Skip to content

Commit ff456d8

Browse files
jandro996jandro996
committed
first steps to add cmdArray support (not blocking)
1 parent 137520f commit ff456d8

File tree

2 files changed

+52
-41
lines changed

2 files changed

+52
-41
lines changed

dd-java-agent/instrumentation/java-lang/src/main/java/datadog/trace/instrumentation/java/lang/RuntimeCallSite.java

+48-41
Original file line numberDiff line numberDiff line change
@@ -27,14 +27,8 @@ public static void beforeStart(@CallSite.Argument @Nullable final String command
2727
@CallSite.Before("java.lang.Process java.lang.Runtime.exec(java.lang.String[])")
2828
public static void beforeExec(@CallSite.Argument @Nullable final String[] cmdArray) {
2929
if (cmdArray != null && cmdArray.length > 0) { // runtime fails if null or empty
30-
final CommandInjectionModule module = InstrumentationBridge.COMMAND_INJECTION;
31-
if (module != null) {
32-
try {
33-
module.onRuntimeExec(cmdArray);
34-
} catch (final Throwable e) {
35-
module.onUnexpectedException("beforeExec threw", e);
36-
}
37-
}
30+
iastCallback(cmdArray);
31+
raspCallback(cmdArray);
3832
}
3933
}
4034

@@ -43,14 +37,8 @@ public static void beforeExec(
4337
@CallSite.Argument @Nullable final String command,
4438
@CallSite.Argument @Nullable final String[] envp) {
4539
if (command != null) { // runtime fails if null
46-
final CommandInjectionModule module = InstrumentationBridge.COMMAND_INJECTION;
47-
if (module != null) {
48-
try {
49-
module.onRuntimeExec(envp, command);
50-
} catch (final Throwable e) {
51-
module.onUnexpectedException("beforeExec threw", e);
52-
}
53-
}
40+
iastCallback(envp, command);
41+
raspCallback(command);
5442
}
5543
}
5644

@@ -60,14 +48,8 @@ public static void beforeExec(
6048
@CallSite.Argument @Nullable final String[] cmdArray,
6149
@CallSite.Argument @Nullable final String[] envp) {
6250
if (cmdArray != null && cmdArray.length > 0) { // runtime fails if null or empty
63-
final CommandInjectionModule module = InstrumentationBridge.COMMAND_INJECTION;
64-
if (module != null) {
65-
try {
66-
module.onRuntimeExec(envp, cmdArray);
67-
} catch (final Throwable e) {
68-
module.onUnexpectedException("beforeExec threw", e);
69-
}
70-
}
51+
iastCallback(envp, cmdArray);
52+
raspCallback(cmdArray);
7153
}
7254
}
7355

@@ -78,14 +60,8 @@ public static void beforeExec(
7860
@CallSite.Argument @Nullable final String[] envp,
7961
@CallSite.Argument @Nullable final File dir) {
8062
if (command != null) { // runtime fails if null
81-
final CommandInjectionModule module = InstrumentationBridge.COMMAND_INJECTION;
82-
if (module != null) {
83-
try {
84-
module.onRuntimeExec(envp, command);
85-
} catch (final Throwable e) {
86-
module.onUnexpectedException("beforeExec threw", e);
87-
}
88-
}
63+
iastCallback(envp, command);
64+
raspCallback(command);
8965
}
9066
}
9167

@@ -96,14 +72,8 @@ public static void beforeExec(
9672
@CallSite.Argument @Nullable final String[] envp,
9773
@CallSite.Argument @Nullable final File dir) {
9874
if (cmdArray != null && cmdArray.length > 0) { // runtime fails if null or empty
99-
final CommandInjectionModule module = InstrumentationBridge.COMMAND_INJECTION;
100-
if (module != null) {
101-
try {
102-
module.onRuntimeExec(envp, cmdArray);
103-
} catch (final Throwable e) {
104-
module.onUnexpectedException("beforeExec threw", e);
105-
}
106-
}
75+
iastCallback(envp, cmdArray);
76+
raspCallback(cmdArray);
10777
}
10878
}
10979

@@ -113,12 +83,49 @@ private static void iastCallback(String command) {
11383
try {
11484
module.onRuntimeExec(command);
11585
} catch (final Throwable e) {
116-
module.onUnexpectedException("beforeExec threw", e);
86+
module.onUnexpectedException("iastCallback threw", e);
87+
}
88+
}
89+
}
90+
91+
private static void iastCallback(String[] cmdArray) {
92+
final CommandInjectionModule module = InstrumentationBridge.COMMAND_INJECTION;
93+
if (module != null) {
94+
try {
95+
module.onRuntimeExec(cmdArray);
96+
} catch (final Throwable e) {
97+
module.onUnexpectedException("iastCallback threw", e);
98+
}
99+
}
100+
}
101+
102+
private static void iastCallback(String[] envp, String command) {
103+
final CommandInjectionModule module = InstrumentationBridge.COMMAND_INJECTION;
104+
if (module != null) {
105+
try {
106+
module.onRuntimeExec(envp, command);
107+
} catch (final Throwable e) {
108+
module.onUnexpectedException("iastCallback threw", e);
109+
}
110+
}
111+
}
112+
113+
private static void iastCallback(String[] envp, String[] cmdArray) {
114+
final CommandInjectionModule module = InstrumentationBridge.COMMAND_INJECTION;
115+
if (module != null) {
116+
try {
117+
module.onRuntimeExec(envp, cmdArray);
118+
} catch (final Throwable e) {
119+
module.onUnexpectedException("iastCallback threw", e);
117120
}
118121
}
119122
}
120123

121124
private static void raspCallback(String command) {
122125
ShellCmdRaspHelper.INSTANCE.beforeShellCmd(command);
123126
}
127+
128+
private static void raspCallback(String[] cmdArray) {
129+
ShellCmdRaspHelper.INSTANCE.beforeShellCmd(cmdArray);
130+
}
124131
}

dd-java-agent/instrumentation/java-lang/src/main/java/datadog/trace/instrumentation/java/lang/ShellCmdRaspHelper.java

+4
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,10 @@ private ShellCmdRaspHelper() {
2525
// prevent instantiation
2626
}
2727

28+
public void beforeShellCmd(@Nonnull final String[] cmdArray) {
29+
// TODO
30+
}
31+
2832
public void beforeShellCmd(@Nonnull final String cmd) {
2933
if (!Config.get().isAppSecRaspEnabled()) {
3034
return;

0 commit comments

Comments
 (0)