package com.rapid7.container.analyzer.docker.service;

import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.rapid7.container.analyzer.docker.analyzer.ImageHandler;
import com.rapid7.container.analyzer.docker.analyzer.LayerExtractor;
import com.rapid7.container.analyzer.docker.analyzer.LayerFileHandler;
import com.rapid7.container.analyzer.docker.fingerprinter.ApkgFingerprinter;
import com.rapid7.container.analyzer.docker.fingerprinter.DpkgFingerprinter;
import com.rapid7.container.analyzer.docker.fingerprinter.FileFingerprinter;
import com.rapid7.container.analyzer.docker.fingerprinter.OsReleaseFingerprinter;
import com.rapid7.container.analyzer.docker.fingerprinter.PacmanFingerprinter;
import com.rapid7.container.analyzer.docker.fingerprinter.RpmFingerprinter;
import com.rapid7.container.analyzer.docker.fingerprinter.WhiteoutImageHandler;
import com.rapid7.container.analyzer.docker.model.Digest;
import com.rapid7.container.analyzer.docker.model.image.Image;
import com.rapid7.container.analyzer.docker.model.image.ImageId;
import com.rapid7.container.analyzer.docker.model.image.ImageType;
import com.rapid7.container.analyzer.docker.model.image.Layer;
import com.rapid7.container.analyzer.docker.model.image.LayerId;
import com.rapid7.container.analyzer.docker.model.image.json.ImageModelObjectMapper;
import com.rapid7.container.analyzer.docker.model.json.Configuration;
import com.rapid7.container.analyzer.docker.model.json.ConfigurationJsonV2;
import com.rapid7.container.analyzer.docker.model.json.HistoryJson;
import com.rapid7.container.analyzer.docker.model.json.LayerJson;
import com.rapid7.container.analyzer.docker.model.json.Manifest;
import com.rapid7.container.analyzer.docker.model.json.TarManifestJson;
import com.rapid7.container.analyzer.docker.os.Fingerprinter;
import com.rapid7.container.analyzer.docker.packages.ApkgParser;
import com.rapid7.container.analyzer.docker.packages.DpkgParser;
import com.rapid7.container.analyzer.docker.packages.PacmanPackageParser;
import com.rapid7.container.analyzer.docker.packages.RpmPackageParser;
import com.rapid7.container.analyzer.docker.util.InstantParser;
import com.rapid7.container.analyzer.docker.util.InstantParserModule;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.InvalidPathException;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.zip.GZIPInputStream;
import java.util.zip.ZipException;
import org.apache.commons.compress.archivers.tar.TarArchiveEntry;
import org.apache.commons.compress.archivers.tar.TarArchiveInputStream;
import org.apache.commons.compress.utils.IOUtils;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.FilenameUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.helpers.MessageFormatter;

/* loaded from: input_file:WEB-INF/lib/docker-image-analyzer-0.1.8.jar:com/rapid7/container/analyzer/docker/service/DockerImageAnalyzerService.class */
public class DockerImageAnalyzerService {
    private static final Logger LOGGER = LoggerFactory.getLogger(DockerImageAnalyzerService.class);
    private static final String WHITEOUT_AUFS_PREFIX = ".wh.";
    private static final long MAX_FILE_SIZE = 10485760;
    private ObjectMapper objectMapper = new ObjectMapper();
    private List<LayerFileHandler> layerHandlers;
    private List<ImageHandler> imageHandlers;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/docker-image-analyzer-0.1.8.jar:com/rapid7/container/analyzer/docker/service/DockerImageAnalyzerService$ConvertibleOutputStream.class */
    public static class ConvertibleOutputStream extends ByteArrayOutputStream {
        public ConvertibleOutputStream(int i) {
            super(i);
        }

        public InputStream toInputStream() {
            return new ByteArrayInputStream(this.buf, 0, this.count);
        }
    }

