aikido-zen 1.3.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: da6cdcfab4ab64c1d5f25d652fe71da5f869e32516faffec48ad4c542abb2aec
-  data.tar.gz: 87ff936a996e0f4b4cd459cd4293cb60853c6f8f26f7b5b61ef698600e4921a9
+  metadata.gz: aa5de81052f55031065a0e154a9fe929d8928832cbaff2cad5657f0fd262a8ed
+  data.tar.gz: 0f7b951bef59f101be88141f284fda6f9786803868e3e54be84fb1f7c5a7909b
 SHA512:
-  metadata.gz: 42e79d8f15a8bdb3ec3fb4fe7b83648ae86784ee3c52a383b2052a7ed28957506aac56a1d90b18f5a0baa0eef65ea449aa46c0fde95a87e57ffbd7382fcf1b55
-  data.tar.gz: 979ee37703c1198f9a3b261819410e88ad53542e13a80b18cfe9458b5088fab5ce7cda228ef54ba01db2277eeda94db15bc23c396b0fa718fb9bf3f8cd7f3971
+  metadata.gz: 36338bd37e39be16311ead1f8caae49dc378f62b8641ee28fb0d7f264f6c3578f1a3db1291e33613e5c4ca443d5b3ba5e64babe827a6a5dcd9cc55fc1e787184
+  data.tar.gz: 31cce0645b2d3d092424c41bfccdbcc6166efb9295101074727cdc13b48a1914b2ad3c3db74010996ff2072d1b04231740ea3f90cb4b8b372201af5a4d2ed6fc

data/.simplecov

@@ -3,7 +3,7 @@
 # Due to dependency resolution, on Ruby 2.x we're stuck with a _very_ old
 # SimpleCov version, and it doesn't really give us any benefit to run coverage
 # in separate ruby versions since we don't branch on ruby version in the code.
-return if RUBY_VERSION < "3.0"
+return if Gem::Version.new(RUBY_VERSION) < Gem::Version.new("3.0")
 return if ENV["DISABLE_COVERAGE"] == "true"
 
