Move taint methods from WebModule to PropagationModule (first batch) (#5527)

* Replace WebModule#onParameterValue with PropagationModule#taint
* Replace WebModule#onPathParameterValue with PropagationModule#taint
* Replace WebModule#onHeaderValue with PropagationModule#taint
* Replace WebModule#onCookieValue with PropagationModule#taint
* Replace WebModule#onQueryString with PropagationModule#taint
* Replace WebModule#onRequest*Parameter with PropagationModule#taint
* Replace WebModule#onInjectedParameter with PropagationModule#taint
* Remove unused WebModuleImpl#onNamed method

Author: smola

dd-java-agent/agent-iast/src/main/java/com/datadog/iast/propagation/PropagationModuleImpl.java

@@ -2,6 +2,7 @@
 
 import static com.datadog.iast.taint.Tainteds.canBeTainted;
 
+import com.datadog.iast.IastRequestContext;
 import com.datadog.iast.model.Range;
 import com.datadog.iast.model.Source;
 import com.datadog.iast.taint.TaintedObject;
@@ -132,6 +133,33 @@ public void taintIfAnyInputIsTainted(
     }
   }
 
+  @Override
+  public void taint(final byte source, @Nullable final String name, @Nullable final String value) {
+    if (!canBeTainted(value)) {
+      return;
+    }
+    final IastRequestContext ctx = IastRequestContext.get();
+    if (ctx == null) {
+      return;
+    }
+    final TaintedObjects taintedObjects = ctx.getTaintedObjects();
+    taintedObjects.taintInputString(value, new Source(source, name, value));
+  }
+
+  @Override
+  public void taint(
+      @Nullable final Object ctx_,
+      final byte source,
+      @Nullable final String name,
+      @Nullable final String value) {
+    if (ctx_ == null || !canBeTainted(value)) {
+      return;
+    }
+    final IastRequestContext ctx = (IastRequestContext) ctx_;
+    final TaintedObjects taintedObjects = ctx.getTaintedObjects();
+    taintedObjects.taintInputString(value, new Source(source, name, value));
+  }
+
   @Override
   public void taint(final byte origin, @Nullable final Object... toTaintArray) {
     if (toTaintArray == null || toTaintArray.length == 0) {
@@ -171,7 +199,7 @@ public void taint(final byte origin, @Nullable final Collection<Object> toTaintC
 
   @Override
   public void taint(
-      @Nullable Taintable t, byte origin, @Nullable String name, @Nullable String value) {
+      byte origin, @Nullable String name, @Nullable String value, @Nullable Taintable t) {
     if (t == null) {
       return;
     }

dd-java-agent/agent-iast/src/main/java/com/datadog/iast/source/WebModuleImpl.java

@@ -10,7 +10,6 @@
 import java.util.Collection;
 import java.util.Iterator;
 import java.util.Map;
-import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 
 public class WebModuleImpl implements WebModule {
@@ -20,18 +19,6 @@ public void onParameterNames(@Nullable final Collection<String> paramNames) {
     onNamed(paramNames, SourceTypes.REQUEST_PARAMETER_NAME);
   }
 
-  @Override
-  public void onParameterValue(
-      @Nullable final String paramName, @Nullable final String paramValue) {
-    onNamed(paramName, paramValue, SourceTypes.REQUEST_PARAMETER_VALUE);
-  }
-
-  @Override
-  public void onPathParameterValue(
-      @Nullable final String paramName, @Nullable final String paramValue) {
-    onNamed(paramName, paramValue, SourceTypes.REQUEST_PATH_PARAMETER);
-  }
-
   @Override
   public void onParameterValues(
       @Nullable final String paramName, @Nullable final String[] paramValues) {
@@ -54,11 +41,6 @@ public void onHeaderNames(@Nullable final Collection<String> headerNames) {
     onNamed(headerNames, SourceTypes.REQUEST_HEADER_NAME);
   }
 
