diff --git a/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/propagation/PropagationModuleImpl.java b/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/propagation/PropagationModuleImpl.java index ea0abe982b3..74695d9fe77 100644 --- a/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/propagation/PropagationModuleImpl.java +++ b/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/propagation/PropagationModuleImpl.java @@ -74,7 +74,11 @@ public void taint( if (!canBeTainted(target)) { return; } - internalTaint(ctx, target, new Source(origin, name, sourceValue(target, value)), NOT_MARKED); + internalTaint( + ctx, + target, + new Source(origin, newReference(target, name), newReference(target, value)), + NOT_MARKED); } @Override @@ -175,7 +179,11 @@ public void taintIfTainted( return; } if (isTainted(ctx, input)) { - internalTaint(ctx, target, new Source(origin, name, sourceValue(target, value)), NOT_MARKED); + internalTaint( + ctx, + target, + new Source(origin, newReference(target, name), newReference(target, value)), + NOT_MARKED); } } @@ -289,9 +297,9 @@ public boolean isTainted(@Nullable final IastContext ctx, @Nullable final Object * @see #sourceValue(Object) */ @Nullable - private static CharSequence sourceValue( - @Nullable final Object origin, @Nullable final CharSequence value) { - if (value != null && origin == value) { + private static CharSequence newReference( + @Nullable final Object reference, @Nullable final CharSequence value) { + if (value != null && value == reference) { return sourceValue(value); } return value; diff --git a/dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/propagation/PropagationModuleTest.groovy b/dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/propagation/PropagationModuleTest.groovy index b0dceae6377..e573d5dfb2c 100644 --- a/dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/propagation/PropagationModuleTest.groovy +++ b/dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/propagation/PropagationModuleTest.groovy @@ -434,6 +434,19 @@ class PropagationModuleTest extends IastModuleImplTestBase { stringBuilder((0..Config.get().getIastTruncationMaxValueLength() * 2).join('')) | _ } + void 'test that source names should not make a strong reference over the value'() { + given: + final name = 'name' + + when: + module.taint(name, SourceTypes.REQUEST_PARAMETER_NAME, name) + + then: + final tainted = ctx.getTaintedObjects().get(name) + final taintedName = tainted.ranges[0].source.name + assert !taintedName.is(name) : 'Weak value should not be retained by the source name' + } + private List> taintIfSuite() { return [ Tuple.tuple(string('string'), string('string')), @@ -531,7 +544,8 @@ class PropagationModuleTest extends IastModuleImplTestBase { assert (range.marks & mark) > 0 } final source = range.source - assert !source.value.is(originalValue): 'Weak value should not be retained by the source' + assert !source.name.is(originalValue): 'Weak value should not be retained by the source name' + assert !source.value.is(originalValue): 'Weak value should not be retained by the source value' final expectedSource = expected.source assert source.origin == expectedSource.origin