fix: custom model

‘niuerzhuang’ · ‘niuerzhuang’ · commit 8874d32a986a · 2023-05-12T14:42:35.000+08:00
diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/SourceImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/SourceImpl.java
@@ -82,25 +82,9 @@ private static boolean trackTarget(MethodEvent event, SourceNode sourceNode) {
         }
 
         TaintPoolUtils.trackObject(event, sourceNode, event.returnInstance, 0);
-        // @TODO: hook json serializer for custom model
-        handlerCustomModel(event, sourceNode);
         return true;
     }
 
-    /**
-     * todo: 处理过程和结果需要细化
-     *
-     * @param event MethodEvent
-     */
-    public static void handlerCustomModel(MethodEvent event, SourceNode sourceNode) {
-        if (!"getSession".equals(event.getMethodName())) {
-            Set<Object> modelValues = TaintPoolUtils.parseCustomModel(event.returnInstance);
-            for (Object modelValue : modelValues) {
-                TaintPoolUtils.trackObject(event, sourceNode, modelValue, 0);
-            }
-        }
-    }
-
     private static boolean allowCall(MethodEvent event) {
         boolean allowed = true;
         if (METHOD_OF_GETATTRIBUTE.equals(event.getMethodName())) {
diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/TaintPoolUtils.java b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/TaintPoolUtils.java
@@ -146,38 +146,6 @@ public static boolean isAllowTaintType(Object obj) {
         return isAllowTaintType(obj.getClass());
     }
 
-    public static Set<Object> parseCustomModel(Object model) {
-        Set<Object> modelValues = new HashSet<Object>();
-        try {
-            if (!TaintPoolUtils.isAllowTaintGetterModel(model)) {
-                return modelValues;
-            }
-
-            // getter methods
-            Method[] methods = model.getClass().getMethods();
-            Object itemValue = null;
-            for (Method method : methods) {
-                if (!TaintPoolUtils.isAllowTaintGetterMethod(method)) {
-                    continue;
-                }
-
-                try {
-                    method.setAccessible(true);
-                    itemValue = method.invoke(model);
-                    if (!TaintPoolUtils.isNotEmpty(itemValue) || !TaintPoolUtils.isAllowTaintType(itemValue)) {
-                        continue;
-                    }
-                    modelValues.add(itemValue);
-                } catch (Throwable e) {
-                    DongTaiLog.error(ErrorCode.get("UTIL_TAINT_PARSE_CUSTOM_MODEL_FAILED"),
-                            model.getClass().getName(), method.getName(), e);
-                }
-            }
-        } catch (Throwable ignore) {
-        }
-        return modelValues;
-    }
-
     public static boolean isAllowTaintGetterModel(Object model) {
         if (!TaintPoolUtils.isNotEmpty(model)) {
             return false;
@@ -309,13 +277,6 @@ public static void trackObject(MethodEvent event, PolicyNode policyNode, Object
                 event.addTargetHash(hash);
                 EngineManager.TAINT_RANGES_POOL.add(hash, tr);
             } else {
-                if (!(obj instanceof String)) {
-                    Set<Object> modelValues = TaintPoolUtils.parseCustomModel(obj);
-                    for (Object modelValue : modelValues) {
-                        trackObject(event, policyNode, modelValue, depth + 1);
-                    }
-                }
-
                 hash = System.identityHashCode(obj);
                 if (EngineManager.TAINT_HASH_CODES.contains(hash)) {
                     event.addSourceHash(hash);
diff --git a/dongtai-core/src/main/resources/com.secnium.iast.resources/blacklist.txt b/dongtai-core/src/main/resources/com.secnium.iast.resources/blacklist.txt
@@ -3583,6 +3583,7 @@ com/bea/security/xacml/target/TargetEvaluatorRegistry
 com/bea/sslplus/CerticomSSLContext
 com/bea/staxb/buildtime/internal/bts/BaseBindingLoader
 com/bea/staxb/buildtime/internal/bts/BindingFile
+com/bea/staxb/buildtime/internal/bts.BindingFileInputStream
 com/bea/staxb/buildtime/internal/bts/BindingLoader
 com/bea/staxb/buildtime/internal/bts/BindingMappingFile
 com/bea/staxb/buildtime/internal/bts/BindingProperty
