package org.eclipse.steady.malice;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Path;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import org.apache.commons.compress.archivers.ArchiveEntry;
import org.apache.commons.compress.archivers.ArchiveInputStream;
import org.apache.commons.compress.archivers.tar.TarArchiveInputStream;
import org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.eclipse.steady.shared.util.DirUtil;
import org.eclipse.steady.shared.util.StringUtil;
import org.eclipse.steady.shared.util.VulasConfiguration;

/* loaded from: input_file:org/eclipse/steady/malice/ZipSlipAnalyzer.class */
public class ZipSlipAnalyzer implements MaliciousnessAnalyzer {
    private static final Logger log = LogManager.getLogger();
    private Path destinationPath = VulasConfiguration.getGlobal().getTmpDir().toAbsolutePath().resolve(StringUtil.getRandonString(10));

    @Override // org.eclipse.steady.malice.MaliciousnessAnalyzer
    public MaliciousnessAnalysisResult isMalicious(File file) {
        MaliciousnessAnalysisResult maliciousnessAnalysisResult = null;
        String name = file.getName();
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                if (name.endsWith(".zip") || name.endsWith(".jar") || name.endsWith(".war") || name.endsWith(".ear") || name.endsWith(".aar")) {
                    maliciousnessAnalysisResult = isMalicious(new ZipInputStream(fileInputStream), false);
                } else if (name.endsWith(".tar")) {
                    maliciousnessAnalysisResult = isMalicious(new TarArchiveInputStream(fileInputStream), false);
                } else if (name.endsWith(".tar.gz")) {
                    maliciousnessAnalysisResult = isMalicious(new TarArchiveInputStream(new GzipCompressorInputStream(new BufferedInputStream(fileInputStream))), false);
                } else {
                    log.warn("Cannot analyze [" + file.toPath().toAbsolutePath() + DefaultExpressionEngine.DEFAULT_ATTRIBUTE_END);
                }
                if (maliciousnessAnalysisResult != null) {
                    maliciousnessAnalysisResult.setReason("[" + file.toPath().toAbsolutePath() + "] " + maliciousnessAnalysisResult.getReason());
                    if (maliciousnessAnalysisResult.isMalicious()) {
                        log.warn(maliciousnessAnalysisResult.getReason());
                    } else {
                        log.info(maliciousnessAnalysisResult.getReason());
                    }
                }
                fileInputStream.close();
            } finally {
            }
        } catch (FileNotFoundException e) {
            log.error("File [" + file.getAbsolutePath() + "] cannot be found");
        } catch (IOException e2) {
            log.error(e2.getClass().getSimpleName() + " when opening [" + file.getAbsolutePath() + "]: " + e2.getMessage(), (Throwable) e2);
        }
        return maliciousnessAnalysisResult;
    }

    @Override // org.eclipse.steady.malice.MaliciousnessAnalyzer
    public MaliciousnessAnalysisResult isMalicious(InputStream inputStream, boolean z) {
        ZipEntry nextEntry;
        ArchiveEntry nextEntry2;
        StringBuffer stringBuffer = new StringBuffer();
        int i = 0;
        MaliciousnessAnalysisResult maliciousnessAnalysisResult = new MaliciousnessAnalysisResult();
        maliciousnessAnalysisResult.setAnalyzer(getClass().getName());
        if (inputStream instanceof ZipInputStream) {
            while (true) {
                try {
                    nextEntry = ((ZipInputStream) inputStream).getNextEntry();
                } catch (IOException e) {
                    log.error(e.getClass().getSimpleName() + " when looping archive entries: " + e.getMessage(), (Throwable) e);
                }
                if (nextEntry == null) {
                    break;
                }
                i++;
                if (!DirUtil.isBelowDestinationPath(this.destinationPath, nextEntry.getName())) {
                    maliciousnessAnalysisResult.setResult(1.0d);
                    if (stringBuffer.length() > 0) {
                        stringBuffer.append(", ");
                    }
                    stringBuffer.append(nextEntry.getName());
                }
            }
        } else if (inputStream instanceof ArchiveInputStream) {
            while (true) {
                try {
                    nextEntry2 = ((ArchiveInputStream) inputStream).getNextEntry();
                } catch (IOException e2) {
                    log.error(e2.getClass().getSimpleName() + " when looping archive entries: " + e2.getMessage(), (Throwable) e2);
                }
                if (nextEntry2 == null) {
                    break;
                }
                i++;
                if (!DirUtil.isBelowDestinationPath(this.destinationPath, nextEntry2.getName())) {
                    maliciousnessAnalysisResult.setResult(1.0d);
                    if (stringBuffer.length() > 0) {
                        stringBuffer.append(", ");
                    }
                    stringBuffer.append(nextEntry2.getName());
                }
            }
        }
        if (maliciousnessAnalysisResult.isMalicious()) {
            maliciousnessAnalysisResult.setReason("Archive is subject to ZipSlip vulnerability, the following file(s) would be extracted outside of an intended target folder:");
            maliciousnessAnalysisResult.appendReason(stringBuffer.toString(), " ");
            if (z) {
                log.warn(maliciousnessAnalysisResult.getReason());
            }
        } else {
            maliciousnessAnalysisResult.setReason("Archive is NOT subject to ZipSlip vulnerability, all [" + i + "] archive entries would be extracted inside or below an intended target folder");
            if (z) {
                log.debug(maliciousnessAnalysisResult.getReason());
            }
        }
        return maliciousnessAnalysisResult;
    }
}
