contrast-agent 4.2.0 → 4.4.1

data/lib/contrast/api/decorators/trace_event_object.rb

@@ -29,13 +29,21 @@ module Contrast
           ELLIPSIS = '...'
           UNTRUNCATED_PORTION_LENGTH = 25
           TRUNCATION_LENGTH = (UNTRUNCATED_PORTION_LENGTH * 2) + ELLIPSIS.length
-          def build object, truncate
+
+          # Convert the given Object into a Contrast::Api::Dtm::TraceEventObject
+          #
+          # @param contrast_object [Contrast::Agent::Assess::ContrastObject, nil]
+          #   the thing to convert, if any
+          # @param truncate [Boolean] if the converted object can/should be
+          #   truncated.
+          # @return [Contrast::Api::Dtm::TraceEventObject]
+          def build contrast_object, truncate
             event_object = new
             with_contrast_scope do
-              obj_string = Contrast::Utils::StringUtils.force_utf8(object)
+              obj_string = Contrast::Utils::StringUtils.force_utf8(contrast_object&.object)
               obj_string = truncate(obj_string) if truncate && obj_string.length > TRUNCATION_LENGTH
               event_object.value = Base64.encode64(obj_string)
-              event_object.tracked = Contrast::Utils::Assess::TrackingUtil.tracked?(object)
+              event_object.tracked = contrast_object&.tracked?
             end
             event_object
           end

data/lib/contrast/api/decorators/trace_event_signature.rb

@@ -17,27 +17,49 @@ module Contrast
 
         # Class methods for TraceEventSignature
         module ClassMethods
+          # Convert the given composites into components that TeamServer can
+          # understand in order to build a representation of the method
+          # invoked.
+          #
+          # @param ret_obj [Contrast::Agent::Assess::ContrastObject, nil] the
+          #   return value of the method call.
+          # @param policy_node [Contrast::Agent::Assess::Policy::PolicyNode]
+          #   the policy which pertains to the method invoked.
+          # @param args [Array<Contrast::Agent::Assess::ContrastObject>, nil]
+          # @return [Contrast::Api::Dtm::TraceEventSignature]
           def build ret_obj, policy_node, args
             signature = new
-            return_type = ret_obj ? ret_obj.cs__class.name : Contrast::Utils::ObjectShare::NIL_STRING
-            signature.return_type = Contrast::Utils::StringUtils.force_utf8(return_type)
+            signature.return_type = Contrast::Utils::StringUtils.force_utf8(type_name(ret_obj))
             signature.class_name = Contrast::Utils::StringUtils.force_utf8(policy_node.class_name)
             signature.method_name = Contrast::Utils::StringUtils.force_utf8(policy_node.method_name)
             if args
               args&.each do |arg|
-                arg_type = arg ? arg.cs__class.name : Contrast::Utils::ObjectShare::NIL_STRING
-                signature.arg_types << Contrast::Utils::StringUtils.force_utf8(arg_type)
+                signature.arg_types << Contrast::Utils::StringUtils.force_utf8(type_name(arg))
               end
             end
             signature.constructor = policy_node.method_name == :new
             # if there's a ret, then this method isn't nil. not 100% full proof since you can
             # return nil, but this is the best we've got currently.
-            signature.void_method = ret_obj.nil?
+            signature.void_method = ret_obj.nil? || ret_obj.object.nil?
             # 8 is STATIC in Java... we have to placate them for now
             # it has been requested that flags be removed since it isn't used
             signature.flags = 8 unless policy_node.instance_method?
             signature
           end
+
+          private
+
+          # While Ruby signatures do not require neither a return type and can
+          # return anything depending on inputs, code paths, etc, nor constant
+          # parameter types, TeamServer was designed with strongly typed
+          # languages (Java) in mind, so we need types in our signatures.
+          #
+          # @param contrast_object [Contrast::Agent::Assess::ContrastObject, nil]
+          #   the object to find the type of
+          # @return [String] the name of the module of the ret_obj, or `nil`
+          def type_name contrast_object
+            contrast_object ? contrast_object.object_type : Contrast::Utils::ObjectShare::NIL_STRING
+          end
         end
       end
     end

