fix: policy match.

Author: ‘niuerzhuang’

dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/ClassContext.java

@@ -12,6 +12,7 @@ public class ClassContext {
     private String className;
     private String matchedClassName;
     private Set<String> ancestors;
+    private Set<String> matchedClassSet;
     private String superClassName;
     private String[] interfaces;
     private int modifier;
@@ -98,4 +99,12 @@ public boolean isBootstrapClassLoader() {
     public void setBootstrapClassLoader(boolean isBootstrapClassLoader) {
         this.isBootstrapClassLoader = isBootstrapClassLoader;
     }
+
+    public Set<String> getMatchedClassSet() {
+        return matchedClassSet;
+    }
+
+    public void setMatchedClassSet(Set<String> matchedClassSet) {
+        this.matchedClassSet = matchedClassSet;
+    }
 }

dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/core/DispatchClassPlugin.java

@@ -29,13 +29,13 @@ public DispatchClassPlugin() {
     public ClassVisitor dispatch(ClassVisitor classVisitor, ClassContext classContext, Policy policy) {
         ancestors = classContext.getAncestors();
         className = classContext.getClassName();
-        String matchedClassName = policy.getMatchedClass(className, ancestors);
+        Set<String> matchedClassNameSet = policy.getMatchedClass(classContext,className, ancestors);
 
-        if (null == matchedClassName) {
+        if (0 == matchedClassNameSet.size()) {
             return classVisitor;
         }
 
-        classContext.setMatchedClassName(matchedClassName);
+        classContext.setMatchedClassSet(matchedClassNameSet);
         return new ClassVisit(classVisitor, classContext, policy);
     }
 
@@ -89,17 +89,22 @@ public MethodVisitor visitMethod(final int access, final String name, final Stri
             methodContext.setDescriptor(descriptor);
             methodContext.setParameters(AsmUtils.buildParameterTypes(descriptor));
 
-            String matchedSignature = AsmUtils.buildSignature(context.getMatchedClassName(), name, descriptor);
-
-            mv = lazyAop(mv, access, name, descriptor, matchedSignature, methodContext);
-            boolean methodIsTransformed = mv instanceof MethodAdviceAdapter;
+            String matchedSignature;
+            boolean methodIsTransformed = false;
+            for (String matchedName : context.getMatchedClassSet()) {
+                context.setMatchedClassName(matchedName);
+                matchedSignature = AsmUtils.buildSignature(matchedName, name, descriptor);
+                mv = lazyAop(mv, access, name, descriptor, matchedSignature, methodContext);
+                methodIsTransformed = mv instanceof MethodAdviceAdapter;
+                if (methodIsTransformed) break;
 
+            }
             if (methodIsTransformed && this.classVersion <= Opcodes.V1_6) {
                 mv = new JSRInlinerAdapter(mv, access, name, descriptor, signature, exceptions);
             }
 
             if (methodIsTransformed) {
-                DongTaiLog.trace("rewrite method {} for listener[class={}]", matchedSignature, context.getClassName());
+                DongTaiLog.trace("rewrite method {} for listener[class={}]", context.getMatchedClassName(), context.getClassName());
             }
 
             return mv;

dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/models/policy/Policy.java

@@ -1,5 +1,7 @@
 package io.dongtai.iast.core.handler.hookpoint.models.policy;
 
+import io.dongtai.iast.core.bytecode.enhance.ClassContext;
+
 import java.util.*;
 
 public class Policy {
@@ -73,16 +75,19 @@ public void addHooks(String className, Inheritable inheritable) {
         }
     }
 
-    public String getMatchedClass(String className, Set<String> ancestors) {
+    public Set<String> getMatchedClass(ClassContext classContext, String className, Set<String> ancestors) {
+        Set<String> matchedClassSet = new HashSet<>();
         if (this.classHooks.contains(className)) {
-            return className;
+            classContext.setMatchedClassName(className);
+            matchedClassSet.add(className);
+            return matchedClassSet;
         }
         for (String ancestor : ancestors) {
             if (this.ancestorClassHooks.contains(ancestor)) {
-                return ancestor;
+                matchedClassSet.add(ancestor);
             }
         }
-        return null;
+        return matchedClassSet;
     }
 
     public boolean isMatchClass(String className) {

dongtai-core/src/main/resources/com.secnium.iast.resources/blacklist.txt

@@ -63385,17 +63385,17 @@ sun/nio/cs/ext/TIS_620
 sun/nio/fs/AbstractBasicFileAttributeView
 sun/nio/fs/AbstractFileSystemProvider
 sun/nio/fs/AbstractPath
-sun/nio/fs/BsdFileSystem
-sun/nio/fs/BsdFileSystemProvider
+#sun/nio/fs/BsdFileSystem
+#sun/nio/fs/BsdFileSystemProvider
 sun/nio/fs/BsdNativeDispatcher
-sun/nio/fs/DefaultFileSystemProvider
-sun/nio/fs/DefaultFileSystemProvider$1
+#sun/nio/fs/DefaultFileSystemProvider
+#sun/nio/fs/DefaultFileSystemProvider$1
 sun/nio/fs/DynamicFileAttributeView
-sun/nio/fs/LinuxFileSystem
+#sun/nio/fs/LinuxFileSystem
 sun/nio/fs/LinuxFileSystem$SupportedFileFileAttributeViewsHolder
-sun/nio/fs/LinuxFileSystemProvider
-sun/nio/fs/MacOSXFileSystem
-sun/nio/fs/MacOSXFileSystemProvider
+#sun/nio/fs/LinuxFileSystemProvider
+#sun/nio/fs/MacOSXFileSystem
+#sun/nio/fs/MacOSXFileSystemProvider
 sun/nio/fs/MacOSXNativeDispatcher
 sun/nio/fs/NativeBuffer
 sun/nio/fs/NativeBuffer$Deallocator
@@ -63414,7 +63414,7 @@ sun/nio/fs/UnixFileModeAttribute
 sun/nio/fs/UnixFileModeAttribute$1
 sun/nio/fs/UnixFileStoreAttributes
 #sun/nio/fs/UnixFileSystem
-sun/nio/fs/UnixFileSystemProvider
+#sun/nio/fs/UnixFileSystemProvider
 sun/nio/fs/UnixMountEntry
 sun/nio/fs/UnixNativeDispatcher
 sun/nio/fs/UnixNativeDispatcher$1