Fix NullPointerException log in AppSec #9355

jandro996 · Aug 12, 2025

What Does This Do

Modifies WafModule#buildEvents to safely handle actionWithData.data being null.

Motivation

Additional Notes

The current version of libddwaf may return null in the data field of actionWithData. This was previously not handled and could cause unexpected logged exceptions. The method now explicitly checks for null to prevent this.

Contributor Checklist

Format the title according the contribution guidelines
Assign the type: and (comp: or inst:) labels in addition to any usefull labels
Don't use close, fix or any linking keywords when referencing an issue.
Use solves instead, and assign the PR milestone to the issue
Update the CODEOWNERS file on source file addition, move, or deletion
Update the public documentation in case of new configuration flag or behavior

Jira ticket: [PROJ-IDENT]

datadog-official · Aug 12, 2025

Code coverage: total 58.99%, base diff 1.68%, patch 100.00% (view details)

_{This comment will be updated automatically if new data arrives.

🔗 Commit SHA: 700d50a | Docs | Was this helpful? Give us feedback!}

pr-commenter · Aug 12, 2025

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/fix-9346
git_commit_date	1755003120	1755003387
git_commit_sha	`8d4316a`	`700d50a`
release_version	1.53.0-SNAPSHOT~8d4316af7d	1.53.0-SNAPSHOT~700d50a332

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1755005364	1755005364
ci_job_id	1075980021	1075980021
ci_pipeline_id	73407427	73407427
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-2-zr4nj7dx 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-2-zr4nj7dx 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 48 metrics, 11 unstable metrics.

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.53.0-SNAPSHOT~700d50a332, baseline=1.53.0-SNAPSHOT~8d4316af7d

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.046 s) : 0, 1045912
Total [baseline] (8.578 s) : 0, 8577892
Agent [candidate] (1.043 s) : 0, 1043161
Total [candidate] (8.603 s) : 0, 8603304
section iast
Agent [baseline] (1.176 s) : 0, 1176360
Total [baseline] (9.305 s) : 0, 9305156
Agent [candidate] (1.185 s) : 0, 1185228
Total [candidate] (9.355 s) : 0, 9354676

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.046 s	-
Agent	iast	1.176 s	130.448 ms (12.5%)
Total	tracing	8.578 s	-
Total	iast	9.305 s	727.263 ms (8.5%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.043 s	-
Agent	iast	1.185 s	142.067 ms (13.6%)
Total	tracing	8.603 s	-
Total	iast	9.355 s	751.372 ms (8.7%)

gantt
    title insecure-bank - break down per module: candidate=1.53.0-SNAPSHOT~700d50a332, baseline=1.53.0-SNAPSHOT~8d4316af7d

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.429 ms) : 0, 1429
crashtracking [candidate] (1.416 ms) : 0, 1416
BytebuddyAgent [baseline] (732.29 ms) : 0, 732290
BytebuddyAgent [candidate] (730.579 ms) : 0, 730579
GlobalTracer [baseline] (241.727 ms) : 0, 241727
GlobalTracer [candidate] (241.704 ms) : 0, 241704
AppSec [baseline] (30.079 ms) : 0, 30079
AppSec [candidate] (29.839 ms) : 0, 29839
Debugger [baseline] (6.018 ms) : 0, 6018
Debugger [candidate] (6.026 ms) : 0, 6026
Remote Config [baseline] (650.433 µs) : 0, 650
Remote Config [candidate] (656.407 µs) : 0, 656
Telemetry [baseline] (12.787 ms) : 0, 12787
Telemetry [candidate] (12.112 ms) : 0, 12112
section iast
crashtracking [baseline] (1.437 ms) : 0, 1437
crashtracking [candidate] (1.438 ms) : 0, 1438
BytebuddyAgent [baseline] (849.87 ms) : 0, 849870
BytebuddyAgent [candidate] (856.091 ms) : 0, 856091
GlobalTracer [baseline] (233.926 ms) : 0, 233926
GlobalTracer [candidate] (233.676 ms) : 0, 233676
IAST [baseline] (27.477 ms) : 0, 27477
IAST [candidate] (27.848 ms) : 0, 27848
AppSec [baseline] (28.26 ms) : 0, 28260
AppSec [candidate] (27.838 ms) : 0, 27838
Debugger [baseline] (5.702 ms) : 0, 5702
Debugger [candidate] (8.368 ms) : 0, 8368
Remote Config [baseline] (566.353 µs) : 0, 566
Remote Config [candidate] (590.658 µs) : 0, 591
Telemetry [baseline] (8.2 ms) : 0, 8200
Telemetry [candidate] (8.313 ms) : 0, 8313

