Merge pull request HXSecurity#329 from Nizernizer/main

fix bug

Author: Nizernizer

dongtai-agent/src/main/java/io/dongtai/iast/agent/manager/EngineManager.java

@@ -29,12 +29,14 @@ public class EngineManager {
  private static final String REMOTE_CONFIG_UTILS_CLASS = "io.dongtai.iast.core.utils.config.RemoteConfigUtils";
  private static final String ENGINE_MANAGER_CLASS = "io.dongtai.iast.core.EngineManager";
  private static final String INJECT_PACKAGE_REMOTE_URI = "/api/v1/engine/download?engineName=dongtai-spy";
+ private static final String INJECT_PACKAGE_REMOTE_URI_JDK6 = "/api/v1/engine/download?engineName=dongtai-spy-jdk6";
  private static final String ENGINE_PACKAGE_REMOTE_URI = "/api/v1/engine/download?engineName=dongtai-core";
+ private static final String ENGINE_PACKAGE_REMOTE_URI_JDK6 = "/api/v1/engine/download?engineName=dongtai-core-jdk6";
  private static final String API_PACKAGE_REMOTE_URI = "/api/v1/engine/download?engineName=dongtai-api";
+ private static final String API_PACKAGE_REMOTE_URI_JDK6 = "/api/v1/engine/download?engineName=dongtai-api-jdk6";
  private static IastClassLoader IAST_CLASS_LOADER;
  private static EngineManager INSTANCE;
  private static String PID;
-
  private final Instrumentation inst;
  private int runningStatus;
  private static boolean isCoreStop;
@@ -247,6 +249,22 @@ public boolean downloadPackageFromServer() {
  downloadJarPackageToCacheFromUrl(baseUrl + "/api/v1/engine/download?engineName=dongtai-grpc", getGrpcPackagePath());
  }
 
+ /**
+ * 更新IAST引擎需要的jar包，用于启动时加载和热更新检测引擎 - iast-core.jar - iast-inject.jar
+ *
+ * @return 更新状态，成功为true，失败为false
+ */
+ public boolean downloadPackageFromServerJdk6() {
+ String baseUrl = properties.getBaseUrl();
+ // 自定义jar下载地址
+ String spyJarUrl = "".equals(properties.getCustomSpyJarUrl()) ? baseUrl + INJECT_PACKAGE_REMOTE_URI_JDK6 : properties.getCustomSpyJarUrl();
+ String coreJarUrl = "".equals(properties.getCustomCoreJarUrl()) ? baseUrl + ENGINE_PACKAGE_REMOTE_URI_JDK6 : properties.getCustomCoreJarUrl();
+ String apiJarUrl = "".equals(properties.getCustomApiJarUrl()) ? baseUrl + API_PACKAGE_REMOTE_URI_JDK6 : properties.getCustomApiJarUrl();
+ return downloadJarPackageToCacheFromUrl(spyJarUrl, getInjectPackageCachePath()) &&
+ downloadJarPackageToCacheFromUrl(coreJarUrl, getEnginePackageCachePath()) &&
+ downloadJarPackageToCacheFromUrl(apiJarUrl, getApiPackagePath());
+ }
+
  /**
  * 从 dongtai-agent.jar 提取相关的jar包
  *
@@ -284,6 +302,24 @@ public boolean extractPackage() {
  }
  }
 
+ public boolean extractPackageJdk6() {
+ // 解析jar包到本地
+ String spyPackage = getInjectPackageCachePath();
+ String enginePackage = getEnginePackageCachePath();
+ String apiPackage = getApiPackagePath();
+ if (properties.isDebug()) {
+ DongTaiLog.info("current mode: debug, try to read package from directory {}", System.getProperty("java.io.tmpdir.dongtai"));
+ if ((new File(spyPackage)).exists() && (new File(enginePackage)).exists() && (new File(apiPackage)).exists()) {
+ return true;
+ }
+ }
+ if(properties.getIsDownloadPackage().equals("true")){
+ return downloadPackageFromServerJdk6();
+ }else {
+ return extractPackageFromAgent();
+ }
+ }
+
  public boolean install() {
  String spyPackage = EngineManager.getInjectPackageCachePath();
  String corePackage = EngineManager.getEnginePackageCachePath();
@@ -311,7 +347,6 @@ public boolean install() {
  } catch (Throwable throwable) {
  DongTaiLog.error("Throwable: DongTai engine start failed, please contact staff for help.");
  DongTaiLog.error(throwable);
-
  }
  return false;
  }

dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/MonitorDaemonThread.java

@@ -70,11 +70,18 @@ public void run() {
 
 
  public void startEngine() {
- boolean status = couldInstallEngine();
- // todo: 下载功能优先走本地缓存
- status = status && engineManager.extractPackage();
- status = status && engineManager.install();
- status = status && engineManager.start();
+ boolean status = true;
+ if(couldInstallEngine()){
+ // jdk8以上
+ status = status && engineManager.extractPackage();
+ status = status && engineManager.install();
+ status = status && engineManager.start();
+ }else {
+ // jdk6-7
+ status = status && engineManager.extractPackageJdk6();
+ status = status && engineManager.install();
+ status = status && engineManager.start();
+ }
  if (!status) {
  DongTaiLog.info("DongTai IAST started failure");
  }

dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/collector/MetricsBindCollectorEnum.java

@@ -20,7 +20,7 @@ public enum MetricsBindCollectorEnum {
 
  MEM_USAGE_COLLECTOR(MEM_USAGE, MemUsageCollector.class, "绑定内存使用率收集器"),
 
- MEM_NO_HEAP_USAGE_COLLECTOR(MEM_NO_HEAP_USAGE, MemNoHeapUsageCollector.class, "绑定堆外内存使用率收集器"),
+ MEM_NO_HEAP_USAGE_COLLECTOR(MEM_NO_HEAP_USAGE, SystemMemUsageCollector.class, "绑定系统内存使用率收集器"),
 
  GARBAGE_INFO_COLLECTOR(GARBAGE_INFO, GarbageInfoCollector.class, "绑定垃圾回收信息收集器"),
 

dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/collector/impl/CpuUsageCollector.java

@@ -3,9 +3,11 @@
 import io.dongtai.iast.common.entity.performance.PerformanceMetrics;
 import io.dongtai.iast.common.entity.performance.metrics.CpuInfoMetrics;
 import io.dongtai.iast.common.enums.MetricsKey;
+import io.dongtai.iast.common.utils.version.JavaVersionUtils;
 import oshi.SystemInfo;
 import oshi.hardware.CentralProcessor;
 
+import java.lang.management.ManagementFactory;
 import java.util.concurrent.TimeUnit;
 
 /**
@@ -18,27 +20,35 @@ public class CpuUsageCollector extends AbstractPerformanceCollector {
 
