RubyGems - contrast-agent - Versions diffs - 3.12.0 → 3.13.2 - Mend

contrast-agent 3.12.0 → 3.13.2

Files changed (171) hide show

checksums.yaml +4 -4
data/.dockerignore +0 -1
data/.gitignore +1 -1
data/.simplecov +1 -1
data/Rakefile +31 -0
data/ext/build_funchook.rb +0 -2
data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +2 -8
data/ext/cs__assess_fiber_track/cs__assess_fiber_track.h +0 -1
data/ext/cs__assess_string_interpolation26/cs__assess_string_interpolation26.c +1 -6
data/ext/cs__assess_yield_track/cs__assess_yield_track.c +1 -5
data/ext/cs__assess_yield_track/cs__assess_yield_track.h +0 -1
data/ext/cs__common/cs__common.c +24 -0
data/ext/cs__common/cs__common.h +3 -0
data/ext/cs__common/extconf.rb +0 -14
data/ext/extconf_common.rb +0 -28
data/lib/contrast.rb +3 -1
data/lib/contrast/agent.rb +14 -2
data/lib/contrast/agent/assess/contrast_event.rb +28 -167
data/lib/contrast/agent/assess/events/source_event.rb +3 -7
data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +1 -1
data/lib/contrast/agent/assess/policy/policy_node.rb +4 -98
data/lib/contrast/agent/assess/policy/propagation_method.rb +1 -2
data/lib/contrast/agent/assess/policy/propagation_node.rb +5 -1
data/lib/contrast/agent/assess/policy/propagator/base.rb +1 -1
data/lib/contrast/agent/assess/policy/propagator/insert.rb +1 -4
data/lib/contrast/agent/assess/policy/propagator/match_data.rb +9 -1
data/lib/contrast/agent/assess/policy/propagator/remove.rb +6 -11
data/lib/contrast/agent/assess/policy/propagator/select.rb +4 -4
data/lib/contrast/agent/assess/policy/propagator/split.rb +2 -2
data/lib/contrast/agent/assess/policy/propagator/substitution.rb +4 -4
data/lib/contrast/agent/assess/policy/propagator/trim.rb +6 -10
data/lib/contrast/agent/assess/policy/source_method.rb +1 -2
data/lib/contrast/agent/assess/policy/trigger_method.rb +2 -10
data/lib/contrast/agent/assess/policy/trigger_node.rb +16 -4
data/lib/contrast/agent/assess/properties.rb +4 -382
data/lib/contrast/agent/assess/property/evented.rb +78 -0
data/lib/contrast/agent/assess/property/tagged.rb +339 -0
data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +2 -20
data/lib/contrast/agent/assess/tag.rb +27 -12
data/lib/contrast/agent/at_exit_hook.rb +3 -1
data/lib/contrast/agent/exclusion_matcher.rb +2 -2
data/lib/contrast/agent/inventory/policy/datastores.rb +0 -1
data/lib/contrast/agent/middleware.rb +2 -14
data/lib/contrast/agent/patching/policy/patch.rb +1 -1
data/lib/contrast/agent/patching/policy/policy.rb +3 -3
data/lib/contrast/agent/patching/policy/policy_node.rb +2 -2
data/lib/contrast/agent/protect/policy/rule_applicator.rb +2 -2
data/lib/contrast/agent/protect/rule/base.rb +19 -31
data/lib/contrast/agent/protect/rule/base_service.rb +1 -1
data/lib/contrast/agent/protect/rule/http_method_tampering.rb +2 -7
data/lib/contrast/agent/protect/rule/xxe.rb +1 -0
data/lib/contrast/agent/reaction_processor.rb +3 -3
data/lib/contrast/agent/request.rb +92 -331
data/lib/contrast/agent/request_context.rb +15 -15
data/lib/contrast/agent/request_handler.rb +1 -1
data/lib/contrast/agent/response.rb +2 -14
data/lib/contrast/agent/scope.rb +1 -1
data/lib/contrast/agent/service_heartbeat.rb +7 -9
data/lib/contrast/agent/static_analysis.rb +1 -1
data/lib/contrast/agent/thread_watcher.rb +49 -0
data/lib/contrast/agent/version.rb +1 -1
data/lib/contrast/agent/worker_thread.rb +24 -0
data/lib/contrast/api.rb +3 -5
data/lib/contrast/api/communication.rb +20 -0
data/lib/contrast/api/communication/connection_status.rb +41 -0
data/lib/contrast/api/communication/messaging_queue.rb +79 -0
data/lib/contrast/{utils/service_response_util.rb → api/communication/response_processor.rb} +9 -18
data/lib/contrast/api/communication/service_lifecycle.rb +61 -0
data/lib/contrast/api/communication/socket.rb +45 -0
data/lib/contrast/api/communication/socket_client.rb +76 -0
data/lib/contrast/api/communication/speedracer.rb +111 -0
data/lib/contrast/api/communication/tcp_socket.rb +31 -0
data/lib/contrast/api/communication/unix_socket.rb +27 -0
data/lib/contrast/api/decorators.rb +10 -0
data/lib/contrast/api/decorators/address.rb +60 -0
data/lib/contrast/api/decorators/application_settings.rb +7 -3
data/lib/contrast/api/decorators/application_update.rb +0 -9
