Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix String subsequence taint tracking bug #7778

Merged

Conversation

jandro996
Copy link
Member

@jandro996 jandro996 commented Oct 16, 2024

What Does This Do

Change old bugged forSubstring implementation for a new one that uses the intersection method

Motivation

Fix

Error tainting object, it won't be tainted java.lang.IllegalArgumentException: found null range in [null] at com.datadog.iast.taint.TaintedObject.validateRanges(TaintedObject.java:78) at com.datadog.iast.taint.TaintedObject.<init>(TaintedObject.java:29) at com.datadog.iast.taint.TaintedObjects$TaintedObjectsImpl.taint(TaintedObjects.java:50) at com.datadog.iast.telemetry.taint.TaintedObjectsWithTelemetry.taint(TaintedObjectsWithTelemetry.java:41) at com.datadog.iast.propagation.StringModuleImpl.onStringSubSequence(StringModuleImpl.java:205) at datadog.trace.instrumentation.java.lang.StringCallSite.afterSubstring(StringCallSite.java:44) at (redacted: 13 frames) at javax.servlet.http.HttpServlet.service(HttpServlet.java:555) at javax.servlet.http.HttpServlet.service(HttpServlet.java:623) at (redacted: 40 frames) at java.base/java.lang.Thread.run(Thread.java:829)

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-55303

@jandro996 jandro996 added type: bug comp: asm iast Application Security Management (IAST) labels Oct 16, 2024
@pr-commenter
Copy link

pr-commenter bot commented Oct 16, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/String-subsequence-taint-tracking
git_commit_date 1729113612 1729147794
git_commit_sha b53b6dc da1f033
release_version 1.41.0-SNAPSHOT~b53b6dc565 1.41.0-SNAPSHOT~da1f033f90
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1729150246 1729150246
ci_job_id 674959429 674959429
ci_pipeline_id 46789093 46789093
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 54 metrics, 9 unstable metrics.

Startup time reports for petclinic
gantt
    title petclinic - global startup overhead: candidate=1.41.0-SNAPSHOT~da1f033f90, baseline=1.41.0-SNAPSHOT~b53b6dc565

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.07 s) : 0, 1069610
Total [baseline] (10.371 s) : 0, 10371152
Agent [candidate] (1.068 s) : 0, 1068293
Total [candidate] (10.381 s) : 0, 10381422
section appsec
Agent [baseline] (1.202 s) : 0, 1202262
Total [baseline] (10.594 s) : 0, 10593667
Agent [candidate] (1.21 s) : 0, 1210381
Total [candidate] (10.558 s) : 0, 10558276
section iast
Agent [baseline] (1.2 s) : 0, 1199599
Total [baseline] (10.812 s) : 0, 10811930
Agent [candidate] (1.196 s) : 0, 1195799
Total [candidate] (10.838 s) : 0, 10838362
section profiling
Agent [baseline] (1.266 s) : 0, 1265828
Total [baseline] (10.576 s) : 0, 10576327
Agent [candidate] (1.282 s) : 0, 1281935
Total [candidate] (10.641 s) : 0, 10640839
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.07 s -
Agent appsec 1.202 s 132.652 ms (12.4%)
Agent iast 1.2 s 129.989 ms (12.2%)
Agent profiling 1.266 s 196.217 ms (18.3%)
Total tracing 10.371 s -
Total appsec 10.594 s 222.515 ms (2.1%)
Total iast 10.812 s 440.777 ms (4.3%)
Total profiling 10.576 s 205.175 ms (2.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.068 s -
Agent appsec 1.21 s 142.089 ms (13.3%)
Agent iast 1.196 s 127.506 ms (11.9%)
Agent profiling 1.282 s 213.643 ms (20.0%)
Total tracing 10.381 s -
Total appsec 10.558 s 176.854 ms (1.7%)
Total iast 10.838 s 456.94 ms (4.4%)
Total profiling 10.641 s 259.417 ms (2.5%)
gantt
    title petclinic - break down per module: candidate=1.41.0-SNAPSHOT~da1f033f90, baseline=1.41.0-SNAPSHOT~b53b6dc565