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.53.0-SNAPSHOT~700d50a332, baseline=1.53.0-SNAPSHOT~8d4316af7d

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.046 s) : 0, 1045634
Total [baseline] (10.688 s) : 0, 10688096
Agent [candidate] (1.043 s) : 0, 1043309
Total [candidate] (10.781 s) : 0, 10780844
section appsec
Agent [baseline] (1.219 s) : 0, 1219280
Total [baseline] (10.88 s) : 0, 10880036
Agent [candidate] (1.22 s) : 0, 1220097
Total [candidate] (10.753 s) : 0, 10753090
section iast
Agent [baseline] (1.178 s) : 0, 1177914
Total [baseline] (10.906 s) : 0, 10906440
Agent [candidate] (1.177 s) : 0, 1176912
Total [candidate] (10.91 s) : 0, 10910325
section profiling
Agent [baseline] (1.204 s) : 0, 1203692
Total [baseline] (10.982 s) : 0, 10982132
Agent [candidate] (1.191 s) : 0, 1190702
Total [candidate] (10.846 s) : 0, 10846038

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.046 s	-
Agent	appsec	1.219 s	173.646 ms (16.6%)
Agent	iast	1.178 s	132.281 ms (12.7%)
Agent	profiling	1.204 s	158.059 ms (15.1%)
Total	tracing	10.688 s	-
Total	appsec	10.88 s	191.94 ms (1.8%)
Total	iast	10.906 s	218.344 ms (2.0%)
Total	profiling	10.982 s	294.036 ms (2.8%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.043 s	-
Agent	appsec	1.22 s	176.788 ms (16.9%)
Agent	iast	1.177 s	133.603 ms (12.8%)
Agent	profiling	1.191 s	147.394 ms (14.1%)
Total	tracing	10.781 s	-
Total	appsec	10.753 s	-27.753 ms (-0.3%)
Total	iast	10.91 s	129.482 ms (1.2%)
Total	profiling	10.846 s	65.195 ms (0.6%)

gantt
    title petclinic - break down per module: candidate=1.53.0-SNAPSHOT~700d50a332, baseline=1.53.0-SNAPSHOT~8d4316af7d

