Merge pull request #610 from bytedance/fix-unused-log

fix unused log

rasp/Makefile

@@ -430,7 +430,7 @@ endif
 	cp NSMount/bin/NSMount $(OUTPUT)/NSMount
 	cp pangolin/bin/pangolin $(LIB_OUTPUT)/pangolin
 
-	cp jvm/JVMAgent/output/SmithAgent.jar 
+	cp jvm/JVMAgent/output/SmithAgent.jar $(LIB_OUTPUT)/java/SmithAgent.jar
 	cp jvm/JVMProbe/output/SmithProbe.jar $(LIB_OUTPUT)/java/SmithProbe.jar
 	cp jvm/jattach/build/jattach $(LIB_OUTPUT)/java/jattach
 

rasp/jvm/JVMAgent/src/main/java/com/security/smithloader/common/JarUtil.java

@@ -37,7 +37,6 @@ private static byte[] base64StrTobyte(String base64Str) {
         return Base64.getDecoder().decode(base64Str);
     }
 
-    // 将字节数组转换为私钥对象
     private static PrivateKey bytesToPrivateKey(byte[] privateKeyBytes) throws Exception {
         KeyFactory keyFactory = KeyFactory.getInstance("RSA");
         PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
@@ -46,7 +45,7 @@ private static PrivateKey bytesToPrivateKey(byte[] privateKeyBytes) throws Excep
 
     public static byte[] calculateMD5(String filePath) {
         try {
-            // 创建MessageDigest对象，指定使用MD5算法
+
             MessageDigest md = MessageDigest.getInstance("MD5");
 
             Path path = Paths.get(filePath);

rasp/jvm/JVMAgent/src/main/java/com/security/smithloader/common/Reflection.java

@@ -5,16 +5,16 @@
 import java.lang.reflect.Method;
 
 /**
- * 反射工具类
+ * Reflection utils
  */
 public class Reflection {
 
     /**
-     * 反射获取对象的field
+     * get object field
      *
-     * @param object    对象
-     * @param fieldName 字段名称
-     * @return 值
+     * @param object
+     * @param fieldName
+     * @return Object
      */
     public static Object getField(Object object, String fieldName) {
         try {
@@ -28,11 +28,11 @@ public static Object getField(Object object, String fieldName) {
     }
 
     /**
-     * 反射获取对象父类的field
+     * get super class field
      *
-     * @param object    对象
-     * @param fieldName 字段名称
-     * @return 值
+     * @param object
+     * @param fieldName
+     * @return Object
      */
     public static Object getSuperField(Object object, String fieldName) {
         try {
@@ -48,11 +48,11 @@ public static Object getSuperField(Object object, String fieldName) {
 
 
     /**
-     * 反射获取对象父类的父类的field
+     * get super super class field
      *
-     * @param object    对象
-     * @param fieldName 字段名称
-     * @return 值
+     * @param object
+     * @param fieldName
+     * @return Object
      */
     public static Object getSuperParentField(Object object, String fieldName) {
         try {
@@ -67,11 +67,11 @@ public static Object getSuperParentField(Object object, String fieldName) {
     }
 
     /**
-     * 反射获取对象的field
+     * get Object static field
      *
-     * @param clazz   Class
-     * @param fieldName 字段名称
-     * @return 值
+     * @param clazz
+     * @param fieldName
+     * @return Object
      */
     public static Object getStaticField(Class<?> clazz, String fieldName) {
         try {
@@ -85,12 +85,12 @@ public static Object getStaticField(Class<?> clazz, String fieldName) {
     }
 
     /**
-     * 反射调用类的静态方法
+     * get object static method
      *
      * @param clazz      Class
-     * @param methodName 类的方法名称
-     * @param argTypes   参数类型
-     * @param args       参数
+     * @param methodName
+     * @param argTypes 
+     * @param args       
      * @return Object
      */
     public static Object invokeStaticMethod(Class<?> clazz, String methodName, Class<?>[] argTypes, Object... args) {
@@ -105,12 +105,12 @@ public static Object invokeStaticMethod(Class<?> clazz, String methodName, Class
     }
 
     /**
-     * 反射调用类的方法
+     * get object method
      *
-     * @param object     类的对象
-     * @param methodName 类的方法名称
-     * @param argTypes   参数类型
-     * @param args       参数
+     * @param object
+     * @param methodName
+     * @param argTypes
+     * @param args       
      * @return Object
      */
     public static Object invokeMethod(Object object, String methodName, Class<?>[] argTypes, Object... args) {
@@ -130,12 +130,12 @@ public static Object invokeMethod(Object object, String methodName, Class<?>[] a
     }
 
     /**
-     * 反射调用父类的方法
+     * get super 
      *
-     * @param object     类的对象
-     * @param methodName 类的方法名称
-     * @param argTypes   参数类型
-     * @param args       参数
+     * @param object
+     * @param methodName
+     * @param argTypes 
+     * @param args     
      * @return Object
      */
     public static Object invokeSuperMethod(Object object, String methodName, Class<?>[] argTypes, Object... args) {

rasp/jvm/JVMProbe/src/main/java/com/security/smith/SmithProbe.java

@@ -454,7 +454,7 @@ private void checkClassFilter(ClassLoader loader, String className, byte[] class
                 } catch(Exception e) {
                     // SmithLogger.exception(e);
                 }
-                // 获取父类名和父类加载器
+
                 String superClassName = superClass != null ? superClass.getName() : "";
                 classFilter.setParentClassName(superClassName);
 
