Skip to content

Do not skip ErrorReportValve.report in any case#7489

Merged
smola merged 3 commits intomasterfrom
smola/do-not-skip-original-method-on-stacktraceleak-detection
Aug 22, 2024
Merged

Do not skip ErrorReportValve.report in any case#7489
smola merged 3 commits intomasterfrom
smola/do-not-skip-original-method-on-stacktraceleak-detection

Conversation

@smola
Copy link
Copy Markdown
Member

@smola smola commented Aug 22, 2024
edited
Loading

What Does This Do

Initial advice skipped the original method on <400 http status code and responses not marked as errors. But we should not be changing the original behavior by default.

Motivation

Ensure we do not change original application behavior by default, we should be passive unless blocking a request.

Additional Notes

Contributor Checklist

smola added 2 commits August 22, 2024 09:45
@smola
Suppress internal exceptions in tomcat stacktraceleak detection
b440771
@smola
Do not skip ErrorReportValve.report in any case
666e175 
Initial advice skipped the original method on <400 http status code and
responses not marked as errors. But we should not be changing the
original behavior by default.
@smola smola added type: bug Bug report and fix comp: asm iast Application Security Management (IAST) labels Aug 22, 2024
@pr-commenter
Copy link
Copy Markdown

pr-commenter Bot commented Aug 22, 2024
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/do-not-skip-original-method-on-stacktraceleak-detection
git_commit_date 1724333288 1724333347
git_commit_sha 44f9079 0563d00
release_version 1.39.0-SNAPSHOT~44f907944c 1.39.0-SNAPSHOT~0563d00e24
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1724335698 1724335698
ci_job_id 613737252 613737252
ci_pipeline_id 42557945 42557945
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 47 metrics, 16 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.39.0-SNAPSHOT~0563d00e24, baseline=1.39.0-SNAPSHOT~44f907944c

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.057 s) : 0, 1056902
Total [baseline] (8.487 s) : 0, 8486568
Agent [candidate] (1.044 s) : 0, 1043815
Total [candidate] (8.469 s) : 0, 8468710
section iast
Agent [baseline] (1.17 s) : 0, 1169862
Total [baseline] (8.935 s) : 0, 8934988
Agent [candidate] (1.172 s) : 0, 1171620
Total [candidate] (8.941 s) : 0, 8940856
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.174 s) : 0, 1174246
Total [baseline] (8.917 s) : 0, 8916607
Agent [candidate] (1.171 s) : 0, 1170569
Total [candidate] (8.963 s) : 0, 8962734
section iast_TELEMETRY_OFF
Agent [baseline] (1.169 s) : 0, 1168584
Total [baseline] (8.938 s) : 0, 8938103
Agent [candidate] (1.166 s) : 0, 1166183
Total [candidate] (8.928 s) : 0, 8927916
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.057 s -
Agent iast 1.17 s 112.96 ms (10.7%)
Agent iast_HARDCODED_SECRET_DISABLED 1.174 s 117.344 ms (11.1%)
Agent iast_TELEMETRY_OFF 1.169 s 111.682 ms (10.6%)
Total tracing 8.487 s -
Total iast 8.935 s 448.419 ms (5.3%)
Total iast_HARDCODED_SECRET_DISABLED 8.917 s 430.039 ms (5.1%)
Total iast_TELEMETRY_OFF 8.938 s 451.534 ms (5.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.044 s -
Agent iast 1.172 s 127.805 ms (12.2%)
Agent iast_HARDCODED_SECRET_DISABLED 1.171 s 126.754 ms (12.1%)
Agent iast_TELEMETRY_OFF 1.166 s 122.368 ms (11.7%)
Total tracing 8.469 s -
Total iast 8.941 s 472.146 ms (5.6%)
Total iast_HARDCODED_SECRET_DISABLED 8.963 s 494.024 ms (5.8%)
Total iast_TELEMETRY_OFF 8.928 s 459.205 ms (5.4%) 
gantt
    title insecure-bank - break down per module: candidate=1.39.0-SNAPSHOT~0563d00e24, baseline=1.39.0-SNAPSHOT~44f907944c

