From 4ce19635cba7559d599a02f14cb4d98c37c2e9f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=98niuerzhuang=E2=80=99?= <‘niuerzhuang@huoxian.cn’> Date: Sun, 15 May 2022 00:05:47 +0800 Subject: [PATCH] fix bug --- .../main/java/io/dongtai/iast/agent/Agent.java | 4 ++-- .../io/dongtai/iast/agent/IastProperties.java | 2 +- .../iast/agent/util/base64/Base64Decoder.java | 2 +- .../iast/agent/util/http/HttpClientUtils.java | 1 + .../src/main/resources/bin/fluent.conf | 1 + .../api/servlet2/ServletRequestWrapper.java | 2 +- .../io/dongtai/iast/core/EngineManager.java | 2 +- .../enhance/plugin/fallback/FallbackSwitch.java | 7 +++++++ .../fallback/breaker/HeavyTrafficBreaker.java | 2 +- .../fallback/report/PerformanceLimitReport.java | 4 ++-- .../fallback/report/SecondFallbackReport.java | 2 +- .../plugin/spring/SpringApplicationImpl.java | 2 +- .../handler/hookpoint/SpyDispatcherImpl.java | 4 ++++ .../hookpoint/controller/impl/HttpImpl.java | 6 ++---- .../handler/hookpoint/graphy/GraphBuilder.java | 17 +++++++++++++++-- .../normal/CookieFlagsMissingVulScan.java | 2 +- .../iast/core/replay/HttpRequestReplay.java | 4 ++-- .../io/dongtai/iast/core/utils/ConfigUtils.java | 2 +- .../io/dongtai/iast/core/utils/Constants.java | 2 +- .../iast/core/utils/HttpClientUtils.java | 2 +- .../dongtai/iast/core/utils/PropertyUtils.java | 4 +--- .../iast/core/utils/base64/Base64Decoder.java | 2 +- .../iast/core/utils/matcher/ConfigMatcher.java | 7 ++++++- .../com.secnium.iast.resources/blackurl.txt | 4 +++- .../main/java/io/dongtai/log/DongTaiLog.java | 16 ++++++++++++++++ 25 files changed, 74 insertions(+), 29 deletions(-) diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/Agent.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/Agent.java index d58f01638..c85208b1f 100644 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/Agent.java +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/Agent.java @@ -107,9 +107,9 @@ private static void doAttach(String pid, String agentArgs) { DongTaiLog.error("attach failure, please try again with command: {}", Arrays.toString(execution)); } } catch (IOException e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.agent.Agent.doAttach(java.lang.String,java.lang.String)",e); } catch (InterruptedException e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.agent.Agent.doAttach(java.lang.String,java.lang.String)",e); } } diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/IastProperties.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/IastProperties.java index ea8117209..0389da105 100644 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/IastProperties.java +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/IastProperties.java @@ -47,7 +47,7 @@ private IastProperties() { try { init(); } catch (ClassNotFoundException e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.agent.IastProperties.()",e); } } diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/base64/Base64Decoder.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/base64/Base64Decoder.java index 8e1afb05e..b24e64597 100644 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/base64/Base64Decoder.java +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/base64/Base64Decoder.java @@ -26,7 +26,7 @@ public static byte[] decodeBase64FromString(String data) { try { return instance.decodeBuffer(data); } catch (IOException e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.agent.util.base64.Base64Decoder.decodeBase64FromString(java.lang.String)",e); } return null; } diff --git a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientUtils.java b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientUtils.java index 60d8ebb3b..dd97b7ea9 100644 --- a/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientUtils.java +++ b/dongtai-agent/src/main/java/io/dongtai/iast/agent/util/http/HttpClientUtils.java @@ -114,6 +114,7 @@ private static StringBuilder sendRequest(HttpMethods method, String baseUrl, Str response.append('\r'); } rd.close(); + DongTaiLog.debug("dongtai upload url is {}, request is {} ,response is {}", urlStr, data, response.toString()); return response; } catch (Exception e){ DongTaiLog.error(e); diff --git a/dongtai-agent/src/main/resources/bin/fluent.conf b/dongtai-agent/src/main/resources/bin/fluent.conf index 48380b9d5..ad350c664 100644 --- a/dongtai-agent/src/main/resources/bin/fluent.conf +++ b/dongtai-agent/src/main/resources/bin/fluent.conf @@ -11,6 +11,7 @@ Tag Dongtai-${HOSTNAME_AGENT_ID}.log Buffer_Chunk_Size 320KB Buffer_Max_Size 520KB + Read_from_Head true [FILTER] Name record_modifier Match * diff --git a/dongtai-api/src/main/java/io/dongtai/api/servlet2/ServletRequestWrapper.java b/dongtai-api/src/main/java/io/dongtai/api/servlet2/ServletRequestWrapper.java index 3b7e0c4ff..30fdc2c4d 100644 --- a/dongtai-api/src/main/java/io/dongtai/api/servlet2/ServletRequestWrapper.java +++ b/dongtai-api/src/main/java/io/dongtai/api/servlet2/ServletRequestWrapper.java @@ -55,7 +55,7 @@ public ServletInputStream getInputStream() throws IOException { bufferedReader.close(); } catch (IOException e) { // fixme: add logger for solve exception - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.api.servlet2.ServletRequestWrapper.getInputStream()",e); } body = stringBuilder.toString(); isCachedBody = true; diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/EngineManager.java b/dongtai-core/src/main/java/io/dongtai/iast/core/EngineManager.java index 4142f2b9c..34f218672 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/EngineManager.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/EngineManager.java @@ -87,7 +87,7 @@ public static void openHookPointFallback(String className, String method, String final double limitRate = EngineManager.getFallbackManager().getHookRateLimiter().getRate(); DongTaiLog.debug("HookPoint rate limit! hookType: " + hookType + ", method:" + className + "." + method + ", sign:" + methodSign + " ,rate:" + limitRate); - HookPointRateLimitReport.sendReport(className, method, methodSign, hookType, limitRate); +// HookPointRateLimitReport.sendReport(className, method, methodSign, hookType, limitRate); FallbackSwitch.setHeavyHookFallback(true); } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/FallbackSwitch.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/FallbackSwitch.java index 378813010..d20ac4888 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/FallbackSwitch.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/FallbackSwitch.java @@ -46,6 +46,13 @@ private FallbackSwitch() { @Setter private static boolean PERFORMANCE_FALLBACK = false; + /** + * URL 限流开关 + */ + @Getter + @Setter + public static boolean URL_FALLBACK = false; + // ************************************************************* // 二次降级配置 // ************************************************************* diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/breaker/HeavyTrafficBreaker.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/breaker/HeavyTrafficBreaker.java index 066267023..3b4a34819 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/breaker/HeavyTrafficBreaker.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/breaker/HeavyTrafficBreaker.java @@ -67,7 +67,7 @@ protected void initBreaker(Properties cfg) { CircuitBreaker.State state = event.getStateTransition().getToState(); if (state == CircuitBreaker.State.OPEN) { FallbackSwitch.setHeavyTrafficLimitFallback(true); - HeavyTrafficRateLimitReport.sendReport(trafficLimitRate); +// HeavyTrafficRateLimitReport.sendReport(trafficLimitRate); } // 因为本断路器的样本来自流量,打开后无法获取新样本,故需要在 HALF_OPEN 状态直接转到 CLOSE 状态 if (state == CircuitBreaker.State.HALF_OPEN) { diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/report/PerformanceLimitReport.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/report/PerformanceLimitReport.java index dd73bec8c..70c17553f 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/report/PerformanceLimitReport.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/report/PerformanceLimitReport.java @@ -23,8 +23,8 @@ public static void appendPerformanceBreakLog(PerformanceBreakReportBody.Performa public static void sendReport() { PERFORMANCE_BREAK_REPORT_BODY.getDetail().setAgentId(EngineManager.getAgentId()); PERFORMANCE_BREAK_REPORT_BODY.getDetail().setBreakDate(new Date()); - String report = GsonUtils.toJson(PERFORMANCE_BREAK_REPORT_BODY); - sendReport(report); +/* String report = GsonUtils.toJson(PERFORMANCE_BREAK_REPORT_BODY); + sendReport(report);*/ PERFORMANCE_BREAK_REPORT_BODY.clearAllPerformanceBreakLog(); } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/report/SecondFallbackReport.