Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add propagation to String strip methods #7684

Merged
merged 2 commits into from
Oct 2, 2024

Conversation

Mariovido
Copy link
Contributor

@Mariovido Mariovido commented Sep 25, 2024

What Does This Do

This adds the instrumentation to propagate the taint values through the methods of String called strip, stripLeading and stripTrailing. This method are only available from version 11 of Java.

Motivation

Increase propagation of String methods

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-5757

@Mariovido Mariovido added comp: asm iast Application Security Management (IAST) inst: java Core Java language instrumentation labels Sep 25, 2024
@Mariovido Mariovido changed the title Add call site strip methods Add propagation to String strip methods Sep 25, 2024
@Mariovido Mariovido added run-tests: ibm8 Run tests using IBM 8 JDK run-tests: semeru8 Run tests using Semuru 8 JDK run-tests: oracle8 Run tests using Oracle 8 JDK run-tests: zulu8 Run tests using Zulu 8 JDK labels Sep 25, 2024
@Mariovido Mariovido force-pushed the mario.vidal/add_propagation_string_strip branch from 6343bed to 594deb1 Compare September 25, 2024 08:54
@pr-commenter
Copy link

pr-commenter bot commented Sep 25, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master mario.vidal/add_propagation_string_strip
git_commit_date 1727691229 1727699305
git_commit_sha 70ac474 70aefd1
release_version 1.40.0-SNAPSHOT~70ac474684 1.40.0-SNAPSHOT~70aefd1bb0
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1727701916 1727701916
ci_job_id 655422105 655422105
ci_pipeline_id 45409593 45409593
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 51 metrics, 12 unstable metrics.

