contrast-agent 5.3.0 → 6.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.simplecov +1 -1
- data/Rakefile +1 -1
- data/ext/build_funchook.rb +3 -3
- data/ext/cs__assess_array/cs__assess_array.c +7 -0
- data/ext/cs__assess_basic_object/cs__assess_basic_object.c +24 -6
- data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +1 -1
- data/ext/cs__assess_hash/cs__assess_hash.c +3 -4
- data/ext/cs__assess_kernel/cs__assess_kernel.c +1 -2
- data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +26 -12
- data/ext/cs__assess_module/cs__assess_module.c +1 -1
- data/ext/cs__assess_regexp/cs__assess_regexp.c +15 -2
- data/ext/cs__assess_regexp/cs__assess_regexp.h +2 -0
- data/ext/cs__assess_string/cs__assess_string.c +21 -1
- data/ext/cs__assess_test/cs__assess_test.h +9 -0
- data/ext/cs__assess_test/cs__assess_tests.c +22 -0
- data/ext/cs__assess_test/extconf.rb +5 -0
- data/ext/cs__common/cs__common.c +113 -11
- data/ext/cs__common/cs__common.h +29 -5
- data/ext/cs__contrast_patch/cs__contrast_patch.c +55 -44
- data/ext/cs__os_information/cs__os_information.c +13 -10
- data/ext/cs__scope/cs__scope.c +146 -97
- data/ext/cs__tests/cs__tests.c +12 -0
- data/ext/cs__tests/cs__tests.h +3 -0
- data/ext/cs__tests/extconf.rb +5 -0
- data/ext/extconf_common.rb +1 -1
- data/lib/contrast/agent/assess/contrast_object.rb +16 -16
- data/lib/contrast/agent/assess/events/source_event.rb +17 -19
- data/lib/contrast/agent/assess/finalizers/hash.rb +4 -2
- data/lib/contrast/agent/assess/policy/policy.rb +9 -10
- data/lib/contrast/agent/assess/policy/policy_node.rb +58 -36
- data/lib/contrast/agent/assess/policy/policy_node_utils.rb +51 -0
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +2 -16
- data/lib/contrast/agent/assess/policy/preshift.rb +8 -2
- data/lib/contrast/agent/assess/policy/propagation_method.rb +48 -14
- data/lib/contrast/agent/assess/policy/propagation_node.rb +2 -3
- data/lib/contrast/agent/assess/policy/propagator/base.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/buffer.rb +119 -0
- data/lib/contrast/agent/assess/policy/propagator/database_write.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/keep.rb +19 -4
- data/lib/contrast/agent/assess/policy/propagator/remove.rb +18 -2
- data/lib/contrast/agent/assess/policy/propagator/splat.rb +17 -3
- data/lib/contrast/agent/assess/policy/propagator/split.rb +17 -21
- data/lib/contrast/agent/assess/policy/propagator/substitution.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/substitution_utils.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/trim.rb +2 -2
- data/lib/contrast/agent/assess/policy/propagator.rb +1 -0
- data/lib/contrast/agent/assess/policy/source_method.rb +7 -7
- data/lib/contrast/agent/assess/policy/source_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_method.rb +11 -17
- data/lib/contrast/agent/assess/policy/trigger_node.rb +16 -16
- data/lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb +1 -1
- data/lib/contrast/agent/assess/property/evented.rb +2 -2
- data/lib/contrast/agent/assess/property/tagged.rb +3 -3
- data/lib/contrast/agent/assess/rule/provider/hardcoded_key.rb +6 -8
- data/lib/contrast/agent/assess/rule/provider/hardcoded_password.rb +6 -7
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +12 -7
- data/lib/contrast/agent/assess/rule/response/auto_complete_rule.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/base_rule.rb +13 -6
- data/lib/contrast/agent/assess/rule/response/body_rule.rb +3 -3
- data/lib/contrast/agent/assess/rule/response/cache_control_header_rule.rb +66 -43
- data/lib/contrast/agent/assess/rule/response/click_jacking_header_rule.rb +4 -4
- data/lib/contrast/agent/assess/rule/response/csp_header_insecure_rule.rb +6 -6
- data/lib/contrast/agent/assess/rule/response/csp_header_missing_rule.rb +4 -4
- data/lib/contrast/agent/assess/rule/response/hsts_header_rule.rb +4 -4
- data/lib/contrast/agent/assess/rule/response/parameters_pollution_rule.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/x_content_type_header_rule.rb +4 -4
- data/lib/contrast/agent/assess/rule/response/x_xss_protection_header_rule.rb +3 -4