    /* loaded from: input_file:WEB-INF/lib/docker-image-analyzer-0.1.8.jar:com/rapid7/container/analyzer/docker/service/DockerImageAnalyzerService$NonClosingInputStream.class */
    private static class NonClosingInputStream extends FilterInputStream {
        NonClosingInputStream(InputStream inputStream) {
            super(inputStream);
        }

        @Override // java.io.FilterInputStream, java.io.InputStream, java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
        }
    }

    public DockerImageAnalyzerService(String str) {
        this.objectMapper.disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
        this.objectMapper.registerModule(new InstantParserModule());
        this.imageHandlers = new ArrayList(1);
        this.imageHandlers.add(new WhiteoutImageHandler());
        this.layerHandlers = new ArrayList(6);
        this.layerHandlers.add(new OsReleaseFingerprinter(new Fingerprinter()));
        this.layerHandlers.add(new RpmFingerprinter(new RpmPackageParser(), str));
        this.layerHandlers.add(new DpkgFingerprinter(new DpkgParser()));
        this.layerHandlers.add(new ApkgFingerprinter(new ApkgParser()));
        this.layerHandlers.add(new PacmanFingerprinter(new PacmanPackageParser()));
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void addFileHandler(LayerFileHandler layerFileHandler) {
        this.layerHandlers.add(Objects.requireNonNull(layerFileHandler));
    }

    public void addFileHashFingeprinter() {
        if (this.layerHandlers.stream().noneMatch(layerFileHandler -> {
            return layerFileHandler instanceof FileFingerprinter;
        })) {
            this.layerHandlers.add(new FileFingerprinter());
        }
    }

    public ImageId getId(File file) throws IOException {
        TarArchiveEntry nextTarEntry;
        TarArchiveInputStream tarArchiveInputStream = new TarArchiveInputStream(new BufferedInputStream(new FileInputStream(file)));
        Throwable th = null;
        do {
            try {
                try {
                    nextTarEntry = tarArchiveInputStream.getNextTarEntry();
                    if (nextTarEntry == null) {
                        if (tarArchiveInputStream == null) {
                            return null;
                        }
                        if (0 == 0) {
                            tarArchiveInputStream.close();
                            return null;
                        }
                        try {
                            tarArchiveInputStream.close();
                            return null;
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                            return null;
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } catch (Throwable th4) {
                if (tarArchiveInputStream != null) {
                    if (th != null) {
                        try {
                            tarArchiveInputStream.close();
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                        }
                    } else {
                        tarArchiveInputStream.close();
                    }
                }
                throw th4;
            }
        } while (!nextTarEntry.getName().equals("manifest.json"));
        ImageId imageId = new ImageId(((TarManifestJson) ((List) this.objectMapper.readValue(new NonClosingInputStream(tarArchiveInputStream), this.objectMapper.getTypeFactory().constructCollectionType(List.class, TarManifestJson.class))).get(0)).getConfig().replaceAll(".json", ""));
        if (tarArchiveInputStream != null) {
            if (0 != 0) {
                try {
                    tarArchiveInputStream.close();
                } catch (Throwable th6) {
                    th.addSuppressed(th6);
                }
            } else {
                tarArchiveInputStream.close();
            }
        }
        return imageId;
    }

    public void writeJson(Image image, File file) throws IOException {
        new ImageModelObjectMapper().writeValue(file, image);
    }

    public Image analyze(File file, String str) throws IOException {
        File file2 = Files.createTempDirectory(Paths.get(str, new String[0]), FilenameUtils.removeExtension(file.getName()), new FileAttribute[0]).toFile();
        try {
            LOGGER.info("Extracting image to {}.", file2.getAbsolutePath());
            untar(file, file2);
            LOGGER.info("Extracted image {}.", file2.getAbsolutePath());
            TarManifestJson parseTarManifest = parseTarManifest(file.length(), new File(file2, "manifest.json"));
            Image analyze = analyze(file2, parseTarManifest.getImageId(), null, parseTarManifest, parseConfiguration(new File(file2, parseTarManifest.getConfig())), layerId -> {
                return new File(file2, layerId.getId() + "/layer.tar");
            });
            LOGGER.info("Completed analyzing image {}", analyze.getId());
            FileUtils.deleteQuietly(file2);
            return analyze;
        } catch (Throwable th) {
            FileUtils.deleteQuietly(file2);
            throw th;
        }
    }