data/lib/contrast/api/decorators/user_input.rb

@@ -12,7 +12,8 @@ module Contrast
       module UserInput
         UNKNOWN_USER_INPUT = Contrast::Api::Dtm::UserInput.new.tap do |user_input|
           user_input.input_type = :UNKNOWN
-        end.cs__freeze
+        end
+        UNKNOWN_USER_INPUT.cs__freeze
 
         def self.included klass
           klass.extend(ClassMethods)

data/lib/contrast/common_agent_configuration.rb

@@ -66,7 +66,7 @@ module Contrast
 
       %w[name default description required_languages display].each do |field|
         # TODO: RUBY-1052
-        define_method(field) { hsh[field].dup } # rubocop:disable Kernel/DefineMethod
+        define_method(field) { hsh[field].dup } # rubocop:disable Performance/Kernel/DefineMethod
       end
     end
 

data/lib/contrast/components/agent.rb

@@ -31,6 +31,8 @@ module Contrast
 
         def disable!
           @_enabled = false
+          Contrast::Agent::TracePointHook.disable
+          Contrast::Agent.thread_watcher&.shutdown!
         end
 
         def ruleset

data/lib/contrast/components/app_context.rb

@@ -2,6 +2,8 @@
 # frozen_string_literal: true
 
 require 'rubygems/version'
+require 'contrast/api/decorators/agent_startup'
+require 'contrast/api/decorators/application_startup'
 require 'contrast/utils/object_share'
 
 module Contrast
@@ -77,31 +79,11 @@ module Contrast
         end
 
         def build_app_startup_message
-          msg = Contrast::Api::Dtm::ApplicationCreate.new
-
-          msg.group            = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.application.group
-          msg.app_version      = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.application.version.to_s
-          msg.code             = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.application.code
-          msg.metadata         = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.application.metadata
-          # Other fields have limits in TeamServer, the rest don't.
-          msg.session_id       = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.application.session_id,        truncate: false
-          msg.session_metadata = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.application.session_metadata,  truncate: false
-
-          msg
+          Contrast::Api::Dtm::ApplicationCreate.build
         end
 
         def build_agent_startup_message
-          msg = Contrast::Api::Dtm::AgentStartup.new
-          msg.server_name      = Contrast::Utils::StringUtils.protobuf_format server_name
-          msg.server_path      = Contrast::Utils::StringUtils.protobuf_format server_path
-          msg.server_type      = Contrast::Utils::StringUtils.protobuf_format server_type
-          msg.server_version   = Contrast::Agent::VERSION
-          msg.version          = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.server.version
-          msg.environment      = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.server.environment
-          msg.server_tags      = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.server.tags
-          msg.application_tags = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.application.tags
-          msg.library_tags     = Contrast::Utils::StringUtils.protobuf_format CONFIG.root.inventory.tags
-          msg.finding_tags     = Contrast::Utils::StringUtils.protobuf_format ASSESS.tags
+          msg = Contrast::Api::Dtm::AgentStartup.build(server_name, server_path, server_type)
           logger.info('Application context',
                       server_name: msg.server_name,
                       server_path: msg.server_path,

data/lib/contrast/components/assess.rb

@@ -35,6 +35,42 @@ module Contrast
           disabled_rules.include?(name)
         end
 
