contrast-agent 4.3.2 → 4.7.0

data/lib/contrast/agent/module_data.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 module Contrast
@@ -6,11 +6,11 @@ module Contrast
     # A simple wrapper around a Module and a call to its name, used to avoid
     # calling the Module#name method and generating extra Strings
     class ModuleData
-      attr_reader :mod, :name
+      attr_reader :mod, :mod_name
 
-      def initialize mod, name = nil
+      def initialize mod, mod_name = nil
         @mod = mod
-        @name = name || mod.cs__name
+        @mod_name = mod_name || mod.cs__name
       end
     end
   end

data/lib/contrast/agent/patching/policy/after_load_patch.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 require 'contrast/components/interface'

data/lib/contrast/agent/patching/policy/after_load_patcher.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 require 'contrast/agent/patching/policy/after_load_patch'
@@ -51,10 +51,15 @@ module Contrast
               next unless after_load_patch.target_defined?
               next if AGENT.skip_instrumentation?(after_load_patch.module_name)
 
-              logger.trace(
-                  'Catching up on already loaded afterload patch - applying instrumentation',
-                  module: after_load_patch.module_name)
+              logger.trace('Catching up on already loaded afterload patch - applying instrumentation',
+                           module: after_load_patch.module_name)
               after_load_patch.instrument!
+            rescue NameError => e
+              logger.error('Method undefined in afterload patch', e, module: after_load_patch.module_name,
+                                                                     method: after_load_patch.method_to_instrument)
+            rescue StandardError => e
+              logger.error('Afterload patch failed to apply', e, module: after_load_patch.module_name,
+                                                                 method: after_load_patch.method_to_instrument)
             end
             after_load_patches.delete_if(&:applied?)
           end

data/lib/contrast/agent/patching/policy/method_policy.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 module Contrast
@@ -49,7 +49,10 @@ module Contrast
           private
 
           def nodes
-            @_nodes ||= [source_node, propagation_node, trigger_node, inventory_node, protect_node, deadzone_node].compact
+            @_nodes ||= [
+              source_node, propagation_node, trigger_node, inventory_node, protect_node,
+              deadzone_node
+            ].compact
           end
 
           def method_scopes
@@ -76,7 +79,8 @@ module Contrast
               protect_node =     find_method_node(module_policy.protect_nodes, method_name, instance_method)
               inventory_node =   find_method_node(module_policy.inventory_nodes, method_name, instance_method)
               deadzone_node =    find_method_node(module_policy.deadzone_nodes, method_name, instance_method)
-              method_visibility = find_visibility(source_node, propagation_node, trigger_node, protect_node, inventory_node, deadzone_node)
+              method_visibility = find_visibility(source_node, propagation_node, trigger_node, protect_node,
+                                                  inventory_node, deadzone_node)
               MethodPolicy.new(method_name: method_name,
                                method_visibility: method_visibility,
                                instance_method: instance_method,

