package coldfusion.wddx;

import coldfusion.log.CFLogs;
import coldfusion.runtime.StructTypes;
import coldfusion.server.CFService;
import coldfusion.wddx.DeserializerWorker;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.util.ArrayList;
import java.util.List;
import java.util.function.Function;

/* loaded from: input_file:Disk1/InstData/Resource1.zip:$IA_PROJECT_DIR$/hotfix/dist_zg_ia_sf.jar:updates/chf20210018.jar:coldfusion/wddx/WddxFilter.class */
public class WddxFilter {
    private static final String defaultWhitelistedClasses = "java.util.Locale;java.util.Collections$EmptySet;java.util.HashMap;coldfusion.server.ConfigMap;coldfusion.util.FastHashtable;coldfusion.saml.SpConfiguration;coldfusion.saml.IdpConfiguration;coldfusion.runtime.CaseSensitiveStruct;coldfusion.scheduling.mod.ScheduleTagData;coldfusion.runtime.ArgumentCollection;coldfusion.util.CaseInsensitiveMap;coldfusion.runtime.AttributeCollection;coldfusion.sql.QueryTable;coldfusion.archivedeploy.Archive;coldfusion.scheduling.ScheduleTagData;coldfusion.osgi.to.ScheduleTagTO;";
    public static final String CF_SERIAL_FILTER_FILE = "cfserialfilter.txt";
    public static final String INVALID_PACKAGE_EXCEPTION = "Due to security reasons, %s is blocked for deserialization. Add the class/package in the file cfusion/lib/cfserialfilter.txt to override the behavior and allow deserialization";
    public static final String LIB_DIRECTORY_EXCEPTION = "Exception while searching for 'lib' directory using CFService.getLibDir(). Trying using JVM argument 'coldfusion.libPath'...";
    private static final int ASCIIOFDOT = 46;
    private static final int ASCIIOFEQUAL = 61;
    private static long maxStreamBytes;
    private static long maxDepth;
    private static long maxReferences;
    private static long maxArrayLength;
    private static String pattern = "";
    private static List<Function<String, Status>> filters = new ArrayList();
    private static String SERIAL_FILTER_INPUTS = "";
    private static boolean checkComponentType = true;

    /* loaded from: input_file:Disk1/InstData/Resource1.zip:$IA_PROJECT_DIR$/hotfix/dist_zg_ia_sf.jar:updates/chf20210018.jar:coldfusion/wddx/WddxFilter$Status.class */
    public enum Status {
        UNDECIDED,
        ALLOWED,
        REJECTED
    }

    public static boolean invoke(String str, boolean z) {
        if (SERIAL_FILTER_INPUTS.equals("")) {
            SERIAL_FILTER_INPUTS = loadWddxSerializationFilter() + defaultWhitelistedClasses;
        }
        if (filters.isEmpty() && !SERIAL_FILTER_INPUTS.equals("")) {
            createFilter(SERIAL_FILTER_INPUTS, true);
        }
        Status checkInput = checkInput(str);
        if (!checkInput.equals(Status.ALLOWED) && z) {
            CFLogs.WDDX_LOG.info(String.format(INVALID_PACKAGE_EXCEPTION, str));
        }
        return checkInput.equals(Status.ALLOWED);
    }

