package com.contrastsecurity.agent.plugins.rasp.rules.cve.spring.el;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.d.e;
import com.contrastsecurity.agent.instr.InstrumentationContext;
import com.contrastsecurity.agent.messages.app.activity.defend.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.defend.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.rasp.A;
import com.contrastsecurity.agent.plugins.rasp.E;
import com.contrastsecurity.agent.plugins.rasp.InterfaceC0124d;
import com.contrastsecurity.agent.plugins.rasp.RaspManager;
import com.contrastsecurity.agent.plugins.rasp.Z;
import com.contrastsecurity.agent.plugins.rasp.al;
import com.contrastsecurity.agent.plugins.rasp.am;
import com.contrastsecurity.agent.plugins.rasp.rules.n;
import com.contrastsecurity.agent.plugins.rasp.rules.s;
import com.contrastsecurity.agent.util.L;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.org.objectweb.asm.ClassVisitor;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.List;

/* compiled from: Cve_2011_2730Rule.java */
/* loaded from: input_file:com/contrastsecurity/agent/plugins/rasp/rules/cve/spring/el/h.class */
public final class h extends n<ElInjectionDetailsDTM> implements com.contrastsecurity.agent.plugins.rasp.rules.a, k, com.contrastsecurity.agent.plugins.rasp.rules.i<ElInjectionDetailsDTM>, com.contrastsecurity.agent.plugins.rasp.rules.j<ElInjectionDetailsDTM, ContrastCve_2011_2730Dispatcher> {
    public static final String b = "cve-2011-2730";
    private final ApplicationManager c;
    private final InterfaceC0124d d;
    private final com.contrastsecurity.agent.instr.h<ContrastCve_2011_2730Dispatcher> e;
    private final RaspManager f;
    private final Z<ElInjectionDetailsDTM> g = Z.a(b, ElInjectionDetailsDTM.class);
    private final e.a<s> h = e.a.a(s.class);
    private static final String j = "spring-web";
    private static final String[] i = {"getClassLoader", "getClass", "newInstance", "getURL", "param.", "applicationScope."};
    private static final String[] k = {"3.0.5.release.jar", "3.0.4.release.jar", "3.0.2.release.jar", "3.0.1.release.jar", "3.0.0.release.jar", "2.5.7.release.jar", "2.5.6.jar", "2.5.6.sec03.jar", "2.5.6.sec02.jar", "2.5.6.sec01.jar", "2.5.5.jar", "2.5.4.jar", "2.5.3.jar", "2.5.2.jar", "2.5.1.jar", "2.5.0.jar"};
    private static final Logger l = LoggerFactory.getLogger(h.class);

    @Inject
    public h(ApplicationManager applicationManager, InterfaceC0124d interfaceC0124d, com.contrastsecurity.agent.instr.h<ContrastCve_2011_2730Dispatcher> hVar, RaspManager raspManager) {
        this.c = applicationManager;
        this.d = interfaceC0124d;
        this.e = hVar;
        this.f = raspManager;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.g
    public Z<ElInjectionDetailsDTM> getRuleId() {
        return this.g;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.k
    public ClassVisitor onInstrumentingClass(com.contrastsecurity.agent.instr.f<ContrastCve_2011_2730Dispatcher> fVar, ClassVisitor classVisitor, InstrumentationContext instrumentationContext) {
        if (!this.f.isSinksDisabled() && "org/springframework/web/util/ExpressionEvaluationUtils".equals(instrumentationContext.getInternalClassName())) {
            classVisitor = new l(classVisitor, instrumentationContext, fVar);
            instrumentationContext.getChanger().addAdapter("ExpressionEvaluationUtilsInjectionVisitor");
            instrumentationContext.setRequiresTransforming(true);
        }
        return classVisitor;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public E evaluateInput(UserInputDTM.InputType inputType, String str, String str2, String str3, int i2) {
        if (str2 == null || al.a(i2, 4) || str2.length() <= 8) {
            return null;
        }
        if ((str2.contains("${") || str2.contains("%{")) && L.a(str2, i)) {
            return new E(A.MATCHED_ATTACK_SIGNATURE);
        }
        return null;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return UserInputDTM.InputType.PARAMETER_VALUE.equals(inputType);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.X
    public void onApplicationProfiled(Application application) {
        application.context().a((e.a<e.a<s>>) this.h, (e.a<s>) a(application));
    }

    private s a(Application application) {
        for (String str : application.getLibraryFactNames()) {
            if (str != null && str.contains(j)) {
                for (String str2 : k) {
                    if (str.endsWith(str2)) {
                        return s.a(str, str2);
                    }
                }
            }
        }
        return s.d();
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.cve.spring.el.k
    public boolean a(String str) {
        boolean z = false;
        l.debug("EL detected in impending evaluation: {}", str);
        if (appliesToApplication(this.c.current())) {
            List<am> c = this.f.currentContext().c(b);
            if (c != null) {
                for (am amVar : c) {
                    UserInputDTM b2 = amVar.b(str);
                    if (amVar.c() && b2 != null) {
                        z = z || this.f.canBlock(this);
                        a(b2, str, z);
                    }
                }
            }
        } else {
            l.trace("No app currently, exiting");
        }
        return z;
    }

    private void a(UserInputDTM userInputDTM, String str, boolean z) {
        s sVar = (s) this.c.current().context().a(this.h);
        if (sVar == null || !sVar.a()) {
            throw new IllegalStateException("Attempting to report a vulnerability for cve-2011-2730 but no vulnerable library detected");
        }
        this.d.a(this.g, new ElInjectionDetailsDTM(str, sVar.c(), sVar.b()), userInputDTM, z ? AttackResult.BLOCKED : AttackResult.EXPLOITED);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public boolean isCodeExclusionSpecialCase() {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public boolean requiresPrimordialInstrumentation(Class<?> cls) {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public com.contrastsecurity.agent.instr.h<ContrastCve_2011_2730Dispatcher> getDispatcherRegistration() {
        return this.e;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.a
    public boolean appliesToApplication(Application application) {
        s sVar;
        return (application == null || (sVar = (s) application.context().a(this.h)) == null || !sVar.a()) ? false : true;
    }
}
