refactor: move GlassFish multipart processing into GlassFishBlockingHelper

jandro996 · jandro996 · commit f6f2feb51c47 · 2026-05-08T10:51:48.000+02:00
Extract the part-iteration loop and IG callback dispatch from the advice
into a new GlassFishBlockingHelper.processPartsAndBlock() static method.
The advice now contains only the inlined reflection block (which must stay
inlined due to Java module-system constraints) and a single call to the
helper.

Unit tests added for processPartsAndBlock(): form-field skip, empty
filename, normal filename, content reading, maxFiles limit, getInputStream
failure fallback, sequential callback ordering (filenames blocks → content
not fired), content callback blocks → returns true, non-Part object skip.
diff --git a/dd-java-agent/instrumentation/tomcat/tomcat-appsec/tomcat-appsec-7.0/src/main/java/datadog/trace/instrumentation/tomcat7/GlassFishBlockingHelper.java b/dd-java-agent/instrumentation/tomcat/tomcat-appsec/tomcat-appsec-7.0/src/main/java/datadog/trace/instrumentation/tomcat7/GlassFishBlockingHelper.java
@@ -5,10 +5,17 @@
 import datadog.trace.api.gateway.BlockResponseFunction;
 import datadog.trace.api.gateway.Flow;
 import datadog.trace.api.gateway.RequestContext;
+import datadog.trace.api.http.MultipartContentDecoder;
 import datadog.trace.bootstrap.blocking.BlockingActionHelper;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
 import java.util.Map;
+import java.util.function.BiFunction;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.Part;
 
 public final class GlassFishBlockingHelper {
 
@@ -48,6 +55,79 @@ public static boolean tryBlock(
     return true;
   }
 
+  /**
+   * Collects filenames and file contents from the given multipart parts, fires the AppSec IG
+   * callbacks, and commits a blocking response if the WAF requests one.
+   *
+   * <p>Returns {@code true} if a blocking response was committed (the caller should replace the
+   * parts collection with an empty list to prevent further processing).
+   */
+  public static boolean processPartsAndBlock(
+      Collection<?> parts,
+      RequestContext reqCtx,
+      HttpServletRequest fallbackReq,
+      HttpServletResponse fallbackResp,
+      BiFunction<RequestContext, List<String>, Flow<Void>> filenamesCb,
+      BiFunction<RequestContext, List<String>, Flow<Void>> contentCb) {
+    List<String> filenames = null;
+    List<String> contents = null;
+    for (Object partObj : parts) {
+      try {
+        if (!(partObj instanceof Part)) {
+          continue;
+        }
+        Part part = (Part) partObj;
+        String filename = part.getSubmittedFileName();
+        if (filename == null) {
+          continue;
+        }
+        if (filenamesCb != null && !filename.isEmpty()) {
+          if (filenames == null) {
+            filenames = new ArrayList<>();
+          }
+          filenames.add(filename);
+        }
+        if (contentCb != null) {
+          if (contents == null) {
+            contents = new ArrayList<>();
+          }
+          if (contents.size() < MAX_FILE_CONTENT_COUNT) {
+            try (InputStream is = part.getInputStream()) {
+              contents.add(
+                  MultipartContentDecoder.readInputStream(
+                      is, MAX_FILE_CONTENT_BYTES, part.getContentType()));
+            } catch (Exception ignored) {
+              contents.add("");
+            }
+          }
+        }
+      } catch (Exception ignored) {
+      }
+    }
+
+    if (filenames != null && !filenames.isEmpty()) {
+      Flow<Void> flow = filenamesCb.apply(reqCtx, filenames);
+      Flow.Action action = flow.getAction();
+      if (action instanceof Flow.Action.RequestBlockingAction) {
+        if (tryBlock(
+            reqCtx, fallbackReq, fallbackResp, (Flow.Action.RequestBlockingAction) action)) {
+          return true;
+        }
+      }
+    }
+
+    if (contents != null && !contents.isEmpty()) {
+      Flow<Void> contentFlow = contentCb.apply(reqCtx, contents);
+      Flow.Action contentAction = contentFlow.getAction();
+      if (contentAction instanceof Flow.Action.RequestBlockingAction) {
+        return tryBlock(
+            reqCtx, fallbackReq, fallbackResp, (Flow.Action.RequestBlockingAction) contentAction);
+      }
+    }
+
+    return false;
+  }
+
   public static boolean commitBlocking(
       HttpServletRequest request,
       HttpServletResponse response,
diff --git a/dd-java-agent/instrumentation/tomcat/tomcat-appsec/tomcat-appsec-7.0/src/main/java/datadog/trace/instrumentation/tomcat7/GlassFishMultipartInstrumentation.java b/dd-java-agent/instrumentation/tomcat/tomcat-appsec/tomcat-appsec-7.0/src/main/java/datadog/trace/instrumentation/tomcat7/GlassFishMultipartInstrumentation.java
@@ -12,20 +12,16 @@
 import datadog.trace.api.gateway.Flow;
 import datadog.trace.api.gateway.RequestContext;
 import datadog.trace.api.gateway.RequestContextSlot;
-import datadog.trace.api.http.MultipartContentDecoder;
 import datadog.trace.bootstrap.instrumentation.api.AgentSpan;
 import datadog.trace.bootstrap.instrumentation.api.AgentTracer;
-import java.io.InputStream;
 import java.lang.reflect.Field;
 import java.lang.reflect.Method;
-import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.function.BiFunction;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.Part;
 import net.bytebuddy.asm.Advice;
 
