package com.newrelic.agent.security.instrumentator.dispatcher;

import com.newrelic.agent.security.AgentInfo;
import com.newrelic.agent.security.deps.com.google.gson.Gson;
import com.newrelic.agent.security.deps.org.apache.commons.lang3.StringUtils;
import com.newrelic.agent.security.deps.org.jetbrains.annotations.Nullable;
import com.newrelic.agent.security.deps.org.json.simple.JSONArray;
import com.newrelic.agent.security.deps.org.json.simple.JSONObject;
import com.newrelic.agent.security.deps.org.json.simple.parser.JSONParser;
import com.newrelic.agent.security.deps.org.json.simple.parser.ParseException;
import com.newrelic.agent.security.instrumentator.helper.DynamoDBRequestConverter;
import com.newrelic.agent.security.instrumentator.utils.AgentUtils;
import com.newrelic.agent.security.instrumentator.utils.CallbackUtils;
import com.newrelic.agent.security.intcodeagent.filelogging.FileLoggerThreadPool;
import com.newrelic.agent.security.intcodeagent.logging.DeployedApplication;
import com.newrelic.agent.security.intcodeagent.logging.IAgentConstants;
import com.newrelic.agent.security.intcodeagent.models.javaagent.ExitEventBean;
import com.newrelic.agent.security.intcodeagent.models.javaagent.JavaAgentEventBean;
import com.newrelic.agent.security.intcodeagent.websocket.EventSendPool;
import com.newrelic.agent.security.intcodeagent.websocket.JsonConverter;
import com.newrelic.api.agent.NewRelic;
import com.newrelic.api.agent.security.instrumentation.helpers.AppServerInfoHelper;
import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper;
import com.newrelic.api.agent.security.instrumentation.helpers.SystemCommandUtils;
import com.newrelic.api.agent.security.schema.AbstractOperation;
import com.newrelic.api.agent.security.schema.AgentMetaData;
import com.newrelic.api.agent.security.schema.HttpRequest;
import com.newrelic.api.agent.security.schema.K2RequestIdentifier;
import com.newrelic.api.agent.security.schema.SecurityMetaData;
import com.newrelic.api.agent.security.schema.VulnerabilityCaseType;
import com.newrelic.api.agent.security.schema.helper.DynamoDBRequest;
import com.newrelic.api.agent.security.schema.operation.BatchSQLOperation;
import com.newrelic.api.agent.security.schema.operation.DynamoDBOperation;
import com.newrelic.api.agent.security.schema.operation.FileIntegrityOperation;
import com.newrelic.api.agent.security.schema.operation.FileOperation;
import com.newrelic.api.agent.security.schema.operation.ForkExecOperation;
import com.newrelic.api.agent.security.schema.operation.HashCryptoOperation;
import com.newrelic.api.agent.security.schema.operation.JCacheOperation;
import com.newrelic.api.agent.security.schema.operation.JSInjectionOperation;
import com.newrelic.api.agent.security.schema.operation.LDAPOperation;
import com.newrelic.api.agent.security.schema.operation.MemcachedOperation;
import com.newrelic.api.agent.security.schema.operation.NoSQLOperation;
import com.newrelic.api.agent.security.schema.operation.RandomOperation;
import com.newrelic.api.agent.security.schema.operation.RedisOperation;
import com.newrelic.api.agent.security.schema.operation.SQLOperation;
import com.newrelic.api.agent.security.schema.operation.SSRFOperation;
import com.newrelic.api.agent.security.schema.operation.SecureCookieOperation;
import com.newrelic.api.agent.security.schema.operation.TrustBoundaryOperation;
import com.newrelic.api.agent.security.schema.operation.XPathOperation;
import com.newrelic.api.agent.security.schema.operation.XQueryOperation;
import com.newrelic.api.agent.security.utils.logging.LogLevel;
import java.io.File;
import java.io.ObjectInputStream;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.Callable;
import java.util.concurrent.atomic.AtomicBoolean;

