package org.evosuite.runtime.sandbox;

import java.awt.AWTPermission;
import java.io.File;
import java.io.FilePermission;
import java.io.SerializablePermission;
import java.lang.management.ManagementPermission;
import java.lang.reflect.Method;
import java.lang.reflect.ReflectPermission;
import java.net.InetAddress;
import java.net.NetPermission;
import java.net.SocketPermission;
import java.net.UnknownHostException;
import java.security.AccessControlContext;
import java.security.AllPermission;
import java.security.Permission;
import java.security.SecurityPermission;
import java.security.UnresolvedPermission;
import java.sql.SQLPermission;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.PropertyPermission;
import java.util.Set;
import java.util.concurrent.CopyOnWriteArraySet;
import java.util.logging.FileHandler;
import java.util.logging.LoggingPermission;
import javax.management.MBeanPermission;
import javax.management.MBeanServerPermission;
import javax.management.MBeanTrustPermission;
import javax.management.remote.SubjectDelegationPermission;
import javax.net.ssl.SSLPermission;
import javax.security.auth.AuthPermission;
import javax.security.auth.PrivateCredentialPermission;
import javax.security.auth.kerberos.DelegationPermission;
import javax.security.auth.kerberos.ServicePermission;
import javax.sound.sampled.AudioPermission;
import javax.xml.ws.WebServicePermission;
import org.evosuite.PackageInfo;
import org.evosuite.runtime.RuntimeSettings;
import org.evosuite.runtime.System;
import org.evosuite.runtime.sandbox.Sandbox;
import org.evosuite.runtime.vfs.VirtualFileSystem;
import org.evosuite.shaded.org.springframework.jdbc.datasource.init.ScriptUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/evosuite/runtime/sandbox/MSecurityManager.class */
public class MSecurityManager extends SecurityManager {
    private static Logger logger = LoggerFactory.getLogger((Class<?>) MSecurityManager.class);
    private static final String USER_DIR = System.getProperty("user.home");
    private static final String JAVA_VERSION = System.getProperty("java.version");
    private static final String AWT_HEADLESS = System.getProperty("java.awt.headless");
    private static final String LOCALHOST_NAME;
    private static final File tmpFile;
    public static final String FILE_HANDLER_NAME_PATTERN = ".tmp_file_needed_by_mock_of_FileHandler";
    private final Set<File> filesToDelete;
    private final SecurityManager defaultManager;
    private volatile boolean executingTestCase;
    private volatile Thread privilegedThreadToIgnore;
    private static Set<String> masterNodeRemoteMethodNames;
    private static boolean runningClientOnThread;
    private final Set<Permission> unrecognizedPermissions;
    private final PermissionStatistics statistics = PermissionStatistics.getInstance();
    private volatile Set<Thread> privilegedThreads = new CopyOnWriteArraySet();

    public MSecurityManager() {
        this.privilegedThreads.add(Thread.currentThread());
        this.defaultManager = System.getSecurityManager();
        this.executingTestCase = false;
        this.privilegedThreadToIgnore = null;
        this.unrecognizedPermissions = new CopyOnWriteArraySet();
        this.filesToDelete = new CopyOnWriteArraySet();
    }

    public static void setupMasterNodeRemoteHandling(Class<?> cls) {
        Method[] methods = cls.getMethods();
        HashSet hashSet = new HashSet();
        for (Method method : methods) {
            hashSet.add(method.getName());
        }
        masterNodeRemoteMethodNames = Collections.unmodifiableSet(hashSet);
    }

    public Set<Thread> getPrivilegedThreads() {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedHashSet.addAll(this.privilegedThreads);
        return linkedHashSet;
    }

    public static void setRunningClientOnThread(boolean z) {
        runningClientOnThread = z;
    }

    public static File getRealTmpFile() {
        return tmpFile;
    }

    public void goingToExecuteUnsafeCodeOnSameThread() throws SecurityException, IllegalStateException {
        if (!this.privilegedThreads.contains(Thread.currentThread())) {
            throw new SecurityException("Current thread is not privileged");
        }
        if (this.privilegedThreadToIgnore != null) {
            throw new IllegalStateException("The thread is already executing unsafe code");
        }
        this.privilegedThreadToIgnore = Thread.currentThread();
    }

