Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve http.request.path IAST source for servlet #6091

Closed
wants to merge 1 commit into from
Closed

Improve http.request.path IAST source for servlet #6091

wants to merge 1 commit into from

Conversation

smola
Copy link
Member

@smola smola commented Oct 24, 2023
edited
Loading

What Does This Do

Remove unnecessary callbacks, make sure we set the IAST source value (name is not needed).

Motivation

Additional Notes

@smola smola added tag: no release notes Changes to exclude from release notes comp: asm iast Application Security Management (IAST) labels Oct 24, 2023
@smola
Fix http.request.path source for servlet
df90ee6 
It was setting the value as name. Some callbacks were not needed.
@smola smola mentioned this pull request Oct 24, 2023
Merged
5 tasks
@pr-commenter
Copy link

pr-commenter bot commented Oct 24, 2023
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
commit 1.22.0-SNAPSHOT~61ab1df9ae 1.22.0-SNAPSHOT~df90ee6e8d
config baseline candidate
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 54 cases.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.22.0-SNAPSHOT~df90ee6e8d, baseline=1.22.0-SNAPSHOT~61ab1df9ae

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.011 s) : 0, 1011136
Total [baseline] (8.688 s) : 0, 8688341
Agent [candidate] (1.013 s) : 0, 1012827
Total [candidate] (8.71 s) : 0, 8709753
section iast
Agent [baseline] (1.138 s) : 0, 1137504
Total [baseline] (9.192 s) : 0, 9191719
Agent [candidate] (1.145 s) : 0, 1145214
Total [candidate] (9.246 s) : 0, 9246442
section iast_TELEMETRY_OFF
Agent [baseline] (1.135 s) : 0, 1135292
Total [baseline] (9.167 s) : 0, 9167027
Agent [candidate] (1.137 s) : 0, 1137238
Total [candidate] (9.199 s) : 0, 9199041
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.011 s -
Agent iast 1.138 s 126.368 ms (12.5%)
Agent iast_TELEMETRY_OFF 1.135 s 124.156 ms (12.3%)
Total tracing 8.688 s -
Total iast 9.192 s 503.378 ms (5.8%)
Total iast_TELEMETRY_OFF 9.167 s 478.685 ms (5.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.013 s -
Agent iast 1.145 s 132.387 ms (13.1%)
Agent iast_TELEMETRY_OFF 1.137 s 124.411 ms (12.3%)
Total tracing 8.71 s -
Total iast 9.246 s 536.689 ms (6.2%)
Total iast_TELEMETRY_OFF 9.199 s 489.287 ms (5.6%) 
gantt
    title insecure-bank - break down per module: candidate=1.22.0-SNAPSHOT~df90ee6e8d, baseline=1.22.0-SNAPSHOT~61ab1df9ae

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (629.811 ms) : 0, 629811
BytebuddyAgent [candidate] (631.325 ms) : 0, 631325
GlobalTracer [baseline] (291.32 ms) : 0, 291320
GlobalTracer [candidate] (291.608 ms) : 0, 291608
AppSec [baseline] (49.168 ms) : 0, 49168
AppSec [candidate] (49.017 ms) : 0, 49017
Remote Config [baseline] (658.301 µs) : 0, 658
Remote Config [candidate] (657.094 µs) : 0, 657
Telemetry [baseline] (5.954 ms) : 0, 5954
Telemetry [candidate] (5.988 ms) : 0, 5988
section iast
BytebuddyAgent [baseline] (759.861 ms) : 0, 759861
BytebuddyAgent [candidate] (766.574 ms) : 0, 766574
GlobalTracer [baseline] (271.612 ms) : 0, 271612
GlobalTracer [candidate] (272.761 ms) : 0, 272761
AppSec [baseline] (46.173 ms) : 0, 46173
AppSec [candidate] (46.457 ms) : 0, 46457
IAST [baseline] (18.22 ms) : 0, 18220
IAST [candidate] (18.099 ms) : 0, 18099
Remote Config [baseline] (567.304 µs) : 0, 567
Remote Config [candidate] (566.054 µs) : 0, 566
Telemetry [baseline] (6.807 ms) : 0, 6807
Telemetry [candidate] (6.249 ms) : 0, 6249
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (756.912 ms) : 0, 756912
BytebuddyAgent [candidate] (757.231 ms) : 0, 757231
GlobalTracer [baseline] (271.508 ms) : 0, 271508
GlobalTracer [candidate] (273.738 ms) : 0, 273738
AppSec [baseline] (46.067 ms) : 0, 46067
AppSec [candidate] (46.215 ms) : 0, 46215
IAST [baseline] (16.114 ms) : 0, 16114
IAST [candidate] (17.91 ms) : 0, 17910
Remote Config [baseline] (568.181 µs) : 0, 568
Remote Config [candidate] (590.679 µs) : 0, 591
Telemetry [baseline] (9.848 ms) : 0, 9848
Telemetry [candidate] (7.021 ms) : 0, 7021
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.22.0-SNAPSHOT~df90ee6e8d, baseline=1.22.0-SNAPSHOT~61ab1df9ae

