package com.contrastsecurity.agent.plugins.rasp.rules.cve.struts.d;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.instr.InstrumentationContext;
import com.contrastsecurity.agent.instr.h;
import com.contrastsecurity.agent.messages.app.activity.defend.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.defend.details.CveDetailsDTM;
import com.contrastsecurity.agent.messages.app.activity.defend.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.rasp.A;
import com.contrastsecurity.agent.plugins.rasp.E;
import com.contrastsecurity.agent.plugins.rasp.InterfaceC0124d;
import com.contrastsecurity.agent.plugins.rasp.RaspManager;
import com.contrastsecurity.agent.plugins.rasp.S;
import com.contrastsecurity.agent.plugins.rasp.Z;
import com.contrastsecurity.agent.plugins.rasp.am;
import com.contrastsecurity.agent.plugins.rasp.rules.c.g;
import com.contrastsecurity.agent.plugins.rasp.rules.i;
import com.contrastsecurity.agent.plugins.rasp.rules.j;
import com.contrastsecurity.agent.plugins.rasp.rules.s;
import com.contrastsecurity.agent.util.C0220a;
import com.contrastsecurity.agent.util.L;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.objectweb.asm.ClassVisitor;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.List;
import java.util.regex.Pattern;

/* compiled from: Cve_2017_5638Rule.java */
/* loaded from: input_file:com/contrastsecurity/agent/plugins/rasp/rules/cve/struts/d/d.class */
public final class d extends com.contrastsecurity.agent.plugins.rasp.rules.cve.struts.c implements i<CveDetailsDTM>, j<CveDetailsDTM, ContrastCve_2017_5638Dispatcher> {
    public static final String e = "cve-2017-5638";
    private final ApplicationManager h;
    private final InterfaceC0124d i;
    private final h<ContrastCve_2017_5638Dispatcher> j;
    private final RaspManager k;
    private final Z<CveDetailsDTM> l;
    public static final Logger b = LoggerFactory.getLogger(d.class);
    private static final String f = "org#apache#struts2#dispatcher#multipart#JakartaMultiPartRequest".replace('#', '/');
    private static final Pattern g = Pattern.compile(".*(\\$|%)\\{.*((?i)memberAccess|ognl).*\\}.*");
    private static final String[] m = {"2.3.7.jar", "2.3.8.jar", "2.3.12.jar", "2.3.14.jar", "2.3.14.1.jar", "2.3.14.2.jar", "2.3.14.3.jar", "2.3.15.jar", "2.3.15.1.jar", "2.3.15.2.jar", "2.3.15.3.jar", "2.3.16.jar", "2.3.16.1.jar", "2.3.16.2.jar", "2.3.16.3.jar", "2.3.20.jar", "2.3.20.1.jar", "2.3.20.3.jar", "2.3.24.jar", "2.3.24.1.jar", "2.3.24.3.jar", "2.3.28.jar", "2.3.28.1.jar", "2.3.30.jar", "2.3.31.jar", "2.5.jar", "2.5.1.jar", "2.5.2.jar", "2.5.5.jar", "2.5.8.jar", "2.5.10.jar"};

    @Inject
    public d(RaspManager raspManager, ApplicationManager applicationManager, InterfaceC0124d interfaceC0124d, h<ContrastCve_2017_5638Dispatcher> hVar) {
        super(interfaceC0124d, raspManager);
        this.h = applicationManager;
        this.i = interfaceC0124d;
        this.j = hVar;
        this.k = raspManager;
        this.l = Z.a(e, CveDetailsDTM.class);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.k
    public ClassVisitor onInstrumentingClass(com.contrastsecurity.agent.instr.f<ContrastCve_2017_5638Dispatcher> fVar, ClassVisitor classVisitor, InstrumentationContext instrumentationContext) {
        if (!this.k.isSinksDisabled() && instrumentationContext.getCodeSource() != null && C0220a.b(instrumentationContext.getFlags()) && instrumentationContext.getInternalClassName().equals(f)) {
            classVisitor = new f(classVisitor, instrumentationContext, fVar);
            instrumentationContext.setRequiresTransforming(true);
            instrumentationContext.getChanger().addAdapter("Cve_2017_5638Visitor");
        }
        return classVisitor;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return UserInputDTM.InputType.HEADER.equals(inputType);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public E evaluateInput(UserInputDTM.InputType inputType, String str, String str2, String str3, int i) {
        b.debug("Evaluating input {} {} {}", inputType.toString(), str, str2);
        E e2 = null;
        if (UserInputDTM.InputType.HEADER.equals(inputType) && L.c(str, "Content-Type") && g.b(str2)) {
            b.debug("Evaluating input {} {}", str, str2);
            e2 = new E(A.MATCHED_ATTACK_SIGNATURE);
        }
        return e2;
    }

    public boolean a(String str) {
        Application current;
        boolean z = false;
        boolean z2 = false;
        if (!StringUtils.isEmpty(str) && (current = this.h.current()) != null) {
            s vulnerabilityAnalysis = getVulnerabilityAnalysis(current);
            if (vulnerabilityAnalysis == null) {
                b.warn("Not analyzing request for {} because Contrast has not yet analyzed the application's libraries to see if the application is vulnerable", e);
                return false;
            }
            if (!vulnerabilityAnalysis.a()) {
                return false;
            }
            String c = vulnerabilityAnalysis.c();
            boolean c2 = c(current);
            S currentContext = this.k.currentContext();
            if (currentContext != null) {
                List<am> c3 = currentContext.c(e);
                if (c3 != null && !c3.isEmpty()) {
                    for (int i = 0; i < c3.size(); i++) {
                        am amVar = c3.get(i);
                        if (amVar != null) {
                            String value = amVar.a().getValue();
                            if (amVar.c(str)) {
                                b.debug("Exception contains user input {}", value);
                                z = z || c2;
                                a(amVar, c, z);
                                z2 = true;
                            }
                        }
                    }
                }
                if (!z2 && b(str)) {
                    z = c2;
                    a(str, c, z);
                }
            }
        }
        return z;
    }

    protected boolean b(String str) {
        return g.matcher(str).matches();
    }

    private void a(String str, String str2, boolean z) {
        this.i.a(this.l, new CveDetailsDTM(getRuleId().a(), str2), UserInputDTM.builder().name(null).value(str).type(UserInputDTM.InputType.UNKNOWN).time(System.currentTimeMillis()).build(), z ? AttackResult.BLOCKED : AttackResult.EXPLOITED);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public boolean isCodeExclusionSpecialCase() {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public boolean requiresPrimordialInstrumentation(Class<?> cls) {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public h<ContrastCve_2017_5638Dispatcher> getDispatcherRegistration() {
        return this.j;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.g
    public Z<CveDetailsDTM> getRuleId() {
        return this.l;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.cve.struts.c
    protected String[] a() {
        return m;
    }
}
