package com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.xss;

import com.contrastsecurity.agent.DontObfuscate;
import com.contrastsecurity.agent.ScopedSensor;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.commons.Empty;
import com.contrastsecurity.agent.commons.Throwables;
import com.contrastsecurity.agent.plugins.security.AssessmentManager;
import com.contrastsecurity.agent.plugins.security.controller.TraceController;
import com.contrastsecurity.agent.plugins.security.controller.o;
import com.contrastsecurity.agent.plugins.security.model.TriggerEvent;
import com.contrastsecurity.agent.plugins.security.model.n;
import com.contrastsecurity.agent.plugins.security.policy.l;
import com.contrastsecurity.agent.plugins.security.policy.rules.Event;
import com.contrastsecurity.agent.plugins.security.policy.rules.Parameter;
import com.contrastsecurity.agent.plugins.security.policy.rules.ParameterList;
import com.contrastsecurity.agent.plugins.security.policy.rules.Rule;
import com.contrastsecurity.agent.reflection.Reflect;
import com.contrastsecurity.agent.scope.GlobalScopeProvider;
import com.contrastsecurity.agent.trace.CodeEvent;
import com.contrastsecurity.agent.trace.MethodDescription;
import com.contrastsecurity.agent.trace.Trace;
import com.contrastsecurity.agent.v.m;
import com.contrastsecurity.agent.v.q;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Objects;

@Singleton
@DontObfuscate
/* loaded from: input_file:com/contrastsecurity/agent/plugins/security/policy/rules/providers/internal/xss/ContrastFreemarkerDispatcherImpl.class */
final class ContrastFreemarkerDispatcherImpl implements ContrastFreemarkerDispatcher {
    private final TraceController traceController;
    private final ApplicationManager applicationManager;
    private final AssessmentManager assessmentManager;
    private final com.contrastsecurity.agent.plugins.security.model.c codeEventFactory;
    private final com.contrastsecurity.agent.plugins.security.controller.trigger.f triggerHandler;
    private final m stackCaptureFactory;
    private final com.contrastsecurity.agent.plugins.security.policy.d policyManager;
    private final com.contrastsecurity.agent.scope.c scopeProviderAssess;
    private static Event RULE_EVENT;
    private static final String FAKE_TEMPLATENAME = "unknown.ftl";
    private static final String FAKE_SINK_FILENAME = "Renderer.java";
    private static final String FAKE_SINK_METHOD_NAME = "output";
    private static final int FAKE_SINK_LINE = 10;
    private static final String RULE_NAME = "reflected-xss";
    private static final String FAKE_SINK_CLASSNAME = "freemarker.core.Renderer";
    private static final String FAKE_TEMPLATE_METHOD_NAME = "print";
    private static final String FAKE_METHOD_DESC = "(Ljava/lang/String;)V";
    private static final MethodDescription CALLEE = new MethodDescription(FAKE_SINK_CLASSNAME, FAKE_TEMPLATE_METHOD_NAME, FAKE_METHOD_DESC, 0);
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) ContrastFreemarkerDispatcherImpl.class);

