Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add propagation to StringBuilder substring methods #7980

Merged
merged 3 commits into from
Nov 21, 2024

Conversation

Mariovido
Copy link
Contributor

@Mariovido Mariovido commented Nov 20, 2024

What Does This Do

This adds the instrumentation to propagate the taint values through the following methods of StringBuilder:

  • substring(int)
  • substring(int, int)

Motivation

Increase propagation of StringBuilder methods.

Additional Notes

This PR also made some small refactors to make some methods more generic.

Contributor Checklist

Jira ticket: APPSEC-55361

@Mariovido Mariovido added type: enhancement comp: asm iast Application Security Management (IAST) inst: java Core Java language instrumentation labels Nov 20, 2024
@pr-commenter
Copy link

pr-commenter bot commented Nov 20, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master mario.vidal/taint_tracking_builder_substring
git_commit_date 1732111926 1732111472
git_commit_sha 270a82d 2fc0ced
release_version 1.43.0-SNAPSHOT~270a82d63a 1.43.0-SNAPSHOT~2fc0cedf40
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1732114179 1732114179
ci_job_id 713807735 713807735
ci_pipeline_id 49496593 49496593
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 52 metrics, 11 unstable metrics.

Startup time reports for insecure-bank
gantt
    title insecure-bank - global startup overhead: candidate=1.43.0-SNAPSHOT~2fc0cedf40, baseline=1.43.0-SNAPSHOT~270a82d63a

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.09 s) : 0, 1089632
Total [baseline] (8.663 s) : 0, 8662875
Agent [candidate] (1.096 s) : 0, 1095744
Total [candidate] (8.674 s) : 0, 8673562
section iast
Agent [baseline] (1.216 s) : 0, 1216321
Total [baseline] (9.183 s) : 0, 9183338
Agent [candidate] (1.214 s) : 0, 1214415
Total [candidate] (9.21 s) : 0, 9210108
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.215 s) : 0, 1214924
Total [baseline] (9.164 s) : 0, 9164421
Agent [candidate] (1.216 s) : 0, 1215798
Total [candidate] (9.172 s) : 0, 9172028
section iast_TELEMETRY_OFF
Agent [baseline] (1.219 s) : 0, 1219268
Total [baseline] (9.18 s) : 0, 9180442
Agent [candidate] (1.229 s) : 0, 1228921
Total [candidate] (9.216 s) : 0, 9216211
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.09 s -
Agent iast 1.216 s 126.689 ms (11.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.215 s 125.292 ms (11.5%)
Agent iast_TELEMETRY_OFF 1.219 s 129.636 ms (11.9%)
Total tracing 8.663 s -
Total iast 9.183 s 520.463 ms (6.0%)
Total iast_HARDCODED_SECRET_DISABLED 9.164 s 501.546 ms (5.8%)
Total iast_TELEMETRY_OFF 9.18 s 517.567 ms (6.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.096 s -
Agent iast 1.214 s 118.671 ms (10.8%)
Agent iast_HARDCODED_SECRET_DISABLED 1.216 s 120.054 ms (11.0%)
Agent iast_TELEMETRY_OFF 1.229 s 133.177 ms (12.2%)
Total tracing 8.674 s -
Total iast 9.21 s 536.546 ms (6.2%)
Total iast_HARDCODED_SECRET_DISABLED 9.172 s 498.466 ms (5.7%)
Total iast_TELEMETRY_OFF 9.216 s 542.649 ms (6.3%)
gantt
    title insecure-bank - break down per module: candidate=1.43.0-SNAPSHOT~2fc0cedf40, baseline=1.43.0-SNAPSHOT~270a82d63a

