contrast-agent 4.8.0 → 4.9.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (118) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +6 -1
  3. data/.simplecov +1 -0
  4. data/lib/contrast.rb +24 -14
  5. data/lib/contrast/agent/assess/contrast_event.rb +1 -4
  6. data/lib/contrast/agent/assess/finalizers/hash.rb +2 -4
  7. data/lib/contrast/agent/assess/policy/patcher.rb +6 -4
  8. data/lib/contrast/agent/assess/policy/policy.rb +1 -1
  9. data/lib/contrast/agent/assess/policy/policy_scanner.rb +3 -5
  10. data/lib/contrast/agent/assess/policy/preshift.rb +4 -4
  11. data/lib/contrast/agent/assess/policy/propagation_method.rb +4 -4
  12. data/lib/contrast/agent/assess/policy/propagator/database_write.rb +3 -6
  13. data/lib/contrast/agent/assess/policy/propagator/split.rb +9 -6
  14. data/lib/contrast/agent/assess/policy/propagator/substitution.rb +2 -3
  15. data/lib/contrast/agent/assess/policy/rewriter_patch.rb +7 -7
  16. data/lib/contrast/agent/assess/policy/source_method.rb +6 -6
  17. data/lib/contrast/agent/assess/policy/trigger/xpath.rb +0 -3
  18. data/lib/contrast/agent/assess/policy/trigger_method.rb +2 -3
  19. data/lib/contrast/agent/assess/policy/trigger_node.rb +1 -1
  20. data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +4 -4
  21. data/lib/contrast/agent/at_exit_hook.rb +3 -3
  22. data/lib/contrast/agent/class_reopener.rb +6 -5
  23. data/lib/contrast/agent/disable_reaction.rb +3 -4
  24. data/lib/contrast/agent/exclusion_matcher.rb +2 -3
  25. data/lib/contrast/agent/inventory/dependency_analysis.rb +2 -6
  26. data/lib/contrast/agent/inventory/dependency_usage_analysis.rb +3 -5
  27. data/lib/contrast/agent/inventory/policy/datastores.rb +3 -4
  28. data/lib/contrast/agent/inventory/policy/policy.rb +1 -1
  29. data/lib/contrast/agent/middleware.rb +14 -13
  30. data/lib/contrast/agent/patching/policy/after_load_patch.rb +3 -3
  31. data/lib/contrast/agent/patching/policy/after_load_patcher.rb +3 -4
  32. data/lib/contrast/agent/patching/policy/patch.rb +8 -8
  33. data/lib/contrast/agent/patching/policy/patcher.rb +6 -6
  34. data/lib/contrast/agent/patching/policy/policy.rb +2 -4
  35. data/lib/contrast/agent/patching/policy/policy_node.rb +2 -3
  36. data/lib/contrast/agent/protect/policy/policy.rb +1 -1
  37. data/lib/contrast/agent/protect/policy/rule_applicator.rb +3 -5
  38. data/lib/contrast/agent/protect/rule/base.rb +10 -10
  39. data/lib/contrast/agent/protect/rule/cmd_injection.rb +4 -5
  40. data/lib/contrast/agent/protect/rule/path_traversal.rb +1 -5
  41. data/lib/contrast/agent/reaction_processor.rb +2 -3
  42. data/lib/contrast/agent/request.rb +4 -3
  43. data/lib/contrast/agent/request_context.rb +9 -9