    @Inject
    public ContrastFreemarkerDispatcherImpl(TraceController traceController, ApplicationManager applicationManager, AssessmentManager assessmentManager, com.contrastsecurity.agent.plugins.security.model.c cVar, com.contrastsecurity.agent.plugins.security.controller.trigger.f fVar, m mVar, com.contrastsecurity.agent.plugins.security.policy.d dVar, com.contrastsecurity.agent.scope.c cVar2) {
        this.traceController = traceController;
        this.applicationManager = applicationManager;
        this.assessmentManager = assessmentManager;
        this.codeEventFactory = (com.contrastsecurity.agent.plugins.security.model.c) Objects.requireNonNull(cVar);
        this.triggerHandler = fVar;
        this.stackCaptureFactory = mVar;
        this.policyManager = dVar;
        this.scopeProviderAssess = cVar2;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [com.contrastsecurity.agent.scope.ScopeAggregator] */
    /* JADX WARN: Type inference failed for: r0v1 */
    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v4, types: [com.contrastsecurity.agent.scope.ScopeAggregator] */
    /* JADX WARN: Type inference failed for: r0v7, types: [com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.xss.ContrastFreemarkerDispatcherImpl] */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable, com.contrastsecurity.agent.scope.ScopeAggregator] */
    @Override // java.lang.ContrastFreemarkerDispatcher
    @ScopedSensor
    public void onVariableOutput(Object obj, Object obj2, Object obj3) {
        Throwable enterScope = GlobalScopeProvider.enterScope();
        try {
            try {
                if (obj instanceof String) {
                    enterScope = this;
                    enterScope._onVariableOutput((String) obj, obj2, obj3);
                }
            } catch (Exception e) {
                Throwables.throwIfCritical(e);
                logger.error("Problem checking for XSS in freemarker", enterScope);
            }
            enterScope = enterScope;
            enterScope.leaveScope();
        } catch (Throwable th) {
            th.leaveScope();
            throw enterScope;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v15, types: [com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.xss.ContrastFreemarkerDispatcherImpl] */
    /* JADX WARN: Type inference failed for: r0v8, types: [com.contrastsecurity.thirdparty.org.slf4j.Logger] */
    /* JADX WARN: Type inference failed for: r0v9 */
    private void _onVariableOutput(String str, Object obj, Object obj2) {
        if (str == null || str.isEmpty() || obj == null || obj2 == null || !this.traceController.isTracked(str)) {
            return;
        }
        Throwable th = logger;
        th.debug("TraceDispatcher.isTracked returned true");
        try {
            Object nonEscapingExpression = getNonEscapingExpression(obj);
            if (nonEscapingExpression != null) {
                logger.debug("Expression not null");
                th = this;
                th.reportXSS(str, obj, nonEscapingExpression, obj2);
            }
        } catch (Exception e) {
            Throwables.throwIfCritical(e);
            logger.error("Problem checking for freemarker XSS", th);
        }
    }

    private Object getNonEscapingExpression(Object obj) throws Exception {
        Reflect reflect = Reflect.reflect(obj, logger);
        Object b = reflect.field("escapedExpression").result(Object.class).b();
        if (b == null) {
            return null;
        }
        Object b2 = reflect.reset(obj).field("outputFormat").result(Object.class).b();
        if (b2 != null) {
            String obj2 = b2.toString();
            if (obj2.contains("HTMLOutputFormat") || obj2.contains("XMLOutputFormat")) {
                return null;
            }
        }
        Class<?> cls = b.getClass();
        String obj3 = b.toString();
        if (obj3.contains("?url") || obj3.contains("?xhtml") || obj3.contains("?html") || obj3.contains("?xml") || obj3.contains("?json_string") || cls.getName().contains("Encoding")) {
            return null;
        }
        return b;
    }

    private void reportXSS(String str, Object obj, Object obj2, Object obj3) throws l {
        Rule ruleById;
        Trace trace = this.traceController.getTrace(str);
        if (trace == null || this.applicationManager.current() == null || (ruleById = this.policyManager.e().getRuleById(RULE_NAME)) == null || !ruleById.isEnabled()) {
            return;
        }
        com.contrastsecurity.agent.v.l a = q.a(createStack(this.stackCaptureFactory.a(m.a.TRIGGER), obj, obj3));
        n nVar = (n) ((n) ((n) ((n) ((n) this.codeEventFactory.b().a(CALLEE)).a(ruleById).e("P0")).a(new Object[]{str})).a(obj)).a(a);
        CodeEvent lastEvent = trace.getLastEvent();
        if (lastEvent != null) {
            nVar.d(lastEvent);
        }
        TriggerEvent e = nVar.e();
        o oVar = new o();
        oVar.a(true);
        oVar.a(trace);
        oVar.a(a);
        this.assessmentManager.currentContext().setLastTriggerEvent(e);
        com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.a aVar = new com.contrastsecurity.agent.plugins.security.policy.rules.providers.internal.a();
        aVar.a(CALLEE);
        aVar.a(e);
        aVar.a(oVar);
        aVar.a(makeEvent(ruleById, CALLEE));
        logger.debug("Tracing trigger");
        this.triggerHandler.traceTrigger(this.scopeProviderAssess.scope(), FAKE_TEMPLATE_METHOD_NAME, FAKE_METHOD_DESC, 1, obj3, obj3.getClass(), new Object[]{str}, null, RULE_NAME, (short) -1, aVar);
    }