data/lib/contrast/api/decorators/http_request.rb +139 -0
data/lib/contrast/api/decorators/message.rb +75 -0
data/lib/contrast/api/decorators/rasp_rule_sample.rb +28 -0
data/lib/contrast/api/decorators/route_coverage.rb +57 -0
data/lib/contrast/api/decorators/trace_event.rb +99 -0
data/lib/contrast/api/decorators/trace_event_object.rb +57 -0
data/lib/contrast/api/decorators/trace_event_signature.rb +46 -0
data/lib/contrast/api/decorators/trace_taint_range.rb +51 -0
data/lib/contrast/api/decorators/trace_taint_range_tags.rb +109 -0
data/lib/contrast/api/decorators/user_input.rb +40 -0
data/lib/contrast/components/app_context.rb +0 -7
data/lib/contrast/components/config.rb +4 -9
data/lib/contrast/components/interface.rb +1 -1
data/lib/contrast/components/settings.rb +0 -6
data/lib/contrast/configuration.rb +2 -2
data/lib/contrast/extension/assess.rb +0 -1
data/lib/contrast/extension/assess/assess_extension.rb +1 -2
data/lib/contrast/extension/assess/fiber.rb +1 -1
data/lib/contrast/extension/assess/string.rb +1 -1
data/lib/contrast/extension/inventory.rb +0 -1
data/lib/contrast/framework/base_support.rb +0 -23
data/lib/contrast/framework/manager.rb +0 -9
data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +1 -3
data/lib/contrast/framework/rails/patch/assess_configuration.rb +3 -4
data/lib/contrast/framework/rails/support.rb +3 -32
data/lib/contrast/framework/sinatra/patch/base.rb +1 -1
data/lib/contrast/framework/sinatra/support.rb +11 -22
data/lib/contrast/funchook/funchook.rb +45 -0
data/lib/contrast/logger/application.rb +1 -1
data/lib/contrast/logger/format.rb +51 -0
data/lib/contrast/logger/log.rb +16 -9
data/lib/contrast/utils/assess/tracking_util.rb +45 -20
data/lib/contrast/utils/class_util.rb +3 -1
data/lib/contrast/utils/hash_digest.rb +11 -2
data/lib/contrast/utils/invalid_configuration_util.rb +1 -17
data/lib/contrast/utils/inventory_util.rb +2 -7
data/lib/contrast/utils/object_share.rb +0 -1
data/lib/contrast/utils/os.rb +16 -4
data/lib/contrast/utils/stack_trace_utils.rb +0 -1
data/lib/contrast/utils/tag_util.rb +1 -1
data/lib/contrast/utils/thread_tracker.rb +1 -14
data/lib/contrast/utils/timer.rb +1 -17
data/resources/deadzone/policy.json +5 -0
data/ruby-agent.gemspec +4 -4
data/service_executables/VERSION +1 -1
data/service_executables/linux/contrast-service +0 -0
data/service_executables/mac/contrast-service +0 -0
metadata +49 -71
data/funchook/Makefile +0 -29
data/funchook/autom4te.cache/output.0 +0 -4976
data/funchook/autom4te.cache/requests +0 -78
data/funchook/autom4te.cache/traces.0 +0 -364
data/funchook/config.log +0 -490
data/funchook/config.status +0 -1016
data/funchook/configure +0 -4976
data/funchook/src/Makefile +0 -70
data/funchook/src/config.h +0 -101
data/funchook/src/config.h.in +0 -100
data/funchook/src/decoder.o +0 -0
data/funchook/src/distorm.o +0 -0
data/funchook/src/funchook.o +0 -0
data/funchook/src/funchook_io.o +0 -0
data/funchook/src/funchook_syscall.o +0 -0
data/funchook/src/funchook_unix.o +0 -0
data/funchook/src/funchook_x86.o +0 -0
data/funchook/src/instructions.o +0 -0
data/funchook/src/insts.o +0 -0
data/funchook/src/libfunchook.so +0 -0
data/funchook/src/mnemonics.o +0 -0
data/funchook/src/operands.o +0 -0
data/funchook/src/os_func.o +0 -0
data/funchook/src/os_func_unix.o +0 -0
data/funchook/src/prefix.o +0 -0
data/funchook/src/printf_base.o +0 -0
data/funchook/src/textdefs.o +0 -0
data/funchook/src/wstring.o +0 -0
data/funchook/test/Makefile +0 -43
data/funchook/test/funchook_test +0 -0
data/funchook/test/libfunchook_test.so +0 -0
data/funchook/test/test_main.o +0 -0
data/funchook/test/x86_64_test.o +0 -0
data/lib/contrast/agent/assess/adjusted_span.rb +0 -27
data/lib/contrast/agent/socket_client.rb +0 -134
data/lib/contrast/api/connection_status.rb +0 -49
data/lib/contrast/api/socket.rb +0 -43
data/lib/contrast/api/speedracer.rb +0 -188
data/lib/contrast/api/tcp_socket.rb +0 -29
data/lib/contrast/api/unix_socket.rb +0 -25
data/lib/contrast/framework/sinatra/application_helper.rb +0 -51
data/lib/contrast/framework/view_technologies_descriptor.rb +0 -21
data/lib/contrast/internal_exception.rb +0 -8
data/lib/contrast/utils/cache.rb +0 -58
data/lib/contrast/utils/service_sender_util.rb +0 -167
data/lib/contrast/utils/sinatra_helper.rb +0 -49