- data/lib/contrast/agent/assess/tag.rb +13 -14
- data/lib/contrast/agent/at_exit_hook.rb +12 -1
- data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +0 -7
- data/lib/contrast/agent/deadzone/policy/policy.rb +0 -6
- data/lib/contrast/agent/exclusion_matcher.rb +3 -3
- data/lib/contrast/agent/inventory/database_config.rb +10 -3
- data/lib/contrast/agent/middleware.rb +10 -5
- data/lib/contrast/agent/patching/policy/after_load_patch.rb +3 -5
- data/lib/contrast/agent/patching/policy/after_load_patcher.rb +2 -2
- data/lib/contrast/agent/patching/policy/method_policy_extend.rb +4 -4
- data/lib/contrast/agent/patching/policy/patch.rb +20 -19
- data/lib/contrast/agent/patching/policy/patch_status.rb +10 -3
- data/lib/contrast/agent/patching/policy/patcher.rb +4 -4
- data/lib/contrast/agent/patching/policy/policy.rb +13 -15
- data/lib/contrast/agent/patching/policy/policy_node.rb +32 -21
- data/lib/contrast/agent/patching/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/protect/exploitable_collection.rb +38 -0
- data/lib/contrast/agent/protect/input_analyzer/input_analyzer.rb +132 -75
- data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +4 -3
- data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +3 -3
- data/lib/contrast/agent/protect/policy/applies_xxe_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/rule_applicator.rb +4 -4
- data/lib/contrast/agent/protect/rule/base.rb +53 -9
- data/lib/contrast/agent/protect/rule/base_service.rb +31 -12
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +23 -3
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb +83 -0
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_worth_watching.rb +64 -0
- data/lib/contrast/agent/protect/rule/default_scanner.rb +2 -1
- data/lib/contrast/agent/protect/rule/deserialization.rb +18 -7
- data/lib/contrast/agent/protect/rule/http_method_tampering/http_method_tampering_input_classification.rb +96 -0
- data/lib/contrast/agent/protect/rule/http_method_tampering.rb +72 -46
- data/lib/contrast/agent/protect/rule/no_sqli/no_sqli_input_classification.rb +231 -0
- data/lib/contrast/agent/protect/rule/no_sqli.rb +28 -2
- data/lib/contrast/agent/protect/rule/path_traversal.rb +13 -3
- data/lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb +18 -54
- data/lib/contrast/agent/protect/rule/sqli/sqli_worth_watching.rb +2 -5
- data/lib/contrast/agent/protect/rule/sqli.rb +16 -23
- data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb +82 -0
- data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_matcher.rb +45 -0
- data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +42 -0
- data/lib/contrast/agent/protect/rule/xss.rb +17 -0
- data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +14 -13
- data/lib/contrast/agent/protect/rule/xxe.rb +25 -3
- data/lib/contrast/agent/reaction_processor.rb +1 -1
- data/lib/contrast/agent/reporting/attack_result/attack_result.rb +63 -0
- data/lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb +52 -0
- data/lib/contrast/agent/reporting/attack_result/response_type.rb +29 -0
- data/lib/contrast/agent/reporting/attack_result/user_input.rb +87 -0
- data/lib/contrast/agent/reporting/masker/masker.rb +243 -0
- data/lib/contrast/agent/reporting/masker/masker_utils.rb +62 -0
- data/lib/contrast/agent/reporting/report.rb +2 -0
- data/lib/contrast/agent/reporting/reporter.rb +29 -22
- data/lib/contrast/agent/reporting/reporter_heartbeat.rb +49 -0
- data/lib/contrast/agent/reporting/reporting_events/agent_startup.rb +34 -0
- data/lib/contrast/agent/reporting/reporting_events/application_activity.rb +51 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_activity.rb +96 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_activity.rb +70 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb +182 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity.rb +56 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_stack.rb +22 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attacker_activity.rb +70 -0
