package com.contrastsecurity.agent.plugins.protect.rules.elinjection;

import com.contrastsecurity.agent.commons.n;
import com.contrastsecurity.agent.commons.o;
import com.contrastsecurity.agent.config.ConfigProperty;
import com.contrastsecurity.agent.instr.InstrumentationContext;
import com.contrastsecurity.agent.instr.p;
import com.contrastsecurity.agent.messages.app.activity.protect.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.protect.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.protect.A;
import com.contrastsecurity.agent.plugins.protect.AttackBlockedException;
import com.contrastsecurity.agent.plugins.protect.EnumC0250y;
import com.contrastsecurity.agent.plugins.protect.InterfaceC0182d;
import com.contrastsecurity.agent.plugins.protect.P;
import com.contrastsecurity.agent.plugins.protect.ProtectManager;
import com.contrastsecurity.agent.plugins.protect.V;
import com.contrastsecurity.agent.plugins.protect.aj;
import com.contrastsecurity.agent.plugins.protect.rules.m;
import com.contrastsecurity.agent.plugins.protect.rules.s;
import com.contrastsecurity.agent.util.N;
import com.contrastsecurity.thirdparty.com.rabbitmq.client.ConnectionFactory;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;
import com.contrastsecurity.thirdparty.jregex.WildcardPattern;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.objectweb.asm.ClassVisitor;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.function.Predicate;
import java.util.regex.Pattern;

/* compiled from: ELInjectionRule.java */
@Singleton
/* loaded from: input_file:com/contrastsecurity/agent/plugins/protect/rules/elinjection/j.class */
public class j extends s<ELDetailsDTM> implements com.contrastsecurity.agent.plugins.protect.h.a<ELDetailsDTM>, com.contrastsecurity.agent.plugins.protect.rules.k<ELDetailsDTM>, com.contrastsecurity.agent.plugins.protect.rules.l<ELDetailsDTM, ContrastELInjectionDispatcher> {
    private final InterfaceC0182d c;
    private final p<ContrastELInjectionDispatcher> d;
    private final ProtectManager e;
    private final Set<UserInputDTM.InputType> f;
    private final Predicate<StackTraceElement> g;
    private final Predicate<String> h;
    private final Collection<m<ContrastELInjectionDispatcher>> i;
    private final V<ELDetailsDTM> j;
    public static final String a = "expression-language-injection";
    static final int b = 40;
    private static final String[] k = {"getClassLoader", "getClass", "newInstance", "getURL", "param.", "applicationScope.", "java.lang.Runtime", "getRuntime", "java.lang.ProcessBuilder"};
    private static final String[] l = {"getClassLoader", "java.lang.Runtime", "getRuntime", "java.lang.ProcessBuilder"};
    private static final Pattern m = Pattern.compile(".*forName.*\\(\".*\"\\).*get((Methods|DeclaredMethods).*\\(\\)|Method.*\\(\".*\"\\)).*");
    private static final Logger n = LoggerFactory.getLogger((Class<?>) j.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    @Inject
    public j(InterfaceC0182d interfaceC0182d, p<ContrastELInjectionDispatcher> pVar, ProtectManager protectManager, Set<com.contrastsecurity.agent.plugins.protect.rules.elinjection.a.a> set, V<ELDetailsDTM> v) {
        this.c = interfaceC0182d;
        this.d = pVar;
        this.e = protectManager;
        com.contrastsecurity.agent.commons.m.a((set == null || set.isEmpty()) ? false : true, "must provide at least one extension");
        this.f = o.b(UserInputDTM.InputType.HEADER, UserInputDTM.InputType.PARAMETER_NAME, UserInputDTM.InputType.PARAMETER_VALUE, UserInputDTM.InputType.MULTIPART_VALUE, UserInputDTM.InputType.MULTIPART_CONTENT_TYPE, UserInputDTM.InputType.BODY);
        ArrayList arrayList = new ArrayList(set.size());
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList(set.size());
        for (com.contrastsecurity.agent.plugins.protect.rules.elinjection.a.a aVar : set) {
            arrayList.add(aVar.a());
            arrayList2.add(aVar.b());
            arrayList3.add(aVar.c());
        }
        this.g = n.a(arrayList);
        this.h = n.a(arrayList2);
        this.i = Collections.unmodifiableCollection(arrayList3);
        this.j = v;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.m
    public ClassVisitor onInstrumentingClass(com.contrastsecurity.agent.instr.i<ContrastELInjectionDispatcher> iVar, ClassVisitor classVisitor, InstrumentationContext instrumentationContext) {
        if (!this.e.isSinksDisabled()) {
            Iterator<m<ContrastELInjectionDispatcher>> it = this.i.iterator();
            while (it.hasNext()) {
                classVisitor = it.next().onInstrumentingClass(iVar, classVisitor, instrumentationContext);
            }
        }
        return classVisitor;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.k
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return this.f.contains(inputType);
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.k
    public A evaluateInput(UserInputDTM.InputType inputType, String str, String str2, String str3, int i) {
        A a2 = null;
        if (this.f.contains(inputType) && str2 != null && str2.length() > 40 && a(str2)) {
            a2 = new A(EnumC0250y.MATCHED_ATTACK_SIGNATURE);
        }
        return a2;
    }

