-
Notifications
You must be signed in to change notification settings - Fork 293
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove callsites for IAST sources and use bytebuddy advices
- Loading branch information
1 parent
3a1fde9
commit af944ea
Showing
32 changed files
with
984 additions
and
1,099 deletions.
There are no files selected for viewing
2 changes: 1 addition & 1 deletion
2
...rvlet/http/iast/TaintableEnumeration.java → ...nt/tooling/iast/TaintableEnumeration.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
83 changes: 83 additions & 0 deletions
83
.../src/main/java/datadog/trace/instrumentation/servlet3/Servlet3RequestInstrumentation.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,83 @@ | ||
| package datadog.trace.instrumentation.servlet3; | ||
|
|
||
| import static datadog.trace.agent.tooling.bytebuddy.matcher.HierarchyMatchers.extendsClass; | ||
| import static datadog.trace.agent.tooling.bytebuddy.matcher.HierarchyMatchers.implementsInterface; | ||
| import static datadog.trace.agent.tooling.bytebuddy.matcher.NameMatchers.named; | ||
| import static net.bytebuddy.matcher.ElementMatchers.isMethod; | ||
| import static net.bytebuddy.matcher.ElementMatchers.not; | ||
| import static net.bytebuddy.matcher.ElementMatchers.takesArguments; | ||
|
|
||
| import com.google.auto.service.AutoService; | ||
| import datadog.trace.agent.tooling.Instrumenter; | ||
| import datadog.trace.api.iast.IastContext; | ||
| import datadog.trace.api.iast.InstrumentationBridge; | ||
| import datadog.trace.api.iast.Source; | ||
| import datadog.trace.api.iast.SourceTypes; | ||
| import datadog.trace.api.iast.propagation.PropagationModule; | ||
| import java.util.Map; | ||
| import javax.servlet.http.HttpServletRequest; | ||
| import net.bytebuddy.asm.Advice; | ||
| import net.bytebuddy.description.type.TypeDescription; | ||
| import net.bytebuddy.matcher.ElementMatcher; | ||
|
|
||
| @SuppressWarnings("unused") | ||
| @AutoService(Instrumenter.class) | ||
| public class Servlet3RequestInstrumentation extends Instrumenter.Iast | ||
| implements Instrumenter.ForTypeHierarchy { | ||
|
|
||
| private static final String CLASS_NAME = Servlet3RequestInstrumentation.class.getName(); | ||
| private static final ElementMatcher.Junction<? super TypeDescription> WRAPPER_CLASS = | ||
| named("javax.servlet.http.HttpServletRequestWrapper"); | ||
|
|
||
| public Servlet3RequestInstrumentation() { | ||
| super("servlet", "servlet-3"); | ||
| } | ||
|
|
||
| @Override | ||
| public String hierarchyMarkerType() { | ||
| return "javax.servlet.http.HttpServletRequest"; | ||
| } | ||
|
|
||
| @Override | ||
| public ElementMatcher<TypeDescription> hierarchyMatcher() { | ||
| return implementsInterface(named(hierarchyMarkerType())) | ||
| .and(not(WRAPPER_CLASS)) | ||
| .and(not(extendsClass(WRAPPER_CLASS))); | ||
| } | ||
|
|
||
| @Override | ||
| public void adviceTransformations(AdviceTransformation transformation) { | ||
| transformation.applyAdvice( | ||
| isMethod().and(named("getParameterMap")).and(takesArguments(0)), | ||
| CLASS_NAME + "$GetParameterMapAdvice"); | ||
| } | ||
|
|
||
| public static class GetParameterMapAdvice { | ||
| @Advice.OnMethodExit(suppress = Throwable.class) | ||
| @Source(SourceTypes.REQUEST_PARAMETER_VALUE) | ||
| public static void onExit(@Advice.Return final Map<String, String[]> parameters) { | ||
| if (parameters == null || parameters.isEmpty()) { | ||
| return; | ||
| } | ||
| final PropagationModule module = InstrumentationBridge.PROPAGATION; | ||
| if (module == null) { | ||
| return; | ||
| } | ||
| final IastContext ctx = IastContext.Provider.get(); | ||
| for (final Map.Entry<String, String[]> entry : parameters.entrySet()) { | ||
| final String name = entry.getKey(); | ||
| module.taint(ctx, name, SourceTypes.REQUEST_PARAMETER_NAME, name); | ||
| final String[] values = entry.getValue(); | ||
| if (values != null) { | ||
| for (final String value : entry.getValue()) { | ||
| module.taint(ctx, value, SourceTypes.REQUEST_PARAMETER_VALUE, name); | ||
| } | ||
| } | ||
| } | ||
| } | ||
|
|
||
| public static void muzzleCheck(final HttpServletRequest request) { | ||
| request.getParameterMap(); | ||
| } | ||
| } | ||
| } |
39 changes: 0 additions & 39 deletions
39
...ain/java/datadog/trace/instrumentation/servlet3/callsite/HttpServlet3RequestCallSite.java
This file was deleted.