data/lib/contrast/agent/assess/events/source_event.rb CHANGED

@@ -65,15 +65,11 @@ module Contrast
           # 2) I'll set the event's source and target to TS values.
           # 3) Return the highlight or the first source/target as the taint
           #    target.
-          def determine_taint_target event
+          def determine_taint_target event_dtm
             return unless @policy_node&.targets&.any?
-            event.source = @policy_node.source_string if @policy_node.source_string
-            event.target = if @highlight
-                             "P#{ @highlight }"
-                           else
-                             @policy_node.target_string
-                           end
+            event_dtm.source = @policy_node.source_string if @policy_node.source_string
+            event_dtm.target = @highlight ? "P#{ @highlight }" : @policy_node.target_string
             @highlight || @policy_node.targets[0]
           end
         end

data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb CHANGED

@@ -20,7 +20,7 @@ module Contrast
             # such that calls to that method will result in a Source Event.
             #
             # @param klass [Class] the Class to taint
-            # @param tainted_columns [Hash<String, Contrast::Agent::Assess::Properties>]
+            # @param tainted_columns [Hash{String => Contrast::Agent::Assess::Properties}]
             #   the name of the method to taint, mapped to the properties it
             #   should apply
             def create_sources klass, tainted_columns

data/lib/contrast/agent/assess/policy/policy_node.rb CHANGED

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 cs__scoped_require 'contrast/agent/patching/policy/policy_node'
+cs__scoped_require 'contrast/api/decorators/trace_taint_range_tags'
 module Contrast
   module Agent
@@ -69,7 +70,7 @@ module Contrast
           # 1) Split on ','
           # 2) If 'O', add the source, else it's P (we don't have R sources) and
           #    needs to be converted. P type will either be P:name or P# where #
-          #    is the index of the paramter. Drop the P and store the int as int
+          #    is the index of the parameter. Drop the P and store the int as int
           #    or name as symbol
           def generate_sources
             if source_string
@@ -137,7 +138,8 @@ module Contrast
             return unless tags
             tags.each do |tag|
-              next if VALID_TAGS.include?(tag) || VALID_SOURCE_TAGS.include?(tag)
+              next if Contrast::Api::Decorators::TraceTaintRangeTags::VALID_TAGS.include?(tag) ||
+                  Contrast::Api::Decorators::TraceTaintRangeTags::VALID_SOURCE_TAGS.include?(tag)
               raise(ArgumentError,
                     "#{ node_class } #{ id } had an invalid tag. #{ tag } is not a known value.")
@@ -173,102 +175,6 @@ module Contrast
             @event_action
           end
-          # EventTagTypeDTM
-          VALID_TAGS = %w[
-            XML_ENCODED
-            XML_DECODED
-            HTML_ENCODED
-            HTML_DECODED
-            URL_ENCODED
-            URL_DECODED
-            CSS_ENCODED
-            CSS_DECODED
-            BASE64_ENCODED