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (693.55 ms) : 0, 693550
BytebuddyAgent [candidate] (696.85 ms) : 0, 696850
GlobalTracer [baseline] (317.253 ms) : 0, 317253
GlobalTracer [candidate] (318.356 ms) : 0, 318356
AppSec [baseline] (54.489 ms) : 0, 54489
AppSec [candidate] (54.541 ms) : 0, 54541
Remote Config [baseline] (682.747 µs) : 0, 683
Remote Config [candidate] (703.608 µs) : 0, 704
Telemetry [baseline] (9.96 ms) : 0, 9960
Telemetry [candidate] (11.506 ms) : 0, 11506
section iast
BytebuddyAgent [baseline] (809.522 ms) : 0, 809522
BytebuddyAgent [candidate] (808.414 ms) : 0, 808414
GlobalTracer [baseline] (306.328 ms) : 0, 306328
GlobalTracer [candidate] (305.408 ms) : 0, 305408
AppSec [baseline] (57.826 ms) : 0, 57826
AppSec [candidate] (56.747 ms) : 0, 56747
Remote Config [baseline] (613.453 µs) : 0, 613
Remote Config [candidate] (595.482 µs) : 0, 595
Telemetry [baseline] (7.508 ms) : 0, 7508
Telemetry [candidate] (7.35 ms) : 0, 7350
IAST [baseline] (20.787 ms) : 0, 20787
IAST [candidate] (22.19 ms) : 0, 22190
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (808.513 ms) : 0, 808513
BytebuddyAgent [candidate] (808.758 ms) : 0, 808758
GlobalTracer [baseline] (305.282 ms) : 0, 305282
GlobalTracer [candidate] (305.951 ms) : 0, 305951
AppSec [baseline] (57.523 ms) : 0, 57523
AppSec [candidate] (55.083 ms) : 0, 55083
Remote Config [baseline] (607.867 µs) : 0, 608
Remote Config [candidate] (654.257 µs) : 0, 654
Telemetry [baseline] (7.502 ms) : 0, 7502
Telemetry [candidate] (7.427 ms) : 0, 7427
IAST [baseline] (21.814 ms) : 0, 21814
IAST [candidate] (24.203 ms) : 0, 24203
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (811.932 ms) : 0, 811932
BytebuddyAgent [candidate] (818.226 ms) : 0, 818226
GlobalTracer [baseline] (307.154 ms) : 0, 307154
GlobalTracer [candidate] (309.209 ms) : 0, 309209
AppSec [baseline] (58.333 ms) : 0, 58333
AppSec [candidate] (57.844 ms) : 0, 57844
Remote Config [baseline] (601.891 µs) : 0, 602
Remote Config [candidate] (624.133 µs) : 0, 624
Telemetry [baseline] (7.378 ms) : 0, 7378
Telemetry [candidate] (7.541 ms) : 0, 7541
IAST [baseline] (20.095 ms) : 0, 20095
IAST [candidate] (21.553 ms) : 0, 21553
Loading
Startup time reports for petclinic
gantt
    title petclinic - global startup overhead: candidate=1.43.0-SNAPSHOT~2fc0cedf40, baseline=1.43.0-SNAPSHOT~270a82d63a

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.085 s) : 0, 1084610
Total [baseline] (10.511 s) : 0, 10510578
Agent [candidate] (1.091 s) : 0, 1091378
Total [candidate] (10.487 s) : 0, 10487290
section appsec
Agent [baseline] (1.226 s) : 0, 1225562
Total [baseline] (10.741 s) : 0, 10740925
Agent [candidate] (1.223 s) : 0, 1222744
Total [candidate] (10.728 s) : 0, 10728120
section iast
Agent [baseline] (1.213 s) : 0, 1213226
Total [baseline] (10.9 s) : 0, 10900434
Agent [candidate] (1.218 s) : 0, 1217747
Total [candidate] (11.0 s) : 0, 10999520
section profiling
Agent [baseline] (1.288 s) : 0, 1288353
Total [baseline] (10.82 s) : 0, 10819644
Agent [candidate] (1.286 s) : 0, 1285536
Total [candidate] (10.772 s) : 0, 10771910
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.085 s -
Agent appsec 1.226 s 140.953 ms (13.0%)
Agent iast 1.213 s 128.616 ms (11.9%)
Agent profiling 1.288 s 203.743 ms (18.8%)
Total tracing 10.511 s -
Total appsec 10.741 s 230.347 ms (2.2%)
Total iast 10.9 s 389.855 ms (3.7%)
Total profiling 10.82 s 309.066 ms (2.9%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.091 s -
Agent appsec 1.223 s 131.366 ms (12.0%)
Agent iast 1.218 s 126.369 ms (11.6%)
Agent profiling 1.286 s 194.158 ms (17.8%)
Total tracing 10.487 s -
Total appsec 10.728 s 240.83 ms (2.3%)
Total iast 11.0 s 512.229 ms (4.9%)
Total profiling 10.772 s 284.619 ms (2.7%)
gantt
    title petclinic - break down per module: candidate=1.43.0-SNAPSHOT~2fc0cedf40, baseline=1.43.0-SNAPSHOT~270a82d63a