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.012 s) : 0, 1012217
Total [baseline] (9.193 s) : 0, 9192559
Agent [candidate] (1.017 s) : 0, 1016753
Total [candidate] (9.237 s) : 0, 9237156
section appsec
Agent [baseline] (1.117 s) : 0, 1116738
Total [baseline] (9.259 s) : 0, 9258884
Agent [candidate] (1.106 s) : 0, 1105784
Total [candidate] (9.32 s) : 0, 9319762
section iast
Agent [baseline] (1.142 s) : 0, 1141779
Total [baseline] (9.383 s) : 0, 9382839
Agent [candidate] (1.141 s) : 0, 1140528
Total [candidate] (9.392 s) : 0, 9391701
section profiling
Agent [baseline] (1.193 s) : 0, 1193421
Total [baseline] (9.384 s) : 0, 9384029
Agent [candidate] (1.19 s) : 0, 1190495
Total [candidate] (9.417 s) : 0, 9416591
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.012 s -
Agent appsec 1.117 s 104.521 ms (10.3%)
Agent iast 1.142 s 129.562 ms (12.8%)
Agent profiling 1.193 s 181.203 ms (17.9%)
Total tracing 9.193 s -
Total appsec 9.259 s 66.324 ms (0.7%)
Total iast 9.383 s 190.28 ms (2.1%)
Total profiling 9.384 s 191.469 ms (2.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.017 s -
Agent appsec 1.106 s 89.031 ms (8.8%)
Agent iast 1.141 s 123.775 ms (12.2%)
Agent profiling 1.19 s 173.742 ms (17.1%)
Total tracing 9.237 s -
Total appsec 9.32 s 82.605 ms (0.9%)
Total iast 9.392 s 154.545 ms (1.7%)
Total profiling 9.417 s 179.435 ms (1.9%) 
gantt
    title petclinic - break down per module: candidate=1.22.0-SNAPSHOT~df90ee6e8d, baseline=1.22.0-SNAPSHOT~61ab1df9ae

