package com.contrastsecurity.agent.plugins.protect.rules.cve.struts.d;

import com.contrastsecurity.agent.apps.Application;
import com.contrastsecurity.agent.apps.ApplicationManager;
import com.contrastsecurity.agent.config.ConfigProperty;
import com.contrastsecurity.agent.messages.app.activity.protect.AttackResult;
import com.contrastsecurity.agent.messages.app.activity.protect.details.CveDetailsDTM;
import com.contrastsecurity.agent.messages.app.activity.protect.details.UserInputDTM;
import com.contrastsecurity.agent.plugins.protect.C;
import com.contrastsecurity.agent.plugins.protect.C0386w;
import com.contrastsecurity.agent.plugins.protect.EnumC0388y;
import com.contrastsecurity.agent.plugins.protect.InterfaceC0327d;
import com.contrastsecurity.agent.plugins.protect.ProtectManager;
import com.contrastsecurity.agent.plugins.protect.ProtectRuleId;
import com.contrastsecurity.agent.plugins.protect.R;
import com.contrastsecurity.agent.plugins.protect.ah;
import com.contrastsecurity.agent.util.L;
import com.contrastsecurity.thirdparty.javax.inject.Inject;
import com.contrastsecurity.thirdparty.javax.inject.Singleton;
import com.contrastsecurity.thirdparty.org.apache.commons.lang.StringUtils;
import com.contrastsecurity.thirdparty.org.slf4j.Logger;
import com.contrastsecurity.thirdparty.org.slf4j.LoggerFactory;
import java.util.List;
import java.util.regex.Pattern;

/* compiled from: Cve_2017_5638Rule.java */
@Singleton
/* loaded from: input_file:com/contrastsecurity/agent/plugins/protect/rules/cve/struts/d/e.class */
public final class e extends com.contrastsecurity.agent.plugins.protect.rules.cve.struts.c {
    private final ApplicationManager b;
    private final InterfaceC0327d c;
    private final ProtectManager d;
    private final R e;
    private static final String[] f = {"2.3.7.jar", "2.3.8.jar", "2.3.12.jar", "2.3.14.jar", "2.3.14.1.jar", "2.3.14.2.jar", "2.3.14.3.jar", "2.3.15.jar", "2.3.15.1.jar", "2.3.15.2.jar", "2.3.15.3.jar", "2.3.16.jar", "2.3.16.1.jar", "2.3.16.2.jar", "2.3.16.3.jar", "2.3.20.jar", "2.3.20.1.jar", "2.3.20.3.jar", "2.3.24.jar", "2.3.24.1.jar", "2.3.24.3.jar", "2.3.28.jar", "2.3.28.1.jar", "2.3.30.jar", "2.3.31.jar", "2.5.jar", "2.5.1.jar", "2.5.2.jar", "2.5.5.jar", "2.5.8.jar", "2.5.10.jar"};
    private static final Pattern g = Pattern.compile(".*(\\$|%)\\{.*((?i)memberAccess|ognl).*\\}.*");
    private static final Logger h = LoggerFactory.getLogger((Class<?>) e.class);

    @Inject
    public e(ProtectManager protectManager, ApplicationManager applicationManager, InterfaceC0327d interfaceC0327d, com.contrastsecurity.agent.config.e eVar) {
        super(interfaceC0327d, protectManager);
        this.b = applicationManager;
        this.c = interfaceC0327d;
        this.d = protectManager;
        this.e = new C0386w(eVar, ConfigProperty.PROTECT_CVE_2017_5638_MODE);
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.n
    public boolean appliesToInputType(UserInputDTM.InputType inputType) {
        return UserInputDTM.InputType.HEADER == inputType;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.n
    public C evaluateInput(UserInputDTM.InputType inputType, String str, String str2, String str3, int i) {
        h.debug("Evaluating input {} {} {}", inputType.toString(), str, str2);
        C c = null;
        if (UserInputDTM.InputType.HEADER.equals(inputType) && L.c(str, "Content-Type") && com.contrastsecurity.agent.plugins.protect.rules.d.f.b(str2)) {
            h.debug("Evaluating input {} {}", str, str2);
            c = new C(EnumC0388y.MATCHED_ATTACK_SIGNATURE);
        }
        return c;
    }

    public boolean a(String str) {
        boolean z = false;
        boolean z2 = false;
        Application current = this.b.current();
        if (current == null) {
            return false;
        }
        if (!StringUtils.isEmpty(str)) {
            com.contrastsecurity.agent.plugins.protect.rules.C vulnerabilityAnalysis = getVulnerabilityAnalysis(current);
            if (vulnerabilityAnalysis == null) {
                h.warn("Not analyzing request for {} because Contrast has not yet analyzed the application's libraries to see if the application is vulnerable", ProtectRuleId.CVE_2017_5638.id());
                return false;
            }
            if (!vulnerabilityAnalysis.a()) {
                return false;
            }
            String c = vulnerabilityAnalysis.c();
            boolean canAppBlock = canAppBlock(current);
            List<ah> inputs = this.d.currentContext().getInputs(ProtectRuleId.CVE_2017_5638);
            if (inputs != null && !inputs.isEmpty()) {
                for (ah ahVar : inputs) {
                    if (ahVar != null) {
                        String value = ahVar.a().getValue();
                        if (ahVar.c(str)) {
                            h.debug("Exception contains user input {}", value);
                            z = z || canAppBlock;
                            issueReportToApp(ahVar, c, z);
                            z2 = true;
                        }
                    }
                }
            }
            if (!z2 && b(str)) {
                z = canAppBlock;
                a(str, c, z);
            }
        }
        return z;
    }

    protected boolean b(String str) {
        return g.matcher(str).matches();
    }

    private void a(String str, String str2, boolean z) {
        this.c.a(ProtectRuleId.CVE_2017_5638, (ProtectRuleId) new CveDetailsDTM(getRuleId().id(), str2), UserInputDTM.builder().name(null).value(str).type(UserInputDTM.InputType.UNKNOWN).time(System.currentTimeMillis()).build(), z ? AttackResult.BLOCKED : AttackResult.EXPLOITED);
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public ProtectRuleId getRuleId() {
        return ProtectRuleId.CVE_2017_5638;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.s
    public R getProtectRuleMode() {
        return this.e;
    }

    @Override // com.contrastsecurity.agent.plugins.protect.rules.cve.struts.c
    protected String[] getVulnVersions() {
        return f;
    }
}