+        # The value of the stacktrace should be treated as an ENUM. We upcase it for
+        # faster comparisons when we use it. Anything not one of the known values of
+        # 'NONE',  'SOME', or 'ALL' is treated as 'ALL'
+        #
+        # @return [Symbol] the normalized value of CONFIG.root.assess.stacktraces
+        def capture_stacktrace_value
+          @_capture_stacktrace_value ||= case CONFIG.root.assess.stacktraces.upcase
+                                         when 'NONE'
+                                           :NONE
+                                         when 'SOME'
+                                           :SOME
+                                         else
+                                           :ALL
+                                         end
+        end
+
+        # Consider capture_stacktrace_value along with the node type
+        # to dertmine whether stacktraces should be captured.
+        #
+        # capture_stacktrace_value -> (:ALL, :NONE, :SOME)
+        # node types (SourceNode, PolicyNode, TriggerNode, PropagationNode)
+        #
+        # @param policy_node [Contrast::Agent::Assess::Policy::PolicyNode] The node in question.
+        # @param return [Boolean] to capture or not to capture, that is the question.
+        def capture_stacktrace? policy_node
+          return true if capture_stacktrace_value == :ALL
+
+          return false if capture_stacktrace_value == :NONE
+
+          # Below here capture_stacktrace_value must be :SOME.
+          return true if policy_node.cs__is_a?(Contrast::Agent::Assess::Policy::SourceNode)
+          return true if policy_node.cs__is_a?(Contrast::Agent::Assess::Policy::TriggerNode)
+
+          false
+        end
+
         def scan_response?
           @_scan_response = !false?(CONFIG.root.assess.enable_scan_response) if @_scan_response.nil?
           @_scan_response

data/lib/contrast/components/interface.rb

@@ -168,9 +168,11 @@ Contrast::Components::ComponentReceiverClassInterface::COMPONENT_MAP[:settings]
 require 'contrast/components/assess'
 require 'contrast/components/protect'
 require 'contrast/components/inventory'
-Contrast::Components::ComponentReceiverClassInterface::COMPONENT_MAP[:analysis] = [Contrast::Components::Protect,
-                                                                                   Contrast::Components::Assess,
-                                                                                   Contrast::Components::Inventory]
+Contrast::Components::ComponentReceiverClassInterface::COMPONENT_MAP[:analysis] = [
+  Contrast::Components::Protect,
+  Contrast::Components::Assess,
+  Contrast::Components::Inventory
+]
 
 require 'contrast/components/logger'
 Contrast::Components::ComponentReceiverClassInterface::COMPONENT_MAP[:logging] = [Contrast::Components::Logger]

data/lib/contrast/components/sampling.rb

@@ -25,14 +25,14 @@ module Contrast
 
         def sampling_control
           @_sampling_control ||= begin
-            cas = CONFIG.root.assess&.sampling
+            config_settings = CONFIG.root.assess&.sampling
             settings = SETTINGS&.assess_state&.[](:sampling_settings)
             {
-                enabled: true?([cas&.enable, settings&.enabled, DEFAULT_SAMPLING_ENABLED].reject(&:nil?)[0]),
-                baseline: [cas&.baseline, settings&.baseline, DEFAULT_SAMPLING_BASELINE].map(&:to_i).find(&:positive?),
-                request_frequency: [cas&.request_frequency, settings&.request_frequency, DEFAULT_SAMPLING_REQUEST_FREQUENCY].map(&:to_i).find(&:positive?),
-                response_frequency: [cas&.response_frequency, settings&.response_frequency, DEFAULT_SAMPLING_RESPONSE_FREQUENCY].map(&:to_i).find(&:positive?),
-                window: [cas&.window_ms, settings&.window_ms, DEFAULT_SAMPLING_WINDOW_MS].map(&:to_i).find(&:positive?)
+                enabled: enabled?(config_settings, settings),
+                baseline: baseline(config_settings, settings),
+                request_frequency: request_frequency(config_settings, settings),
+                response_frequency: response_frequency(config_settings, settings),
+                window: window(config_settings, settings)
             }
           end
         end
@@ -41,6 +41,48 @@ module Contrast
         def reset_sampling_control
           @_sampling_control = nil
         end
+
+        private
+
+        # @param config_settings [Contrast::Config::SamplingConfiguration] the Sampling configuration as provided by
+        #   local user input
+        # @param settings [Contrast::Api::Settings::Sampling] the Sampling settings as provided by TeamServer
+        # @return [Boolean] the resolution of the config_settings, settings, and default value
+        def enabled? config_settings, settings
+          true?([config_settings&.enable, settings&.enabled, DEFAULT_SAMPLING_ENABLED].reject(&:nil?)[0])
+        end
+
+        # @param config_settings [Contrast::Config::SamplingConfiguration] the Sampling configuration as provided by
+        #   local user input
+        # @param settings [Contrast::Api::Settings::Sampling] the Sampling settings as provided by TeamServer
+        # @return [Integer] the resolution of the config_settings, settings, and default value
+        def baseline config_settings, settings
+          [config_settings&.baseline, settings&.baseline, DEFAULT_SAMPLING_BASELINE].map(&:to_i).find(&:positive?)
+        end
+
+        # @param config_settings [Contrast::Config::SamplingConfiguration] the Sampling configuration as provided by
+        #   local user input
+        # @param settings [Contrast::Api::Settings::Sampling] the Sampling settings as provided by TeamServer
+        # @return [Integer] the resolution of the config_settings, settings, and default value
+        def request_frequency config_settings, settings
+          [config_settings&.request_frequency, settings&.request_frequency, DEFAULT_SAMPLING_REQUEST_FREQUENCY].map(&:to_i).find(&:positive?)
+        end
+
+        # @param config_settings [Contrast::Config::SamplingConfiguration] the Sampling configuration as provided by
+        #   local user input
+        # @param settings [Contrast::Api::Settings::Sampling] the Sampling settings as provided by TeamServer
+        # @return [Integer] the resolution of the config_settings, settings, and default value
+        def response_frequency config_settings, settings
+          [config_settings&.response_frequency, settings&.response_frequency, DEFAULT_SAMPLING_RESPONSE_FREQUENCY].map(&:to_i).find(&:positive?)
+        end
+
+        # @param config_settings [Contrast::Config::SamplingConfiguration] the Sampling configuration as provided by
+        #   local user input
+        # @param settings [Contrast::Api::Settings::Sampling] the Sampling settings as provided by TeamServer
+        # @return [Integer] the resolution of the config_settings, settings, and default value
+        def window config_settings, settings
+          [config_settings&.window_ms, settings&.window_ms, DEFAULT_SAMPLING_WINDOW_MS].map(&:to_i).find(&:positive?)
+        end
       end
 
