package com.contrastsecurity.agent.plugins.rasp.rules.cve.struts.cookieinterceptor;

import com.contrastsecurity.agent.Sensor;
import com.contrastsecurity.agent.instr.InstrumentationContext;
import com.contrastsecurity.agent.instr.h;
import com.contrastsecurity.agent.messages.app.activity.defend.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.defend.details.CveDetailsDTM;
import com.contrastsecurity.agent.messages.app.activity.defend.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.rasp.InterfaceC0124d;
import com.contrastsecurity.agent.plugins.rasp.RaspManager;
import com.contrastsecurity.agent.plugins.rasp.Z;
import com.contrastsecurity.agent.plugins.rasp.rules.i;
import com.contrastsecurity.agent.plugins.rasp.rules.j;
import com.contrastsecurity.agent.util.C0220a;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.org.objectweb.asm.ClassVisitor;

@Sensor
/* loaded from: input_file:com/contrastsecurity/agent/plugins/rasp/rules/cve/struts/cookieinterceptor/Cve_2014_0116Rule.class */
public final class Cve_2014_0116Rule extends com.contrastsecurity.agent.plugins.rasp.rules.cve.struts.a implements i<CveDetailsDTM>, j<CveDetailsDTM, ContrastCve_2014_0116Dispatcher> {
    public static final String ID = "cve-2014-0116";
    private final InterfaceC0124d b;
    private final h<ContrastCve_2014_0116Dispatcher> e;
    private final RaspManager f;
    private final Z<CveDetailsDTM> g;
    private static final String h = "org#apache#struts2#interceptor#CookieInterceptor".replace('#', '/');
    private static final String[] i = {"2.3.16.2.jar", "2.3.16.1.jar", "2.3.16.jar", "2.3.15.3.jar", "2.3.15.2.jar", "2.3.15.1.jar", "2.3.15.jar", "2.3.14.3.jar", "2.3.14.2.jar", "2.3.14.1.jar", "2.3.14.jar", "2.3.13.jar", "2.3.12.jar", "2.3.11.jar", "2.3.10.jar", "2.3.9.jar", "2.3.8.jar", "2.3.7.jar", "2.3.6.jar", "2.3.5.jar", "2.3.4.1.jar", "2.3.4.jar", "2.3.3.jar", "2.3.2.jar", "2.3.1.2.jar", "2.3.1.1.jar", "2.3.1.jar", "2.3.0.jar", "2.2.3.1.jar", "2.2.3.jar", "2.2.2.jar", "2.2.1.1.jar", "2.2.1.jar", "2.2.0.jar", "2.1.8.1.jar", "2.1.8.jar", "2.1.7.jar", "2.1.6.jar", "2.1.5.jar", "2.1.4.jar", "2.1.3.jar", "2.1.2.jar", "2.1.1.jar", "2.1.0.jar", "2.0.14.jar", "2.0.13.jar", "2.0.12.jar", "2.0.11.2.jar", "2.0.11.1.jar", "2.0.11.jar", "2.0.10.jar", "2.0.9.jar", "2.0.8.jar", "2.0.7.jar", "2.0.6.jar", "2.0.5.jar", "2.0.4.jar", "2.0.3.jar", "2.0.2.jar", "2.0.1.jar", "2.0.0.jar"};

    @Inject
    public Cve_2014_0116Rule(InterfaceC0124d interfaceC0124d, RaspManager raspManager, h<ContrastCve_2014_0116Dispatcher> hVar) {
        super(interfaceC0124d, raspManager);
        this.b = interfaceC0124d;
        this.e = hVar;
        this.f = raspManager;
        this.g = Z.a(ID, CveDetailsDTM.class);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.g
    public Z<CveDetailsDTM> getRuleId() {
        return this.g;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return UserInputDTM.InputType.COOKIE_NAME.equals(inputType);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.cve.struts.a, com.contrastsecurity.agent.plugins.rasp.rules.cve.struts.c
    protected String[] a() {
        return i;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.k
    public ClassVisitor onInstrumentingClass(com.contrastsecurity.agent.instr.f<ContrastCve_2014_0116Dispatcher> fVar, ClassVisitor classVisitor, InstrumentationContext instrumentationContext) {
        if (!this.f.isSinksDisabled() && instrumentationContext.getCodeSource() != null && C0220a.b(instrumentationContext.getFlags()) && instrumentationContext.getInternalClassName().equals(h)) {
            instrumentationContext.getChanger().addAdapter("CookieInterceptorClassVisitor");
            instrumentationContext.setRequiresTransforming(true);
            classVisitor = new c(classVisitor, instrumentationContext, fVar);
        }
        return classVisitor;
    }

    public void onPopulateCookieValueIntoStack(String str, String str2, String str3, boolean z) {
        a(ID, str);
        this.b.a(this.g, new CveDetailsDTM(ID, str3), UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.COOKIE_NAME).build(), z ? AttackResult.BLOCKED : AttackResult.EXPLOITED);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public boolean isCodeExclusionSpecialCase() {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public boolean requiresPrimordialInstrumentation(Class<?> cls) {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public h<ContrastCve_2014_0116Dispatcher> getDispatcherRegistration() {
        return this.e;
    }
}