-  @Override
-  public void onHeaderValue(@Nullable final String headerName, @Nullable final String headerValue) {
-    onNamed(headerName, headerValue, SourceTypes.REQUEST_HEADER_VALUE);
-  }
-
   @Override
   public void onHeaderValues(
       @Nullable final String headerName, @Nullable final Collection<String> headerValues) {
@@ -70,38 +52,6 @@ public void onCookieNames(@Nullable Iterable<String> cookieNames) {
     onNamed(cookieNames, SourceTypes.REQUEST_COOKIE_NAME);
   }
 
-  @Override
-  public void onCookieValue(@Nullable final String cookieName, @Nullable final String cookieValue) {
-    onNamed(cookieName, cookieValue, SourceTypes.REQUEST_COOKIE_VALUE);
-  }
-
-  @Override
-  public void onQueryString(@Nullable final String queryString) {
-    if (!canBeTainted(queryString)) {
-      return;
-    }
-    final IastRequestContext ctx = IastRequestContext.get();
-    if (ctx == null) {
-      return;
-    }
-    final TaintedObjects taintedObjects = ctx.getTaintedObjects();
-    taintedObjects.taintInputString(
-        queryString, new Source(SourceTypes.REQUEST_QUERY, null, queryString));
-  }
-
-  private static void onNamed(
-      @Nullable final String name, @Nullable final String value, final byte source) {
-    if (!canBeTainted(value)) {
-      return;
-    }
-    final IastRequestContext ctx = IastRequestContext.get();
-    if (ctx == null) {
-      return;
-    }
-    final TaintedObjects taintedObjects = ctx.getTaintedObjects();
-    taintedObjects.taintInputString(value, new Source(source, name, value));
-  }
-
   private static void onNamed(@Nullable final Iterable<String> names, final byte source) {
     if (names == null) {
       return;
@@ -186,34 +136,4 @@ private static void onNamed(@Nullable final Map<String, String[]> values, final
       }
     }
   }
-
-  @Override
-  public void onRequestPathParameter(
-      @Nullable String paramName, @Nullable String value, @Nonnull Object ctx_) {
-    if (ctx_ == null || !canBeTainted(value)) {
-      return;
-    }
-    final IastRequestContext ctx = (IastRequestContext) ctx_;
-    final TaintedObjects taintedObjects = ctx.getTaintedObjects();
-    taintedObjects.taintInputString(
-        value, new Source(SourceTypes.REQUEST_PATH_PARAMETER, paramName, value));
-  }
-
-  @Override
-  public void onRequestMatrixParameter(
-      @Nonnull String paramName, @Nullable String value, @Nonnull Object ctx_) {
-    if (ctx_ == null || paramName == null || !canBeTainted(value)) {
-      return;
-    }
-    final IastRequestContext ctx = (IastRequestContext) ctx_;
-    final TaintedObjects taintedObjects = ctx.getTaintedObjects();
-    taintedObjects.taintInputString(
-        value, new Source(SourceTypes.REQUEST_MATRIX_PARAMETER, paramName, value));
-  }
-
-  @Override
-  public void onInjectedParameter(
-      @Nullable String name, @Nullable String value, @Nonnull byte sourceType) {
-    onNamed(name, value, sourceType);
-  }
 }

dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/propagation/PropagationModuleTest.groovy

