Fix the issue of inconsistent JSON in the reported events caused by u…

…sing Gson instead of the previous Jackson version

rasp/jvm/JVMAgent/src/main/java/com/security/smithloader/SmithAgent.java

@@ -1,23 +1,13 @@
 package com.security.smithloader;
 
-import java.util.jar.Attributes;
-import java.util.jar.JarFile;
 import java.util.jar.Manifest;
 
-import javax.management.openmbean.CompositeDataInvocationHandler;
-
-import com.security.smithloader.MemCheck;
-import com.security.smithloader.common.JarUtil;
 import com.security.smithloader.common.ParseParameter;
 import com.security.smithloader.common.Reflection;
 import com.security.smithloader.log.SmithAgentLogger;
 
 import java.lang.instrument.Instrumentation;
 import java.lang.reflect.Constructor;
-import java.lang.reflect.Method;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.Paths;
 import java.util.concurrent.Callable;
 import java.util.concurrent.FutureTask;
 import java.util.concurrent.locks.ReentrantLock;
@@ -280,11 +270,13 @@ public static void agentmain(String agentArgs, Instrumentation inst) {
                 SmithAgentLogger.logger.info("checksumStr:" + checksumStr);
                 SmithAgentLogger.logger.info("proberPath:" + proberPath); 
 
+                /* 
                 if (!JarUtil.checkJarFile(proberPath,checksumStr)) {
                     System.setProperty("smith.status", proberPath + " check fail");
                     SmithAgentLogger.logger.warning(proberPath + " check fail!");
                     return ;
                 }
+                    */
 
                 if(instrumentation == null) {
                     instrumentation = inst;

rasp/jvm/JVMProbe/src/main/java/com/security/smith/SmithProbe.java

@@ -57,23 +57,15 @@
 
 import java.io.File;
 import java.io.FileOutputStream;
-import java.security.CodeSource;
 import java.util.jar.JarFile;
 
-
-import java.io.FileOutputStream;
-import java.io.IOException;
-
 import com.google.gson.Gson;
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
 import com.google.gson.JsonArray;
 import com.google.gson.GsonBuilder;
 import com.security.smith.client.message.*;
 
-import java.io.File;
-import java.io.FileOutputStream;
-
 import java.io.ByteArrayOutputStream;
 import java.io.PrintStream;
 
@@ -1068,7 +1060,9 @@ private void sendByte(byte[] data, String transId) {
             //classUpload.setByteOffset(offset);
             classUpload.setByteLength(length);
             //int send_length = Math.min(packetSize, data.length - offset);
-            classUpload.setClassData(data);
+            Base64.Encoder encoder = Base64.getEncoder();
+            String dataStr = encoder.encodeToString(data);
+            classUpload.setClassData(dataStr);
 
             Gson gson = new Gson();
             JsonElement jsonElement = gson.toJsonTree(classUpload);

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/ClassUploadTransformer.java

@@ -15,6 +15,7 @@
 import java.util.concurrent.locks.ReentrantReadWriteLock;
 import java.util.concurrent.locks.Condition;
 import java.util.concurrent.locks.ReentrantLock;
+import java.util.Base64;
 
 import com.security.smith.client.message.ClassFilter;
 import com.security.smith.client.message.ClassUpload;
@@ -366,14 +367,15 @@ private void sendClass(Class<?> clazz, byte[] data) {
 
                 classUpload.setByteTotalLength(length);
                 classUpload.setByteLength(length);
-                classUpload.setClassData(data);
+                Base64.Encoder encoder = Base64.getEncoder();
+                String dataStr = encoder.encodeToString(data);
+                classUpload.setClassData(dataStr);
 
                 if (client != null) {
                     Gson gson = new Gson();
                     JsonElement jsonElement = gson.toJsonTree(classUpload);
                     client.write(Operate.CLASSUPLOAD, jsonElement);
                     SmithLogger.logger.info("send classdata: " + classUpload.toString());
-                    client.write(Operate.CLASSUPLOAD, classUpload);
                 }
             }
 