Startup time reports for insecure-bank
gantt
    title insecure-bank - global startup overhead: candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.068 s) : 0, 1067910
Total [baseline] (8.591 s) : 0, 8590515
Agent [candidate] (1.082 s) : 0, 1082301
Total [candidate] (8.555 s) : 0, 8555467
section iast
Agent [baseline] (1.203 s) : 0, 1202835
Total [baseline] (9.123 s) : 0, 9123006
Agent [candidate] (1.209 s) : 0, 1209468
Total [candidate] (9.078 s) : 0, 9078163
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.199 s) : 0, 1199108
Total [baseline] (9.084 s) : 0, 9083663
Agent [candidate] (1.193 s) : 0, 1192904
Total [candidate] (9.035 s) : 0, 9034811
section iast_TELEMETRY_OFF
Agent [baseline] (1.189 s) : 0, 1188951
Total [baseline] (9.038 s) : 0, 9037982
Agent [candidate] (1.19 s) : 0, 1190340
Total [candidate] (9.084 s) : 0, 9084166
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.068 s -
Agent iast 1.203 s 134.925 ms (12.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.199 s 131.198 ms (12.3%)
Agent iast_TELEMETRY_OFF 1.189 s 121.04 ms (11.3%)
Total tracing 8.591 s -
Total iast 9.123 s 532.49 ms (6.2%)
Total iast_HARDCODED_SECRET_DISABLED 9.084 s 493.148 ms (5.7%)
Total iast_TELEMETRY_OFF 9.038 s 447.467 ms (5.2%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.082 s -
Agent iast 1.209 s 127.166 ms (11.7%)
Agent iast_HARDCODED_SECRET_DISABLED 1.193 s 110.602 ms (10.2%)
Agent iast_TELEMETRY_OFF 1.19 s 108.039 ms (10.0%)
Total tracing 8.555 s -
Total iast 9.078 s 522.696 ms (6.1%)
Total iast_HARDCODED_SECRET_DISABLED 9.035 s 479.344 ms (5.6%)
Total iast_TELEMETRY_OFF 9.084 s 528.699 ms (6.2%)
gantt
    title insecure-bank - break down per module: candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (681.536 ms) : 0, 681536
BytebuddyAgent [candidate] (691.695 ms) : 0, 691695
GlobalTracer [baseline] (310.563 ms) : 0, 310563
GlobalTracer [candidate] (313.741 ms) : 0, 313741
AppSec [baseline] (53.797 ms) : 0, 53797
AppSec [candidate] (54.506 ms) : 0, 54506
Remote Config [baseline] (677.442 µs) : 0, 677
Remote Config [candidate] (678.228 µs) : 0, 678
Telemetry [baseline] (7.691 ms) : 0, 7691
Telemetry [candidate] (7.835 ms) : 0, 7835
section iast
BytebuddyAgent [baseline] (802.007 ms) : 0, 802007
BytebuddyAgent [candidate] (807.554 ms) : 0, 807554
GlobalTracer [baseline] (300.683 ms) : 0, 300683
GlobalTracer [candidate] (301.482 ms) : 0, 301482
AppSec [baseline] (53.127 ms) : 0, 53127
AppSec [candidate] (52.804 ms) : 0, 52804
IAST [baseline] (25.505 ms) : 0, 25505
IAST [candidate] (26.123 ms) : 0, 26123
Remote Config [baseline] (644.066 µs) : 0, 644
Remote Config [candidate] (615.861 µs) : 0, 616
Telemetry [baseline] (7.053 ms) : 0, 7053
Telemetry [candidate] (7.052 ms) : 0, 7052
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (799.904 ms) : 0, 799904
BytebuddyAgent [candidate] (794.21 ms) : 0, 794210
GlobalTracer [baseline] (299.101 ms) : 0, 299101
GlobalTracer [candidate] (298.837 ms) : 0, 298837
AppSec [baseline] (54.198 ms) : 0, 54198
AppSec [candidate] (54.087 ms) : 0, 54087
IAST [baseline] (24.503 ms) : 0, 24503
IAST [candidate] (24.46 ms) : 0, 24460
Remote Config [baseline] (610.469 µs) : 0, 610
Remote Config [candidate] (616.983 µs) : 0, 617
Telemetry [baseline] (7.007 ms) : 0, 7007
Telemetry [candidate] (7.011 ms) : 0, 7011
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (790.223 ms) : 0, 790223
BytebuddyAgent [candidate] (792.672 ms) : 0, 792672
GlobalTracer [baseline] (299.126 ms) : 0, 299126
GlobalTracer [candidate] (298.454 ms) : 0, 298454
AppSec [baseline] (53.472 ms) : 0, 53472
AppSec [candidate] (54.895 ms) : 0, 54895
IAST [baseline] (24.973 ms) : 0, 24973
IAST [candidate] (23.099 ms) : 0, 23099
Remote Config [baseline] (640.258 µs) : 0, 640
Remote Config [candidate] (603.34 µs) : 0, 603
Telemetry [baseline] (6.868 ms) : 0, 6868
Telemetry [candidate] (6.903 ms) : 0, 6903
Loading
Startup time reports for petclinic
gantt
    title petclinic - global startup overhead: candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.072 s) : 0, 1072393
Total [baseline] (10.47 s) : 0, 10470192