       module InstanceMethods #:nodoc:

data/lib/contrast/components/scope.rb

@@ -56,6 +56,10 @@ module Contrast
           scope_for_current_ec.enter_deserialization_scope!
         end
 
+        def enter_split_scope!
+          scope_for_current_ec.enter_split_scope!
+        end
+
         def enter_scope! name
           scope_for_current_ec.enter_scope! name
         end
@@ -68,6 +72,10 @@ module Contrast
           scope_for_current_ec.exit_deserialization_scope!
         end
 
+        def exit_split_scope!
+          scope_for_current_ec.exit_split_scope!
+        end
+
         def exit_scope! name
           scope_for_current_ec.exit_scope! name
         end
@@ -80,6 +88,14 @@ module Contrast
           scope_for_current_ec.in_deserialization_scope?
         end
 
+        def in_split_scope?
+          scope_for_current_ec.in_split_scope?
+        end
+
+        def split_scope_depth
+          scope_for_current_ec.split_scope_depth
+        end
+
         def in_scope? name
           scope_for_current_ec.in_scope? name
         end
@@ -97,6 +113,13 @@ module Contrast
           scope_for_current_ec.exit_deserialization_scope!
         end
 
+        def with_split_scope
+          scope_for_current_ec.enter_split_scope!
+          yield
+        ensure
+          scope_for_current_ec.exit_split_scope!
+        end
+
         # TODO: RUBY-572
         #
         # Current behavior is to no-op if we're not "in a request context".

data/lib/contrast/components/settings.rb

@@ -28,8 +28,8 @@ module Contrast
 
         def assess_state
           @assess_state ||= { # rubocop:disable Naming/MemoizedInstanceVariableName
-              enabled: false,
-              sampling_features: nil
+              enabled: false,        # Boolean
+              sampling_features: nil # Contrast::Api::Settings::Sampling
           }
         end
 
@@ -58,21 +58,21 @@ module Contrast
 
         PROTECT_STATE_ATTRS.each do |attr|
           # TODO: RUBY-1052
-          define_method(attr) do # rubocop:disable Kernel/DefineMethod
+          define_method(attr) do # rubocop:disable Performance/Kernel/DefineMethod
             protect_state[attr]
           end
         end
 