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.419 ms) : 0, 1419
crashtracking [candidate] (1.422 ms) : 0, 1422
BytebuddyAgent [baseline] (731.158 ms) : 0, 731158
BytebuddyAgent [candidate] (731.012 ms) : 0, 731012
GlobalTracer [baseline] (241.912 ms) : 0, 241912
GlobalTracer [candidate] (241.37 ms) : 0, 241370
AppSec [baseline] (30.04 ms) : 0, 30040
AppSec [candidate] (29.968 ms) : 0, 29968
Debugger [baseline] (6.043 ms) : 0, 6043
Debugger [candidate] (5.971 ms) : 0, 5971
Remote Config [baseline] (656.943 µs) : 0, 657
Remote Config [candidate] (642.678 µs) : 0, 643
Telemetry [baseline] (13.466 ms) : 0, 13466
Telemetry [candidate] (11.974 ms) : 0, 11974
section appsec
crashtracking [baseline] (1.418 ms) : 0, 1418
crashtracking [candidate] (1.422 ms) : 0, 1422
BytebuddyAgent [baseline] (753.673 ms) : 0, 753673
BytebuddyAgent [candidate] (753.605 ms) : 0, 753605
GlobalTracer [baseline] (234.604 ms) : 0, 234604
GlobalTracer [candidate] (235.179 ms) : 0, 235179
IAST [baseline] (23.409 ms) : 0, 23409
IAST [candidate] (23.522 ms) : 0, 23522
AppSec [baseline] (169.688 ms) : 0, 169688
AppSec [candidate] (169.031 ms) : 0, 169031
Debugger [baseline] (6.431 ms) : 0, 6431
Debugger [candidate] (7.211 ms) : 0, 7211
Remote Config [baseline] (618.89 µs) : 0, 619
Remote Config [candidate] (633.289 µs) : 0, 633
Telemetry [baseline] (8.477 ms) : 0, 8477
Telemetry [candidate] (8.429 ms) : 0, 8429
section iast
crashtracking [baseline] (1.421 ms) : 0, 1421
crashtracking [candidate] (1.43 ms) : 0, 1430
BytebuddyAgent [baseline] (850.498 ms) : 0, 850498
BytebuddyAgent [candidate] (850.032 ms) : 0, 850032
GlobalTracer [baseline] (232.856 ms) : 0, 232856
GlobalTracer [candidate] (232.108 ms) : 0, 232108
IAST [baseline] (26.723 ms) : 0, 26723
IAST [candidate] (27.672 ms) : 0, 27672
AppSec [baseline] (28.364 ms) : 0, 28364
AppSec [candidate] (25.857 ms) : 0, 25857
Debugger [baseline] (8.21 ms) : 0, 8210
Debugger [candidate] (9.943 ms) : 0, 9943
Remote Config [baseline] (573.614 µs) : 0, 574
Remote Config [candidate] (592.587 µs) : 0, 593
Telemetry [baseline] (8.223 ms) : 0, 8223
Telemetry [candidate] (8.286 ms) : 0, 8286
section profiling
crashtracking [baseline] (1.413 ms) : 0, 1413
crashtracking [candidate] (1.392 ms) : 0, 1392
BytebuddyAgent [baseline] (766.288 ms) : 0, 766288
BytebuddyAgent [candidate] (759.798 ms) : 0, 759798
GlobalTracer [baseline] (223.227 ms) : 0, 223227
GlobalTracer [candidate] (220.87 ms) : 0, 220870
AppSec [baseline] (30.166 ms) : 0, 30166
AppSec [candidate] (29.763 ms) : 0, 29763
Debugger [baseline] (6.369 ms) : 0, 6369
Debugger [candidate] (6.308 ms) : 0, 6308
Remote Config [baseline] (689.219 µs) : 0, 689
Remote Config [candidate] (667.696 µs) : 0, 668
Telemetry [baseline] (15.402 ms) : 0, 15402
Telemetry [candidate] (15.775 ms) : 0, 15775
ProfilingAgent [baseline] (110.434 ms) : 0, 110434
ProfilingAgent [candidate] (106.858 ms) : 0, 106858
Profiling [baseline] (111.089 ms) : 0, 111089
Profiling [candidate] (107.522 ms) : 0, 107522

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/fix-9346
git_commit_date	1755003120	1755003387
git_commit_sha	`8d4316a`	`700d50a`
release_version	1.53.0-SNAPSHOT~8d4316af7d	1.53.0-SNAPSHOT~700d50a332

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1755005042	1755005042
ci_job_id	1075980023	1075980023
ci_pipeline_id	73407427	73407427
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-1-yfekg7d3 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-1-yfekg7d3 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 3 performance regressions! Performance is the same for 9 metrics, 12 unstable metrics.

scenario	Δ mean http_req_duration	Δ mean throughput	candidate mean http_req_duration	candidate mean throughput	baseline mean http_req_duration	baseline mean throughput
scenario:load:petclinic:profiling:high_load	worse [+1.106ms; +2.041ms] or [+2.362%; +4.361%]	unstable [-10.470op/s; +3.920op/s] or [-10.469%; +3.920%]	48.387ms	96.737op/s	46.814ms	100.013op/s
scenario:load:petclinic:code_origins:high_load	worse [+1.798ms; +2.646ms] or [+4.137%; +6.090%]	unstable [-11.125op/s; +3.268op/s] or [-10.333%; +3.036%]	45.675ms	103.734op/s	43.453ms	107.662op/s
scenario:load:petclinic:iast:high_load	worse [+1.931ms; +2.772ms] or [+4.433%; +6.364%]	unstable [-11.353op/s; +2.933op/s] or [-10.569%; +2.731%]	45.907ms	103.203op/s	43.556ms	107.412op/s