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (630.734 ms) : 0, 630734
BytebuddyAgent [candidate] (633.055 ms) : 0, 633055
GlobalTracer [baseline] (291.893 ms) : 0, 291893
GlobalTracer [candidate] (293.517 ms) : 0, 293517
AppSec [baseline] (48.646 ms) : 0, 48646
AppSec [candidate] (49.141 ms) : 0, 49141
Remote Config [baseline] (660.158 µs) : 0, 660
Remote Config [candidate] (659.067 µs) : 0, 659
Telemetry [baseline] (6.001 ms) : 0, 6001
Telemetry [candidate] (6.017 ms) : 0, 6017
section appsec
BytebuddyAgent [baseline] (641.135 ms) : 0, 641135
BytebuddyAgent [candidate] (633.117 ms) : 0, 633117
GlobalTracer [baseline] (295.921 ms) : 0, 295921
GlobalTracer [candidate] (294.114 ms) : 0, 294114
AppSec [baseline] (138.601 ms) : 0, 138601
AppSec [candidate] (137.912 ms) : 0, 137912
Remote Config [baseline] (651.204 µs) : 0, 651
Remote Config [candidate] (639.788 µs) : 0, 640
Telemetry [baseline] (5.766 ms) : 0, 5766
Telemetry [candidate] (5.733 ms) : 0, 5733
section iast
BytebuddyAgent [baseline] (761.474 ms) : 0, 761474
BytebuddyAgent [candidate] (761.469 ms) : 0, 761469
GlobalTracer [baseline] (272.86 ms) : 0, 272860
GlobalTracer [candidate] (272.628 ms) : 0, 272628
AppSec [baseline] (46.393 ms) : 0, 46393
AppSec [candidate] (46.374 ms) : 0, 46374
IAST [baseline] (19.278 ms) : 0, 19278
IAST [candidate] (17.522 ms) : 0, 17522
Remote Config [baseline] (563.418 µs) : 0, 563
Remote Config [candidate] (578.287 µs) : 0, 578
Telemetry [baseline] (6.834 ms) : 0, 6834
Telemetry [candidate] (7.578 ms) : 0, 7578
section profiling
BytebuddyAgent [baseline] (646.798 ms) : 0, 646798
BytebuddyAgent [candidate] (644.752 ms) : 0, 644752
GlobalTracer [baseline] (356.102 ms) : 0, 356102
GlobalTracer [candidate] (355.528 ms) : 0, 355528
AppSec [baseline] (48.936 ms) : 0, 48936
AppSec [candidate] (49.399 ms) : 0, 49399
Remote Config [baseline] (657.673 µs) : 0, 658
Remote Config [candidate] (660.85 µs) : 0, 661
Telemetry [baseline] (6.135 ms) : 0, 6135
Telemetry [candidate] (6.051 ms) : 0, 6051
ProfilingAgent [baseline] (81.211 ms) : 0, 81211
ProfilingAgent [candidate] (80.687 ms) : 0, 80687
Profiling [baseline] (81.236 ms) : 0, 81236
Profiling [candidate] (80.711 ms) : 0, 80711
Loading

Load

Parameters

Baseline Candidate
commit 1.22.0-SNAPSHOT~61ab1df9ae 1.22.0-SNAPSHOT~df90ee6e8d
config baseline candidate
end_time 2023-10-24T13:01:02 2023-10-24T13:17:15
start_time 2023-10-24T13:00:49 2023-10-24T13:17:02
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 22 cases.

Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.22.0-SNAPSHOT~df90ee6e8d, baseline=1.22.0-SNAPSHOT~61ab1df9ae
    dateFormat X
    axisFormat %s
section baseline
no_agent (364.621 µs) : 343, 387
.   : milestone, 365,
iast (456.857 µs) : 436, 478
.   : milestone, 457,
iast_FULL (512.141 µs) : 492, 533
.   : milestone, 512,
iast_INACTIVE (424.276 µs) : 403, 445
.   : milestone, 424,
iast_TELEMETRY_OFF (449.335 µs) : 429, 470
.   : milestone, 449,
tracing (424.969 µs) : 404, 446
.   : milestone, 425,
section candidate
no_agent (359.66 µs) : 339, 381
.   : milestone, 360,
iast (454.171 µs) : 433, 475
.   : milestone, 454,
iast_FULL (506.903 µs) : 486, 528
.   : milestone, 507,
iast_INACTIVE (421.562 µs) : 401, 442
.   : milestone, 422,
iast_TELEMETRY_OFF (460.035 µs) : 439, 481
.   : milestone, 460,
tracing (426.816 µs) : 406, 448
.   : milestone, 427,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 364.621 µs [342.571 µs, 386.672 µs] -
iast 456.857 µs [436.038 µs, 477.677 µs] 92.236 µs (25.3%)
iast_FULL 512.141 µs [491.614 µs, 532.667 µs] 147.519 µs (40.5%)
iast_INACTIVE 424.276 µs [403.477 µs, 445.075 µs] 59.655 µs (16.4%)
iast_TELEMETRY_OFF 449.335 µs [428.762 µs, 469.908 µs] 84.714 µs (23.2%)
tracing 424.969 µs [403.527 µs, 446.411 µs] 60.348 µs (16.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 359.66 µs [338.819 µs, 380.501 µs] -
iast 454.171 µs [433.365 µs, 474.978 µs] 94.512 µs (26.3%)
iast_FULL 506.903 µs [486.266 µs, 527.539 µs] 147.243 µs (40.9%)
iast_INACTIVE 421.562 µs [400.738 µs, 442.387 µs] 61.902 µs (17.2%)
iast_TELEMETRY_OFF 460.035 µs [438.956 µs, 481.115 µs] 100.375 µs (27.9%)
tracing 426.816 µs [405.57 µs, 448.062 µs] 67.156 µs (18.7%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.22.0-SNAPSHOT~df90ee6e8d, baseline=1.22.0-SNAPSHOT~61ab1df9ae
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.336 ms) : 1317, 1355
.   : milestone, 1336,
appsec (1.661 ms) : 1637, 1685
.   : milestone, 1661,
iast (1.462 ms) : 1437, 1486
.   : milestone, 1462,
profiling (1.488 ms) : 1462, 1513
.   : milestone, 1488,
tracing (1.427 ms) : 1403, 1451
.   : milestone, 1427,
section candidate
no_agent (1.324 ms) : 1305, 1343
.   : milestone, 1324,
appsec (1.693 ms) : 1669, 1717
.   : milestone, 1693,
iast (1.461 ms) : 1438, 1485
.   : milestone, 1461,
profiling (1.454 ms) : 1428, 1479
.   : milestone, 1454,
tracing (1.422 ms) : 1397, 1447
.   : milestone, 1422,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.336 ms [1.317 ms, 1.355 ms] -
appsec 1.661 ms [1.637 ms, 1.685 ms] 325.05 µs (24.3%)
iast 1.462 ms [1.437 ms, 1.486 ms] 125.58 µs (9.4%)
profiling 1.488 ms [1.462 ms, 1.513 ms] 151.651 µs (11.4%)
tracing 1.427 ms [1.403 ms, 1.451 ms] 91.201 µs (6.8%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.324 ms [1.305 ms, 1.343 ms] -
appsec 1.693 ms [1.669 ms, 1.717 ms] 369.036 µs (27.9%)
iast 1.461 ms [1.438 ms, 1.485 ms] 137.693 µs (10.4%)
profiling 1.454 ms [1.428 ms, 1.479 ms] 129.946 µs (9.8%)
tracing 1.422 ms [1.397 ms, 1.447 ms] 98.319 µs (7.4%)

@smola smola marked this pull request as ready for review October 24, 2023 13:27
@smola smola requested review from a team as code owners October 24, 2023 13:27
@smola smola changed the title Fix http.request.path source for servlet Fix http.request.path IAST source for servlet Oct 24, 2023
@smola smola changed the title Fix http.request.path IAST source for servlet Improve http.request.path IAST source for servlet Oct 24, 2023
manuel-alvarez-alvarez
manuel-alvarez-alvarez approved these changes Oct 24, 2023
View reviewed changes
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will be obsolete after #6033

@smola
Copy link
Member Author

smola commented Oct 24, 2023
edited
Loading

@manuel-alvarez-alvarez I think I can skip this one. I initially thought the system-test did not pass because of this, but it actually does: DataDog/system-tests#1730

@smola smola closed this Nov 2, 2023
@smola smola deleted the smola/fix-iast-path-source branch November 2, 2023 08:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DDJavierSantos DDJavierSantos DDJavierSantos approved these changes

@manuel-alvarez-alvarez manuel-alvarez-alvarez manuel-alvarez-alvarez approved these changes

@jandro996 jandro996 Awaiting requested review from jandro996 jandro996 is a code owner automatically assigned from DataDog/asm-java

@mcculls mcculls Awaiting requested review from mcculls mcculls was automatically assigned from DataDog/apm-java

@nayeem-kamal nayeem-kamal Awaiting requested review from nayeem-kamal nayeem-kamal was automatically assigned from DataDog/apm-java

Assignees
No one assigned
Labels
comp: asm iast Application Security Management (IAST) tag: no release notes Changes to exclude from release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@smola @manuel-alvarez-alvarez @DDJavierSantos