         ASSESS_STATE_ATTRS.each do |attr|
           # TODO: RUBY-1052
-          define_method(attr) do # rubocop:disable Kernel/DefineMethod
+          define_method(attr) do # rubocop:disable Performance/Kernel/DefineMethod
             assess_state[attr]
           end
         end
 
         APPLICATION_STATE_ATTRS.each do |attr|
           # TODO: RUBY-1052
-          define_method(attr) do # rubocop:disable Kernel/DefineMethod
+          define_method(attr) do # rubocop:disable Performance/Kernel/DefineMethod
             application_state[attr]
           end
         end
@@ -95,6 +95,7 @@ module Contrast
           exclusion_matchers.select(&:code?)
         end
 
+        # @param server_features [Contrast::Api::Settings::ServerFeatures]
         def update_from_server_features server_features
           # protect
 
@@ -109,6 +110,7 @@ module Contrast
           Contrast::Utils::Assess::SamplingUtil.instance.update
         end
 
+        # @param application_settings [Contrast::Api::Settings::ApplicationSettings]
         def update_from_application_settings application_settings
           application_state.merge!(application_settings.application_state_translation)
         end
@@ -126,9 +128,8 @@ module Contrast
         end
 
         def build_assess_rules
+          # TODO: RUBY-1120 actually build assess_rules.
           @assess_rules = {}
-
-          Contrast::Agent::Assess::Rule::Redos.new
         end
 
         def build_protect_rules

data/lib/contrast/config/assess_configuration.rb

@@ -11,7 +11,8 @@ module Contrast
           enable: EMPTY_VALUE,
           enable_scan_response: Contrast::Config::DefaultValue.new('true'),
           sampling: Contrast::Config::SamplingConfiguration,
-          rules: Contrast::Config::AssessRulesConfiguration
+          rules: Contrast::Config::AssessRulesConfiguration,
+          stacktraces: Contrast::Config::DefaultValue.new('ALL')
       }.cs__freeze
 
       def initialize hsh

data/lib/contrast/extension/assess/array.rb

@@ -39,8 +39,7 @@ module Contrast
             return ret if Contrast::Agent::Patching::Policy::Patch.skip_assess_analysis?
 
             with_contrast_scope do
-              properties = Contrast::Agent::Assess::Tracker.properties(ret)
-              return ret unless properties
+              return ret unless (properties = Contrast::Agent::Assess::Tracker.properties!(ret))
 
               shift = 0
               separator_length = separator.nil? ? 0 : separator.to_s.length

data/lib/contrast/extension/assess/erb.rb

@@ -6,9 +6,7 @@ module ERBPropagator
   class << self
     def result_tagger patcher, preshift, ret, _block
       return unless preshift.args.length >= 1
-
-      properties = Contrast::Agent::Assess::Tracker.properties(ret)
-      return unless properties
+      return unless (properties = Contrast::Agent::Assess::Tracker.properties!(ret))
 
       used_binding = preshift.args[0]
       binding_variable_set = used_binding.local_variables

data/lib/contrast/extension/assess/exec_trigger.rb

@@ -27,7 +27,7 @@ module Contrast
               source,
               Kernel,
               nil,
-              [source])
+              source)
         end
 
         private

data/lib/contrast/extension/assess/fiber.rb

@@ -61,8 +61,7 @@ module Contrast
 
             with_contrast_scope do
               results.each do |result|
-                result_properties = Contrast::Agent::Assess::Tracker.properties(result)
-                next unless result_properties
+                next unless (result_properties = Contrast::Agent::Assess::Tracker.properties!(result))
 
                 result_properties.splat_from(fiber, result)
                 result_properties.build_event(
@@ -82,7 +81,7 @@ module Contrast
             return unless underlying.is_a?(String) && !underlying.empty?
 
             with_contrast_scope do
-              properties = Contrast::Agent::Assess::Tracker.properties(fiber)
+              properties = Contrast::Agent::Assess::Tracker.properties!(fiber)
               return unless properties
 
               properties.splat_from(underlying, fiber)