contrast-agent 3.9.1 → 3.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/funchook/autom4te.cache/requests +44 -44
- data/funchook/config.log +2 -2
- data/lib/contrast/agent/assess/contrast_event.rb +4 -6
- data/lib/contrast/agent/assess/policy/rewriter_patch.rb +3 -1
- data/lib/contrast/agent/class_reopener.rb +1 -2
- data/lib/contrast/agent/feature_state.rb +0 -3
- data/lib/contrast/agent/rewriter.rb +3 -1
- data/lib/contrast/agent/scope.rb +4 -6
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/api/speedracer.rb +4 -6
- data/lib/contrast/configuration.rb +3 -5
- data/lib/contrast/utils/boolean_util.rb +0 -3
- data/lib/contrast/utils/environment_util.rb +5 -6
- data/lib/contrast/utils/object_share.rb +0 -10
- data/lib/contrast/utils/ruby_ast_rewriter.rb +5 -1
- data/ruby-agent.gemspec +1 -1
- metadata +12 -12
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 03d6c2a4cfa24b58ad6f608f97d9018951651135e79e97a16f9229292b161f31
|
|
4
|
+
data.tar.gz: 74c463380a6708d409557870609fbd2bf8e3c6e0010ba62f068078261d22ef6c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a67dca249a20e4dad0a99e9e72d790435f5eb8c09caed9b5eef72dd232561c21d7917ff371316dee768944a8ed884fa77a4359129f8ff833eac11107b883cde0
|
|
7
|
+
data.tar.gz: 1336842f79e62ecca3ff702c4347b1fe150a71b6b549cdb48c79115e578de993ea93b3f558bb8d0af12262e9611c4fb4cff066c73f82d9088033055c4cb036a3
|
|
@@ -14,64 +14,64 @@
|
|
|
14
14
|
'configure.ac'
|
|
15
15
|
],
|
|
16
16
|
{
|
|
17
|
-
'
|
|
18
|
-
'
|
|
19
|
-
'
|
|
17
|
+
'LT_INIT' => 1,
|
|
18
|
+
'AC_DEFINE_TRACE_LITERAL' => 1,
|
|
19
|
+
'AM_PROG_CXX_C_O' => 1,
|
|
20
20
|
'_LT_AC_TAGCONFIG' => 1,
|
|
21
|
-
'
|
|
22
|
-
'
|
|
21
|
+
'AM_AUTOMAKE_VERSION' => 1,
|
|
22
|
+
'AC_CANONICAL_BUILD' => 1,
|
|
23
|
+
'AC_SUBST_TRACE' => 1,
|
|
23
24
|
'AM_NLS' => 1,
|
|
25
|
+
'AM_PROG_LIBTOOL' => 1,
|
|
26
|
+
'AM_PROG_FC_C_O' => 1,
|
|
24
27
|
'm4_pattern_allow' => 1,
|
|
25
|
-
'AC_SUBST_TRACE' => 1,
|
|
26
|
-
'AM_PROG_CXX_C_O' => 1,
|
|
27
|
-
'_AM_SUBST_NOTMAKE' => 1,
|
|
28
|
-
'AC_CANONICAL_SYSTEM' => 1,
|
|
29
|
-
'AC_CONFIG_AUX_DIR' => 1,
|
|
30
|
-
'_AM_COND_ENDIF' => 1,
|
|
31
|
-
'AC_LIBSOURCE' => 1,
|
|
32
|
-
'AC_DEFINE_TRACE_LITERAL' => 1,
|
|
33
|
-
'AM_MAINTAINER_MODE' => 1,
|
|
34
28
|
'AC_CANONICAL_HOST' => 1,
|
|
35
|
-
'AM_PROG_AR' => 1,
|
|
36
|
-
'AC_CONFIG_LINKS' => 1,
|
|
37
|
-
'm4_sinclude' => 1,
|
|
38
|
-
'AM_POT_TOOLS' => 1,
