package io.hawt.web;

import io.hawt.aether.MavenConstants;
import io.hawt.aether.MavenURL;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.zip.ZipInputStream;
import org.apache.aries.blueprint.parser.Parser;
import org.apache.commons.io.FileUtils;
import org.codehaus.plexus.util.LineOrientedInterpolatingReader;
import org.codehaus.plexus.util.SelectorUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.Marker;

/* loaded from: input_file:WEB-INF/lib/hawtio-system-1.4.0.redhat-630464.jar:io/hawt/web/GlobalFileUploadFilter.class */
public class GlobalFileUploadFilter {
    private static final transient Logger LOG = LoggerFactory.getLogger(GlobalFileUploadFilter.class);
    private static final String FILE_UPLOAD_PROPNAME = "hawtio.upload.filter";
    public static final int ALLOWED_NUMBER_OF_UPLOADS = 10;
    private static final String ZIP_SIGNATURE = "504B0304";
    private List<MagicNumberFileFilter> filters;

    /* loaded from: input_file:WEB-INF/lib/hawtio-system-1.4.0.redhat-630464.jar:io/hawt/web/GlobalFileUploadFilter$MagicNumberFileFilter.class */
    public static final class MagicNumberFileFilter {
        private long byteOffset;
        private List<String> exceptions;
        private byte[] magicNumbers = new byte[0];
        private String maxSize = "200bytes";

        public byte[] getMagicNumbers() {
            return this.magicNumbers;
        }

        public void setMagicNumbers(byte[] bArr) {
            if (bArr.length == 0) {
                throw new IllegalArgumentException("The magic number must contain at least one byte");
            }
            this.magicNumbers = bArr;
        }

        public long getByteOffset() {
            return this.byteOffset;
        }

        public void setByteOffset(long j) {
            if (j < 0) {
                throw new IllegalArgumentException("The offset cannot be negative");
            }
            this.byteOffset = j;
        }

        public String getMaxSize() {
            return this.maxSize;
        }

        public void setMaxSize(String str) {
            if (str != null) {
                this.maxSize = str;
            }
        }

        public List<String> getExceptions() {
            return this.exceptions;
        }

        public void setExceptions(List<String> list) {
            this.exceptions = list;
        }
    }

    public List<MagicNumberFileFilter> getFilterConfig() {
        return Collections.unmodifiableList(getFilters());
    }

    public GlobalFileUploadFilter() {
        String property = System.getProperty(FILE_UPLOAD_PROPNAME);
        if (property != null) {
            LOG.info("Configuring file upload using {} configurations", property);
            try {
                constructFilters(property, getFilters());
            } catch (RuntimeException e) {
                LOG.warn("Error configuring filter {}", property);
            }
        }
    }

    private static List<String> constructDefaultScriptingContent() {
        String[] strArr = {"#!/usr/bin/python", "#!/usr/local/bin/python", "#!/bin/sh", "#!/usr/bin/env python", "#!/bin/bash", "#!/usr/bin/bash", "#!/usr/local/bash", "#!/usr/local/bin/bash", "#!/usr/bin/env bash", "=<?php", "=<?\\n", "=<?\\r", "#!/usr/local/bin/php", "#!/usr/bin/php", "#!/usr/bin/pdmenu", "eval \"exec perl", "eval \"exec /bin/perl", "eval \"exec /usr/bin/perl", "eval \"exec /usr/local/bin/perl", "eval 'exec perl", "eval 'exec /bin/perl", "eval 'exec /usr/bin/perl", "eval 'exec /usr/local/bin/perl", "eval '(exit $?0)' && eval 'exec", "#!/usr/bin/env perl", "#! /usr/bin/env perl", "#!/bin/node", "#!/usr/bin/node", "#!/bin/nodejs", "#!/usr/bin/nodejs", "#!/usr/bin/env node", "#!/usr/bin/env nodejs", MavenConstants.SEPARATOR_OPTIONS, "echo off", "rem", "set", "<html>", "#!/usr/bin/env ruby", "#!/usr/bin/ruby", "#!", "<script>", "goscript", "//usr", "<%", "%>", "..", MavenURL.FILE_SEPARATOR, LineOrientedInterpolatingReader.DEFAULT_ESCAPE_SEQ, Marker.ANY_MARKER, "?", "%", ";", "#", "$", "&", SelectorUtils.PATTERN_HANDLER_PREFIX, SelectorUtils.PATTERN_HANDLER_SUFFIX, "^", "`", "~", ">>", "<<", "...", "#include", "stdio.h", "perl"};
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i <= strArr.length - 1; i++) {
            arrayList.add(strArr[i]);
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List<MagicNumberFileFilter> constructFilters(String str, List<MagicNumberFileFilter> list) {
        String[] split = str.split("-");
        for (int i = 0; i <= split.length - 1; i++) {
            MagicNumberFileFilter magicNumberFileFilter = new MagicNumberFileFilter();
            String[] split2 = split[i].split(",");
            for (int i2 = 0; i2 <= split2.length - 1; i2++) {
                if (split2[i2].toLowerCase().startsWith("signature=")) {
                    String substring = split2[i2].substring(10);
                    if (validateString(substring)) {
                        magicNumberFileFilter.setMagicNumbers(hexStringToByteArray(substring));
                    }
                }
                if (split2[i2].toLowerCase().startsWith("offset=")) {
                    String substring2 = split2[i2].toLowerCase().substring(7);
                    if (validateString(substring2)) {
                        magicNumberFileFilter.setByteOffset(Long.parseLong(substring2));
                    }
                }
                if (split2[i2].toLowerCase().startsWith("maxsize=")) {
                    String substring3 = split2[i2].substring(8);
                    if (validateString(substring3)) {
                        magicNumberFileFilter.setMaxSize(substring3.trim());
                    }
                }
                if (split2[i2].toLowerCase().startsWith("exc=")) {
                    ArrayList arrayList = new ArrayList();
                    String substring4 = split2[i2].substring(5);
                    if (validateString(substring4) && substring4.charAt(substring4.length() - 1) == ']') {
                        substring4 = substring4.substring(0, substring4.length() - 1);
                    }
                    for (String str2 : substring4.split("\\s+")) {
                        arrayList.add(str2);
                    }
                    magicNumberFileFilter.setExceptions(!arrayList.isEmpty() ? arrayList : new ArrayList());
                }
            }
            list.add(magicNumberFileFilter);
        }
        return list;
    }