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/report/SecondFallbackReport.java index 655d98f90..a3d50342f 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/report/SecondFallbackReport.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/fallback/report/SecondFallbackReport.java @@ -27,7 +27,7 @@ public static boolean isSecondFallbackLogEmpty() { */ public static void sendReport(){ FALLBACK_REPORT_LOG.getDetail().setAgentId(EngineManager.getAgentId()); - sendReport(GsonUtils.toJson(FALLBACK_REPORT_LOG)); +// sendReport(GsonUtils.toJson(FALLBACK_REPORT_LOG)); FALLBACK_REPORT_LOG.clear(); } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java index 9ef114220..d7662d2e4 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/bytecode/enhance/plugin/spring/SpringApplicationImpl.java @@ -41,7 +41,7 @@ private static void loadApplicationContext() { proxyClass = iastClassLoader.loadClass("cn.huoxian.iast.spring.SpringApplicationContext"); getAPI = proxyClass.getDeclaredMethod("getAPI", Object.class); } catch (NoSuchMethodException e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.core.bytecode.enhance.plugin.spring.SpringApplicationImpl.loadApplicationContext()",e); } } } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java index d760e773d..9c01aff91 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/SpyDispatcherImpl.java @@ -23,6 +23,7 @@ public class SpyDispatcherImpl implements SpyDispatcher { public static final AtomicInteger INVOKE_ID_SEQUENCER = new AtomicInteger(1); + private static final ThreadLocal responseTime = new ThreadLocal<>(); /** * mark for enter Http Entry Point @@ -55,6 +56,8 @@ public void leaveHttp(Object request, Object response) { EngineManager.maintainRequestCount(); GraphBuilder.buildAndReport(request, response); EngineManager.cleanThreadState(); + long responseTimeEnd = System.currentTimeMillis()-responseTime.get()+8; + DongTaiLog.debug(GraphBuilder.getURL() + " response time: "+responseTimeEnd+"ms"); } EngineManager.turnOnDongTai(); @@ -76,6 +79,7 @@ public void leaveHttp(Object request, Object response) { @Override public boolean isFirstLevelHttp() { try { + responseTime.set(System.currentTimeMillis()); return EngineManager.isEngineRunning() && EngineManager.SCOPE_TRACKER .isFirstLevelHttp(); } catch (Exception e) { diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/HttpImpl.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/HttpImpl.java index 389882191..2d8fb8bbe 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/HttpImpl.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/controller/impl/HttpImpl.java @@ -55,10 +55,8 @@ private static void createClassLoader(Object req) { cloneResponseMethod = CLASS_OF_SERVLET_PROXY .getDeclaredMethod("cloneResponse", Object.class, boolean.class); } - } catch (MalformedURLException e) { - DongTaiLog.error(e); - } catch (NoSuchMethodException e) { - DongTaiLog.error(e); + } catch (MalformedURLException | NoSuchMethodException e) { + DongTaiLog.error("io.dongtai.iast.core.handler.hookpoint.controller.impl.HttpImpl.createClassLoader(java.lang.Object)",e); } } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/graphy/GraphBuilder.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/graphy/GraphBuilder.java index 85170757b..f371642b4 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/graphy/GraphBuilder.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/graphy/GraphBuilder.java @@ -22,6 +22,8 @@ */ public class GraphBuilder { + private static String URL; + public static void buildAndReport(Object request, Object response) { List nodeList = build(); String report = convertToReport(nodeList, request, response); @@ -93,8 +95,11 @@ public static String convertToReport(List nodeList, Object request, O detail.put(ReportConstant.SCHEME, requestMeta.getOrDefault("scheme", "")); detail.put(ReportConstant.METHOD, requestMeta.getOrDefault("method", "")); detail.put(ReportConstant.SECURE, requestMeta.getOrDefault("secure", "")); - detail.put(ReportConstant.URL, requestMeta.getOrDefault("requestURL", "").toString()); - detail.put(ReportConstant.URI, requestMeta.getOrDefault("requestURI", "")); + String requestURL = requestMeta.getOrDefault("requestURL", "").toString(); + detail.put(ReportConstant.URL, requestURL); + String requestURI = requestMeta.getOrDefault("requestURI", "").toString(); + detail.put(ReportConstant.URI, requestURI); + setURL(requestURL); detail.put(ReportConstant.CLIENT_IP, requestMeta.getOrDefault("remoteAddr", "")); detail.put(ReportConstant.QUERY_STRING, requestMeta.getOrDefault("queryString", "")); detail.put(ReportConstant.REQ_HEADER, @@ -131,4 +136,12 @@ private static byte[] getResponseBody(Map responseMeta) { return responseBody; } } + + public static String getURL() { + return URL; + } + + public static void setURL(String URL) { + GraphBuilder.URL = URL; + } } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/vulscan/normal/CookieFlagsMissingVulScan.