diff --git a/tracer/src/Datadog.Trace/Iast/IastModule.cs b/tracer/src/Datadog.Trace/Iast/IastModule.cs index 5532cbeb79ea..16e6d5bf6c15 100644 --- a/tracer/src/Datadog.Trace/Iast/IastModule.cs +++ b/tracer/src/Datadog.Trace/Iast/IastModule.cs @@ -375,7 +375,7 @@ private static string BuildCommandInjectionEvidence(string file, string argument [MethodImpl(MethodImplOptions.AggressiveInlining)] internal static int GetCookieHash(string vulnerability, string cookieName, bool isFiltered) { - return (vulnerability.ToString() + ":" + (isFiltered ? "Filtered" : cookieName)).GetStaticHashCode(); + return (isFiltered ? ("FILTERED_" + vulnerability) : (vulnerability + ":" + cookieName)).GetStaticHashCode(); } public static IastModuleResponse OnInsecureCookie(IntegrationId integrationId, string cookieName, bool isFiltered) diff --git a/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/HashTests.cs b/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/HashTests.cs index 17b762ef861d..2baad1f13524 100644 --- a/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/HashTests.cs +++ b/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/HashTests.cs @@ -64,4 +64,16 @@ public void GivenAKownVulnerability_WhenCalculatedHash_ValueIsExpected(string vu var hashCode = vulnerability.GetHashCode(); Assert.Equal(expectedHash, hashCode); } + + [Theory] + [InlineData(VulnerabilityTypeName.InsecureCookie, "AspNetCoreRateLimit.RateLimitProcessor", false, -304624042)] + [InlineData(VulnerabilityTypeName.InsecureCookie, "AspNetCoreRateLimit.RateLimitProcessor", true, 990913114)] + [InlineData(VulnerabilityTypeName.InsecureCookie, "AspNetCore.Views_Iast_ReflectedXss+<b__8_1>d", true, 990913114)] + [InlineData(VulnerabilityTypeName.NoSameSiteCookie, "AspNetCore.Views_Iast_ReflectedXss+<b__8_1>d", false, 1003850134)] + [InlineData(VulnerabilityTypeName.NoSameSiteCookie, "AspNetCore.Views_Iast_ReflectedXss+<b__8_1>d", true, -636226626)] + [InlineData(VulnerabilityTypeName.NoSameSiteCookie, "AspNetCoreRateLimit.RateLimitProcessor", true, -636226626)] + public void GivenACookie_WhenCalculatedHash_ValueIsExpected(string vulnName, string cookieName, bool isFiltered, int hash) + { + IastModule.GetCookieHash(vulnName, cookieName, isFiltered).Should().Be(hash); + } } diff --git a/tracer/test/snapshots/Iast.AspNetCore5.enableIast=True.path =_Iast_AllVulnerabilitiesCookie.verified.txt b/tracer/test/snapshots/Iast.AspNetCore5.enableIast=True.path =_Iast_AllVulnerabilitiesCookie.verified.txt index e3280ec3289f..bd02eb697cb8 100644 --- a/tracer/test/snapshots/Iast.AspNetCore5.enableIast=True.path =_Iast_AllVulnerabilitiesCookie.verified.txt +++ b/tracer/test/snapshots/Iast.AspNetCore5.enableIast=True.path =_Iast_AllVulnerabilitiesCookie.verified.txt @@ -47,63 +47,63 @@ }, { "type": "NO_SAMESITE_COOKIE", - "hash": -1837181716, + "hash": -636226626, "evidence": { "value": "LongCookie.abcdefghijklmnopqrstuvwxyz0123456789.0" } }, { "type": "NO_HTTPONLY_COOKIE", - "hash": 1990393425, + "hash": -60481650, "evidence": { "value": "LongCookie.abcdefghijklmnopqrstuvwxyz0123456789.0" } }, { "type": "INSECURE_COOKIE", - "hash": 1170867602, + "hash": 990913114, "evidence": { "value": "LongCookie.abcdefghijklmnopqrstuvwxyz0123456789.0" } }, { "type": "NO_SAMESITE_COOKIE", - "hash": -1837181716, + "hash": -636226626, "evidence": { "value": "LongCookie.abcdefghijklmnopqrstuvwxyz0123456789.1" } }, { "type": "NO_HTTPONLY_COOKIE", - "hash": 1990393425, + "hash": -60481650, "evidence": { "value": "LongCookie.abcdefghijklmnopqrstuvwxyz0123456789.1" } }, { "type": "INSECURE_COOKIE", - "hash": 1170867602, + "hash": 990913114, "evidence": { "value": "LongCookie.abcdefghijklmnopqrstuvwxyz0123456789.1" } }, { "type": "NO_SAMESITE_COOKIE", - "hash": -1837181716, + "hash": -636226626, "evidence": { "value": "LongCookie.abcdefghijklmnopqrstuvwxyz0123456789.2" } }, { "type": "NO_HTTPONLY_COOKIE", - "hash": 1990393425, + "hash": -60481650, "evidence": { "value": "LongCookie.abcdefghijklmnopqrstuvwxyz0123456789.2" } }, { "type": "INSECURE_COOKIE", - "hash": 1170867602, + "hash": 990913114, "evidence": { "value": "LongCookie.abcdefghijklmnopqrstuvwxyz0123456789.2" }