contrast-agent 3.9.1 → 3.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/funchook/autom4te.cache/requests +44 -44
- data/funchook/config.log +2 -2
- data/lib/contrast/agent/assess/contrast_event.rb +4 -6
- data/lib/contrast/agent/assess/policy/rewriter_patch.rb +3 -1
- data/lib/contrast/agent/class_reopener.rb +1 -2
- data/lib/contrast/agent/feature_state.rb +0 -3
- data/lib/contrast/agent/rewriter.rb +3 -1
- data/lib/contrast/agent/scope.rb +4 -6
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/api/speedracer.rb +4 -6
- data/lib/contrast/configuration.rb +3 -5
- data/lib/contrast/utils/boolean_util.rb +0 -3
- data/lib/contrast/utils/environment_util.rb +5 -6
- data/lib/contrast/utils/object_share.rb +0 -10
- data/lib/contrast/utils/ruby_ast_rewriter.rb +5 -1
- data/ruby-agent.gemspec +1 -1
- metadata +12 -12
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 03d6c2a4cfa24b58ad6f608f97d9018951651135e79e97a16f9229292b161f31
|
|
4
|
+
data.tar.gz: 74c463380a6708d409557870609fbd2bf8e3c6e0010ba62f068078261d22ef6c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a67dca249a20e4dad0a99e9e72d790435f5eb8c09caed9b5eef72dd232561c21d7917ff371316dee768944a8ed884fa77a4359129f8ff833eac11107b883cde0
|
|
7
|
+
data.tar.gz: 1336842f79e62ecca3ff702c4347b1fe150a71b6b549cdb48c79115e578de993ea93b3f558bb8d0af12262e9611c4fb4cff066c73f82d9088033055c4cb036a3
|
|
@@ -14,64 +14,64 @@
|
|
|
14
14
|
'configure.ac'
|
|
15
15
|
],
|
|
16
16
|
{
|
|
17
|
-
'
|
|
18
|
-
'
|
|
19
|
-
'
|
|
17
|
+
'LT_INIT' => 1,
|
|
18
|
+
'AC_DEFINE_TRACE_LITERAL' => 1,
|
|
19
|
+
'AM_PROG_CXX_C_O' => 1,
|
|
20
20
|
'_LT_AC_TAGCONFIG' => 1,
|
|
21
|
-
'
|
|
22
|
-
'
|
|
21
|
+
'AM_AUTOMAKE_VERSION' => 1,
|
|
22
|
+
'AC_CANONICAL_BUILD' => 1,
|
|
23
|
+
'AC_SUBST_TRACE' => 1,
|
|
23
24
|
'AM_NLS' => 1,
|
|
25
|
+
'AM_PROG_LIBTOOL' => 1,
|
|
26
|
+
'AM_PROG_FC_C_O' => 1,
|
|
24
27
|
'm4_pattern_allow' => 1,
|
|
25
|
-
'AC_SUBST_TRACE' => 1,
|
|
26
|
-
'AM_PROG_CXX_C_O' => 1,
|
|
27
|
-
'_AM_SUBST_NOTMAKE' => 1,
|
|
28
|
-
'AC_CANONICAL_SYSTEM' => 1,
|
|
29
|
-
'AC_CONFIG_AUX_DIR' => 1,
|
|
30
|
-
'_AM_COND_ENDIF' => 1,
|
|
31
|
-
'AC_LIBSOURCE' => 1,
|
|
32
|
-
'AC_DEFINE_TRACE_LITERAL' => 1,
|
|
33
|
-
'AM_MAINTAINER_MODE' => 1,
|
|
34
28
|
'AC_CANONICAL_HOST' => 1,
|
|
35
|
-
'AM_PROG_AR' => 1,
|
|
36
|
-
'AC_CONFIG_LINKS' => 1,
|
|
37
|
-
'm4_sinclude' => 1,
|
|
38
|
-
'AM_POT_TOOLS' => 1,
|
|
39
|
-
'LT_INIT' => 1,
|
|
40
|
-
'AH_OUTPUT' => 1,
|
|
41
|
-
'AM_PROG_CC_C_O' => 1,
|
|
42
29
|
'AC_SUBST' => 1,
|
|
43
|
-
'
|
|
30
|
+
'_AM_COND_IF' => 1,
|
|
31
|
+
'AH_OUTPUT' => 1,
|
|
32
|
+
'LT_SUPPORTED_TAG' => 1,
|
|
44
33
|
'AC_INIT' => 1,
|
|
45
|
-
'
|
|
34
|
+
'AM_CONDITIONAL' => 1,
|
|
35
|
+
'AM_XGETTEXT_OPTION' => 1,
|
|
36
|
+
'sinclude' => 1,
|
|
37
|
+
'AC_CONFIG_HEADERS' => 1,
|
|
38
|
+
'_AM_SUBST_NOTMAKE' => 1,
|
|
39
|
+
'AM_POT_TOOLS' => 1,
|
|
40
|
+
'_AM_MAKEFILE_INCLUDE' => 1,
|
|
46
41
|
'AM_PROG_F77_C_O' => 1,
|
|
47
|
-
'
|
|
42
|
+
'AC_CONFIG_LINKS' => 1,
|
|
48
43
|
'AC_FC_PP_DEFINE' => 1,
|
|
49
|
-
'
|
|
50
|
-
'sinclude' => 1,
|
|
44
|
+
'AM_SILENT_RULES' => 1,
|
|
51
45
|
'AC_CONFIG_FILES' => 1,
|
|
52
|
-
'
|
|
53
|
-
'
|
|
46
|
+
'AC_FC_FREEFORM' => 1,
|
|
47
|
+
'_m4_warn' => 1,
|
|
48
|
+
'AM_MAINTAINER_MODE' => 1,
|
|
54
49
|
'include' => 1,
|
|
55
|
-
'
|
|
56
|
-
'
|
|
57
|
-
'AM_INIT_AUTOMAKE' => 1,
|
|
58
|
-
'AC_REQUIRE_AUX_FILE' => 1,
|
|
59
|
-
'AM_CONDITIONAL' => 1,
|
|
60
|
-
'AC_CONFIG_SUBDIRS' => 1,
|
|
50
|
+
'm4_include' => 1,
|
|
51
|
+
'AC_LIBSOURCE' => 1,
|
|
61
52
|
'AC_FC_PP_SRCEXT' => 1,
|
|
62
|
-
'
|
|
63
|
-
'
|
|
64
|
-
'AC_CANONICAL_TARGET' => 1,
|
|
53
|
+
'LT_CONFIG_LTDL_DIR' => 1,
|
|
54
|
+
'_AM_COND_ENDIF' => 1,
|
|
65
55
|
'AC_PROG_LIBTOOL' => 1,
|
|
66
|
-
'
|
|
56
|
+
'AM_PROG_MOC' => 1,
|
|
67
57
|
'AM_GNU_GETTEXT_INTL_SUBDIR' => 1,
|
|
68
|
-
'
|
|
69
|
-
'AM_MAKEFILE_INCLUDE' => 1,
|
|
70
|
-
'LT_CONFIG_LTDL_DIR' => 1,
|
|
58
|
+
'AM_GNU_GETTEXT' => 1,
|
|
71
59
|
'AM_ENABLE_MULTILIB' => 1,
|
|
72
|
-
'
|
|
73
|
-
'
|
|
74
|
-
'
|
|
60
|
+
'AC_REQUIRE_AUX_FILE' => 1,
|
|
61
|
+
'AM_MAKEFILE_INCLUDE' => 1,
|
|
62
|
+
'AC_CANONICAL_SYSTEM' => 1,
|
|
63
|
+
'AM_PROG_CC_C_O' => 1,
|
|
64
|
+
'AC_FC_SRCEXT' => 1,
|
|
65
|
+
'AM_INIT_AUTOMAKE' => 1,
|
|
66
|
+
'AC_CONFIG_LIBOBJ_DIR' => 1,
|
|
67
|
+
'm4_pattern_forbid' => 1,
|
|
68
|
+
'AC_CANONICAL_TARGET' => 1,
|
|
69
|
+
'm4_sinclude' => 1,
|
|
70
|
+
'AC_CONFIG_SUBDIRS' => 1,
|
|
71
|
+
'AC_CONFIG_AUX_DIR' => 1,
|
|
72
|
+
'_AM_COND_ELSE' => 1,
|
|
73
|
+
'AM_PATH_GUILE' => 1,
|
|
74
|
+
'AM_PROG_AR' => 1
|
|
75
75
|
}
|
|
76
76
|
], 'Autom4te::Request' )
|
|
77
77
|
);
|
data/funchook/config.log
CHANGED
|
@@ -10,7 +10,7 @@ generated by GNU Autoconf 2.69. Invocation command line was
|
|
|
10
10
|
## Platform. ##
|
|
11
11
|
## --------- ##
|
|
12
12
|
|
|
13
|
-
hostname =
|
|
13
|
+
hostname = b28fd605-e326-4651-9c62-dace7786d221-5nfw6
|
|
14
14
|
uname -m = x86_64
|
|
15
15
|
uname -r = 4.19.95-flatcar
|
|
16
16
|
uname -s = Linux
|
|
@@ -326,7 +326,7 @@ generated by GNU Autoconf 2.69. Invocation command line was
|
|
|
326
326
|
CONFIG_COMMANDS =
|
|
327
327
|
$ ./config.status
|
|
328
328
|
|
|
329
|
-
on
|
|
329
|
+
on b28fd605-e326-4651-9c62-dace7786d221-5nfw6
|
|
330
330
|
|
|
331
331
|
config.status:822: creating Makefile
|
|
332
332
|
config.status:822: creating src/Makefile
|
|
@@ -62,12 +62,10 @@ module Contrast
|
|
|
62
62
|
@atomic_mutex = Mutex.new
|
|
63
63
|
def self.next_atomic_id
|
|
64
64
|
@atomic_mutex.synchronize do
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
@atomic_id = 1
|
|
70
|
-
end
|
|
65
|
+
@atomic_id += 1
|
|
66
|
+
# Rollover things
|
|
67
|
+
rescue StandardError
|
|
68
|
+
@atomic_id = 1
|
|
71
69
|
end
|
|
72
70
|
end
|
|
73
71
|
|
|
@@ -14,7 +14,9 @@ module Contrast
|
|
|
14
14
|
# This is our interface from the Patcher to the Rewriter
|
|
15
15
|
# functionality
|
|
16
16
|
#
|
|
17
|
-
# TODO: RUBY-
|
|
17
|
+
# TODO: RUBY-714 remove w/ EOL of 2.5
|
|
18
|
+
# @deprecated Changes to this class are discouraged as this approach is
|
|
19
|
+
# being phased out with support for those language versions.
|
|
18
20
|
module RewriterPatch
|
|
19
21
|
include Contrast::Components::Interface
|
|
20
22
|
access_component :agent, :analysis, :logging
|
|
@@ -27,8 +27,7 @@ end
|
|
|
27
27
|
|
|
28
28
|
module Contrast
|
|
29
29
|
module Agent
|
|
30
|
-
#
|
|
31
|
-
# interpolation in them.
|
|
30
|
+
# TODO: RUBY-714 remove w/ EOL of 2.5
|
|
32
31
|
# @deprecated Changes to this class are discouraged as this approach is
|
|
33
32
|
# being phased out with support for those language versions.
|
|
34
33
|
class ClassReopener
|
|
@@ -26,9 +26,6 @@ module Contrast
|
|
|
26
26
|
include Contrast::Components::Interface
|
|
27
27
|
access_component :config
|
|
28
28
|
|
|
29
|
-
# Ruby 2.4 does not nicely compare to nil, so we have to include
|
|
30
|
-
# these wrapper methods. RUBY-179 has the task to update this on
|
|
31
|
-
# EOL of 2.4 support
|
|
32
29
|
def false? config
|
|
33
30
|
Contrast::Utils::BooleanUtil.false?(config)
|
|
34
31
|
end
|
|
@@ -10,8 +10,10 @@ cs__scoped_require 'contrast/utils/ruby_ast_rewriter'
|
|
|
10
10
|
|
|
11
11
|
module Contrast
|
|
12
12
|
module Agent
|
|
13
|
-
# Used for Ruby 2.
|
|
13
|
+
# Used for Ruby 2.5 to allow us to rewrite those methods which have
|
|
14
14
|
# interpolation in them.
|
|
15
|
+
#
|
|
16
|
+
# TODO: RUBY-714 remove w/ EOL of 2.5
|
|
15
17
|
# @deprecated Changes to this class are discouraged as this approach is
|
|
16
18
|
# being phased out with support for those language versions.
|
|
17
19
|
class Rewriter
|
data/lib/contrast/agent/scope.rb
CHANGED
|
@@ -71,12 +71,10 @@ module Contrast
|
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
define_method "with_#{ name }_scope" do |*_args, &block|
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
send exit_method_sym
|
|
79
|
-
end
|
|
74
|
+
send enter_method_sym
|
|
75
|
+
block.call
|
|
76
|
+
ensure
|
|
77
|
+
send exit_method_sym
|
|
80
78
|
end
|
|
81
79
|
end
|
|
82
80
|
|
|
@@ -26,12 +26,10 @@ module Contrast
|
|
|
26
26
|
|
|
27
27
|
def self.next_client_number
|
|
28
28
|
@instance_mutex.synchronize do
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
@instance_count = 1
|
|
34
|
-
end
|
|
29
|
+
@instance_count += 1
|
|
30
|
+
# Rollover things
|
|
31
|
+
rescue StandardError
|
|
32
|
+
@instance_count = 1
|
|
35
33
|
end
|
|
36
34
|
end
|
|
37
35
|
|
|
@@ -63,11 +63,9 @@ module Contrast
|
|
|
63
63
|
# in an infinite loop on the to_sym method used later.
|
|
64
64
|
def method_missing symbol, *args
|
|
65
65
|
with_contrast_scope do
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
super
|
|
70
|
-
end
|
|
66
|
+
root.public_send(symbol, *args)
|
|
67
|
+
rescue NoMethodError => _e
|
|
68
|
+
super
|
|
71
69
|
end
|
|
72
70
|
end
|
|
73
71
|
|
|
@@ -9,9 +9,6 @@ module Contrast
|
|
|
9
9
|
# to equate to a boolean
|
|
10
10
|
class BooleanUtil
|
|
11
11
|
class << self
|
|
12
|
-
# Ruby 2.4 does not nicely compare to nil, so we have to include
|
|
13
|
-
# these wrapper methods. RUBY-179 has the task to update this on
|
|
14
|
-
# EOL of 2.4 support
|
|
15
12
|
def false? config
|
|
16
13
|
return false unless config
|
|
17
14
|
return false if config == true
|
|
@@ -40,13 +40,12 @@ module Contrast
|
|
|
40
40
|
@_determine_application_version ||= begin
|
|
41
41
|
candidates = VERSION_CONSTANT_CANDIDATES.map do |name|
|
|
42
42
|
# If there's a constant named 'name' (VERSION, etc.), get its value.
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
end
|
|
47
|
-
rescue LoadError, StandardError
|
|
48
|
-
nil
|
|
43
|
+
|
|
44
|
+
name.split('::').inject(Object) do |mod, class_name|
|
|
45
|
+
mod.cs__const_get(class_name)
|
|
49
46
|
end
|
|
47
|
+
rescue LoadError, StandardError
|
|
48
|
+
nil
|
|
50
49
|
end
|
|
51
50
|
candidates.compact!
|
|
52
51
|
candidate = candidates.first || ENV[CS_VERSION]
|
|
@@ -101,16 +101,6 @@ module Contrast
|
|
|
101
101
|
UNKNOWN = 'unknown'
|
|
102
102
|
|
|
103
103
|
INDEX = 'index'
|
|
104
|
-
|
|
105
|
-
VERSION_2_5_0 = '2.5.0'
|
|
106
|
-
VERSION_2_4_2 = '2.4.2'
|
|
107
|
-
VERSION_2_4_1 = '2.4.1'
|
|
108
|
-
VERSION_2_4_0 = '2.4.0'
|
|
109
|
-
VERSION_2_3_5 = '2.3.5'
|
|
110
|
-
VERSION_2_3_4 = '2.3.4'
|
|
111
|
-
VERSION_2_3_0 = '2.3.0'
|
|
112
|
-
VERSION_2_0_4 = '2.0.4'
|
|
113
|
-
VERSION_2_0_0 = '2.0.0'
|
|
114
104
|
end
|
|
115
105
|
end
|
|
116
106
|
end
|
|
@@ -5,9 +5,13 @@ cs__scoped_require 'parser/current'
|
|
|
5
5
|
|
|
6
6
|
module Contrast
|
|
7
7
|
module Utils
|
|
8
|
-
# This utility allows us to parse and rewrite the AST in Ruby 2.
|
|
8
|
+
# This utility allows us to parse and rewrite the AST in Ruby 2.5,
|
|
9
9
|
# allowing us to track String interpolation propagation by replacing those
|
|
10
10
|
# events with String#+ events instead.
|
|
11
|
+
#
|
|
12
|
+
# TODO: RUBY-714 remove w/ EOL of 2.5
|
|
13
|
+
# @deprecated Changes to this class are discouraged as this approach is
|
|
14
|
+
# being phased out with support for those language versions.
|
|
11
15
|
class RubyAstRewriter < Parser::TreeRewriter
|
|
12
16
|
VARIABLES = %i[ivar cvar gvar].cs__freeze
|
|
13
17
|
|
data/ruby-agent.gemspec
CHANGED
|
@@ -115,7 +115,7 @@ Gem::Specification.new do |spec|
|
|
|
115
115
|
'Testing and Protection.'
|
|
116
116
|
spec.homepage = 'https://www.contrastsecurity.com'
|
|
117
117
|
spec.license = 'CONTRAST SECURITY (see license file)'
|
|
118
|
-
spec.required_ruby_version = ['>= 2.
|
|
118
|
+
spec.required_ruby_version = ['>= 2.5.0', '< 2.8.0']
|
|
119
119
|
|
|
120
120
|
spec.bindir = 'exe'
|
|
121
121
|
spec.executables = ['contrast_service']
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: contrast-agent
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.10.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- galen.palmer@contrastsecurity.com
|
|
@@ -420,21 +420,21 @@ executables:
|
|
|
420
420
|
- contrast_service
|
|
421
421
|
extensions:
|
|
422
422
|
- ext/cs__common/extconf.rb
|
|
423
|
+
- ext/cs__assess_regexp/extconf.rb
|
|
424
|
+
- ext/cs__assess_regexp_track/extconf.rb
|
|
425
|
+
- ext/cs__contrast_patch/extconf.rb
|
|
426
|
+
- ext/cs__assess_string/extconf.rb
|
|
427
|
+
- ext/cs__assess_active_record_named/extconf.rb
|
|
428
|
+
- ext/cs__assess_fiber_track/extconf.rb
|
|
423
429
|
- ext/cs__assess_basic_object/extconf.rb
|
|
424
|
-
- ext/cs__assess_hash/extconf.rb
|
|
425
430
|
- ext/cs__assess_yield_track/extconf.rb
|
|
426
|
-
- ext/cs__assess_active_record_named/extconf.rb
|
|
427
|
-
- ext/cs__assess_regexp/extconf.rb
|
|
428
|
-
- ext/cs__assess_string_interpolation26/extconf.rb
|
|
429
|
-
- ext/cs__assess_marshal_module/extconf.rb
|
|
430
431
|
- ext/cs__assess_array/extconf.rb
|
|
432
|
+
- ext/cs__assess_string_interpolation26/extconf.rb
|
|
431
433
|
- ext/cs__assess_module/extconf.rb
|
|
432
|
-
- ext/
|
|
433
|
-
- ext/cs__protect_kernel/extconf.rb
|
|
434
|
-
- ext/cs__assess_regexp_track/extconf.rb
|
|
435
|
-
- ext/cs__assess_string/extconf.rb
|
|
434
|
+
- ext/cs__assess_hash/extconf.rb
|
|
436
435
|
- ext/cs__assess_kernel/extconf.rb
|
|
437
|
-
- ext/
|
|
436
|
+
- ext/cs__protect_kernel/extconf.rb
|
|
437
|
+
- ext/cs__assess_marshal_module/extconf.rb
|
|
438
438
|
extra_rdoc_files: []
|
|
439
439
|
files:
|
|
440
440
|
- ".clang-format"
|
|
@@ -965,7 +965,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
965
965
|
requirements:
|
|
966
966
|
- - ">="
|
|
967
967
|
- !ruby/object:Gem::Version
|
|
968
|
-
version: 2.
|
|
968
|
+
version: 2.5.0
|
|
969
969
|
- - "<"
|
|
970
970
|
- !ruby/object:Gem::Version
|
|
971
971
|
version: 2.8.0
|