  44. data/lib/contrast/agent/request_handler.rb +5 -3
  45. data/lib/contrast/agent/response.rb +2 -3
  46. data/lib/contrast/agent/rewriter.rb +4 -3
  47. data/lib/contrast/agent/rule_set.rb +5 -4
  48. data/lib/contrast/agent/service_heartbeat.rb +2 -3
  49. data/lib/contrast/agent/static_analysis.rb +6 -5
  50. data/lib/contrast/agent/thread.rb +2 -4
  51. data/lib/contrast/agent/thread_watcher.rb +3 -4
  52. data/lib/contrast/agent/tracepoint_hook.rb +4 -4
  53. data/lib/contrast/agent/version.rb +1 -1
  54. data/lib/contrast/api/communication/messaging_queue.rb +4 -5
  55. data/lib/contrast/api/communication/response_processor.rb +11 -11
  56. data/lib/contrast/api/communication/service_lifecycle.rb +5 -4
  57. data/lib/contrast/api/communication/socket_client.rb +18 -14
  58. data/lib/contrast/api/communication/speedracer.rb +5 -6
  59. data/lib/contrast/api/decorators/address.rb +2 -3
  60. data/lib/contrast/api/decorators/agent_startup.rb +7 -9
  61. data/lib/contrast/api/decorators/application_startup.rb +8 -10
  62. data/lib/contrast/api/decorators/application_update.rb +0 -4
  63. data/lib/contrast/api/decorators/http_request.rb +3 -7
  64. data/lib/contrast/api/decorators/instrumentation_mode.rb +3 -5
  65. data/lib/contrast/api/decorators/message.rb +7 -7
  66. data/lib/contrast/api/decorators/trace_event_object.rb +2 -3
  67. data/lib/contrast/components/agent.rb +10 -15
  68. data/lib/contrast/components/app_context.rb +7 -11
  69. data/lib/contrast/components/assess.rb +16 -16
  70. data/lib/contrast/components/base.rb +40 -0
  71. data/lib/contrast/components/config.rb +0 -2
  72. data/lib/contrast/components/contrast_service.rb +6 -11
  73. data/lib/contrast/components/heap_dump.rb +5 -4
  74. data/lib/contrast/components/inventory.rb +2 -7
  75. data/lib/contrast/components/logger.rb +1 -2
  76. data/lib/contrast/components/protect.rb +10 -13
  77. data/lib/contrast/components/sampling.rb +5 -5
  78. data/lib/contrast/components/scope.rb +0 -4
  79. data/lib/contrast/components/settings.rb +1 -5
  80. data/lib/contrast/configuration.rb +3 -4
  81. data/lib/contrast/extension/assess/array.rb +2 -4
  82. data/lib/contrast/extension/assess/eval_trigger.rb +2 -3
  83. data/lib/contrast/extension/assess/fiber.rb +6 -5
  84. data/lib/contrast/extension/assess/hash.rb +3 -3
  85. data/lib/contrast/extension/assess/kernel.rb +2 -4
  86. data/lib/contrast/extension/assess/marshal.rb +4 -4
  87. data/lib/contrast/extension/assess/regexp.rb +5 -4
  88. data/lib/contrast/extension/assess/string.rb +6 -6
  89. data/lib/contrast/extension/kernel.rb +2 -4
  90. data/lib/contrast/extension/protect/kernel.rb +0 -5
  91. data/lib/contrast/framework/manager.rb +2 -3