Oops, something went wrong.
38 changes: 0 additions & 38 deletions
38
...rc/main/java/datadog/trace/instrumentation/servlet3/callsite/Servlet3RequestCallSite.java
This file was deleted.
Oops, something went wrong.
67 changes: 67 additions & 0 deletions
67
...strumentation/servlet/request-3/src/test/groovy/Servlet3RequestInstrumentationTest.groovy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| import datadog.trace.agent.test.AgentTestRunner | ||
| import datadog.trace.api.iast.InstrumentationBridge | ||
| import datadog.trace.api.iast.SourceTypes | ||
| import datadog.trace.api.iast.propagation.PropagationModule | ||
|
|
||
| import javax.servlet.http.HttpServletRequest | ||
| import javax.servlet.http.HttpServletRequestWrapper | ||
|
|
||
| class Servlet3RequestInstrumentationTest extends AgentTestRunner { | ||
|
|
||
| @Override | ||
| protected void configurePreAgent() { | ||
| injectSysConfig("dd.iast.enabled", "true") | ||
| } | ||
|
|
||
| void cleanup() { | ||
| InstrumentationBridge.clearIastModules() | ||
| } | ||
|
|
||
| void 'test getParameterMap'() { | ||
| setup: | ||
| final iastModule = Mock(PropagationModule) | ||
| InstrumentationBridge.registerIastModule(iastModule) | ||
| final parameters = [parameter: ['header1', 'header2'] as String[]] | ||
| final mock = Mock(HttpServletRequest) | ||
| final request = suite.call(mock) | ||
|
|
||
| when: | ||
| final result = request.getParameterMap() | ||
|
|
||
| then: | ||
| result == parameters | ||
| 1 * mock.getParameterMap() >> parameters | ||
| parameters.each { key, values -> | ||
| 1 * iastModule.taint(_, key, SourceTypes.REQUEST_PARAMETER_NAME, key) | ||
| values.each { value -> | ||
| 1 * iastModule.taint(_, value, SourceTypes.REQUEST_PARAMETER_VALUE, key) | ||
| } | ||
| } | ||
| 0 * _ | ||
|
|
||
| where: | ||
| suite << testSuite() | ||
| } | ||
|
|
||
| private List<Closure<? extends HttpServletRequest>> testSuite() { | ||
| return [ | ||
| { HttpServletRequest request -> new CustomRequest(request: request) }, | ||
| { HttpServletRequest request -> new CustomRequestWrapper(new CustomRequest(request: request)) }, | ||
| { HttpServletRequest request -> | ||
| new HttpServletRequestWrapper(new CustomRequest(request: request)) | ||
| } | ||
| ] | ||
| } | ||
|
|
||
| private static class CustomRequest implements HttpServletRequest { | ||
| @Delegate | ||
| private HttpServletRequest request | ||
| } | ||
|
|
||
| private static class CustomRequestWrapper extends HttpServletRequestWrapper { | ||
|
|
||
| CustomRequestWrapper(final HttpServletRequest request) { | ||
| super(request) | ||
| } | ||
| } | ||
| } |
51 changes: 0 additions & 51 deletions
51
...entation/servlet/request-3/src/test/groovy/Servlet3TestGetParameterInstrumentation.groovy
This file was deleted.
Oops, something went wrong.
12 changes: 0 additions & 12 deletions
12
...trumentation/servlet/request-3/src/test/java/foo/bar/smoketest/HttpServlet3TestSuite.java
This file was deleted.
Oops, something went wrong.
12 changes: 0 additions & 12 deletions
12
...ation/servlet/request-3/src/test/java/foo/bar/smoketest/HttpServletWrapper3TestSuite.java
This file was deleted.
Oops, something went wrong.
12 changes: 0 additions & 12 deletions
12
.../instrumentation/servlet/request-3/src/test/java/foo/bar/smoketest/Servlet3TestSuite.java
This file was deleted.
Oops, something went wrong.
9 changes: 0 additions & 9 deletions
9
...agent/instrumentation/servlet/request-3/src/test/java/foo/bar/smoketest/ServletSuite.java
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.