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (682.637 ms) : 0, 682637
BytebuddyAgent [candidate] (681.225 ms) : 0, 681225
GlobalTracer [baseline] (311.398 ms) : 0, 311398
GlobalTracer [candidate] (311.644 ms) : 0, 311644
AppSec [baseline] (53.84 ms) : 0, 53840
AppSec [candidate] (53.689 ms) : 0, 53689
Remote Config [baseline] (673.202 µs) : 0, 673
Remote Config [candidate] (656.94 µs) : 0, 657
Telemetry [baseline] (7.425 ms) : 0, 7425
Telemetry [candidate] (7.479 ms) : 0, 7479
section appsec
BytebuddyAgent [baseline] (698.681 ms) : 0, 698681
BytebuddyAgent [candidate] (703.063 ms) : 0, 703063
GlobalTracer [baseline] (308.428 ms) : 0, 308428
GlobalTracer [candidate] (310.456 ms) : 0, 310456
AppSec [baseline] (163.587 ms) : 0, 163587
AppSec [candidate] (163.943 ms) : 0, 163943
Remote Config [baseline] (632.019 µs) : 0, 632
Remote Config [candidate] (631.723 µs) : 0, 632
Telemetry [baseline] (8.123 ms) : 0, 8123
Telemetry [candidate] (8.791 ms) : 0, 8791
IAST [baseline] (18.465 ms) : 0, 18465
IAST [candidate] (19.538 ms) : 0, 19538
section iast
BytebuddyAgent [baseline] (798.68 ms) : 0, 798680
BytebuddyAgent [candidate] (795.924 ms) : 0, 795924
GlobalTracer [baseline] (301.291 ms) : 0, 301291
GlobalTracer [candidate] (300.537 ms) : 0, 300537
AppSec [baseline] (55.416 ms) : 0, 55416
AppSec [candidate] (56.949 ms) : 0, 56949
Remote Config [baseline] (656.322 µs) : 0, 656
Remote Config [candidate] (599.139 µs) : 0, 599
Telemetry [baseline] (6.997 ms) : 0, 6997
Telemetry [candidate] (7.002 ms) : 0, 7002
IAST [baseline] (22.906 ms) : 0, 22906
IAST [candidate] (21.179 ms) : 0, 21179
section profiling
ProfilingAgent [baseline] (95.824 ms) : 0, 95824
ProfilingAgent [candidate] (97.279 ms) : 0, 97279
BytebuddyAgent [baseline] (675.361 ms) : 0, 675361
BytebuddyAgent [candidate] (685.133 ms) : 0, 685133
GlobalTracer [baseline] (393.901 ms) : 0, 393901
GlobalTracer [candidate] (397.154 ms) : 0, 397154
AppSec [baseline] (54.261 ms) : 0, 54261
AppSec [candidate] (55.04 ms) : 0, 55040
Remote Config [baseline] (638.42 µs) : 0, 638
Remote Config [candidate] (656.908 µs) : 0, 657
Telemetry [baseline] (7.385 ms) : 0, 7385
Telemetry [candidate] (7.515 ms) : 0, 7515
Profiling [baseline] (95.847 ms) : 0, 95847
Profiling [candidate] (97.303 ms) : 0, 97303
Loading
Startup time reports for insecure-bank
gantt
    title insecure-bank - global startup overhead: candidate=1.41.0-SNAPSHOT~da1f033f90, baseline=1.41.0-SNAPSHOT~b53b6dc565