    public <M extends Manifest> Image analyze(File file, ImageId imageId, Digest digest, M m, Configuration configuration, LayerExtractor layerExtractor) throws IOException {
        LayerId layerId;
        try {
            List<HistoryJson> history = configuration.getHistory();
            List<LayerId> layers = m.getLayers();
            List<LayerId> layerBlobIds = m.getLayerBlobIds();
            Image image = new Image(imageId, ImageType.DOCKER, digest, Long.valueOf(m.getSize()), configuration.getCreated());
            int i = 0;
            int i2 = 0;
            Layer layer = null;
            for (HistoryJson historyJson : history) {
                Instant.now();
                boolean isEmpty = historyJson.isEmpty();
                if (isEmpty) {
                    int i3 = i2;
                    i2++;
                    layerId = new LayerId(imageId.getString() + "_empty_" + i3);
                } else {
                    layerId = layers.get(i);
                }
                LOGGER.debug("Processing layer {}.", layerId);
                Layer layer2 = new Layer(layerId);
                layer2.setCommand(historyJson.getCommand());
                layer2.setComment(historyJson.getComment());
                layer2.setAuthor(historyJson.getAuthor());
                layer2.setEmpty(isEmpty);
                if (layer2.getCreated() != null) {
                    layer2.setCreated(InstantParser.parse(historyJson.getCreated()));
                } else if (layer == null || layer.getCreated() == null) {
                    layer2.setCreated(Instant.EPOCH);
                } else {
                    layer2.setCreated(layer.getCreated());
                }
                if (!isEmpty) {
                    File layer3 = layerExtractor.getLayer(layerBlobIds.get(i));
                    layer2.setSize(layer3.length());
                    LOGGER.debug("Processing layer tar.");
                    processLayer(image, configuration, layer2, layer3);
                    File file2 = new File(layer3.getParentFile(), "json");
                    if (file2.exists()) {
                        try {
                            LayerJson parseLayerConfiguration = parseLayerConfiguration(file2);
                            layer2.setCreated(parseLayerConfiguration.getCreated());
                            layer2.setParentId(parseLayerConfiguration.getParentId());
                        } catch (Exception e) {
                            LOGGER.warn("Failed to parse layer configuration json. Skipping setting of created data and parent identifier.", e);
                        }
                    } else if (layer != null) {
                        layer2.setParentId(layer.getId());
                    }
                    i++;
                    layer = layer2;
                } else if (layer != null) {
                    layer2.setParentId(layer.getId());
                }
                image.addLayer(layer2);
            }
            Iterator<ImageHandler> it = this.imageHandlers.iterator();
            while (it.hasNext()) {
                it.next().handle(image);
            }
            if (image.getSize() == null || image.getSize().longValue() <= 0) {
                image.setSize(Long.valueOf(image.getLayers().stream().mapToLong((v0) -> {
                    return v0.getSize();
                }).sum()));
            }
            if (image.getCreated() == null && !image.getLayers().isEmpty()) {
                image.setCreated(image.getLayers().get(image.getLayers().size() - 1).getCreated());
            }
            return image;
        } catch (IOException e2) {
            LOGGER.error("Failed to analyze image.", e2);
            throw e2;
        }
    }

    public Manifest parseManifest(File file) throws JsonParseException, JsonMappingException, IOException {
        return (Manifest) this.objectMapper.readValue(file, Manifest.class);
    }

    public Configuration parseConfiguration(File file) throws JsonParseException, JsonMappingException, IOException {
        return (Configuration) this.objectMapper.readValue(file, ConfigurationJsonV2.class);
    }