 # Output coverage as LCOV to support CodeCov

data/docs/idor-protection.md

@@ -0,0 +1,130 @@
+# IDOR Protection
+
+IDOR stands for Insecure Direct Object Reference — it's when one account can access another account's data because a query doesn't properly filter by account.
+
+If your SaaS has accounts (or organizations, workspaces, teams, ...) and uses a column like `tenant_id` to keep each account's data separate, IDOR protection ensures every SQL query filters on the correct tenant. Zen analyzes queries at runtime and raises an error if a query is missing that filter or uses the wrong tenant ID, catching mistakes like:
+
+- A `SELECT` that forgets the tenant filter, letting one account read another's orders
+- An `UPDATE` or `DELETE` without a tenant filter, letting one account modify another's data
+- An `INSERT` that omits the tenant column, creating orphaned or misassigned rows
+
+Zen catches these at runtime so they surface during development and testing, not in production. See [IDOR vulnerability explained](https://www.aikido.dev/blog/idor-vulnerability-explained) for more background.
+
+> [!IMPORTANT]
+> IDOR protection always raises an `Aikido::Zen::IDOR::Error` on violations regardless of block/detect mode. A missing filter is a developer bug, not an external attack.
+
+## Setup
+
+### 1. Enable IDOR protection at startup
+
+```ruby
+...
+
+Aikido::Zen.config.idor_protection_enabled = true
+Aikido::Zen.config.idor_tenant_column_name = "tenant_id"
+Aikido::Zen.config.idor_excluded_table_names = ["users"]
+
+...
+```
+
+- `idor_tenant_column_name` — the column name that identifies the tenant in your database tables (e.g. `account_id`, `organization_id`, `team_id`).
+- `idor_excluded_table_names` — tables that Zen should skip IDOR checks for, because rows aren't scoped to a single tenant (e.g. a shared `users` table that stores users across all tenants).
+
+### 2. Set the tenant ID per request
+
+Every request must have a tenant ID when IDOR protection is enabled. Call `Aikido::Zen.set_tenant_id` early in your request handler (e.g. in middleware after authentication):
+
+```ruby
+Aikido::Zen.set_tenant_id(1)
+```
+
+> [!IMPORTANT]
+> If `Aikido::Zen.set_tenant_id` is not called for a request, Zen will raise an `Aikido::Zen::IDOR::Error` when a SQL query is executed.
+
+### 3. Bypass for specific queries (optional)
+
+Some queries don't need tenant filtering (e.g. aggregations across all tenants for an admin dashboard). Use `Aikido::Zen.without_idor_protection` to bypass the check for a specific block:
+
+```ruby
+...
+
+# IDOR checks are skipped for queries inside this block
+result = Aikido::Zen.without_idor_protection do
+  db.execute("SELECT count(*) FROM agents WHERE status = 'running'");
+end
+
+...
+```
+
+## Troubleshooting
+
+<details>
+<summary>Missing tenant filter</summary>
+
+```
+Zen IDOR protection: query on table 'orders' is missing a filter on column 'tenant_id'
+```
+
+This means you have a query like `SELECT * FROM orders WHERE status = 'active'` that doesn't filter on `tenant_id`. The same check applies to `UPDATE` and `DELETE` queries.
+
+</details>
+
+<details>
+<summary>Wrong tenant ID value</summary>
+
+```
+Zen IDOR protection: query on table 'orders' filters 'tenant_id' with value '456' but tenant ID is '123'
+```
+
+This means the query filters on `tenant_id`, but the value doesn't match the tenant ID set via `Aikido::Zen.set_tenant_id`.
+
+</details>
+
+<details>
+<summary>Missing tenant column in INSERT</summary>
+
+```
+Zen IDOR protection: INSERT on table 'orders' is missing column 'tenant_id'
+```
+
+This means an `INSERT` statement doesn't include the tenant column. Every INSERT must include the tenant column with the correct tenant ID value.
+
+</details>
+
+<details>
+<summary>Wrong tenant ID in INSERT</summary>
+
+```
+Zen IDOR protection: INSERT on table 'orders' sets 'tenant_id' to '456' but tenant ID is '123'
+```
+
+This means the INSERT includes the tenant column, but the value doesn't match the tenant ID set via `Aikido::Zen.set_tenant_id`.
+
+</details>
+
+<details>
+<summary>Missing Aikido::Zen.set_tenant_id call</summary>
+
+```
+Zen IDOR protection: Aikido::Zen.set_tenant_id was not called for this request. Every request must have a tenant ID when IDOR protection is enabled.
+```
+
+</details>
+
+## Supported databases
+
+- SQLite (via `sqlite3` Gem)
+- PostgreSQL (via `pg` Gem)
+- MySQL (via `mysql2` and `trilogy` Gems)
+
+Any ORM or query builder that uses these database packages under the hood is supported (e.g. ActiveRecord). ORMs that use their own database engine are not supported unless configured to use a supported driver adapter.
+
+## Limitations
+
+## Statements that are always allowed
+
+Zen only checks statements that read or modify row data (`SELECT`, `INSERT`, `UPDATE`, `DELETE`). The following statement types are also recognized and never trigger an IDOR error:
+
+- DDL — `CREATE TABLE`, `ALTER TABLE`, `DROP TABLE`, ...
+- Session commands — `SET`, `SHOW`, ...
+- Transactions — `BEGIN`, `COMMIT`, `ROLLBACK`, ...

data/docs/invalid-sql-queries.md

@@ -0,0 +1,9 @@
+# Blocking invalid SQL queries
+
+Zen blocks SQL queries that it can't tokenize when they contain user input. This prevents attackers from bypassing SQL injection detection with malformed queries. For example, ClickHouse ignores invalid SQL after `;`, and SQLite runs queries before an unclosed `/*` comment.
+
+This is on by default. In blocking mode, these queries are blocked. In detection-only mode, they are reported but still executed.
+
+If you see false positives (legitimate queries being blocked), set
+`AIKIDO_BLOCK_INVALID_SQL=false` in your environment, or set
+`Aikido::Zen.config.block_invalid_sql = false`.

data/lib/aikido/zen/attack.rb

@@ -121,11 +121,12 @@ module Aikido::Zen
       attr_reader :input
       attr_reader :dialect
 