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.53.0-SNAPSHOT~700d50a332, baseline=1.53.0-SNAPSHOT~8d4316af7d
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.367 ms) : 4312, 4422
.   : milestone, 4367,
iast (9.472 ms) : 9316, 9628
.   : milestone, 9472,
iast_FULL (14.122 ms) : 13838, 14405
.   : milestone, 14122,
iast_GLOBAL (10.409 ms) : 10225, 10592
.   : milestone, 10409,
profiling (9.311 ms) : 9148, 9475
.   : milestone, 9311,
tracing (7.67 ms) : 7562, 7777
.   : milestone, 7670,
section candidate
no_agent (4.386 ms) : 4330, 4442
.   : milestone, 4386,
iast (9.297 ms) : 9141, 9453
.   : milestone, 9297,
iast_FULL (13.997 ms) : 13721, 14273
.   : milestone, 13997,
iast_GLOBAL (10.243 ms) : 10065, 10420
.   : milestone, 10243,
profiling (9.202 ms) : 9058, 9347
.   : milestone, 9202,
tracing (7.785 ms) : 7675, 7894
.   : milestone, 7785,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	4.367 ms [4.312 ms, 4.422 ms]	-
iast	9.472 ms [9.316 ms, 9.628 ms]	5.105 ms (116.9%)
iast_FULL	14.122 ms [13.838 ms, 14.405 ms]	9.755 ms (223.4%)
iast_GLOBAL	10.409 ms [10.225 ms, 10.592 ms]	6.042 ms (138.4%)
profiling	9.311 ms [9.148 ms, 9.475 ms]	4.945 ms (113.2%)
tracing	7.67 ms [7.562 ms, 7.777 ms]	3.303 ms (75.6%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	4.386 ms [4.33 ms, 4.442 ms]	-
iast	9.297 ms [9.141 ms, 9.453 ms]	4.911 ms (112.0%)
iast_FULL	13.997 ms [13.721 ms, 14.273 ms]	9.611 ms (219.1%)
iast_GLOBAL	10.243 ms [10.065 ms, 10.42 ms]	5.857 ms (133.5%)
profiling	9.202 ms [9.058 ms, 9.347 ms]	4.816 ms (109.8%)
tracing	7.785 ms [7.675 ms, 7.894 ms]	3.399 ms (77.5%)

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.53.0-SNAPSHOT~700d50a332, baseline=1.53.0-SNAPSHOT~8d4316af7d
    dateFormat X
    axisFormat %s
section baseline
no_agent (37.639 ms) : 37328, 37949
.   : milestone, 37639,
appsec (46.765 ms) : 46345, 47184
.   : milestone, 46765,
code_origins (43.453 ms) : 43070, 43837
.   : milestone, 43453,
iast (43.556 ms) : 43176, 43936
.   : milestone, 43556,
profiling (46.814 ms) : 46359, 47268
.   : milestone, 46814,
tracing (44.033 ms) : 43661, 44406
.   : milestone, 44033,
section candidate
no_agent (36.818 ms) : 36527, 37109
.   : milestone, 36818,
appsec (45.956 ms) : 45546, 46366
.   : milestone, 45956,
code_origins (45.675 ms) : 45270, 46080
.   : milestone, 45675,
iast (45.907 ms) : 45506, 46308
.   : milestone, 45907,
profiling (48.387 ms) : 47973, 48801
.   : milestone, 48387,
tracing (43.772 ms) : 43396, 44148
.   : milestone, 43772,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	37.639 ms [37.328 ms, 37.949 ms]	-
appsec	46.765 ms [46.345 ms, 47.184 ms]	9.126 ms (24.2%)
code_origins	43.453 ms [43.07 ms, 43.837 ms]	5.815 ms (15.4%)
iast	43.556 ms [43.176 ms, 43.936 ms]	5.917 ms (15.7%)
profiling	46.814 ms [46.359 ms, 47.268 ms]	9.175 ms (24.4%)
tracing	44.033 ms [43.661 ms, 44.406 ms]	6.395 ms (17.0%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	36.818 ms [36.527 ms, 37.109 ms]	-
appsec	45.956 ms [45.546 ms, 46.366 ms]	9.138 ms (24.8%)
code_origins	45.675 ms [45.27 ms, 46.08 ms]	8.858 ms (24.1%)
iast	45.907 ms [45.506 ms, 46.308 ms]	9.09 ms (24.7%)
profiling	48.387 ms [47.973 ms, 48.801 ms]	11.569 ms (31.4%)
tracing	43.772 ms [43.396 ms, 44.148 ms]	6.954 ms (18.9%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/fix-9346
git_commit_date	1755003120	1755003387
git_commit_sha	`8d4316a`	`700d50a`
release_version	1.53.0-SNAPSHOT~8d4316af7d	1.53.0-SNAPSHOT~700d50a332