-            BASE64_DECODED
-            JAVASCRIPT_ENCODED
-            JAVASCRIPT_DECODED
-            JAVA_ENCODED
-            JAVA_DECODED
-            CSV_ENCODED
-            CSV_DECODED
-            SQL_ENCODED
-            SQL_DECODED
-            LDAP_ENCODED
-            LDAP_DECODED
-            XPATH_ENCODED
-            XPATH_DECODED
-            OS_ENCODED
-            OS_DECODED
-            VBSCRIPT_ENCODED
-            VBSCRIPT_DECODED
-            POTENTIAL_SANITIZED
-            POTENTIAL_VALIDATED
-            NO_CONTROL_CHARS
-            CUSTOM
-            CUSTOM_ENCODED
-            CUSTOM_ENCODED_CMD_INJECTION
-            CUSTOM_ENCODED_EXPRESSION_LANGUAGE_INJECTION
-            CUSTOM_ENCODED_HEADER_INJECTION
-            CUSTOM_ENCODED_HQL_INJECTION
-            CUSTOM_ENCODED_LDAP_INJECTION
-            CUSTOM_ENCODED_LOG_INJECTION
-            CUSTOM_ENCODED_NOSQL_INJECTION
-            CUSTOM_ENCODED_PATH_TRAVERSAL
-            CUSTOM_ENCODED_REDOS
-            CUSTOM_ENCODED_REFLECTED_XSS
-            CUSTOM_ENCODED_REFLECTION_INJECTION
-            CUSTOM_ENCODED_SMTP_INJECTION
-            CUSTOM_ENCODED_SQL_INJECTION
-            CUSTOM_ENCODED_SSRF
-            CUSTOM_ENCODED_STORED_XSS
-            CUSTOM_ENCODED_TRUST_BOUNDARY_VIOLATION
-            CUSTOM_ENCODED_UNSAFE_CODE_EXECUTION
-            CUSTOM_ENCODED_UNSAFE_READLINE
-            CUSTOM_ENCODED_UNSAFE_XML_DECODE
-            CUSTOM_ENCODED_UNTRUSTED_DESERIALIZATION
-            CUSTOM_ENCODED_UNVALIDATED_FORWARD
-            CUSTOM_ENCODED_UNVALIDATED_REDIRECT
-            CUSTOM_ENCODED_XPATH_INJECTION
-            CUSTOM_ENCODED_XXE
-            CUSTOM_SECURITY_CONTROL_APPLIED
-            CUSTOM_VALIDATED
-            CUSTOM_VALIDATED_CMD_INJECTION
-            CUSTOM_VALIDATED_EXPRESSION_LANGUAGE_INJECTION
-            CUSTOM_VALIDATED_HEADER_INJECTION
-            CUSTOM_VALIDATED_HQL_INJECTION
-            CUSTOM_VALIDATED_LDAP_INJECTION
-            CUSTOM_VALIDATED_LOG_INJECTION
-            CUSTOM_VALIDATED_NOSQL_INJECTION
-            CUSTOM_VALIDATED_PATH_TRAVERSAL
-            CUSTOM_VALIDATED_REDOS
-            CUSTOM_VALIDATED_REFLECTED_XSS
-            CUSTOM_VALIDATED_REFLECTION_INJECTION
-            CUSTOM_VALIDATED_SMTP_INJECTION
-            CUSTOM_VALIDATED_SQL_INJECTION
-            CUSTOM_VALIDATED_SSRF
-            CUSTOM_VALIDATED_STORED_XSS
-            CUSTOM_VALIDATED_TRUST_BOUNDARY_VIOLATION
-            CUSTOM_VALIDATED_UNSAFE_CODE_EXECUTION
-            CUSTOM_VALIDATED_UNSAFE_READLINE
-            CUSTOM_VALIDATED_UNSAFE_XML_DECODE
-            CUSTOM_VALIDATED_UNTRUSTED_DESERIALIZATION
-            CUSTOM_VALIDATED_UNVALIDATED_FORWARD
-            CUSTOM_VALIDATED_UNVALIDATED_REDIRECT
-            CUSTOM_VALIDATED_XPATH_INJECTION
-            CUSTOM_VALIDATED_XXE
-            DATABASE_WRITE
-          ].cs__freeze
-          VALID_SOURCE_TAGS = %w[
-            NO_NEWLINES
-            UNTRUSTED
-            CROSS_SITE
-            LIMITED_CHARS
-          ].cs__freeze
           # The keys used to read from policy.json to create the individual
           # policy nodes. These are common across node types
           JSON_SOURCE = 'source'