    public boolean isSafeToExecuteSUTCode() {
        Thread currentThread = Thread.currentThread();
        return !this.privilegedThreads.contains(currentThread) || this.privilegedThreadToIgnore == currentThread;
    }

    public void doneWithExecutingUnsafeCodeOnSameThread() throws SecurityException, IllegalStateException {
        if (!this.privilegedThreads.contains(Thread.currentThread())) {
            throw new SecurityException("Only a privileged thread can return from unsafe code execution");
        }
        if (this.privilegedThreadToIgnore == null) {
            throw new IllegalStateException("The thread was not executing unsafe code");
        }
        this.privilegedThreadToIgnore = null;
    }

    public void makePrivilegedAllCurrentThreads() {
        ThreadGroup threadGroup;
        ThreadGroup threadGroup2 = Thread.currentThread().getThreadGroup();
        while (true) {
            threadGroup = threadGroup2;
            if (threadGroup.getParent() == null) {
                break;
            } else {
                threadGroup2 = threadGroup.getParent();
            }
        }
        Thread[] threadArr = new Thread[threadGroup.activeCount() + 10];
        threadGroup.enumerate(threadArr);
        for (Thread thread : threadArr) {
            if (thread != null) {
                addPrivilegedThread(thread);
            }
        }
    }

    public void apply() throws IllegalStateException {
        try {
            System.setSecurityManager(this);
        } catch (SecurityException e) {
            logger.error("Cannot instantiate mock security manager", (Throwable) e);
            throw new IllegalStateException(e);
        }
    }

    public void restoreDefaultManager() throws SecurityException {
        System.setSecurityManager(this.defaultManager);
    }

    public void goingToExecuteTestCase() throws IllegalStateException {
        if (this.executingTestCase) {
            throw new IllegalStateException("Trying to set up the sandbox while executing a test case");
        }
        this.executingTestCase = true;
    }

    public boolean isExecutingTestCase() {
        return this.executingTestCase;
    }

    public void goingToEndTestCase() throws IllegalStateException {
        if (!this.executingTestCase) {
            throw new IllegalStateException("Trying to disable sandbox when not test case was run");
        }
        System.restoreProperties();
        Iterator<File> it = this.filesToDelete.iterator();
        while (it.hasNext()) {
            it.next().deleteOnExit();
        }
        this.executingTestCase = false;
    }

    public synchronized void addPrivilegedThread(Thread thread) throws SecurityException {
        if (this.privilegedThreads.contains(Thread.currentThread())) {
            logger.debug("Adding privileged thread: \"" + thread.getName() + "\"");
            this.privilegedThreads.add(thread);
            return;
        }
        String str = ("Unprivileged thread \"" + Thread.currentThread().getName() + "\" cannot add a privileged thread: failed to add \"" + thread.getName() + "\"") + "\nCurrent privileged threads are: ";
        Iterator<Thread> it = this.privilegedThreads.iterator();
        while (it.hasNext()) {
            str = str + "\n\"" + it.next().getName() + "\"";
        }
        throw new SecurityException(str);
    }

    @Override // java.lang.SecurityManager
    public void checkPermission(Permission permission, Object obj) throws SecurityException, NullPointerException {
        if (!(obj instanceof AccessControlContext)) {
            throw new SecurityException();
        }
        checkPermission(permission);
    }

