package com.contrastsecurity.agent.plugins.protect.rules.b;

import com.contrastsecurity.agent.commons.Sets;
import com.contrastsecurity.agent.config.ConfigProperty;
import com.contrastsecurity.agent.messages.app.activity.protect.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.protect.details.CmdInjectionDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.details.CmdInjectionInputTracingDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.protect.AttackBlockedException;
import com.contrastsecurity.agent.plugins.protect.C;
import com.contrastsecurity.agent.plugins.protect.C0378w;
import com.contrastsecurity.agent.plugins.protect.H;
import com.contrastsecurity.agent.plugins.protect.InterfaceC0319d;
import com.contrastsecurity.agent.plugins.protect.ProtectManager;
import com.contrastsecurity.agent.plugins.protect.ProtectRuleId;
import com.contrastsecurity.agent.plugins.protect.S;
import com.contrastsecurity.agent.plugins.protect.ai;
import com.contrastsecurity.agent.plugins.protect.rules.j;
import com.contrastsecurity.agent.plugins.protect.rules.n;
import com.contrastsecurity.agent.telemetry.b.k;
import com.contrastsecurity.agent.v.l;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Set;

/* compiled from: CmdInjectionProtectRule.java */
@Singleton
/* loaded from: input_file:com/contrastsecurity/agent/plugins/protect/rules/b/f.class */
public final class f implements com.contrastsecurity.agent.plugins.protect.h.a, j, n {
    private final a b;
    private final InterfaceC0319d c;
    private final ProtectManager d;
    private final com.contrastsecurity.agent.config.e e;
    private final com.contrastsecurity.agent.telemetry.b.a f;
    private final com.contrastsecurity.agent.telemetry.b.a g;
    private final S h;
    private static final String i = "net.sourceforge.argparse4j.internal.TerminalWidth.getTerminalWidth2";
    private static final String j = "org.apache.hadoop.security.Groups.getGroups";
    private static final Set<String> k = Sets.of(i, j);
    private static final String l = "cmdInjectionOnCmdStartCount";
    private static final String m = "cmdInjectionInputAttackCount";

    /* JADX INFO: Access modifiers changed from: package-private */
    @Inject
    public f(com.contrastsecurity.agent.config.e eVar, InterfaceC0319d interfaceC0319d, ProtectManager protectManager, a aVar, k kVar) {
        this.e = eVar;
        this.c = interfaceC0319d;
        this.d = protectManager;
        this.b = aVar;
        Objects.requireNonNull(kVar);
        this.f = kVar.a(l, k.a.PROTECT).a("The number of times onCommandStarting() was called").i();
        this.g = kVar.a(m, k.a.PROTECT).a("The number of times the attack came from an input").i();
        this.h = new C0378w(eVar, ConfigProperty.PROTECT_CMDI_MODE);
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public ProtectRuleId getRuleId() {
        return ProtectRuleId.CMD_INJECTION;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public S getProtectRuleMode() {
        return this.h;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.n
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return UserInputDTM.InputType.PARAMETER_VALUE == inputType || UserInputDTM.InputType.MULTIPART_VALUE == inputType || UserInputDTM.InputType.QUERYSTRING == inputType || UserInputDTM.InputType.BODY == inputType;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.n
    public C evaluateInput(UserInputDTM.InputType inputType, String str, String str2, String str3, int i2) {
        return this.b.a(inputType, str, str2, str3, i2);
    }

    @Override // com.contrastsecurity.agent.plugins.protect.h.a
    public void a(H h, String str, String[] strArr, l lVar) {
        String join = StringUtils.join(strArr, " ");
        List<ai> d = h != null ? h.d(ProtectRuleId.CMD_INJECTION) : Collections.emptyList();
        this.f.a();
        if (!this.e.c(ConfigProperty.PROTECT_CMDI_PHASES) || d.isEmpty()) {
            return;
        }
        for (ai aiVar : d) {
            for (int i2 = 0; i2 < strArr.length; i2++) {
                UserInputDTM b = aiVar.b(strArr[i2]);
                if (b != null) {
                    this.g.a();
                    a(aiVar, b, strArr, i2);
                    return;
                }
            }
            UserInputDTM b2 = aiVar.b(join);
            if (b2 != null) {
                this.g.a();
                a(aiVar, b2, new String[]{join}, 0);
                return;
            }
        }
    }

    private CmdInjectionInputTracingDTM a(String[] strArr, int i2, int i3, int i4) {
        int i5 = 0;
        int i6 = 0;
        StringBuilder sb = new StringBuilder();
        for (int i7 = 0; i7 < strArr.length; i7++) {
            if (i7 == i2) {
                int length = sb.length();
                i5 = length + i3;
                i6 = length + i4;
            }
            sb.append(strArr[i7]);
        }
        return new CmdInjectionInputTracingDTM(sb.toString(), i5, i6);
    }

    private void a(ai aiVar, UserInputDTM userInputDTM, String[] strArr, int i2) {
        aiVar.c(true);
        int indexOf = strArr[i2].indexOf(userInputDTM.getValue());
        a(userInputDTM, a(strArr, i2, indexOf, indexOf + userInputDTM.getValue().length()));
    }

    private void a(UserInputDTM userInputDTM, CmdInjectionDTM cmdInjectionDTM) {
        boolean canBlock = this.d.canBlock(this);
        this.c.a(getRuleId(), (ProtectRuleId) cmdInjectionDTM, userInputDTM, canBlock ? AttackResult.BLOCKED : AttackResult.EXPLOITED);
        if (canBlock) {
            throw new AttackBlockedException("Command injection detected: input tracing");
        }
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.j
    /* renamed from: e, reason: merged with bridge method [inline-methods] */
    public Set<String> b() {
        return k;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public int d() {
        return 99;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public boolean g() {
        return true;
    }
}
