.h, reDoSDetailsDTM, a2, z ? AttackResult.BLOCKED : AttackResult.SUSPICIOUS);
                }
            }
        } catch (a e) {
            i.debug("Not reporting ReDoS because input was excepted");
            z = false;
        } catch (Throwable th) {
            i.error("Problem handling ReDoS event", th);
        }
        if (z) {
            throw new AttackBlockedException("Runaway regular expression detected");
        }
    }

    @A
    public UserInputDTM a(com.contrastsecurity.agent.apps.exclusions.g gVar, String str) throws a {
        String a2;
        HttpRequest currentRequest = this.f.getCurrentRequest();
        if (currentRequest == null) {
            i.debug("ReDoS event occurring outside the context of an HTTP request, not gathering request data");
        } else {
            if (currentRequest.isParametersResolved()) {
                Map<String, String[]> parameters = currentRequest.getParameters();
                for (String str2 : parameters.keySet()) {
                    for (String str3 : parameters.get(str2)) {
                        String a3 = com.contrastsecurity.agent.plugins.rasp.j.d.a(str3, UserInputDTM.InputType.PARAMETER_VALUE);
                        if (a3.contains(str)) {
                            if (gVar.isInputExclusion(e.a.DEFEND, b, currentRequest.getUri(), ExceptionInputTypeDTM.PARAMETER, str2)) {
                                throw new a();
                            }
                            return UserInputDTM.builder().type(UserInputDTM.InputType.PARAMETER_VALUE).name(str2).value(a3).time(System.currentTimeMillis()).documentType(UserInputDTM.InputDocumentType.NORMAL).build();
                        }
                    }
                }
            }
            if (currentRequest.isMultipartParametersResolved()) {
                for (MultipartItem multipartItem : currentRequest.getMultipartItems()) {
                    String fieldName = multipartItem.getFieldName();
                    String a4 = com.contrastsecurity.agent.plugins.rasp.j.d.a(multipartItem.getValue(), UserInputDTM.InputType.MULTIPART_VALUE);
                    if (a4.contains(str)) {
                        if (gVar.isInputExclusion(e.a.DEFEND, b, currentRequest.getUri(), ExceptionInputTypeDTM.PARAMETER, fieldName)) {
                            throw new a();
                        }
                        return UserInputDTM.builder().type(UserInputDTM.InputType.MULTIPART_VALUE).name(fieldName).value(a4).time(System.currentTimeMillis()).documentType(UserInputDTM.InputDocumentType.NORMAL).build();
                    }
                }
            }
            if (currentRequest.isCapturingInMemory() && (a2 = com.contrastsecurity.agent.plugins.rasp.j.d.a(currentRequest.getEncodedBodyAsString(), UserInputDTM.InputType.BODY)) != null && a2.contains(str)) {
                if (gVar.isInputExclusion(e.a.DEFEND, b, currentRequest.getUri(), ExceptionInputTypeDTM.BODY)) {
                    throw new a();
                }
                return UserInputDTM.builder().type(UserInputDTM.InputType.BODY).name(null).value(a2).time(System.currentTimeMillis()).documentType(UserInputDTM.InputDocumentType.NORMAL).build();
            }
            Map<String, String[]> headers = currentRequest.getHeaders();
            for (String str4 : headers.keySet()) {
                for (String str5 : headers.get(str4)) {
                    String a5 = com.contrastsecurity.agent.plugins.rasp.j.d.a(str5, UserInputDTM.InputType.HEADER);
                    if (a5.contains(str)) {
                        if (gVar.isInputExclusion(e.a.DEFEND, b, currentRequest.getUri(), ExceptionInputTypeDTM.HEADER, str4)) {
                            throw new a();
                        }
                        return UserInputDTM.builder().type(UserInputDTM.InputType.HEADER).name(str4).value(a5).time(System.currentTimeMillis()).documentType(UserInputDTM.InputDocumentType.NORMAL).build();
                    }
                }
            }
        }
        return UserInputDTM.builder().type(UserInputDTM.InputType.UNKNOWN).name(null).value(str).time(System.currentTimeMillis()).documentType(UserInputDTM.InputDocumentType.NORMAL).build();
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.l
    public boolean isCodeExclusionSpecialCase() {
        return true;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.l
    public boolean requiresPrimordialInstrumentation(Class<?> cls) {
        return Pattern.class.equals(cls);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.l
    public com.contrastsecurity.agent.instr.h<ContrastReDoSDispatcher> getDispatcherRegistration() {
        return this.e;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.g
    public String[] a() {
        return new String[]{"org.ajax4jsf.css.CssCompressor.compress", "com.newrelic.agent.tracers.DefaultTracer.finish", "org.forgerock.openam.core.rest.sms.SmsServerPropertiesResource.getTabNames"};
    }
}
