package com.code_intelligence.jazzer.sanitizers;

import com.code_intelligence.jazzer.api.FuzzerSecurityIssueHigh;
import com.code_intelligence.jazzer.api.HookType;
import com.code_intelligence.jazzer.api.Jazzer;
import com.code_intelligence.jazzer.api.MethodHook;
import com.code_intelligence.jazzer.api.MethodHooks;
import com.code_intelligence.jazzer.bootstrap.kotlin.Metadata;
import com.code_intelligence.jazzer.bootstrap.kotlin.jvm.JvmStatic;
import com.code_intelligence.jazzer.bootstrap.kotlin.jvm.internal.Intrinsics;
import com.code_intelligence.jazzer.bootstrap.kotlin.jvm.internal.SpreadBuilder;
import com.code_intelligence.jazzer.bootstrap.kotlin.text.StringsKt;
import java.lang.invoke.MethodHandle;
import javax.xml.xpath.XPathExpressionException;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: XPathInjection.kt */
@Metadata(mv = {1, 5, 1}, k = 1, xi = 48, d1 = {"��*\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0011\n��\n\u0002\u0010\b\n\u0002\b\u0002\bÆ\u0002\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J5\u0010\u0006\u001a\u00020\u00012\u0006\u0010\u0007\u001a\u00020\b2\b\u0010\t\u001a\u0004\u0018\u00010\u00012\f\u0010\n\u001a\b\u0012\u0004\u0012\u00020\u00010\u000b2\u0006\u0010\f\u001a\u00020\rH\u0007¢\u0006\u0002\u0010\u000eR\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n��R\u000e\u0010\u0005\u001a\u00020\u0004X\u0082D¢\u0006\u0002\n��¨\u0006\u000f"}, d2 = {"Lcom/code_intelligence/jazzer/sanitizers/XPathInjection;", "", "()V", "CHARACTERS_TO_ESCAPE", "", "XPATH_SYNTAX_ERROR_EXCEPTIONS", "checkXpathExecute", "method", "Ljava/lang/invoke/MethodHandle;", "thisObject", "arguments", "", "hookId", "", "(Ljava/lang/invoke/MethodHandle;Ljava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;", "sanitizers_src_main_java_com_code_intelligence_jazzer_sanitizers-sanitizers"})
/* loaded from: input_file:jazzer.jar:com/code_intelligence/jazzer/runtime/jazzer_bootstrap.jar:com/code_intelligence/jazzer/sanitizers/XPathInjection.class */
public final class XPathInjection {

    @NotNull
    private static final String CHARACTERS_TO_ESCAPE = "'\"";

    @NotNull
    public static final XPathInjection INSTANCE = new XPathInjection();

    @NotNull
    private static final String XPATH_SYNTAX_ERROR_EXCEPTIONS = "javax.xml.transform.TransformerException";

    private XPathInjection() {
    }

    @MethodHooks({@MethodHook(type = HookType.REPLACE, targetClassName = "javax.xml.xpath.XPath", targetMethod = "compile"), @MethodHook(type = HookType.REPLACE, targetClassName = "javax.xml.xpath.XPath", targetMethod = "evaluate"), @MethodHook(type = HookType.REPLACE, targetClassName = "javax.xml.xpath.XPath", targetMethod = "evaluateExpression")})
    @JvmStatic
    @NotNull
    public static final Object checkXpathExecute(@NotNull MethodHandle methodHandle, @Nullable Object obj, @NotNull Object[] objArr, int i) {
        Throwable th;
        Intrinsics.checkNotNullParameter(methodHandle, "method");
        Intrinsics.checkNotNullParameter(objArr, "arguments");
        if ((!(objArr.length == 0)) && (objArr[0] instanceof String)) {
            Object obj2 = objArr[0];
            Intrinsics.checkNotNull(obj2, "null cannot be cast to non-null type kotlin.String");
            Jazzer.guideTowardsContainment((String) obj2, CHARACTERS_TO_ESCAPE, i);
        }
        try {
            SpreadBuilder spreadBuilder = new SpreadBuilder(2);
            spreadBuilder.add(obj);
            spreadBuilder.addSpread(objArr);
            Object invokeWithArguments = methodHandle.invokeWithArguments(spreadBuilder.toArray(new Object[spreadBuilder.size()]));
            Intrinsics.checkNotNullExpressionValue(invokeWithArguments, "try {\n            method…throw exception\n        }");
            return invokeWithArguments;
        } catch (XPathExpressionException e) {
            Throwable cause = e.getCause();
            while (true) {
                th = cause;
                if ((th != null ? th.getCause() : null) == null || Intrinsics.areEqual(th.getCause(), th)) {
                    break;
                }
                cause = th.getCause();
            }
            if (th != null && XPATH_SYNTAX_ERROR_EXCEPTIONS.equals(th.getClass().getName())) {
                Jazzer.reportFindingFromHook(new FuzzerSecurityIssueHigh(StringsKt.trimIndent("\n                    XPath Injection\n                    Injected query: " + objArr[0] + "\n                        "), e));
            }
            throw e;
        }
    }
}