    private static boolean validateString(String str) {
        return str != null && str.length() > 0;
    }

    protected static byte[] hexStringToByteArray(String str) {
        int length = str.length();
        byte[] bArr = new byte[length / 2];
        for (int i = 0; i < length; i += 2) {
            bArr[i / 2] = (byte) ((Character.digit(str.charAt(i), 16) << 4) + Character.digit(str.charAt(i + 1), 16));
        }
        return bArr;
    }

    static long translateFileSize(String str) {
        if (str.toLowerCase().trim().contains("bytes")) {
            String trim = str.toLowerCase().replace("bytes", "").trim();
            return Long.parseLong(!trim.equals("") ? trim : Parser.RANKING_DEFAULT);
        }
        if (str.toLowerCase().trim().contains("kb")) {
            String trim2 = str.toLowerCase().replace("kb", "").trim();
            return FileUtils.ONE_KB * Long.parseLong(!trim2.equals("") ? trim2 : Parser.RANKING_DEFAULT);
        }
        if (str.toLowerCase().trim().contains("mb")) {
            String trim3 = str.toLowerCase().replace("mb", "").trim();
            return FileUtils.ONE_MB * Long.parseLong(!trim3.equals("") ? trim3 : Parser.RANKING_DEFAULT);
        }
        if (!str.toLowerCase().trim().contains("gb")) {
            return 0L;
        }
        String trim4 = str.toLowerCase().replace("gb", "").trim();
        return FileUtils.ONE_GB * Long.parseLong(!trim4.equals("") ? trim4 : Parser.RANKING_DEFAULT);
    }

    public static synchronized boolean accept(byte[] bArr, List<MagicNumberFileFilter> list) {
        if (list == null || list.isEmpty()) {
            return true;
        }
        boolean z = false;
        for (MagicNumberFileFilter magicNumberFileFilter : list) {
            if (magicNumberFileFilter.getMagicNumbers().length > 0 && bArr.length >= magicNumberFileFilter.getByteOffset() + magicNumberFileFilter.getMagicNumbers().length) {
                if (Arrays.equals(magicNumberFileFilter.getMagicNumbers(), Arrays.copyOfRange(bArr, toIntExact(magicNumberFileFilter.getByteOffset()), toIntExact(magicNumberFileFilter.getByteOffset()) + magicNumberFileFilter.getMagicNumbers().length))) {
                    z = magicNumberFileFilter.getMaxSize() != null ? translateFileSize(FileUtils.byteCountToDisplaySize((long) bArr.length)) <= translateFileSize(magicNumberFileFilter.getMaxSize()) : true;
                    if (Arrays.equals(magicNumberFileFilter.getMagicNumbers(), hexStringToByteArray(ZIP_SIGNATURE)) && z) {
                        try {
                            z = unzip(bArr, list);
                        } catch (IOException e) {
                            e.printStackTrace();
                        }
                    }
                }
            } else if (magicNumberFileFilter.getExceptions() != null) {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(bArr.length);
                byteArrayOutputStream.write(bArr, 0, bArr.length);
                HashSet hashSet = new HashSet();
                for (String str : constructDefaultScriptingContent()) {
                    if (magicNumberFileFilter.getExceptions() != null && !magicNumberFileFilter.getExceptions().contains(str)) {
                        hashSet.add(str);
                    }
                }
                if (!isAsciiContentDangerous(byteArrayOutputStream, hashSet)) {
                    z = true;
                }
            }
        }
        return z;
    }