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (675.764 ms) : 0, 675764
BytebuddyAgent [candidate] (666.297 ms) : 0, 666297
GlobalTracer [baseline] (307.627 ms) : 0, 307627
GlobalTracer [candidate] (304.91 ms) : 0, 304910
AppSec [baseline] (51.774 ms) : 0, 51774
AppSec [candidate] (51.079 ms) : 0, 51079
Remote Config [baseline] (666.101 µs) : 0, 666
Remote Config [candidate] (670.115 µs) : 0, 670
Telemetry [baseline] (7.492 ms) : 0, 7492
Telemetry [candidate] (7.462 ms) : 0, 7462
section iast
BytebuddyAgent [baseline] (777.325 ms) : 0, 777325
BytebuddyAgent [candidate] (777.881 ms) : 0, 777881
GlobalTracer [baseline] (295.129 ms) : 0, 295129
GlobalTracer [candidate] (295.719 ms) : 0, 295719
AppSec [baseline] (52.233 ms) : 0, 52233
AppSec [candidate] (51.842 ms) : 0, 51842
Remote Config [baseline] (568.212 µs) : 0, 568
Remote Config [candidate] (585.218 µs) : 0, 585
Telemetry [baseline] (7.827 ms) : 0, 7827
Telemetry [candidate] (9.557 ms) : 0, 9557
IAST [baseline] (23.336 ms) : 0, 23336
IAST [candidate] (22.575 ms) : 0, 22575
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (779.485 ms) : 0, 779485
BytebuddyAgent [candidate] (776.912 ms) : 0, 776912
GlobalTracer [baseline] (296.858 ms) : 0, 296858
GlobalTracer [candidate] (295.899 ms) : 0, 295899
AppSec [baseline] (51.899 ms) : 0, 51899
AppSec [candidate] (50.422 ms) : 0, 50422
Remote Config [baseline] (582.521 µs) : 0, 583
Remote Config [candidate] (622.104 µs) : 0, 622
Telemetry [baseline] (9.452 ms) : 0, 9452
Telemetry [candidate] (9.517 ms) : 0, 9517
IAST [baseline] (22.476 ms) : 0, 22476
IAST [candidate] (23.704 ms) : 0, 23704
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (775.388 ms) : 0, 775388
BytebuddyAgent [candidate] (772.856 ms) : 0, 772856
GlobalTracer [baseline] (296.68 ms) : 0, 296680
GlobalTracer [candidate] (295.565 ms) : 0, 295565
AppSec [baseline] (51.822 ms) : 0, 51822
AppSec [candidate] (50.266 ms) : 0, 50266
Remote Config [baseline] (566.236 µs) : 0, 566
Remote Config [candidate] (583.898 µs) : 0, 584
Telemetry [baseline] (6.957 ms) : 0, 6957
Telemetry [candidate] (9.541 ms) : 0, 9541
IAST [baseline] (23.733 ms) : 0, 23733
IAST [candidate] (23.926 ms) : 0, 23926
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.39.0-SNAPSHOT~0563d00e24, baseline=1.39.0-SNAPSHOT~44f907944c