 /**
@@ -125,73 +121,9 @@ static void after(
       } catch (Exception ignored) {
       }
 
-      int maxFiles = GlassFishBlockingHelper.MAX_FILE_CONTENT_COUNT;
-      int maxBytes = GlassFishBlockingHelper.MAX_FILE_CONTENT_BYTES;
-
-      List<String> filenames = null;
-      List<String> contents = null;
-
-      for (Object partObj : parts) {
-        try {
-          if (!(partObj instanceof Part)) {
-            continue;
-          }
-          Part part = (Part) partObj;
-          String filename = part.getSubmittedFileName();
-          // null means no filename parameter → form field, skip
-          // empty string means filename="" was sent → file upload without a name
-          if (filename == null) {
-            continue;
-          }
-          if (filenamesCb != null && !filename.isEmpty()) {
-            if (filenames == null) {
-              filenames = new ArrayList<>();
-            }
-            filenames.add(filename);
-          }
-          if (contentCb != null) {
-            if (contents == null) {
-              contents = new ArrayList<>();
-            }
-            if (contents.size() < maxFiles) {
-              try (InputStream is = part.getInputStream()) {
-                contents.add(
-                    MultipartContentDecoder.readInputStream(is, maxBytes, part.getContentType()));
-              } catch (Exception ignored) {
-                contents.add("");
-              }
-            }
-          }
-        } catch (Exception ignored) {
-        }
-      }
-
-      boolean blocked = false;
-
-      if (filenames != null && !filenames.isEmpty() && filenamesCb != null) {
-        Flow<Void> flow = filenamesCb.apply(reqCtx, filenames);
-        Flow.Action action = flow.getAction();
-        if (action instanceof Flow.Action.RequestBlockingAction) {
-          if (GlassFishBlockingHelper.tryBlock(
-              reqCtx, fallbackReq, fallbackResp, (Flow.Action.RequestBlockingAction) action)) {
-            parts = Collections.emptyList();
-            blocked = true;
-          }
-        }
-      }
-
-      if (!blocked && contents != null && !contents.isEmpty() && contentCb != null) {
-        Flow<Void> contentFlow = contentCb.apply(reqCtx, contents);
-        Flow.Action contentAction = contentFlow.getAction();
-        if (contentAction instanceof Flow.Action.RequestBlockingAction) {
-          if (GlassFishBlockingHelper.tryBlock(
-              reqCtx,
-              fallbackReq,
-              fallbackResp,
-              (Flow.Action.RequestBlockingAction) contentAction)) {
-            parts = Collections.emptyList();
-          }
-        }
+      if (GlassFishBlockingHelper.processPartsAndBlock(
+          parts, reqCtx, fallbackReq, fallbackResp, filenamesCb, contentCb)) {
+        parts = Collections.emptyList();
       }
     }
   }
diff --git a/dd-java-agent/instrumentation/tomcat/tomcat-appsec/tomcat-appsec-7.0/src/test/java/datadog/trace/instrumentation/tomcat7/GlassFishBlockingHelperTest.java b/dd-java-agent/instrumentation/tomcat/tomcat-appsec/tomcat-appsec-7.0/src/test/java/datadog/trace/instrumentation/tomcat7/GlassFishBlockingHelperTest.java
@@ -18,10 +18,15 @@
 import datadog.trace.api.internal.TraceSegment;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.function.BiFunction;
 import javax.servlet.ServletOutputStream;
 import javax.servlet.WriteListener;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.Part;
 import org.junit.jupiter.api.Test;
 
 class GlassFishBlockingHelperTest {
@@ -170,6 +175,146 @@ void tryBlock_effectivelyBlockedThrows_stillReturnsTrue() throws Exception {
     assertTrue(GlassFishBlockingHelper.tryBlock(reqCtx, null, null, rba(403)));
   }
 
