contrast-agent 3.15.0 → 4.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Rakefile +1 -0
- data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +22 -10
- data/ext/cs__assess_marshal_module/cs__assess_marshal_module.h +4 -3
- data/lib/contrast/agent.rb +4 -12
- data/lib/contrast/agent/assess/contrast_event.rb +121 -130
- data/lib/contrast/agent/assess/contrast_object.rb +51 -0
- data/lib/contrast/agent/assess/events/source_event.rb +5 -10
- data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +10 -3
- data/lib/contrast/agent/assess/policy/patcher.rb +4 -3
- data/lib/contrast/agent/assess/policy/policy_node.rb +46 -69
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +19 -2
- data/lib/contrast/agent/assess/policy/preshift.rb +3 -3
- data/lib/contrast/agent/assess/policy/propagation_method.rb +13 -19
- data/lib/contrast/agent/assess/policy/propagation_node.rb +12 -24
- data/lib/contrast/agent/assess/policy/propagator/append.rb +1 -2
- data/lib/contrast/agent/assess/policy/propagator/center.rb +1 -2
- data/lib/contrast/agent/assess/policy/propagator/custom.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/database_write.rb +1 -3
- data/lib/contrast/agent/assess/policy/propagator/insert.rb +2 -3
- data/lib/contrast/agent/assess/policy/propagator/keep.rb +1 -2
- data/lib/contrast/agent/assess/policy/propagator/match_data.rb +3 -5
- data/lib/contrast/agent/assess/policy/propagator/next.rb +1 -2
- data/lib/contrast/agent/assess/policy/propagator/prepend.rb +1 -2
- data/lib/contrast/agent/assess/policy/propagator/remove.rb +2 -4
- data/lib/contrast/agent/assess/policy/propagator/replace.rb +1 -2
- data/lib/contrast/agent/assess/policy/propagator/reverse.rb +1 -2
- data/lib/contrast/agent/assess/policy/propagator/select.rb +4 -7
- data/lib/contrast/agent/assess/policy/propagator/splat.rb +2 -9
- data/lib/contrast/agent/assess/policy/propagator/split.rb +77 -122
- data/lib/contrast/agent/assess/policy/propagator/substitution.rb +32 -25
- data/lib/contrast/agent/assess/policy/propagator/trim.rb +3 -7
- data/lib/contrast/agent/assess/policy/source_method.rb +2 -14
- data/lib/contrast/agent/assess/policy/trigger/reflected_xss.rb +9 -13
- data/lib/contrast/agent/assess/policy/trigger/xpath.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_method.rb +39 -14
- data/lib/contrast/agent/assess/policy/trigger_node.rb +31 -37
- data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +1 -1
- data/lib/contrast/agent/assess/property/evented.rb +5 -18
- data/lib/contrast/agent/assess/property/tagged.rb +28 -16
- data/lib/contrast/agent/assess/property/updated.rb +0 -5
- data/lib/contrast/agent/assess/rule/provider/hardcoded_key.rb +58 -5
- data/lib/contrast/agent/assess/rule/provider/hardcoded_password.rb +23 -8
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +83 -14
- data/lib/contrast/agent/assess/rule/redos.rb +1 -1
- data/lib/contrast/agent/assess/tag.rb +1 -1
- data/lib/contrast/agent/assess/tracker.rb +16 -18
- data/lib/contrast/agent/at_exit_hook.rb +5 -5
- data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +7 -0
- data/lib/contrast/agent/inventory.rb +15 -0
- data/lib/contrast/agent/inventory/dependencies.rb +50 -0
- data/lib/contrast/agent/inventory/dependency_analysis.rb +37 -0
- data/lib/contrast/agent/inventory/dependency_usage_analysis.rb +104 -0
- data/lib/contrast/agent/inventory/gemfile_digest_cache.rb +38 -0
- data/lib/contrast/agent/middleware.rb +51 -3
- data/lib/contrast/agent/patching/policy/after_load_patch.rb +5 -5
- data/lib/contrast/agent/patching/policy/after_load_patcher.rb +20 -20
- data/lib/contrast/agent/patching/policy/method_policy.rb +1 -1
- data/lib/contrast/agent/patching/policy/module_policy.rb +10 -10
- data/lib/contrast/agent/patching/policy/patch.rb +6 -0
- data/lib/contrast/agent/patching/policy/policy.rb +16 -2
- data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +3 -5
- data/lib/contrast/agent/protect/policy/applies_deserialization_rule.rb +47 -1
- data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +4 -3
- data/lib/contrast/agent/protect/policy/applies_xxe_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/rule_applicator.rb +53 -0
- data/lib/contrast/agent/protect/rule/base.rb +63 -14
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +12 -28
- data/lib/contrast/agent/protect/rule/default_scanner.rb +1 -4
- data/lib/contrast/agent/protect/rule/deserialization.rb +4 -1
- data/lib/contrast/agent/protect/rule/no_sqli.rb +3 -3
- data/lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb +1 -0
- data/lib/contrast/agent/protect/rule/sqli.rb +3 -3
- data/lib/contrast/agent/protect/rule/xxe.rb +32 -11
- data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +10 -6
- data/lib/contrast/agent/reaction_processor.rb +1 -1
- data/lib/contrast/agent/request.rb +34 -34
- data/lib/contrast/agent/request_handler.rb +1 -1
- data/lib/contrast/agent/response.rb +5 -5
- data/lib/contrast/agent/rewriter.rb +3 -3
- data/lib/contrast/agent/scope.rb +81 -55
- data/lib/contrast/agent/static_analysis.rb +15 -9
- data/lib/contrast/agent/tracepoint_hook.rb +1 -1
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/api/communication/socket_client.rb +36 -1
- data/lib/contrast/api/decorators.rb +3 -0
- data/lib/contrast/api/decorators/address.rb +13 -14
- data/lib/contrast/api/decorators/application_update.rb +1 -1
- data/lib/contrast/api/decorators/library.rb +54 -0
- data/lib/contrast/api/decorators/library_usage_update.rb +31 -0
- data/lib/contrast/api/decorators/message.rb +1 -0
- data/lib/contrast/api/decorators/trace_event.rb +31 -41
- data/lib/contrast/api/decorators/trace_event_object.rb +11 -3
- data/lib/contrast/api/decorators/trace_event_signature.rb +27 -5
- data/lib/contrast/api/decorators/user_input.rb +2 -1
- data/lib/contrast/common_agent_configuration.rb +2 -1
- data/lib/contrast/components/agent.rb +6 -5
- data/lib/contrast/components/app_context.rb +39 -30
- data/lib/contrast/components/assess.rb +36 -0
- data/lib/contrast/components/config.rb +29 -37
- data/lib/contrast/components/contrast_service.rb +9 -9
- data/lib/contrast/components/interface.rb +30 -6
- data/lib/contrast/components/inventory.rb +6 -1
- data/lib/contrast/components/scope.rb +72 -6
- data/lib/contrast/components/settings.rb +23 -23
- data/lib/contrast/config/assess_configuration.rb +2 -1
- data/lib/contrast/config/inventory_configuration.rb +2 -2
- data/lib/contrast/config/service_configuration.rb +4 -2
- data/lib/contrast/configuration.rb +1 -1
- data/lib/contrast/extension/assess/array.rb +9 -6
- data/lib/contrast/extension/assess/erb.rb +6 -3
- data/lib/contrast/extension/assess/eval_trigger.rb +6 -6
- data/lib/contrast/extension/assess/exec_trigger.rb +0 -3
- data/lib/contrast/extension/assess/fiber.rb +5 -6
- data/lib/contrast/extension/assess/hash.rb +7 -5
- data/lib/contrast/extension/assess/kernel.rb +19 -22
- data/lib/contrast/extension/assess/marshal.rb +40 -28
- data/lib/contrast/extension/assess/regexp.rb +6 -11
- data/lib/contrast/extension/assess/string.rb +14 -13
- data/lib/contrast/extension/protect/kernel.rb +3 -3
- data/lib/contrast/framework/base_support.rb +51 -53
- data/lib/contrast/framework/manager.rb +6 -5
- data/lib/contrast/framework/rack/patch/session_cookie.rb +10 -10
- data/lib/contrast/framework/rack/support.rb +2 -1
- data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +14 -14
- data/lib/contrast/framework/rails/patch/assess_configuration.rb +1 -1
- data/lib/contrast/framework/rails/patch/rails_application_configuration.rb +11 -11
- data/lib/contrast/framework/rails/patch/support.rb +1 -1
- data/lib/contrast/framework/rails/rewrite/action_controller_railties_helper_inherited.rb +12 -12
- data/lib/contrast/framework/rails/rewrite/active_record_attribute_methods_read.rb +13 -13
- data/lib/contrast/framework/rails/rewrite/active_record_named.rb +3 -3
- data/lib/contrast/framework/rails/rewrite/active_record_time_zone_inherited.rb +13 -13
- data/lib/contrast/framework/rails/support.rb +5 -1
- data/lib/contrast/framework/sinatra/patch/base.rb +11 -11
- data/lib/contrast/framework/sinatra/support.rb +7 -6
- data/lib/contrast/logger/application.rb +1 -4
- data/lib/contrast/logger/log.rb +7 -2
- data/lib/contrast/utils/duck_utils.rb +1 -1
- data/lib/contrast/utils/heap_dump_util.rb +1 -1
- data/lib/contrast/utils/invalid_configuration_util.rb +2 -5
- data/lib/contrast/utils/inventory_util.rb +0 -7
- data/lib/contrast/utils/object_share.rb +3 -3
- data/lib/contrast/utils/preflight_util.rb +1 -1
- data/lib/contrast/utils/prevent_serialization.rb +1 -1
- data/lib/contrast/utils/resource_loader.rb +1 -1
- data/lib/contrast/utils/sha256_builder.rb +2 -14
- data/lib/contrast/utils/string_utils.rb +1 -1
- data/lib/contrast/utils/tag_util.rb +9 -13
- data/resources/assess/policy.json +31 -12
- data/resources/deadzone/policy.json +156 -0
- data/resources/protect/policy.json +12 -0
- data/ruby-agent.gemspec +11 -6
- data/service_executables/VERSION +1 -1
- data/service_executables/linux/contrast-service +0 -0
- data/service_executables/mac/contrast-service +0 -0
- metadata +91 -28
- data/lib/contrast/utils/boolean_util.rb +0 -30
- data/lib/contrast/utils/gemfile_reader.rb +0 -193
@@ -123,10 +123,7 @@ class Contrast::Agent::Protect::Rule::DefaultScanner # rubocop:disable Style/Cla
|
|
123
123
|
elsif start_block_comment?(char, index, query)
|
124
124
|
boundaries << index
|
125
125
|
:STATE_INSIDE_BLOCK_COMMENT
|
126
|
-
elsif operator?(char)
|
127
|
-
boundaries << index
|
128
|
-
:STATE_EXPECTING_TOKEN
|
129
|
-
elsif char.match?(Contrast::Utils::ObjectShare::WHITE_SPACE_REGEXP)
|
126
|
+
elsif operator?(char) || char.match?(Contrast::Utils::ObjectShare::WHITE_SPACE_REGEXP)
|
130
127
|
boundaries << index
|
131
128
|
:STATE_EXPECTING_TOKEN
|
132
129
|
else
|
@@ -17,19 +17,22 @@ module Contrast
|
|
17
17
|
BLOCK_MESSAGE = 'Untrusted Deserialization rule triggered. Deserialization blocked.'
|
18
18
|
|
19
19
|
# Gadgets that map to ERB modules
|
20
|
-
ERB_GADGETS = %
|
20
|
+
ERB_GADGETS = %W[
|
21
21
|
object:ERB
|
22
|
+
o:\bERB
|
22
23
|
].cs__freeze
|
23
24
|
|
24
25
|
# Gadgets that map to ActionDispatch modules
|
25
26
|
ACTION_DISPATCH_GADGETS = %w[
|
26
27
|
object:ActionDispatch::Routing::RouteSet::NamedRouteCollection
|
28
|
+
o:\bActionDispatch::Routing::RouteSet::NamedRouteCollection
|
27
29
|
].cs__freeze
|
28
30
|
|
29
31
|
# Gadgets that map to Arel Modules
|
30
32
|
AREL_GADGETS = %w[
|
31
33
|
string:Arel::Nodes::SqlLiteral
|
32
34
|
object:Arel::Nodes
|
35
|
+
o:\bArel::Nodes
|
33
36
|
].cs__freeze
|
34
37
|
|
35
38
|
# Used to indicate to TeamServer the gadget is an ERB module
|
@@ -21,10 +21,10 @@ module Contrast
|
|
21
21
|
end
|
22
22
|
|
23
23
|
def infilter context, database, query_string
|
24
|
-
return
|
24
|
+
return unless infilter?(context)
|
25
25
|
|
26
26
|
result = find_attacker(context, query_string, database: database)
|
27
|
-
return
|
27
|
+
return unless result
|
28
28
|
|
29
29
|
append_to_activity(context, result)
|
30
30
|
|
@@ -36,7 +36,7 @@ module Contrast
|
|
36
36
|
|
37
37
|
attack_string = input_analysis_result.value
|
38
38
|
regexp = Regexp.new(Regexp.escape(attack_string), Regexp::IGNORECASE)
|
39
|
-
return
|
39
|
+
return unless query_string.match?(regexp)
|
40
40
|
|
41
41
|
scanner = select_scanner
|
42
42
|
ss = StringScanner.new(query_string)
|
@@ -22,10 +22,10 @@ module Contrast
|
|
22
22
|
end
|
23
23
|
|
24
24
|
def infilter context, database, query_string
|
25
|
-
return
|
25
|
+
return unless infilter?(context)
|
26
26
|
|
27
27
|
result = find_attacker(context, query_string, database: database)
|
28
|
-
return
|
28
|
+
return unless result
|
29
29
|
|
30
30
|
append_to_activity(context, result)
|
31
31
|
|
@@ -36,7 +36,7 @@ module Contrast
|
|
36
36
|
attack_string = input_analysis_result.value
|
37
37
|
regexp = Regexp.new(Regexp.escape(attack_string), Regexp::IGNORECASE)
|
38
38
|
|
39
|
-
return
|
39
|
+
return unless query_string.match?(regexp)
|
40
40
|
|
41
41
|
database = kwargs[:database]
|
42
42
|
scanner = select_scanner(database)
|
@@ -19,7 +19,9 @@ module Contrast
|
|
19
19
|
NAME
|
20
20
|
end
|
21
21
|
|
22
|
-
# Given an xml, evaluate it for an XXE attack.
|
22
|
+
# Given an xml, evaluate it for an XXE attack. There's no return here
|
23
|
+
# as this method handles appending the evaluation to the request
|
24
|
+
# context, connecting it to the reporting mechanism at request end.
|
23
25
|
#
|
24
26
|
# @param context [Contrast::Agent::RequestContext] the context of the
|
25
27
|
# request in which this input is evaluated.
|
@@ -29,7 +31,7 @@ module Contrast
|
|
29
31
|
# attack is found and the rule is in block mode.
|
30
32
|
def infilter context, framework, xml
|
31
33
|
result = find_attacker(context, xml, framework: framework)
|
32
|
-
return
|
34
|
+
return unless result
|
33
35
|
|
34
36
|
append_to_activity(context, result)
|
35
37
|
return unless blocked?
|
@@ -39,16 +41,23 @@ module Contrast
|
|
39
41
|
|
40
42
|
protected
|
41
43
|
|
44
|
+
# Given an XML, find any externally resolved entities and create an
|
45
|
+
# Attack Result for them
|
46
|
+
#
|
47
|
+
# @param context [Contrast::Agent::RequestContext] the context of the
|
48
|
+
# request in which this input is evaluated.
|
49
|
+
# @param xml [String] the literal value of the XML being checked for
|
50
|
+
# external entity resolution
|
51
|
+
# @param _kwargs [Hash]
|
52
|
+
# @return [Contrast::Api::Dtm::AttackResult, nil] the determination
|
53
|
+
# as to whether or not this XML has an XXE attack in it.
|
42
54
|
def find_attacker context, xml, **_kwargs
|
43
|
-
return
|
44
|
-
return
|
55
|
+
return unless xml
|
56
|
+
return if protect_excluded_by_code?
|
45
57
|
|
46
|
-
xxe_details
|
47
|
-
return
|
58
|
+
xxe_details = build_details(xml)
|
59
|
+
return unless xxe_details
|
48
60
|
|
49
|
-
# For our definition, the prolog goes from the start of the XML
|
50
|
-
# string to the end of the last entity declaration.
|
51
|
-
xxe_details.xml = Contrast::Utils::StringUtils.protobuf_safe_string(xml[0, last_idx])
|
52
61
|
ia_result = build_evaluation(xxe_details.xml)
|
53
62
|
build_attack_with_match(
|
54
63
|
context,
|
@@ -58,7 +67,15 @@ module Contrast
|
|
58
67
|
details: xxe_details)
|
59
68
|
end
|
60
69
|
|
61
|
-
|
70
|
+
# Given an XML determined to be unsafe, build out the details of the
|
71
|
+
# attack. The details will include a substring of the given XML up to
|
72
|
+
# the end of the prolog, where the external entities are declared.
|
73
|
+
#
|
74
|
+
# @param xml [String] the literal value of the XML being checked for
|
75
|
+
# external entity resolution
|
76
|
+
# @return [Contrast::Api::Dtm::XxeDetails] The details of
|
77
|
+
# the XXE attack and the index of the last entity discovered
|
78
|
+
def build_details xml
|
62
79
|
last_idx = 0
|
63
80
|
ss = StringScanner.new(xml)
|
64
81
|
while ss.scan_until(EXTERNAL_ENTITY_PATTERN)
|
@@ -70,7 +87,11 @@ module Contrast
|
|
70
87
|
xxe_details.declared_entities << build_match(ss)
|
71
88
|
xxe_details.entities_resolved << build_wrapper(entity_wrapper)
|
72
89
|
end
|
73
|
-
|
90
|
+
# For our definition, the prolog goes from the start of the XML
|
91
|
+
# string to the end of the last entity declaration.
|
92
|
+
xxe_details.xml = Contrast::Utils::StringUtils.protobuf_safe_string(xml[0, last_idx]) if xxe_details
|
93
|
+
|
94
|
+
xxe_details
|
74
95
|
end
|
75
96
|
|
76
97
|
def build_sample context, ia_result, _url, **kwargs
|
@@ -18,12 +18,16 @@ module Contrast
|
|
18
18
|
end
|
19
19
|
|
20
20
|
def external_entity?
|
21
|
-
@_external_entity
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
21
|
+
if @_external_entity.nil?
|
22
|
+
@_external_entity ||= if @system_id
|
23
|
+
external_id?(@system_id)
|
24
|
+
elsif @public_id
|
25
|
+
external_id?(@public_id)
|
26
|
+
else
|
27
|
+
false
|
28
|
+
end
|
26
29
|
end
|
30
|
+
@_external_entity
|
27
31
|
end
|
28
32
|
|
29
33
|
# <!ENTITY name SYSTEM "URI">
|
@@ -48,7 +52,7 @@ module Contrast
|
|
48
52
|
UP_DIR_LINUX = '../'
|
49
53
|
UP_DIR_WIN = '..\\'
|
50
54
|
# we only use this against lowercase strings, removed A-Z for speed
|
51
|
-
FILE_PATTERN_WINDOWS =
|
55
|
+
FILE_PATTERN_WINDOWS = /^\\*[a-z]{1,3}:.*/.cs__freeze
|
52
56
|
def external_id? entity_id
|
53
57
|
return false unless entity_id
|
54
58
|
|
@@ -22,7 +22,7 @@ module Contrast
|
|
22
22
|
# @param application_settings [Contrast::Api::Settings::ApplicationSettings]
|
23
23
|
# those settings which the Service has relayed from TeamServer.
|
24
24
|
def self.process application_settings
|
25
|
-
return
|
25
|
+
return unless application_settings&.reactions&.any?
|
26
26
|
|
27
27
|
application_settings.reactions.each do |reaction|
|
28
28
|
# the enums are all uppercase, we need to downcase them before attempting to log
|
@@ -46,42 +46,42 @@ module Contrast
|
|
46
46
|
# Should also handle the ;jsessionid.
|
47
47
|
def normalized_uri
|
48
48
|
@_normalized_uri ||= begin
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
49
|
+
path = rack_request.path
|
50
|
+
uri = path.split(Contrast::Utils::ObjectShare::SEMICOLON)[0] # remove ;jsessionid
|
51
|
+
uri = uri.split(Contrast::Utils::ObjectShare::QUESTION_MARK)[0] # remove ?query_string=
|
52
|
+
uri.gsub(INNER_REST_TOKEN, INNER_NUMBER_MARKER) # replace interior tokens
|
53
|
+
uri.gsub(LAST_REST_TOKEN, LAST_NUMBER_MARKER) # replace last token
|
54
|
+
end
|
55
55
|
end
|
56
56
|
|
57
57
|
def document_type
|
58
58
|
@_document_type ||= begin
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
59
|
+
if /xml/i.match?(content_type) || body&.start_with?('<?xml')
|
60
|
+
:XML
|
61
|
+
elsif /json/i.match?(content_type) || body&.match?(/\s*[{\[]/)
|
62
|
+
:JSON
|
63
|
+
else
|
64
|
+
:NORMAL
|
65
|
+
end
|
66
|
+
end
|
67
67
|
end
|
68
68
|
|
69
69
|
# Header keys upcased and any underscores replaced with dashes
|
70
70
|
def headers
|
71
71
|
@_headers ||= begin
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
72
|
+
with_contrast_scope do
|
73
|
+
hash = {}
|
74
|
+
env.each do |key, value|
|
75
|
+
next unless key
|
76
|
+
|
77
|
+
name = key.to_s
|
78
|
+
next unless name.start_with?(Contrast::Utils::ObjectShare::HTTP_SCORE)
|
79
|
+
|
80
|
+
hash[Contrast::Utils::StringUtils.normalized_key(name)] = value
|
81
|
+
end
|
82
|
+
hash
|
83
|
+
end
|
84
|
+
end
|
85
85
|
end
|
86
86
|
|
87
87
|
def body
|
@@ -121,13 +121,13 @@ module Contrast
|
|
121
121
|
|
122
122
|
def file_names
|
123
123
|
@_file_names ||= begin
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
124
|
+
names = {}
|
125
|
+
parsed_data = Rack::Multipart.parse_multipart(rack_request.env)
|
126
|
+
traverse_parsed_multipart(parsed_data, names)
|
127
|
+
rescue StandardError => _e
|
128
|
+
logger.warn('Unable to parse multipart request!')
|
129
|
+
{}
|
130
|
+
end
|
131
131
|
end
|
132
132
|
|
133
133
|
def hash_id
|
@@ -18,7 +18,7 @@ module Contrast
|
|
18
18
|
end
|
19
19
|
|
20
20
|
def send_activity_messages
|
21
|
-
Contrast::
|
21
|
+
Contrast::Agent::Inventory::DependencyUsageAnalysis.instance.generate_library_usage(context.activity)
|
22
22
|
[context.server_activity, context.activity, context.observed_route].each do |message|
|
23
23
|
Contrast::Agent.messaging_queue.send_event_eventually(message)
|
24
24
|
end
|
@@ -118,16 +118,16 @@ module Contrast
|
|
118
118
|
# holds, wraps, or is the body of the Response
|
119
119
|
# @return [nil, String] the content of the body
|
120
120
|
def extract_body body
|
121
|
-
return
|
121
|
+
return unless body
|
122
122
|
|
123
123
|
if defined?(Rack::File) && body.is_a?(Rack::File)
|
124
124
|
# not sure what to do in this situation, so don't do anything.
|
125
125
|
nil
|
126
126
|
elsif body.is_a?(Rack::BodyProxy)
|
127
127
|
handle_rack_body_proxy(body)
|
128
|
-
elsif defined?(ActionDispatch::Response::RackBody) && body.is_a?(ActionDispatch::Response::RackBody)
|
129
|
-
|
130
|
-
|
128
|
+
elsif (defined?(ActionDispatch::Response::RackBody) && body.is_a?(ActionDispatch::Response::RackBody)) ||
|
129
|
+
body.is_a?(Rack::Response)
|
130
|
+
|
131
131
|
extract_body(body.body)
|
132
132
|
elsif Contrast::Utils::DuckUtils.quacks_to?(body, :each)
|
133
133
|
acc = []
|
@@ -152,7 +152,7 @@ module Contrast
|
|
152
152
|
end
|
153
153
|
|
154
154
|
def read_or_string obj
|
155
|
-
return
|
155
|
+
return unless obj
|
156
156
|
|
157
157
|
if Contrast::Utils::DuckUtils.quacks_to?(obj, :read)
|
158
158
|
tmp = obj.read
|
@@ -96,11 +96,11 @@ module Contrast
|
|
96
96
|
return unless method_exists?(clazz, method_name, type)
|
97
97
|
|
98
98
|
method_instance = method_instance(clazz, method_name, type)
|
99
|
-
return
|
99
|
+
return if method_instance.nil?
|
100
100
|
|
101
101
|
location = method_instance.source_location
|
102
|
-
return
|
103
|
-
return
|
102
|
+
return unless location_available?(location)
|
103
|
+
return if opener.written_from_location?(location)
|
104
104
|
|
105
105
|
opener.written_from_location!(location)
|
106
106
|
opener.source_code(location, method_name)
|
data/lib/contrast/agent/scope.rb
CHANGED
@@ -15,67 +15,93 @@ module Contrast
|
|
15
15
|
# Instead, we should say "If I'm already doing Contrast things, don't track
|
16
16
|
# this"
|
17
17
|
class Scope
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
# in_monkey_scope?
|
25
|
-
# with_monkey_scope { special_monkey_function }
|
26
|
-
SCOPE_LIST = %i[contrast deserialization].cs__freeze
|
27
|
-
|
28
|
-
iv_list = SCOPE_LIST.map { |name| :"@#{ name }_scope" }
|
29
|
-
define_method 'initialize' do
|
30
|
-
iv_list.each do |iv_sym|
|
31
|
-
instance_variable_set(iv_sym, 0)
|
32
|
-
end
|
18
|
+
SCOPE_LIST = %i[contrast deserialization split].cs__freeze
|
19
|
+
|
20
|
+
def initialize
|
21
|
+
@contrast_scope = 0
|
22
|
+
@deserialization_scope = 0
|
23
|
+
@split_scope = 0
|
33
24
|
end
|
34
25
|
|
35
|
-
|
36
|
-
|
26
|
+
def in_contrast_scope?
|
27
|
+
@contrast_scope.positive?
|
28
|
+
end
|
37
29
|
|
38
|
-
|
39
|
-
|
40
|
-
|
30
|
+
def in_deserialization_scope?
|
31
|
+
@deserialization_scope.positive?
|
32
|
+
end
|
41
33
|
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
instance_variable_set(iv_sym, level + 1)
|
46
|
-
end
|
34
|
+
def in_split_scope?
|
35
|
+
@split_scope.positive?
|
36
|
+
end
|
47
37
|
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
# every exit/enter pair (regardless of series)
|
52
|
-
# should cancel each other out.
|
53
|
-
#
|
54
|
-
# so we prefer this sequence:
|
55
|
-
# scope = 0
|
56
|
-
# exit = -1
|
57
|
-
# enter = 0
|
58
|
-
# enter = 1
|
59
|
-
# exit = 0
|
60
|
-
# scope = 0
|
61
|
-
#
|
62
|
-
# over this sequence:
|
63
|
-
# scope = 0
|
64
|
-
# exit = 0
|
65
|
-
# enter = 1
|
66
|
-
# enter = 2
|
67
|
-
# exit = 1
|
68
|
-
# scope = 1
|
69
|
-
level = instance_variable_get(iv_sym)
|
70
|
-
instance_variable_set(iv_sym, level - 1)
|
71
|
-
end
|
38
|
+
def enter_contrast_scope!
|
39
|
+
@contrast_scope += 1
|
40
|
+
end
|
72
41
|
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
42
|
+
def enter_deserialization_scope!
|
43
|
+
@deserialization_scope += 1
|
44
|
+
end
|
45
|
+
|
46
|
+
def enter_split_scope!
|
47
|
+
@split_scope += 1
|
48
|
+
end
|
49
|
+
|
50
|
+
def split_scope_depth
|
51
|
+
@split_scope
|
52
|
+
end
|
53
|
+
|
54
|
+
# Scope Exits...
|
55
|
+
# by design, can go below zero.
|
56
|
+
# every exit/enter pair (regardless of series)
|
57
|
+
# should cancel each other out.
|
58
|
+
#
|
59
|
+
# so we prefer this sequence:
|
60
|
+
# scope = 0
|
61
|
+
# exit = -1
|
62
|
+
# enter = 0
|
63
|
+
# enter = 1
|
64
|
+
# exit = 0
|
65
|
+
# scope = 0
|
66
|
+
#
|
67
|
+
# over this sequence:
|
68
|
+
# scope = 0
|
69
|
+
# exit = 0
|
70
|
+
# enter = 1
|
71
|
+
# enter = 2
|
72
|
+
# exit = 1
|
73
|
+
# scope = 1
|
74
|
+
def exit_contrast_scope!
|
75
|
+
@contrast_scope -= 1
|
76
|
+
end
|
77
|
+
|
78
|
+
def exit_deserialization_scope!
|
79
|
+
@deserialization_scope -= 1
|
80
|
+
end
|
81
|
+
|
82
|
+
def exit_split_scope!
|
83
|
+
@split_scope -= 1
|
84
|
+
end
|
85
|
+
|
86
|
+
def with_contrast_scope
|
87
|
+
enter_contrast_scope!
|
88
|
+
yield
|
89
|
+
ensure
|
90
|
+
exit_contrast_scope!
|
91
|
+
end
|
92
|
+
|
93
|
+
def with_deserialization_scope
|
94
|
+
enter_deserialization_scope!
|
95
|
+
yield
|
96
|
+
ensure
|
97
|
+
exit_deserialization_scope!
|
98
|
+
end
|
99
|
+
|
100
|
+
def with_split_scope
|
101
|
+
enter_split_scope!
|
102
|
+
yield
|
103
|
+
ensure
|
104
|
+
exit_split_scope!
|
79
105
|
end
|
80
106
|
|
81
107
|
# Dynamic versions of the above.
|