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (690.81 ms) : 0, 690810
BytebuddyAgent [candidate] (696.287 ms) : 0, 696287
GlobalTracer [baseline] (316.478 ms) : 0, 316478
GlobalTracer [candidate] (317.004 ms) : 0, 317004
AppSec [baseline] (54.504 ms) : 0, 54504
AppSec [candidate] (54.277 ms) : 0, 54277
Remote Config [baseline] (679.309 µs) : 0, 679
Remote Config [candidate] (702.316 µs) : 0, 702
Telemetry [baseline] (8.485 ms) : 0, 8485
Telemetry [candidate] (9.333 ms) : 0, 9333
section appsec
BytebuddyAgent [baseline] (711.193 ms) : 0, 711193
BytebuddyAgent [candidate] (709.936 ms) : 0, 709936
GlobalTracer [baseline] (315.032 ms) : 0, 315032
GlobalTracer [candidate] (314.315 ms) : 0, 314315
AppSec [baseline] (167.213 ms) : 0, 167213
AppSec [candidate] (166.006 ms) : 0, 166006
Remote Config [baseline] (643.341 µs) : 0, 643
Remote Config [candidate] (654.112 µs) : 0, 654
Telemetry [baseline] (7.936 ms) : 0, 7936
Telemetry [candidate] (7.872 ms) : 0, 7872
IAST [baseline] (19.681 ms) : 0, 19681
IAST [candidate] (20.54 ms) : 0, 20540
section iast
BytebuddyAgent [baseline] (807.256 ms) : 0, 807256
BytebuddyAgent [candidate] (810.826 ms) : 0, 810826
GlobalTracer [baseline] (305.881 ms) : 0, 305881
GlobalTracer [candidate] (306.534 ms) : 0, 306534
AppSec [baseline] (57.629 ms) : 0, 57629
AppSec [candidate] (56.716 ms) : 0, 56716
Remote Config [baseline] (611.562 µs) : 0, 612
Remote Config [candidate] (622.195 µs) : 0, 622
Telemetry [baseline] (7.426 ms) : 0, 7426
Telemetry [candidate] (7.493 ms) : 0, 7493
IAST [baseline] (20.73 ms) : 0, 20730
IAST [candidate] (21.839 ms) : 0, 21839
section profiling
BytebuddyAgent [baseline] (685.833 ms) : 0, 685833
BytebuddyAgent [candidate] (686.652 ms) : 0, 686652
GlobalTracer [baseline] (402.096 ms) : 0, 402096
GlobalTracer [candidate] (399.876 ms) : 0, 399876
AppSec [baseline] (55.383 ms) : 0, 55383
AppSec [candidate] (54.812 ms) : 0, 54812
Remote Config [baseline] (673.028 µs) : 0, 673
Remote Config [candidate] (666.805 µs) : 0, 667
Telemetry [baseline] (12.803 ms) : 0, 12803
Telemetry [candidate] (10.756 ms) : 0, 10756
ProfilingAgent [baseline] (92.566 ms) : 0, 92566
ProfilingAgent [candidate] (93.804 ms) : 0, 93804
Profiling [baseline] (92.589 ms) : 0, 92589
Profiling [candidate] (93.827 ms) : 0, 93827
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-11-20T14:19:31 2024-11-20T14:26:31
git_branch master mario.vidal/taint_tracking_builder_substring
git_commit_date 1732111926 1732111472
git_commit_sha 270a82d 2fc0ced
release_version 1.43.0-SNAPSHOT~270a82d63a 1.43.0-SNAPSHOT~2fc0cedf40
start_time 2024-11-20T14:19:18 2024-11-20T14:26:17
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1732113144 1732113144
ci_job_id 713807736 713807736
ci_pipeline_id 49496593 49496593
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics.