data/lib/contrast/agent/patching/policy/module_policy.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 require 'contrast/agent/patching/policy/method_policy'
@@ -20,12 +20,18 @@ module Contrast
             # @return [Contrast::Agent::Patching::Policy::ModulePolicy]
             def create_module_policy module_name
               module_policy = Contrast::Agent::Patching::Policy::ModulePolicy.new
-              module_policy.source_nodes =      nodes_for_module(Contrast::Agent::Assess::Policy::Policy.instance.sources, module_name)
-              module_policy.propagator_nodes =  nodes_for_module(Contrast::Agent::Assess::Policy::Policy.instance.propagators, module_name)
-              module_policy.trigger_nodes =     nodes_for_module(Contrast::Agent::Assess::Policy::Policy.instance.triggers, module_name)
-              module_policy.protect_nodes =     nodes_for_module(Contrast::Agent::Protect::Policy::Policy.instance.triggers, module_name)
-              module_policy.inventory_nodes =   nodes_for_module(Contrast::Agent::Inventory::Policy::Policy.instance.triggers, module_name)
-              module_policy.deadzone_nodes =    nodes_for_module(Contrast::Agent::Deadzone::Policy::Policy.instance.deadzones, module_name)
+              module_policy.source_nodes =      nodes_for_module(
+                  Contrast::Agent::Assess::Policy::Policy.instance.sources, module_name)
+              module_policy.propagator_nodes =  nodes_for_module(
+                  Contrast::Agent::Assess::Policy::Policy.instance.propagators, module_name)
+              module_policy.trigger_nodes =     nodes_for_module(
+                  Contrast::Agent::Assess::Policy::Policy.instance.triggers, module_name)
+              module_policy.protect_nodes =     nodes_for_module(
+                  Contrast::Agent::Protect::Policy::Policy.instance.triggers, module_name)
+              module_policy.inventory_nodes =   nodes_for_module(
+                  Contrast::Agent::Inventory::Policy::Policy.instance.triggers, module_name)
+              module_policy.deadzone_nodes =    nodes_for_module(
+                  Contrast::Agent::Deadzone::Policy::Policy.instance.deadzones, module_name)
               module_policy
             end
 
@@ -42,7 +48,8 @@ module Contrast
             end
           end
 
-          attr_accessor :source_nodes, :propagator_nodes, :trigger_nodes, :inventory_nodes, :protect_nodes, :deadzone_nodes
+          attr_accessor :source_nodes, :propagator_nodes, :trigger_nodes, :inventory_nodes, :protect_nodes,
+                        :deadzone_nodes
 
           def empty?
             return false if source_nodes.any?

data/lib/contrast/agent/patching/policy/patch.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 require 'monitor'
@@ -130,11 +130,7 @@ module Contrast
               return unless AGENT.enabled?
               return unless PROTECT.enabled?
 
-              apply_trigger_only(method_policy&.protect_node,
-                                 method,
-                                 exception,
-                                 object,
-                                 args)
+              apply_trigger_only(method_policy&.protect_node, method, exception, object, args)
             end
 
             # Apply the Inventory patch which applies to the given method.
@@ -151,11 +147,7 @@ module Contrast
             def apply_inventory method_policy, method, exception, object, args
               return unless INVENTORY.enabled?
 
-              apply_trigger_only(method_policy&.inventory_node,
-                                 method,
-                                 exception,
-                                 object,
-                                 args)
+              apply_trigger_only(method_policy&.inventory_node, method, exception, object, args)
             end
 
             # Apply the Assess patches which apply to the given method.
@@ -178,15 +170,18 @@ module Contrast
               return ret unless method_policy && ASSESS.enabled?
 
               current_context = Contrast::Agent::REQUEST_TRACKER.current
-              return ret unless current_context.analyze_request?
+              return ret if current_context && !current_context.analyze_request?
 
               trigger_node = method_policy.trigger_node
-              Contrast::Agent::Assess::Policy::TriggerMethod.apply_trigger_rule(trigger_node, object, ret, args) if trigger_node
+              if trigger_node
+                Contrast::Agent::Assess::Policy::TriggerMethod.apply_trigger_rule(trigger_node, object, ret, args)
+              end
               if method_policy.source_node
                 # If we were given a frozen return, and it was the target of a
                 # source, and we have frozen sources enabled, we'll need to
                 # replace the return. Note, this is not the default case.
-                source_ret = Contrast::Agent::Assess::Policy::SourceMethod.source_patchers(method_policy, object, ret, args)
+                source_ret = Contrast::Agent::Assess::Policy::SourceMethod.source_patchers(method_policy, object, ret,
+                                                                                           args)
               end
               if method_policy.propagation_node
                 propagated_ret = Contrast::Agent::Assess::Policy::PropagationMethod.apply_propagation(
@@ -277,9 +272,9 @@ module Contrast
             # <method_start>_unbound_<method_name>
             def build_unbound_method_name patcher_method
               (Contrast::Utils::ObjectShare::CONTRAST_PATCHED_METHOD_START +
-                  'unbound' +
-                  Contrast::Utils::ObjectShare::UNDERSCORE +
-                  patcher_method.to_s).to_sym
+                'unbound' +
+                Contrast::Utils::ObjectShare::UNDERSCORE +
+                patcher_method.to_s).to_sym
             end
 