- data/lib/contrast/agent/reporting/reporting_events/application_inventory.rb +13 -5
- data/lib/contrast/agent/reporting/reporting_events/application_inventory_activity.rb +60 -0
- data/lib/contrast/agent/reporting/reporting_events/application_reporting_event.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_events/application_startup.rb +44 -0
- data/lib/contrast/agent/reporting/reporting_events/application_startup_instrumentation.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_events/application_update.rb +7 -12
- data/lib/contrast/agent/reporting/reporting_events/discovered_route.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_events/finding.rb +10 -4
- data/lib/contrast/agent/reporting/reporting_events/finding_event.rb +2 -4
- data/lib/contrast/agent/reporting/reporting_events/finding_event_object.rb +3 -3
- data/lib/contrast/agent/reporting/reporting_events/library_usage_observation.rb +5 -5
- data/lib/contrast/agent/reporting/reporting_events/observed_library_usage.rb +6 -2
- data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +16 -12
- data/lib/contrast/agent/reporting/reporting_events/poll.rb +6 -2
- data/lib/contrast/agent/reporting/reporting_events/preflight.rb +10 -8
- data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +8 -11
- data/lib/contrast/agent/reporting/reporting_events/reporting_event.rb +2 -1
- data/lib/contrast/agent/reporting/reporting_events/route_coverage.rb +8 -6
- data/lib/contrast/agent/reporting/reporting_events/server_activity.rb +12 -20
- data/lib/contrast/agent/reporting/reporting_events/server_reporting_event.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +17 -27
- data/lib/contrast/agent/reporting/reporting_utilities/build_preflight.rb +38 -0
- data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb +8 -0
- data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb +6 -0
- data/lib/contrast/agent/reporting/reporting_utilities/headers.rb +1 -2
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +29 -13
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +64 -76
- data/lib/contrast/agent/reporting/reporting_utilities/reporting_storage.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_utilities/response.rb +17 -7
- data/lib/contrast/agent/reporting/reporting_utilities/response_extractor.rb +100 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb +75 -13
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_mode.rb +63 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +163 -122
- data/lib/contrast/agent/reporting/settings/application_settings.rb +10 -1
- data/lib/contrast/agent/reporting/settings/assess.rb +5 -5
- data/lib/contrast/agent/reporting/settings/assess_server_feature.rb +7 -35
- data/lib/contrast/agent/reporting/settings/exclusions.rb +3 -3
- data/lib/contrast/agent/reporting/settings/protect.rb +21 -6
- data/lib/contrast/agent/reporting/settings/protect_server_feature.rb +6 -6
- data/lib/contrast/agent/reporting/settings/reaction.rb +3 -3
- data/lib/contrast/agent/reporting/settings/sampling.rb +36 -0
- data/lib/contrast/agent/reporting/settings/sensitive_data_masking.rb +110 -0
- data/lib/contrast/agent/reporting/settings/sensitive_data_masking_rule.rb +58 -0
- data/lib/contrast/agent/reporting/settings/server_features.rb +2 -2
- data/lib/contrast/agent/request.rb +5 -5
- data/lib/contrast/agent/request_context.rb +25 -21
- data/lib/contrast/agent/request_context_extend.rb +12 -25
- data/lib/contrast/agent/request_handler.rb +7 -3
- data/lib/contrast/agent/response.rb +2 -0
- data/lib/contrast/agent/rule_set.rb +2 -2
- data/lib/contrast/agent/scope.rb +1 -1
- data/lib/contrast/agent/service_heartbeat.rb +6 -48
- data/lib/contrast/agent/static_analysis.rb +1 -1
- data/lib/contrast/agent/telemetry/base.rb +155 -0
- data/lib/contrast/agent/telemetry/events/event.rb +35 -0
- data/lib/contrast/agent/telemetry/events/exceptions/obfuscate.rb +119 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_base.rb +59 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_event.rb +44 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message.rb +115 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message_exception.rb +83 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_stack_frame.rb +64 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exceptions.rb +20 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exceptions_report.rb +30 -0