  @Override
  public PerformanceMetrics getMetrics() {
- SystemInfo systemInfo = new SystemInfo();
- CentralProcessor processor = systemInfo.getHardware().getProcessor();
- long[] prevTicks = processor.getSystemCpuLoadTicks();
- try {
- TimeUnit.SECONDS.sleep(1);
- } catch (InterruptedException ignored) {
- }
- long[] ticks = processor.getSystemCpuLoadTicks();
- long nice = ticks[CentralProcessor.TickType.NICE.getIndex()] - prevTicks[CentralProcessor.TickType.NICE.getIndex()];
- long irq = ticks[CentralProcessor.TickType.IRQ.getIndex()] - prevTicks[CentralProcessor.TickType.IRQ.getIndex()];
- long softirq = ticks[CentralProcessor.TickType.SOFTIRQ.getIndex()] - prevTicks[CentralProcessor.TickType.SOFTIRQ.getIndex()];
- long steal = ticks[CentralProcessor.TickType.STEAL.getIndex()] - prevTicks[CentralProcessor.TickType.STEAL.getIndex()];
- long cSys = ticks[CentralProcessor.TickType.SYSTEM.getIndex()] - prevTicks[CentralProcessor.TickType.SYSTEM.getIndex()];
- long user = ticks[CentralProcessor.TickType.USER.getIndex()] - prevTicks[CentralProcessor.TickType.USER.getIndex()];
- long iowait = ticks[CentralProcessor.TickType.IOWAIT.getIndex()] - prevTicks[CentralProcessor.TickType.IOWAIT.getIndex()];
- long idle = ticks[CentralProcessor.TickType.IDLE.getIndex()] - prevTicks[CentralProcessor.TickType.IDLE.getIndex()];
- long totalCpu = user + nice + cSys + idle + iowait + irq + softirq + steal;
+ if (JavaVersionUtils.isJava6()){
+ com.sun.management.OperatingSystemMXBean osmxb = (com.sun.management.OperatingSystemMXBean) ManagementFactory.getOperatingSystemMXBean();
+ double systemCpuLoad = osmxb.getSystemCpuLoad()*100;
+ CpuInfoMetrics metricsValue = new CpuInfoMetrics();
+ metricsValue.setCpuUsagePercentage(systemCpuLoad);
+ return buildMetricsData(MetricsKey.CPU_USAGE, metricsValue);
+ }else {
+ SystemInfo systemInfo = new SystemInfo();
+ CentralProcessor processor = systemInfo.getHardware().getProcessor();
+ long[] prevTicks = processor.getSystemCpuLoadTicks();
+ try {
+ TimeUnit.SECONDS.sleep(1);
+ } catch (InterruptedException ignored) {
+ }
+ long[] ticks = processor.getSystemCpuLoadTicks();
+ long nice = ticks[CentralProcessor.TickType.NICE.getIndex()] - prevTicks[CentralProcessor.TickType.NICE.getIndex()];
+ long irq = ticks[CentralProcessor.TickType.IRQ.getIndex()] - prevTicks[CentralProcessor.TickType.IRQ.getIndex()];
+ long softirq = ticks[CentralProcessor.TickType.SOFTIRQ.getIndex()] - prevTicks[CentralProcessor.TickType.SOFTIRQ.getIndex()];
+ long steal = ticks[CentralProcessor.TickType.STEAL.getIndex()] - prevTicks[CentralProcessor.TickType.STEAL.getIndex()];
+ long cSys = ticks[CentralProcessor.TickType.SYSTEM.getIndex()] - prevTicks[CentralProcessor.TickType.SYSTEM.getIndex()];
+ long user = ticks[CentralProcessor.TickType.USER.getIndex()] - prevTicks[CentralProcessor.TickType.USER.getIndex()];
+ long iowait = ticks[CentralProcessor.TickType.IOWAIT.getIndex()] - prevTicks[CentralProcessor.TickType.IOWAIT.getIndex()];
+ long idle = ticks[CentralProcessor.TickType.IDLE.getIndex()] - prevTicks[CentralProcessor.TickType.IDLE.getIndex()];
+ long totalCpu = user + nice + cSys + idle + iowait + irq + softirq + steal;
 
- CpuInfoMetrics metricsValue = new CpuInfoMetrics();
- metricsValue.setCpuUsagePercentage((1.0 - (idle * 1.0 / totalCpu)) * 100);
- return buildMetricsData(MetricsKey.CPU_USAGE, metricsValue);
+ CpuInfoMetrics metricsValue = new CpuInfoMetrics();
+ metricsValue.setCpuUsagePercentage((1.0 - (idle * 1.0 / totalCpu)) * 100);
+ return buildMetricsData(MetricsKey.CPU_USAGE, metricsValue);
+ }
  }
 
 }

dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/collector/impl/SystemMemUsageCollector.java

