Skip to content

Commit

Permalink
pr
Browse files Browse the repository at this point in the history
  • Loading branch information
sezen-datadog committed Jan 31, 2025
1 parent 34796da commit 631b775
Show file tree
Hide file tree
Showing 8 changed files with 54 additions and 22 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,7 @@ public static String afterEscape(
final PropagationModule module = InstrumentationBridge.PROPAGATION;
if (module != null) {
try {
module.taintStringIfTainted(
result,
input,
false,
VulnerabilityMarks.XSS_MARK | VulnerabilityMarks.EMAIL_HTML_INJECTION_MARK);
module.taintStringIfTainted(result, input, false, VulnerabilityMarks.HTML_ESCAPED_MARK);
} catch (final Throwable e) {
module.onUnexpectedException("afterEscape threw", e);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,7 @@ public static String afterEscape(
final PropagationModule module = InstrumentationBridge.PROPAGATION;
if (module != null) {
try {
module.taintStringIfTainted(
result,
input,
false,
VulnerabilityMarks.XSS_MARK | VulnerabilityMarks.EMAIL_HTML_INJECTION_MARK);
module.taintStringIfTainted(result, input, false, VulnerabilityMarks.HTML_ESCAPED_MARK);
} catch (final Throwable e) {
module.onUnexpectedException("afterEscape threw", e);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ class StringEscapeUtilsCallSiteTest extends AgentTestRunner {

then:
result == expected
1 * module.taintStringIfTainted(_ as String, args[0], false, VulnerabilityMarks.XSS_MARK | VulnerabilityMarks.EMAIL_HTML_INJECTION_MARK)
1 * module.taintStringIfTainted(_ as String, args[0], false, VulnerabilityMarks.HTML_ESCAPED_MARK)
0 * _

where:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,7 @@ public static String afterEscape(
final PropagationModule module = InstrumentationBridge.PROPAGATION;
if (module != null) {
try {
module.taintStringIfTainted(
result,
input,
false,
VulnerabilityMarks.XSS_MARK | VulnerabilityMarks.EMAIL_HTML_INJECTION_MARK);
module.taintStringIfTainted(result, input, false, VulnerabilityMarks.HTML_ESCAPED_MARK);
} catch (final Throwable e) {
module.onUnexpectedException("afterEscape threw", e);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ class StringEscapeUtilsCallSiteTest extends AgentTestRunner {

then:
result == expected
1 * module.taintStringIfTainted(_ as String, args[0], false, VulnerabilityMarks.XSS_MARK | VulnerabilityMarks.EMAIL_HTML_INJECTION_MARK)
1 * module.taintStringIfTainted(_ as String, args[0], false, VulnerabilityMarks.HTML_ESCAPED_MARK)
0 * _

where:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ class JakartaMailInstrumentationTest extends AgentTestRunner {
}


void 'test jakarta mail Message text'() {
void 'test jakarta mail Message HTML text'() {
given:
final module = Mock(EmailInjectionModule)
InstrumentationBridge.registerIastModule(module)
Expand All @@ -41,6 +41,28 @@ class JakartaMailInstrumentationTest extends AgentTestRunner {
"html" | "<html><body>Hello, Content!</body></html>"
}

void 'test jakarta mail Message Plain text'() {
given:
final module = Mock(EmailInjectionModule)
InstrumentationBridge.registerIastModule(module)
def session = Session.getDefaultInstance(new Properties())
def provider = new Provider(Provider.Type.TRANSPORT, "smtp", MockTransport.name, "MockTransport", "1.0")
session.setProvider(provider)
final message = new MimeMessage(session)
message.setRecipient(Message.RecipientType.TO, new InternetAddress("[email protected]"))
message.setText(content, "utf-8", mimetype)

when:
Transport.send(message)

then:
0 * module.onSendEmail(message.getContent())

where:
mimetype | content
"plain" | "<html><body>Hello, Content!</body></html>"
}

void 'test jakarta mail Message Content'() {
given:
final module = Mock(EmailInjectionModule)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ class JavaxMailInstrumentationTest extends AgentTestRunner {
injectSysConfig("dd.iast.enabled", "true")
}

void 'test javax mail Message text'() {
void 'test javax mail Message HTML text'() {
given:
final module = Mock(EmailInjectionModule)
InstrumentationBridge.registerIastModule(module)
Expand All @@ -41,6 +41,28 @@ class JavaxMailInstrumentationTest extends AgentTestRunner {
"html" | "<html><body>Hello, Content!</body></html>"
}

void 'test javax mail Message Plain text'() {
given:
final module = Mock(EmailInjectionModule)
InstrumentationBridge.registerIastModule(module)
def session = Session.getDefaultInstance(new Properties())
def provider = new Provider(Provider.Type.TRANSPORT, "smtp", MockTransport.name, "MockTransport", "1.0")
session.setProvider(provider)
final message = new MimeMessage(session)
message.setRecipient(Message.RecipientType.TO, new InternetAddress("[email protected]"))
message.setText(content, "utf-8", mimetype)

when:
Transport.send(message)

then:
0 * module.onSendEmail(message.getContent())

where:
mimetype | content
"plain" | "<html><body>Hello, Content!</body></html>"
}

void 'test javax mail Message Content'() {
given:
final module = Mock(EmailInjectionModule)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,10 @@ private VulnerabilityMarks() {}

public static final int CUSTOM_SECURITY_CONTROL_MARK = 1 << 13;
public static final int EMAIL_HTML_INJECTION_MARK = 1 << 14;
public static final int HTML_ESCAPED_MARK = XSS_MARK | EMAIL_HTML_INJECTION_MARK;

public static int markForAll() {
return XSS_MARK
return HTML_ESCAPED_MARK
| XPATH_INJECTION_MARK
| SQL_INJECTION_MARK
| COMMAND_INJECTION_MARK
Expand All @@ -37,8 +38,7 @@ public static int markForAll() {
| HEADER_INJECTION_MARK
| REFLECTION_INJECTION_MARK
| UNTRUSTED_DESERIALIZATION_MARK
| CUSTOM_SECURITY_CONTROL_MARK
| EMAIL_HTML_INJECTION_MARK;
| CUSTOM_SECURITY_CONTROL_MARK;
}

public static int getMarkFromVulnerabitityType(final String vulnerabilityTypeString) {
Expand Down

0 comments on commit 631b775

Please sign in to comment.