package com.ar3h.chains.web.jndi.core;

import java.security.Permission;
import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.Callable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/classes/com/ar3h/chains/web/jndi/core/JndiSecurityManager.class */
public class JndiSecurityManager extends SecurityManager {
    int limitLength = 44;
    private static final Logger log = LoggerFactory.getLogger((Class<?>) JndiSecurityManager.class);
    public static List<String> writePath = new ArrayList();
    public static List<String> whiteExtList = new ArrayList();

    public boolean checkPathPermissionList(String str) {
        if (str == null) {
            return true;
        }
        log.info("Check Path Permission: {}", str);
        if (str.contains("..")) {
            return false;
        }
        if (whiteExtList.stream().anyMatch(str2 -> {
            return str.endsWith(str2);
        })) {
            return true;
        }
        return writePath.stream().anyMatch(str3 -> {
            return str.startsWith(str3);
        });
    }

    @Override // java.lang.SecurityManager
    public void checkRead(String str) {
        super.checkRead(str);
        if (str == null || !str.contains("..")) {
            return;
        }
        log.error("!!! trying to read file: " + str);
        throw new SecurityException(str + " doesn't have permission");
    }

    @Override // java.lang.SecurityManager
    public void checkWrite(String str) {
        super.checkWrite(str);
        if (checkPathPermissionList(str)) {
            return;
        }
        log.error("!!! trying to write file: " + str);
        throw new SecurityException(str + " doesn't have permission");
    }

    @Override // java.lang.SecurityManager
    public void checkDelete(String str) {
        if (checkPathPermissionList(str)) {
            return;
        }
        log.error("!!! trying to delete file: " + str);
        throw new SecurityException(str + " doesn't have permission");
    }

    @Override // java.lang.SecurityManager
    public void checkExec(String str) {
        log.error("!!! trying to exec command: " + str);
        throw new SecurityException(str + " execution is not allowed");
    }

    @Override // java.lang.SecurityManager
    public void checkConnect(String str, int i) {
        log.error("!!! trying to connect to: " + str + ":" + i);
        throw new SecurityException("Network connections are not allowed");
    }

    @Override // java.lang.SecurityManager
    public void checkAccept(String str, int i) {
        log.warn("trying to accept connection from: " + str + ":" + i);
    }

    @Override // java.lang.SecurityManager
    public void checkPermission(Permission permission) {
        if (!"setSecurityManager".equals(permission.getName()) || isInitializing()) {
        }
    }

    @Override // java.lang.SecurityManager
    public void checkPermission(Permission permission, Object obj) {
        checkPermission(permission);
    }

    public static <T> T callWrapped(Callable<T> callable, SecurityManager securityManager) throws Exception {
        SecurityManager securityManager2 = System.getSecurityManager();
        if (securityManager != null) {
            System.setSecurityManager(securityManager);
        }
        try {
            T call = callable.call();
            System.setSecurityManager(securityManager2);
            return call;
        } catch (Throwable th) {
            System.setSecurityManager(securityManager2);
            throw th;
        }
    }

    private boolean isInitializing() {
        return Thread.currentThread().getStackTrace().length < 20;
    }

    static {
        whiteExtList.add(".log");
        whiteExtList.add(".jks");
        writePath.add("./logs/date");
        writePath.add("./logs/token");
    }
}