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.053 s) : 0, 1052771
Total [baseline] (10.268 s) : 0, 10267699
Agent [candidate] (1.054 s) : 0, 1054206
Total [candidate] (10.353 s) : 0, 10353275
section appsec
Agent [baseline] (1.171 s) : 0, 1171473
Total [baseline] (10.456 s) : 0, 10455810
Agent [candidate] (1.168 s) : 0, 1168226
Total [candidate] (10.42 s) : 0, 10419846
section iast
Agent [baseline] (1.171 s) : 0, 1170800
Total [baseline] (10.75 s) : 0, 10750314
Agent [candidate] (1.178 s) : 0, 1177622
Total [candidate] (10.831 s) : 0, 10830645
section profiling
Agent [baseline] (1.243 s) : 0, 1243292
Total [baseline] (10.598 s) : 0, 10597521
Agent [candidate] (1.25 s) : 0, 1250209
Total [candidate] (10.558 s) : 0, 10557514
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.053 s -
Agent appsec 1.171 s 118.703 ms (11.3%)
Agent iast 1.171 s 118.03 ms (11.2%)
Agent profiling 1.243 s 190.521 ms (18.1%)
Total tracing 10.268 s -
Total appsec 10.456 s 188.111 ms (1.8%)
Total iast 10.75 s 482.615 ms (4.7%)
Total profiling 10.598 s 329.821 ms (3.2%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.054 s -
Agent appsec 1.168 s 114.021 ms (10.8%)
Agent iast 1.178 s 123.416 ms (11.7%)
Agent profiling 1.25 s 196.004 ms (18.6%)
Total tracing 10.353 s -
Total appsec 10.42 s 66.572 ms (0.6%)
Total iast 10.831 s 477.371 ms (4.6%)
Total profiling 10.558 s 204.24 ms (2.0%) 
gantt
    title petclinic - break down per module: candidate=1.39.0-SNAPSHOT~0563d00e24, baseline=1.39.0-SNAPSHOT~44f907944c

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (672.259 ms) : 0, 672259
BytebuddyAgent [candidate] (673.092 ms) : 0, 673092
GlobalTracer [baseline] (307.263 ms) : 0, 307263
GlobalTracer [candidate] (307.868 ms) : 0, 307868
AppSec [baseline] (51.599 ms) : 0, 51599
AppSec [candidate] (51.511 ms) : 0, 51511
Remote Config [baseline] (662.375 µs) : 0, 662
Remote Config [candidate] (669.605 µs) : 0, 670
Telemetry [baseline] (7.486 ms) : 0, 7486
Telemetry [candidate] (7.534 ms) : 0, 7534
section appsec
BytebuddyAgent [baseline] (679.643 ms) : 0, 679643
BytebuddyAgent [candidate] (678.691 ms) : 0, 678691
GlobalTracer [baseline] (300.609 ms) : 0, 300609
GlobalTracer [candidate] (299.097 ms) : 0, 299097
AppSec [baseline] (157.571 ms) : 0, 157571
AppSec [candidate] (156.923 ms) : 0, 156923
Remote Config [baseline] (614.718 µs) : 0, 615
Remote Config [candidate] (611.016 µs) : 0, 611
Telemetry [baseline] (8.657 ms) : 0, 8657
Telemetry [candidate] (8.71 ms) : 0, 8710
IAST [baseline] (21.805 ms) : 0, 21805
IAST [candidate] (21.322 ms) : 0, 21322
section iast
BytebuddyAgent [baseline] (777.624 ms) : 0, 777624
BytebuddyAgent [candidate] (781.748 ms) : 0, 781748
GlobalTracer [baseline] (294.959 ms) : 0, 294959
GlobalTracer [candidate] (296.924 ms) : 0, 296924
AppSec [baseline] (50.998 ms) : 0, 50998
AppSec [candidate] (53.973 ms) : 0, 53973
Remote Config [baseline] (583.853 µs) : 0, 584
Remote Config [candidate] (591.081 µs) : 0, 591
Telemetry [baseline] (8.677 ms) : 0, 8677
Telemetry [candidate] (7.99 ms) : 0, 7990
IAST [baseline] (24.489 ms) : 0, 24489
IAST [candidate] (22.852 ms) : 0, 22852
section profiling
BytebuddyAgent [baseline] (662.909 ms) : 0, 662909
BytebuddyAgent [candidate] (664.878 ms) : 0, 664878
GlobalTracer [baseline] (388.247 ms) : 0, 388247
GlobalTracer [candidate] (393.561 ms) : 0, 393561
AppSec [baseline] (52.098 ms) : 0, 52098
AppSec [candidate] (52.26 ms) : 0, 52260
Remote Config [baseline] (685.655 µs) : 0, 686
Remote Config [candidate] (679.41 µs) : 0, 679
Telemetry [baseline] (7.372 ms) : 0, 7372
Telemetry [candidate] (7.34 ms) : 0, 7340
ProfilingAgent [baseline] (94.858 ms) : 0, 94858
ProfilingAgent [candidate] (94.291 ms) : 0, 94291
Profiling [baseline] (94.884 ms) : 0, 94884
Profiling [candidate] (94.317 ms) : 0, 94317
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-08-22T13:39:30 2024-08-22T13:46:21
git_branch master smola/do-not-skip-original-method-on-stacktraceleak-detection
git_commit_date 1724333288 1724333347
git_commit_sha 44f9079 0563d00
release_version 1.39.0-SNAPSHOT~44f907944c 1.39.0-SNAPSHOT~0563d00e24
start_time 2024-08-22T13:39:17 2024-08-22T13:46:07
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1724334725 1724334725
ci_job_id 613737253 613737253
ci_pipeline_id 42557945 42557945
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics.

Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.39.0-SNAPSHOT~0563d00e24, baseline=1.39.0-SNAPSHOT~44f907944c
    dateFormat X
    axisFormat %s
section baseline
no_agent (372.161 µs) : 353, 392
.   : milestone, 372,
iast (488.312 µs) : 466, 511
.   : milestone, 488,
iast_FULL (557.361 µs) : 536, 579
.   : milestone, 557,
iast_GLOBAL (509.046 µs) : 487, 531
.   : milestone, 509,
iast_HARDCODED_SECRET_DISABLED (488.433 µs) : 466, 511
.   : milestone, 488,
iast_INACTIVE (446.866 µs) : 426, 467
.   : milestone, 447,
iast_TELEMETRY_OFF (469.26 µs) : 449, 490
.   : milestone, 469,
tracing (437.34 µs) : 417, 457
.   : milestone, 437,
section candidate
no_agent (375.225 µs) : 354, 396
.   : milestone, 375,
iast (480.2 µs) : 458, 502
.   : milestone, 480,
iast_FULL (557.036 µs) : 535, 579
.   : milestone, 557,
iast_GLOBAL (506.585 µs) : 484, 529
.   : milestone, 507,
iast_HARDCODED_SECRET_DISABLED (484.976 µs) : 462, 507
.   : milestone, 485,
iast_INACTIVE (451.712 µs) : 430, 474
.   : milestone, 452,
iast_TELEMETRY_OFF (477.118 µs) : 456, 499
.   : milestone, 477,
tracing (441.049 µs) : 421, 461
.   : milestone, 441,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 372.161 µs [352.703 µs, 391.618 µs] -
iast 488.312 µs [465.823 µs, 510.801 µs] 116.151 µs (31.2%)
iast_FULL 557.361 µs [535.501 µs, 579.22 µs] 185.2 µs (49.8%)
iast_GLOBAL 509.046 µs [486.595 µs, 531.497 µs] 136.886 µs (36.8%)
iast_HARDCODED_SECRET_DISABLED 488.433 µs [466.35 µs, 510.516 µs] 116.272 µs (31.2%)
iast_INACTIVE 446.866 µs [426.354 µs, 467.379 µs] 74.706 µs (20.1%)
iast_TELEMETRY_OFF 469.26 µs [448.541 µs, 489.979 µs] 97.1 µs (26.1%)
tracing 437.34 µs [417.25 µs, 457.43 µs] 65.179 µs (17.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 375.225 µs [354.317 µs, 396.133 µs] -
iast 480.2 µs [457.979 µs, 502.42 µs] 104.974 µs (28.0%)
iast_FULL 557.036 µs [535.495 µs, 578.576 µs] 181.81 µs (48.5%)
iast_GLOBAL 506.585 µs [483.89 µs, 529.28 µs] 131.36 µs (35.0%)
iast_HARDCODED_SECRET_DISABLED 484.976 µs [462.483 µs, 507.47 µs] 109.751 µs (29.2%)
iast_INACTIVE 451.712 µs [429.662 µs, 473.763 µs] 76.487 µs (20.4%)
iast_TELEMETRY_OFF 477.118 µs [455.6 µs, 498.636 µs] 101.893 µs (27.2%)
tracing 441.049 µs [421.047 µs, 461.05 µs] 65.823 µs (17.5%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.39.0-SNAPSHOT~0563d00e24, baseline=1.39.0-SNAPSHOT~44f907944c
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.348 ms) : 1329, 1367
.   : milestone, 1348,
appsec (1.729 ms) : 1704, 1753
.   : milestone, 1729,
appsec_no_iast (1.748 ms) : 1724, 1771
.   : milestone, 1748,
iast (1.473 ms) : 1450, 1496
.   : milestone, 1473,
profiling (1.53 ms) : 1505, 1556
.   : milestone, 1530,
tracing (1.492 ms) : 1468, 1516
.   : milestone, 1492,
section candidate
no_agent (1.344 ms) : 1325, 1363
.   : milestone, 1344,