- data/lib/contrast/agent/telemetry/events/metric_event.rb +28 -0
- data/lib/contrast/agent/telemetry/events/startup_metrics_event.rb +123 -0
- data/lib/contrast/agent/thread_watcher.rb +52 -68
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/agent/worker_thread.rb +8 -0
- data/lib/contrast/agent.rb +4 -3
- data/lib/contrast/api/communication/messaging_queue.rb +29 -12
- data/lib/contrast/api/communication/response_processor.rb +7 -10
- data/lib/contrast/api/communication/service_lifecycle.rb +1 -1
- data/lib/contrast/api/communication/socket.rb +1 -1
- data/lib/contrast/api/communication/socket_client.rb +1 -1
- data/lib/contrast/api/communication/speedracer.rb +3 -3
- data/lib/contrast/api/decorators/activity.rb +33 -0
- data/lib/contrast/api/decorators/address.rb +1 -1
- data/lib/contrast/api/decorators/agent_startup.rb +10 -9
- data/lib/contrast/api/decorators/application_settings.rb +1 -1
- data/lib/contrast/api/decorators/application_startup.rb +4 -4
- data/lib/contrast/api/decorators/http_request.rb +1 -1
- data/lib/contrast/api/decorators/response_type.rb +17 -0
- data/lib/contrast/api/decorators.rb +1 -0
- data/lib/contrast/components/agent.rb +1 -1
- data/lib/contrast/components/app_context.rb +0 -4
- data/lib/contrast/components/assess.rb +14 -0
- data/lib/contrast/components/base.rb +1 -1
- data/lib/contrast/components/config.rb +19 -28
- data/lib/contrast/components/contrast_service.rb +13 -1
- data/lib/contrast/components/protect.rb +2 -2
- data/lib/contrast/components/sampling.rb +8 -12
- data/lib/contrast/components/settings.rb +151 -19
- data/lib/contrast/config/agent_configuration.rb +34 -41
- data/lib/contrast/config/api_configuration.rb +16 -75
- data/lib/contrast/config/api_proxy_configuration.rb +9 -48
- data/lib/contrast/config/application_configuration.rb +24 -95
- data/lib/contrast/config/assess_configuration.rb +21 -76
- data/lib/contrast/config/assess_rules_configuration.rb +13 -38
- data/lib/contrast/config/base_configuration.rb +11 -76
- data/lib/contrast/config/certification_configuration.rb +15 -68
- data/lib/contrast/config/exception_configuration.rb +15 -59
- data/lib/contrast/config/heap_dump_configuration.rb +19 -73
- data/lib/contrast/config/inventory_configuration.rb +11 -55
- data/lib/contrast/config/logger_configuration.rb +8 -41
- data/lib/contrast/config/protect_configuration.rb +23 -10
- data/lib/contrast/config/protect_rule_configuration.rb +23 -37
- data/lib/contrast/config/protect_rules_configuration.rb +39 -43
- data/lib/contrast/config/request_audit_configuration.rb +16 -55
- data/lib/contrast/config/root_configuration.rb +71 -14
- data/lib/contrast/config/ruby_configuration.rb +14 -47
- data/lib/contrast/config/sampling_configuration.rb +12 -65
- data/lib/contrast/config/server_configuration.rb +13 -45
- data/lib/contrast/config/service_configuration.rb +18 -54
- data/lib/contrast/configuration.rb +25 -17
- data/lib/contrast/extension/assess/array.rb +1 -1
- data/lib/contrast/extension/assess/erb.rb +1 -1
- data/lib/contrast/extension/assess/marshal.rb +1 -1
- data/lib/contrast/extension/assess/string.rb +20 -1
- data/lib/contrast/extension/extension.rb +2 -2
- data/lib/contrast/extension/module.rb +0 -1
- data/lib/contrast/framework/base_support.rb +8 -8
- data/lib/contrast/framework/grape/support.rb +3 -3
- data/lib/contrast/framework/manager.rb +7 -7
- data/lib/contrast/framework/manager_extend.rb +1 -1
- data/lib/contrast/framework/rack/patch/session_cookie.rb +1 -1
- data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +14 -3
- data/lib/contrast/framework/rails/patch/assess_configuration.rb +3 -3
- data/lib/contrast/framework/rails/patch/rails_application_configuration.rb +1 -1
- data/lib/contrast/framework/rails/patch/support.rb +14 -46
- data/lib/contrast/framework/rails/support.rb +2 -2