@@ -4649,7 +4650,7 @@ com/fasterxml/jackson/databind/DeserializationContext
 com/fasterxml/jackson/databind/DeserializationFeature
 com/fasterxml/jackson/databind/InjectableValues
 com/fasterxml/jackson/databind/JavaType
-com/fasterxml/jackson/databind/JsonDeserializer
+# com/fasterxml/jackson/databind/JsonDeserializer
 com/fasterxml/jackson/databind/JsonMappingException
 com/fasterxml/jackson/databind/JsonSerializable
 com/fasterxml/jackson/databind/JsonSerializable$Base
@@ -4734,61 +4735,61 @@ com/fasterxml/jackson/databind/deser/impl/PropertyBasedCreator$CaseInsensitiveMa
 com/fasterxml/jackson/databind/deser/impl/PropertyBasedObjectIdGenerator
 com/fasterxml/jackson/databind/deser/impl/SetterlessProperty
 com/fasterxml/jackson/databind/deser/impl/TypeWrappedDeserializer
-com/fasterxml/jackson/databind/deser/std/ArrayBlockingQueueDeserializer
-com/fasterxml/jackson/databind/deser/std/AtomicBooleanDeserializer
-com/fasterxml/jackson/databind/deser/std/AtomicReferenceDeserializer
-com/fasterxml/jackson/databind/deser/std/BaseNodeDeserializer
-com/fasterxml/jackson/databind/deser/std/BaseNodeDeserializer$1
-com/fasterxml/jackson/databind/deser/std/ByteBufferDeserializer
-com/fasterxml/jackson/databind/deser/std/CollectionDeserializer
-com/fasterxml/jackson/databind/deser/std/ContainerDeserializerBase
-com/fasterxml/jackson/databind/deser/std/EnumDeserializer
-com/fasterxml/jackson/databind/deser/std/EnumMapDeserializer
-com/fasterxml/jackson/databind/deser/std/EnumSetDeserializer
-com/fasterxml/jackson/databind/deser/std/FromStringDeserializer
-com/fasterxml/jackson/databind/deser/std/FromStringDeserializer$Std
-com/fasterxml/jackson/databind/deser/std/JavaTypeDeserializer
-com/fasterxml/jackson/databind/deser/std/JdkDeserializers
-com/fasterxml/jackson/databind/deser/std/JsonLocationInstantiator
-com/fasterxml/jackson/databind/deser/std/JsonNodeDeserializer
-com/fasterxml/jackson/databind/deser/std/JsonNodeDeserializer$1
-com/fasterxml/jackson/databind/deser/std/JsonNodeDeserializer$ArrayDeserializer
-com/fasterxml/jackson/databind/deser/std/JsonNodeDeserializer$ObjectDeserializer
-com/fasterxml/jackson/databind/deser/std/MapDeserializer
-com/fasterxml/jackson/databind/deser/std/MapEntryDeserializer
-com/fasterxml/jackson/databind/deser/std/NullifyingDeserializer
-com/fasterxml/jackson/databind/deser/std/ObjectArrayDeserializer
-com/fasterxml/jackson/databind/deser/std/StackTraceElementDeserializer
-com/fasterxml/jackson/databind/deser/std/StdDelegatingDeserializer
-com/fasterxml/jackson/databind/deser/std/StdDeserializer
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$BoolKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$ByteKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$CalendarKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$CharKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$DateKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$DelegatingKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$DoubleKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$EnumKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$FloatKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$IntKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$LocaleKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$LongKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$ShortKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$StringCtorKeyDeserializer
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$StringFactoryKeyDeserializer
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$StringKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$UuidKD
-com/fasterxml/jackson/databind/deser/std/StdKeyDeserializers
-com/fasterxml/jackson/databind/deser/std/StdScalarDeserializer
-com/fasterxml/jackson/databind/deser/std/StdValueInstantiator
-com/fasterxml/jackson/databind/deser/std/StringArrayDeserializer
-com/fasterxml/jackson/databind/deser/std/StringCollectionDeserializer
-com/fasterxml/jackson/databind/deser/std/StringDeserializer
-com/fasterxml/jackson/databind/deser/std/ThrowableDeserializer
-com/fasterxml/jackson/databind/deser/std/TokenBufferDeserializer
-com/fasterxml/jackson/databind/deser/std/UUIDDeserializer
-com/fasterxml/jackson/databind/deser/std/UntypedObjectDeserializer