/* loaded from: input_file:newrelic/newrelic-agent.jar:newrelic-security-agent.jar:com/newrelic/agent/security/instrumentator/dispatcher/Dispatcher.class */
public class Dispatcher implements Callable {
    private static final String SEPARATOR_QUESTIONMARK = "?";
    public static final String ERROR = "Error : ";
    public static final String EMPTY_FILE_SHA = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
    public static final String DROPPING_APPLICATION_INFO_POSTING_DUE_TO_SIZE_0 = "Dropping application info posting due to size 0 : ";
    public static final String QUESTION_CHAR = "?";
    public static final char SEPARATOR = '.';
    private static final String EVENT_ZERO_SENT = "[STEP-8] => First event sent for validation. Security agent started successfully. %s";
    private static final String SENDING_EVENT_ZERO = "[EVENT] Sending first event for validation. Security agent started successfully ";
    private static final String POSTING_UPDATED_APPLICATION_INFO = "[APP_INFO][DEPLOYED_APP] Sending updated application info to Security Engine : %s";
    public static final String SEPARATOR1 = ", ";
    public static final String APP_LOCATION = "app-location";
    public static final String REDIS_MODE = "mode";
    public static final String REDIS_ARGUMENTS = "arguments";
    public static final String REDIS_TYPE = "type";
    public static final String SYSCOMMAND_ENVIRONMENT = "environment";
    public static final String SYSCOMMAND_SCRIPT_CONTENT = "script-content";
    public static final String UNABLE_TO_CONVERT_OPERATION_TO_EVENT = "Unable to convert operation to event: %s, %s, %s";
    public static final String COOKIE_VALUE = "value";
    public static final String COOKIE_IS_SECURE = "isSecure";
    public static final String COOKIE_IS_HTTP_ONLY = "isHttpOnly";
    public static final String COOKIE_IS_SAME_SITE_STRICT = "isSameSiteStrict";
    private ExitEventBean exitEventBean;
    private AbstractOperation operation;
    private SecurityMetaData securityMetaData;
    private Map<String, Object> extraInfo = new HashMap();
    private boolean isNRCode = false;
    private final String SQL_STORED_PROCEDURE = "SQL_STORED_PROCEDURE";
    private static final FileLoggerThreadPool logger = FileLoggerThreadPool.getInstance();
    private static AtomicBoolean firstEventSent = new AtomicBoolean(false);
    private static Gson GsonUtil = new Gson();

    public ExitEventBean getExitEventBean() {
        return this.exitEventBean;
    }

    public AbstractOperation getOperation() {
        return this.operation;
    }

    public SecurityMetaData getSecurityMetaData() {
        return this.securityMetaData;
    }

    public Dispatcher(AbstractOperation abstractOperation, SecurityMetaData securityMetaData) {
        this.securityMetaData = securityMetaData;
        this.operation = abstractOperation;
        this.extraInfo.put(IAgentConstants.BLOCKING_END_TIME, Long.valueOf(System.currentTimeMillis()));
    }