Request duration reports for insecure-bank
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~2fc0cedf40, baseline=1.43.0-SNAPSHOT~270a82d63a
    dateFormat X
    axisFormat %s
section baseline
no_agent (370.884 µs) : 351, 391
.   : milestone, 371,
iast (489.27 µs) : 468, 511
.   : milestone, 489,
iast_FULL (655.565 µs) : 634, 677
.   : milestone, 656,
iast_GLOBAL (524.183 µs) : 502, 546
.   : milestone, 524,
iast_HARDCODED_SECRET_DISABLED (495.927 µs) : 474, 518
.   : milestone, 496,
iast_INACTIVE (457.479 µs) : 436, 479
.   : milestone, 457,
iast_TELEMETRY_OFF (482.799 µs) : 461, 504
.   : milestone, 483,
tracing (454.72 µs) : 434, 475
.   : milestone, 455,
section candidate
no_agent (375.057 µs) : 354, 396
.   : milestone, 375,
iast (496.263 µs) : 475, 518
.   : milestone, 496,
iast_FULL (652.649 µs) : 631, 674
.   : milestone, 653,
iast_GLOBAL (519.192 µs) : 498, 541
.   : milestone, 519,
iast_HARDCODED_SECRET_DISABLED (496.785 µs) : 475, 518
.   : milestone, 497,
iast_INACTIVE (452.332 µs) : 431, 474
.   : milestone, 452,
iast_TELEMETRY_OFF (481.157 µs) : 460, 502
.   : milestone, 481,
tracing (455.058 µs) : 434, 476
.   : milestone, 455,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 370.884 µs [350.697 µs, 391.072 µs] -
iast 489.27 µs [468.025 µs, 510.515 µs] 118.386 µs (31.9%)
iast_FULL 655.565 µs [633.85 µs, 677.28 µs] 284.681 µs (76.8%)
iast_GLOBAL 524.183 µs [502.436 µs, 545.93 µs] 153.299 µs (41.3%)
iast_HARDCODED_SECRET_DISABLED 495.927 µs [474.174 µs, 517.68 µs] 125.042 µs (33.7%)
iast_INACTIVE 457.479 µs [435.7 µs, 479.258 µs] 86.595 µs (23.3%)
iast_TELEMETRY_OFF 482.799 µs [461.253 µs, 504.345 µs] 111.915 µs (30.2%)
tracing 454.72 µs [434.098 µs, 475.341 µs] 83.835 µs (22.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 375.057 µs [354.325 µs, 395.789 µs] -
iast 496.263 µs [474.623 µs, 517.903 µs] 121.206 µs (32.3%)
iast_FULL 652.649 µs [631.114 µs, 674.185 µs] 277.592 µs (74.0%)
iast_GLOBAL 519.192 µs [497.503 µs, 540.882 µs] 144.135 µs (38.4%)
iast_HARDCODED_SECRET_DISABLED 496.785 µs [475.077 µs, 518.493 µs] 121.728 µs (32.5%)
iast_INACTIVE 452.332 µs [431.051 µs, 473.613 µs] 77.275 µs (20.6%)
iast_TELEMETRY_OFF 481.157 µs [459.977 µs, 502.336 µs] 106.099 µs (28.3%)
tracing 455.058 µs [433.856 µs, 476.261 µs] 80.001 µs (21.3%)
Request duration reports for petclinic
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~2fc0cedf40, baseline=1.43.0-SNAPSHOT~270a82d63a
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.368 ms) : 1348, 1389
.   : milestone, 1368,
appsec (1.785 ms) : 1761, 1810
.   : milestone, 1785,
appsec_no_iast (1.767 ms) : 1743, 1791
.   : milestone, 1767,
iast (1.512 ms) : 1490, 1535
.   : milestone, 1512,
profiling (1.514 ms) : 1491, 1537
.   : milestone, 1514,
tracing (1.495 ms) : 1470, 1520