@@ -0,0 +1,24 @@
+package io.dongtai.iast.agent.monitor.collector.impl;
+
+import io.dongtai.iast.common.entity.performance.PerformanceMetrics;
+import io.dongtai.iast.common.entity.performance.metrics.MemoryUsageMetrics;
+import io.dongtai.iast.common.enums.MetricsKey;
+
+import java.lang.management.ManagementFactory;
+import java.lang.management.MemoryUsage;
+
+public class SystemMemUsageCollector extends AbstractPerformanceCollector {
+ /**
+ * 获取性能指标
+ *
+ * @return 性能指标
+ */
+ @Override
+ public PerformanceMetrics getMetrics() {
+ com.sun.management.OperatingSystemMXBean osmxb = (com.sun.management.OperatingSystemMXBean) ManagementFactory.getOperatingSystemMXBean();
+ long totalPhysicalMemorySize = osmxb.getTotalPhysicalMemorySize();
+ long usedPhysicalMemorySize = totalPhysicalMemorySize - osmxb.getFreePhysicalMemorySize();
+ MemoryUsageMetrics metricsValue = MemoryUsageMetrics.clone(new MemoryUsage(totalPhysicalMemorySize, usedPhysicalMemorySize, usedPhysicalMemorySize, totalPhysicalMemorySize));
+ return buildMetricsData(MetricsKey.MEM_NO_HEAP_USAGE, metricsValue);
+ }
+}

dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/EngineMonitor.java

@@ -8,6 +8,7 @@
 import io.dongtai.iast.agent.util.ThreadUtils;
 import io.dongtai.iast.agent.util.http.HttpClientUtils;
 import io.dongtai.iast.agent.Constant;
+import io.dongtai.iast.common.utils.version.JavaVersionUtils;
 import io.dongtai.log.DongTaiLog;
 import org.json.JSONObject;
 
@@ -98,14 +99,32 @@ private String checkForStatus() {
  }
 
  public void startEngine() {
- boolean status = engineManager.extractPackage();
- status = status && engineManager.install();
- status = status && engineManager.start();
+ boolean status = true;
+ if(couldInstallEngine()){
+ // jdk8以上
+ status = status && engineManager.extractPackage();
+ status = status && engineManager.install();
+ status = status && engineManager.start();
+ }else {
+ // jdk6-7
+ status = status && engineManager.extractPackage();
+ status = status && engineManager.install();
+ status = status && engineManager.start();
+ }
  if (!status) {
  DongTaiLog.info("DongTai IAST started failure");
  }
  }
 
+ private boolean couldInstallEngine() {
+ // 低版本jdk暂不支持安装引擎core包
+ if (JavaVersionUtils.isJava6() || JavaVersionUtils.isJava7()) {
+ DongTaiLog.info("DongTai Engine core couldn't install because of low JDK version:" + JavaVersionUtils.javaVersionStr());
+ return false;
+ }
+ return true;
+ }
+
  @Override
  public void run() {
  try {

dongtai-agent/src/main/java/io/dongtai/iast/agent/monitor/impl/PerformanceMonitor.java

@@ -131,16 +131,6 @@ public void check() throws Exception {
  updatePerformanceMetrics(performanceMetrics);
  // 检查性能指标(用于熔断降级)
  checkPerformanceMetrics(performanceMetrics);
-/* int UsedRate = CPU_USAGE;
- PerformanceMonitor.AGENT_THRESHOLD_VALUE = PerformanceMonitor.checkThresholdValue();
- int preStatus = this.engineManager.getRunningStatus();
- if (isStart(UsedRate, preStatus)) {
- this.engineManager.start();
- DongTaiLog.info("The current CPU usage is " + UsedRate + "%, lower than the threshold " + AGENT_THRESHOLD_VALUE + "%，and the detection engine is starting");
- } else if (isStop(UsedRate, preStatus)) {
- this.engineManager.stop();
- DongTaiLog.info("The current CPU usage is " + UsedRate + "%, higher than the threshold " + AGENT_THRESHOLD_VALUE + "%，and the detection engine is stopping");
- }*/
  }
 
  private void updatePerformanceMetrics(List<PerformanceMetrics> performanceMetrics) {

dongtai-agent/src/test/java/com/secnium/iast/agent/AgentTest.java

@@ -2,7 +2,10 @@
 
 import java.io.*;
 import java.lang.management.ManagementFactory;
+import java.lang.management.OperatingSystemMXBean;
 import java.lang.management.RuntimeMXBean;
+import java.lang.reflect.Method;
+import java.lang.reflect.Modifier;
 import java.net.InetAddress;
 import java.net.UnknownHostException;
 import java.util.Arrays;
@@ -95,7 +98,48 @@ public void doAaaa() {
  }
 