    public Dispatcher(ExitEventBean exitEventBean) {
        this.exitEventBean = exitEventBean;
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:14:0x0070. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:29:0x0134 A[Catch: Throwable -> 0x034a, TryCatch #0 {Throwable -> 0x034a, blocks: (B:2:0x0000, B:4:0x0007, B:7:0x0013, B:9:0x001c, B:10:0x002e, B:13:0x0037, B:14:0x0070, B:15:0x00c8, B:17:0x00cf, B:20:0x00e4, B:21:0x00f6, B:23:0x0100, B:24:0x0110, B:26:0x011a, B:27:0x012a, B:29:0x0134, B:30:0x0144, B:32:0x014e, B:33:0x015e, B:35:0x0168, B:36:0x0177, B:39:0x018d, B:40:0x01a1, B:41:0x01b5, B:42:0x01c9, B:43:0x01dc, B:44:0x01f0, B:45:0x0204, B:46:0x0218, B:47:0x022c, B:48:0x0240, B:49:0x0254, B:50:0x0268, B:52:0x0272, B:53:0x0286, B:55:0x0290, B:56:0x02a4, B:58:0x02ae, B:59:0x02c1, B:61:0x02d1, B:63:0x02e1, B:65:0x02ee, B:69:0x02ff, B:70:0x0313, B:72:0x0323), top: B:1:0x0000 }] */
    /* JADX WARN: Removed duplicated region for block: B:30:0x0144 A[Catch: Throwable -> 0x034a, TryCatch #0 {Throwable -> 0x034a, blocks: (B:2:0x0000, B:4:0x0007, B:7:0x0013, B:9:0x001c, B:10:0x002e, B:13:0x0037, B:14:0x0070, B:15:0x00c8, B:17:0x00cf, B:20:0x00e4, B:21:0x00f6, B:23:0x0100, B:24:0x0110, B:26:0x011a, B:27:0x012a, B:29:0x0134, B:30:0x0144, B:32:0x014e, B:33:0x015e, B:35:0x0168, B:36:0x0177, B:39:0x018d, B:40:0x01a1, B:41:0x01b5, B:42:0x01c9, B:43:0x01dc, B:44:0x01f0, B:45:0x0204, B:46:0x0218, B:47:0x022c, B:48:0x0240, B:49:0x0254, B:50:0x0268, B:52:0x0272, B:53:0x0286, B:55:0x0290, B:56:0x02a4, B:58:0x02ae, B:59:0x02c1, B:61:0x02d1, B:63:0x02e1, B:65:0x02ee, B:69:0x02ff, B:70:0x0313, B:72:0x0323), top: B:1:0x0000 }] */
    /* JADX WARN: Removed duplicated region for block: B:38:0x018b A[RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:61:0x02d1 A[Catch: Throwable -> 0x034a, TryCatch #0 {Throwable -> 0x034a, blocks: (B:2:0x0000, B:4:0x0007, B:7:0x0013, B:9:0x001c, B:10:0x002e, B:13:0x0037, B:14:0x0070, B:15:0x00c8, B:17:0x00cf, B:20:0x00e4, B:21:0x00f6, B:23:0x0100, B:24:0x0110, B:26:0x011a, B:27:0x012a, B:29:0x0134, B:30:0x0144, B:32:0x014e, B:33:0x015e, B:35:0x0168, B:36:0x0177, B:39:0x018d, B:40:0x01a1, B:41:0x01b5, B:42:0x01c9, B:43:0x01dc, B:44:0x01f0, B:45:0x0204, B:46:0x0218, B:47:0x022c, B:48:0x0240, B:49:0x0254, B:50:0x0268, B:52:0x0272, B:53:0x0286, B:55:0x0290, B:56:0x02a4, B:58:0x02ae, B:59:0x02c1, B:61:0x02d1, B:63:0x02e1, B:65:0x02ee, B:69:0x02ff, B:70:0x0313, B:72:0x0323), top: B:1:0x0000 }] */
    /* JADX WARN: Removed duplicated region for block: B:72:0x0323 A[Catch: Throwable -> 0x034a, TryCatch #0 {Throwable -> 0x034a, blocks: (B:2:0x0000, B:4:0x0007, B:7:0x0013, B:9:0x001c, B:10:0x002e, B:13:0x0037, B:14:0x0070, B:15:0x00c8, B:17:0x00cf, B:20:0x00e4, B:21:0x00f6, B:23:0x0100, B:24:0x0110, B:26:0x011a, B:27:0x012a, B:29:0x0134, B:30:0x0144, B:32:0x014e, B:33:0x015e, B:35:0x0168, B:36:0x0177, B:39:0x018d, B:40:0x01a1, B:41:0x01b5, B:42:0x01c9, B:43:0x01dc, B:44:0x01f0, B:45:0x0204, B:46:0x0218, B:47:0x022c, B:48:0x0240, B:49:0x0254, B:50:0x0268, B:52:0x0272, B:53:0x0286, B:55:0x0290, B:56:0x02a4, B:58:0x02ae, B:59:0x02c1, B:61:0x02d1, B:63:0x02e1, B:65:0x02ee, B:69:0x02ff, B:70:0x0313, B:72:0x0323), top: B:1:0x0000 }] */
    @Override // java.util.concurrent.Callable
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.Object call() throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 971
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.newrelic.agent.security.instrumentator.dispatcher.Dispatcher.call():java.lang.Object");
    }