|
|
39
|
-
'LT_INIT' => 1,
|
|
40
|
-
'AH_OUTPUT' => 1,
|
|
41
|
-
'AM_PROG_CC_C_O' => 1,
|
|
42
29
|
'AC_SUBST' => 1,
|
|
43
|
-
'
|
|
30
|
+
'_AM_COND_IF' => 1,
|
|
31
|
+
'AH_OUTPUT' => 1,
|
|
32
|
+
'LT_SUPPORTED_TAG' => 1,
|
|
44
33
|
'AC_INIT' => 1,
|
|
45
|
-
'
|
|
34
|
+
'AM_CONDITIONAL' => 1,
|
|
35
|
+
'AM_XGETTEXT_OPTION' => 1,
|
|
36
|
+
'sinclude' => 1,
|
|
37
|
+
'AC_CONFIG_HEADERS' => 1,
|
|
38
|
+
'_AM_SUBST_NOTMAKE' => 1,
|
|
39
|
+
'AM_POT_TOOLS' => 1,
|
|
40
|
+
'_AM_MAKEFILE_INCLUDE' => 1,
|
|
46
41
|
'AM_PROG_F77_C_O' => 1,
|
|
47
|
-
'
|
|
42
|
+
'AC_CONFIG_LINKS' => 1,
|
|
48
43
|
'AC_FC_PP_DEFINE' => 1,
|
|
49
|
-
'
|
|
50
|
-
'sinclude' => 1,
|
|
44
|
+
'AM_SILENT_RULES' => 1,
|
|
51
45
|
'AC_CONFIG_FILES' => 1,
|
|
52
|
-
'
|
|
53
|
-
'
|
|
46
|
+
'AC_FC_FREEFORM' => 1,
|
|
47
|
+
'_m4_warn' => 1,
|
|
48
|
+
'AM_MAINTAINER_MODE' => 1,
|
|
54
49
|
'include' => 1,
|
|
55
|
-
'
|
|
56
|
-
'
|
|
57
|
-
'AM_INIT_AUTOMAKE' => 1,
|
|
58
|
-
'AC_REQUIRE_AUX_FILE' => 1,
|
|
59
|
-
'AM_CONDITIONAL' => 1,
|
|
60
|
-
'AC_CONFIG_SUBDIRS' => 1,
|
|
50
|
+
'm4_include' => 1,
|
|
51
|
+
'AC_LIBSOURCE' => 1,
|
|
61
52
|
'AC_FC_PP_SRCEXT' => 1,
|
|
62
|
-
'
|
|
63
|
-
'
|
|
64
|
-
'AC_CANONICAL_TARGET' => 1,
|
|
53
|
+
'LT_CONFIG_LTDL_DIR' => 1,
|
|
54
|
+
'_AM_COND_ENDIF' => 1,
|
|
65
55
|
'AC_PROG_LIBTOOL' => 1,
|
|
66
|
-
'
|
|
56
|
+
'AM_PROG_MOC' => 1,
|
|
67
57
|
'AM_GNU_GETTEXT_INTL_SUBDIR' => 1,
|
|
68
|
-
'
|
|
69
|
-
'AM_MAKEFILE_INCLUDE' => 1,
|
|
70
|
-
'LT_CONFIG_LTDL_DIR' => 1,
|
|
58
|
+
'AM_GNU_GETTEXT' => 1,
|
|
71
59
|
'AM_ENABLE_MULTILIB' => 1,
|
|
72
|
-
'
|
|
73
|
-
'
|
|
74
|
-
'
|
|
60
|
+
'AC_REQUIRE_AUX_FILE' => 1,
|
|
61
|
+
'AM_MAKEFILE_INCLUDE' => 1,
|
|
62
|
+
'AC_CANONICAL_SYSTEM' => 1,
|
|
63
|
+
'AM_PROG_CC_C_O' => 1,
|
|
64
|
+
'AC_FC_SRCEXT' => 1,
|
|
65
|
+
'AM_INIT_AUTOMAKE' => 1,
|
|
66
|
+
'AC_CONFIG_LIBOBJ_DIR' => 1,
|
|
67
|
+
'm4_pattern_forbid' => 1,
|
|
68
|
+
'AC_CANONICAL_TARGET' => 1,
|
|
69
|
+
'm4_sinclude' => 1,
|
|
70
|
+
'AC_CONFIG_SUBDIRS' => 1,
|
|
71
|
+
'AC_CONFIG_AUX_DIR' => 1,
|
|
72
|
+
'_AM_COND_ELSE' => 1,
|
|
73
|
+
'AM_PATH_GUILE' => 1,
|
|
74
|
+
'AM_PROG_AR' => 1
|
|
75
75
|
}
|
|
76
76
|
], 'Autom4te::Request' )
|
|
77
77
|
);
|
data/funchook/config.log
CHANGED
|
@@ -10,7 +10,7 @@ generated by GNU Autoconf 2.69. Invocation command line was
|
|
|
10
10
|
## Platform. ##
|