Agent [candidate] (1.067 s) : 0, 1066612
Total [candidate] (10.29 s) : 0, 10290353
section appsec
Agent [baseline] (1.201 s) : 0, 1201083
Total [baseline] (10.581 s) : 0, 10580527
Agent [candidate] (1.205 s) : 0, 1204881
Total [candidate] (10.615 s) : 0, 10615451
section iast
Agent [baseline] (1.194 s) : 0, 1193958
Total [baseline] (10.816 s) : 0, 10816476
Agent [candidate] (1.194 s) : 0, 1193841
Total [candidate] (10.808 s) : 0, 10808299
section profiling
Agent [baseline] (1.264 s) : 0, 1264158
Total [baseline] (10.544 s) : 0, 10543920
Agent [candidate] (1.266 s) : 0, 1265904
Total [candidate] (10.534 s) : 0, 10534156
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.072 s -
Agent appsec 1.201 s 128.69 ms (12.0%)
Agent iast 1.194 s 121.565 ms (11.3%)
Agent profiling 1.264 s 191.765 ms (17.9%)
Total tracing 10.47 s -
Total appsec 10.581 s 110.335 ms (1.1%)
Total iast 10.816 s 346.283 ms (3.3%)
Total profiling 10.544 s 73.728 ms (0.7%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.067 s -
Agent appsec 1.205 s 138.269 ms (13.0%)
Agent iast 1.194 s 127.229 ms (11.9%)
Agent profiling 1.266 s 199.291 ms (18.7%)
Total tracing 10.29 s -
Total appsec 10.615 s 325.098 ms (3.2%)
Total iast 10.808 s 517.946 ms (5.0%)
Total profiling 10.534 s 243.803 ms (2.4%)
gantt
    title petclinic - break down per module: candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (685.125 ms) : 0, 685125
BytebuddyAgent [candidate] (681.263 ms) : 0, 681263
GlobalTracer [baseline] (311.32 ms) : 0, 311320
GlobalTracer [candidate] (309.772 ms) : 0, 309772
AppSec [baseline] (53.911 ms) : 0, 53911
AppSec [candidate] (53.703 ms) : 0, 53703
Remote Config [baseline] (671.4 µs) : 0, 671
Remote Config [candidate] (673.706 µs) : 0, 674
Telemetry [baseline] (7.685 ms) : 0, 7685
Telemetry [candidate] (7.633 ms) : 0, 7633
section appsec
BytebuddyAgent [baseline] (698.08 ms) : 0, 698080
BytebuddyAgent [candidate] (700.373 ms) : 0, 700373
GlobalTracer [baseline] (306.648 ms) : 0, 306648
GlobalTracer [candidate] (307.579 ms) : 0, 307579
AppSec [baseline] (162.64 ms) : 0, 162640
AppSec [candidate] (163.421 ms) : 0, 163421
Remote Config [baseline] (644.972 µs) : 0, 645
Remote Config [candidate] (639.075 µs) : 0, 639
Telemetry [baseline] (8.931 ms) : 0, 8931
Telemetry [candidate] (8.847 ms) : 0, 8847
IAST [baseline] (21.045 ms) : 0, 21045
IAST [candidate] (20.716 ms) : 0, 20716
section iast
BytebuddyAgent [baseline] (795.235 ms) : 0, 795235
BytebuddyAgent [candidate] (795.137 ms) : 0, 795137
GlobalTracer [baseline] (299.094 ms) : 0, 299094
GlobalTracer [candidate] (299.055 ms) : 0, 299055
AppSec [baseline] (53.353 ms) : 0, 53353
AppSec [candidate] (54.944 ms) : 0, 54944
Remote Config [baseline] (611.179 µs) : 0, 611
Remote Config [candidate] (604.869 µs) : 0, 605
Telemetry [baseline] (6.962 ms) : 0, 6962
Telemetry [candidate] (6.96 ms) : 0, 6960
IAST [baseline] (25.087 ms) : 0, 25087
IAST [candidate] (23.512 ms) : 0, 23512
section profiling
BytebuddyAgent [baseline] (673.897 ms) : 0, 673897
BytebuddyAgent [candidate] (675.22 ms) : 0, 675220
GlobalTracer [baseline] (392.966 ms) : 0, 392966
GlobalTracer [candidate] (393.128 ms) : 0, 393128
AppSec [baseline] (54.455 ms) : 0, 54455
AppSec [candidate] (54.812 ms) : 0, 54812
Remote Config [baseline] (650.907 µs) : 0, 651
Remote Config [candidate] (656.518 µs) : 0, 657
Telemetry [baseline] (7.387 ms) : 0, 7387
Telemetry [candidate] (7.399 ms) : 0, 7399
ProfilingAgent [baseline] (96.325 ms) : 0, 96325
ProfilingAgent [candidate] (96.068 ms) : 0, 96068
Profiling [baseline] (96.349 ms) : 0, 96349
Profiling [candidate] (96.092 ms) : 0, 96092
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-09-30T12:43:15 2024-09-30T12:50:08
git_branch master mario.vidal/add_propagation_string_strip
git_commit_date 1727691229 1727699305
git_commit_sha 70ac474 70aefd1
release_version 1.40.0-SNAPSHOT~70ac474684 1.40.0-SNAPSHOT~70aefd1bb0
start_time 2024-09-30T12:43:02 2024-09-30T12:49:54
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1727700954 1727700954
ci_job_id 655422106 655422106
ci_pipeline_id 45409593 45409593
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics.