-      def initialize(query:, input:, dialect:, **opts)
+      def initialize(query:, input:, dialect:, failed_to_tokenize:, **opts)
         super(**opts)
         @query = query
         @input = input
         @dialect = dialect
+        @failed_to_tokenize = failed_to_tokenize
       end
 
       def humanized_name
@@ -139,8 +140,9 @@ module Aikido::Zen
       def metadata
         {
           sql: @query,
-          dialect: @dialect.name
-        }
+          dialect: @dialect.name,
+          failedToTokenize: @failed_to_tokenize || nil
+        }.compact
       end
 
       def exception(*)

data/lib/aikido/zen/config.rb

@@ -28,6 +28,14 @@ module Aikido::Zen
     attr_accessor :blocking_mode
     alias_method :blocking_mode?, :blocking_mode
 
+    # @return [Boolean] is the agent in debugging mode?
+    attr_accessor :debugging
+    alias_method :debugging?, :debugging
+
+    # @return [String] the token obtained when configuring the Firewall in the
+    #   Aikido interface.
+    attr_accessor :api_token
+
     # @return [URI] The HTTP host for the Aikido API. Defaults to
     #   +https://guard.aikido.dev+.
     attr_reader :api_endpoint
@@ -39,10 +47,6 @@ module Aikido::Zen
     # @return [Hash] HTTP timeouts for communicating with the API.
     attr_reader :api_timeouts
 
-    # @return [String] the token obtained when configuring the Firewall in the
-    #   Aikido interface.
-    attr_accessor :api_token
-
     # @return [Integer] the interval in seconds to poll the runtime API for
     #   settings changes. Defaults to evey 60 seconds.
     attr_accessor :polling_interval
@@ -67,10 +71,6 @@ module Aikido::Zen
     # Defaults to `aikido-detached-agent.sock`.
     attr_accessor :detached_agent_socket_path
 
-    # @return [Boolean] is the agent in debugging mode?
-    attr_accessor :debugging
-    alias_method :debugging?, :debugging
-
     # @return [String] environment specific HTTP header providing the client IP.
     attr_accessor :client_ip_header
 
@@ -165,6 +165,12 @@ module Aikido::Zen
     attr_accessor :harden
     alias_method :harden?, :harden
 
+    # @return [Boolean] whether Aikido Zen should block SQL queries that fail
+    #   tokenization when user input is present. Defaults to false. Can be set
+    #   through AIKIDO_BLOCK_INVALID_SQL environment variable.
+    attr_accessor :block_invalid_sql
+    alias_method :block_invalid_sql?, :block_invalid_sql
+
     # @return [Integer] how many suspicious requests are allowed before an
     #   attack wave detected event is reported.
     #   Defaults to 15 requests.
@@ -188,19 +194,41 @@ module Aikido::Zen
     #   Defaults to 15 entries.
     attr_accessor :attack_wave_max_cache_samples
 