    private JavaAgentEventBean prepareCachingDataStoreEvent(JavaAgentEventBean javaAgentEventBean, RedisOperation redisOperation) {
        JSONArray jSONArray = new JSONArray();
        Iterator<Object> it = redisOperation.getArguments().iterator();
        while (it.hasNext()) {
            jSONArray.add(it.next());
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("mode", redisOperation.getMode());
        jSONObject.put("arguments", jSONArray);
        jSONObject.put("type", redisOperation.getType());
        JSONArray jSONArray2 = new JSONArray();
        jSONArray2.add(jSONObject);
        javaAgentEventBean.setParameters(jSONArray2);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareJCacheCachingDataStoreEvent(JavaAgentEventBean javaAgentEventBean, JCacheOperation jCacheOperation) {
        JSONArray jSONArray = new JSONArray();
        for (Object obj : jCacheOperation.getArguments()) {
            if (isPrimitiveType(obj.getClass())) {
                jSONArray.add(obj);
            } else {
                jSONArray.add(GsonUtil.toJson(obj));
            }
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("arguments", jSONArray);
        jSONObject.put("type", jCacheOperation.getType());
        JSONArray jSONArray2 = new JSONArray();
        jSONArray2.add(jSONObject);
        javaAgentEventBean.setParameters(jSONArray2);
        javaAgentEventBean.setEventCategory(jCacheOperation.getCategory());
        return javaAgentEventBean;
    }

    public boolean isPrimitiveType(Class<?> cls) {
        return (cls.isPrimitive() && cls != Void.TYPE) || cls == Double.class || cls == Float.class || cls == Long.class || cls == Integer.class || cls == Short.class || cls == Character.class || cls == Byte.class || cls == Boolean.class || cls == String.class;
    }

    @Nullable
    private JavaAgentEventBean processFileOperationEvent(JavaAgentEventBean javaAgentEventBean, FileOperation fileOperation) {
        prepareFileEvent(javaAgentEventBean, fileOperation);
        String substringBefore = StringUtils.substringBefore(this.securityMetaData.getRequest().getUrl(), "?");
        if (!(AgentUtils.getInstance().getAgentPolicy().getVulnerabilityScan().getEnabled().booleanValue() && AgentUtils.getInstance().getAgentPolicy().getVulnerabilityScan().getIastScan().getEnabled().booleanValue()) && allowedExtensionFileIO(javaAgentEventBean.getParameters(), javaAgentEventBean.getSourceMethod(), substringBefore)) {
            return null;
        }
        return javaAgentEventBean;
    }

    private void processReflectedXSSEvent(JavaAgentEventBean javaAgentEventBean) {
        if (((Boolean) NewRelic.getAgent().getConfig().getValue("security.detection.rxss.enabled", true)).booleanValue()) {
            Set<String> checkForReflectedXSS = CallbackUtils.checkForReflectedXSS(this.securityMetaData.getRequest(), this.securityMetaData.getResponse());
            if ((checkForReflectedXSS.isEmpty() || actuallyEmpty(checkForReflectedXSS) || !StringUtils.isNotBlank(this.securityMetaData.getResponse().getResponseBody())) && !(AgentUtils.getInstance().getAgentPolicy().getVulnerabilityScan().getEnabled().booleanValue() && AgentUtils.getInstance().getAgentPolicy().getVulnerabilityScan().getIastScan().getEnabled().booleanValue())) {
                return;
            }
            JSONArray jSONArray = new JSONArray();
            jSONArray.addAll(checkForReflectedXSS);
            jSONArray.add(this.securityMetaData.getResponse().getResponseBody());
            javaAgentEventBean.setParameters(jSONArray);
            javaAgentEventBean.setHttpResponse(this.securityMetaData.getResponse());
            javaAgentEventBean.setApplicationUUID(AgentInfo.getInstance().getApplicationUUID());
            javaAgentEventBean.setPid(AgentInfo.getInstance().getVMPID());
            javaAgentEventBean.setId(this.operation.getExecutionId());
            javaAgentEventBean.setStartTime(Long.valueOf(this.operation.getStartTime()));
            javaAgentEventBean.setBlockingProcessingTime(Long.valueOf(((Long) this.extraInfo.get(IAgentConstants.BLOCKING_END_TIME)).longValue() - javaAgentEventBean.getStartTime().longValue()));
            javaAgentEventBean.setApiId(this.operation.getApiID());
            EventSendPool.getInstance().sendEvent(javaAgentEventBean);
            if (firstEventSent.get()) {
                return;
            }
            logger.logInit(LogLevel.INFO, String.format(EVENT_ZERO_SENT, javaAgentEventBean), getClass().getName());
            firstEventSent.set(true);
        }
    }