    public TarManifestJson parseTarManifest(long j, File file) throws JsonParseException, JsonMappingException, IOException {
        return ((TarManifestJson) ((List) this.objectMapper.readValue(file, this.objectMapper.getTypeFactory().constructCollectionType(List.class, TarManifestJson.class))).get(0)).setSize(j);
    }

    public LayerJson parseLayerConfiguration(File file) throws JsonParseException, JsonMappingException, IOException {
        return (LayerJson) this.objectMapper.readValue(file, LayerJson.class);
    }

    public void untar(File file, File file2) throws FileNotFoundException, IOException {
        TarArchiveInputStream tarArchiveInputStream = new TarArchiveInputStream(new BufferedInputStream(new FileInputStream(file)));
        Throwable th = null;
        while (true) {
            try {
                TarArchiveEntry nextTarEntry = tarArchiveInputStream.getNextTarEntry();
                if (nextTarEntry == null) {
                    if (tarArchiveInputStream != null) {
                        if (0 == 0) {
                            tarArchiveInputStream.close();
                            return;
                        }
                        try {
                            tarArchiveInputStream.close();
                            return;
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                            return;
                        }
                    }
                    return;
                }
                String name = nextTarEntry.getName();
                File file3 = new File(file2, name);
                try {
                    if (file3.toPath().toAbsolutePath().normalize().startsWith(file2.toPath().toAbsolutePath().normalize())) {
                        Logger logger = LOGGER;
                        Object[] objArr = new Object[3];
                        objArr[0] = file.getName();
                        objArr[1] = nextTarEntry.isDirectory() ? "directory" : "file";
                        objArr[2] = file3.getAbsolutePath();
                        logger.debug(MessageFormatter.arrayFormat("[Image: {}] Extracting {} {}.", objArr).getMessage());
                        long freeSpace = file3.getParentFile().getFreeSpace();
                        long realSize = nextTarEntry.getRealSize();
                        if (realSize * 3 > freeSpace) {
                            throw new IOException("Insufficient disk space to extract resource. " + freeSpace + " available, " + (realSize * 3) + " required.");
                        }
                        try {
                            if (nextTarEntry.isDirectory()) {
                                file3.mkdirs();
                            } else if (!name.contains(WHITEOUT_AUFS_PREFIX)) {
                                FileOutputStream fileOutputStream = new FileOutputStream(file3);
                                Throwable th3 = null;
                                try {
                                    try {
                                        IOUtils.copy(tarArchiveInputStream, fileOutputStream);
                                        if (fileOutputStream != null) {
                                            if (0 != 0) {
                                                try {
                                                    fileOutputStream.close();
                                                } catch (Throwable th4) {
                                                    th3.addSuppressed(th4);
                                                }
                                            } else {
                                                fileOutputStream.close();
                                            }
                                        }
                                    } catch (Throwable th5) {
                                        th3 = th5;
                                        throw th5;
                                        break;
                                    }
                                } catch (Throwable th6) {
                                    if (fileOutputStream != null) {
                                        if (th3 != null) {
                                            try {
                                                fileOutputStream.close();
                                            } catch (Throwable th7) {
                                                th3.addSuppressed(th7);
                                            }
                                        } else {
                                            fileOutputStream.close();
                                        }
                                    }
                                    throw th6;
                                    break;
                                }
                            } else {
                                LOGGER.debug(MessageFormatter.format("[Image: {}] Skipping whiteout file {}.", file.getName(), file3.getAbsolutePath()).getMessage());
                            }
                        } catch (FileNotFoundException e) {
                            LOGGER.warn(MessageFormatter.format("[Image: {}] File failed to extract {}.", file.getName(), file3.getAbsolutePath()).getMessage());
                        }
                    } else {
                        LOGGER.debug(MessageFormatter.format("[Image: {}] Skipping extraction of {} due to directory traversal.", file.getName(), name).getMessage());
                    }
                } catch (InvalidPathException e2) {
                    LOGGER.debug(MessageFormatter.format("[Image: {}] Skipping extraction of {} due to invalid filename.", file.getName(), name).getMessage());
                }
            } catch (Throwable th8) {
                if (tarArchiveInputStream != null) {
                    if (0 != 0) {
                        try {
                            tarArchiveInputStream.close();
                        } catch (Throwable th9) {
                            th.addSuppressed(th9);
                        }
                    } else {
                        tarArchiveInputStream.close();
                    }
                }
                throw th8;
            }
        }
    }