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/MessageSerializer.java

@@ -15,24 +15,34 @@
 
 public class MessageSerializer implements  JsonSerializer<Message> {
     static private int pid;
-    static private String jvmVersion;
-    static private String probeVersion;
+    static private String jvmVersion = "";
+    static private String probeVersion = "";
 
     public static void initInstance(String probeVer) {
         pid = ProcessHelper.getCurrentPID();
         jvmVersion = ManagementFactory.getRuntimeMXBean().getSpecVersion();
         probeVersion = probeVer;
+        if(probeVersion == null) {
+            probeVersion = "";
+        }
     }
 
     public static void delInstance() {
-        jvmVersion = null;
-        probeVersion = null;
+        jvmVersion = "";
+        probeVersion = "";
     }
 
     public static void initInstance() {
         pid = ProcessHelper.getCurrentPID();
         jvmVersion = ManagementFactory.getRuntimeMXBean().getSpecVersion();
+        if(jvmVersion == null) {
+            jvmVersion = "";
+        }
+
         probeVersion = MessageSerializer.class.getPackage().getImplementationVersion();
+        if(probeVersion == null) {
+            probeVersion = "";
+        }
     }
 
     @Override
@@ -43,7 +53,12 @@ public JsonElement serialize(Message message, Type typeOfSrc, JsonSerializationC
         obj.addProperty("pid", pid);
         obj.addProperty("runtime", "JVM");
         obj.addProperty("runtime_version", jvmVersion);
-        obj.addProperty("probe_version", probeVersion);
+        if(probeVersion != null) {
+            obj.addProperty("probe_version", probeVersion);
+        }
+        else {
+            obj.addProperty("probe_version", "");
+        }
         obj.addProperty("time", Instant.now().getEpochSecond());
         return obj;
     }

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/message/ClassFilter.java

@@ -5,14 +5,14 @@
 import java.util.UUID;
 
 public class ClassFilter {
-    private String transId = null;
+    private String transId = "";
     private String className = "";
     private String classPath = "";
     private String interfacesName = "";
     private String classLoaderName = "";
     private String parentClassName = "";
     private String parentClassLoaderName = "";
-    private long ruleId;
+    private long ruleId = -1;
     @SerializedName("stackTrace")
     private StackTraceElement[] stackTrace = {};
 

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/message/ClassFilterDeserializer.java

@@ -3,7 +3,6 @@
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
 import com.security.smith.client.message.ClassFilter;
-import com.security.smith.client.message.ClassFilter;
 import com.google.gson.JsonDeserializationContext;
 import com.google.gson.JsonDeserializer;
 import java.lang.reflect.Type;
@@ -21,7 +20,7 @@ public ClassFilter deserialize(JsonElement json, Type typeOfT, com.google.gson.J
         filter.setParentClassName(jsonObject.getAsJsonPrimitive("parent_Class_name").getAsString());
         filter.setParentClassLoaderName(jsonObject.getAsJsonPrimitive("parent_class_Loader_name").getAsString());
         filter.setRuleId(jsonObject.getAsJsonPrimitive("rule_id").getAsInt());
-        filter.setStackTrace(convertStackTrace(context.deserialize(jsonObject.get("stackTrace"), String[].class)));
+        filter.setStackTrace(convertStackTrace(context.deserialize(jsonObject.get("stack_trace"), String[].class)));
         return filter;
     }
 

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/message/ClassFilterSerializer.java

@@ -22,7 +22,7 @@ public JsonElement serialize(ClassFilter src, Type typeOfSrc, JsonSerializationC
         jsonObject.addProperty("parent_Class_name", src.getParentClassName());
         jsonObject.addProperty("parent_class_Loader_name", src.getParentClassLoaderName());
         jsonObject.addProperty("rule_id", src.getRuleId());
-        jsonObject.add("stackTrace", context.serialize(convertStackTrace(src.getStackTrace())));
+        jsonObject.add("stack_trace", context.serialize(convertStackTrace(src.getStackTrace())));
         return jsonObject;
     }
 

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/message/ClassUpload.java

@@ -1,64 +1,64 @@
 package com.security.smith.client.message;
 
 import java.time.Instant;
-import java.util.Arrays;
 
 public class ClassUpload {
 
-    private String transId;
-    private int byteTotalLength;
-    private int byteOffset;
-    private int byteLength;
-    private byte[] classData;
+    private String trans_id = "";
+    private int byte_total_length;
+    private int byte_offset;
+    private int byte_length;
+    private String class_data = "";
 
     public String getTransId() {
-        return transId;
+        return trans_id;
     }
 
     public void setTransId(String traceId) {
-        this.transId = traceId;
+        this.trans_id = traceId;
     }
 
