-
Notifications
You must be signed in to change notification settings - Fork 292
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add propagation to String strip methods #7684
Conversation
6343bed
to
594deb1
Compare
BenchmarksStartupParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 51 metrics, 12 unstable metrics. Startup time reports for insecure-bankgantt
title insecure-bank - global startup overhead: candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.068 s) : 0, 1067910
Total [baseline] (8.591 s) : 0, 8590515
Agent [candidate] (1.082 s) : 0, 1082301
Total [candidate] (8.555 s) : 0, 8555467
section iast
Agent [baseline] (1.203 s) : 0, 1202835
Total [baseline] (9.123 s) : 0, 9123006
Agent [candidate] (1.209 s) : 0, 1209468
Total [candidate] (9.078 s) : 0, 9078163
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.199 s) : 0, 1199108
Total [baseline] (9.084 s) : 0, 9083663
Agent [candidate] (1.193 s) : 0, 1192904
Total [candidate] (9.035 s) : 0, 9034811
section iast_TELEMETRY_OFF
Agent [baseline] (1.189 s) : 0, 1188951
Total [baseline] (9.038 s) : 0, 9037982
Agent [candidate] (1.19 s) : 0, 1190340
Total [candidate] (9.084 s) : 0, 9084166
gantt
title insecure-bank - break down per module: candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (681.536 ms) : 0, 681536
BytebuddyAgent [candidate] (691.695 ms) : 0, 691695
GlobalTracer [baseline] (310.563 ms) : 0, 310563
GlobalTracer [candidate] (313.741 ms) : 0, 313741
AppSec [baseline] (53.797 ms) : 0, 53797
AppSec [candidate] (54.506 ms) : 0, 54506
Remote Config [baseline] (677.442 µs) : 0, 677
Remote Config [candidate] (678.228 µs) : 0, 678
Telemetry [baseline] (7.691 ms) : 0, 7691
Telemetry [candidate] (7.835 ms) : 0, 7835
section iast
BytebuddyAgent [baseline] (802.007 ms) : 0, 802007
BytebuddyAgent [candidate] (807.554 ms) : 0, 807554
GlobalTracer [baseline] (300.683 ms) : 0, 300683
GlobalTracer [candidate] (301.482 ms) : 0, 301482
AppSec [baseline] (53.127 ms) : 0, 53127
AppSec [candidate] (52.804 ms) : 0, 52804
IAST [baseline] (25.505 ms) : 0, 25505
IAST [candidate] (26.123 ms) : 0, 26123
Remote Config [baseline] (644.066 µs) : 0, 644
Remote Config [candidate] (615.861 µs) : 0, 616
Telemetry [baseline] (7.053 ms) : 0, 7053
Telemetry [candidate] (7.052 ms) : 0, 7052
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (799.904 ms) : 0, 799904
BytebuddyAgent [candidate] (794.21 ms) : 0, 794210
GlobalTracer [baseline] (299.101 ms) : 0, 299101
GlobalTracer [candidate] (298.837 ms) : 0, 298837
AppSec [baseline] (54.198 ms) : 0, 54198
AppSec [candidate] (54.087 ms) : 0, 54087
IAST [baseline] (24.503 ms) : 0, 24503
IAST [candidate] (24.46 ms) : 0, 24460
Remote Config [baseline] (610.469 µs) : 0, 610
Remote Config [candidate] (616.983 µs) : 0, 617
Telemetry [baseline] (7.007 ms) : 0, 7007
Telemetry [candidate] (7.011 ms) : 0, 7011
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (790.223 ms) : 0, 790223
BytebuddyAgent [candidate] (792.672 ms) : 0, 792672
GlobalTracer [baseline] (299.126 ms) : 0, 299126
GlobalTracer [candidate] (298.454 ms) : 0, 298454
AppSec [baseline] (53.472 ms) : 0, 53472
AppSec [candidate] (54.895 ms) : 0, 54895
IAST [baseline] (24.973 ms) : 0, 24973
IAST [candidate] (23.099 ms) : 0, 23099
Remote Config [baseline] (640.258 µs) : 0, 640
Remote Config [candidate] (603.34 µs) : 0, 603
Telemetry [baseline] (6.868 ms) : 0, 6868
Telemetry [candidate] (6.903 ms) : 0, 6903
Startup time reports for petclinicgantt
title petclinic - global startup overhead: candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.072 s) : 0, 1072393
Total [baseline] (10.47 s) : 0, 10470192
Agent [candidate] (1.067 s) : 0, 1066612
Total [candidate] (10.29 s) : 0, 10290353