.   : milestone, 1495,
section candidate
no_agent (1.374 ms) : 1354, 1394
.   : milestone, 1374,
appsec (1.769 ms) : 1744, 1794
.   : milestone, 1769,
appsec_no_iast (1.768 ms) : 1742, 1793
.   : milestone, 1768,
iast (1.485 ms) : 1462, 1509
.   : milestone, 1485,
profiling (1.505 ms) : 1482, 1528
.   : milestone, 1505,
tracing (1.495 ms) : 1471, 1519
.   : milestone, 1495,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.368 ms [1.348 ms, 1.389 ms] -
appsec 1.785 ms [1.761 ms, 1.81 ms] 416.939 µs (30.5%)
appsec_no_iast 1.767 ms [1.743 ms, 1.791 ms] 398.312 µs (29.1%)
iast 1.512 ms [1.49 ms, 1.535 ms] 143.938 µs (10.5%)
profiling 1.514 ms [1.491 ms, 1.537 ms] 145.381 µs (10.6%)
tracing 1.495 ms [1.47 ms, 1.52 ms] 126.067 µs (9.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.374 ms [1.354 ms, 1.394 ms] -
appsec 1.769 ms [1.744 ms, 1.794 ms] 394.843 µs (28.7%)
appsec_no_iast 1.768 ms [1.742 ms, 1.793 ms] 393.817 µs (28.7%)
iast 1.485 ms [1.462 ms, 1.509 ms] 111.622 µs (8.1%)
profiling 1.505 ms [1.482 ms, 1.528 ms] 130.854 µs (9.5%)
tracing 1.495 ms [1.471 ms, 1.519 ms] 121.057 µs (8.8%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master mario.vidal/taint_tracking_builder_substring
git_commit_date 1732111926 1732111472
git_commit_sha 270a82d 2fc0ced
release_version 1.43.0-SNAPSHOT~270a82d63a 1.43.0-SNAPSHOT~2fc0cedf40
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1732113657 1732113657
ci_job_id 713807737 713807737
ci_pipeline_id 49496593 49496593
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~2fc0cedf40, baseline=1.43.0-SNAPSHOT~270a82d63a
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.462 ms) : 1451, 1474
.   : milestone, 1462,
appsec (2.332 ms) : 2290, 2373
.   : milestone, 2332,
iast (2.072 ms) : 2020, 2125
.   : milestone, 2072,
iast_GLOBAL (2.113 ms) : 2061, 2165
.   : milestone, 2113,
profiling (2.438 ms) : 2249, 2628
.   : milestone, 2438,
tracing (1.914 ms) : 1874, 1954
.   : milestone, 1914,
section candidate
no_agent (1.464 ms) : 1452, 1475
.   : milestone, 1464,
appsec (2.323 ms) : 2282, 2364
.   : milestone, 2323,
iast (2.068 ms) : 2016, 2120
.   : milestone, 2068,
iast_GLOBAL (2.113 ms) : 2060, 2165
.   : milestone, 2113,
profiling (1.937 ms) : 1895, 1979
.   : milestone, 1937,
tracing (1.914 ms) : 1874, 1953
.   : milestone, 1914,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.462 ms [1.451 ms, 1.474 ms] -
appsec 2.332 ms [2.29 ms, 2.373 ms] 869.283 µs (59.4%)
iast 2.072 ms [2.02 ms, 2.125 ms] 610.158 µs (41.7%)
iast_GLOBAL 2.113 ms [2.061 ms, 2.165 ms] 650.771 µs (44.5%)
profiling 2.438 ms [2.249 ms, 2.628 ms] 975.965 µs (66.7%)
tracing 1.914 ms [1.874 ms, 1.954 ms] 451.737 µs (30.9%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.464 ms [1.452 ms, 1.475 ms] -