    private boolean actuallyEmpty(Set<String> set) {
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            if (StringUtils.isNotBlank(it.next())) {
                return false;
            }
        }
        return true;
    }

    private String getMatchPackagePrefix(String str) {
        String[] split = StringUtils.split(str, '.');
        return split.length == 1 ? "" : split.length > 2 ? StringUtils.join((Object[]) split, '.', 0, 2) : StringUtils.join((Object[]) split, '.', 0, split.length - 1);
    }

    private void setAppLocationStatusFile(Set<DeployedApplication> set) {
        for (DeployedApplication deployedApplication : set) {
            if (StringUtils.isNotBlank(deployedApplication.getDeployedPath())) {
                StringUtils.joinWith(", ", "", deployedApplication.getDeployedPath());
            }
        }
        AgentUtils.getInstance().getStatusLogValues().put(APP_LOCATION, "");
    }

    private JavaAgentEventBean prepareJSInjectionEvent(JavaAgentEventBean javaAgentEventBean, JSInjectionOperation jSInjectionOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(jSInjectionOperation.getJavaScriptCode());
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareXQueryInjectionEvent(JavaAgentEventBean javaAgentEventBean, XQueryOperation xQueryOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(xQueryOperation.getExpression());
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareXPATHEvent(JavaAgentEventBean javaAgentEventBean, XPathOperation xPathOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(xPathOperation.getExpression());
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareHashEvent(JavaAgentEventBean javaAgentEventBean, HashCryptoOperation hashCryptoOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(hashCryptoOperation.getName());
        if (StringUtils.isNotBlank(hashCryptoOperation.getProvider())) {
            jSONArray.add(hashCryptoOperation.getProvider());
        }
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareCryptoEvent(JavaAgentEventBean javaAgentEventBean, HashCryptoOperation hashCryptoOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(hashCryptoOperation.getName());
        if (StringUtils.isNotBlank(hashCryptoOperation.getProvider())) {
            jSONArray.add(hashCryptoOperation.getProvider());
        }
        javaAgentEventBean.setParameters(jSONArray);
        javaAgentEventBean.setEventCategory(hashCryptoOperation.getEventCategory());
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareTrustBoundaryEvent(JavaAgentEventBean javaAgentEventBean, TrustBoundaryOperation trustBoundaryOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(trustBoundaryOperation.getKey());
        jSONArray.add(JsonConverter.toJSON(trustBoundaryOperation.getValue()));
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareRandomEvent(JavaAgentEventBean javaAgentEventBean, RandomOperation randomOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(randomOperation.getClassName());
        javaAgentEventBean.setEventCategory(randomOperation.getEventCatgory());
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareSecureCookieEvent(JavaAgentEventBean javaAgentEventBean, SecureCookieOperation secureCookieOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(secureCookieOperation.getValue());
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("value", secureCookieOperation.getCookie());
        jSONObject.put(COOKIE_IS_SECURE, Boolean.valueOf(secureCookieOperation.isSecure()));
        jSONObject.put(COOKIE_IS_HTTP_ONLY, Boolean.valueOf(secureCookieOperation.isHttpOnly()));
        jSONObject.put(COOKIE_IS_SAME_SITE_STRICT, Boolean.valueOf(secureCookieOperation.isSameSiteStrict()));
        jSONArray.add(jSONObject);
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareLDAPEvent(JavaAgentEventBean javaAgentEventBean, LDAPOperation lDAPOperation) {
        JSONArray jSONArray = new JSONArray();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("name", lDAPOperation.getName());
        jSONObject.put("filter", lDAPOperation.getFilter());
        jSONArray.add(jSONObject);
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareFileIntegrityEvent(JavaAgentEventBean javaAgentEventBean, FileIntegrityOperation fileIntegrityOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(fileIntegrityOperation.getFileName());
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareSQLDbCommandEvent(BatchSQLOperation batchSQLOperation, JavaAgentEventBean javaAgentEventBean) {
        JSONArray jSONArray = new JSONArray();
        for (SQLOperation sQLOperation : batchSQLOperation.getOperations()) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("query", sQLOperation.getQuery());
            if (sQLOperation.getParams() != null) {
                jSONObject.put("parameters", new JSONObject(sQLOperation.getParams()));
            }
            jSONArray.add(jSONObject);
        }
        javaAgentEventBean.setParameters(jSONArray);
        javaAgentEventBean.setEventCategory(batchSQLOperation.getOperations().get(0).getDbName());
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareSQLDbCommandEvent(SQLOperation sQLOperation, JavaAgentEventBean javaAgentEventBean) {
        JSONArray jSONArray = new JSONArray();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("query", sQLOperation.getQuery());
        if (sQLOperation.getParams() != null) {
            jSONObject.put("parameters", new JSONObject(sQLOperation.getParams()));
        }
        jSONArray.add(jSONObject);
        javaAgentEventBean.setParameters(jSONArray);
        if (sQLOperation.isStoredProcedureCall()) {
            javaAgentEventBean.setEventCategory("SQL_STORED_PROCEDURE");
        } else {
            javaAgentEventBean.setEventCategory(sQLOperation.getDbName());
        }
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareSystemCommandEvent(JavaAgentEventBean javaAgentEventBean, ForkExecOperation forkExecOperation) {
        try {
            SystemCommandUtils.scriptContent(SystemCommandUtils.getAbsoluteShellScripts(SystemCommandUtils.isShellScriptExecution(forkExecOperation.getCommand())), forkExecOperation);
            JSONArray jSONArray = new JSONArray();
            jSONArray.add(forkExecOperation.getCommand());
            JSONObject jSONObject = new JSONObject();
            if (forkExecOperation.getEnvironment() != null) {
                jSONObject.put("environment", new JSONObject(forkExecOperation.getEnvironment()));
            }
            jSONObject.put(SYSCOMMAND_SCRIPT_CONTENT, forkExecOperation.getScriptContent());
            jSONArray.add(jSONObject);
            javaAgentEventBean.setParameters(jSONArray);
            return javaAgentEventBean;
        } catch (Throwable th) {
            th.printStackTrace();
            return javaAgentEventBean;
        }
    }