    @Override // java.lang.SecurityManager
    public void checkPermission(Permission permission) throws SecurityException {
        if (allowPermission(permission)) {
            if (this.executingTestCase) {
                this.statistics.permissionAllowed(permission);
                return;
            }
            return;
        }
        String str = ScriptUtils.FALLBACK_STATEMENT_SEPARATOR;
        for (StackTraceElement stackTraceElement : Thread.currentThread().getStackTrace()) {
            if (stackTraceElement.toString().contains(PackageInfo.getEvoSuitePackage() + ".regression.ObjectFields")) {
                this.statistics.permissionAllowed(permission);
                return;
            }
            str = str + stackTraceElement + ScriptUtils.FALLBACK_STATEMENT_SEPARATOR;
        }
        if (this.executingTestCase) {
            this.statistics.permissionDenied(permission);
        }
        logger.debug("Security manager blocks permission " + permission + str);
        throw new SecurityException("Security manager blocks " + permission + str);
    }

    private boolean isAWTThread() {
        for (StackTraceElement stackTraceElement : Thread.currentThread().getStackTrace()) {
            if (stackTraceElement.getClassName().startsWith("java.awt") || stackTraceElement.getClassName().startsWith("javax.swing") || stackTraceElement.getClassName().startsWith("java.util.logging.LogManager")) {
                return true;
            }
        }
        return false;
    }

    private boolean allowPermission(Permission permission) {
        if (RuntimeSettings.sandboxMode.equals(Sandbox.SandboxMode.OFF)) {
            return true;
        }
        if (((permission instanceof RuntimePermission) && "getStackTrace".equals(permission.getName().trim())) || checkIfEvoSuiteRMI(permission) || checkIfRMIDuringTests(permission)) {
            return true;
        }
        if (this.privilegedThreads.contains(Thread.currentThread()) && (this.privilegedThreadToIgnore == null || !Thread.currentThread().equals(this.privilegedThreadToIgnore))) {
            if (this.defaultManager == null) {
                return true;
            }
            try {
                this.defaultManager.checkPermission(permission);
                return true;
            } catch (SecurityException e) {
                return false;
            }
        }
        if (RuntimeSettings.sandboxMode.equals(Sandbox.SandboxMode.IO)) {
            if (permission instanceof FilePermission) {
                return checkFilePermission((FilePermission) permission);
            }
            return true;
        }
        if (permission instanceof FilePermission) {
            return checkFilePermission((FilePermission) permission);
        }
        if (permission instanceof AllPermission) {
            return checkAllPermission((AllPermission) permission);
        }
        if (permission instanceof SecurityPermission) {
            return checkSecurityPermission((SecurityPermission) permission);
        }
        if (permission instanceof LoggingPermission) {
            return checkLoggingPermission((LoggingPermission) permission);
        }
        if (permission instanceof ReflectPermission) {
            return checkReflectPermission((ReflectPermission) permission);
        }
        if (permission instanceof PropertyPermission) {
            return checkPropertyPermission((PropertyPermission) permission);
        }
        if (permission instanceof RuntimePermission) {
            return checkRuntimePermission((RuntimePermission) permission);
        }
        if (permission instanceof AWTPermission) {
            return checkAWTPermission((AWTPermission) permission);
        }
        if (permission instanceof UnresolvedPermission) {
            return checkUnresolvedPermission((UnresolvedPermission) permission);
        }
        if (permission instanceof SerializablePermission) {
            return checkSerializablePermission((SerializablePermission) permission);
        }
        if (permission instanceof AudioPermission) {
            return checkAudioPermission((AudioPermission) permission);
        }
        if (permission instanceof DelegationPermission) {
            return checkDelegationPermission((DelegationPermission) permission);
        }
        if (permission instanceof ServicePermission) {
            return checkServicePermission((ServicePermission) permission);
        }
        if (permission instanceof SQLPermission) {
            return checkSQLPermission((SQLPermission) permission);
        }
        if (permission instanceof SSLPermission) {
            return checkSSLPermission((SSLPermission) permission);
        }
        if (permission instanceof PrivateCredentialPermission) {
            return checkPrivateCredentialPermission((PrivateCredentialPermission) permission);
        }
        if (permission instanceof WebServicePermission) {
            return checkWebServicePermission((WebServicePermission) permission);
        }
        if (permission instanceof SubjectDelegationPermission) {
            return checkSubjectDelegationPermission((SubjectDelegationPermission) permission);
        }
        if (permission instanceof ManagementPermission) {
            return checkManagementPermission((ManagementPermission) permission);
        }
        if (permission instanceof MBeanPermission) {
            return checkMBeanPermission((MBeanPermission) permission);
        }
        if (permission instanceof MBeanServerPermission) {
            return checkMBeanServerPermission((MBeanServerPermission) permission);
        }
        if (permission instanceof MBeanTrustPermission) {
            return checkMBeanTrustPermission((MBeanTrustPermission) permission);
        }
        if (permission instanceof NetPermission) {
            return checkNetPermission((NetPermission) permission);
        }
        if (permission instanceof AuthPermission) {
            return checkAuthPermission((AuthPermission) permission);
        }
        if (permission instanceof SocketPermission) {
            return checkSocketPermission((SocketPermission) permission);
        }
        String canonicalName = permission.getClass().getCanonicalName();
        if (!canonicalName.startsWith("java")) {
            logger.debug("Allowing permission defined by the SUT: " + canonicalName);
            return true;
        }
        if (this.unrecognizedPermissions.contains(permission)) {
            return false;
        }
        this.unrecognizedPermissions.add(permission);
        logger.debug("Unrecognized permission type: " + canonicalName);
        return false;
    }