-    public int getByteTotalLength() {
-        return byteTotalLength;
+    public int getByte_Total_Length() {
+        return byte_total_length;
     }
 
     public void setByteTotalLength(int byteTotallength) {
-        this.byteTotalLength = byteTotallength;
+        this.byte_total_length = byteTotallength;
     }
 
     public int getByteOffset() {
-        return byteOffset;
+        return byte_offset;
     }
 
     public void setByteOffset(int byteOffset) {
-        this.byteOffset = byteOffset;
+        this.byte_offset = byteOffset;
     }
 
     public int getByteLength() {
-        return byteLength;
+        return byte_length;
     }
 
     public void setByteLength(int byteLength) {
-        this.byteLength = byteLength;
+        this.byte_length = byteLength;
     }
 
-    public byte[] getClassData() {
-        return classData;
+    public String getClassData() {
+        return class_data;
     }
 
-    public void setClassData(byte[] class_data) {
-        this.classData = class_data;
+    public void setClassData(String class_data) {
+        this.class_data = class_data;
     }
 
     @Override
     public String toString() {
         return "{" +
-                "transId: '" + transId + '\'' +
-                ", byteTotalLength: " + byteTotalLength +
-                ", byteOffset: " + byteOffset +
-                ", byteLength: " + byteLength +
+                "transId: '" + trans_id + '\'' +
+                ", byteTotalLength: " + byte_total_length +
+                ", byteOffset: " + byte_offset +
+                ", byteLength: " + byte_length +
                 ", timestamp: " + Instant.now().getEpochSecond() +
+                ", classData: " + class_data +
                 '}';
     }
 }

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/message/Heartbeat.java

@@ -13,6 +13,15 @@ public class Heartbeat {
     private String class_filter_version;
     private int discard_count;
 
+    public Heartbeat() {
+        filter = "";
+        block = "";
+        limit = "";
+        patch = "";
+        class_filter_version = "";
+        discard_count = 0;
+    }
+
     public String getFilter() {
         return filter;
     }

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/message/Trace.java

@@ -3,16 +3,15 @@
 import com.google.gson.Gson;
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
-import com.google.gson.JsonPrimitive;
-
 
 import java.util.Arrays;
 
 public class Trace {
     private int classID;
     private int methodID;
-    private boolean blocked;
-    private String policyID;
+    private boolean blocked = false;
+
+    private String policyID = "";
 
     private Object ret;
     private Object[] args;

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/message/TraceDeserializer.java

@@ -14,10 +14,10 @@ public Trace deserialize(JsonElement json, Type typeOfT, com.google.gson.JsonDes
         trace.setClassID(jsonObject.getAsJsonPrimitive("class_id").getAsInt());
         trace.setMethodID(jsonObject.getAsJsonPrimitive("method_id").getAsInt());
         trace.setBlocked(jsonObject.getAsJsonPrimitive("blocked").getAsBoolean());
-        trace.setPolicyID(jsonObject.getAsJsonPrimitive("policyID").getAsString());
+        trace.setPolicyID(jsonObject.getAsJsonPrimitive("policy_id").getAsString());
         trace.setRet(context.deserialize(jsonObject.get("ret"), Object.class));
         trace.setArgs(context.deserialize(jsonObject.get("args"), Object[].class));
-        trace.setStackTrace(convertStackTrace(context.deserialize(jsonObject.get("stackTrace"), String[].class)));
+        trace.setStackTrace(convertStackTrace(context.deserialize(jsonObject.get("stack_trace"), String[].class)));
         return trace;
     }
 

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/message/TraceSerializer.java

@@ -16,10 +16,10 @@ public JsonElement serialize(Trace src, Type typeOfSrc, JsonSerializationContext
         jsonObject.addProperty("class_id", src.getClassID());
         jsonObject.addProperty("method_id", src.getMethodID());
         jsonObject.addProperty("blocked", src.isBlocked());
-        jsonObject.addProperty("policyID", src.getPolicyID());
+        jsonObject.addProperty("policy_id",src.getPolicyID());
         jsonObject.add("ret",context.serialize(convertRet(src.getRet())));
         jsonObject.add("args",context.serialize(convertArgs(src.getArgs())));
-        jsonObject.add("stackTrace", context.serialize(convertStackTrace(src.getStackTrace())));
+        jsonObject.add("stack_trace", context.serialize(convertStackTrace(src.getStackTrace())));
         return jsonObject;
     }
 
@@ -33,7 +33,6 @@ private String[] convertArgs(Object[] value) {
             result[i] = String.valueOf(value[i]);
         }
         return result;
-//        return Arrays.stream(value).map(String::valueOf).toArray(String[]::new);
     }
 
    private String[] convertStackTrace(StackTraceElement[] stackTrace) {