    private void processLayer(Image image, Configuration configuration, Layer layer, File file) throws FileNotFoundException, IOException {
        try {
            TarArchiveInputStream tarArchiveInputStream = new TarArchiveInputStream(new GZIPInputStream(new FileInputStream(file), 65536));
            Throwable th = null;
            try {
                try {
                    processLayerTar(image, configuration, layer, file, tarArchiveInputStream);
                    if (tarArchiveInputStream != null) {
                        if (0 != 0) {
                            try {
                                tarArchiveInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            tarArchiveInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (ZipException e) {
            TarArchiveInputStream tarArchiveInputStream2 = new TarArchiveInputStream(new BufferedInputStream(new FileInputStream(file), 65536));
            Throwable th4 = null;
            try {
                try {
                    processLayerTar(image, configuration, layer, file, tarArchiveInputStream2);
                    if (tarArchiveInputStream2 != null) {
                        if (0 == 0) {
                            tarArchiveInputStream2.close();
                            return;
                        }
                        try {
                            tarArchiveInputStream2.close();
                        } catch (Throwable th5) {
                            th4.addSuppressed(th5);
                        }
                    }
                } catch (Throwable th6) {
                    th4 = th6;
                    throw th6;
                }
            } catch (Throwable th7) {
                if (tarArchiveInputStream2 != null) {
                    if (th4 != null) {
                        try {
                            tarArchiveInputStream2.close();
                        } catch (Throwable th8) {
                            th4.addSuppressed(th8);
                        }
                    } else {
                        tarArchiveInputStream2.close();
                    }
                }
                throw th7;
            }
        }
    }

    private void processLayerTar(Image image, Configuration configuration, Layer layer, File file, TarArchiveInputStream tarArchiveInputStream) throws IOException {
        while (true) {
            TarArchiveEntry nextTarEntry = tarArchiveInputStream.getNextTarEntry();
            if (nextTarEntry == null) {
                return;
            }
            String name = nextTarEntry.getName();
            if (LOGGER.isTraceEnabled()) {
                Logger logger = LOGGER;
                Object[] objArr = new Object[3];
                objArr[0] = file.getName();
                objArr[1] = nextTarEntry.isDirectory() ? "directory" : "file";
                objArr[2] = name;
                logger.trace(MessageFormatter.arrayFormat("[Image: {}] Processing {} {}.", objArr).getMessage());
            }
            if (nextTarEntry.getSize() > MAX_FILE_SIZE) {
                LOGGER.debug("Skipping file {} with size {} bytes because exceeds max of {} bytes.", new Object[]{name, Long.valueOf(nextTarEntry.getSize()), Long.valueOf(MAX_FILE_SIZE)});
            } else {
                ConvertibleOutputStream convertibleOutputStream = new ConvertibleOutputStream((int) nextTarEntry.getSize());
                Throwable th = null;
                try {
                    try {
                        IOUtils.copy(tarArchiveInputStream, convertibleOutputStream);
                        InputStream inputStream = convertibleOutputStream.toInputStream();
                        Iterator<LayerFileHandler> it = this.layerHandlers.iterator();
                        while (it.hasNext()) {
                            it.next().handle(name, nextTarEntry, inputStream, image, configuration, layer);
                            inputStream.reset();
                        }
                        if (convertibleOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    convertibleOutputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                convertibleOutputStream.close();
                            }
                        }
                    } catch (Throwable th3) {
                        if (convertibleOutputStream != null) {
                            if (th != null) {
                                try {
                                    convertibleOutputStream.close();
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                }
                            } else {
                                convertibleOutputStream.close();
                            }
                        }
                        throw th3;
                    }
                } finally {
                }
            }
        }
    }
}