|
11
11
|
## --------- ##
|
|
12
12
|
|
|
13
|
-
hostname =
|
|
13
|
+
hostname = b28fd605-e326-4651-9c62-dace7786d221-5nfw6
|
|
14
14
|
uname -m = x86_64
|
|
15
15
|
uname -r = 4.19.95-flatcar
|
|
16
16
|
uname -s = Linux
|
|
@@ -326,7 +326,7 @@ generated by GNU Autoconf 2.69. Invocation command line was
|
|
|
326
326
|
CONFIG_COMMANDS =
|
|
327
327
|
$ ./config.status
|
|
328
328
|
|
|
329
|
-
on
|
|
329
|
+
on b28fd605-e326-4651-9c62-dace7786d221-5nfw6
|
|
330
330
|
|
|
331
331
|
config.status:822: creating Makefile
|
|
332
332
|
config.status:822: creating src/Makefile
|
|
@@ -62,12 +62,10 @@ module Contrast
|
|
|
62
62
|
@atomic_mutex = Mutex.new
|
|
63
63
|
def self.next_atomic_id
|
|
64
64
|
@atomic_mutex.synchronize do
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
@atomic_id = 1
|
|
70
|
-
end
|
|
65
|
+
@atomic_id += 1
|
|
66
|
+
# Rollover things
|
|
67
|
+
rescue StandardError
|
|
68
|
+
@atomic_id = 1
|
|
71
69
|
end
|
|
72
70
|
end
|
|
73
71
|
|
|
@@ -14,7 +14,9 @@ module Contrast
|
|
|
14
14
|
# This is our interface from the Patcher to the Rewriter
|
|
15
15
|
# functionality
|
|
16
16
|
#
|
|
17
|
-
# TODO: RUBY-
|
|
17
|
+
# TODO: RUBY-714 remove w/ EOL of 2.5
|
|
18
|
+
# @deprecated Changes to this class are discouraged as this approach is
|
|
19
|
+
# being phased out with support for those language versions.
|
|
18
20
|
module RewriterPatch
|
|
19
21
|
include Contrast::Components::Interface
|
|
20
22
|
access_component :agent, :analysis, :logging
|
|
@@ -27,8 +27,7 @@ end
|
|
|
27
27
|
|
|
28
28
|
module Contrast
|
|
29
29
|
module Agent
|
|
30
|
-
#
|
|
31
|
-
# interpolation in them.
|
|
30
|
+
# TODO: RUBY-714 remove w/ EOL of 2.5
|
|
32
31
|
# @deprecated Changes to this class are discouraged as this approach is
|
|
33
32
|
# being phased out with support for those language versions.
|
|
34
33
|
class ClassReopener
|
|
@@ -26,9 +26,6 @@ module Contrast
|
|
|
26
26
|
include Contrast::Components::Interface
|
|
27
27
|
access_component :config
|
|
28
28
|
|
|
29
|
-
# Ruby 2.4 does not nicely compare to nil, so we have to include
|
|
30
|
-
# these wrapper methods. RUBY-179 has the task to update this on
|
|
31
|
-
# EOL of 2.4 support
|
|
32
29
|
def false? config
|
|
33
30
|
Contrast::Utils::BooleanUtil.false?(config)
|
|
34
31
|
end
|
|
@@ -10,8 +10,10 @@ cs__scoped_require 'contrast/utils/ruby_ast_rewriter'
|
|
|
10
10
|
|
|
11
11
|
module Contrast
|
|
12
12
|
module Agent
|
|
13
|
-
# Used for Ruby 2.
|
|
13
|
+
# Used for Ruby 2.5 to allow us to rewrite those methods which have
|
|
14
14
|
# interpolation in them.
|
|
15
|
+
#
|
|
16
|
+
# TODO: RUBY-714 remove w/ EOL of 2.5
|
|
15
17
|
# @deprecated Changes to this class are discouraged as this approach is
|
|
16
18
|
# being phased out with support for those language versions.
|
|
17
19
|
class Rewriter
|
data/lib/contrast/agent/scope.rb
CHANGED
|
@@ -71,12 +71,10 @@ module Contrast
|
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
define_method "with_#{ name }_scope" do |*_args, &block|
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
send exit_method_sym
|
|
79
|
-
end
|
|
74
|
+
send enter_method_sym
|
|
75
|
+
block.call
|
|
76
|
+
ensure
|
|
77
|
+
send exit_method_sym
|
|
80
78
|
end
|
|
81
79
|
end
|
|
82
80
|
|
|
@@ -26,12 +26,10 @@ module Contrast
|
|
|
26
26
|
|
|
27
27
|
def self.next_client_number
|
|
28
28
|
@instance_mutex.synchronize do
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
@instance_count = 1
|
|
34
|
-
end
|
|
29
|
+
@instance_count += 1
|
|
30
|
+
# Rollover things
|
|
31
|
+
rescue StandardError
|
|
32
|
+
@instance_count = 1
|
|
35
33
|
end
|
|
36
34
|
end
|
|
37
35
|
|
|
@@ -63,11 +63,9 @@ module Contrast
|
|
|
63
63
|
# in an infinite loop on the to_sym method used later.
|
|
64
64
|
def method_missing symbol, *args
|
|
65
65
|
with_contrast_scope do
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
super
|
|
70
|
-
end
|
|
66
|
+
root.public_send(symbol, *args)
|
|
67
|
+
rescue NoMethodError => _e
|
|
68
|
+
super
|
|
71
69
|
end
|
|
72
70
|
end
|
|
73
71
|
|
|
@@ -9,9 +9,6 @@ module Contrast
|
|
|
9
9
|
# to equate to a boolean
|
|
10
10
|
class BooleanUtil
|
|
11
11
|
class << self
|
|
12
|
-
# Ruby 2.4 does not nicely compare to nil, so we have to include
|
|
13
|
-
# these wrapper methods. RUBY-179 has the task to update this on
|
|
14
|
-
# EOL of 2.4 support
|
|
15
12
|
def false? config
|
|
16
13
|
return false unless config
|
|
17
14
|
return false if config == true
|
|
@@ -40,13 +40,12 @@ module Contrast
|
|
|
40
40
|
@_determine_application_version ||= begin
|
|
41
41
|
candidates = VERSION_CONSTANT_CANDIDATES.map do |name|
|
|
42
42
|
# If there's a constant named 'name' (VERSION, etc.), get its value.
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
end
|
|
47
|
-
rescue LoadError, StandardError
|
|
48
|
-
nil
|
|
43
|
+
|
|
44
|
+
name.split('::').inject(Object) do |mod, class_name|
|
|
45
|
+
mod.cs__const_get(class_name)
|
|
49
46
|
end
|
|
47
|
+
rescue LoadError, StandardError
|
|
48
|
+
nil
|
|
50
49
|
end
|
|
51
50
|
candidates.compact!
|
|
52
51
|
candidate = candidates.first || ENV[CS_VERSION]
|
|
@@ -101,16 +101,6 @@ module Contrast
|
|
|
101
101
|
UNKNOWN = 'unknown'
|
|
102
102
|
|
|
103
103
|
INDEX = 'index'
|
|
104
|
-
|
|
105
|
-
VERSION_2_5_0 = '2.5.0'
|
|
106
|
-
VERSION_2_4_2 = '2.4.2'
|
|
107
|
-
VERSION_2_4_1 = '2.4.1'
|
|
108
|
-
VERSION_2_4_0 = '2.4.0'
|
|
109
|
-
VERSION_2_3_5 = '2.3.5'
|
|
110
|
-
VERSION_2_3_4 = '2.3.4'
|
|
111
|
-
VERSION_2_3_0 = '2.3.0'
|
|
112
|
-
VERSION_2_0_4 = '2.0.4'
|
|
113
|
-
VERSION_2_0_0 = '2.0.0'
|
|
114
104
|
end
|
|
115
105
|
end
|
|
116
106
|
end
|
|
@@ -5,9 +5,13 @@ cs__scoped_require 'parser/current'
|
|
|
5
5
|
|
|
6
6
|
module Contrast
|
|
7
7
|
module Utils
|
|
8
|
-
# This utility allows us to parse and rewrite the AST in Ruby 2.
|
|
8
|
+
# This utility allows us to parse and rewrite the AST in Ruby 2.5,
|
|
9
9
|
# allowing us to track String interpolation propagation by replacing those
|
|
10
10
|
# events with String#+ events instead.
|
|
11
|
+
#
|
|
12
|
+
# TODO: RUBY-714 remove w/ EOL of 2.5
|
|
13
|
+
# @deprecated Changes to this class are discouraged as this approach is
|
|
14
|
+
# being phased out with support for those language versions.
|
|
11
15
|
class RubyAstRewriter < Parser::TreeRewriter
|
|
12
16
|
VARIABLES = %i[ivar cvar gvar].cs__freeze
|
|
13
17
|
|
data/ruby-agent.gemspec
CHANGED
|
@@ -115,7 +115,7 @@ Gem::Specification.new do |spec|
|
|
|
115
115
|
'Testing and Protection.'
|
|
116
116
|
spec.homepage = 'https://www.contrastsecurity.com'
|
|
117
117
|
spec.license = 'CONTRAST SECURITY (see license file)'
|
|
118
|
-
spec.required_ruby_version = ['>= 2.
|
|
118
|
+
spec.required_ruby_version = ['>= 2.5.0', '< 2.8.0']
|
|
119
119
|
|
|
120
120
|
spec.bindir = 'exe'
|
|
121
121
|
spec.executables = ['contrast_service']
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: contrast-agent
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.10.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- galen.palmer@contrastsecurity.com
|
|
@@ -420,21 +420,21 @@ executables:
|
|
|
420
420
|
- contrast_service
|
|
421
421
|
extensions:
|
|
422
422
|
- ext/cs__common/extconf.rb
|
|
423
|
+
- ext/cs__assess_regexp/extconf.rb
|
|
424
|
+
- ext/cs__assess_regexp_track/extconf.rb
|
|
425
|
+
- ext/cs__contrast_patch/extconf.rb
|
|
426
|
+
- ext/cs__assess_string/extconf.rb
|
|
427
|
+
- ext/cs__assess_active_record_named/extconf.rb
|
|
428
|
+
- ext/cs__assess_fiber_track/extconf.rb
|
|
423
429
|
- ext/cs__assess_basic_object/extconf.rb
|
|
424
|
-
- ext/cs__assess_hash/extconf.rb
|
|
425
430
|
- ext/cs__assess_yield_track/extconf.rb
|
|
426
|
-
- ext/cs__assess_active_record_named/extconf.rb
|
|
427
|
-
- ext/cs__assess_regexp/extconf.rb
|
|
428
|
-
- ext/cs__assess_string_interpolation26/extconf.rb
|
|
429
|
-
- ext/cs__assess_marshal_module/extconf.rb
|
|
430
431
|
- ext/cs__assess_array/extconf.rb
|
|
432
|
+
- ext/cs__assess_string_interpolation26/extconf.rb
|
|
431
433
|
- ext/cs__assess_module/extconf.rb
|
|
432
|
-
- ext/
|
|
433
|
-
- ext/cs__protect_kernel/extconf.rb
|
|
434
|
-
- ext/cs__assess_regexp_track/extconf.rb
|
|
435
|
-
- ext/cs__assess_string/extconf.rb
|
|
434
|
+
- ext/cs__assess_hash/extconf.rb
|
|
436
435
|
- ext/cs__assess_kernel/extconf.rb
|
|
437
|
-
- ext/
|
|
436
|
+
- ext/cs__protect_kernel/extconf.rb
|
|
437
|
+
- ext/cs__assess_marshal_module/extconf.rb
|
|
438
438
|
extra_rdoc_files: []
|
|
439
439
|
files:
|
|
440
440
|
- ".clang-format"
|
|
@@ -965,7 +965,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
965
965
|
requirements:
|
|
966
966
|
- - ">="
|
|
967
967
|
- !ruby/object:Gem::Version
|
|
968
|
-
version: 2.
|
|
968
|
+
version: 2.5.0
|
|
969
969
|
- - "<"
|
|
970
970
|
- !ruby/object:Gem::Version
|
|
971
971
|
version: 2.8.0
|