package com.code_intelligence.jazzer.sanitizers;

import com.code_intelligence.jazzer.api.FuzzerSecurityIssueMedium;
import com.code_intelligence.jazzer.api.HookType;
import com.code_intelligence.jazzer.api.Jazzer;
import com.code_intelligence.jazzer.api.MethodHook;
import java.lang.invoke.MethodHandle;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.BiPredicate;

/* loaded from: input_file:com/code_intelligence/jazzer/runtime/jazzer_bootstrap.jar:com/code_intelligence/jazzer/sanitizers/ServerSideRequestForgery.class */
public class ServerSideRequestForgery {
    public static final AtomicReference<BiPredicate<String, Integer>> connectionPermitted = new AtomicReference<>((str, num) -> {
        return false;
    });

    @MethodHook(type = HookType.BEFORE, targetClassName = "java.net.SocketImpl", targetMethod = "connect", additionalClassesToHook = {"java.net.Socket", "java.net.SocksSocketImpl"})
    public static void checkSsrfSocket(MethodHandle methodHandle, Object obj, Object[] objArr, int i) {
        checkSsrf(objArr);
    }

    @MethodHook(type = HookType.BEFORE, targetClassName = "java.nio.channels.SocketChannel", targetMethod = "connect", additionalClassesToHook = {"sun.nio.ch.SocketAdaptor", "jdk.internal.net.http.PlainHttpConnection"})
    public static void checkSsrfHttpConnection(MethodHandle methodHandle, Object obj, Object[] objArr, int i) {
        checkSsrf(objArr);
    }

    private static void checkSsrf(Object[] objArr) {
        String str;
        int intValue;
        if (objArr.length == 0) {
            return;
        }
        if (objArr[0] instanceof InetSocketAddress) {
            InetSocketAddress inetSocketAddress = (InetSocketAddress) objArr[0];
            str = inetSocketAddress.getHostName();
            intValue = inetSocketAddress.getPort();
        } else {
            if (objArr.length < 2 || !(objArr[1] instanceof Integer)) {
                return;
            }
            if (objArr[0] instanceof InetAddress) {
                str = ((InetAddress) objArr[0]).getHostName();
            } else if (!(objArr[0] instanceof String)) {
                return;
            } else {
                str = (String) objArr[0];
            }
            intValue = ((Integer) objArr[1]).intValue();
        }
        if (intValue < 0 || intValue > 65535 || connectionPermitted.get().test(str, Integer.valueOf(intValue))) {
            return;
        }
        Jazzer.reportFindingFromHook(new FuzzerSecurityIssueMedium(String.format("Server Side Request Forgery (SSRF)\nAttempted connection to: %s:%d\nRequests to destinations based on untrusted data could lead to exfiltration of sensitive data or exposure of internal services.\n\nIf the fuzz test is expected to perform network connections, call com.code_intelligence.jazzer.api.BugDetectors#allowNetworkConnections at the beginning of your fuzz test and optionally provide a predicate matching the expected hosts.", str, Integer.valueOf(intValue))));
    }
}