    private static JavaAgentEventBean prepareFileEvent(JavaAgentEventBean javaAgentEventBean, FileOperation fileOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.addAll(fileOperation.getFileName());
        javaAgentEventBean.setParameters(jSONArray);
        if (fileOperation.isGetBooleanAttributesCall()) {
            javaAgentEventBean.setEventCategory("FILE_EXISTS");
        }
        return javaAgentEventBean;
    }

    private static JavaAgentEventBean prepareNoSQLEvent(JavaAgentEventBean javaAgentEventBean, NoSQLOperation noSQLOperation) throws ParseException {
        JSONArray jSONArray = new JSONArray();
        javaAgentEventBean.setEventCategory(IAgentConstants.MONGO);
        JSONParser jSONParser = new JSONParser();
        for (String str : noSQLOperation.getPayload()) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("payload", jSONParser.parse(str));
            jSONObject.put("payloadType", noSQLOperation.getPayloadType());
            jSONArray.add(jSONObject);
        }
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private static JavaAgentEventBean prepareMemcachedEvent(JavaAgentEventBean javaAgentEventBean, MemcachedOperation memcachedOperation) {
        JSONArray jSONArray = new JSONArray();
        Iterator<Object> it = memcachedOperation.getArguments().iterator();
        while (it.hasNext()) {
            jSONArray.add(it.next());
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("arguments", jSONArray);
        jSONObject.put("type", memcachedOperation.getType());
        jSONObject.put("mode", memcachedOperation.getCommand());
        JSONArray jSONArray2 = new JSONArray();
        jSONArray2.add(jSONObject);
        javaAgentEventBean.setParameters(jSONArray2);
        javaAgentEventBean.setEventCategory(memcachedOperation.getCategory());
        return javaAgentEventBean;
    }