+# com/fasterxml/jackson/databind/deser/std/ArrayBlockingQueueDeserializer
+# com/fasterxml/jackson/databind/deser/std/AtomicBooleanDeserializer
+# com/fasterxml/jackson/databind/deser/std/AtomicReferenceDeserializer
+# com/fasterxml/jackson/databind/deser/std/BaseNodeDeserializer
+# com/fasterxml/jackson/databind/deser/std/BaseNodeDeserializer$1
+# com/fasterxml/jackson/databind/deser/std/ByteBufferDeserializer
+# com/fasterxml/jackson/databind/deser/std/CollectionDeserializer
+# com/fasterxml/jackson/databind/deser/std/ContainerDeserializerBase
+# com/fasterxml/jackson/databind/deser/std/EnumDeserializer
+# com/fasterxml/jackson/databind/deser/std/EnumMapDeserializer
+# com/fasterxml/jackson/databind/deser/std/EnumSetDeserializer
+# com/fasterxml/jackson/databind/deser/std/FromStringDeserializer
+# com/fasterxml/jackson/databind/deser/std/FromStringDeserializer$Std
+# com/fasterxml/jackson/databind/deser/std/JavaTypeDeserializer
+# com/fasterxml/jackson/databind/deser/std/JdkDeserializers
+# com/fasterxml/jackson/databind/deser/std/JsonLocationInstantiator
+# com/fasterxml/jackson/databind/deser/std/JsonNodeDeserializer
+# com/fasterxml/jackson/databind/deser/std/JsonNodeDeserializer$1
+# com/fasterxml/jackson/databind/deser/std/JsonNodeDeserializer$ArrayDeserializer
+# com/fasterxml/jackson/databind/deser/std/JsonNodeDeserializer$ObjectDeserializer
+# com/fasterxml/jackson/databind/deser/std/MapDeserializer
+# com/fasterxml/jackson/databind/deser/std/MapEntryDeserializer
+# com/fasterxml/jackson/databind/deser/std/NullifyingDeserializer
+# com/fasterxml/jackson/databind/deser/std/ObjectArrayDeserializer
+# com/fasterxml/jackson/databind/deser/std/StackTraceElementDeserializer
+# com/fasterxml/jackson/databind/deser/std/StdDelegatingDeserializer
+# com/fasterxml/jackson/databind/deser/std/StdDeserializer
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$BoolKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$ByteKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$CalendarKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$CharKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$DateKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$DelegatingKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$DoubleKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$EnumKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$FloatKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$IntKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$LocaleKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$LongKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$ShortKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$StringCtorKeyDeserializer
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$StringFactoryKeyDeserializer
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$StringKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializer$UuidKD
+# com/fasterxml/jackson/databind/deser/std/StdKeyDeserializers
+# com/fasterxml/jackson/databind/deser/std/StdScalarDeserializer
+# com/fasterxml/jackson/databind/deser/std/StdValueInstantiator
+# com/fasterxml/jackson/databind/deser/std/StringArrayDeserializer
+# com/fasterxml/jackson/databind/deser/std/StringCollectionDeserializer
+# com/fasterxml/jackson/databind/deser/std/StringDeserializer
+# com/fasterxml/jackson/databind/deser/std/ThrowableDeserializer
+# com/fasterxml/jackson/databind/deser/std/TokenBufferDeserializer
+# com/fasterxml/jackson/databind/deser/std/UUIDDeserializer
+# com/fasterxml/jackson/databind/deser/std/UntypedObjectDeserializer
 com/fasterxml/jackson/databind/exc/IgnoredPropertyException
 com/fasterxml/jackson/databind/exc/InvalidFormatException
 com/fasterxml/jackson/databind/exc/PropertyBindingException
@@ -23724,7 +23725,7 @@ java/io/OutputStream
 java/io/OutputStreamWriter
 java/io/PipedOutputStream
 java/io/PrintStream
-java/io/PushbackInputStream
+# java/io/PushbackInputStream
 java/io/PushbackReader
 java/io/RandomAccessFile
 java/io/RandomAccessFile$1
@@ -24894,6 +24895,7 @@ java/util/StringTokenizer
 # java/util/stream/IntStream
 # java/util/stream/Stream
 java/util/zip/*
+java/util/zip/CheckedInputStream
 javassist/ByteArrayClassPath