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/vulscan/normal/CookieFlagsMissingVulScan.java index 8ef62b6b2..dafe54e46 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/vulscan/normal/CookieFlagsMissingVulScan.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/vulscan/normal/CookieFlagsMissingVulScan.java @@ -25,7 +25,7 @@ public void scan(IastSinkModel sink, MethodEvent event) { sendReport(getLatestStack(), sink.getType()); break; } catch (Exception e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.core.handler.hookpoint.vulscan.normal.CookieFlagsMissingVulScan.scan(io.dongtai.iast.core.handler.hookpoint.models.IastSinkModel,io.dongtai.iast.core.handler.hookpoint.models.MethodEvent)",e); } } } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/replay/HttpRequestReplay.java b/dongtai-core/src/main/java/io/dongtai/iast/core/replay/HttpRequestReplay.java index 2b9142bd0..d168e6cda 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/replay/HttpRequestReplay.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/replay/HttpRequestReplay.java @@ -59,7 +59,7 @@ private static void doReplay(IastReplayModel replayModel) { sendRequest(replayModel.getRequestMethod(), url, replayModel.getRequestBody(), headers); } } catch (Exception e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.core.replay.HttpRequestReplay.doReplay(io.dongtai.iast.core.handler.hookpoint.models.IastReplayModel)",e); } } @@ -133,7 +133,7 @@ private static void sendRequest(String method, String fullUrl, String data, Hash rd.close(); DongTaiLog.debug("Request replay response: {}",response); } catch (Exception e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.core.replay.HttpRequestReplay.sendRequest(java.lang.String,java.lang.String,java.lang.String,java.util.HashMap)",e); } finally { if (connection != null) { connection.disconnect(); diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/ConfigUtils.java b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/ConfigUtils.java index 68818c69d..94adcd0ad 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/ConfigUtils.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/ConfigUtils.java @@ -46,7 +46,7 @@ public static Set[] loadConfigFromFile(String filename) { } } catch (IOException e) { DongTaiLog.error("读取配置文件:{} 失败,错误信息:{}", filename, e); - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.core.utils.ConfigUtils.loadConfigFromFile(java.lang.String)",e); } return new HashSet[]{container, startWith, endWith}; } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/Constants.java b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/Constants.java index 44d0a2dc1..0e746b306 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/Constants.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/Constants.java @@ -4,7 +4,7 @@ * @author dongzhiyong@huoxian.cn */ public class Constants { - public static final String AGENT_VERSION_VALUE = "v1.5.0"; + public static final String AGENT_VERSION_VALUE = "v1.7.0.test.2"; public final static String API_REPORT_UPLOAD = "/api/v1/report/upload"; public final static String SERVER_ADDRESS = "/api/v1/agent/update"; public final static String API_HOOK_PROFILE = "/api/v1/profiles"; diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpClientUtils.java b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpClientUtils.java index e6fd5b41b..0e6469b63 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpClientUtils.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/HttpClientUtils.java @@ -43,7 +43,6 @@ public static StringBuilder sendGet(String uri, String arg, String value) { public static StringBuilder sendPost(String uri, String value) { StringBuilder response; response = sendRequest(HttpMethods.POST, PROPERTIES.getBaseUrl(), uri, value, null, PROXY); - DongTaiLog.debug("dongtai upload url is {}, resp is {}", uri, response.toString()); return response; } @@ -101,6 +100,7 @@ private static StringBuilder sendRequest(HttpMethods method, String baseUrl, Str response.append('\r'); } rd.close(); + DongTaiLog.debug("dongtai upload url is {}, request is {} ,response is {}", urlStr, data, response.toString()); return response; } catch (Exception e) { DongTaiLog.error(e); diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/PropertyUtils.java b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/PropertyUtils.java index 6f5bb1197..021194127 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/PropertyUtils.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/PropertyUtils.java @@ -64,10 +64,8 @@ private void init() { cfg.load(fis); fis.close(); } - } catch (FileNotFoundException e) { - DongTaiLog.error(e); } catch (IOException e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.core.utils.PropertyUtils.init()",e); } } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/base64/Base64Decoder.java b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/base64/Base64Decoder.java index ebcc824e4..3e8a69364 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/base64/Base64Decoder.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/base64/Base64Decoder.java @@ -26,7 +26,7 @@ public static byte[] decodeBase64FromString(String data) { try { return instance.decodeBuffer(data); } catch (IOException e) { - DongTaiLog.error(e); + DongTaiLog.error("io.dongtai.iast.core.utils.base64.Base64Decoder.decodeBase64FromString(java.lang.String)",e); } return null; } diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/matcher/ConfigMatcher.java b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/matcher/ConfigMatcher.java index 427b36305..bb6e46c2f 100644 --- a/dongtai-core/src/main/java/io/dongtai/iast/core/utils/matcher/ConfigMatcher.java +++ b/dongtai-core/src/main/java/io/dongtai/iast/core/utils/matcher/ConfigMatcher.java @@ -1,5 +1,6 @@ package io.dongtai.iast.core.utils.matcher; +import io.dongtai.iast.core.bytecode.enhance.plugin.fallback.FallbackSwitch; import io.dongtai.iast.core.utils.ConfigUtils; import io.dongtai.iast.core.utils.PropertyUtils; import io.dongtai.log.DongTaiLog; @@ -29,7 +30,7 @@ public class ConfigMatcher { private final AbstractMatcher SERVER_CLASS = new ServerClass(); private Instrumentation inst; - private final Set BLACK_URL; + public final Set BLACK_URL; public static ConfigMatcher getInstance() { if (null == INSTANCE) { @@ -91,6 +92,10 @@ public boolean getBlackUrl(Map request) { if (null != headers.get(strings[0].toLowerCase())) { return true; } + case 3: + if (FallbackSwitch.URL_FALLBACK && uri.contains(strings[0])){ + return true; + } default: continue; } diff --git a/dongtai-core/src/main/resources/com.secnium.iast.resources/blackurl.txt b/dongtai-core/src/main/resources/com.secnium.iast.resources/blackurl.txt index a999e869c..186dd4526 100644 --- a/dongtai-core/src/main/resources/com.secnium.iast.resources/blackurl.txt +++ b/dongtai-core/src/main/resources/com.secnium.iast.resources/blackurl.txt @@ -5,4 +5,6 @@ isTest 2 /internalHeartBeat/_check 1 /actuator/health 1 /service/lessonmenu.mvc 1 -/service/lessonoverview.mvc 1 \ No newline at end of file +/service/lessonoverview.mvc 1 +.map 1 +.lesson 1 \ No newline at end of file diff --git a/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java b/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java index 568265803..fc4193ad6 100644 --- a/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java +++ b/dongtai-log/src/main/java/io/dongtai/log/DongTaiLog.java @@ -247,6 +247,22 @@ public static void error(Throwable t) { } } + public static void error(String des, Throwable t) { + if (canLog(Level.FINER) && enablePrintLog) { + String msg = des+"\n"+t.getMessage(); + if (enableColor) { + System.out.println(getTime() + TITTLE_COLOR_PREFIX + ERROR_COLOR_PREFIX + msg); + } else { + System.out.println(getTime() + TITTLE + ERROR_PREFIX + msg); + } + msg = getTime() + TITTLE + ERROR_PREFIX + msg; + StringWriter stringWriter = new StringWriter(); + t.printStackTrace(new PrintWriter(stringWriter)); + msg = msg + stringWriter; + writeLogToFile(msg); + } + } + private static String format(String from, Object... arguments) { if (from != null) { String computed = from;