package com.contrastsecurity.agent.plugins.protect.rules.cve.struts.cookieinterceptor;

import com.contrastsecurity.agent.DontObfuscate;
import com.contrastsecurity.agent.config.ConfigProperty;
import com.contrastsecurity.agent.messages.app.activity.protect.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.protect.details.CveDetailsDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.protect.C0378w;
import com.contrastsecurity.agent.plugins.protect.InterfaceC0319d;
import com.contrastsecurity.agent.plugins.protect.ProtectManager;
import com.contrastsecurity.agent.plugins.protect.ProtectRuleId;
import com.contrastsecurity.agent.plugins.protect.S;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;

@Singleton
@DontObfuscate
/* loaded from: input_file:com/contrastsecurity/agent/plugins/protect/rules/cve/struts/cookieinterceptor/Cve_2014_0116Rule.class */
public final class Cve_2014_0116Rule extends com.contrastsecurity.agent.plugins.protect.rules.cve.struts.b {
    private final InterfaceC0319d attackEventPublisher;
    private final S protectRuleMode;
    private static final String[] VULN_VERSIONS = {"2.3.16.2.jar", "2.3.16.1.jar", "2.3.16.jar", "2.3.15.3.jar", "2.3.15.2.jar", "2.3.15.1.jar", "2.3.15.jar", "2.3.14.3.jar", "2.3.14.2.jar", "2.3.14.1.jar", "2.3.14.jar", "2.3.13.jar", "2.3.12.jar", "2.3.11.jar", "2.3.10.jar", "2.3.9.jar", "2.3.8.jar", "2.3.7.jar", "2.3.6.jar", "2.3.5.jar", "2.3.4.1.jar", "2.3.4.jar", "2.3.3.jar", "2.3.2.jar", "2.3.1.2.jar", "2.3.1.1.jar", "2.3.1.jar", "2.3.0.jar", "2.2.3.1.jar", "2.2.3.jar", "2.2.2.jar", "2.2.1.1.jar", "2.2.1.jar", "2.2.0.jar", "2.1.8.1.jar", "2.1.8.jar", "2.1.7.jar", "2.1.6.jar", "2.1.5.jar", "2.1.4.jar", "2.1.3.jar", "2.1.2.jar", "2.1.1.jar", "2.1.0.jar", "2.0.14.jar", "2.0.13.jar", "2.0.12.jar", "2.0.11.2.jar", "2.0.11.1.jar", "2.0.11.jar", "2.0.10.jar", "2.0.9.jar", "2.0.8.jar", "2.0.7.jar", "2.0.6.jar", "2.0.5.jar", "2.0.4.jar", "2.0.3.jar", "2.0.2.jar", "2.0.1.jar", "2.0.0.jar"};

    @Inject
    public Cve_2014_0116Rule(InterfaceC0319d interfaceC0319d, ProtectManager protectManager, com.contrastsecurity.agent.config.e eVar) {
        super(interfaceC0319d, protectManager);
        this.attackEventPublisher = interfaceC0319d;
        this.protectRuleMode = new C0378w(eVar, ConfigProperty.PROTECT_CVE_2014_0116_MODE);
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public ProtectRuleId getRuleId() {
        return ProtectRuleId.CVE_2014_0116;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public S getProtectRuleMode() {
        return this.protectRuleMode;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.n
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return UserInputDTM.InputType.COOKIE_NAME == inputType;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.cve.struts.b, com.contrastsecurity.agent.plugins.protect.rules.cve.struts.c
    protected String[] getVulnVersions() {
        return VULN_VERSIONS;
    }

    public void onPopulateCookieValueIntoStack(String str, String str2, String str3, boolean z) {
        markInputEffective(ProtectRuleId.CVE_2014_0116, str);
        this.attackEventPublisher.a(ProtectRuleId.CVE_2014_0116, (ProtectRuleId) new CveDetailsDTM(ProtectRuleId.CVE_2014_0116.id(), str3), UserInputDTM.builder().name(str).value(str2).type(UserInputDTM.InputType.COOKIE_NAME).build(), z ? AttackResult.BLOCKED : AttackResult.EXPLOITED);
    }
}