 javassist/CannotCompileException
 javassist/ClassClassPath
@@ -27852,6 +27854,7 @@ javelin/jsp/JspTagLibraryFeature$1
 javelin/jsp/JspTagLibraryFeature$2
 javelin/jsp/JspTagLibraryFeature$TagLibraryContext
 javelin/jsp/JspTagLibraryFeature$TldChangeListener
+javelin.jsp.JspTagLibraryFeature$UncloseableInputStream
 javelin/jsp/JspTagLibraryFeature$WebXmlChangeListener
 javelin/jsp/JspTagLibraryParser
 javelin/jsp/JspTagLibraryParser$JSPEntityResolver
@@ -38053,6 +38056,7 @@ org/apache/xerces/impl/XMLEntityManager$EncodingInfo
 org/apache/xerces/impl/XMLEntityManager$Entity
 org/apache/xerces/impl/XMLEntityManager$ExternalEntity
 org/apache/xerces/impl/XMLEntityManager$InternalEntity
+org/apache/xerces/impl/XMLEntityManager$RewindableInputStream
 org/apache/xerces/impl/XMLEntityManager$ScannedEntity
 org/apache/xerces/impl/XMLEntityScanner
 org/apache/xerces/impl/XMLEntityScanner$1
@@ -59960,7 +59964,7 @@ org/springframework/util/SerializationUtils
 org/springframework/util/StopWatch
 org/springframework/util/StopWatch$TaskInfo
 org/springframework/util/StreamUtils$NonClosingOutputStream
-org/springframework/util/StringUtils
+# org/springframework/util/StringUtils
 org/springframework/util/StringValueResolver
 org/springframework/util/SystemPropertyUtils
 org/springframework/util/SystemPropertyUtils$SystemPropertyPlaceholderResolver
@@ -64568,6 +64572,7 @@ weblogic/common/internal/VersionInfoFactory$PEER_INFO_FOR_WIRE_SINGLETON
 weblogic/common/internal/VersionInfoFactory$PEER_INFO_SINGLETON
 weblogic/common/internal/VersionInfoFactory$VERSION_INFO_SINGLETON
 weblogic/common/internal/VersioningError
+weblogic/common/internal/WLObjectInputStream
 weblogic/common/internal/WLObjectOutputStream
 weblogic/common/resourcepool/IPooledResourceLinkedList
 weblogic/common/resourcepool/ObjectLifeCycle
@@ -65955,6 +65960,7 @@ weblogic/iiop/EndPointFactory
 weblogic/iiop/IDLUtils
 weblogic/iiop/IIOPClient
 weblogic/iiop/IIOPClientService
+weblogic/iiop/IIOPInputStream
 weblogic/iiop/IIOPLogger
 weblogic/iiop/IIOPLogger$MessageLoggerInitializer
 weblogic/iiop/IIOPOutputStream
@@ -70018,6 +70024,7 @@ weblogic/net/http/HttpsClient
 weblogic/net/http/HttpsURLConnection
 weblogic/net/http/KeepAliveCache
 weblogic/net/http/KeepAliveKey
+weblogic/net/http/KeepAliveStream
 weblogic/net/http/MessageHeader
 weblogic/net/http/NETEnvironment
 weblogic/net/http/SOAPHttpURLConnection
@@ -72305,6 +72312,7 @@ weblogic/utils/enumerations/LIFO_FileContainer
 weblogic/utils/expressions/ExpressionEvaluationException
 weblogic/utils/expressions/ExpressionMap
 weblogic/utils/http/BytesToString
+weblogic/utils/http/HttpChunkInputStream
 weblogic/utils/http/HttpChunkOutputStream
 weblogic/utils/http/HttpConstants
 weblogic/utils/http/HttpParsing
@@ -72318,13 +72326,15 @@ weblogic/utils/http/MaxRequestParameterExceedException
 weblogic/utils/io/ByteBufferDataInputStream
 weblogic/utils/io/ByteBufferDataOutputStream
 weblogic/utils/io/ByteBufferObjectInputStream
+weblogic/utils/io/ByteBufferObjectInputStream$ContextObjectInputStream
 weblogic/utils/io/ByteBufferObjectOutputStream
 weblogic/utils/io/ByteBufferOutputStream
 weblogic/utils/io/Chunk
 weblogic/utils/io/ChunkInput
 weblogic/utils/io/ChunkInputStreamAccess
 weblogic/utils/io/ChunkOutput
 weblogic/utils/io/ChunkedDataOutputStream
+weblogic/utils/io/ChunkedInputStream
 weblogic/utils/io/ChunkedObjectOutputStream
 weblogic/utils/io/ChunkedObjectOutputStream$NestedObjectOutputStream
 weblogic/utils/io/ChunkedOutputStream
@@ -73559,6 +73569,7 @@ weblogic/xml/stream/events/SpaceEvent
 weblogic/xml/stream/events/StartDocumentEvent
 weblogic/xml/stream/events/StartElementEvent
 weblogic/xml/stream/util/RecyclingFactory
+weblogic/xml/util/CachedInputStream
 weblogic/xml/util/Debug
 weblogic/xml/util/Debug$DebugFacility
 weblogic/xml/util/Debug$DebugFacility$DebugListener
@@ -73628,6 +73639,7 @@ workshop/util/encoding/EncodingManager$EncodingProxy
 workshop/util/encoding/EncodingReader
 workshop/util/encoding/impl/PropertiesEncoding
 workshop/util/encoding/impl/TextEncoding
+workshop/util/filesystem/util/InputStreamWrapper
 com/alibaba/druid/filter/logging/Log4jFilter
 # disable alibaba sandbox's class dongtai-001
 com/alibaba/jvm/sandbox/*