@@ -70,6 +70,9 @@ class PropagationModuleTest extends IastModuleImplTestBase {
     'taintIfAnyInputIsTainted' | [null, null]
     'taintIfAnyInputIsTainted' | [null, [].toArray()]
     'taintIfAnyInputIsTainted' | ['test', [].toArray()]
+    'taint'                    | [SourceTypes.REQUEST_PARAMETER_VALUE, 'name', null as String]
+    'taint'                    | [SourceTypes.REQUEST_PARAMETER_VALUE, null as String, null as String]
+    'taint'                    | [SourceTypes.REQUEST_PARAMETER_VALUE, 'name', '']
     'taint'                    | [SourceTypes.REQUEST_PARAMETER_VALUE, null as Object[]]
     'taint'                    | [SourceTypes.REQUEST_PARAMETER_VALUE, [] as Object[]]
     'taint'                    | [SourceTypes.REQUEST_PARAMETER_VALUE, null as Collection]
@@ -93,11 +96,12 @@ class PropagationModuleTest extends IastModuleImplTestBase {
     'taintIfInputIsTainted'    | [SourceTypes.REQUEST_PARAMETER_VALUE, ['value'].toSet(), new Object()]
     'taintIfInputIsTainted'    | [SourceTypes.REQUEST_PARAMETER_VALUE, [key: 'value'].entrySet().toList(), new Object()]
     'taintIfAnyInputIsTainted' | ['value', ['test', 'test2'].toArray()]
+    'taint'                    | [SourceTypes.REQUEST_PARAMETER_VALUE, 'name', 'value']
     'taint'                    | [SourceTypes.REQUEST_PARAMETER_VALUE, [new Object()] as Object[]]
     'taint'                    | [SourceTypes.REQUEST_PARAMETER_VALUE, [new Object()]]
   }
 
-  void 'test #method'() {
+  void 'test propagation for #method'() {
     given:
     final toTaint = toTaintClosure.call(args)
     final targetMethod = module.&"$method"
@@ -145,6 +149,63 @@ class PropagationModuleTest extends IastModuleImplTestBase {
     'taintIfAnyInputIsTainted' | ['Hello', [new MockTaintable()].toArray()]                                                      | { it[0] }          | { it[1][0] }
   }
 
+  void 'test value source for #method'() {
+    given:
+    final span = Mock(AgentSpan)
+    tracer.activeSpan() >> span
+    final reqCtx = Mock(RequestContext)
+    span.getRequestContext() >> reqCtx
+    final ctx = new IastRequestContext()
+    reqCtx.getData(RequestContextSlot.IAST) >> ctx
+
+    when:
+    module."$method"(source, name, value)
+
+    then:
+    1 * tracer.activeSpan() >> span
+    1 * span.getRequestContext() >> reqCtx
+    1 * reqCtx.getData(RequestContextSlot.IAST) >> ctx
+    0 * _
+    ctx.getTaintedObjects().get(name) == null
+    def to = ctx.getTaintedObjects().get(value)
+    to != null
+    to.get() == value
+    to.ranges.size() == 1
+    to.ranges[0].start == 0
+    to.ranges[0].length == value.length()
+    to.ranges[0].source == new Source(source, name, value)
+
+    where:
+    method  | name   | value   | source
+    'taint' | null   | 'value' | SourceTypes.REQUEST_PARAMETER_VALUE
+    'taint' | 'name' | 'value' | SourceTypes.REQUEST_PARAMETER_VALUE
+  }
+
+  void 'taint with context for #method'() {
+    setup:
+    def ctx = new IastRequestContext()
+
+    when:
+    module."$method"(ctx as Object, source, name, value)
+
+    then:
+    ctx.getTaintedObjects().get(name) == null
+    def to = ctx.getTaintedObjects().get(value)
+    to != null
+    to.get() == value
+    to.ranges.size() == 1
+    to.ranges[0].start == 0
+    to.ranges[0].length == value.length()
+    to.ranges[0].source == new Source(source, name, value)
+    0 * _
+
+    where:
+    method  | name    | value   | source
+    'taint' | null    | "value" | SourceTypes.REQUEST_PATH_PARAMETER
+    'taint' | ""      | "value" | SourceTypes.REQUEST_PATH_PARAMETER
+    'taint' | "param" | "value" | SourceTypes.REQUEST_PATH_PARAMETER
+  }
+
   void 'test taint'() {
     given:
     final method = module.&taint