    private boolean a(String str) {
        int indexOf;
        if (str == null) {
            return false;
        }
        for (String str2 : k) {
            if (str.contains(str2) && (indexOf = str.indexOf(str2)) > 0 && !Character.isLetterOrDigit(str.charAt(indexOf - 1))) {
                return true;
            }
        }
        return m.matcher(str).matches();
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.l
    public boolean requiresPrimordialInstrumentation(Class<?> cls) {
        return false;
    }

    @Override // com.contrastsecurity.agent.instr.q
    public p<ContrastELInjectionDispatcher> dispatcherRegistration() {
        return this.d;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.i
    public V<ELDetailsDTM> getRuleId() {
        return this.j;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.i
    public ConfigProperty getModeOverrideKey() {
        return ConfigProperty.PROTECT_EL_INJECTION_MODE;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.h.a
    public void a(P p, String[] strArr, com.contrastsecurity.agent.p.j jVar) {
        if (jVar.a(this.g)) {
            String a2 = N.a(strArr, " ");
            boolean canBlock = this.e.canBlock(this);
            a(UserInputDTM.builder().value(a2).type(UserInputDTM.InputType.UNKNOWN).build(), a2, canBlock);
            if (canBlock) {
                throw new AttackBlockedException("Command halted during expression evaluation");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean a(l lVar) {
        boolean canBlock = this.e.canBlock(this);
        P b2 = lVar.b();
        boolean a2 = a(lVar.a(), b2 != null ? b2.c(a) : Collections.emptyList(), canBlock);
        if (!a2) {
            a2 = a(lVar.a(), canBlock);
        }
        return canBlock && a2;
    }

    private boolean a(String str, boolean z) {
        boolean z2 = N.a(str, l) || StringUtils.countMatches(str, "getClass()") > StringUtils.countMatches(str, "getClass().getSimpleName()");
        if (!z2) {
            z2 = this.h.test(str);
        }
        if (z2) {
            a(UserInputDTM.builder().type(UserInputDTM.InputType.UNKNOWN).value(str).time(System.currentTimeMillis()).build(), str, z);
        }
        return z2;
    }

    private boolean a(String str, List<aj> list, boolean z) {
        boolean z2 = false;
        if (list != null) {
            for (aj ajVar : list) {
                if (ajVar != null) {
                    String value = ajVar.a().getValue();
                    UserInputDTM a2 = StringUtils.isEmpty(value) ? null : a(str, ajVar);
                    if (a2 != null) {
                        ajVar.c(true);
                        n.debug("Expression string contains user input {}", value);
                        z2 = true;
                        a(a2, str, z);
                    }
                }
            }
        }
        return z2;
    }

    private void a(UserInputDTM userInputDTM, String str, boolean z) {
        this.c.a(this.j, new ELDetailsDTM(str), userInputDTM, z ? AttackResult.BLOCKED : AttackResult.EXPLOITED);
    }

    private UserInputDTM a(String str, aj ajVar) {
        boolean a2 = N.a(str, k);
        for (UserInputDTM userInputDTM : ajVar.b()) {
            if (userInputDTM.getVector().contains(str)) {
                return userInputDTM;
            }
            if (a2 && userInputDTM.getValue().replace(ConnectionFactory.DEFAULT_VHOST, WildcardPattern.ANY_CHAR).contains(str)) {
                return userInputDTM;
            }
            if (a2 && c.a(userInputDTM.getValue(), str)) {
                return userInputDTM;
            }
        }
        return null;
    }
}