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.073 s) : 0, 1072621
Total [baseline] (8.584 s) : 0, 8584059
Agent [candidate] (1.069 s) : 0, 1069359
Total [candidate] (8.542 s) : 0, 8541882
section iast
Agent [baseline] (1.203 s) : 0, 1202735
Total [baseline] (9.095 s) : 0, 9094884
Agent [candidate] (1.204 s) : 0, 1203748
Total [candidate] (9.128 s) : 0, 9127825
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.204 s) : 0, 1204261
Total [baseline] (9.05 s) : 0, 9049973
Agent [candidate] (1.206 s) : 0, 1206102
Total [candidate] (9.107 s) : 0, 9107152
section iast_TELEMETRY_OFF
Agent [baseline] (1.201 s) : 0, 1201330
Total [baseline] (9.059 s) : 0, 9058696
Agent [candidate] (1.194 s) : 0, 1194496
Total [candidate] (9.086 s) : 0, 9085895
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.073 s -
Agent iast 1.203 s 130.114 ms (12.1%)
Agent iast_HARDCODED_SECRET_DISABLED 1.204 s 131.64 ms (12.3%)
Agent iast_TELEMETRY_OFF 1.201 s 128.709 ms (12.0%)
Total tracing 8.584 s -
Total iast 9.095 s 510.826 ms (6.0%)
Total iast_HARDCODED_SECRET_DISABLED 9.05 s 465.915 ms (5.4%)
Total iast_TELEMETRY_OFF 9.059 s 474.638 ms (5.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.069 s -
Agent iast 1.204 s 134.39 ms (12.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.206 s 136.743 ms (12.8%)
Agent iast_TELEMETRY_OFF 1.194 s 125.137 ms (11.7%)
Total tracing 8.542 s -
Total iast 9.128 s 585.943 ms (6.9%)
Total iast_HARDCODED_SECRET_DISABLED 9.107 s 565.27 ms (6.6%)
Total iast_TELEMETRY_OFF 9.086 s 544.013 ms (6.4%)
gantt
    title insecure-bank - break down per module: candidate=1.41.0-SNAPSHOT~da1f033f90, baseline=1.41.0-SNAPSHOT~b53b6dc565

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (684.643 ms) : 0, 684643
BytebuddyAgent [candidate] (681.87 ms) : 0, 681870
GlobalTracer [baseline] (312.416 ms) : 0, 312416
GlobalTracer [candidate] (312.023 ms) : 0, 312023
AppSec [baseline] (53.855 ms) : 0, 53855
AppSec [candidate] (53.645 ms) : 0, 53645
Remote Config [baseline] (670.562 µs) : 0, 671
Remote Config [candidate] (668.275 µs) : 0, 668
Telemetry [baseline] (7.437 ms) : 0, 7437
Telemetry [candidate] (7.508 ms) : 0, 7508
section iast
BytebuddyAgent [baseline] (802.708 ms) : 0, 802708
BytebuddyAgent [candidate] (801.853 ms) : 0, 801853
GlobalTracer [baseline] (301.071 ms) : 0, 301071
GlobalTracer [candidate] (302.031 ms) : 0, 302031
AppSec [baseline] (56.304 ms) : 0, 56304
AppSec [candidate] (54.752 ms) : 0, 54752
IAST [baseline] (21.25 ms) : 0, 21250
IAST [candidate] (23.692 ms) : 0, 23692
Remote Config [baseline] (601.532 µs) : 0, 602
Remote Config [candidate] (622.261 µs) : 0, 622
Telemetry [baseline] (7.083 ms) : 0, 7083
Telemetry [candidate] (7.052 ms) : 0, 7052
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (802.542 ms) : 0, 802542
BytebuddyAgent [candidate] (802.681 ms) : 0, 802681
GlobalTracer [baseline] (302.196 ms) : 0, 302196
GlobalTracer [candidate] (303.32 ms) : 0, 303320
AppSec [baseline] (55.37 ms) : 0, 55370
AppSec [candidate] (57.868 ms) : 0, 57868
IAST [baseline] (22.821 ms) : 0, 22821
IAST [candidate] (20.724 ms) : 0, 20724
Remote Config [baseline] (597.421 µs) : 0, 597
Remote Config [candidate] (605.333 µs) : 0, 605
Telemetry [baseline] (7.035 ms) : 0, 7035
Telemetry [candidate] (7.124 ms) : 0, 7124
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (800.178 ms) : 0, 800178
BytebuddyAgent [candidate] (794.248 ms) : 0, 794248
GlobalTracer [baseline] (302.18 ms) : 0, 302180
GlobalTracer [candidate] (301.242 ms) : 0, 301242
AppSec [baseline] (56.243 ms) : 0, 56243
AppSec [candidate] (55.426 ms) : 0, 55426
IAST [baseline] (21.509 ms) : 0, 21509
IAST [candidate] (22.293 ms) : 0, 22293
Remote Config [baseline] (580.898 µs) : 0, 581
Remote Config [candidate] (604.61 µs) : 0, 605
Telemetry [baseline] (6.915 ms) : 0, 6915
Telemetry [candidate] (6.973 ms) : 0, 6973
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-10-17T07:01:19 2024-10-17T07:08:12
git_branch master alejandro.gonzalez/String-subsequence-taint-tracking
git_commit_date 1729113612 1729147794
git_commit_sha b53b6dc da1f033
release_version 1.41.0-SNAPSHOT~b53b6dc565 1.41.0-SNAPSHOT~da1f033f90
start_time 2024-10-17T07:01:05 2024-10-17T07:07:59
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1729149240 1729149240
ci_job_id 674959430 674959430
ci_pipeline_id 46789093 46789093
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics.