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1755005560	1755005560
ci_job_id	1075980025	1075980025
ci_pipeline_id	73407427	73407427
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-h5vwpnb7 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-h5vwpnb7 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.53.0-SNAPSHOT~700d50a332, baseline=1.53.0-SNAPSHOT~8d4316af7d
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.482 ms) : 1470, 1493
.   : milestone, 1482,
appsec (2.422 ms) : 2372, 2471
.   : milestone, 2422,
iast (2.204 ms) : 2142, 2267
.   : milestone, 2204,
iast_GLOBAL (2.238 ms) : 2175, 2301
.   : milestone, 2238,
profiling (2.066 ms) : 2014, 2118
.   : milestone, 2066,
tracing (2.024 ms) : 1976, 2073
.   : milestone, 2024,
section candidate
no_agent (1.479 ms) : 1468, 1491
.   : milestone, 1479,
appsec (2.42 ms) : 2370, 2470
.   : milestone, 2420,
iast (2.218 ms) : 2156, 2281
.   : milestone, 2218,
iast_GLOBAL (2.245 ms) : 2182, 2308
.   : milestone, 2245,
profiling (2.485 ms) : 2318, 2652
.   : milestone, 2485,
tracing (2.023 ms) : 1974, 2071
.   : milestone, 2023,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.482 ms [1.47 ms, 1.493 ms]	-
appsec	2.422 ms [2.372 ms, 2.471 ms]	939.875 µs (63.4%)
iast	2.204 ms [2.142 ms, 2.267 ms]	722.49 µs (48.8%)
iast_GLOBAL	2.238 ms [2.175 ms, 2.301 ms]	756.218 µs (51.0%)
profiling	2.066 ms [2.014 ms, 2.118 ms]	584.341 µs (39.4%)
tracing	2.024 ms [1.976 ms, 2.073 ms]	542.717 µs (36.6%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.479 ms [1.468 ms, 1.491 ms]	-
appsec	2.42 ms [2.37 ms, 2.47 ms]	940.588 µs (63.6%)
iast	2.218 ms [2.156 ms, 2.281 ms]	739.023 µs (50.0%)
iast_GLOBAL	2.245 ms [2.182 ms, 2.308 ms]	765.742 µs (51.8%)
profiling	2.485 ms [2.318 ms, 2.652 ms]	1.005 ms (68.0%)
tracing	2.023 ms [1.974 ms, 2.071 ms]	543.317 µs (36.7%)