@@ -597,20 +597,6 @@ public byte[] transform(ClassLoader loader, String className, Class<?> classBein
 
             classReader.accept(classVisitor, ClassReader.EXPAND_FRAMES);  
 
-            /* 
-            // 获取生成的类的字节数组
-            byte[] bytecode = classWriter.toByteArray();
-
-            // 将字节码保存到文件
-            String filePath = "/tmp/"+classType.getClassName()+".class"; // 文件路径和名称
-            try (FileOutputStream fos = new FileOutputStream(filePath)) {
-                fos.write(bytecode);
-                System.out.println("字节码已成功保存到文件: " + filePath);
-            } catch (IOException e) {
-                e.printStackTrace();
-            }
-            */
-
             return classWriter.toByteArray();
         } catch (Exception e) {
             SmithLogger.exception(e);
@@ -814,7 +800,7 @@ public boolean OnAddRule(String rulejson) {
     }
 
 
-    /* 全量扫描 */
+    /* scan all class */
     @Override
     public void onScanAllClass() {
         if (scanswitch == false) {
@@ -888,11 +874,11 @@ private void sendByte(byte[] data, String transId) {
         int length = data.length;
         ClassUpload classUpload = new ClassUpload();
         classUpload.setTransId(transId);
-        // TODO 第一版先不分包，看下性能
+        // TODO
         // client.write(Operate.CLASSDUMP, classUpload);
-        // 发送文件内容分包给服务器
-        // int packetSize = 1024; // 每个包的大小
-        // int totalPackets = (data.length + packetSize - 1) / packetSize; // 总包数
+
+        // int packetSize = 1024; 
+        // int totalPackets = (data.length + packetSize - 1) / packetSize;
         //for (int i = 0; i < totalPackets; i++) {
             //int offset = i * packetSize;
             classUpload.setByteTotalLength(length);

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/ClassUploadTransformer.java

@@ -27,7 +27,6 @@
 public class ClassUploadTransformer implements ClassFileTransformer,Runnable {
     private static ClassUploadTransformer ourInstance = new ClassUploadTransformer();
 
-    // 暂定最大10m
     public final static int MAX_DUMP_CLASS_SIZE = 1024 * 1024 * 10;
 
     public final static int MAX_HASH_SIZE = 1024*2;
@@ -369,7 +368,6 @@ private void sendClass(Class<?> clazz, byte[] data) {
                 ClassUpload classUpload = new ClassUpload();
                 classUpload.setTransId(transId);
 
-                // TODO 第一版先不分包，看下性能
                 classUpload.setByteTotalLength(length);
                 classUpload.setByteLength(length);
                 classUpload.setClassData(data);

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/Message.java

@@ -72,7 +72,7 @@ protected MessageSerializer(Class<Message> t) {
     public void serialize(Message value, JsonGenerator gen, SerializerProvider provider) throws IOException {
         gen.writeStartObject();
         gen.writeNumberField("message_type", value.getOperate());
-        // TODO 首包才传metadata, 把pid 相关的信息加到metadata里
+
         gen.writeNumberField("pid", pid);
         gen.writeStringField("runtime", "JVM");
         gen.writeStringField("runtime_version", jvmVersion);

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/Operate.java

@@ -11,12 +11,12 @@ public class Operate {
     public static final int BLOCK = 7;
     public static final int LIMIT = 8;
     public static final int PATCH = 9;
-    public static final int SCANCLASS = 10;             // 实时扫描
-    public static final int SCANALLCLASS = 11;          // 全量扫描
-    public static final int CLASSFILTERSTART = 12;      // 开始清缓存
-    public static final int CLASSFILTER = 13;           // 更新缓存
-    public static final int CLASSFILTEREND = 14;        // 开始全量扫描
-    public static final int CLASSUPLOADSTART = 15;      // 开始上传class
+    public static final int SCANCLASS = 10;             // scan on time
+    public static final int SCANALLCLASS = 11;          // scan all
+    public static final int CLASSFILTERSTART = 12;      // start to receive class filter rule
+    public static final int CLASSFILTER = 13;           
+    public static final int CLASSFILTEREND = 14;        // clas fiter rule end
+    public static final int CLASSUPLOADSTART = 15;      // start to send class
     public static final int CLASSUPLOAD = 16;
-    public static final int CLASSUPLOADEND = 17;        // 结束上传class
+    public static final int CLASSUPLOADEND = 17;        // end to send class
 }

rasp/jvm/JVMProbe/src/main/java/com/security/smith/client/Rule_Scanner.java

@@ -69,13 +69,13 @@ public void printClassfilter(ClassFilter data) {
     System.out.println("classLoaderName:" + data.getClassLoaderName());
     System.out.println("parentClassName:" + data.getParentClassName());
 
-     // 步骤1：获取当前线程
+
     Thread currentThread = Thread.currentThread();
 
-    // 步骤2：获取当前线程的堆栈跟踪
+
     StackTraceElement[] stackTrace = currentThread.getStackTrace();
 
-    // 步骤3：打印堆栈跟踪信息
+
     for (StackTraceElement element : stackTrace) {
         System.out.println(element);
     }