    private static JavaAgentEventBean prepareDynamoDBEvent(JavaAgentEventBean javaAgentEventBean, DynamoDBOperation dynamoDBOperation) {
        JSONArray jSONArray = new JSONArray();
        javaAgentEventBean.setEventCategory(dynamoDBOperation.getCategory().toString());
        Iterator<DynamoDBRequest> it = dynamoDBOperation.getPayload().iterator();
        while (it.hasNext()) {
            jSONArray.add(DynamoDBRequestConverter.convert(dynamoDBOperation.getCategory(), it.next()));
        }
        javaAgentEventBean.setParameters(jSONArray);
        return javaAgentEventBean;
    }

    private static JavaAgentEventBean prepareSSRFEvent(JavaAgentEventBean javaAgentEventBean, SSRFOperation sSRFOperation) {
        JSONArray jSONArray = new JSONArray();
        jSONArray.add(sSRFOperation.getArg());
        javaAgentEventBean.setParameters(jSONArray);
        if (sSRFOperation.isJNDILookup()) {
            javaAgentEventBean.setEventCategory("JNDILookup");
        }
        return javaAgentEventBean;
    }

    private boolean allowedExtensionFileIO(JSONArray jSONArray, String str, String str2) {
        if (!IAgentConstants.JAVA_IO_FILE_INPUTSTREAM_OPEN.equals(str)) {
            return false;
        }
        for (int i = 0; i < jSONArray.size(); i++) {
            String obj = jSONArray.get(i).toString();
            if (StringUtils.containsIgnoreCase(obj, File.separator)) {
                obj = StringUtils.substringAfterLast(obj, File.separator);
            }
            if (StringUtils.containsIgnoreCase(str2, File.separator)) {
                str2 = StringUtils.substringAfterLast(str2, File.separator);
            }
            if (StringUtils.equals(str2, obj)) {
                return true;
            }
        }
        return false;
    }

    private JavaAgentEventBean processStackTrace(JavaAgentEventBean javaAgentEventBean, VulnerabilityCaseType vulnerabilityCaseType, boolean z) {
        for (int i = 0; i < this.operation.getStackTrace().length; i++) {
            String className = this.operation.getStackTrace()[i].getClassName();
            if (VulnerabilityCaseType.SYSTEM_COMMAND.equals(vulnerabilityCaseType) || VulnerabilityCaseType.SQL_DB_COMMAND.equals(vulnerabilityCaseType) || VulnerabilityCaseType.FILE_INTEGRITY.equals(vulnerabilityCaseType) || VulnerabilityCaseType.NOSQL_DB_COMMAND.equals(vulnerabilityCaseType) || VulnerabilityCaseType.FILE_OPERATION.equals(vulnerabilityCaseType) || VulnerabilityCaseType.HTTP_REQUEST.equals(vulnerabilityCaseType) || VulnerabilityCaseType.SYSTEM_EXIT.equals(vulnerabilityCaseType)) {
                xxeTriggerCheck(i, javaAgentEventBean, className);
                if (z) {
                    deserializationTriggerCheck(i, javaAgentEventBean, className);
                }
            }
        }
        return javaAgentEventBean;
    }

    private void xxeTriggerCheck(int i, JavaAgentEventBean javaAgentEventBean, String str) {
        if ((StringUtils.contains(str, IAgentConstants.XML_DOCUMENT_FRAGMENT_SCANNER_IMPL) && StringUtils.equals(this.operation.getStackTrace()[i].getMethodName(), IAgentConstants.SCAN_DOCUMENT)) || (StringUtils.contains(str, IAgentConstants.XML_ENTITY_MANAGER) && StringUtils.equals(this.operation.getStackTrace()[i].getMethodName(), IAgentConstants.SETUP_CURRENT_ENTITY))) {
            javaAgentEventBean.getMetaData().setTriggerViaXXE(true);
        }
    }

    private void deserializationTriggerCheck(int i, JavaAgentEventBean javaAgentEventBean, String str) {
        if (((Boolean) NewRelic.getAgent().getConfig().getValue("security.detection.deserialization.enabled", true)).booleanValue() && ObjectInputStream.class.getName().equals(str) && StringUtils.equals(this.operation.getStackTrace()[i].getMethodName(), IAgentConstants.READ_OBJECT)) {
            javaAgentEventBean.getMetaData().setTriggerViaDeserialisation(true);
        }
    }