Request duration reports for insecure-bank
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.41.0-SNAPSHOT~da1f033f90, baseline=1.41.0-SNAPSHOT~b53b6dc565
    dateFormat X
    axisFormat %s
section baseline
no_agent (370.49 µs) : 351, 390
.   : milestone, 370,
iast (484.374 µs) : 463, 505
.   : milestone, 484,
iast_FULL (554.036 µs) : 533, 575
.   : milestone, 554,
iast_GLOBAL (521.497 µs) : 498, 545
.   : milestone, 521,
iast_HARDCODED_SECRET_DISABLED (484.019 µs) : 463, 505
.   : milestone, 484,
iast_INACTIVE (455.962 µs) : 435, 477
.   : milestone, 456,
iast_TELEMETRY_OFF (474.591 µs) : 453, 496
.   : milestone, 475,
tracing (451.621 µs) : 431, 472
.   : milestone, 452,
section candidate
no_agent (378.7 µs) : 359, 398
.   : milestone, 379,
iast (486.908 µs) : 465, 509
.   : milestone, 487,
iast_FULL (558.952 µs) : 538, 580
.   : milestone, 559,
iast_GLOBAL (513.113 µs) : 491, 535
.   : milestone, 513,
iast_HARDCODED_SECRET_DISABLED (491.433 µs) : 470, 513
.   : milestone, 491,
iast_INACTIVE (457.901 µs) : 436, 480
.   : milestone, 458,
iast_TELEMETRY_OFF (476.996 µs) : 455, 499
.   : milestone, 477,
tracing (449.764 µs) : 429, 471
.   : milestone, 450,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 370.49 µs [350.609 µs, 390.372 µs] -
iast 484.374 µs [463.349 µs, 505.399 µs] 113.884 µs (30.7%)
iast_FULL 554.036 µs [532.845 µs, 575.228 µs] 183.546 µs (49.5%)
iast_GLOBAL 521.497 µs [498.191 µs, 544.803 µs] 151.007 µs (40.8%)
iast_HARDCODED_SECRET_DISABLED 484.019 µs [462.828 µs, 505.209 µs] 113.528 µs (30.6%)
iast_INACTIVE 455.962 µs [434.503 µs, 477.421 µs] 85.472 µs (23.1%)
iast_TELEMETRY_OFF 474.591 µs [453.155 µs, 496.027 µs] 104.1 µs (28.1%)
tracing 451.621 µs [430.87 µs, 472.371 µs] 81.13 µs (21.9%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 378.7 µs [359.129 µs, 398.27 µs] -
iast 486.908 µs [465.214 µs, 508.601 µs] 108.208 µs (28.6%)
iast_FULL 558.952 µs [537.531 µs, 580.373 µs] 180.252 µs (47.6%)
iast_GLOBAL 513.113 µs [490.82 µs, 535.405 µs] 134.413 µs (35.5%)
iast_HARDCODED_SECRET_DISABLED 491.433 µs [470.322 µs, 512.544 µs] 112.733 µs (29.8%)
iast_INACTIVE 457.901 µs [435.681 µs, 480.121 µs] 79.202 µs (20.9%)
iast_TELEMETRY_OFF 476.996 µs [455.147 µs, 498.844 µs] 98.296 µs (26.0%)
tracing 449.764 µs [428.967 µs, 470.562 µs] 71.065 µs (18.8%)
Request duration reports for petclinic
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.41.0-SNAPSHOT~da1f033f90, baseline=1.41.0-SNAPSHOT~b53b6dc565
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.355 ms) : 1336, 1375
.   : milestone, 1355,
appsec (1.705 ms) : 1680, 1730
.   : milestone, 1705,
appsec_no_iast (1.722 ms) : 1698, 1746
.   : milestone, 1722,
iast (1.484 ms) : 1461, 1507
.   : milestone, 1484,
profiling (1.548 ms) : 1523, 1572