Request duration reports for petclinic
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.334 ms) : 1314, 1354
.   : milestone, 1334,
appsec (1.727 ms) : 1704, 1751
.   : milestone, 1727,
appsec_no_iast (1.732 ms) : 1707, 1757
.   : milestone, 1732,
iast (1.492 ms) : 1469, 1514
.   : milestone, 1492,
profiling (1.51 ms) : 1486, 1535
.   : milestone, 1510,
tracing (1.464 ms) : 1439, 1489
.   : milestone, 1464,
section candidate
no_agent (1.341 ms) : 1320, 1361
.   : milestone, 1341,
appsec (1.706 ms) : 1682, 1730
.   : milestone, 1706,
appsec_no_iast (1.707 ms) : 1682, 1732
.   : milestone, 1707,
iast (1.462 ms) : 1439, 1485
.   : milestone, 1462,
profiling (1.52 ms) : 1496, 1544
.   : milestone, 1520,
tracing (1.46 ms) : 1436, 1485
.   : milestone, 1460,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.334 ms [1.314 ms, 1.354 ms] -
appsec 1.727 ms [1.704 ms, 1.751 ms] 392.936 µs (29.4%)
appsec_no_iast 1.732 ms [1.707 ms, 1.757 ms] 397.939 µs (29.8%)
iast 1.492 ms [1.469 ms, 1.514 ms] 157.237 µs (11.8%)
profiling 1.51 ms [1.486 ms, 1.535 ms] 176.073 µs (13.2%)
tracing 1.464 ms [1.439 ms, 1.489 ms] 129.656 µs (9.7%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.341 ms [1.32 ms, 1.361 ms] -
appsec 1.706 ms [1.682 ms, 1.73 ms] 365.253 µs (27.2%)
appsec_no_iast 1.707 ms [1.682 ms, 1.732 ms] 366.328 µs (27.3%)
iast 1.462 ms [1.439 ms, 1.485 ms] 121.482 µs (9.1%)
profiling 1.52 ms [1.496 ms, 1.544 ms] 179.507 µs (13.4%)
tracing 1.46 ms [1.436 ms, 1.485 ms] 119.798 µs (8.9%)
Request duration reports for insecure-bank
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
    dateFormat X
    axisFormat %s
section baseline
no_agent (380.11 µs) : 360, 400
.   : milestone, 380,
iast (489.679 µs) : 468, 511
.   : milestone, 490,
iast_FULL (557.585 µs) : 536, 579
.   : milestone, 558,
iast_GLOBAL (518.78 µs) : 496, 542
.   : milestone, 519,
iast_HARDCODED_SECRET_DISABLED (484.776 µs) : 464, 506
.   : milestone, 485,
iast_INACTIVE (455.223 µs) : 434, 476
.   : milestone, 455,
iast_TELEMETRY_OFF (476.887 µs) : 456, 498
.   : milestone, 477,
tracing (445.428 µs) : 424, 467
.   : milestone, 445,
section candidate
no_agent (370.036 µs) : 350, 390
.   : milestone, 370,
iast (483.353 µs) : 462, 505
.   : milestone, 483,
iast_FULL (556.356 µs) : 535, 578
.   : milestone, 556,
iast_GLOBAL (508.556 µs) : 486, 531
.   : milestone, 509,
iast_HARDCODED_SECRET_DISABLED (491.048 µs) : 469, 513
.   : milestone, 491,
iast_INACTIVE (448.984 µs) : 428, 470
.   : milestone, 449,
iast_TELEMETRY_OFF (478.456 µs) : 457, 500
.   : milestone, 478,
tracing (443.881 µs) : 423, 465
.   : milestone, 444,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 380.11 µs [360.263 µs, 399.957 µs] -
iast 489.679 µs [467.968 µs, 511.391 µs] 109.569 µs (28.8%)
iast_FULL 557.585 µs [536.096 µs, 579.074 µs] 177.475 µs (46.7%)
