fix(appsec/jetty8): guard GetPartAdvice against repeated getPart() calls

jandro996 · jandro996 · commit 71d0ff96ea60 · 2026-04-24T12:08:32.000+02:00
The Part.class depth check only prevents re-entry within a single getPart() invocation;
after the call returns the depth is 0 again, so a second getPart("file") call on the
same request would re-fire requestBodyProcessed and requestFilesFilenames with the same
cached parts. Add the same _multiPartInputStream == null guard that GetFilenamesAdvice
already uses: once the field is set the multipart body was parsed and events were already
dispatched — skip.
diff --git a/dd-java-agent/instrumentation/jetty/jetty-appsec/jetty-appsec-8.1.3/src/main/java/datadog/trace/instrumentation/jetty8/RequestGetPartsInstrumentation.java b/dd-java-agent/instrumentation/jetty/jetty-appsec/jetty-appsec-8.1.3/src/main/java/datadog/trace/instrumentation/jetty8/RequestGetPartsInstrumentation.java
@@ -164,8 +164,13 @@ static void after(
   @RequiresRequestContext(RequestContextSlot.APPSEC)
   public static class GetPartAdvice {
     @Advice.OnMethodEnter(suppress = Throwable.class)
-    static boolean before() {
-      return CallDepthThreadLocalMap.incrementCallDepth(Part.class) == 0;
+    static boolean before(
+        @Advice.FieldValue(value = "_multiPartInputStream", typing = Assigner.Typing.DYNAMIC)
+            Object multiPartInputStream) {
+      // _multiPartInputStream is null before the first parse. Once set, all parts are cached and
+      // events have already fired (either here or in GetFilenamesAdvice). Skip on repeat calls.
+      return CallDepthThreadLocalMap.incrementCallDepth(Part.class) == 0
+          && multiPartInputStream == null;
     }
 
     @Advice.OnMethodExit(suppress = Throwable.class, onThrowable = Throwable.class)