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.53.0-SNAPSHOT~700d50a332, baseline=1.53.0-SNAPSHOT~8d4316af7d
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.436 s) : 15436000, 15436000
.   : milestone, 15436000,
appsec (14.883 s) : 14883000, 14883000
.   : milestone, 14883000,
iast (18.912 s) : 18912000, 18912000
.   : milestone, 18912000,
iast_GLOBAL (18.204 s) : 18204000, 18204000
.   : milestone, 18204000,
profiling (15.523 s) : 15523000, 15523000
.   : milestone, 15523000,
tracing (14.857 s) : 14857000, 14857000
.   : milestone, 14857000,
section candidate
no_agent (14.995 s) : 14995000, 14995000
.   : milestone, 14995000,
appsec (14.604 s) : 14604000, 14604000
.   : milestone, 14604000,
iast (18.713 s) : 18713000, 18713000
.   : milestone, 18713000,
iast_GLOBAL (18.017 s) : 18017000, 18017000
.   : milestone, 18017000,
profiling (15.637 s) : 15637000, 15637000
.   : milestone, 15637000,
tracing (15.116 s) : 15116000, 15116000
.   : milestone, 15116000,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.436 s [15.436 s, 15.436 s]	-
appsec	14.883 s [14.883 s, 14.883 s]	-553.0 ms (-3.6%)
iast	18.912 s [18.912 s, 18.912 s]	3.476 s (22.5%)
iast_GLOBAL	18.204 s [18.204 s, 18.204 s]	2.768 s (17.9%)
profiling	15.523 s [15.523 s, 15.523 s]	87.0 ms (0.6%)
tracing	14.857 s [14.857 s, 14.857 s]	-579.0 ms (-3.8%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.995 s [14.995 s, 14.995 s]	-
appsec	14.604 s [14.604 s, 14.604 s]	-391.0 ms (-2.6%)
iast	18.713 s [18.713 s, 18.713 s]	3.718 s (24.8%)
iast_GLOBAL	18.017 s [18.017 s, 18.017 s]	3.022 s (20.2%)
profiling	15.637 s [15.637 s, 15.637 s]	642.0 ms (4.3%)
tracing	15.116 s [15.116 s, 15.116 s]	121.0 ms (0.8%)

smola

Looks good!

What Does This Do Modifies WafModule#buildEvents to safely handle actionWithData.data being null. Motivation Fix #9346 Additional Notes The current version of libddwaf may return null in the data field of actionWithData. This was previously not handled and could cause unexpected logged exceptions. The method now explicitly checks for null to prevent this. (cherry picked from commit ef2e9f0)