iast_GLOBAL 518.78 µs [495.919 µs, 541.641 µs] 138.67 µs (36.5%)
iast_HARDCODED_SECRET_DISABLED 484.776 µs [463.552 µs, 506.0 µs] 104.666 µs (27.5%)
iast_INACTIVE 455.223 µs [434.041 µs, 476.405 µs] 75.113 µs (19.8%)
iast_TELEMETRY_OFF 476.887 µs [455.738 µs, 498.037 µs] 96.777 µs (25.5%)
tracing 445.428 µs [424.206 µs, 466.65 µs] 65.318 µs (17.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 370.036 µs [350.355 µs, 389.717 µs] -
iast 483.353 µs [461.94 µs, 504.766 µs] 113.317 µs (30.6%)
iast_FULL 556.356 µs [534.994 µs, 577.718 µs] 186.32 µs (50.4%)
iast_GLOBAL 508.556 µs [486.489 µs, 530.623 µs] 138.52 µs (37.4%)
iast_HARDCODED_SECRET_DISABLED 491.048 µs [469.455 µs, 512.641 µs] 121.012 µs (32.7%)
iast_INACTIVE 448.984 µs [428.029 µs, 469.94 µs] 78.949 µs (21.3%)
iast_TELEMETRY_OFF 478.456 µs [457.134 µs, 499.778 µs] 108.42 µs (29.3%)
tracing 443.881 µs [423.084 µs, 464.679 µs] 73.845 µs (20.0%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master mario.vidal/add_propagation_string_strip
git_commit_date 1727691229 1727699305
git_commit_sha 70ac474 70aefd1
release_version 1.40.0-SNAPSHOT~70ac474684 1.40.0-SNAPSHOT~70aefd1bb0
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1727701447 1727701447
ci_job_id 655422107 655422107
ci_pipeline_id 45409593 45409593
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.459 ms) : 1448, 1470
.   : milestone, 1459,
appsec (2.316 ms) : 2275, 2357
.   : milestone, 2316,
iast (2.048 ms) : 1998, 2099
.   : milestone, 2048,
iast_GLOBAL (2.111 ms) : 2059, 2163
.   : milestone, 2111,
profiling (1.944 ms) : 1902, 1986
.   : milestone, 1944,
tracing (1.909 ms) : 1870, 1948
.   : milestone, 1909,
section candidate
no_agent (1.461 ms) : 1450, 1473
.   : milestone, 1461,
appsec (2.307 ms) : 2266, 2347
.   : milestone, 2307,
iast (2.055 ms) : 2004, 2105
.   : milestone, 2055,
iast_GLOBAL (2.113 ms) : 2061, 2165
.   : milestone, 2113,
profiling (1.926 ms) : 1885, 1967
.   : milestone, 1926,
tracing (1.907 ms) : 1868, 1946
.   : milestone, 1907,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.459 ms [1.448 ms, 1.47 ms] -
appsec 2.316 ms [2.275 ms, 2.357 ms] 857.105 µs (58.7%)
iast 2.048 ms [1.998 ms, 2.099 ms] 589.241 µs (40.4%)
iast_GLOBAL 2.111 ms [2.059 ms, 2.163 ms] 652.077 µs (44.7%)
profiling 1.944 ms [1.902 ms, 1.986 ms] 484.779 µs (33.2%)
tracing 1.909 ms [1.87 ms, 1.948 ms] 450.196 µs (30.9%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.461 ms [1.45 ms, 1.473 ms] -
appsec 2.307 ms [2.266 ms, 2.347 ms] 845.138 µs (57.8%)
iast 2.055 ms [2.004 ms, 2.105 ms] 593.283 µs (40.6%)
iast_GLOBAL 2.113 ms [2.061 ms, 2.165 ms] 651.842 µs (44.6%)
profiling 1.926 ms [1.885 ms, 1.967 ms] 464.566 µs (31.8%)
tracing 1.907 ms [1.868 ms, 1.946 ms] 445.547 µs (30.5%)
Execution time for biojava