data/lib/contrast/agent/assess/policy/propagation_method.rb CHANGED

@@ -203,8 +203,7 @@ module Contrast
               length = Contrast::Utils::StringUtils.ret_length(target)
               propagation_node.tags.each do |tag|
-                span = Contrast::Agent::Assess::AdjustedSpan.new(0, length)
-                target.cs__properties.add_tag(tag, span)
+                target.cs__properties.add_tag(tag, 0...length)
               end
             end

data/lib/contrast/agent/assess/policy/propagation_node.rb CHANGED

@@ -2,6 +2,8 @@
 # frozen_string_literal: true
 cs__scoped_require 'contrast/agent/assess/policy/policy_node'
+cs__scoped_require 'contrast/api/decorators/trace_taint_range_tags'
 module Contrast
   module Agent
     module Assess
@@ -73,7 +75,9 @@ module Contrast
             return unless untags
             untags.each do |tag|
-              raise(ArgumentError, "#{ node_type } #{ id } did not have a valid untag. #{ tag } is not a known value.") unless VALID_TAGS.include?(tag)
+              unless Contrast::Api::Decorators::TraceTaintRangeTags::VALID_TAGS.include?(tag)
+                raise(ArgumentError, "#{ node_type } #{ id } did not have a valid untag. #{ tag } is not a known value.")
+              end
               raise(ArgumentError, "#{ node_type } #{ id } had the same tag and untag, #{ tag }.") if tags&.include?(tag)
             end
           end

data/lib/contrast/agent/assess/policy/propagator/base.rb CHANGED

@@ -26,7 +26,7 @@ module Contrast
               end
               def propagate _propagation_node, _preshift, _target
-                raise NotImplementedError("Expected Base propagator subclass: #{ cs__class } to implement #propagate")
+                raise NoMethodError("Expected Base propagator subclass: #{ cs__class } to implement #propagate")
               end
             end
           end

data/lib/contrast/agent/assess/policy/propagator/insert.rb CHANGED

@@ -35,10 +35,7 @@ module Contrast
                 # Depending what's inserted, we might be wrong. For instance, inserting 'foo'
                 # into 'asdfasdf' could result in 'asdfoofasdf'. we'd be off by one b/c of the 'f'
                 insert_point = target.rindex(source, insert_point)
-                overflow = Contrast::Agent::Assess::AdjustedSpan.new(
-                    insert_point,
-                    insert_point + source.length)
+                overflow = insert_point...(insert_point + source.length)
                 # handle shifting the inserted range
                 target.cs__properties.shift_tags([overflow])

data/lib/contrast/agent/assess/policy/propagator/match_data.rb CHANGED

@@ -14,6 +14,8 @@ module Contrast
               def square_bracket_tagger propagation_node, preshift, ret, _block
                 if ret.is_a?(Array)
                   ret.each_with_index do |return_value, index|
+                    next unless return_value
                     target_matchdata_index = if preshift.args[0].is_a?(Range)
                                                arg_range = preshift.args[0]
                                                arg_range.to_a.empty? ? index + 1 : arg_range.to_a[index]
@@ -32,6 +34,8 @@ module Contrast
               def captures_tagger propagation_node, preshift, ret, _block
                 ret.each_with_index do |return_value, index|
+                  next unless return_value
                   targetted_index = index + 1
                   square_bracket_single(targetted_index, preshift, return_value, propagation_node)
                 end
@@ -40,6 +44,8 @@ module Contrast
               def to_a_tagger propagation_node, preshift, ret, _block
                 ret.each_with_index do |return_value, index|
+                  next unless return_value
                   square_bracket_single(index, preshift, return_value, propagation_node)
                 end
                 ret
@@ -47,6 +53,8 @@ module Contrast
               def values_at_tagger propagation_node, preshift, ret, _block
                 ret.each_with_index do |return_value, return_index|
+                  next unless return_value
                   original_group_arg_index = preshift.args[return_index]
                   square_bracket_single(original_group_arg_index, preshift, return_value, propagation_node)
                 end
@@ -59,7 +67,7 @@ module Contrast
                 original_start_index = preshift.object.begin(argument_index)
                 original_end_index = preshift.object.end(argument_index)
                 original_properties = preshift.object.cs__properties
-                applicable_tags = original_properties.tags_at_range(Contrast::Agent::Assess::AdjustedSpan.new(original_start_index, original_end_index))
+                applicable_tags = original_properties.tags_at_range(original_start_index...original_end_index)
                 return if applicable_tags.empty?
                 applicable_tags.each do |tag_name, tag_ranges|

data/lib/contrast/agent/assess/policy/propagator/remove.rb CHANGED

@@ -32,7 +32,7 @@ module Contrast
                 target_idx = 0
                 remove_ranges = []
-                current_range = nil
+                start = nil
                 # loop over the target, the result of the delete
                 # every range of characters that it differs from the source
@@ -44,13 +44,12 @@ module Contrast
                   source_char = source_chars[source_idx]
                   if target_char == source_char
                     target_idx += 1
-                    if current_range
-                      current_range.stop = source_idx
-                      remove_ranges << current_range
-                      current_range = nil
+                    if start
+                      remove_ranges << (start...source_idx)
+                      start = nil
                     end
                   else
-                    current_range ||= Contrast::Agent::Assess::AdjustedSpan.new(source_idx)
+                    start ||= source_idx
                   end
                   source_idx += 1
                 end
@@ -58,11 +57,7 @@ module Contrast
                 # once we're done looping over the target, anything left
                 # over is extra from the source that was deleted. tags
                 # applying to it need to be removed.
-                if source_idx != source_chars.length
-                  remove_ranges << Contrast::Agent::Assess::AdjustedSpan.new(
-                      source_idx,
-                      source_chars.length)
-                end
+                remove_ranges << (source_idx...source_chars.length) if source_idx != source_chars.length
                 # handle deleting the removed ranges
                 target.cs__properties.delete_tags_at_ranges(remove_ranges)

data/lib/contrast/agent/assess/policy/propagator/select.rb CHANGED

@@ -50,19 +50,19 @@ module Contrast
                 length = args[1] || 1
                 # (void) negative range
                 arg += source.length if arg.negative?
-                Contrast::Agent::Assess::AdjustedSpan.new(arg, arg + length)
+                arg...(arg + length)
               end
               def handle_string arg, source
                 idx = source.index(arg)
-                Contrast::Agent::Assess::AdjustedSpan.new(idx, idx + arg.length)
+                idx...(idx + arg.length)
               end
               def handle_regexp args, arg, source
                 match_data = arg.match(source)
                 # nil has the same meaning as 0. use full match
                 group = args[1] || 0
-                Contrast::Agent::Assess::AdjustedSpan.new(match_data.begin(group), match_data.end(group))
+                match_data.begin(group)...match_data.end(group)
               end
               def handle_range arg, source
@@ -74,7 +74,7 @@ module Contrast
                 finish += source.length if finish.negative?
                 finish += 1 unless arg.exclude_end?
-                Contrast::Agent::Assess::AdjustedSpan.new(start, finish)
+                start...finish
               end
               def determine_select_range source, args

data/lib/contrast/agent/assess/policy/propagator/split.rb CHANGED

@@ -52,7 +52,7 @@ module Contrast
                 current_index = 0
                 target.each do |elem|
                   elem_length = elem.length
-                  range = Contrast::Agent::Assess::AdjustedSpan.new(current_index, current_index + elem_length)
+                  range = current_index...(current_index + elem_length)
                   tags = source.cs__properties.tags_at_range(range)
                   elem.cs__properties.clear_tags
@@ -139,7 +139,7 @@ module Contrast
               def instrument_string_split
                 if @_instrument_string_split.nil?
                   @_instrument_string_split = begin
-                                                cs__scoped_require 'cs__assess_yield_track/cs__assess_yield_track' if AGENT.patch_yield?
+                                                cs__scoped_require 'cs__assess_yield_track/cs__assess_yield_track' if AGENT.patch_yield? && Funchook.available?
                                                 true
                                               rescue StandardError => e
                                                 logger.error('Error loading split rb_yield patch', e)

data/lib/contrast/agent/assess/policy/propagator/substitution.rb CHANGED

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 cs__scoped_require 'contrast/components/interface'
+cs__scoped_require 'contrast/utils/duck_utils'
 module Contrast
   module Agent
@@ -109,7 +110,7 @@ module Contrast
                   last_idx = idx ? idx + 1 : nil
                   start_index = idx
                   end_index = idx + incoming.length
-                  ranges << Contrast::Agent::Assess::AdjustedSpan.new(start_index, end_index)
+                  ranges << (start_index...end_index)
                   break unless global
                 end
                 ret.cs__properties.delete_tags_at_ranges(ranges)
@@ -133,12 +134,11 @@ module Contrast
               end
               def pattern_gsub preshift, ret
-                return unless ret
+                return unless Contrast::Utils::DuckUtils.trackable?(ret)
                 source = preshift.object
                 source.cs__properties.tag_keys.each do |key|
-                  span = Contrast::Agent::Assess::AdjustedSpan.new(0, 1)
-                  ret.cs__properties.add_tag(key, span)
+                  ret.cs__properties.add_tag(key, 0...1)
                 end
               end

data/lib/contrast/agent/assess/policy/propagator/trim.rb CHANGED

@@ -28,23 +28,19 @@ module Contrast
                 else
                   remove_ranges = []
                   ret_chars = ret.chars
-                  curr_span = nil
+                  start = nil
                   source_chars.each_with_index do |char, idx|
                     if ret_chars[idx] == char
-                      next unless curr_span
+                      next unless start
-                      curr_span.stop = idx
-                      remove_ranges << curr_span
-                      curr_span = nil
+                      remove_ranges << (start...idx)
+                      start = nil
                     else
-                      curr_span ||= Contrast::Agent::Assess::AdjustedSpan.new(idx)
+                      start ||= idx
                     end
                   end
                   # account for the last char being different
-                  if curr_span
-                    curr_span.stop = source_chars.length
-                    remove_ranges << curr_span
-                  end
+                  remove_ranges << (start...source_chars.length) if start
                   ret.cs__properties.delete_tags_at_ranges(remove_ranges, false)
                 end

data/lib/contrast/agent/assess/policy/source_method.rb CHANGED

@@ -12,7 +12,6 @@ cs__scoped_require 'set'
 cs__scoped_require 'contrast/utils/object_share'
 cs__scoped_require 'contrast/utils/sha256_builder'
-cs__scoped_require 'contrast/agent/assess/adjusted_span'
 cs__scoped_require 'contrast/agent/assess/policy/source_validation/source_validation'
 cs__scoped_require 'contrast/components/interface'
@@ -170,7 +169,7 @@ module Contrast
                 next unless Contrast::Agent::Assess::Policy::SourceValidation.valid?(tag, source_type, source_name)
                 length = Contrast::Utils::StringUtils.ret_length(target)
-                target.cs__properties.add_tag(tag, Contrast::Agent::Assess::AdjustedSpan.new(0, length))
+                target.cs__properties.add_tag(tag, 0...length)
                 target.cs__properties.add_properties(source_node.properties)
                 logger.trace('Source detected',
                              node_id: source_node.id,

data/lib/contrast/agent/assess/policy/trigger_method.rb CHANGED

@@ -18,7 +18,7 @@ module Contrast
         # it was not, a Finding report is issued to the Service
         module TriggerMethod
           include Contrast::Components::Interface
-          access_component :analysis, :logging, :settings
+          access_component :analysis, :logging
           # The level of TeamServer compliance our traces meet
           CURRENT_FINDING_VERSION = 2
@@ -89,14 +89,12 @@ module Contrast
               finding = Contrast::Api::Dtm::Finding.new
               finding.rule_id = Contrast::Utils::StringUtils.protobuf_safe_string(trigger_node.rule_id)
-              finding.session_id = SETTINGS.session_id
               finding.version = CURRENT_FINDING_VERSION
               build_from_source(finding, source)
               trigger_event = Contrast::Agent::Assess::Events::EventFactory.build(trigger_node, source, object, ret, args).to_dtm_event
               finding.events << trigger_event
               build_hash(finding, source)
-              build_tags(context)
               finding.routes << context.route if context.route
               context.activity.findings << finding
               logger.trace('Finding created',
@@ -230,7 +228,7 @@ module Contrast
               else
                 logger.warn('Trigger source is of unknown type. Unable to inspect.',
                             node_id: trigger_node.id,
-                            source_id: target.__id__,
+                            source_id: source.__id__,
                             source_type: source.cs__class.to_s)
                 logger.trace(source.to_s[0..99])
               end
@@ -265,12 +263,6 @@ module Contrast
               finding.hash_code = Contrast::Utils::StringUtils.force_utf8(hash_code)
               finding.preflight = Contrast::Utils::PreflightUtil.create_preflight(finding)
             end
-            def build_tags context
-              return unless ASSESS.tags
-              context.activity.finding_tags = Contrast::Utils::StringUtils.force_utf8(ASSESS.tags)
-            end
           end
         end
       end