    private boolean checkIfEvoSuiteRMI(Permission permission) {
        if (!Thread.currentThread().getName().startsWith("RMI ") && !Thread.currentThread().getName().equals("Statistics sender in client process")) {
            return false;
        }
        boolean z = false;
        StackTraceElement[] stackTrace = Thread.currentThread().getStackTrace();
        int length = stackTrace.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            if (stackTrace[i].toString().startsWith("sun.rmi.")) {
                z = true;
                break;
            }
            i++;
        }
        if (!z) {
            return false;
        }
        boolean z2 = false;
        StackTraceElement[] stackTrace2 = Thread.currentThread().getStackTrace();
        int length2 = stackTrace2.length;
        int i2 = 0;
        loop1: while (true) {
            if (i2 >= length2) {
                break;
            }
            StackTraceElement stackTraceElement = stackTrace2[i2];
            Iterator<String> it = masterNodeRemoteMethodNames.iterator();
            while (it.hasNext()) {
                if (stackTraceElement.toString().contains(it.next())) {
                    z2 = true;
                    break loop1;
                }
            }
            i2++;
        }
        if (!z2) {
            return false;
        }
        if (!(permission instanceof FilePermission) || permission.getActions().equals("read")) {
            return true;
        }
        logger.error("EvoSuite RMI is trying to interact with files: " + permission);
        return false;
    }

    public boolean checkIfRMIDuringTests(Permission permission) {
        return runningClientOnThread && Thread.currentThread().getName().startsWith("RMI TCP");
    }

    protected boolean checkSocketPermission(SocketPermission socketPermission) {
        String actions = socketPermission.getActions();
        String name = socketPermission.getName();
        return (actions.contains("resolve") && name.equals(LOCALHOST_NAME)) || name.contains(InetAddress.getLoopbackAddress().toString());
    }

    protected boolean checkAuthPermission(AuthPermission authPermission) {
        return false;
    }

    protected boolean checkNetPermission(NetPermission netPermission) {
        return true;
    }

    protected boolean checkMBeanPermission(MBeanPermission mBeanPermission) {
        return true;
    }

    protected boolean checkMBeanServerPermission(MBeanServerPermission mBeanServerPermission) {
        return true;
    }

    protected boolean checkMBeanTrustPermission(MBeanTrustPermission mBeanTrustPermission) {
        return true;
    }

    protected boolean checkManagementPermission(ManagementPermission managementPermission) {
        return managementPermission.getName().equals("monitor");
    }

    protected boolean checkSubjectDelegationPermission(SubjectDelegationPermission subjectDelegationPermission) {
        return true;
    }

    protected boolean checkWebServicePermission(WebServicePermission webServicePermission) {
        return false;
    }

    protected boolean checkPrivateCredentialPermission(PrivateCredentialPermission privateCredentialPermission) {
        return true;
    }