.   : milestone, 1548,
tracing (1.485 ms) : 1461, 1510
.   : milestone, 1485,
section candidate
no_agent (1.333 ms) : 1313, 1353
.   : milestone, 1333,
appsec (1.705 ms) : 1681, 1728
.   : milestone, 1705,
appsec_no_iast (1.709 ms) : 1685, 1734
.   : milestone, 1709,
iast (1.503 ms) : 1481, 1526
.   : milestone, 1503,
profiling (1.531 ms) : 1507, 1555
.   : milestone, 1531,
tracing (1.484 ms) : 1458, 1509
.   : milestone, 1484,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.355 ms [1.336 ms, 1.375 ms] -
appsec 1.705 ms [1.68 ms, 1.73 ms] 349.783 µs (25.8%)
appsec_no_iast 1.722 ms [1.698 ms, 1.746 ms] 366.74 µs (27.1%)
iast 1.484 ms [1.461 ms, 1.507 ms] 128.625 µs (9.5%)
profiling 1.548 ms [1.523 ms, 1.572 ms] 192.383 µs (14.2%)
tracing 1.485 ms [1.461 ms, 1.51 ms] 129.845 µs (9.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.333 ms [1.313 ms, 1.353 ms] -
appsec 1.705 ms [1.681 ms, 1.728 ms] 371.821 µs (27.9%)
appsec_no_iast 1.709 ms [1.685 ms, 1.734 ms] 376.488 µs (28.2%)
iast 1.503 ms [1.481 ms, 1.526 ms] 170.567 µs (12.8%)
profiling 1.531 ms [1.507 ms, 1.555 ms] 197.688 µs (14.8%)
tracing 1.484 ms [1.458 ms, 1.509 ms] 150.631 µs (11.3%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/String-subsequence-taint-tracking
git_commit_date 1729113612 1729147794
git_commit_sha b53b6dc da1f033
release_version 1.41.0-SNAPSHOT~b53b6dc565 1.41.0-SNAPSHOT~da1f033f90
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1729149798 1729149798
ci_job_id 674959431 674959431
ci_pipeline_id 46789093 46789093
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.41.0-SNAPSHOT~da1f033f90, baseline=1.41.0-SNAPSHOT~b53b6dc565
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.46 ms) : 1449, 1472
.   : milestone, 1460,
appsec (2.318 ms) : 2276, 2359
.   : milestone, 2318,
iast (2.055 ms) : 2003, 2107
.   : milestone, 2055,
iast_GLOBAL (2.089 ms) : 2038, 2141
.   : milestone, 2089,
profiling (1.936 ms) : 1894, 1978
.   : milestone, 1936,
tracing (1.909 ms) : 1869, 1948
.   : milestone, 1909,
section candidate
no_agent (1.457 ms) : 1446, 1469
.   : milestone, 1457,
appsec (2.309 ms) : 2268, 2350
.   : milestone, 2309,
iast (2.072 ms) : 2020, 2124
.   : milestone, 2072,
iast_GLOBAL (2.105 ms) : 2053, 2157
.   : milestone, 2105,
profiling (1.924 ms) : 1883, 1965
.   : milestone, 1924,
tracing (1.903 ms) : 1863, 1942
.   : milestone, 1903,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.46 ms [1.449 ms, 1.472 ms] -
appsec 2.318 ms [2.276 ms, 2.359 ms] 857.42 µs (58.7%)
iast 2.055 ms [2.003 ms, 2.107 ms] 594.9 µs (40.7%)
iast_GLOBAL 2.089 ms [2.038 ms, 2.141 ms] 629.336 µs (43.1%)
profiling 1.936 ms [1.894 ms, 1.978 ms] 475.856 µs (32.6%)
tracing 1.909 ms [1.869 ms, 1.948 ms] 448.535 µs (30.7%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.457 ms [1.446 ms, 1.469 ms] -
