fix bug: parseCustomModel RequestWrapper.

‘niuerzhuang’ · ‘niuerzhuang’ · commit cc41c6898ddd · 2022-10-21T14:33:54.000+08:00
diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/EngineManager.java b/dongtai-core/src/main/java/io/dongtai/iast/core/EngineManager.java
@@ -136,6 +136,7 @@ public static void cleanThreadState() {
         EngineManager.TAINT_HASH_CODES.remove();
         EngineManager.TAINT_RANGES_POOL.remove();
         EngineManager.SCOPE_TRACKER.remove();
+        EngineManager.ENTER_REPLAY_ENTRYPOINT.remove();
         FallbackSwitch.clearHeavyHookFallback();
         EngineManager.getFallbackManager().getHookRateLimiter().remove();
         ContextManager.getCONTEXT().remove();
diff --git a/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/graphy/GraphBuilder.java b/dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/graphy/GraphBuilder.java
@@ -26,12 +26,7 @@ public class GraphBuilder {
     public static void buildAndReport(Object request, Object response) {
         List<GraphNode> nodeList = build();
         String report = convertToReport(nodeList, request, response);
-        if (null == report){
-            EngineManager.ENTER_REPLAY_ENTRYPOINT.remove();
-            return;
-        }
         ThreadPools.sendPriorityReport(ApiPath.REPORT_UPLOAD, report);
-        EngineManager.ENTER_REPLAY_ENTRYPOINT.remove();
     }
 
     /**
@@ -79,66 +74,61 @@ public static List<GraphNode> build() {
                                 event.sourceTypes
                         )
                 );
-            }catch (Exception e){
+            } catch (Exception e) {
                 DongTaiLog.debug(e);
             }
         }
         return nodeList;
     }
 