    private Event makeEvent(Rule rule, MethodDescription methodDescription) throws l {
        if (RULE_EVENT == null) {
            RULE_EVENT = new Event(rule, methodDescription.getSignature());
            RULE_EVENT.setExpressionType(null);
            RULE_EVENT.setObjectRequiresTracking(false);
            ParameterList parameterList = new ParameterList();
            parameterList.setMode(ParameterList.Mode.Or);
            parameterList.setParameters(new Parameter[]{makeFreemarkerParameter()});
            RULE_EVENT.setParameterList(parameterList);
        }
        return RULE_EVENT;
    }

    private Parameter makeFreemarkerParameter() {
        Parameter parameter = new Parameter(0, true);
        parameter.setDisallowedTags(new String[]{"http-token-limited-chars", "numeric-limited-chars", "custom-validated", "base64-encoded", "css-encoded", "ftl-encoded", "html-encoded", "js-encoded", "json-encoded", "ldap-encoded", "os-encoded", "sql-encoded", "url-encoded", "vbscript-encoded", "xml-encoded", "xpath-encoded", "xss-encoded"});
        return parameter;
    }

    private List<StackTraceElement> createStack(com.contrastsecurity.agent.v.l lVar, Object obj, Object obj2) {
        int reflectLineNumber = reflectLineNumber(obj);
        String reflectTemplateName = reflectTemplateName(obj2);
        String generateTemplateClassName = generateTemplateClassName(reflectTemplateName);
        List<StackTraceElement> emptyList = lVar == null ? Collections.emptyList() : lVar.a();
        ArrayList arrayList = new ArrayList(emptyList.size() + 2);
        arrayList.add(new StackTraceElement(FAKE_SINK_CLASSNAME, FAKE_SINK_METHOD_NAME, FAKE_SINK_FILENAME, 10));
        arrayList.add(new StackTraceElement(generateTemplateClassName, FAKE_TEMPLATE_METHOD_NAME, reflectTemplateName, reflectLineNumber));
        arrayList.addAll(emptyList);
        return arrayList;
    }

    private String generateTemplateClassName(String str) {
        return str.substring(Math.max(str.lastIndexOf(47), str.lastIndexOf(92)) + 1);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v2, types: [com.contrastsecurity.thirdparty.org.slf4j.Logger] */
    /* JADX WARN: Type inference failed for: r8v0, types: [java.lang.Throwable] */
    private String reflectTemplateName(Object obj) {
        String str = FAKE_TEMPLATENAME;
        String str2 = FAKE_TEMPLATENAME;
        try {
            Object invoke = com.contrastsecurity.agent.reflection.a.f(obj.getClass(), "getTemplate").invoke(obj, Empty.OBJ_ARRAY);
            str2 = (String) com.contrastsecurity.agent.reflection.a.f(invoke.getClass(), "getName").invoke(invoke, Empty.OBJ_ARRAY);
            str = str2;
            if (str == null) {
                str2 = FAKE_TEMPLATENAME;
            }
        } catch (Exception e) {
            Throwables.throwIfCritical(e);
            logger.error("Problem reading template name", str);
        }
        return str2;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v11, types: [boolean] */
    /* JADX WARN: Type inference failed for: r0v12 */
    /* JADX WARN: Type inference failed for: r0v18, types: [int] */
    /* JADX WARN: Type inference failed for: r0v2 */
    /* JADX WARN: Type inference failed for: r0v3 */
    /* JADX WARN: Type inference failed for: r0v4 */
    /* JADX WARN: Type inference failed for: r0v8, types: [java.lang.Class] */
    private int reflectLineNumber(Object obj) {
        Class<?> cls = obj.getClass();
        Throwable th = -1;
        int i = -1;
        while (true) {
            try {
                th = cls.getSuperclass();
                cls = th;
                if (th == 0) {
                    break;
                }
                th = cls.getSimpleName().equals("TemplateObject");
                if (th != 0) {
                    th = ((Integer) com.contrastsecurity.agent.reflection.a.d(cls, "beginLine").get(obj)).intValue();
                    i = th;
                }
            } catch (Exception e) {
                Throwables.throwIfCritical(e);
                logger.error("Problem generating line number", th);
            }
        }
        return i;
    }
}