+    # @return [Float, nil] the timeout in seconds for regular expression matching.
+    #  Applied to selected internal regular expressions to mitigate ReDoS risks.
+    #  Defaults to 1.0 seconds.
+    attr_accessor :redos_regexp_timeout
+
+    # @return [Boolean] whether the IDOR protection feature is enabled.
+    #   Defaults to false.
+    attr_accessor :idor_protection_enabled
+    alias_method :idor_protection_enabled?, :idor_protection_enabled
+
+    # @return [String] the tenant column name for IDOR protection.
+    #   Defaults to nil.
+    attr_accessor :idor_tenant_column_name
+
+    # @return [Array<String>] the table names to exclude for IDOR protection.
+    #   Defaults to [].
+    attr_accessor :idor_excluded_table_names
+
+    # @return [Integer] the maximum number of entries in the LRU cache.
+    #   Defaults to 1000 entries.
+    attr_accessor :idor_max_cache_entries
+
     def initialize
       self.insert_middleware_after = ::ActionDispatch::RemoteIp
       self.disabled = read_boolean_from_env(ENV.fetch("AIKIDO_DISABLE", false)) || read_boolean_from_env(ENV.fetch("AIKIDO_DISABLED", false))
       self.blocking_mode = read_boolean_from_env(ENV.fetch("AIKIDO_BLOCK", false))
-      self.api_timeouts = 10
+      self.debugging = read_boolean_from_env(ENV.fetch("AIKIDO_DEBUG", false))
+      self.api_token = ENV.fetch("AIKIDO_TOKEN", nil)
       self.api_endpoint = ENV.fetch("AIKIDO_ENDPOINT", DEFAULT_AIKIDO_ENDPOINT)
       self.realtime_endpoint = ENV.fetch("AIKIDO_REALTIME_ENDPOINT", DEFAULT_RUNTIME_BASE_URL)
-      self.api_token = ENV.fetch("AIKIDO_TOKEN", nil)
+      self.api_timeouts = 10
       self.polling_interval = 60 # 1 min
       self.initial_heartbeat_delays = [30, 60 * 2] # 30 sec, 2 min
       self.json_encoder = DEFAULT_JSON_ENCODER
       self.json_decoder = DEFAULT_JSON_DECODER
-      self.debugging = read_boolean_from_env(ENV.fetch("AIKIDO_DEBUG", false))
       self.logger = Logger.new($stdout, progname: "aikido", level: debugging ? Logger::DEBUG : Logger::INFO)
       self.detached_agent_socket_path = ENV.fetch("AIKIDO_DETACHED_AGENT_SOCKET_PATH", DEFAULT_DETACHED_AGENT_SOCKET_PATH)
       self.client_ip_header = ENV.fetch("AIKIDO_CLIENT_IP_HEADER", nil)
@@ -208,25 +236,31 @@ module Aikido::Zen
       self.max_compressed_stats = 100
       self.max_outbound_connections = 200
       self.max_users_tracked = 1000
-      self.request_builder = Aikido::Zen::Context::RACK_REQUEST_BUILDER
       self.blocked_responder = DEFAULT_BLOCKED_RESPONDER
       self.rate_limited_responder = DEFAULT_RATE_LIMITED_RESPONDER
       self.rate_limiting_discriminator = DEFAULT_RATE_LIMITING_DISCRIMINATOR
-      self.server_rate_limit_deadline = 30 * 60 # 30 min
-      self.client_rate_limit_period = 60 * 60 # 1 hour
-      self.client_rate_limit_max_events = 100
       self.collect_api_schema = read_boolean_from_env(ENV.fetch("AIKIDO_FEATURE_COLLECT_API_SCHEMA", true))
       self.api_schema_max_samples = Integer(ENV.fetch("AIKIDO_MAX_API_DISCOVERY_SAMPLES", 10))
       self.api_schema_collection_max_depth = 20
       self.api_schema_collection_max_properties = 20
+      self.request_builder = Aikido::Zen::Context::RACK_REQUEST_BUILDER
+      self.client_rate_limit_period = 60 * 60 # 1 hour
+      self.client_rate_limit_max_events = 100
+      self.server_rate_limit_deadline = 30 * 60 # 30 min
       self.stored_ssrf = read_boolean_from_env(ENV.fetch("AIKIDO_FEATURE_STORED_SSRF", true))
       self.imds_allowed_hosts = ["metadata.google.internal", "metadata.goog"]
       self.harden = read_boolean_from_env(ENV.fetch("AIKIDO_HARDEN", true))
+      self.block_invalid_sql = read_boolean_from_env(ENV.fetch("AIKIDO_BLOCK_INVALID_SQL", false))
       self.attack_wave_threshold = 15
       self.attack_wave_min_time_between_requests = 60 * 1000 # 1 min (ms)
       self.attack_wave_min_time_between_events = 20 * 60 * 1000 # 20 min (ms)
       self.attack_wave_max_cache_entries = 10_000
       self.attack_wave_max_cache_samples = 15
+      self.redos_regexp_timeout = 1.0
+      self.idor_protection_enabled = false
+      self.idor_tenant_column_name = nil
+      self.idor_excluded_table_names = []
+      self.idor_max_cache_entries = 1000
     end
 
     # Set the base URL for API requests.

data/lib/aikido/zen/context/rack_request.rb

@@ -14,12 +14,36 @@ module Aikido::Zen
     request = Aikido::Zen::Request.new(delegate, framework: "rack", router: router)
 