     public static String convertToReport(List<GraphNode> nodeList, Object request, Object response) {
-        try {
-            Map<String, Object> requestMeta = EngineManager.REQUEST_CONTEXT.get();
-            Map<String, Object> responseMeta = response == null ? null : HttpImpl.getResponseMeta(response);
-            JSONObject report = new JSONObject();
-            JSONObject detail = new JSONObject();
-            JSONArray methodPool = new JSONArray();
-
-            report.put(ReportKey.TYPE, ReportType.VULN_SAAS_POOL);
-            report.put(ReportKey.VERSION, "v2");
-            report.put(ReportKey.DETAIL, detail);
-
-            detail.put(ReportKey.AGENT_ID, EngineManager.getAgentId());
-            detail.put(ReportKey.PROTOCOL, requestMeta.getOrDefault("protocol", "unknown"));
-            detail.put(ReportKey.SCHEME, requestMeta.getOrDefault("scheme", ""));
-            detail.put(ReportKey.METHOD, requestMeta.getOrDefault("method", ""));
-            detail.put(ReportKey.SECURE, requestMeta.getOrDefault("secure", ""));
-            String requestURL = requestMeta.getOrDefault("requestURL", "").toString();
-            if(null == requestURL){
-                return null;
-            }
-            detail.put(ReportKey.URL, requestURL);
-            String requestURI = requestMeta.getOrDefault("requestURI", "").toString();
-            if (null == requestURI){
-                return null;
-            }
-            detail.put(ReportKey.URI, requestURI);
-            setURL(requestURL);
-            setURI(requestURI);
-            detail.put(ReportKey.CLIENT_IP, requestMeta.getOrDefault("remoteAddr", ""));
-            detail.put(ReportKey.QUERY_STRING, requestMeta.getOrDefault("queryString", ""));
-            detail.put(ReportKey.REQ_HEADER,
-                    AbstractNormalVulScan.getEncodedHeader((Map<String, String>) requestMeta.getOrDefault("headers", new HashMap<String, String>())));
-            // 设置请求体
-            detail.put(ReportKey.REQ_BODY, request == null ? "" : HttpImpl.getPostBody(request));
-            detail.put(ReportKey.RES_HEADER, responseMeta == null ? ""
-                    : Base64Encoder.encodeBase64String(responseMeta.getOrDefault("headers", "").toString().getBytes())
-                    .replaceAll("\n", ""));
-            detail.put(ReportKey.RES_BODY, responseMeta == null ? "" : Base64Encoder.encodeBase64String(
-                    getResponseBody(responseMeta)));
-            detail.put(ReportKey.CONTEXT_PATH, requestMeta.getOrDefault("contextPath", ""));
-            detail.put(ReportKey.REPLAY_REQUEST, requestMeta.getOrDefault("replay-request", false));
-
-            detail.put(ReportKey.METHOD_POOL, methodPool);
-
-            for (GraphNode node : nodeList) {
-                methodPool.put(node.toJson());
-            }
-
-            return report.toString();
-        } catch (Exception e){
+        Map<String, Object> requestMeta = EngineManager.REQUEST_CONTEXT.get();
+        Map<String, Object> responseMeta = response == null ? null : HttpImpl.getResponseMeta(response);
+        JSONObject report = new JSONObject();
+        JSONObject detail = new JSONObject();
+        JSONArray methodPool = new JSONArray();
+
+        report.put(ReportKey.TYPE, ReportType.VULN_SAAS_POOL);
+        report.put(ReportKey.VERSION, "v2");
+        report.put(ReportKey.DETAIL, detail);
+
+        detail.put(ReportKey.AGENT_ID, EngineManager.getAgentId());
+        detail.put(ReportKey.PROTOCOL, requestMeta.getOrDefault("protocol", "unknown"));
+        detail.put(ReportKey.SCHEME, requestMeta.getOrDefault("scheme", ""));
+        detail.put(ReportKey.METHOD, requestMeta.getOrDefault("method", ""));
+        detail.put(ReportKey.SECURE, requestMeta.getOrDefault("secure", ""));
+        String requestURL = requestMeta.getOrDefault("requestURL", "").toString();
+        if (null == requestURL) {
+            return null;
+        }
+        detail.put(ReportKey.URL, requestURL);
+        String requestURI = requestMeta.getOrDefault("requestURI", "").toString();
+        if (null == requestURI) {
             return null;
         }
+        detail.put(ReportKey.URI, requestURI);
+        setURL(requestURL);
+        setURI(requestURI);
+        detail.put(ReportKey.CLIENT_IP, requestMeta.getOrDefault("remoteAddr", ""));
+        detail.put(ReportKey.QUERY_STRING, requestMeta.getOrDefault("queryString", ""));
+        detail.put(ReportKey.REQ_HEADER,
+                AbstractNormalVulScan.getEncodedHeader((Map<String, String>) requestMeta.getOrDefault("headers", new HashMap<String, String>())));
+        // 设置请求体
+        detail.put(ReportKey.REQ_BODY, request == null ? "" : HttpImpl.getPostBody(request));
+        detail.put(ReportKey.RES_HEADER, responseMeta == null ? ""
+                : Base64Encoder.encodeBase64String(responseMeta.getOrDefault("headers", "").toString().getBytes())
+                .replaceAll("\n", ""));
+        detail.put(ReportKey.RES_BODY, responseMeta == null ? "" : Base64Encoder.encodeBase64String(
+                getResponseBody(responseMeta)));
+        detail.put(ReportKey.CONTEXT_PATH, requestMeta.getOrDefault("contextPath", ""));
+        detail.put(ReportKey.REPLAY_REQUEST, requestMeta.getOrDefault("replay-request", false));
+
+        detail.put(ReportKey.METHOD_POOL, methodPool);
+
+        for (GraphNode node : nodeList) {
+            methodPool.put(node.toJson());
+        }
+        return report.toString();
     }
 
     private static byte[] getResponseBody(Map<String, Object> responseMeta) {