Backport #9355 to release/v1.52.x

| Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | [com.datadoghq:dd-trace-api](https://github.com/datadog/dd-trace-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `1.52.1` -> `1.53.0` | --- ### Release Notes <details> <summary>datadog/dd-trace-java (com.datadoghq:dd-trace-api)</summary> ### [`v1.53.0`](https://github.com/DataDog/dd-trace-java/releases/tag/v1.53.0): 1.53.0 ### Components #### Application Security Management (WAF) - 🐛 Fix NullPointerException log in AppSec ([#9355](DataDog/dd-trace-java#9355) - [@jandro996](https://github.com/jandro996)) - ✨ Add Forwarded header as a source to client IP resolution ([#9310](DataDog/dd-trace-java#9310) - [@jandro996](https://github.com/jandro996)) #### Build & Tooling - 📖 Update CODEOWNERS ([#9294](DataDog/dd-trace-java#9294) - [@mhlidd](https://github.com/mhlidd)) - ✨ Add dependency on Maven Central deployment to OCI publish jobs ([#9204](DataDog/dd-trace-java#9204) - [@sarahchen6](https://github.com/sarahchen6)) #### Continuous Integration Visibility - ✨ Upload code coverage reports to Datadog ([#9425](DataDog/dd-trace-java#9425) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨⚡ Do not follow symlinks by default when building repository index ([#9318](DataDog/dd-trace-java#9318) - [@nikita-tkachenko-datadog](https://github.com/nikita-tkachenko-datadog)) - ✨ Improve tag propagation between test event levels ([#9278](DataDog/dd-trace-java#9278) - [@daniel-mohedano](https://github.com/daniel-mohedano)) #### Data Streams Monitoring - ✨ Create container hash tags propagation ([#9282](DataDog/dd-trace-java#9282) - [@ygree](https://github.com/ygree)) #### Database Monitoring - 🐛 Prevent crash in SQL Server's JDBC when tracing execute methods with generated keys ([#9321](DataDog/dd-trace-java#9321) - [@na-ji](https://github.com/na-ji)) - ✨ Create container hash tags propagation ([#9282](DataDog/dd-trace-java#9282) - [@ygree](https://github.com/ygree)) #### GraalVM native-image - 🐛 Update GraalVM config to reflect TempLocationManager's new package ([#9337](DataDog/dd-trace-java#9337) - [@luneo7](https://github.com/luneo7) - thanks for the contribution!) #### Metrics - 🐛 Add reflect config for CSS and graalvm ([#9449](DataDog/dd-trace-java#9449) - [@amarziali](https://github.com/amarziali)) - ✨ Align CSS health metrics ([#9444](DataDog/dd-trace-java#9444) - [@amarziali](https://github.com/amarziali)) - ✨ Aggregate peer tags for consumer span kind ([#9442](DataDog/dd-trace-java#9442) - [@amarziali](https://github.com/amarziali)) - ✨ Implement health metrics for client stats ([#9377](DataDog/dd-trace-java#9377) - [@amarziali](https://github.com/amarziali)) - ✨ Add peer tags, span kind and trace root flag to MetricKey bucket ([#9178](DataDog/dd-trace-java#9178) - [@bric3](https://github.com/bric3)) #### Profiling - ✨ Create a profile flare reporter (requires tracing or CI vis to be enabled) ([#9433](DataDog/dd-trace-java#9433) - [@MattAlp](https://github.com/MattAlp)) - 🐛 Properly fall-back on UDS profiling URL ([#9401](DataDog/dd-trace-java#9401) - [@jbachorik](https://github.com/jbachorik)) - 🐛 Properly handle trace agent IPv6 URL in profiling ([#9334](DataDog/dd-trace-java#9334) - [@jbachorik](https://github.com/jbachorik)) #### Realtime User Monitoring - 🐛 Avoid multiple injections on dispatch on jboss ([#9392](DataDog/dd-trace-java#9392) - [@amarziali](https://github.com/amarziali)) - ✨ Support async servlet for RUM injection ([#9333](DataDog/dd-trace-java#9333) - [@amarziali](https://github.com/amarziali)) - 🐛 Improve RUM injection matching and avoid truncating responses ([#9323](DataDog/dd-trace-java#9323) - [@amarziali](https://github.com/amarziali)) - 💡 Add telemetry for the RUM injector ([#9267](DataDog/dd-trace-java#9267) - [@sarahchen6](https://github.com/sarahchen6)) - ✨ Make rum injector stream/writer more resilient to errors ([#9184](DataDog/dd-trace-java#9184) - [@amarziali](https://github.com/amarziali)) #### Telemetry - 🐛 Remediate error logs ([#9459](DataDog/dd-trace-java#9459) - [@ygree](https://github.com/ygree)) - ✨ Report config\_id for Hands Off Config files ([#9299](DataDog/dd-trace-java#9299) - [@mtoffl01](https://github.com/mtoffl01)) - ✨ Adding Config Inversion Telemetry component ([#9244](DataDog/dd-trace-java#9244) - [@mhlidd](https://github.com/mhlidd)) #### Trace context propagation - 🧹 Migrate instrumentations to Context API ([#9384](DataDog/dd-trace-java#9384), [#9378](DataDog/dd-trace-java#9378), [#9358](DataDog/dd-trace-java#9358) - [@PerfectSlayer](https://github.com/PerfectSlayer)) - ✨🔍 Add baggage propagation telemetry ([#9289](DataDog/dd-trace-java#9289) - [@rachelyangdog](https://github.com/rachelyangdog)) - 🧹 Improve Instrumenter API to use Context instead of Span ([#9211](DataDog/dd-trace-java#9211) - [@PerfectSlayer](https://github.com/PerfectSlayer)) #### Tracer core - 💡:test\_tube: Enable process level tags for java 21 applications ([#9458](DataDog/dd-trace-java#9458) - [@amarziali](https://github.com/amarziali)) - ✨ Move base and peer service adder before span is published ([#9408](DataDog/dd-trace-java#9408) - [@amarziali](https://github.com/amarziali)) - ✨ Add ErrorPriorities level for manual instrumentation ([#9387](DataDog/dd-trace-java#9387) - [@cecile75](https://github.com/cecile75)) - ✨ Throw InvalidBooleanValueException in ConfigConverter.booleanValueOf ([#9370](DataDog/dd-trace-java#9370) - [@mtoffl01](https://github.com/mtoffl01)) - 🐛 Avoid NPE on featureDiscovery creation ([#9353](DataDog/dd-trace-java#9353) - [@amarziali](https://github.com/amarziali)) - ✨ Stable Config improvements ([#9259](DataDog/dd-trace-java#9259) - [@mtoffl01](https://github.com/mtoffl01)) ### Instrumentations #### gRPC instrumentation - 🐛 Changing GRPC instrumentation codes from `status.code` to `grpc.status.code` ([#9367](DataDog/dd-trace-java#9367) - [@mhlidd](https://github.com/mhlidd)) #### JDBC instrumentation - 🐛 Prevent crash in SQL Server's JDBC when tracing execute methods with generated keys ([#9321](DataDog/dd-trace-java#9321) - [@na-ji](https://github.com/na-ji)) #### Kotlin instrumentation - 🐛 Take defensive copy of original scope stack when restoring on different thread ([#9403](DataDog/dd-trace-java#9403) - [@mcculls](https://github.com/mcculls)) #### OpenTelemetry instrumentation - 🐛 Fix using SpanAttribute annotation on multiple parameters ([#9412](DataDog/dd-trace-java#9412) - [@cecile75](https://github.com/cecile75)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Never, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). GitOrigin-RevId: e23ec866cef91afc6b5226d5f0dc7da538d947e8