    protected boolean checkSSLPermission(SSLPermission sSLPermission) {
        return sSLPermission.getName().equals("getSSLSessionContext");
    }

    protected boolean checkSQLPermission(SQLPermission sQLPermission) {
        return false;
    }

    protected boolean checkServicePermission(ServicePermission servicePermission) {
        return true;
    }

    protected boolean checkDelegationPermission(DelegationPermission delegationPermission) {
        return false;
    }

    protected boolean checkAudioPermission(AudioPermission audioPermission) {
        return true;
    }

    protected boolean checkSerializablePermission(SerializablePermission serializablePermission) {
        return true;
    }

    protected boolean checkUnresolvedPermission(UnresolvedPermission unresolvedPermission) {
        return false;
    }

    protected boolean checkAllPermission(AllPermission allPermission) {
        return false;
    }

    protected boolean checkSecurityPermission(SecurityPermission securityPermission) {
        String name = securityPermission.getName();
        return name.equals("getDomainCombiner") || name.equals("getPolicy") || name.equals("printIdentity") || name.equals("getSignerPrivateKey") || name.startsWith("getProperty.") || name.startsWith("putProviderProperty.");
    }

    protected boolean checkAWTPermission(AWTPermission aWTPermission) {
        return "true".equals(AWT_HEADLESS);
    }

    protected boolean checkRuntimePermission(RuntimePermission runtimePermission) {
        String trim = runtimePermission.getName().trim();
        if (trim.equals("getClassLoader") || trim.equals("createClassLoader") || trim.startsWith("accessClassInPackage") || trim.startsWith("defineClassInPackage") || trim.equals("setContextClassLoader") || trim.equals("enableContextClassLoaderOverride") || trim.equals("accessDeclaredMembers")) {
            return true;
        }
        if (trim.equals("setSecurityManager")) {
            return false;
        }
        if (trim.equals("createSecurityManager")) {
            return true;
        }
        if ("true".equals(AWT_HEADLESS) && isAWTThread() && (trim.equals("shutdownHooks") || trim.equals("modifyThreadGroup") || trim.equals("modifyThread"))) {
            return true;
        }
        if (trim.startsWith("exitVM")) {
            return false;
        }
        if (trim.equals("shutdownHooks")) {
            return RuntimeSettings.mockJVMNonDeterminism;
        }
        if (trim.equals("setFactory") || trim.equals("setIO") || trim.equals("reflectionFactoryAccess") || trim.equals("modifyThread") || trim.equals("stopThread") || trim.equals("modifyThreadGroup") || trim.equals("setDefaultUncaughtExceptionHandler") || trim.startsWith("getenv.") || trim.equals("getProtectionDomain") || trim.equals("readFileDescriptor")) {
            return true;
        }
        if (trim.equals("writeFileDescriptor")) {
            return false;
        }
        if (trim.startsWith("loadLibrary.")) {
            String substring = trim.substring("loadLibrary.".length(), trim.length());
            return substring.equals("awt") || substring.equals("fontmanager") || substring.equals("net") || substring.equals("lcms") || substring.equals("j2pkcs11") || substring.equals("nio") || substring.equals("laf") || substring.endsWith("libmawt.so") || substring.equals("jpeg") || substring.endsWith("liblwawt.dylib") || substring.equals("cmm") || substring.equals("t2k") || substring.equals("jawt") || substring.equals("sunec") || substring.equals("management") || substring.equals("kcms") || substring.equals("dcpr") || substring.equals("mlib_image") || substring.startsWith("jaybird") || substring.equals("instrument") || substring.startsWith("osxui") || substring.contains("libawt_lwawt") || substring.contains("libawt_headless") || substring.contains("libawt_xawt");
        }
        if (trim.equals("queuePrintJob")) {
            return false;
        }
        if (trim.equals("getStackTrace")) {
            return true;
        }
        if (trim.equals("preferences")) {
            return false;
        }
        if (trim.equals("charsetProvider") || trim.equals("selectorProvider") || trim.equals("getFileSystemAttributes") || trim.equals("fileSystemProvider")) {
            return true;
        }
        if (this.unrecognizedPermissions.contains(runtimePermission)) {
            return false;
        }
        this.unrecognizedPermissions.add(runtimePermission);
        logger.warn("SUT asked for a runtime permission that EvoSuite does not recognize: " + trim);
        return false;
    }