  public static void main(String[] args) {
- String a = "52.81.92.214:30158";
- System.out.println(a.substring(a.indexOf(":")+1));
+// com.sun.management.OperatingSystemMXBean osmxb = (com.sun.management.OperatingSystemMXBean) ManagementFactory.getOperatingSystemMXBean();
+// double systemCpuLoad = osmxb.getSystemCpuLoad()/osmxb.getAvailableProcessors();
+// double processCpuLoad = osmxb.getProcessCpuLoad();
+// System.out.println(systemCpuLoad);
+// System.out.println(processCpuLoad);
+
+
+// OperatingSystemMXBean operatingSystemMXBean = ManagementFactory.getOperatingSystemMXBean();
+// for (Method method : operatingSystemMXBean.getClass().getDeclaredMethods()) {
+// method.setAccessible(true);
+// if (method.getName().startsWith("get")
+// && Modifier.isPublic(method.getModifiers())) {
+// Object value;
+// try {
+// value = method.invoke(operatingSystemMXBean);
+// } catch (Exception e) {
+// value = e;
+// } // try
+// System.out.println(method.getName() + " = " + value);
+// } // if
+// } // for
+
+
+ OperatingSystemMXBean mbean = (com.sun.management.OperatingSystemMXBean)
+ ManagementFactory.getOperatingSystemMXBean();
+ double load;
+ for(int i=0; i<10; i++) {
+ load = ((com.sun.management.OperatingSystemMXBean) mbean).getSystemCpuLoad();
+ System.out.println(load);
+ if((load<0.0 || load>1.0) && load != -1.0) {
+ throw new RuntimeException("getSystemCpuLoad() returns " + load
+ + " which is not in the [0.0,1.0] interval");
+ }
+ try {
+ Thread.sleep(200);
+ } catch(InterruptedException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+ private static void printUsage() {
+
  }
 }

dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/graphy/GraphBuilder.java

@@ -64,7 +64,9 @@ public static List<GraphNode> build() {
  event.getSourceHashes(),
  event.getTargetHashes(),
  properties.isLocal() ? event.obj2String(event.inValue) : "",
+ properties.isLocal() && event.objIsReference(event.inValue),
  properties.isLocal() ? event.obj2String(event.outValue) : "",
+ properties.isLocal() && event.objIsReference(event.inValue),
  event.getSourceHashForRpc(),
  event.getTargetHashForRpc(),
  event.getTraceId(),

dongtai-core/src/main/java/io/dongtai/iast/core/handler/hookpoint/graphy/GraphNode.java

@@ -34,8 +34,12 @@ public class GraphNode {
 
  private final String sourceValues;
 
+ private final boolean sourceIsReference;
+
  private final String targetValues;
 
+ private final boolean targetIsReference;
+
  /**
  * 当前方法所在类继承的类名称
  */
@@ -126,7 +130,9 @@ public GraphNode(boolean isSource,
  Set<Integer> sourceHash,
  Set<Integer> targetHash,
  String sourceValues,
+ boolean sourceIsReference,
  String targetValues,
+ boolean targetIsReference,
  Set<Integer> sourceHashForRpc,
  Set<Integer> targetHashForRpc,
  String traceId,
@@ -149,7 +155,9 @@ public GraphNode(boolean isSource,
  this.sourceHash = sourceHash;
  this.targetHash = targetHash;
  this.sourceValues = sourceValues;
+ this.sourceIsReference = sourceIsReference;
  this.targetValues = targetValues;
+ this.targetIsReference = targetIsReference;
  this.sourceHashForRpc = sourceHashForRpc;
  this.targetHashForRpc = targetHashForRpc;
  this.traceId = traceId;
@@ -180,7 +188,9 @@ public JSONObject toJson() {
  value.put("retClassName", retClassName);
  value.put("sourceHash", sourceHashArray);
  value.put("sourceValues", sourceValues);
+ value.put("sourceIsReference",sourceIsReference);
  value.put("targetHash", targetHashArray);
+ value.put("targetIsReference", targetIsReference);
  value.put("targetValues", targetValues);
  value.put("sourceHashForRpc", sourceHashForRpcArray);
  value.put("targetHashForRpc", targetHashForRpcArray);