section appsec
Agent [baseline] (1.201 s) : 0, 1201083
Total [baseline] (10.581 s) : 0, 10580527
Agent [candidate] (1.205 s) : 0, 1204881
Total [candidate] (10.615 s) : 0, 10615451
section iast
Agent [baseline] (1.194 s) : 0, 1193958
Total [baseline] (10.816 s) : 0, 10816476
Agent [candidate] (1.194 s) : 0, 1193841
Total [candidate] (10.808 s) : 0, 10808299
section profiling
Agent [baseline] (1.264 s) : 0, 1264158
Total [baseline] (10.544 s) : 0, 10543920
Agent [candidate] (1.266 s) : 0, 1265904
Total [candidate] (10.534 s) : 0, 10534156
gantt
title petclinic - break down per module: candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (685.125 ms) : 0, 685125
BytebuddyAgent [candidate] (681.263 ms) : 0, 681263
GlobalTracer [baseline] (311.32 ms) : 0, 311320
GlobalTracer [candidate] (309.772 ms) : 0, 309772
AppSec [baseline] (53.911 ms) : 0, 53911
AppSec [candidate] (53.703 ms) : 0, 53703
Remote Config [baseline] (671.4 µs) : 0, 671
Remote Config [candidate] (673.706 µs) : 0, 674
Telemetry [baseline] (7.685 ms) : 0, 7685
Telemetry [candidate] (7.633 ms) : 0, 7633
section appsec
BytebuddyAgent [baseline] (698.08 ms) : 0, 698080
BytebuddyAgent [candidate] (700.373 ms) : 0, 700373
GlobalTracer [baseline] (306.648 ms) : 0, 306648
GlobalTracer [candidate] (307.579 ms) : 0, 307579
AppSec [baseline] (162.64 ms) : 0, 162640
AppSec [candidate] (163.421 ms) : 0, 163421
Remote Config [baseline] (644.972 µs) : 0, 645
Remote Config [candidate] (639.075 µs) : 0, 639
Telemetry [baseline] (8.931 ms) : 0, 8931
Telemetry [candidate] (8.847 ms) : 0, 8847
IAST [baseline] (21.045 ms) : 0, 21045
IAST [candidate] (20.716 ms) : 0, 20716
section iast
BytebuddyAgent [baseline] (795.235 ms) : 0, 795235
BytebuddyAgent [candidate] (795.137 ms) : 0, 795137
GlobalTracer [baseline] (299.094 ms) : 0, 299094
GlobalTracer [candidate] (299.055 ms) : 0, 299055
AppSec [baseline] (53.353 ms) : 0, 53353
AppSec [candidate] (54.944 ms) : 0, 54944
Remote Config [baseline] (611.179 µs) : 0, 611
Remote Config [candidate] (604.869 µs) : 0, 605
Telemetry [baseline] (6.962 ms) : 0, 6962
Telemetry [candidate] (6.96 ms) : 0, 6960
IAST [baseline] (25.087 ms) : 0, 25087
IAST [candidate] (23.512 ms) : 0, 23512
section profiling
BytebuddyAgent [baseline] (673.897 ms) : 0, 673897
BytebuddyAgent [candidate] (675.22 ms) : 0, 675220
GlobalTracer [baseline] (392.966 ms) : 0, 392966
GlobalTracer [candidate] (393.128 ms) : 0, 393128
AppSec [baseline] (54.455 ms) : 0, 54455
AppSec [candidate] (54.812 ms) : 0, 54812
Remote Config [baseline] (650.907 µs) : 0, 651
Remote Config [candidate] (656.518 µs) : 0, 657
Telemetry [baseline] (7.387 ms) : 0, 7387
Telemetry [candidate] (7.399 ms) : 0, 7399
ProfilingAgent [baseline] (96.325 ms) : 0, 96325
ProfilingAgent [candidate] (96.068 ms) : 0, 96068
Profiling [baseline] (96.349 ms) : 0, 96349
Profiling [candidate] (96.092 ms) : 0, 96092
LoadParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics. Request duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
dateFormat X
axisFormat %s
section baseline
no_agent (1.334 ms) : 1314, 1354
. : milestone, 1334,
appsec (1.727 ms) : 1704, 1751
. : milestone, 1727,
appsec_no_iast (1.732 ms) : 1707, 1757
. : milestone, 1732,
iast (1.492 ms) : 1469, 1514
. : milestone, 1492,
profiling (1.51 ms) : 1486, 1535
. : milestone, 1510,
tracing (1.464 ms) : 1439, 1489
. : milestone, 1464,
section candidate
no_agent (1.341 ms) : 1320, 1361
. : milestone, 1341,
appsec (1.706 ms) : 1682, 1730
. : milestone, 1706,
appsec_no_iast (1.707 ms) : 1682, 1732
. : milestone, 1707,
iast (1.462 ms) : 1439, 1485
. : milestone, 1462,
profiling (1.52 ms) : 1496, 1544
. : milestone, 1520,
tracing (1.46 ms) : 1436, 1485
. : milestone, 1460,
Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
dateFormat X
axisFormat %s
section baseline
no_agent (380.11 µs) : 360, 400
. : milestone, 380,
iast (489.679 µs) : 468, 511
. : milestone, 490,
iast_FULL (557.585 µs) : 536, 579
. : milestone, 558,
iast_GLOBAL (518.78 µs) : 496, 542
. : milestone, 519,
iast_HARDCODED_SECRET_DISABLED (484.776 µs) : 464, 506
. : milestone, 485,
iast_INACTIVE (455.223 µs) : 434, 476
. : milestone, 455,
iast_TELEMETRY_OFF (476.887 µs) : 456, 498
. : milestone, 477,
tracing (445.428 µs) : 424, 467
. : milestone, 445,
section candidate
no_agent (370.036 µs) : 350, 390
. : milestone, 370,
iast (483.353 µs) : 462, 505
. : milestone, 483,
iast_FULL (556.356 µs) : 535, 578
. : milestone, 556,
iast_GLOBAL (508.556 µs) : 486, 531
. : milestone, 509,
iast_HARDCODED_SECRET_DISABLED (491.048 µs) : 469, 513
. : milestone, 491,
iast_INACTIVE (448.984 µs) : 428, 470
. : milestone, 449,
iast_TELEMETRY_OFF (478.456 µs) : 457, 500
. : milestone, 478,
tracing (443.881 µs) : 423, 465
. : milestone, 444,
DacapoParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics. Execution time for tomcatgantt
title tomcat - execution time [CI 0.99] : candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
dateFormat X
axisFormat %s
section baseline
no_agent (1.459 ms) : 1448, 1470
. : milestone, 1459,
appsec (2.316 ms) : 2275, 2357
. : milestone, 2316,
iast (2.048 ms) : 1998, 2099
. : milestone, 2048,
iast_GLOBAL (2.111 ms) : 2059, 2163
. : milestone, 2111,
profiling (1.944 ms) : 1902, 1986
. : milestone, 1944,
tracing (1.909 ms) : 1870, 1948
. : milestone, 1909,
section candidate
no_agent (1.461 ms) : 1450, 1473
. : milestone, 1461,
appsec (2.307 ms) : 2266, 2347
. : milestone, 2307,
iast (2.055 ms) : 2004, 2105
. : milestone, 2055,
iast_GLOBAL (2.113 ms) : 2061, 2165
. : milestone, 2113,
profiling (1.926 ms) : 1885, 1967
. : milestone, 1926,
tracing (1.907 ms) : 1868, 1946
. : milestone, 1907,
Execution time for biojavagantt
title biojava - execution time [CI 0.99] : candidate=1.40.0-SNAPSHOT~70aefd1bb0, baseline=1.40.0-SNAPSHOT~70ac474684
dateFormat X
axisFormat %s
section baseline
no_agent (15.515 s) : 15515000, 15515000
. : milestone, 15515000,
appsec (15.121 s) : 15121000, 15121000
. : milestone, 15121000,
iast (18.523 s) : 18523000, 18523000
. : milestone, 18523000,
iast_GLOBAL (17.899 s) : 17899000, 17899000
. : milestone, 17899000,
profiling (15.22 s) : 15220000, 15220000
. : milestone, 15220000,
tracing (15.382 s) : 15382000, 15382000
. : milestone, 15382000,
section candidate
no_agent (14.992 s) : 14992000, 14992000
. : milestone, 14992000,
appsec (15.419 s) : 15419000, 15419000
. : milestone, 15419000,
iast (18.63 s) : 18630000, 18630000
. : milestone, 18630000,
iast_GLOBAL (17.879 s) : 17879000, 17879000
. : milestone, 17879000,
profiling (14.914 s) : 14914000, 14914000
. : milestone, 14914000,
tracing (15.078 s) : 15078000, 15078000
. : milestone, 15078000,
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMHO it would be interesting to rebase with malvarez/fix-too-many-invocations-stack-overflow
(#7674) to ensure that all the tests are working fine 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
What Does This Do
This adds the instrumentation to propagate the taint values through the methods of
String
calledstrip
,stripLeading
andstripTrailing
. This method are only available from version 11 of Java.Motivation
Increase propagation of String methods
Additional Notes
Contributor Checklist
type:
and (comp:
orinst:
) labels in addition to any usefull labelsclose
,fix
or any linking keywords when referencing an issue.Use
solves
instead, and assign the PR milestone to the issueJira ticket: APPSEC-5757