  92. data/lib/contrast/framework/rack/patch/session_cookie.rb +6 -6
  93. data/lib/contrast/framework/rails/patch/assess_configuration.rb +5 -7
  94. data/lib/contrast/framework/rails/patch/support.rb +40 -36
  95. data/lib/contrast/framework/rails/railtie.rb +8 -6
  96. data/lib/contrast/framework/rails/rewrite/active_record_named.rb +3 -4
  97. data/lib/contrast/funchook/funchook.rb +4 -3
  98. data/lib/contrast/logger/application.rb +1 -6
  99. data/lib/contrast/logger/log.rb +22 -6
  100. data/lib/contrast/logger/request.rb +0 -4
  101. data/lib/contrast/tasks/service.rb +1 -6
  102. data/lib/contrast/utils/assess/sampling_util.rb +2 -3
  103. data/lib/contrast/utils/assess/tracking_util.rb +2 -4
  104. data/lib/contrast/utils/heap_dump_util.rb +5 -3
  105. data/lib/contrast/utils/invalid_configuration_util.rb +4 -3
  106. data/lib/contrast/utils/inventory_util.rb +2 -3
  107. data/lib/contrast/utils/io_util.rb +2 -4
  108. data/lib/contrast/utils/job_servers_running.rb +4 -3
  109. data/lib/contrast/utils/os.rb +2 -3
  110. data/lib/contrast/utils/string_utils.rb +2 -3
  111. data/lib/contrast/utils/tag_util.rb +25 -19
  112. data/ruby-agent.gemspec +4 -2
  113. data/service_executables/VERSION +1 -1
  114. data/service_executables/linux/contrast-service +0 -0
  115. data/service_executables/mac/contrast-service +0 -0
  116. metadata +28 -15
  117. data/lib/contrast/components/interface.rb +0 -196
  118. data/lib/contrast/delegators/input_analysis.rb +0 -12
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e9b59d691aacb946697f5e70adca3118f87953a30209d9fb5aebb232df42ec3f
4
- data.tar.gz: b4f831bbb3bf826aa0e28ee7f8040aca3f1efd9b50af63f0196124766afcdaa6
3
+ metadata.gz: 04fe75ff7b610b12a7c4e3416830e0362dcc272346a2591dee97d36b08fe4d20
4
+ data.tar.gz: 319c8eb0cf2377f735d9ba9318ec518e10c9986c7674bf652885ff73c40423fb
5
5
  SHA512:
6
- metadata.gz: c37bdcf57f387aa4c8353db52eb5dff04c7c1781c31b5af7dd12e87f79c31b7fdb942031e97f5e0f5ea9d5d29407725ac2a63916080fe4041def3627426a4428
7
- data.tar.gz: 2a05dab78c39243740d7357f43484c26f6ede46d05f7f28ad212fe8914fbd19887021d2fe6d217aa1e9312ea33b9a4880dcaa7a4bf4cb75a43a6ce9db56d95e2
6
+ metadata.gz: 66f782973a14ee44b732f3fb17d4a40ac072ca6b78627c72f343bf5a4902d5d9dcf95aa92249f8659cb3214fb765828834507196f6bcb8787eece732a7242795
7
+ data.tar.gz: 5a9578db89d3d2a6f1e904fe3e248d5577d1db30a4d81049d4552fa6c0a3733638cbe9862d3f29f5979bad718add38b6d579541df40780e3746c1990bbe4f882
data/.gitignore CHANGED
@@ -1,8 +1,8 @@
1
1
  /.bundle/
2
2
  /.yardoc
3
3
  /_yardoc/
4
- /Gemfile.lock
5
4
  /coverage/
5
+ /Gemfile.lock
6
6
  /data/*
7
7
  /doc/
8
8
  /log/
@@ -18,6 +18,11 @@
18
18
  /ext/**/*.so
19
19
  /ext/**/*.bundle
20
20
 