appsec (1.736 ms) : 1712, 1759
.   : milestone, 1736,
appsec_no_iast (1.705 ms) : 1680, 1729
.   : milestone, 1705,
iast (1.472 ms) : 1449, 1495
.   : milestone, 1472,
profiling (1.486 ms) : 1461, 1511
.   : milestone, 1486,
tracing (1.461 ms) : 1437, 1486
.   : milestone, 1461,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.348 ms [1.329 ms, 1.367 ms] -
appsec 1.729 ms [1.704 ms, 1.753 ms] 380.836 µs (28.3%)
appsec_no_iast 1.748 ms [1.724 ms, 1.771 ms] 399.747 µs (29.7%)
iast 1.473 ms [1.45 ms, 1.496 ms] 124.902 µs (9.3%)
profiling 1.53 ms [1.505 ms, 1.556 ms] 182.209 µs (13.5%)
tracing 1.492 ms [1.468 ms, 1.516 ms] 143.858 µs (10.7%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.344 ms [1.325 ms, 1.363 ms] -
appsec 1.736 ms [1.712 ms, 1.759 ms] 391.922 µs (29.2%)
appsec_no_iast 1.705 ms [1.68 ms, 1.729 ms] 360.845 µs (26.9%)
iast 1.472 ms [1.449 ms, 1.495 ms] 127.994 µs (9.5%)
profiling 1.486 ms [1.461 ms, 1.511 ms] 142.672 µs (10.6%)
tracing 1.461 ms [1.437 ms, 1.486 ms] 117.418 µs (8.7%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/do-not-skip-original-method-on-stacktraceleak-detection
git_commit_date 1724333288 1724333347
git_commit_sha 44f9079 0563d00
release_version 1.39.0-SNAPSHOT~44f907944c 1.39.0-SNAPSHOT~0563d00e24
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1724335221 1724335221
ci_job_id 613737254 613737254
ci_pipeline_id 42557945 42557945
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.39.0-SNAPSHOT~0563d00e24, baseline=1.39.0-SNAPSHOT~44f907944c
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.46 ms) : 1448, 1472
.   : milestone, 1460,
appsec (2.208 ms) : 2174, 2243
.   : milestone, 2208,
iast (1.951 ms) : 1909, 1993
.   : milestone, 1951,
iast_GLOBAL (2.016 ms) : 1973, 2060
.   : milestone, 2016,
profiling (1.851 ms) : 1817, 1885
.   : milestone, 1851,
tracing (1.832 ms) : 1799, 1865
.   : milestone, 1832,
section candidate
no_agent (1.456 ms) : 1445, 1468
.   : milestone, 1456,
appsec (2.211 ms) : 2176, 2246
.   : milestone, 2211,
iast (1.977 ms) : 1934, 2020
.   : milestone, 1977,
iast_GLOBAL (2.011 ms) : 1967, 2055
.   : milestone, 2011,
profiling (1.857 ms) : 1823, 1891
.   : milestone, 1857,
tracing (1.819 ms) : 1787, 1852
.   : milestone, 1819,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.46 ms [1.448 ms, 1.472 ms] -
appsec 2.208 ms [2.174 ms, 2.243 ms] 748.169 µs (51.2%)
iast 1.951 ms [1.909 ms, 1.993 ms] 491.017 µs (33.6%)
iast_GLOBAL 2.016 ms [1.973 ms, 2.06 ms] 556.36 µs (38.1%)
profiling 1.851 ms [1.817 ms, 1.885 ms] 390.604 µs (26.8%)
tracing 1.832 ms [1.799 ms, 1.865 ms] 372.052 µs (25.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.456 ms [1.445 ms, 1.468 ms] -
appsec 2.211 ms [2.176 ms, 2.246 ms] 754.949 µs (51.8%)
iast 1.977 ms [1.934 ms, 2.02 ms] 520.609 µs (35.7%)
iast_GLOBAL 2.011 ms [1.967 ms, 2.055 ms] 554.966 µs (38.1%)