appsec 2.309 ms [2.268 ms, 2.35 ms] 851.265 µs (58.4%)
iast 2.072 ms [2.02 ms, 2.124 ms] 614.795 µs (42.2%)
iast_GLOBAL 2.105 ms [2.053 ms, 2.157 ms] 647.705 µs (44.4%)
profiling 1.924 ms [1.883 ms, 1.965 ms] 466.86 µs (32.0%)
tracing 1.903 ms [1.863 ms, 1.942 ms] 445.238 µs (30.6%)
Execution time for biojava
gantt
    title biojava - execution time [CI 0.99] : candidate=1.41.0-SNAPSHOT~da1f033f90, baseline=1.41.0-SNAPSHOT~b53b6dc565
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.786 s) : 15786000, 15786000
.   : milestone, 15786000,
appsec (15.329 s) : 15329000, 15329000
.   : milestone, 15329000,
iast (18.577 s) : 18577000, 18577000
.   : milestone, 18577000,
iast_GLOBAL (18.093 s) : 18093000, 18093000
.   : milestone, 18093000,
profiling (14.83 s) : 14830000, 14830000
.   : milestone, 14830000,
tracing (15.149 s) : 15149000, 15149000
.   : milestone, 15149000,
section candidate
no_agent (15.784 s) : 15784000, 15784000
.   : milestone, 15784000,
appsec (14.939 s) : 14939000, 14939000
.   : milestone, 14939000,
iast (18.689 s) : 18689000, 18689000
.   : milestone, 18689000,
iast_GLOBAL (17.943 s) : 17943000, 17943000
.   : milestone, 17943000,
profiling (15.402 s) : 15402000, 15402000
.   : milestone, 15402000,
tracing (15.011 s) : 15011000, 15011000
.   : milestone, 15011000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.786 s [15.786 s, 15.786 s] -
appsec 15.329 s [15.329 s, 15.329 s] -457.0 ms (-2.9%)
iast 18.577 s [18.577 s, 18.577 s] 2.791 s (17.7%)
iast_GLOBAL 18.093 s [18.093 s, 18.093 s] 2.307 s (14.6%)
profiling 14.83 s [14.83 s, 14.83 s] -956.0 ms (-6.1%)
tracing 15.149 s [15.149 s, 15.149 s] -637.0 ms (-4.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.784 s [15.784 s, 15.784 s] -
appsec 14.939 s [14.939 s, 14.939 s] -845.0 ms (-5.4%)
iast 18.689 s [18.689 s, 18.689 s] 2.905 s (18.4%)
iast_GLOBAL 17.943 s [17.943 s, 17.943 s] 2.159 s (13.7%)
profiling 15.402 s [15.402 s, 15.402 s] -382.0 ms (-2.4%)
tracing 15.011 s [15.011 s, 15.011 s] -773.0 ms (-4.9%)

@jandro996 jandro996 marked this pull request as ready for review October 21, 2024 09:34
@jandro996 jandro996 requested a review from a team as a code owner October 21, 2024 09:34
Copy link
Contributor

@Mariovido Mariovido left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jandro996 jandro996 merged commit 46be01c into master Oct 21, 2024
104 checks passed
@jandro996 jandro996 deleted the alejandro.gonzalez/String-subsequence-taint-tracking branch October 21, 2024 11:05
@github-actions github-actions bot added this to the 1.42.0 milestone Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
comp: asm iast Application Security Management (IAST) type: bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants