Skip to content

Commit 1713cf4

Browse files
author
‘niuerzhuang’
committed
fix: custom model property.
1 parent 3b805ed commit 1713cf4

File tree

1 file changed

+21
-17
lines changed

1 file changed

+21
-17
lines changed

dongtai-core/src/main/java/io/dongtai/iast/core/utils/TaintPoolUtils.java

Lines changed: 21 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -195,23 +195,7 @@ public static void trackObject(MethodEvent event, PolicyNode policyNode, Object
195195
EngineManager.TAINT_HASH_CODES.add(hash);
196196
event.addTargetHash(hash);
197197
EngineManager.TAINT_RANGES_POOL.add(hash, tr);
198-
if (isMicroservice && !(obj instanceof String) && !PropertyUtils.isDisabledCustomModel()) {
199-
try {
200-
Field[] declaredFields = ReflectUtils.getDeclaredFieldsSecurity(cls);
201-
for (Field field : declaredFields) {
202-
if (!Modifier.isStatic(field.getModifiers())) {
203-
trackObject(event, policyNode, field.get(obj), depth + 1, isMicroservice);
204-
}
205-
}
206-
hash = System.identityHashCode(obj);
207-
if (EngineManager.TAINT_HASH_CODES.contains(hash)) {
208-
event.addSourceHash(hash);
209-
}
210-
} catch (Throwable e) {
211-
DongTaiLog.debug("solve model failed: {}, {}",
212-
e.getMessage(), e.getCause() != null ? e.getCause().getMessage() : "");
213-
}
214-
}
198+
TaintPoolUtils.customModel(isMicroservice,obj,cls,event,policyNode,depth);
215199
} else {
216200
hash = getStringHash(obj);
217201
if (EngineManager.TAINT_HASH_CODES.contains(hash)) {
@@ -221,6 +205,26 @@ public static void trackObject(MethodEvent event, PolicyNode policyNode, Object
221205
}
222206
}
223207

208+
private static void customModel(Boolean isMicroservice, Object obj, Class<?> cls, MethodEvent event,PolicyNode policyNode,int depth) {
209+
if (isMicroservice && !(obj instanceof String) && !PropertyUtils.isDisabledCustomModel()) {
210+
try {
211+
Field[] declaredFields = ReflectUtils.getDeclaredFieldsSecurity(cls);
212+
for (Field field : declaredFields) {
213+
if (!Modifier.isStatic(field.getModifiers())) {
214+
trackObject(event, policyNode, field.get(obj), depth + 1, isMicroservice);
215+
}
216+
}
217+
long hash = System.identityHashCode(obj);
218+
if (EngineManager.TAINT_HASH_CODES.contains(hash)) {
219+
event.addSourceHash(hash);
220+
}
221+
} catch (Throwable e) {
222+
DongTaiLog.debug("solve model failed: {}, {}",
223+
e.getMessage(), e.getCause() != null ? e.getCause().getMessage() : "");
224+
}
225+
}
226+
}
227+
224228
private static void trackArray(MethodEvent event, PolicyNode policyNode, Object arr, int depth, Boolean isMicroservice) {
225229
int length = Array.getLength(arr);
226230
for (int i = 0; i < length; i++) {

0 commit comments

Comments
 (0)