package com.contrastsecurity.agent.plugins.rasp.rules.cve.spring.el;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.c.e;
import com.contrastsecurity.agent.instr.InstrumentationContext;
import com.contrastsecurity.agent.messages.app.activity.defend.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.defend.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.rasp.C;
import com.contrastsecurity.agent.plugins.rasp.EnumC0163y;
import com.contrastsecurity.agent.plugins.rasp.InterfaceC0103d;
import com.contrastsecurity.agent.plugins.rasp.RaspManager;
import com.contrastsecurity.agent.plugins.rasp.aa;
import com.contrastsecurity.agent.plugins.rasp.am;
import com.contrastsecurity.agent.plugins.rasp.an;
import com.contrastsecurity.agent.plugins.rasp.rules.n;
import com.contrastsecurity.agent.plugins.rasp.rules.r;
import com.contrastsecurity.agent.util.W;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.org.objectweb.asm.ClassVisitor;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.List;

/* compiled from: Cve_2011_2730Rule.java */
/* loaded from: input_file:lib/contrast-agent-core.jar:com/contrastsecurity/agent/plugins/rasp/rules/cve/spring/el/h.class */
public final class h extends n<ElInjectionDetailsDTM> implements com.contrastsecurity.agent.plugins.rasp.rules.a, k, com.contrastsecurity.agent.plugins.rasp.rules.h<ElInjectionDetailsDTM>, com.contrastsecurity.agent.plugins.rasp.rules.i<ElInjectionDetailsDTM, ContrastCve_2011_2730Dispatcher> {
    public static final String b = "cve-2011-2730";
    private final ApplicationManager c;
    private final InterfaceC0103d d;
    private final com.contrastsecurity.agent.instr.h<ContrastCve_2011_2730Dispatcher> e;
    private final RaspManager f;
    private final aa<ElInjectionDetailsDTM> g = aa.a(b, ElInjectionDetailsDTM.class);
    private final e.a<r> h = e.a.a(r.class);
    private static final String j = "spring-web";
    private static final String[] i = {"getClassLoader", "getClass", "newInstance", "getURL", "param.", "applicationScope."};
    private static final String[] k = {"3.0.5.release.jar", "3.0.4.release.jar", "3.0.2.release.jar", "3.0.1.release.jar", "3.0.0.release.jar", "2.5.7.release.jar", "2.5.6.jar", "2.5.6.sec03.jar", "2.5.6.sec02.jar", "2.5.6.sec01.jar", "2.5.5.jar", "2.5.4.jar", "2.5.3.jar", "2.5.2.jar", "2.5.1.jar", "2.5.0.jar"};
    private static final Logger l = LoggerFactory.getLogger(h.class);

    @Inject
    public h(ApplicationManager applicationManager, InterfaceC0103d interfaceC0103d, com.contrastsecurity.agent.instr.h<ContrastCve_2011_2730Dispatcher> hVar, RaspManager raspManager) {
        this.c = applicationManager;
        this.d = interfaceC0103d;
        this.e = hVar;
        this.f = raspManager;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.f
    public aa<ElInjectionDetailsDTM> getRuleId() {
        return this.g;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.j
    public ClassVisitor onInstrumentingClass(com.contrastsecurity.agent.instr.f<ContrastCve_2011_2730Dispatcher> fVar, ClassVisitor classVisitor, InstrumentationContext instrumentationContext) {
        if (!this.f.isSinksDisabled() && "org/springframework/web/util/ExpressionEvaluationUtils".equals(instrumentationContext.getInternalClassName())) {
            classVisitor = new l(classVisitor, instrumentationContext, fVar);
            instrumentationContext.getChanger().addAdapter("ExpressionEvaluationUtilsInjectionVisitor");
            instrumentationContext.setRequiresTransforming(true);
        }
        return classVisitor;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.h
    public C evaluateInput(UserInputDTM.InputType inputType, String str, String str2, String str3, int i2) {
        if (str2 == null || am.a(i2, 4) || str2.length() <= 8) {
            return null;
        }
        if ((str2.contains("${") || str2.contains("%{")) && W.a(str2, i)) {
            return new C(EnumC0163y.MATCHED_ATTACK_SIGNATURE);
        }
        return null;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.h
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return UserInputDTM.InputType.PARAMETER_VALUE.equals(inputType);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.Y
    public void onApplicationProfiled(Application application) {
        application.context().a((e.a<e.a<r>>) this.h, (e.a<r>) a(application));
    }

    private r a(Application application) {
        for (String str : application.getLibraryFactNames()) {
            if (str != null && str.contains(j)) {
                for (String str2 : k) {
                    if (str.endsWith(str2)) {
                        return r.a(str, str2);
                    }
                }
            }
        }
        return r.d();
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.cve.spring.el.k
    public boolean a(String str) {
        boolean z = false;
        l.debug("EL detected in impending evaluation: {}", str);
        if (appliesToApplication(this.c.current())) {
            List<an> c = this.f.currentContext().c(b);
            if (c != null) {
                for (an anVar : c) {
                    UserInputDTM b2 = anVar.b(str);
                    if (anVar.c() && b2 != null) {
                        z = z || this.f.canBlock(this);
                        a(b2, str, z);
                    }
                }
            }
        } else {
            l.trace("No app currently, exiting");
        }
        return z;
    }

    private void a(UserInputDTM userInputDTM, String str, boolean z) {
        r rVar = (r) this.c.current().context().a(this.h);
        if (rVar == null || !rVar.a()) {
            throw new IllegalStateException("Attempting to report a vulnerability for cve-2011-2730 but no vulnerable library detected");
        }
        this.d.a(this.g, new ElInjectionDetailsDTM(str, rVar.c(), rVar.b()), userInputDTM, z ? AttackResult.BLOCKED : AttackResult.EXPLOITED);
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public boolean isCodeExclusionSpecialCase() {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public boolean requiresPrimordialInstrumentation(Class<?> cls) {
        return false;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public com.contrastsecurity.agent.instr.h<ContrastCve_2011_2730Dispatcher> getDispatcherRegistration() {
        return this.e;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.i
    public String[] getDeadzones() {
        return null;
    }

    @Override // com.contrastsecurity.agent.plugins.rasp.rules.a
    public boolean appliesToApplication(Application application) {
        r rVar;
        return (application == null || (rVar = (r) application.context().a(this.h)) == null || !rVar.a()) ? false : true;
    }
}