profiling 1.857 ms [1.823 ms, 1.891 ms] 400.669 µs (27.5%)
tracing 1.819 ms [1.787 ms, 1.852 ms] 362.983 µs (24.9%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.39.0-SNAPSHOT~0563d00e24, baseline=1.39.0-SNAPSHOT~44f907944c
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.867 s) : 14867000, 14867000
.   : milestone, 14867000,
appsec (15.026 s) : 15026000, 15026000
.   : milestone, 15026000,
iast (18.654 s) : 18654000, 18654000
.   : milestone, 18654000,
iast_GLOBAL (17.94 s) : 17940000, 17940000
.   : milestone, 17940000,
profiling (15.82 s) : 15820000, 15820000
.   : milestone, 15820000,
tracing (15.288 s) : 15288000, 15288000
.   : milestone, 15288000,
section candidate
no_agent (15.538 s) : 15538000, 15538000
.   : milestone, 15538000,
appsec (14.996 s) : 14996000, 14996000
.   : milestone, 14996000,
iast (18.631 s) : 18631000, 18631000
.   : milestone, 18631000,
iast_GLOBAL (17.992 s) : 17992000, 17992000
.   : milestone, 17992000,
profiling (15.706 s) : 15706000, 15706000
.   : milestone, 15706000,
tracing (14.945 s) : 14945000, 14945000
.   : milestone, 14945000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.867 s [14.867 s, 14.867 s] -
appsec 15.026 s [15.026 s, 15.026 s] 159.0 ms (1.1%)
iast 18.654 s [18.654 s, 18.654 s] 3.787 s (25.5%)
iast_GLOBAL 17.94 s [17.94 s, 17.94 s] 3.073 s (20.7%)
profiling 15.82 s [15.82 s, 15.82 s] 953.0 ms (6.4%)
tracing 15.288 s [15.288 s, 15.288 s] 421.0 ms (2.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.538 s [15.538 s, 15.538 s] -
appsec 14.996 s [14.996 s, 14.996 s] -542.0 ms (-3.5%)
iast 18.631 s [18.631 s, 18.631 s] 3.093 s (19.9%)
iast_GLOBAL 17.992 s [17.992 s, 17.992 s] 2.454 s (15.8%)
profiling 15.706 s [15.706 s, 15.706 s] 168.0 ms (1.1%)
tracing 14.945 s [14.945 s, 14.945 s] -593.0 ms (-3.8%)

@smola smola marked this pull request as ready for review August 22, 2024 10:55
@smola smola requested a review from a team as a code owner August 22, 2024 10:55
Base automatically changed from smola/suppress-exceptions-on-tomcat-stacktraceleak-advice to master August 22, 2024 13:28
@smola smola merged commit fac6dde into master Aug 22, 2024
@smola smola deleted the smola/do-not-skip-original-method-on-stacktraceleak-detection branch August 22, 2024 14:17
@github-actions github-actions Bot added this to the 1.39.0 milestone Aug 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ValentinZakharov ValentinZakharov ValentinZakharov approved these changes

@jandro996 jandro996 jandro996 approved these changes

Assignees

No one assigned

Labels

comp: asm iast Application Security Management (IAST) type: bug Bug report and fix

Projects

None yet

Milestone

1.39.0

Development

Successfully merging this pull request may close these issues.

3 participants

@smola @ValentinZakharov @jandro996