             # @param mod [Module] the module in which the patch should be
@@ -339,7 +334,7 @@ module Contrast
             # @return [Symbol] new alias for the underlying method (presumably, so the patched method can call it)
             def register_c_patch target_module_name, unbound_method, impl = :alias_instance
               # These could be set as AfterLoadPatches.
-              method_name = unbound_method.name.to_sym
+              method_name = unbound_method.name.to_sym # rubocop:disable Security/Module/Name -- ruby built in attribute.
               underlying_method_name = build_unbound_method_name(method_name).to_sym
 
               target_module = Module.cs__const_get(target_module_name)
@@ -362,29 +357,27 @@ module Contrast
 
               case impl
               when :alias_instance, :alias_singleton
+                # Core to patching. Ignore define method usage cop.
+                # rubocop:disable Performance/Kernel/DefineMethod
                 unless target_module.instance_methods(false).include? underlying_method_name
                   # alias_method may be private
                   target_module.send(:alias_method, underlying_method_name, method_name)
-                  # TODO: RUBY-1052
-                  # rubocop:disable Performance/Kernel/DefineMethod
                   target_module.send(:define_method, method_name, unbound_method.bind(target_module))
-                  # rubocop:enable Performance/Kernel/DefineMethod
                 end
                 target_module.send(visibility, method_name) # e.g., module.private(:my_method)
               when :prepend
                 prepending_module = Module.new
-                # TODO: RUBY-1052
-                # rubocop:disable Performance/Kernel/DefineMethod
                 prepending_module.send(:define_method, method_name, unbound_method.bind(target_module))
-                # rubocop:enable Performance/Kernel/DefineMethod
                 prepending_module.send(visibility, method_name)
                 # This prepends to the singleton class (it patches a class method)
                 target_module.prepend prepending_module
+                # rubocop:enable Performance/Kernel/DefineMethod
               end
               # Ougai::Logger.create_item_with_2args calls Hash#[]=, so we
               # can't invoke this logging method or we'll seg fault as we'd
               # change the method definition mid-call
-              # if method_name != :[]=
+              # if method_name != :[]= &&
+              #   Contrast::Agent::Logger.defined!
               #   logger.trace(
               #       'Registered C-defined patch',
               #       implementation: impl,
@@ -392,14 +385,15 @@ module Contrast
               #       method: method_name,
               #       visibility: visibility)
               # end
-              underlying_method_name.to_sym
+              underlying_method_name
             end
 
             # @return [Boolean]
             def skip_contrast_analysis?
               return true if in_contrast_scope?
-              return true unless defined?(Contrast::Agent::REQUEST_TRACKER)
-              return true unless Contrast::Agent::REQUEST_TRACKER.current&.analyze_request?
+              return false unless defined?(Contrast::Agent::REQUEST_TRACKER)
+              return false unless Contrast::Agent::REQUEST_TRACKER.current
+              return true unless Contrast::Agent::REQUEST_TRACKER.current.analyze_request?
 
               false
             end
@@ -411,7 +405,7 @@ module Contrast
             def skip_assess_analysis?
               return true if skip_contrast_analysis?
 
-              !ASSESS.enabled?
+              !ASSESS&.enabled?
             end
           end
         end

data/lib/contrast/agent/patching/policy/patch_status.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 module Contrast
@@ -13,7 +13,7 @@ module Contrast
             # one does not exist.
             #
             # @param mod [Module] the Module for which the status is asked
-            # @return [Contrast::Agent::Patching::Policy::PolicyStatus]
+            # @return [Contrast::Agent::Patching::Policy::PatchStatus]
             def get_status mod
               if mod.cs__const_defined?(status_key, false)
                 mod.cs__const_get(status_key, false)
@@ -68,7 +68,10 @@ module Contrast
             def set_info_for mod, method, method_policy, is_instance_method, cs_method
               mod.instance_variable_set(method_info_key, {}) unless mod.instance_variable_defined?(method_info_key)
               holder = mod.instance_variable_get(method_info_key)
-              holder[method_name_key(method, is_instance_method)] = [method_policy, cs_method] unless holder.key?(method)
+              # if we already have this information, then we don't need to set it as we'll update the info on access
+              return if holder.key?(method)
+
+              holder[method_name_key(method, is_instance_method)] = [method_policy, cs_method]
             end
 
             private
@@ -153,9 +156,7 @@ module Contrast
           end
 
           def patched?
-            @patch_status == :PATCHED ||
-                @patch_status == :NONE ||
-                @patch_status == :FAILED
+            @patch_status == :PATCHED || @patch_status == :NONE || @patch_status == :FAILED
           end
 
           def rewriting!
@@ -179,9 +180,7 @@ module Contrast
           end
 
           def rewritten?
-            @rewrite_status == :REWRITTEN ||
-                @rewrite_status == :NO_REWRITE ||
-                @rewrite_status == :FAILED_REWRITE
+            @rewrite_status == :REWRITTEN || @rewrite_status == :NO_REWRITE || @rewrite_status == :FAILED_REWRITE
           end
         end
       end

data/lib/contrast/agent/patching/policy/patcher.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 require 'monitor'
@@ -13,7 +13,8 @@ require 'contrast/utils/class_util'
 # assess
 require 'contrast/agent/assess/policy/policy'
 require 'contrast/agent/assess/policy/policy_scanner'
-require 'contrast/agent/assess/policy/rewriter_patch'
+# TODO: RUBY-714 remove guard w/ EOL of 2.5
+require 'contrast/agent/assess/policy/rewriter_patch' if RUBY_VERSION < '2.6.0'
 require 'contrast/agent/assess/policy/source_method'
 require 'contrast/agent/assess/policy/trigger_method'
 
@@ -52,8 +53,8 @@ module Contrast
             # startup to catchup on everything we didn't see get loaded
             def patch
               catchup_after_load_patches
-              patch_methods
-              Contrast::Agent::Assess::Policy::RewriterPatch.rewrite_interpolations
+              catchup_loaded_methods
+              Contrast::Agent::Assess::Policy::RewriterPatch.rewrite_interpolations if RUBY_VERSION < '2.6.0' # TODO: RUBY-714 remove guard w/ EOL of 2.5
             end
 
             # Hook to only monkeypatch Contrast. This will not trigger any
@@ -62,10 +63,11 @@ module Contrast
             # where only a subset of the Assess changes are needed.
             PATCH_MONITOR = Monitor.new
 
-            def patch_methods
+            # Iterate over and patch those Modules and Methods which were loaded before the Agent was enabled.
+            def catchup_loaded_methods
               PATCH_MONITOR.synchronize do
                 t = Contrast::Agent::Thread.new do
-                  synchronized_patch_methods
+                  synchronized_catchup_loaded_methods
                 end
                 # aborting on exception makes exceptions propagate.
                 t.abort_on_exception = true
@@ -84,7 +86,7 @@ module Contrast
 
                 load_patches_for_module(mod_name)
 
-                return unless all_module_names.any? { |name| name == mod_name }
+                return unless all_module_names.any?(mod_name)
 
                 module_data = Contrast::Agent::ModuleData.new(mod, mod_name)
                 patch_into_module(module_data)
@@ -100,7 +102,7 @@ module Contrast
             # @param mod [Module] the module in which the patch should be
             #   placed.
             # @param methods [Array(Symbol)] all the instance or singleton
-            #   methods in this clazz.
+            #   methods in this mod.
             # @param method_policy [Contrast::Agent::Patching::Policy::MethodPolicy]
             #   the policy that applies to the given method_name.
             # @return [Boolean] if patched, either by this invocation or a
@@ -142,14 +144,15 @@ module Contrast
             # @return [Array<String>] the names of all the Modules for which
             #   there patches in our policies
             def all_module_names
-              @_all_module_names ||= POLICIES.each_with_object(Set.new) { |policy, set| set.merge(policy.instance.module_names) }
+              @_all_module_names ||=
+                POLICIES.each_with_object(Set.new) { |policy, set| set.merge(policy.instance.module_names) }
             end
 
             # Hook to only monkeypatch Contrast. This will not trigger any
             # other functions, like rewriting or scanning. This method should
             # only be invoked by the patch_methods method above in order to
             # ensure it is wrapped in a synchronize call
-            def synchronized_patch_methods
+            def synchronized_catchup_loaded_methods
               logger.trace_with_time('Running patching') do
                 patched = []
                 all_module_names.each do |patchable_name|
@@ -166,59 +169,42 @@ module Contrast
               end
             end
 
-            # Given the patchers that apply to this class that may apply, patch
-            # Contrast method calls into the methods for which we have rules.
+            # Given the patchers that apply to this class that may apply, patch Contrast method calls into the methods
+            # for which we have rules.
             #
-            # @param module_data [Contrast::Agent::ModuleData] the module, and
-            #   its name, that's being patched into
-            # @param redo_patch [Boolean] a trigger to force patching
-            #   regardless of the state of the
-            #   Contrast::Agent::Patching::Policy::PatchStatus status on the
-            #   Module
+            # @param module_data [Contrast::Agent::ModuleData] the module, and its name, that's being patched into
+            # @param redo_patch [Boolean] a trigger to force patching regardless of the state of the
+            #   Contrast::Agent::Patching::Policy::PatchStatus status on the Module
             def patch_into_module module_data, redo_patch = false
               status = status_type.get_status(module_data.mod)
               return if (status&.patched? || status&.patching?) && !redo_patch
 
-              # Begin patching our sources into the given clazz (or module)
-              # Any patcher that has the name of the clazz will be evaluated for
-              # patching.
-              # Find all the patchers that apply to this class, sorted by type.
-              module_policy = Contrast::Agent::Patching::Policy::ModulePolicy.create_module_policy(module_data.name)
-
-              clazz = module_data.mod
+              # Begin patching our sources into the given module. Any patcher that has the name of the module will be
+              # evaluated for patching. Find all the patchers that apply to this class, sorted by type.
+              module_policy = Contrast::Agent::Patching::Policy::ModulePolicy.create_module_policy(module_data.mod_name)
+              # If there's nothing to match, then set that status and exit
+              if module_policy.empty?
+                status.no_patch!
+                return
+              end
 
               status.patching!
-              patched = false
-
-              counts = 0
-              # Monkey patch any methods in this class that have matching nodes in the policy
-              unless module_policy.empty?
-                instance_methods = all_instance_methods(clazz, true)
-                singleton_methods = clazz.singleton_methods(false)
-                counts += patch_into_methods(clazz, instance_methods, module_policy, true)
-                counts += patch_into_methods(clazz, singleton_methods, module_policy, false)
-                counts = module_policy.num_expected_patches if adjust_for_prepend(clazz)
-                patched = true
-              end
+              num_applied_patches = patch_into_instance_methods(module_data, module_policy)
+              num_applied_patches += patch_into_singleton_methods(module_data, module_policy)
+              if adjust_for_prepend(module_data) || module_policy.num_expected_patches == num_applied_patches
 
-              if patched
-                if module_policy.num_expected_patches == counts
-                  status.patched!
-                else
-                  status.partial_patch!
-                end
+                status.patched!
               else
-                status.no_patch!
+                status.partial_patch!
               end
             rescue StandardError => e
-              status ||= status_type.get_status(module_data.mod)
-              status.failed_patch!
-              logger.warn('Patching failed', e, module: module_data.name)
+              status&.failed_patch!
+              logger.warn('Patching failed', e, module: module_data.mod_name)
             ensure
               logger.trace('Patching complete',
-                           module: module_data.name,
-                           result: Contrast::Agent::Patching::Policy::PatchStatus.get_status(
-                               module_data.mod).patch_status)
+                           module: module_data.mod_name,
+                           result:
+                             Contrast::Agent::Patching::Policy::PatchStatus.get_status(module_data.mod).patch_status)
             end
 
             # Get all of the instance methods on the given module, excluding
@@ -249,22 +235,45 @@ module Contrast
               instance_methods
             end
 
+            # Patch into the Instance Methods, including private, of the given Module that match the ModulePolicy
+            # provided.
+            #
+            # @param module_data [Contrast::Agent::ModuleData] the module, and its name, that's being patched into
+            # @param module_policy [Contrast::Agent::Patching::Policy::ModulePolicy] All the patchers that apply to
+            #   this module, sorted by type.
+            def patch_into_instance_methods module_data, module_policy
+              mod = module_data.mod
+              methods = all_instance_methods(mod, true)
+              patch_into_methods(mod, methods, module_policy, true)
+            end
+
+            # Patch into the Singleton Methods of the given Module that match the ModulePolicy provided.
+            #
+            # @param module_data [Contrast::Agent::ModuleData] the module, and its name, that's being patched into
+            # @param module_policy [Contrast::Agent::Patching::Policy::ModulePolicy] All the patchers that apply to
+            #   this module, sorted by type.
+            def patch_into_singleton_methods module_data, module_policy
+              mod = module_data.mod
+              methods = mod.singleton_methods(false)
+              patch_into_methods(mod, methods, module_policy, false)
+            end
+
             # We've found the patchers that apply to this class (or module). Now we'll
             # filter on the given method.
             #
-            # @param mod [Module] The module from which to retrieve instance
-            #   methods.
-            # @param methods [Array<Symbol>] The names of all the methods in
-            #   in this module
-            # @param module_policy [Contrast::Agent::Patching::Policy::ModulePolicy]
-            #   All the patchers that apply to this class, sorted by type.
-            # @param is_instance_method [Boolean] Indicates if these methods
-            #   are the instance or singleton methods for this module.
-            # @return [Integer] number of methods patched
+            # @param mod [Module] The module from which to retrieve instance methods.
+            # @param methods [Array<Symbol>] The names of all the methods in in this module
+            # @param module_policy [Contrast::Agent::Patching::Policy::ModulePolicy] All the patchers that apply to
+            #   this class, sorted by type.
+            # @param is_instance_method [Boolean] Indicates if these methods are the instance or singleton methods for
+            #   this module.
+            # @return [Integer] number of methods patched.
             def patch_into_methods mod, methods, module_policy, is_instance_method
               count = 0
               methods.each do |method|
-                method_policy = Contrast::Agent::Patching::Policy::MethodPolicy.build_method_policy(method, module_policy, is_instance_method)
+                method_policy = Contrast::Agent::Patching::Policy::MethodPolicy.build_method_policy(method,
+                                                                                                    module_policy,
+                                                                                                    is_instance_method)
                 next if method_policy.empty?
 
                 patched = patch_method(mod, methods, method_policy)
@@ -279,11 +288,10 @@ module Contrast
             # it has to be reapplied.
             # TODO: RUBY-620 should remove the need for this
             #
-            # @param mod[Module] the Module for which a prepend action needs to
-            #   be accounted
+            # @param module_data [Contrast::Agent::ModuleData] the module, and its name, that's being patched into
             # @return [Boolean] if an adjustment was made or not
-            def adjust_for_prepend mod
-              return false unless mod.cs__name == 'CGI::Util'
+            def adjust_for_prepend module_data
+              return false unless module_data.mod.cs__name == 'CGI::Util'
 
               CGI.include(CGI::Util)
               CGI.extend(CGI::Util)