gantt
    title biojava - execution time [CI 0.99] : candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.515 s) : 15515000, 15515000
.   : milestone, 15515000,
appsec (15.121 s) : 15121000, 15121000
.   : milestone, 15121000,
iast (18.523 s) : 18523000, 18523000
.   : milestone, 18523000,
iast_GLOBAL (17.899 s) : 17899000, 17899000
.   : milestone, 17899000,
profiling (15.22 s) : 15220000, 15220000
.   : milestone, 15220000,
tracing (15.382 s) : 15382000, 15382000
.   : milestone, 15382000,
section candidate
no_agent (14.992 s) : 14992000, 14992000
.   : milestone, 14992000,
appsec (15.419 s) : 15419000, 15419000
.   : milestone, 15419000,
iast (18.63 s) : 18630000, 18630000
.   : milestone, 18630000,
iast_GLOBAL (17.879 s) : 17879000, 17879000
.   : milestone, 17879000,
profiling (14.914 s) : 14914000, 14914000
.   : milestone, 14914000,
tracing (15.078 s) : 15078000, 15078000
.   : milestone, 15078000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.515 s [15.515 s, 15.515 s] -
appsec 15.121 s [15.121 s, 15.121 s] -394.0 ms (-2.5%)
iast 18.523 s [18.523 s, 18.523 s] 3.008 s (19.4%)
iast_GLOBAL 17.899 s [17.899 s, 17.899 s] 2.384 s (15.4%)
profiling 15.22 s [15.22 s, 15.22 s] -295.0 ms (-1.9%)
tracing 15.382 s [15.382 s, 15.382 s] -133.0 ms (-0.9%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.992 s [14.992 s, 14.992 s] -
appsec 15.419 s [15.419 s, 15.419 s] 427.0 ms (2.8%)
iast 18.63 s [18.63 s, 18.63 s] 3.638 s (24.3%)
iast_GLOBAL 17.879 s [17.879 s, 17.879 s] 2.887 s (19.3%)
profiling 14.914 s [14.914 s, 14.914 s] -78.0 ms (-0.5%)
tracing 15.078 s [15.078 s, 15.078 s] 86.0 ms (0.6%)

Copy link
Member

@jandro996 jandro996 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMHO it would be interesting to rebase with malvarez/fix-too-many-invocations-stack-overflow (#7674) to ensure that all the tests are working fine 😄

@Mariovido Mariovido marked this pull request as ready for review September 26, 2024 12:15
@Mariovido Mariovido requested review from a team as code owners September 26, 2024 12:15
Copy link
Member

@jandro996 jandro996 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@Mariovido Mariovido merged commit 75a0707 into master Oct 2, 2024
130 checks passed
@Mariovido Mariovido deleted the mario.vidal/add_propagation_string_strip branch October 2, 2024 08:00
@github-actions github-actions bot added this to the 1.41.0 milestone Oct 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
comp: asm iast Application Security Management (IAST) inst: java Core Java language instrumentation run-tests: ibm8 Run tests using IBM 8 JDK run-tests: oracle8 Run tests using Oracle 8 JDK run-tests: semeru8 Run tests using Semuru 8 JDK run-tests: zulu8 Run tests using Zulu 8 JDK
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants