contrast-agent 4.0.0 → 4.3.2

data/lib/contrast/api/decorators/user_input.rb

@@ -12,7 +12,8 @@ module Contrast
       module UserInput
         UNKNOWN_USER_INPUT = Contrast::Api::Dtm::UserInput.new.tap do |user_input|
           user_input.input_type = :UNKNOWN
-        end.cs__freeze
+        end
+        UNKNOWN_USER_INPUT.cs__freeze
 
         def self.included klass
           klass.extend(ClassMethods)

data/lib/contrast/common_agent_configuration.rb

@@ -65,7 +65,8 @@ module Contrast
       end
 
       %w[name default description required_languages display].each do |field|
-        define_method(field) { hsh[field].dup }
+        # TODO: RUBY-1052
+        define_method(field) { hsh[field].dup } # rubocop:disable Performance/Kernel/DefineMethod
       end
     end
 

data/lib/contrast/components/assess.rb

@@ -35,6 +35,42 @@ module Contrast
           disabled_rules.include?(name)
         end
 
+        # The value of the stacktrace should be treated as an ENUM. We upcase it for
+        # faster comparisons when we use it. Anything not one of the known values of
+        # 'NONE',  'SOME', or 'ALL' is treated as 'ALL'
+        #
+        # @return [Symbol] the normalized value of CONFIG.root.assess.stacktraces
+        def capture_stacktrace_value
+          @_capture_stacktrace_value ||= case CONFIG.root.assess.stacktraces.upcase
+                                         when 'NONE'
+                                           :NONE
+                                         when 'SOME'
+                                           :SOME
+                                         else
+                                           :ALL
+                                         end
+        end
+
+        # Consider capture_stacktrace_value along with the node type
+        # to dertmine whether stacktraces should be captured.
+        #
+        # capture_stacktrace_value -> (:ALL, :NONE, :SOME)
+        # node types (SourceNode, PolicyNode, TriggerNode, PropagationNode)
+        #
+        # @param policy_node [Contrast::Agent::Assess::Policy::PolicyNode] The node in question.
+        # @param return [Boolean] to capture or not to capture, that is the question.
+        def capture_stacktrace? policy_node
+          return true if capture_stacktrace_value == :ALL
+
+          return false if capture_stacktrace_value == :NONE
+
+          # Below here capture_stacktrace_value must be :SOME.
+          return true if policy_node.cs__is_a?(Contrast::Agent::Assess::Policy::SourceNode)
+          return true if policy_node.cs__is_a?(Contrast::Agent::Assess::Policy::TriggerNode)
+
+          false
+        end
+
         def scan_response?
           @_scan_response = !false?(CONFIG.root.assess.enable_scan_response) if @_scan_response.nil?
           @_scan_response

data/lib/contrast/components/interface.rb

@@ -168,9 +168,11 @@ Contrast::Components::ComponentReceiverClassInterface::COMPONENT_MAP[:settings]
 require 'contrast/components/assess'
 require 'contrast/components/protect'
 require 'contrast/components/inventory'
-Contrast::Components::ComponentReceiverClassInterface::COMPONENT_MAP[:analysis] = [Contrast::Components::Protect,
-                                                                                   Contrast::Components::Assess,
-                                                                                   Contrast::Components::Inventory]
+Contrast::Components::ComponentReceiverClassInterface::COMPONENT_MAP[:analysis] = [
+  Contrast::Components::Protect,
+  Contrast::Components::Assess,
+  Contrast::Components::Inventory
+]
 
 require 'contrast/components/logger'
 Contrast::Components::ComponentReceiverClassInterface::COMPONENT_MAP[:logging] = [Contrast::Components::Logger]

data/lib/contrast/components/scope.rb

@@ -42,18 +42,84 @@ module Contrast
         # For each instance method on a scope, define a forwarder
         # to the scope on the current execution context's scope.
 
-        Contrast::Agent::Scope.public_instance_methods(false).each do |method_sym|
-          define_method(method_sym) do |*args, &block|
-            scope_for_current_ec.send(method_sym, *args, &block)
-          end
-        end
-
         def scope_for_current_ec
           MONITOR.synchronize do
             return EXECUTION_CONTEXT[Fiber.current] ||= Contrast::Agent::Scope.new
           end
         end
 
+        def enter_contrast_scope!
+          scope_for_current_ec.enter_contrast_scope!
+        end
+
+        def enter_deserialization_scope!
+          scope_for_current_ec.enter_deserialization_scope!
+        end
+
+        def enter_split_scope!
+          scope_for_current_ec.enter_split_scope!
+        end
+
+        def enter_scope! name
+          scope_for_current_ec.enter_scope! name
+        end
+
+        def exit_contrast_scope!
+          scope_for_current_ec.exit_contrast_scope!
+        end
+
+        def exit_deserialization_scope!
+          scope_for_current_ec.exit_deserialization_scope!
+        end
+
+        def exit_split_scope!
+          scope_for_current_ec.exit_split_scope!
+        end
+
+        def exit_scope! name
+          scope_for_current_ec.exit_scope! name
+        end
+
+        def in_contrast_scope?
+          scope_for_current_ec.in_contrast_scope?
+        end
+
+        def in_deserialization_scope?
+          scope_for_current_ec.in_deserialization_scope?
+        end
+
+        def in_split_scope?
+          scope_for_current_ec.in_split_scope?
+        end
+
+        def split_scope_depth
+          scope_for_current_ec.split_scope_depth
+        end
+
+        def in_scope? name
+          scope_for_current_ec.in_scope? name
+        end
+
+        def with_contrast_scope
+          scope_for_current_ec.enter_contrast_scope!
+          yield
+        ensure
+          scope_for_current_ec.exit_contrast_scope!
+        end
+
+        def with_deserialization_scope
+          scope_for_current_ec.enter_deserialization_scope!
+        ensure
+          scope_for_current_ec.exit_deserialization_scope!
+        end
+
+        def with_split_scope
+          scope_for_current_ec.enter_split_scope!
+          yield
+        ensure
+          scope_for_current_ec.exit_split_scope!
+        end
+
         # TODO: RUBY-572
         #
         # Current behavior is to no-op if we're not "in a request context".

data/lib/contrast/components/settings.rb

@@ -57,19 +57,22 @@ module Contrast
         # Meta-define an accessor for each state attribute.
 
         PROTECT_STATE_ATTRS.each do |attr|
-          define_method(attr) do
+          # TODO: RUBY-1052
+          define_method(attr) do # rubocop:disable Performance/Kernel/DefineMethod
             protect_state[attr]
           end
         end
 
         ASSESS_STATE_ATTRS.each do |attr|
-          define_method(attr) do
+          # TODO: RUBY-1052
+          define_method(attr) do # rubocop:disable Performance/Kernel/DefineMethod
             assess_state[attr]
           end
         end
 
         APPLICATION_STATE_ATTRS.each do |attr|
-          define_method(attr) do
+          # TODO: RUBY-1052
+          define_method(attr) do # rubocop:disable Performance/Kernel/DefineMethod
             application_state[attr]
           end
         end

data/lib/contrast/config/assess_configuration.rb

@@ -11,7 +11,8 @@ module Contrast
           enable: EMPTY_VALUE,
           enable_scan_response: Contrast::Config::DefaultValue.new('true'),
           sampling: Contrast::Config::SamplingConfiguration,
-          rules: Contrast::Config::AssessRulesConfiguration
+          rules: Contrast::Config::AssessRulesConfiguration,
+          stacktraces: Contrast::Config::DefaultValue.new('ALL')
       }.cs__freeze
 
       def initialize hsh

data/lib/contrast/extension/assess/array.rb

@@ -35,12 +35,11 @@ module Contrast
           # operation happens in C, we have to do it here rather than rely on the
           # patch of our String append or concat methods.
           def cs__track_join ary, separator, ret
-            return ret unless ary
+            return ret unless ary&.any? { |element| Contrast::Agent::Assess::Tracker.tracked?(element) }
             return ret if Contrast::Agent::Patching::Policy::Patch.skip_assess_analysis?
 
             with_contrast_scope do
-              properties = Contrast::Agent::Assess::Tracker.properties(ret)
-              return ret unless properties
+              return ret unless (properties = Contrast::Agent::Assess::Tracker.properties!(ret))
 
               shift = 0
               separator_length = separator.nil? ? 0 : separator.to_s.length

data/lib/contrast/extension/assess/erb.rb

@@ -6,9 +6,7 @@ module ERBPropagator
   class << self
     def result_tagger patcher, preshift, ret, _block
       return unless preshift.args.length >= 1
-
-      properties = Contrast::Agent::Assess::Tracker.properties(ret)
-      return unless properties
+      return unless (properties = Contrast::Agent::Assess::Tracker.properties!(ret))
 
       used_binding = preshift.args[0]
       binding_variable_set = used_binding.local_variables

data/lib/contrast/extension/assess/exec_trigger.rb

@@ -27,10 +27,7 @@ module Contrast
               source,
               Kernel,
               nil,
-              [source])
-          # Exec replaces the current process, if we occur in a forked process
-          # our appendage of this finding will not make it to TS
-          Contrast::Agent::AtExitHook.on_exit
+              source)
         end
 
         private

data/lib/contrast/extension/assess/fiber.rb

@@ -61,8 +61,7 @@ module Contrast
 
             with_contrast_scope do
               results.each do |result|
-                result_properties = Contrast::Agent::Assess::Tracker.properties(result)
-                next unless result_properties
+                next unless (result_properties = Contrast::Agent::Assess::Tracker.properties!(result))
 
                 result_properties.splat_from(fiber, result)
                 result_properties.build_event(
@@ -82,7 +81,7 @@ module Contrast
             return unless underlying.is_a?(String) && !underlying.empty?
 
             with_contrast_scope do
-              properties = Contrast::Agent::Assess::Tracker.properties(fiber)
+              properties = Contrast::Agent::Assess::Tracker.properties!(fiber)
               return unless properties
 
               properties.splat_from(underlying, fiber)

data/lib/contrast/extension/assess/hash.rb

@@ -17,11 +17,13 @@ module Contrast
             return object unless object.is_a?(String) && !object.cs__frozen?
             return object unless Contrast::Agent::Assess::Tracker.tracked?(object)
 
-            ret = Contrast::Agent::Assess::Tracker.duplicate(object)
-            ret.cs__freeze
+            # Copy the object, then freeze it, so that it looks the same
+            # externally, but will have our finalizer on it.
+            object.dup&.cs__freeze
           rescue StandardError
             # we'll rescue this error, but we can't log it here as that will
             # result in a seg fault
+            object
           end
 
           def instrument_hash_track

data/lib/contrast/extension/assess/kernel.rb

@@ -39,8 +39,7 @@ module Contrast
           # oh, and there's also %<name>type and %{name}... b/c of course there is
           # -HM
           def sprintf_tagger patcher, preshift, ret, _block
-            properties = Contrast::Agent::Assess::Tracker.properties(ret)
-            return unless properties
+            return unless (properties = Contrast::Agent::Assess::Tracker.properties!(ret))
 
             format_string = preshift.args[0]
             args = preshift.args[1]

data/lib/contrast/extension/assess/marshal.rb

@@ -6,42 +6,50 @@ require 'contrast/components/interface'
 module Contrast
   module Extension
     module Assess
-      # This is our patch of the Array class required to handle propagation
+      # This is our patch of the Marshal class
       # Disclaimer: there may be a better way, but we're in a 'get it work' state.
       # Hopefully, we'll be in a 'get it right' state soon.
-      # This module is used for our Marshal#load patches
+      # This module is used for our Marshal.load patches
       class MarshalPropagator
         include Contrast::Components::Interface
 
-        access_component :logging
+        access_component :logging, :scope
 
         class << self
-          def cs__load_trigger_check source, ret
-            current_context = Contrast::Agent::REQUEST_TRACKER.current
-            return unless current_context
+          def cs__load_protect arg
+            return if in_contrast_scope?
 
-            # Since we know this is the source of the trigger, we can do some
-            # optimization here and return when it is not tracked
-            return unless Contrast::Agent::Assess::Tracker.tracked?(source)
+            with_contrast_scope do
+              Contrast::Agent::Protect::Policy::AppliesDeserializationRule.prepended_invoke(arg)
+            end
+            nil
+          end
+
+          def cs__load_assess source, ret
+            with_contrast_scope do
+              current_context = Contrast::Agent::REQUEST_TRACKER.current
+              return unless current_context
 
-            args = [source]
-            # source might not be all the args passed in, but it is the one we care
-            # about. we could pass in all the args in the last param here if it
-            # becomes an issue in rendering on TS
-            Contrast::Agent::Assess::Policy::TriggerMethod.build_finding(
-                current_context,
-                trigger_node('Marshal', :load),
-                source,
-                self,
-                ret,
-                args)
-            properties = Contrast::Agent::Assess::Tracker.properties(ret)
-            properties.copy_from(source, ret)
+              args = [source]
+              # source might not be all the args passed in, but it is the one we care
+              # about. we could pass in all the args in the last param here if it
+              # becomes an issue in rendering on TS
+              Contrast::Agent::Assess::Policy::TriggerMethod.build_finding(
+                  current_context,
+                  trigger_node('Marshal', :load),
+                  source,
+                  self,
+                  ret,
+                  *args)
+              return unless (properties = Contrast::Agent::Assess::Tracker.properties!(ret))
 
-            node = Contrast::Agent::Assess::Policy::Policy.instance.find_propagator_node('Marshal', :load, false)
-            properties.build_event(node, ret, self, ret, args)
-          rescue StandardError => e
-            logger.error('Unable to determine if a trigger occurred in Marshal.load', e)
+              properties.copy_from(source, ret)
+
+              node = Contrast::Agent::Assess::Policy::Policy.instance.find_propagator_node('Marshal', :load, false)
+              properties.build_event(node, ret, self, ret, args)
+            rescue StandardError => e
+              logger.error('Unable to run Assess for Marshal.load', e)
+            end
           end
 
           def instrument_marshal_load

data/lib/contrast/extension/assess/regexp.rb

@@ -48,14 +48,9 @@ module Contrast
 
             target = info_hash[:back_ref]
             with_contrast_scope do
-              result = info_hash[:result]
-              return unless result
-
-              string = info_hash[:string]
-              return unless string
-
-              properties = Contrast::Agent::Assess::Tracker.properties(target)
-              return unless properties
+              return unless (result = info_hash[:result])
+              return unless (string = info_hash[:string])
+              return unless (properties = Contrast::Agent::Assess::Tracker.properties!(target))
 
               properties.splat_from(string, target)
               properties.build_event(

data/lib/contrast/extension/assess/string.rb

@@ -36,8 +36,7 @@ module Contrast
             return unless inputs.any? { |input| Contrast::Agent::Assess::Tracker.tracked?(input) }
 
             with_contrast_scope do
-              properties = Contrast::Agent::Assess::Tracker.properties(result)
-              return unless properties
+              return unless (properties = Contrast::Agent::Assess::Tracker.properties!(result))
 
               parent_events = []
               offset = 0

data/lib/contrast/framework/base_support.rb

@@ -4,68 +4,66 @@
 module Contrast
   module Framework
     # The API for all subclasses to implement to correctly support a given framework
-    class BaseSupport
-      class << self
-        # The top level module name used by the framework
-        def detection_class
-          raise NoMethodError('Subclasses of BaseSupport should implement this method')
-        end
+    module BaseSupport
+      # The top level module name used by the framework
+      def detection_class
+        raise NoMethodError('Subclasses of BaseSupport should implement this method')
+      end
 
-        def version
-          raise NoMethodError('Subclasses of BaseSupport should implement this method')
-        end
+      def version
+        raise NoMethodError('Subclasses of BaseSupport should implement this method')
+      end
 
-        def application_name
-          raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
-        end
+      def application_name
+        raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
+      end
 
-        def server_type
-          raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
-        end
+      def server_type
+        raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
+      end
 
-        # Find all the predefined routes for this application and append them to the
-        # provided inventory message
-        # msg should be a Contrast::Api::Dtm::ApplicationUpdate or some other msg
-        # that has a routes array consisting of Contrast::Api::Dtm::RouteCoverage
-        def collect_routes
-          raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
-        end
+      # Find all the predefined routes for this application and append them to the
+      # provided inventory message
+      # msg should be a Contrast::Api::Dtm::ApplicationUpdate or some other msg
+      # that has a routes array consisting of Contrast::Api::Dtm::RouteCoverage
+      def collect_routes
+        raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
+      end
 
-        def current_route
-          raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
-        end
+      def current_route
+        raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
+      end
 
-        def retrieve_request _env
-          raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
-        end
+      def retrieve_request _env
+        raise NoMethodError, 'Subclasses of BaseSupport should implement this method'
+      end
 
-        # Some Frameworks require specific patching for their classes to handle
-        # functionality like configuration scanning. To accommodate this, this
-        # method provides a place to register those patches for invocation on
-        # Agent load.
-        #
-        # By default, and hopefully in all cases, we won't need these patches,
-        # so we're allowing nil here rather than raising an exception.
-        def before_load_patches!; end
+      # Some Frameworks require specific patching for their classes to handle
+      # functionality like configuration scanning. To accommodate this, this
+      # method provides a place to register those patches for invocation on
+      # Agent load.
+      #
+      # By default, and hopefully in all cases, we won't need these patches,
+      # so we're allowing nil here rather than raising an exception.
+      def before_load_patches!; end
 
-        # Some Frameworks require specific patching for their classes to handle
-        # functionality like routing. To accommodate this, this method provides
-        # a place to register those patches for invocation in our
-        # AfterLoadPatcher flow.
-        #
-        # By default, and hopefully in all cases, we won't need these patches,
-        # so we're allowing nil here rather than raising an exception.
-        #
-        # @return [Set<Contrast::Agent::Patching::Policy::AfterLoadPatch>,nil]
-        #   those patches required for a Framework which can only be installed
-        #   once a specific module has been loaded.
-        def after_load_patches; end
+      # Some Frameworks require specific patching for their classes to handle
+      # functionality like routing. To accommodate this, this method provides
+      # a place to register those patches for invocation in our
+      # AfterLoadPatcher flow.
+      #
+      # By default, and hopefully in all cases, we won't need these patches,
+      # so we're allowing nil here rather than raising an exception.
+      #
+      # @return [Set<Contrast::Agent::Patching::Policy::AfterLoadPatch>,nil]
+      #   those patches required for a Framework which can only be installed
+      #   once a specific module has been loaded.
+      def after_load_patches; end
 
-        # We only support websockets in rails right now, so we won't detect streaming in
-        # any other framework
-        def streaming? _env
-          false
-        end
+      # We only support websockets in rails right now, so we won't detect streaming in
+      # any other framework
+      def streaming? _env
+        false
       end
     end
   end