+  // ------- processPartsAndBlock() -------
+
+  @Test
+  void processPartsAndBlock_formField_skipped() throws Exception {
+    Part formField = mockPart(null, "text/plain", new byte[0]);
+    RequestContext reqCtx = mockReqCtx(null, mock(TraceSegment.class));
+    BiFunction<RequestContext, List<String>, Flow<Void>> filenamesCb = mockPassThroughCb();
+
+    assertFalse(
+        GlassFishBlockingHelper.processPartsAndBlock(
+            Collections.singletonList(formField), reqCtx, null, null, filenamesCb, null));
+    verify(formField).getSubmittedFileName();
+    verify(formField, never()).getInputStream();
+  }
+
+  @Test
+  void processPartsAndBlock_emptyFilename_notAddedToFilenames_butContentRead() throws Exception {
+    byte[] content = "data".getBytes();
+    Part filePart = mockPart("", "application/octet-stream", content);
+    RequestContext reqCtx = mockReqCtx(null, mock(TraceSegment.class));
+    BiFunction<RequestContext, List<String>, Flow<Void>> filenamesCb = mockPassThroughCb();
+    BiFunction<RequestContext, List<String>, Flow<Void>> contentCb = mockPassThroughCb();
+
+    assertFalse(
+        GlassFishBlockingHelper.processPartsAndBlock(
+            Collections.singletonList(filePart), reqCtx, null, null, filenamesCb, contentCb));
+
+    verify(filePart).getInputStream();
+    verify(filenamesCb, never()).apply(any(), any());
+    verify(contentCb).apply(eq(reqCtx), any());
+  }
+
+  @Test
+  void processPartsAndBlock_normalFilename_reportedViaFilenamesCb() throws Exception {
+    Part filePart = mockPart("file.txt", "text/plain", "hello".getBytes());
+    RequestContext reqCtx = mockReqCtx(null, mock(TraceSegment.class));
+    BiFunction<RequestContext, List<String>, Flow<Void>> filenamesCb = mockPassThroughCb();
+
+    assertFalse(
+        GlassFishBlockingHelper.processPartsAndBlock(
+            Collections.singletonList(filePart), reqCtx, null, null, filenamesCb, null));
+
+    verify(filenamesCb).apply(eq(reqCtx), eq(Collections.singletonList("file.txt")));
+  }
+
+  @Test
+  void processPartsAndBlock_contentRead_reportedViaContentCb() throws Exception {
+    Part filePart = mockPart("file.bin", "application/octet-stream", new byte[] {1, 2, 3});
+    RequestContext reqCtx = mockReqCtx(null, mock(TraceSegment.class));
+    BiFunction<RequestContext, List<String>, Flow<Void>> contentCb = mockPassThroughCb();
+
+    assertFalse(
+        GlassFishBlockingHelper.processPartsAndBlock(
+            Collections.singletonList(filePart), reqCtx, null, null, null, contentCb));
+
+    verify(contentCb).apply(eq(reqCtx), any());
+  }
+
+  @Test
+  void processPartsAndBlock_maxFilesLimit_enforced() throws Exception {
+    int limit = GlassFishBlockingHelper.MAX_FILE_CONTENT_COUNT;
+    Part[] tooMany = new Part[limit + 1];
+    for (int i = 0; i <= limit; i++) {
+      tooMany[i] = mockPart("f" + i + ".bin", "application/octet-stream", new byte[0]);
+    }
+    RequestContext reqCtx = mockReqCtx(null, mock(TraceSegment.class));
+    BiFunction<RequestContext, List<String>, Flow<Void>> contentCb = mockPassThroughCb();
+
+    assertFalse(
+        GlassFishBlockingHelper.processPartsAndBlock(
+            Arrays.asList(tooMany), reqCtx, null, null, null, contentCb));
+
+    verify(contentCb).apply(eq(reqCtx), any(List.class));
+    verify(tooMany[limit], never()).getInputStream();
+  }
+
+  @Test
+  @SuppressWarnings("unchecked")
+  void processPartsAndBlock_getInputStreamThrows_emptyStringFallback() throws Exception {
+    Part filePart = mock(Part.class);
+    when(filePart.getSubmittedFileName()).thenReturn("bad.bin");
+    when(filePart.getInputStream()).thenThrow(new IOException("disk error"));
+    RequestContext reqCtx = mockReqCtx(null, mock(TraceSegment.class));
+    BiFunction<RequestContext, List<String>, Flow<Void>> contentCb = mockPassThroughCb();
+
+    assertFalse(
+        GlassFishBlockingHelper.processPartsAndBlock(
+            Collections.singletonList(filePart), reqCtx, null, null, null, contentCb));
+
+    verify(contentCb).apply(eq(reqCtx), eq(Collections.singletonList("")));
+  }
+
+  @Test
+  void processPartsAndBlock_filenamesCbBlocks_contentCbNotFired() throws Exception {
+    Part filePart = mockPart("evil.exe", "application/octet-stream", "content".getBytes());
+    TraceSegment segment = mock(TraceSegment.class);
+    RequestContext reqCtx = mockReqCtx(null, segment);
+    TestServletOutputStream out = new TestServletOutputStream();
+    HttpServletResponse resp = mock(HttpServletResponse.class);
+    when(resp.isCommitted()).thenReturn(false);
+    when(resp.getOutputStream()).thenReturn(out);
+    BiFunction<RequestContext, List<String>, Flow<Void>> filenamesCb = mockBlockingCb(403);
+    BiFunction<RequestContext, List<String>, Flow<Void>> contentCb = mockPassThroughCb();
+
+    assertTrue(
+        GlassFishBlockingHelper.processPartsAndBlock(
+            Collections.singletonList(filePart), reqCtx, null, resp, filenamesCb, contentCb));
+
+    verify(contentCb, never()).apply(any(), any());
+  }
+
+  @Test
+  void processPartsAndBlock_contentCbBlocks_returnsTrue() throws Exception {
+    Part filePart = mockPart("upload.bin", "application/octet-stream", "payload".getBytes());
+    TraceSegment segment = mock(TraceSegment.class);
+    RequestContext reqCtx = mockReqCtx(null, segment);
+    TestServletOutputStream out = new TestServletOutputStream();
+    HttpServletResponse resp = mock(HttpServletResponse.class);
+    when(resp.isCommitted()).thenReturn(false);
+    when(resp.getOutputStream()).thenReturn(out);
+    BiFunction<RequestContext, List<String>, Flow<Void>> filenamesCb = mockPassThroughCb();
+    BiFunction<RequestContext, List<String>, Flow<Void>> contentCb = mockBlockingCb(403);
+
+    assertTrue(
+        GlassFishBlockingHelper.processPartsAndBlock(
+            Collections.singletonList(filePart), reqCtx, null, resp, filenamesCb, contentCb));
+  }
+
+  @Test
+  void processPartsAndBlock_nonPartObject_skipped() {
+    RequestContext reqCtx = mockReqCtx(null, mock(TraceSegment.class));
+    BiFunction<RequestContext, List<String>, Flow<Void>> filenamesCb = mockPassThroughCb();
+
+    assertFalse(
+        GlassFishBlockingHelper.processPartsAndBlock(
+            Collections.singletonList("not-a-part"), reqCtx, null, null, filenamesCb, null));
+
+    verify(filenamesCb, never()).apply(any(), any());
+  }
+
   // ------- Helpers -------
 