21
+ bin
22
+ ruby-spec
23
+ mspec
24
+ service_executables
25
+
21
26
  # Funchook artifacts
22
27
  /ext/**/funchook.h
23
28
  /ext/**/libfunchook.dylib
data/.simplecov CHANGED
@@ -4,4 +4,5 @@
4
4
  SimpleCov.minimum_coverage line: 94.75
5
5
  SimpleCov.start do
6
6
  add_filter '/spec/'
7
+ enable_coverage :branch
7
8
  end
data/lib/contrast.rb CHANGED
@@ -4,10 +4,6 @@
4
4
  # Used to prevent deprecation warnings from flooding stdout
5
5
  ENV['PB_IGNORE_DEPRECATIONS'] = 'true'
6
6
 
7
- # Top-level namespace for Contrast Security agent
8
- module Contrast
9
- end
10
-
11
7
  # Some developers override various methods on Object, which can often involve
12
8
  # changing expected method parity/behavior which in turn prevents us from being
13
9
  # able to reliably use affected methods.
@@ -38,22 +34,36 @@ if RUBY_VERSION >= '3.0.0'
38
34
  end
39
35
  end
40
36
 
41
- # component interface for class creation
42
- # config gets built as a consequence of this require
43
- require 'contrast/components/interface'
37
+ require 'contrast/components/agent'
38
+ require 'contrast/components/app_context'
39
+ require 'contrast/components/assess'
40
+ require 'contrast/components/config'
41
+ require 'contrast/components/contrast_service'
42
+ require 'contrast/components/inventory'
43
+ require 'contrast/components/logger'
44
+ require 'contrast/components/protect'
45
+ require 'contrast/components/sampling'
46
+ require 'contrast/components/scope'
47
+ require 'contrast/components/settings'
48
+
49
+ module Contrast
50
+ SCOPE = Contrast::Components::Scope::Interface.new
51
+ CONFIG = Contrast::Components::Config::Interface.new
52
+ SETTINGS = Contrast::Components::Settings::Interface.new
53
+ ASSESS = Contrast::Components::Assess::Interface.new
54
+ PROTECT = Contrast::Components::Protect::Interface.new
55
+ INVENTORY = Contrast::Components::Inventory::Interface.new
56
+ LOGGER = Contrast::Components::Logger::Interface.new
57
+ AGENT = Contrast::Components::Agent::Interface.new
58
+ CONTRAST_SERVICE = Contrast::Components::ContrastService::Interface.new
59
+ APP_CONTEXT = Contrast::Components::AppContext::Interface.new
60
+ end
44
61
 
45
62
  # This needs to be required very early, after component interfaces, and before instrumentation attempts
46
63
  require 'contrast/funchook/funchook'
47
64
 
48
- # shared configuration support
49
- require 'contrast/config'
50
- require 'contrast/configuration'
51
-
52
65
  require 'contrast/agent/version'
53
66
 
54
- # errors and exceptions
55
- require 'contrast/security_exception'
56
-
57
67
  # shared utils
58
68
  require 'contrast/utils/timer'
59
69
  require 'contrast/utils/preflight_util'
@@ -8,7 +8,6 @@ require 'contrast/utils/object_share'
8
8
  require 'contrast/utils/stack_trace_utils'
9
9
  require 'contrast/utils/string_utils'
10
10
  require 'contrast/utils/timer'
11
- require 'contrast/components/interface'
12
11
  require 'contrast/agent/assess/contrast_object'
13
12
 
14
13
  module Contrast
@@ -29,8 +28,6 @@ module Contrast
29
28
  # @attr_reader args [Array<Contrast::Agent::Assess::ContrastObject>] the safe representation of the Arguments
30
29
  # with which the method was invoked
31
30
  class ContrastEvent
32
- include Contrast::Components::Interface
33
- access_component :analysis
34
31
 
35
32
  attr_reader :event_id, :policy_node, :stack_trace, :time, :thread, :object, :ret, :args, :tags
36
33
 
@@ -164,7 +161,7 @@ module Contrast
164
161
  def capture_stacktrace!
165
162
  # If we're configured to not capture the stacktrace, usually for performance reasons, then don't and return an
166
163
  # empty array instead
167
- unless ASSESS.capture_stacktrace?(policy_node)
164
+ unless ::Contrast::ASSESS.capture_stacktrace?(policy_node)
168
165
  @stack_trace = Contrast::Utils::ObjectShare::EMPTY_ARRAY
169
166
  return
170
167
  end
@@ -10,13 +10,11 @@ module Contrast
10
10
  # An extension of Hash that doesn't impact GC of the object being stored by storing its ID as a Key to lookup
11
11
  # and registering a finalizer on the object to remove its entry from the Hash immediately after it's GC'd.
12
12
  class Hash < Hash
13
- include Contrast::Components::Interface
14
- access_component :agent, :analysis
15
13
 
16
14
  FROZEN_FINALIZED_IDS = Set.new
17
15
 
18
16
  def []= key, obj
19
- return unless AGENT.enabled? && ASSESS.enabled?
17
+ return unless ::Contrast::AGENT.enabled? && ::Contrast::ASSESS.enabled?
20
18
 
21
19
  # We can't finalize frozen things, so only act on those that went through .pre_freeze
22
20
  if key.cs__frozen?
@@ -79,7 +77,7 @@ module Contrast
79
77
  #
80
78
  # @param key [Object] the Object on which we need to pre-define finalizers
81
79
  def pre_freeze key
82
- return unless AGENT.enabled? && ASSESS.enabled?
80
+ return unless ::Contrast::AGENT.enabled? && ::Contrast::ASSESS.enabled?
83
81
  return if key.cs__frozen?
84
82
  return if FROZEN_FINALIZED_IDS.include?(key.__id__)
85
83
 
@@ -5,7 +5,8 @@ require 'contrast/agent/assess/policy/policy'
5
5
  require 'contrast/agent/patching/policy/patcher'
6
6
  require 'contrast/agent/patching/policy/method_policy'
7
7
  require 'contrast/agent/patching/policy/module_policy'
8
- require 'contrast/components/interface'
8
+ require 'contrast/components/logger'
9
+ require 'contrast/components/scope'
9
10
 
10
11
  module Contrast
11
12
  module Agent
@@ -16,8 +17,9 @@ module Contrast
16
17
  # provides a map for which methods our renamed functions need to call
17
18
  # and how.
18
19
  module Patcher
19
- include Contrast::Components::Interface
20
- access_component :logging, :analysis, :agent, :scope
20
+ extend Contrast::Components::Logger::InstanceMethods
21
+ extend Contrast::Components::Scope::InstanceMethods
22
+
21
23
 
22
24
  class << self
23
25
  def policy
@@ -34,7 +36,7 @@ module Contrast
34
36
  # called. This hook is provided so that patches to those methods can
35
37
  # pass us execution flow once a new method has been made available.
36
38
  def patch_assess_on_eval mod
37
- return unless ASSESS.enabled?
39
+ return unless ::Contrast::ASSESS.enabled?
38
40
  return if in_contrast_scope?
39
41
 
40
42
  patcher.patch_specific_module(mod)
@@ -26,7 +26,7 @@ module Contrast
26
26
  # Indicates is this feature has been disabled by the configuration,
27
27
  # read at startup, and therefore can never be enabled.
28
28
  def disabled_globally?
29
- ASSESS.forcibly_disabled?
29
+ ::Contrast::ASSESS.forcibly_disabled?
30
30
  end
31
31
 
32
32
  def node_type
@@ -1,7 +1,6 @@
1
1
  # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
2
  # frozen_string_literal: true
3
3
 
4
- require 'contrast/components/interface'
5
4
  require 'contrast/utils/object_share'
6
5
 
7
6
  module Contrast
@@ -13,8 +12,7 @@ module Contrast
13
12
  # of a file vs data flow, such as the detection of Hardcoded Passwords
14
13
  # or Keys.
15
14
  module PolicyScanner
16
- include Contrast::Components::Interface
17
- access_component :analysis
15
+
18
16
 
19
17
  class << self
20
18
  # Use the given trace_point, built from an :end event, to determine
@@ -24,8 +22,8 @@ module Contrast
24
22
  # @param trace_point [TracePoint] the TracePoint generated by an
25
23
  # :end event at the end of a Module definition.
26
24
  def scan trace_point
27
- return unless ASSESS.enabled?
28
- return unless ASSESS.require_scan?
25
+ return unless ::Contrast::ASSESS.enabled?
26
+ return unless ::Contrast::ASSESS.require_scan?
29
27
 
30
28
  provider_values = policy.providers.values
31
29
  return if provider_values.all?(&:disabled?)
@@ -1,7 +1,7 @@
1
1
  # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
2
  # frozen_string_literal: true
3
3
 
4
- require 'contrast/components/interface'
4
+ require 'contrast/components/logger'
5
5
 
6
6
  module Contrast
7
7
  module Agent
@@ -9,8 +9,8 @@ module Contrast
9
9
  # In order to properly shift tags to account for the changes this method
10
10
  # caused, we'll need to store the state before the change occurred.
11
11
  class PreShift
12
- include Contrast::Components::Interface
13
- access_component :analysis, :logging
12
+ include Contrast::Components::Logger::InstanceMethods
13
+
14
14
 
15
15
  UNDUPLICABLE_MODULES = [
16
16
  Enumerator # dup'ing results in 'can't copy execution context'
@@ -37,7 +37,7 @@ module Contrast
37
37
  # being called or nil if one is not required.
38
38
  def build_preshift propagation_node, object, args
39
39
  return unless propagation_node
40
- return unless ASSESS.enabled?
40
+ return unless ::Contrast::ASSESS.enabled?
41
41
 
42
42
  initializing = propagation_node.method_name == :initialize
43
43
  return if unsafe_io_object?(object, initializing)
@@ -4,7 +4,7 @@
4
4
  require 'set'
5
5
 
6
6
  require 'contrast/agent/assess/policy/propagator'
7
- require 'contrast/components/interface'
7
+ require 'contrast/components/logger'
8
8
  require 'contrast/utils/object_share'
9
9
  require 'contrast/utils/sha256_builder'
10
10
 
@@ -17,8 +17,8 @@ module Contrast
17
17
  # general, these methods work on the String class or a holder of
18
18
  # Strings
19
19
  module PropagationMethod
20
- include Contrast::Components::Interface
21
- access_component :analysis, :logging
20
+ extend Contrast::Components::Logger::InstanceMethods
21
+
22
22
 
23
23
  APPEND_ACTION = 'APPEND'
24
24
  CENTER_ACTION = 'CENTER'
@@ -302,7 +302,7 @@ module Contrast
302
302
  # propagation event.
303
303
  # @return [Boolean]
304
304
  def can_handle_frozen? propagation_node
305
- ASSESS.track_frozen_sources? && propagation_node.targets[0] == Contrast::Utils::ObjectShare::RETURN_KEY
305
+ ::Contrast::ASSESS.track_frozen_sources? && propagation_node.targets[0] == Contrast::Utils::ObjectShare::RETURN_KEY
306
306
  end
307
307
  end
308
308
  end
@@ -1,8 +1,6 @@
1
1
  # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
2
  # frozen_string_literal: true
3
3
 
4
- require 'contrast/components/interface'
5
-
6
4
  module Contrast
7
5
  module Agent
8
6
  module Assess
@@ -13,8 +11,7 @@ module Contrast
13
11
  # results in new source nodes to track which columns in the database
14
12
  # have been tainted.
15
13
  class DatabaseWrite < Contrast::Agent::Assess::Policy::Propagator::Base
16
- include Contrast::Components::Interface
17
- access_component :analysis
14
+
18
15
 
19
16
  class << self
20
17
  def propagate propagation_node, preshift, target
@@ -22,7 +19,7 @@ module Contrast
22
19
  class_name = class_type.cs__name
23
20
  tainted_columns = {}
24
21
 
25
- known_tainted = ASSESS.tainted_columns[class_name]
22
+ known_tainted = ::Contrast::ASSESS.tainted_columns[class_name]
26
23
  propagation_node.sources.each do |source|
27
24
  handle_write(propagation_node, source, preshift, target, known_tainted, tainted_columns)
28
25
  end
@@ -31,7 +28,7 @@ module Contrast
31
28
  if known_tainted
32
29
  known_tainted.concat(tainted_columns.keys)
33
30
  else
34
- ASSESS.tainted_columns[class_name] = tainted_columns.keys
31
+ ::Contrast::ASSESS.tainted_columns[class_name] = tainted_columns.keys
35
32
  end
36
33
 
37
34
  Contrast::Agent::Assess::Policy::DynamicSourceFactory.create_sources class_type, tainted_columns
@@ -2,7 +2,9 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require 'contrast/agent/assess/policy/preshift'
5
- require 'contrast/components/interface'
5
+ require 'contrast/components/agent'
6
+ require 'contrast/components/logger'
7
+ require 'contrast/components/scope'
6
8
  require 'contrast/utils/thread_tracker'
7
9
 
8
10
  module Contrast
@@ -13,9 +15,9 @@ module Contrast
13
15
  # This class is specifically for String#split & String#grapheme_clusters propagation
14
16
  # it propagates tag ranges from a string to elements within an untracked array
15
17
  class Split < Contrast::Agent::Assess::Policy::Propagator::Base
16
- include Contrast::Components::Interface
17
-
18
- access_component :agent, :logging, :scope
18
+ extend Contrast::Components::Scope::InstanceMethods
19
+ extend Contrast::Components::Logger::InstanceMethods
20
+ #cs__const_set('AGENT', Contrast::AGENT)
19
21
 
20
22
  SPLIT_TRACKER = Contrast::Utils::ThreadTracker.new
21
23
 
@@ -29,8 +31,9 @@ module Contrast
29
31
  # patched method.
30
32
  # @param target [Array, String] the target to which to propagate.
31
33
  # @return [nil] so as not to risk changing the result of the propagation.
32
-
33
34
  def propagate propagation_node, preshift, target
35
+ return unless target.is_a?(Array) # apply_post_patch is called, but split with block returns a string.
36
+
34
37
  logger.trace('Propagation detected', node_id: propagation_node.id, target_id: target.__id__)
35
38
 
36
39
  source = find_source(propagation_node.sources[0], preshift)
@@ -108,7 +111,7 @@ module Contrast
108
111
  # Load patch.
109
112
  def instrument_string_split
110
113
  @_instrument_string_split ||= begin
111
- require 'cs__assess_yield_track/cs__assess_yield_track' if AGENT.patch_yield? && Funchook.available?
114
+ require 'cs__assess_yield_track/cs__assess_yield_track' if ::Contrast::AGENT.patch_yield? && Funchook.available?
112
115
  true
113
116
  rescue StandardError => e
114
117
  logger.error('Error loading split rb_yield patch', e)
@@ -1,7 +1,7 @@
1
1
  # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
2
  # frozen_string_literal: true
3
3
 
4
- require 'contrast/components/interface'
4
+ require 'contrast/components/logger'
5
5
  require 'contrast/utils/duck_utils'
6
6
 
7
7
  module Contrast
@@ -15,8 +15,7 @@ module Contrast
15
15
  # in a 'get it work' state. hopefully, we'll be in
16
16
  # a 'get it right' state soon.
17
17
  class Substitution
18
- include Contrast::Components::Interface
19
- access_component :logging
18
+ include Contrast::Components::Logger::InstanceMethods
20
19
 
21
20
  CAPTURE_GROUP_REGEXP = /\\[[:digit:]]/.cs__freeze
22
21
  CAPTURE_NAME_REGEXP = /\\k<[[:alpha:]]/.cs__freeze
@@ -6,7 +6,7 @@ return unless RUBY_VERSION < '2.6.0' # TODO: RUBY-714 remove guard w/ EOL of 2.5
6
6
  require 'contrast/agent/patching/policy/patch_status'
7
7
  require 'contrast/agent/module_data'
8
8
  require 'contrast/agent/rewriter'
9
- require 'contrast/components/interface'
9
+ require 'contrast/components/logger'
10
10
  require 'contrast/utils/object_share'
11
11
 
12
12
  module Contrast
@@ -20,8 +20,8 @@ module Contrast
20
20
  # @deprecated Changes to this class are discouraged as this approach is
21
21
  # being phased out with support for those language versions.
22
22
  module RewriterPatch
23
- include Contrast::Components::Interface
24
- access_component :agent, :analysis, :logging
23
+ extend Contrast::Components::Logger::InstanceMethods
24
+
25
25
 
26
26
  class << self
27
27
  def rewrite_interpolations
@@ -72,16 +72,16 @@ module Contrast
72
72
  end
73
73
 
74
74
  def agent_should_rewrite?
75
- return false unless ASSESS.enabled?
76
- return false unless AGENT.rewrite_interpolation?
77
- return false unless AGENT.interpolation_enabled?
75
+ return false unless ::Contrast::ASSESS.enabled?
76
+ return false unless ::Contrast::AGENT.rewrite_interpolation?
77
+ return false unless ::Contrast::AGENT.interpolation_enabled?
78
78
 
79
79
  true
80
80
  end
81
81
 
82
82
  def should_rewrite? mod
83
83
  return false unless agent_should_rewrite?
84
- return false if AGENT.skip_instrumentation? mod.cs__name
84
+ return false if ::Contrast::AGENT.skip_instrumentation? mod.cs__name
85
85
  return false if mod.cs__frozen?
86
86
  return false if mod.singleton_class?
87
87
  return false if mid_defining?(mod)
@@ -3,7 +3,7 @@
3
3
 
4
4
  require 'set'
5
5
  require 'contrast/agent/assess/policy/source_validation/source_validation'
6
- require 'contrast/components/interface'
6
+ require 'contrast/components/logger'
7
7
  require 'contrast/utils/object_share'
8
8
  require 'contrast/utils/sha256_builder'
9
9
 
@@ -15,8 +15,8 @@ module Contrast
15
15
  # actions we should take in order to mark data as User Input and treat it as untrusted, starting the dataflows
16
16
  # used in Assess vulnerability detection.
17
17
  module SourceMethod
18
- include Contrast::Components::Interface
19
- access_component :analysis, :logging
18
+ extend Contrast::Components::Logger::InstanceMethods
19
+
20
20
 
21
21
  PARAMETER_TYPE = 'PARAMETER'
22
22
  PARAMETER_KEY_TYPE = 'PARAMETER_KEY'
@@ -42,7 +42,7 @@ module Contrast
42
42
  target = determine_target(source_node, object, ret, args)
43
43
  restore_frozen_state = false
44
44
  if target.cs__frozen? && !Contrast::Agent::Assess::Tracker.trackable?(target)
45
- return unless ASSESS.track_frozen_sources?
45
+ return unless ::Contrast::ASSESS.track_frozen_sources?
46
46
  return unless source_node.targets[0] == Contrast::Utils::ObjectShare::RETURN_KEY
47
47
 
48
48
  dup = safe_dup(ret)
@@ -131,7 +131,7 @@ module Contrast
131
131
  # @param hash [Hash] the hash to which the key belongs.
132
132
  # @return [Boolean] whether replace the key in the hash or not.
133
133
  def replace_hash_key? key, hash
134
- ASSESS.track_frozen_sources? &&
134
+ ::Contrast::ASSESS.track_frozen_sources? &&
135
135
  !hash.cs__frozen? &&
136
136
  key.is_a?(String) &&
137
137
  !Contrast::Agent::Assess::Tracker.trackable?(key)
@@ -215,7 +215,7 @@ module Contrast
215
215
  # @return [boolean] if the invocation of this method should be analyzed
216
216
  def analyze? method_policy, object, ret, args
217
217
  return false unless method_policy&.source_node
218
- return false unless ASSESS.enabled?
218
+ return false unless ::Contrast::ASSESS.enabled?
219
219
  return false unless Contrast::Agent::REQUEST_TRACKER.current&.analyze_request?
220
220
 
221
221
  !safe_invocation?(method_policy.source_node, object, ret, args)