wip

700d50a

jandro996 added type: bug Bug report and fix comp: asm waf Application Security Management (WAF) labels Aug 12, 2025

jandro996 requested a review from smola August 12, 2025 13:18

jandro996 marked this pull request as ready for review August 12, 2025 13:18

jandro996 requested a review from a team as a code owner August 12, 2025 13:18

jandro996 requested a review from sezen-datadog August 12, 2025 13:18

smola approved these changes Aug 12, 2025

View reviewed changes

jandro996 merged commit ef2e9f0 into master Aug 12, 2025
506 checks passed

jandro996 deleted the alejandro.gonzalez/fix-9346 branch August 12, 2025 13:53

github-actions bot added this to the 1.53.0 milestone Aug 12, 2025

jandro996 mentioned this pull request Aug 12, 2025

🍒 9355 - Fix NullPointerException log in AppSec #9356

Merged

jandro996 added a commit that referenced this pull request Aug 12, 2025

9355 - Fix NullPointerException log in AppSec (#9356)

8777b20

Backport #9355 to release/v1.52.x

jandro996 mentioned this pull request Aug 13, 2025

NullPointerException in AppSec - Cannot invoke "String.length()" because "string" is null #9346

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Fix NullPointerException log in AppSec #9355

Fix NullPointerException log in AppSec #9355

jandro996 commented Aug 12, 2025 •

edited

Loading

Uh oh!

datadog-official bot commented Aug 12, 2025 •

edited by datadog-datadog-prod-us1 bot

Loading

Uh oh!

pr-commenter bot commented Aug 12, 2025

Uh oh!

smola left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Search code, repositories, users, issues, pull requests...

Fix NullPointerException log in AppSec #9355

Fix NullPointerException log in AppSec #9355

Conversation

jandro996 commented Aug 12, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What Does This Do

Motivation

Additional Notes

Contributor Checklist

Uh oh!

datadog-official bot commented Aug 12, 2025 • edited by datadog-datadog-prod-us1 bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

pr-commenter bot commented Aug 12, 2025

Benchmarks

Startup

Parameters

Summary

Load

Parameters

Summary

Dacapo

Parameters

Summary

Uh oh!

smola left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

jandro996 commented Aug 12, 2025 •

edited

Loading

datadog-official bot commented Aug 12, 2025 •

edited by datadog-datadog-prod-us1 bot

Loading