    private void rciTriggerCheck(int i, JavaAgentEventBean javaAgentEventBean, String str) {
        if (((Boolean) NewRelic.getAgent().getConfig().getValue("security.detection.rci.enabled", true)).booleanValue()) {
            if (this.operation.getStackTrace()[i].getLineNumber() <= 0 && i > 0 && this.operation.getStackTrace()[i - 1].getLineNumber() > 0 && StringUtils.isNotBlank(this.operation.getStackTrace()[i - 1].getFileName())) {
                javaAgentEventBean.getMetaData().setTriggerViaRCI(true);
                javaAgentEventBean.getMetaData().getRciMethodsCalls().add(AgentUtils.stackTraceElementToString(this.operation.getStackTrace()[i]));
                javaAgentEventBean.getMetaData().getRciMethodsCalls().add(AgentUtils.stackTraceElementToString(this.operation.getStackTrace()[i - 1]));
            }
            if (StringUtils.contains(str, IAgentConstants.REFLECT_NATIVE_METHOD_ACCESSOR_IMPL) && StringUtils.equals(this.operation.getStackTrace()[i].getMethodName(), IAgentConstants.INVOKE_0) && i > 0) {
                javaAgentEventBean.getMetaData().setTriggerViaRCI(true);
                javaAgentEventBean.getMetaData().getRciMethodsCalls().add(AgentUtils.stackTraceElementToString(this.operation.getStackTrace()[i - 1]));
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private JavaAgentEventBean setGenericProperties(AbstractOperation abstractOperation, JavaAgentEventBean javaAgentEventBean) {
        javaAgentEventBean.setApplicationUUID(AgentInfo.getInstance().getApplicationUUID());
        javaAgentEventBean.setPid(AgentInfo.getInstance().getVMPID());
        javaAgentEventBean.setSourceMethod(abstractOperation.getSourceMethod());
        javaAgentEventBean.setId(abstractOperation.getExecutionId());
        javaAgentEventBean.setParentId((String) this.securityMetaData.getCustomAttribute(GenericHelper.CSEC_PARENT_ID, String.class));
        javaAgentEventBean.setStartTime(Long.valueOf(abstractOperation.getStartTime()));
        javaAgentEventBean.setBlockingProcessingTime(Long.valueOf(((Long) this.extraInfo.get(IAgentConstants.BLOCKING_END_TIME)).longValue() - javaAgentEventBean.getStartTime().longValue()));
        javaAgentEventBean.setApiId(abstractOperation.getApiID());
        javaAgentEventBean.setUserAPIInfo(Integer.valueOf(this.operation.getUserClassEntity().getUserClassElement().getLineNumber()), this.operation.getUserClassEntity().getUserClassElement().getClassName(), this.operation.getUserClassEntity().getUserClassElement().getMethodName());
        javaAgentEventBean.getLinkingMetadata().put("trace.id", this.securityMetaData.getCustomAttribute("trace.id", String.class));
        javaAgentEventBean.getLinkingMetadata().put("span.id", this.securityMetaData.getCustomAttribute("span.id", String.class));
        return javaAgentEventBean;
    }

    private JavaAgentEventBean prepareEvent(HttpRequest httpRequest, AgentMetaData agentMetaData, VulnerabilityCaseType vulnerabilityCaseType, K2RequestIdentifier k2RequestIdentifier) {
        JavaAgentEventBean javaAgentEventBean = new JavaAgentEventBean();
        javaAgentEventBean.setHttpRequest(httpRequest);
        javaAgentEventBean.setMetaData(agentMetaData);
        javaAgentEventBean.getMetaData().setAppServerInfo(AppServerInfoHelper.getAppServerInfo());
        javaAgentEventBean.setCaseType(vulnerabilityCaseType.getCaseType());
        javaAgentEventBean.setIsAPIBlocked(agentMetaData.isApiBlocked());
        javaAgentEventBean.setStacktrace(this.operation.getStackTrace());
        javaAgentEventBean.setIsIASTRequest(k2RequestIdentifier.getK2Request());
        if (AgentUtils.getInstance().getAgentPolicy().getVulnerabilityScan().getEnabled().booleanValue() && AgentUtils.getInstance().getAgentPolicy().getVulnerabilityScan().getIastScan().getEnabled().booleanValue()) {
            javaAgentEventBean.setIsIASTEnable(true);
        }
        return javaAgentEventBean;
    }
}