    protected boolean checkPropertyPermission(PropertyPermission propertyPermission) {
        if (propertyPermission.getName().equals("sun.font.fontmanager")) {
            return true;
        }
        return (!propertyPermission.getActions().contains("write") || this.executingTestCase) ? System.handlePropertyPermission(propertyPermission) : !System.isSystemProperty(propertyPermission.getName());
    }

    protected boolean checkReflectPermission(ReflectPermission reflectPermission) {
        return true;
    }

    protected boolean checkLoggingPermission(LoggingPermission loggingPermission) {
        return true;
    }

    private boolean isFileHandlerCall(FilePermission filePermission) {
        if (filePermission.getName().contains(FILE_HANDLER_NAME_PATTERN)) {
            return true;
        }
        if (!filePermission.getActions().equals("write")) {
            return false;
        }
        for (StackTraceElement stackTraceElement : Thread.currentThread().getStackTrace()) {
            if (stackTraceElement.getClassName().equals(FileHandler.class.getName()) && stackTraceElement.getMethodName().equals("isParentWritable")) {
                return true;
            }
        }
        return false;
    }

    protected boolean checkFilePermission(FilePermission filePermission) {
        String actions = filePermission.getActions();
        if (actions == null) {
            logger.debug("File permission with empty action");
            return false;
        }
        if (actions.equals("read")) {
            return true;
        }
        if (RuntimeSettings.useVFS) {
            boolean equals = filePermission.getName().equals(VirtualFileSystem.getInstance().getRealTmpFile().getPath());
            boolean isFileHandlerCall = isFileHandlerCall(filePermission);
            if (isFileHandlerCall) {
            }
            if (equals || isFileHandlerCall) {
                return true;
            }
        }
        String str = USER_DIR + File.separator + ".java" + File.separator + "fonts" + File.separator + JAVA_VERSION;
        if (!actions.equals("write")) {
            if (!actions.equals("delete") || !filePermission.getName().contains("clover.db.liverec")) {
                return false;
            }
            for (StackTraceElement stackTraceElement : Thread.currentThread().getStackTrace()) {
                if (stackTraceElement.getClassName().startsWith("com.atlassian.clover.")) {
                    return true;
                }
            }
            return false;
        }
        if (filePermission.getName().startsWith(str)) {
            return true;
        }
        if (filePermission.getName().contains("jacoco")) {
            for (StackTraceElement stackTraceElement2 : Thread.currentThread().getStackTrace()) {
                if (stackTraceElement2.getClassName().startsWith("org.jacoco.")) {
                    return true;
                }
            }
            return false;
        }
        if (filePermission.getName().contains("gzoltar")) {
            for (StackTraceElement stackTraceElement3 : Thread.currentThread().getStackTrace()) {
                if (stackTraceElement3.getClassName().startsWith("com.gzoltar.")) {
                    return true;
                }
            }
            return false;
        }
        if (!filePermission.getName().contains("clover")) {
            return false;
        }
        for (StackTraceElement stackTraceElement4 : Thread.currentThread().getStackTrace()) {
            if (stackTraceElement4.getClassName().startsWith("com.atlassian.clover.")) {
                return true;
            }
        }
        return false;
    }

    static {
        String str = null;
        try {
            str = InetAddress.getLocalHost().getHostName();
        } catch (UnknownHostException e) {
        }
        LOCALHOST_NAME = str;
        File file = null;
        try {
            file = File.createTempFile("EvosuiteTmpFile", ".tmp");
            file.deleteOnExit();
        } catch (Exception e2) {
            logger.error("Error while trying to create tmp file: " + e2.getMessage());
        }
        tmpFile = file;
        boolean z = RuntimeSettings.mockJVMNonDeterminism;
        runningClientOnThread = false;
    }
}