    private static boolean createFilter(String str, boolean z) {
        pattern = str;
        checkComponentType = z;
        maxArrayLength = Long.MAX_VALUE;
        maxDepth = Long.MAX_VALUE;
        maxReferences = Long.MAX_VALUE;
        maxStreamBytes = Long.MAX_VALUE;
        String[] split = str.split(";");
        filters = new ArrayList(split.length);
        for (String str2 : split) {
            int length = str2.length();
            if (length != 0 && !parseLimit(str2)) {
                boolean z2 = str2.charAt(0) == '!';
                if (str2.indexOf(47) >= 0) {
                    throw new IllegalArgumentException("invalid character \"/\" in: \"" + str + "\"");
                }
                if (!str2.endsWith("*")) {
                    String substring = str2.substring(z2 ? 1 : 0);
                    if (substring.isEmpty()) {
                        throw new IllegalArgumentException("class or package missing in: \"" + str + "\"");
                    }
                    if (z2) {
                        filters.add(str3 -> {
                            return str3.equals(substring) ? Status.REJECTED : Status.UNDECIDED;
                        });
                    } else {
                        filters.add(str4 -> {
                            return str4.equals(substring) ? Status.ALLOWED : Status.UNDECIDED;
                        });
                    }
                } else if (str2.endsWith(".*")) {
                    String substring2 = str2.substring(z2 ? 1 : 0, length - 1);
                    if (substring2.length() < 2) {
                        throw new IllegalArgumentException("package missing in: \"" + str + "\"");
                    }
                    if (z2) {
                        filters.add(str5 -> {
                            return matchesPackage(str, substring2) ? Status.REJECTED : Status.UNDECIDED;
                        });
                    } else {
                        filters.add(str6 -> {
                            return matchesPackage(str, substring2) ? Status.ALLOWED : Status.UNDECIDED;
                        });
                    }
                } else if (str2.endsWith(".**")) {
                    String substring3 = str2.substring(z2 ? 1 : 0, length - 2);
                    if (substring3.length() < 2) {
                        throw new IllegalArgumentException("package missing in: \"" + str + "\"");
                    }
                    if (z2) {
                        filters.add(str7 -> {
                            return str7.startsWith(substring3) ? Status.REJECTED : Status.UNDECIDED;
                        });
                    } else {
                        filters.add(str8 -> {
                            return str8.startsWith(substring3) ? Status.ALLOWED : Status.UNDECIDED;
                        });
                    }
                } else {
                    String substring4 = str2.substring(z2 ? 1 : 0, length - 1);
                    if (z2) {
                        filters.add(str9 -> {
                            return str9.startsWith(substring4) ? Status.REJECTED : Status.UNDECIDED;
                        });
                    } else {
                        filters.add(str10 -> {
                            return str10.startsWith(substring4) ? Status.ALLOWED : Status.UNDECIDED;
                        });
                    }
                }
            }
        }
        return true;
    }

    private static boolean matchesPackage(String str, String str2) {
        return str != null && str2 != null && str.startsWith(str2) && str.lastIndexOf(46) == str2.length() - 1;
    }

    public String toString() {
        return pattern;
    }

    private static boolean parseLimit(String str) {
        int indexOf = str.indexOf(61);
        if (indexOf < 0) {
            return false;
        }
        String substring = str.substring(indexOf + 1);
        if (str.startsWith("maxdepth=")) {
            maxDepth = parseValue(substring);
            return true;
        }
        if (str.startsWith("maxarray=")) {
            maxArrayLength = parseValue(substring);
            return true;
        }
        if (str.startsWith("maxrefs=")) {
            maxReferences = parseValue(substring);
            return true;
        }
        if (!str.startsWith("maxbytes=")) {
            throw new IllegalArgumentException("unknown limit: " + str.substring(0, indexOf));
        }
        maxStreamBytes = parseValue(substring);
        return true;
    }

    private static long parseValue(String str) throws IllegalArgumentException {
        long parseLong = Long.parseLong(str);
        if (parseLong < 0) {
            throw new IllegalArgumentException("negative limit: " + str);
        }
        return parseLong;
    }

    public static Status checkInput(String str) {
        return (Status) filters.stream().map(function -> {
            return (Status) function.apply(str);
        }).filter(status -> {
            return status != Status.UNDECIDED;
        }).findFirst().orElse(Status.UNDECIDED);
    }

    private static String loadWddxSerializationFilter() {
        String str;
        try {
            str = CFService.getLibPath() + File.separator + CF_SERIAL_FILTER_FILE;
        } catch (Throwable th) {
            CFLogs.SERVER_LOG.error(LIB_DIRECTORY_EXCEPTION);
            str = System.getProperty("coldfusion.libPath") + File.separator + CF_SERIAL_FILTER_FILE;
        }
        File file = new File(str);
        if (file.exists() && !file.isDirectory()) {
            try {
                SERIAL_FILTER_INPUTS = new String(Files.readAllBytes(file.toPath())).trim();
                if (!SERIAL_FILTER_INPUTS.endsWith(";")) {
                    SERIAL_FILTER_INPUTS += ";";
                }
            } catch (IOException e) {
                CFLogs.SERVER_LOG.error((Throwable) e);
                CFLogs.WDDX_LOG.error((Throwable) e);
            }
        }
        return SERIAL_FILTER_INPUTS;
    }

    public static boolean validateAllowedClass(String str, boolean z) throws DeserializerWorker.InvalidWddxPacketException {
        return str == null || str.equalsIgnoreCase(StructTypes.ORDERED.getValue()) || str.equalsIgnoreCase(StructTypes.CASESENSITIVE.getValue()) || str.equalsIgnoreCase(StructTypes.ORDEREDCASESENSITIVE.getValue()) || invoke(str, z);
    }
}