   private static Flow.Action.RequestBlockingAction rba(int statusCode) {
@@ -183,6 +328,35 @@ private static RequestContext mockReqCtx(BlockResponseFunction brf, TraceSegment
     return reqCtx;
   }
 
+  private static Part mockPart(String submittedFilename, String contentType, byte[] content)
+      throws Exception {
+    Part part = mock(Part.class);
+    when(part.getSubmittedFileName()).thenReturn(submittedFilename);
+    when(part.getContentType()).thenReturn(contentType);
+    when(part.getInputStream()).thenAnswer(ignored -> new java.io.ByteArrayInputStream(content));
+    return part;
+  }
+
+  @SuppressWarnings("unchecked")
+  private static BiFunction<RequestContext, List<String>, Flow<Void>> mockPassThroughCb() {
+    BiFunction<RequestContext, List<String>, Flow<Void>> cb = mock(BiFunction.class);
+    Flow<Void> flow = mock(Flow.class);
+    when(flow.getAction()).thenReturn(Flow.Action.Noop.INSTANCE);
+    when(cb.apply(any(), any())).thenReturn(flow);
+    return cb;
+  }
+
+  @SuppressWarnings("unchecked")
+  private static BiFunction<RequestContext, List<String>, Flow<Void>> mockBlockingCb(
+      int statusCode) {
+    BiFunction<RequestContext, List<String>, Flow<Void>> cb = mock(BiFunction.class);
+    Flow<Void> flow = mock(Flow.class);
+    when(flow.getAction())
+        .thenReturn(new Flow.Action.RequestBlockingAction(statusCode, BlockingContentType.AUTO));
+    when(cb.apply(any(), any())).thenReturn(flow);
+    return cb;
+  }
+
   private static final class TestServletOutputStream extends ServletOutputStream {
     private final ByteArrayOutputStream buffer = new ByteArrayOutputStream();
 