    private static int toIntExact(long j) {
        if (j < -2147483648L || j > 2147483647L) {
            throw new ArithmeticException("integer overflow");
        }
        return (int) j;
    }

    private static boolean unzip(byte[] bArr, List<MagicNumberFileFilter> list) throws IOException {
        int read;
        ZipInputStream zipInputStream = new ZipInputStream(new ByteArrayInputStream(bArr));
        boolean z = true;
        long j = 0;
        while (zipInputStream.getNextEntry() != null) {
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byte[] bArr2 = new byte[512];
                boolean z2 = true;
                while (j + 512 <= 5242880 && (read = zipInputStream.read(bArr2, 0, 512)) != -1) {
                    if (z2) {
                        z2 = isAsciiFile(bArr2, read);
                    }
                    byteArrayOutputStream.write(bArr2, 0, read);
                    j += read;
                }
                if (byteArrayOutputStream.toByteArray().length > 0) {
                    boolean accept = accept(byteArrayOutputStream.toByteArray(), list);
                    if (!accept) {
                        if (z2) {
                            if (!accept && isExceptionConfigured(list)) {
                                z = !isAsciiContentDangerous(byteArrayOutputStream, getFinalProhibitedList(list));
                            }
                            if (!accept && !isExceptionConfigured(list)) {
                                z = !isAsciiContentDangerous(byteArrayOutputStream, new HashSet(constructDefaultScriptingContent()));
                            }
                        } else {
                            z = false;
                        }
                    }
                }
                if (!z) {
                    return z;
                }
                if (byteArrayOutputStream != null) {
                    byteArrayOutputStream.close();
                }
            } finally {
                zipInputStream.close();
            }
        }
        zipInputStream.closeEntry();
        if (0 + 1 > 100) {
            throw new IllegalStateException("Too many files to unzip");
        }
        if (j > 5242880) {
            throw new IllegalStateException("File being unzipped is too big");
        }
        zipInputStream.close();
        return z;
    }

    static boolean isAsciiFile(byte[] bArr, int i) {
        for (int i2 = 0; i2 < i; i2++) {
            if ((128 & bArr[i2]) != 0) {
                return false;
            }
        }
        return true;
    }

    static Set<String> getFinalProhibitedList(List<MagicNumberFileFilter> list) {
        HashSet hashSet = new HashSet();
        for (String str : constructDefaultScriptingContent()) {
            for (MagicNumberFileFilter magicNumberFileFilter : list) {
                if (magicNumberFileFilter.getExceptions() != null && !magicNumberFileFilter.getExceptions().contains(str)) {
                    hashSet.add(str);
                }
            }
        }
        return hashSet;
    }

    private static boolean isExceptionConfigured(List<MagicNumberFileFilter> list) {
        boolean z = true;
        Iterator<MagicNumberFileFilter> it = list.iterator();
        while (it.hasNext()) {
            z = it.next().getExceptions() != null;
        }
        return z;
    }

    static boolean isAsciiContentDangerous(ByteArrayOutputStream byteArrayOutputStream, Set<String> set) {
        boolean z = false;
        StringBuilder sb = new StringBuilder();
        for (byte b : byteArrayOutputStream.toByteArray()) {
            sb.append((char) b);
        }
        for (String str : set) {
            if (sb.toString().startsWith(str) || sb.toString().contains(str)) {
                z = true;
            }
        }
        return z;
    }

    public static long getMaxFileSizeAllowed(List<MagicNumberFileFilter> list) {
        if (list.size() == 0) {
            return -1L;
        }
        long j = -1;
        try {
            long[] jArr = new long[list.size()];
            for (int i = 0; i <= list.size() - 1; i++) {
                jArr[i] = translateFileSize(list.get(i).getMaxSize());
            }
            j = jArr[0];
            for (int i2 = 0; i2 <= jArr.length - 1; i2++) {
                if (j != jArr[i2] && jArr[i2] > j) {
                    j = jArr[i2];
                }
            }
        } catch (RuntimeException e) {
            LOG.error("Error calculating max file size");
        }
        return j;
    }

    public static GlobalFileUploadFilter newFileUploadFilter() {
        return new GlobalFileUploadFilter();
    }

    private List<MagicNumberFileFilter> getFilters() {
        if (this.filters == null) {
            this.filters = new ArrayList();
        }
        return this.filters;
    }
}
