Improve detection of missing request end events

smola · smola · commit e56d2344452c · 2025-03-05T08:38:05.000+01:00
diff --git a/dd-java-agent/appsec/src/main/java/com/datadog/appsec/gateway/AppSecRequestContext.java b/dd-java-agent/appsec/src/main/java/com/datadog/appsec/gateway/AppSecRequestContext.java
@@ -143,6 +143,9 @@ public class AppSecRequestContext implements DataBundle, Closeable {
   // keep a reference to the last published usr.session_id
   private volatile String sessionId;
 
+  // Used to detect missing request-end event at close.
+  private volatile boolean requestEndCalled;
+
   private static final AtomicIntegerFieldUpdater<AppSecRequestContext> WAF_TIMEOUTS_UPDATER =
       AtomicIntegerFieldUpdater.newUpdater(AppSecRequestContext.class, "wafTimeouts");
   private static final AtomicIntegerFieldUpdater<AppSecRequestContext> RASP_TIMEOUTS_UPDATER =
@@ -584,10 +587,15 @@ public void close() {
   /* Should be accessible from the modules */
 
   public void close(boolean requiresPostProcessing) {
-    if (additive != null || derivatives != null) {
+    if (!requestEndCalled) {
+      log.debug(SEND_TELEMETRY, "Request end event was not called before close");
+    }
+    if (additive != null) {
       log.debug(
           SEND_TELEMETRY, "WAF object had not been closed (probably missed request-end event)");
       closeAdditive();
+    }
+    if (derivatives != null) {
       derivatives = null;
     }
 
@@ -699,4 +707,9 @@ public boolean isThrottled(RateLimiter rateLimiter) {
   public boolean isAdditiveClosed() {
     return additiveClosed;
   }
+
+  /** Must be called during request end event processing. */
+  void setRequestEndCalled() {
+    requestEndCalled = true;
+  }
 }
diff --git a/dd-java-agent/appsec/src/main/java/com/datadog/appsec/gateway/GatewayBridge.java b/dd-java-agent/appsec/src/main/java/com/datadog/appsec/gateway/GatewayBridge.java
@@ -767,6 +767,7 @@ private NoopFlow onRequestEnded(RequestContext ctx_, IGSpanInfo spanInfo) {
     if (ctx == null) {
       return NoopFlow.INSTANCE;
     }
+    ctx.setRequestEndCalled();
 
     maybeExtractSchemas(ctx);
 

Original file line number	Diff line number	Diff line change
`@@ -767,6 +767,7 @@ private NoopFlow onRequestEnded(RequestContext ctx_, IGSpanInfo spanInfo) {`
`767`	`767`	`if (ctx == null) {`
`768`	`768`	`return NoopFlow.INSTANCE;`
`769`	`769`	`}`
	`770`	`+ ctx.setRequestEndCalled();`
`770`	`771`
`771`	`772`	`maybeExtractSchemas(ctx);`
`772`	`773`