appsec 2.323 ms [2.282 ms, 2.364 ms] 859.122 µs (58.7%)
iast 2.068 ms [2.016 ms, 2.12 ms] 604.295 µs (41.3%)
iast_GLOBAL 2.113 ms [2.06 ms, 2.165 ms] 648.794 µs (44.3%)
profiling 1.937 ms [1.895 ms, 1.979 ms] 473.198 µs (32.3%)
tracing 1.914 ms [1.874 ms, 1.953 ms] 449.843 µs (30.7%)
Execution time for biojava
gantt
    title biojava - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~2fc0cedf40, baseline=1.43.0-SNAPSHOT~270a82d63a
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.551 s) : 15551000, 15551000
.   : milestone, 15551000,
appsec (15.011 s) : 15011000, 15011000
.   : milestone, 15011000,
iast (18.541 s) : 18541000, 18541000
.   : milestone, 18541000,
iast_GLOBAL (18.145 s) : 18145000, 18145000
.   : milestone, 18145000,
profiling (14.926 s) : 14926000, 14926000
.   : milestone, 14926000,
tracing (15.116 s) : 15116000, 15116000
.   : milestone, 15116000,
section candidate
no_agent (15.649 s) : 15649000, 15649000
.   : milestone, 15649000,
appsec (15.105 s) : 15105000, 15105000
.   : milestone, 15105000,
iast (18.534 s) : 18534000, 18534000
.   : milestone, 18534000,
iast_GLOBAL (18.169 s) : 18169000, 18169000
.   : milestone, 18169000,
profiling (14.695 s) : 14695000, 14695000
.   : milestone, 14695000,
tracing (14.975 s) : 14975000, 14975000
.   : milestone, 14975000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.551 s [15.551 s, 15.551 s] -
appsec 15.011 s [15.011 s, 15.011 s] -540.0 ms (-3.5%)
iast 18.541 s [18.541 s, 18.541 s] 2.99 s (19.2%)
iast_GLOBAL 18.145 s [18.145 s, 18.145 s] 2.594 s (16.7%)
profiling 14.926 s [14.926 s, 14.926 s] -625.0 ms (-4.0%)
tracing 15.116 s [15.116 s, 15.116 s] -435.0 ms (-2.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.649 s [15.649 s, 15.649 s] -
appsec 15.105 s [15.105 s, 15.105 s] -544.0 ms (-3.5%)
iast 18.534 s [18.534 s, 18.534 s] 2.885 s (18.4%)
iast_GLOBAL 18.169 s [18.169 s, 18.169 s] 2.52 s (16.1%)
profiling 14.695 s [14.695 s, 14.695 s] -954.0 ms (-6.1%)
tracing 14.975 s [14.975 s, 14.975 s] -674.0 ms (-4.3%)

@Mariovido Mariovido marked this pull request as ready for review November 20, 2024 11:40
@Mariovido Mariovido requested review from a team as code owners November 20, 2024 11:40
Copy link
Member

@jandro996 jandro996 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@Mariovido Mariovido merged commit d36ef9a into master Nov 21, 2024
102 checks passed
@Mariovido Mariovido deleted the mario.vidal/taint_tracking_builder_substring branch November 21, 2024 08:51
@github-actions github-actions bot added this to the 1.43.0 milestone Nov 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
comp: asm iast Application Security Management (IAST) inst: java Core Java language instrumentation type: enhancement
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants