[ASM][IAST] NHibernate support (SQLI Vuln)

[e-n-0]

Summary of changes

Detect SQL Injection Vulnerabilities from CreateQuery and CreateSQLQuery for NHibernate.

Reason for change

Add IAST support to hibernate queries for SQL injection.

Test coverage

• Mocked Unit tests on CreateQuery and CreateSQLQuery
• Integration test on the NHibernateQuery endpoint

[datadog-ddstaging]

Datadog Report

Branch report: flavien/asm/iast/hibernate
Commit report: 1d659e2
Test service: dd-trace-dotnet

✅ 0 Failed, 327852 Passed, 1587 Skipped, 42m 37.13s Wall Time
❄️ 1 New Flaky

New Flaky Tests (1)

• SubmitsTraces - Datadog.Trace.ClrProfiler.IntegrationTests.AdoNet.NpgsqlCommandTests - Last Failure

  Expand for error

   Expected collection to contain a single item matching x.IsRequestType("app-closing"), but the collection is empty.
  

[andrewlock]

Execution-Time Benchmarks Report ⏱️

Execution-time results for samples comparing the following branches/commits:

• This PR (5347)
• master

Execution-time benchmarks measure the whole time it takes to execute a program. And are intended to measure the one-off costs. Cases where the execution time results for the PR are worse than latest master results are shown in red. The following thresholds were used for comparing the execution times:

• Welch test with statistical test for significance of 5%
• Only results indicating a difference greater than 5% and 5 ms are considered.

Note that these results are based on a single point-in-time result for each branch. For full results, see the dashboard.

Graphs show the p99 interval based on the mean and StdDev of the test run, as well as the mean value of the run (shown as a diamond below the graph).

gantt
    title Execution time (ms) FakeDbCommand (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5347) - mean (74ms)  : 66, 82
     .   : milestone, 74,
    master - mean (73ms)  : 65, 81
     .   : milestone, 73,

    section CallTarget+Inlining+NGEN
    This PR (5347) - mean (1,007ms)  : 989, 1024
     .   : milestone, 1007,
    master - mean (1,004ms)  : 981, 1026
     .   : milestone, 1004,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5347) - mean (112ms)  : 109, 115
     .   : milestone, 112,
    master - mean (111ms)  : 108, 115
     .   : milestone, 111,

    section CallTarget+Inlining+NGEN
    This PR (5347) - mean (726ms)  : 698, 754
     .   : milestone, 726,
    master - mean (724ms)  : 700, 749
     .   : milestone, 724,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5347) - mean (97ms)  : 94, 101
     .   : milestone, 97,
    master - mean (94ms)  : 91, 97
     .   : milestone, 94,

    section CallTarget+Inlining+NGEN
    This PR (5347) - mean (685ms)  : 661, 709
     .   : milestone, 685,
    master - mean (679ms)  : 656, 702
     .   : milestone, 679,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5347) - mean (188ms)  : 185, 192
     .   : milestone, 188,
    master - mean (188ms)  : 183, 193
     .   : milestone, 188,

    section CallTarget+Inlining+NGEN
    This PR (5347) - mean (1,079ms)  : 1054, 1105
     .   : milestone, 1079,
    master - mean (1,071ms)  : 1052, 1090
     .   : milestone, 1071,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5347) - mean (271ms)  : 266, 275
     .   : milestone, 271,
    master - mean (270ms)  : 263, 276
     .   : milestone, 270,

    section CallTarget+Inlining+NGEN
    This PR (5347) - mean (875ms)  : 848, 902
     .   : milestone, 875,
    master - mean (866ms)  : 844, 888
     .   : milestone, 866,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (5347) - mean (260ms)  : 257, 264
     .   : milestone, 260,
    master - mean (260ms)  : 254, 266
     .   : milestone, 260,

    section CallTarget+Inlining+NGEN
    This PR (5347) - mean (853ms)  : 828, 877
     .   : milestone, 853,
    master - mean (852ms)  : 826, 877
     .   : milestone, 852,

Loading

[andrewlock]

Benchmarks Report for tracer 🐌

Benchmarks for #5347 compared to master:

• 1 benchmarks are faster, with geometric mean 1.178
• All benchmarks have the same allocations

The following thresholds were used for comparing the benchmark speeds:

• Mann–Whitney U test with statistical test for significance of 5%
• Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.ActivityBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StartStopWithChild	net6.0	8.78μs	49ns	325ns	0.0176	0.0088	0	7.51 KB
master	StartStopWithChild	netcoreapp3.1	10.7μs	60.3ns	418ns	0.031	0.0155	0	7.6 KB
master	StartStopWithChild	net472	16.8μs	61.5ns	238ns	1.32	0.301	0.0835	8.04 KB
#5347	StartStopWithChild	net6.0	8.83μs	42ns	206ns	0.0267	0.0134	0	7.51 KB
#5347	StartStopWithChild	netcoreapp3.1	10.5μs	55ns	275ns	0.0259	0.0104	0	7.61 KB
#5347	StartStopWithChild	net472	16.9μs	60.1ns	233ns	1.33	0.32	0.0927	8.05 KB

Benchmarks.Trace.AgentWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	WriteAndFlushEnrichedTraces	net6.0	463μs	196ns	678ns	0	0	0	2.7 KB
master	WriteAndFlushEnrichedTraces	netcoreapp3.1	616μs	161ns	625ns	0	0	0	2.7 KB
master	WriteAndFlushEnrichedTraces	net472	804μs	274ns	1.06μs	0.401	0	0	3.3 KB
#5347	WriteAndFlushEnrichedTraces	net6.0	450μs	234ns	907ns	0	0	0	2.7 KB
#5347	WriteAndFlushEnrichedTraces	netcoreapp3.1	590μs	177ns	663ns	0	0	0	2.7 KB
#5347	WriteAndFlushEnrichedTraces	net472	817μs	217ns	841ns	0.406	0	0	3.3 KB

Benchmarks.Trace.AspNetCoreBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendRequest	net6.0	171μs	154ns	597ns	0.184	0	0	18.33 KB
master	SendRequest	netcoreapp3.1	193μs	240ns	928ns	0.193	0	0	20.49 KB
master	SendRequest	net472	0.000852ns	0.000448ns	0.00161ns	0	0	0	0 b
#5347	SendRequest	net6.0	171μs	242ns	937ns	0.255	0	0	18.33 KB
#5347	SendRequest	netcoreapp3.1	193μs	274ns	1.02μs	0.193	0	0	20.49 KB
#5347	SendRequest	net472	0.000482ns	0.000154ns	0.000554ns	0	0	0	0 b

Benchmarks.Trace.CIVisibilityProtocolWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	WriteAndFlushEnrichedTraces	net6.0	546μs	983ns	3.81μs	0.561	0	0	41.48 KB
master	WriteAndFlushEnrichedTraces	netcoreapp3.1	665μs	1.34μs	5.2μs	0.329	0	0	41.69 KB
master	WriteAndFlushEnrichedTraces	net472	870μs	3.69μs	14.3μs	8.13	2.57	0.428	53.25 KB
#5347	WriteAndFlushEnrichedTraces	net6.0	551μs	389ns	1.51μs	0.546	0	0	41.64 KB
#5347	WriteAndFlushEnrichedTraces	netcoreapp3.1	659μs	1.71μs	6.61μs	0.327	0	0	41.73 KB
#5347	WriteAndFlushEnrichedTraces	net472	884μs	4.31μs	18.8μs	8.25	2.6	0.434	53.22 KB

Benchmarks.Trace.DbCommandBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	ExecuteNonQuery	net6.0	1.17μs	0.623ns	2.41ns	0.0111	0	0	784 B
master	ExecuteNonQuery	netcoreapp3.1	1.58μs	5.33ns	20.6ns	0.0103	0	0	784 B
master	ExecuteNonQuery	net472	1.89μs	0.577ns	2.16ns	0.118	0	0	746 B
#5347	ExecuteNonQuery	net6.0	1.13μs	0.411ns	1.54ns	0.0113	0	0	784 B
#5347	ExecuteNonQuery	netcoreapp3.1	1.56μs	0.661ns	2.47ns	0.0108	0	0	784 B
#5347	ExecuteNonQuery	net472	1.89μs	0.778ns	2.91ns	0.118	0	0	746 B

Benchmarks.Trace.ElasticsearchBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	CallElasticsearch	net6.0	1.2μs	0.599ns	2.24ns	0.0138	0	0	1.01 KB
master	CallElasticsearch	netcoreapp3.1	1.62μs	0.769ns	2.98ns	0.0138	0	0	1.01 KB
master	CallElasticsearch	net472	2.58μs	2.45ns	9.47ns	0.162	0	0	1.02 KB
master	CallElasticsearchAsync	net6.0	1.47μs	1.39ns	5.19ns	0.0138	0	0	984 B
master	CallElasticsearchAsync	netcoreapp3.1	1.74μs	0.684ns	2.56ns	0.0138	0	0	1.06 KB
master	CallElasticsearchAsync	net472	2.56μs	1.96ns	7.59ns	0.17	0	0	1.08 KB
#5347	CallElasticsearch	net6.0	1.32μs	1.02ns	3.93ns	0.014	0	0	1.01 KB
#5347	CallElasticsearch	netcoreapp3.1	1.59μs	0.369ns	1.28ns	0.0136	0	0	1.01 KB
#5347	CallElasticsearch	net472	2.7μs	1.28ns	4.78ns	0.161	0	0	1.02 KB
#5347	CallElasticsearchAsync	net6.0	1.46μs	1.58ns	5.9ns	0.0141	0	0	984 B
#5347	CallElasticsearchAsync	netcoreapp3.1	1.67μs	0.67ns	2.51ns	0.0143	0	0	1.06 KB
#5347	CallElasticsearchAsync	net472	2.72μs	2.74ns	10.6ns	0.17	0	0	1.08 KB

Benchmarks.Trace.GraphQLBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	ExecuteAsync	net6.0	1.26μs	1.21ns	4.51ns	0.0127	0	0	928 B
master	ExecuteAsync	netcoreapp3.1	1.63μs	0.751ns	2.91ns	0.013	0	0	928 B
master	ExecuteAsync	net472	1.9μs	0.575ns	2.15ns	0.141	0	0	891 B
#5347	ExecuteAsync	net6.0	1.26μs	1.17ns	4.39ns	0.0132	0	0	928 B
#5347	ExecuteAsync	netcoreapp3.1	1.77μs	2.24ns	8.39ns	0.0122	0	0	928 B
#5347	ExecuteAsync	net472	1.9μs	1.3ns	5.02ns	0.142	0	0	891 B

Benchmarks.Trace.HttpClientBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendAsync	net6.0	4.24μs	1.91ns	7.14ns	0.0298	0	0	2.16 KB
master	SendAsync	netcoreapp3.1	5.06μs	2.59ns	10ns	0.0352	0	0	2.7 KB
master	SendAsync	net472	7.61μs	4.46ns	16.1ns	0.484	0	0	3.05 KB
#5347	SendAsync	net6.0	4.28μs	1.42ns	5.32ns	0.0301	0	0	2.16 KB
#5347	SendAsync	netcoreapp3.1	5.08μs	1.23ns	4.6ns	0.0355	0	0	2.7 KB
#5347	SendAsync	net472	7.78μs	4.04ns	15.6ns	0.481	0	0	3.05 KB

Benchmarks.Trace.ILoggerBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	1.46μs	0.675ns	2.62ns	0.0228	0	0	1.65 KB
master	EnrichedLog	netcoreapp3.1	2.19μs	0.863ns	3.23ns	0.0227	0	0	1.65 KB
master	EnrichedLog	net472	2.68μs	2.41ns	9.35ns	0.249	0	0	1.57 KB
#5347	EnrichedLog	net6.0	1.48μs	0.82ns	2.96ns	0.0236	0	0	1.65 KB
#5347	EnrichedLog	netcoreapp3.1	2.15μs	1.9ns	7.09ns	0.0225	0	0	1.65 KB
#5347	EnrichedLog	net472	2.66μs	1.22ns	4.58ns	0.249	0	0	1.57 KB

Benchmarks.Trace.Log4netBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	111μs	77.8ns	301ns	0.0556	0	0	4.23 KB
master	EnrichedLog	netcoreapp3.1	119μs	287ns	1.11μs	0.0591	0	0	4.23 KB
master	EnrichedLog	net472	148μs	151ns	566ns	0.665	0.222	0	4.41 KB
#5347	EnrichedLog	net6.0	114μs	121ns	469ns	0.0563	0	0	4.23 KB
#5347	EnrichedLog	netcoreapp3.1	118μs	196ns	759ns	0.059	0	0	4.23 KB
#5347	EnrichedLog	net472	148μs	108ns	404ns	0.664	0.221	0	4.41 KB

Benchmarks.Trace.NLogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	3.02μs	1.21ns	4.35ns	0.0316	0	0	2.21 KB
master	EnrichedLog	netcoreapp3.1	4.15μs	2.14ns	8.27ns	0.0288	0	0	2.21 KB
master	EnrichedLog	net472	4.82μs	3.46ns	13.4ns	0.321	0	0	2.02 KB
#5347	EnrichedLog	net6.0	3.2μs	0.892ns	3.46ns	0.0303	0	0	2.21 KB
#5347	EnrichedLog	netcoreapp3.1	4.24μs	1.85ns	6.93ns	0.0296	0	0	2.21 KB
#5347	EnrichedLog	net472	4.95μs	1.82ns	6.82ns	0.321	0	0	2.02 KB

Benchmarks.Trace.RedisBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendReceive	net6.0	1.45μs	0.621ns	2.24ns	0.0167	0	0	1.18 KB
master	SendReceive	netcoreapp3.1	1.79μs	0.434ns	1.56ns	0.016	0	0	1.18 KB
master	SendReceive	net472	2.18μs	1.17ns	4.55ns	0.187	0	0	1.18 KB
#5347	SendReceive	net6.0	1.43μs	1.1ns	4.28ns	0.0165	0	0	1.18 KB
#5347	SendReceive	netcoreapp3.1	1.94μs	0.748ns	2.8ns	0.0155	0	0	1.18 KB
#5347	SendReceive	net472	2.28μs	0.749ns	2.8ns	0.187	0	0	1.18 KB

Benchmarks.Trace.SerilogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	2.76μs	0.804ns	2.78ns	0.0221	0	0	1.55 KB
master	EnrichedLog	netcoreapp3.1	3.86μs	2.09ns	8.1ns	0.0214	0	0	1.6 KB
master	EnrichedLog	net472	4.51μs	3.37ns	13.1ns	0.315	0	0	1.99 KB
#5347	EnrichedLog	net6.0	2.91μs	1ns	3.88ns	0.0219	0	0	1.55 KB
#5347	EnrichedLog	netcoreapp3.1	3.86μs	1.63ns	6.3ns	0.0212	0	0	1.6 KB
#5347	EnrichedLog	net472	4.43μs	2.22ns	8.59ns	0.316	0	0	1.99 KB

Benchmarks.Trace.SpanBenchmark - Faster 🎉 Same allocations ✔️

Faster 🎉 in #5347

Benchmark	base/diff	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.SpanBenchmark.StartFinishScope‑net6.0	1.178	685.08	581.48

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StartFinishSpan	net6.0	464ns	0.309ns	1.16ns	0.00761	0	0	552 B
master	StartFinishSpan	netcoreapp3.1	685ns	0.576ns	2.16ns	0.0072	0	0	552 B
master	StartFinishSpan	net472	803ns	1.01ns	3.64ns	0.0879	0	0	554 B
master	StartFinishScope	net6.0	685ns	0.886ns	3.43ns	0.00959	0	0	672 B
master	StartFinishScope	netcoreapp3.1	872ns	0.722ns	2.8ns	0.00878	0	0	672 B
master	StartFinishScope	net472	977ns	1.28ns	4.95ns	0.1	0	0	634 B
#5347	StartFinishSpan	net6.0	483ns	0.63ns	2.44ns	0.00784	0	0	552 B
#5347	StartFinishSpan	netcoreapp3.1	663ns	1.22ns	4.72ns	0.00724	0	0	552 B
#5347	StartFinishSpan	net472	751ns	1.42ns	5.51ns	0.0879	0	0	554 B
#5347	StartFinishScope	net6.0	581ns	0.697ns	2.7ns	0.00944	0	0	672 B
#5347	StartFinishScope	netcoreapp3.1	892ns	3.36ns	13ns	0.00925	0	0	672 B
#5347	StartFinishScope	net472	916ns	1.68ns	6.52ns	0.101	0	0	634 B

Benchmarks.Trace.TraceAnnotationsBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	RunOnMethodBegin	net6.0	750ns	0.672ns	2.6ns	0.00945	0	0	672 B
master	RunOnMethodBegin	netcoreapp3.1	943ns	0.716ns	2.58ns	0.00918	0	0	672 B
master	RunOnMethodBegin	net472	1.1μs	1.29ns	4.99ns	0.101	0	0	634 B
#5347	RunOnMethodBegin	net6.0	721ns	0.675ns	2.61ns	0.00935	0	0	672 B
#5347	RunOnMethodBegin	netcoreapp3.1	961ns	1.65ns	6.38ns	0.00897	0	0	672 B
#5347	RunOnMethodBegin	net472	1.03μs	1.17ns	4.53ns	0.1	0	0	634 B

[andrewlock]

Benchmarks Report for appsec 🐌

Benchmarks for #5347 compared to master:

• 1 benchmarks are faster, with geometric mean 1.294
• 2 benchmarks have fewer allocations
• 1 benchmarks have more allocations

The following thresholds were used for comparing the benchmark speeds:

• Mann–Whitney U test with statistical test for significance of 5%
• Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.Asm.AppSecBodyBenchmark - Faster 🎉 Same allocations ✔️

Faster 🎉 in #5347

Benchmark	base/diff	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.Asm.AppSecBodyBenchmark.ObjectExtractorSimpleBody‑netcoreapp3.1	1.294	255.94	197.75

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	AllCycleSimpleBody	net6.0	578ns	0.422ns	1.63ns	0.0153	0	0	1.08 KB
master	AllCycleSimpleBody	netcoreapp3.1	858ns	0.494ns	1.91ns	0.0146	0	0	1.06 KB
master	AllCycleSimpleBody	net472	690ns	0.214ns	0.802ns	0.174	0.000347	0	1.1 KB
master	AllCycleMoreComplexBody	net6.0	3.51μs	2.26ns	8.77ns	0.065	0	0	4.58 KB
master	AllCycleMoreComplexBody	netcoreapp3.1	4.76μs	2.38ns	9.2ns	0.0597	0	0	4.48 KB
master	AllCycleMoreComplexBody	net472	4.33μs	4.21ns	16.3ns	0.732	0.00864	0	4.61 KB
master	ObjectExtractorSimpleBody	net6.0	142ns	0.102ns	0.394ns	0.00393	0	0	280 B
master	ObjectExtractorSimpleBody	netcoreapp3.1	256ns	0.131ns	0.509ns	0.00371	0	0	272 B
master	ObjectExtractorSimpleBody	net472	174ns	0.263ns	1.02ns	0.0446	0	0	281 B
master	ObjectExtractorMoreComplexBody	net6.0	3.08μs	1.26ns	4.72ns	0.0526	0	0	3.78 KB
master	ObjectExtractorMoreComplexBody	netcoreapp3.1	4.04μs	2.63ns	10.2ns	0.0503	0	0	3.69 KB
master	ObjectExtractorMoreComplexBody	net472	4.2μs	2.86ns	10.7ns	0.602	0.00627	0	3.8 KB
#5347	AllCycleSimpleBody	net6.0	548ns	0.496ns	1.86ns	0.0152	0	0	1.08 KB
#5347	AllCycleSimpleBody	netcoreapp3.1	819ns	0.901ns	3.49ns	0.0144	0	0	1.06 KB
#5347	AllCycleSimpleBody	net472	624ns	0.273ns	1.06ns	0.175	0.000313	0	1.1 KB
#5347	AllCycleMoreComplexBody	net6.0	3.64μs	2.06ns	7.98ns	0.0635	0	0	4.58 KB
#5347	AllCycleMoreComplexBody	netcoreapp3.1	4.77μs	3.26ns	12.2ns	0.0614	0	0	4.48 KB
#5347	AllCycleMoreComplexBody	net472	4.37μs	2.33ns	9.04ns	0.731	0.00873	0	4.61 KB
#5347	ObjectExtractorSimpleBody	net6.0	139ns	0.155ns	0.601ns	0.00393	0	0	280 B
#5347	ObjectExtractorSimpleBody	netcoreapp3.1	198ns	0.142ns	0.549ns	0.00369	0	0	272 B
#5347	ObjectExtractorSimpleBody	net472	167ns	0.0846ns	0.305ns	0.0446	0	0	281 B
#5347	ObjectExtractorMoreComplexBody	net6.0	3.1μs	1.86ns	6.95ns	0.0525	0	0	3.78 KB
#5347	ObjectExtractorMoreComplexBody	netcoreapp3.1	4.06μs	5.76ns	20.8ns	0.0509	0	0	3.69 KB
#5347	ObjectExtractorMoreComplexBody	net472	3.84μs	2.06ns	7.98ns	0.602	0.00578	0	3.8 KB

Benchmarks.Trace.Asm.AppSecWafBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	RunWafRealisticBenchmark	net6.0	187μs	82.7ns	320ns	0	0	0	6.51 KB
master	RunWafRealisticBenchmark	netcoreapp3.1	205μs	687ns	2.57μs	0	0	0	6.49 KB
master	RunWafRealisticBenchmark	net472	222μs	58.4ns	202ns	1.02	0	0	6.59 KB
master	RunWafRealisticBenchmarkWithAttack	net6.0	125μs	331ns	1.28μs	0	0	0	4.15 KB
master	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	133μs	144ns	498ns	0	0	0	4.14 KB
master	RunWafRealisticBenchmarkWithAttack	net472	147μs	125ns	468ns	0.656	0	0	4.19 KB
#5347	RunWafRealisticBenchmark	net6.0	189μs	333ns	1.29μs	0	0	0	6.51 KB
#5347	RunWafRealisticBenchmark	netcoreapp3.1	205μs	295ns	1.14μs	0	0	0	6.49 KB
#5347	RunWafRealisticBenchmark	net472	226μs	446ns	1.73μs	1.02	0	0	6.59 KB
#5347	RunWafRealisticBenchmarkWithAttack	net6.0	124μs	56.8ns	220ns	0	0	0	4.15 KB
#5347	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	134μs	157ns	588ns	0	0	0	4.14 KB
#5347	RunWafRealisticBenchmarkWithAttack	net472	146μs	168ns	650ns	0.655	0	0	4.19 KB

Benchmarks.Trace.Iast.StringAspectsBenchmark - Same speed ✔️ More allocations ⚠️

More allocations ⚠️ in #5347

Benchmark	Base Allocated	Diff Allocated	Change	Change %
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑netcoreapp3.1	202.09 KB	203.55 KB	1.46 KB	0.72%

Fewer allocations 🎉 in #5347

Benchmark	Base Allocated	Diff Allocated	Change	Change %
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑net6.0	205.27 KB	203.57 KB	-1.7 KB	-0.83%
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatBenchmark‑net472	62.2 KB	59.07 KB	-3.13 KB	-5.03%

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StringConcatBenchmark	net6.0	60.1μs	656ns	6.4μs	0	0	0	43.44 KB
master	StringConcatBenchmark	netcoreapp3.1	61.7μs	894ns	8.76μs	0	0	0	42.64 KB
master	StringConcatBenchmark	net472	37.6μs	148ns	553ns	0	0	0	62.2 KB
master	StringConcatAspectBenchmark	net6.0	298μs	1.65μs	11.5μs	0	0	0	205.27 KB
master	StringConcatAspectBenchmark	netcoreapp3.1	307μs	1.64μs	8.38μs	0	0	0	202.09 KB
master	StringConcatAspectBenchmark	net472	263μs	4.63μs	44.9μs	0	0	0	221.18 KB
#5347	StringConcatBenchmark	net6.0	53.1μs	198ns	715ns	0	0	0	43.44 KB
#5347	StringConcatBenchmark	netcoreapp3.1	58.7μs	694ns	6.8μs	0	0	0	42.64 KB
#5347	StringConcatBenchmark	net472	38.5μs	136ns	472ns	0	0	0	59.07 KB
#5347	StringConcatAspectBenchmark	net6.0	287μs	1.49μs	8.7μs	0	0	0	203.57 KB
#5347	StringConcatAspectBenchmark	netcoreapp3.1	319μs	1.78μs	11.6μs	0	0	0	203.55 KB
#5347	StringConcatAspectBenchmark	net472	259μs	4.28μs	40.1μs	0	0	0	221.18 KB

[NachoEchevarria]

LGTM.

[daniel-romano-DD]

Nice work, with a little NIT. Thanks a lot.