     Context.new(request) do |req|
+      query = begin
+        req.GET
+      rescue
+        {}
+      end
+
+      body = begin
+        req.POST
+      rescue
+        {}
+      end
+
+      header = begin
+        req.normalized_headers
+      rescue
+        {}
+      end
+
+      cookie = begin
+        req.cookies
+      rescue
+        {}
+      end
+
       {
-        query: req.GET,
-        body: req.POST,
+        query: query,
+        body: body,
         route: {},
-        header: req.normalized_headers,
-        cookie: req.cookies,
+        header: header,
+        cookie: cookie,
         subdomain: []
       }
     end

data/lib/aikido/zen/context/rails_request.rb

@@ -34,13 +34,49 @@ module Aikido::Zen
     end
 
     Context.new(request) do |req|
+      query = begin
+        req.query_parameters
+      rescue
+        {}
+      end
+
+      body = begin
+        req.request_parameters
+      rescue
+        {}
+      end
+
+      route = begin
+        req.path_parameters
+      rescue
+        {}
+      end
+
+      header = begin
+        req.normalized_headers
+      rescue
+        {}
+      end
+
+      cookie = begin
+        decrypt_cookies.call(req)
+      rescue
+        {}
+      end
+
+      subdomain = begin
+        req.subdomains
+      rescue
+        []
+      end
+
       {
-        query: req.query_parameters,
-        body: req.request_parameters,
-        route: req.path_parameters,
-        header: req.normalized_headers,
-        cookie: decrypt_cookies.call(req),
-        subdomain: req.subdomains
+        query: query,
+        body: body,
+        route: route,
+        header: header,
+        cookie: cookie,
+        subdomain: subdomain
       }
     end
   end

data/lib/aikido/zen/context.rb

@@ -30,6 +30,10 @@ module Aikido::Zen
     attr_accessor :protection_disabled
     alias_method :protection_disabled?, :protection_disabled
 
+    # @return [Boolean]
+    attr_accessor :idor_protection_enabled
+    alias_method :idor_protection_enabled?, :idor_protection_enabled
+
     # @param request [Rack::Request] a Request object that implements the
     #   Rack::Request API, to which we will delegate behavior.
     # @param settings [Aikido::Zen::RuntimeSettings]
@@ -45,6 +49,7 @@ module Aikido::Zen
       @metadata = {}
       @scanning = false
       @protection_disabled = false
+      @idor_protection_enabled = false
     end
 
     # Fetch some metadata stored in the Context.

data/lib/aikido/zen/helpers.rb

@@ -19,6 +19,16 @@ module Aikido
         normalized_path.chomp!("/") unless normalized_path == "/"
         normalized_path
       end
+
+      # Returns a copy of the regexp with the timeout set if timeout is supported.
+      #
+      # @param regexp [Regexp] the regexp
+      # @return [Regexp] the regexp with timeout set
+      def self.regexp_with_timeout(regexp, timeout: Aikido::Zen.config.redos_regexp_timeout)
+        return regexp if Gem::Version.new(RUBY_VERSION) < Gem::Version.new("3.2")
+
+        Regexp.new(regexp.source, regexp.options, timeout: timeout)
+      end
     end
   end
 end

data/lib/aikido/zen/idor/analysis_result.rb

@@ -0,0 +1,173 @@
+# frozen_string_literal: true
+
+module Aikido::Zen
+  module IDOR
+    class Table
+      def self.from_json(data)
+        new(
+          name: data["name"],
+          alt_name: data["alias"]
+        )
+      end
+
+      # @param name [String]
+      # @param alt_name [String, nil]
+      def initialize(name:, alt_name: nil)
+        @name = name
+        @alt_name = alt_name
+      end
+
+      # @return [String]
+      attr_accessor :name
+      # @return [String, nil]
+      attr_accessor :alt_name
+
+      def ==(other)
+        other.is_a?(self.class) &&
+          other.name == name &&
+          other.alt_name == alt_name
+      end
+      alias_method :eql?, :==
+    end
+
+    class FilterColumn
+      def self.from_json(data)
+        new(
+          table_qualifier: data["table"],
+          name: data["column"],
+          value: data["value"],
+          is_placeholder: data["is_placeholder"],
+          placeholder_number: data["placeholder_number"]
+        )
+      end
+
+      # @param table_qualifier [String, nil]
+      # @param name [String]
+      # @param value [String]
+      # @param is_placeholder [Boolean]
+      # @param placeholder_number [Integer, nil]
+      def initialize(table_qualifier:, name:, value:, is_placeholder:, placeholder_number: nil)
+        @table_qualifier = table_qualifier
+        @name = name
+        @value = value
+        @is_placeholder = is_placeholder
+        @placeholder_number = placeholder_number
+      end
+
+      # @return [String, nil]
+      attr_accessor :table_qualifier
+
+      # @return [String]
+      attr_accessor :name
+
+      # @return [String]
+      attr_accessor :value
+
+      # @return [Boolean]
+      attr_accessor :is_placeholder
+
+      # @return [Integer, nil]
+      attr_accessor :placeholder_number
+
+      def ==(other)
+        other.is_a?(self.class) &&
+          other.table_qualifier == table_qualifier &&
+          other.name == name &&
+          other.value == value &&
+          other.is_placeholder == is_placeholder &&
+          other.placeholder_number == placeholder_number
+      end
+      alias_method :eql?, :==
+    end
+
+    class InsertColumn
+      def self.from_json(data)
+        new(
+          name: data["column"],
+          value: data["value"],
+          is_placeholder: data["is_placeholder"],
+          placeholder_number: data["placeholder_number"]
+        )
+      end
+
+      # @param name [String]
+      # @param value [String]
+      # @param is_placeholder [Boolean]
+      # @param placeholder_number [Integer, nil]
+      def initialize(name:, value:, is_placeholder:, placeholder_number: nil)
+        @name = name
+        @value = value
+        @is_placeholder = is_placeholder
+        @placeholder_number = placeholder_number
+      end
+
+      # @return [String]
+      attr_accessor :name
+
+      # @return [String]
+      attr_accessor :value
+
+      # @return [Boolean]
+      attr_accessor :is_placeholder
+
+      # @return [Integer, nil]
+      attr_accessor :placeholder_number
+
+      def ==(other)
+        other.is_a?(self.class) &&
+          other.name == name &&
+          other.value == value &&
+          other.is_placeholder == is_placeholder &&
+          other.placeholder_number == placeholder_number
+      end
+      alias_method :eql?, :==
+    end
+
+    class SQLQueryResult
+      def self.from_json(data)
+        new(
+          kind: data["kind"].to_sym,
+          tables: data["tables"].map { |value| Table.from_json(value) },
+          filter_columns: data["filters"].map { |value| FilterColumn.from_json(value) },
+          insert_columns: data["insert_columns"]&.map do |values|
+            values.map { |value| InsertColumn.from_json(value) }
+          end
+        )
+      end
+
+      # @param kind [:select, :insert, :update, :delete]
+      # @param tables [Array<Aikido::Zen::IDOR::Table>]
+      # @param filter_columns [Array<Aikido::Zen::IDOR::FilterColumn>]
+      # @param insert_columns [Array<Array<Aikido::Zen::IDOR::InsertColumn>>, nil]
+      def initialize(kind:, tables:, filter_columns:, insert_columns: nil)
+        raise ArgumentError, "kind must be one of :select, :insert, :update, or :delete" unless [:select, :insert, :update, :delete].include?(kind)
+
+        @kind = kind
+        @tables = tables
+        @filter_columns = filter_columns
+        @insert_columns = insert_columns
+      end
+
+      # @return [:select, :insert, :update, :delete]
+      attr_accessor :kind
+
+      # @return [Array<Aikido::Zen::IDOR::Table>]
+      attr_accessor :tables
+
+      # @return [Array<Aikido::Zen::IDOR::FilterColumn>]
+      attr_accessor :filter_columns
+
+      # @return [Array<Array<Aikido::Zen::IDOR::InsertColumn>>, nil]
+      attr_accessor :insert_columns
+
+      def ==(other)
+        other.is_a?(self.class) &&
+          other.kind == kind &&
+          other.tables == tables &&
+          other.filter_columns == filter_columns &&
+          other.insert_columns == insert_columns
+      end
+      alias_method :eql?, :==
+    end
+  end
+end