- data/lib/contrast/framework/sinatra/support.rb +1 -1
- data/lib/contrast/logger/aliased_logging.rb +94 -0
- data/lib/contrast/logger/application.rb +1 -5
- data/lib/contrast/logger/cef_log.rb +15 -15
- data/lib/contrast/logger/format.rb +1 -1
- data/lib/contrast/logger/log.rb +8 -8
- data/lib/contrast/tasks/config.rb +100 -4
- data/lib/contrast/tasks/service.rb +2 -2
- data/lib/contrast/utils/assess/object_store.rb +36 -0
- data/lib/contrast/utils/assess/propagation_method_utils.rb +6 -0
- data/lib/contrast/utils/assess/tracking_util.rb +4 -4
- data/lib/contrast/utils/class_util.rb +9 -22
- data/lib/contrast/utils/findings.rb +3 -3
- data/lib/contrast/utils/hash_digest.rb +6 -7
- data/lib/contrast/utils/head_dump_utils_extend.rb +1 -1
- data/lib/contrast/utils/input_classification.rb +73 -0
- data/lib/contrast/utils/invalid_configuration_util.rb +2 -2
- data/lib/contrast/utils/log_utils.rb +7 -5
- data/lib/contrast/utils/lru_cache.rb +1 -1
- data/lib/contrast/utils/metrics_hash.rb +1 -1
- data/lib/contrast/utils/middleware_utils.rb +15 -14
- data/lib/contrast/utils/net_http_base.rb +5 -5
- data/lib/contrast/utils/object_share.rb +2 -1
- data/lib/contrast/utils/os.rb +1 -6
- data/lib/contrast/utils/patching/policy/patch_utils.rb +6 -7
- data/lib/contrast/utils/request_utils.rb +2 -2
- data/lib/contrast/utils/response_utils.rb +18 -33
- data/lib/contrast/utils/sha256_builder.rb +4 -4
- data/lib/contrast/utils/stack_trace_utils.rb +31 -13
- data/lib/contrast/utils/telemetry.rb +22 -7
- data/lib/contrast/utils/telemetry_client.rb +28 -16
- data/lib/contrast/utils/telemetry_hash.rb +41 -0
- data/lib/contrast/utils/telemetry_identifier.rb +18 -3
- data/lib/contrast/utils/timer.rb +1 -1
- data/lib/contrast.rb +9 -0
- data/resources/assess/policy.json +99 -1
- data/resources/deadzone/policy.json +0 -86
- data/ruby-agent.gemspec +10 -9
- data/service_executables/VERSION +1 -1
- data/service_executables/linux/contrast-service +0 -0
- data/service_executables/mac/contrast-service +0 -0
- metadata +99 -29
- data/lib/contrast/agent/metric_telemetry_event.rb +0 -26
- data/lib/contrast/agent/startup_metrics_telemetry_event.rb +0 -121
- data/lib/contrast/agent/telemetry.rb +0 -137
- data/lib/contrast/agent/telemetry_event.rb +0 -33
- data/lib/contrast/utils/exclude_key.rb +0 -20
@@ -0,0 +1,155 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/config/env_variables'
|
5
|
+
require 'contrast/components/logger'
|
6
|
+
require 'contrast/utils/telemetry_client'
|
7
|
+
require 'contrast/agent/worker_thread'
|
8
|
+
require 'contrast/utils/telemetry'
|
9
|
+
require 'contrast/agent/telemetry/events/exceptions/telemetry_exceptions'
|
10
|
+
require 'contrast/agent/telemetry/events/exceptions/telemetry_exceptions_report'
|
11
|
+
|
12
|
+
module Contrast
|
13
|
+
module Agent
|
14
|
+
module Telemetry
|
15
|
+
# This class will initialize and hold everything needed for the telemetry
|
16
|
+
class Base < WorkerThread
|
17
|
+
include Contrast::Components::Logger::InstanceMethods
|
18
|
+
include Contrast::Agent::Telemetry::TelemetryExceptionReport
|
19
|
+
|
20
|
+
# this is where we will send the data from the agents
|
21
|
+
URL = 'https://telemetry.ruby.contrastsecurity.com/'
|
22
|
+
# Suggested timeout after each send is to be 3 hours (10800 seconds)
|
23
|
+
SUGGESTED_TIMEOUT = 10_800
|
24
|
+
|
25
|
+
class << self
|
26
|
+
include Contrast::Components::Logger::InstanceMethods
|
27
|
+
include Contrast::Config::EnvVariables
|
28
|
+
|
29
|
+
def application_id
|
30
|
+
Contrast::Utils::Telemetry::Identifier.application_id
|
31
|
+
end
|
32
|
+
|
33
|
+
def instance_id
|
34
|
+
Contrast::Utils::Telemetry::Identifier.instance_id
|
35
|
+
end
|
36
|
+
|
37
|
+
def enabled?
|
38
|
+
@_enabled = telemetry_enabled? if @_enabled.nil?
|
39
|
+
@_enabled
|
40
|
+
end
|
41
|
+
|
42
|
+
private
|
43
|
+
|
44
|
+
def telemetry_enabled?
|
45
|
+
opt_out_telemetry = return_value(:telemetry_opt_outs).to_s
|
46
|
+
return false if opt_out_telemetry.casecmp?('true') || opt_out_telemetry == '1'
|
47
|
+
|
48
|
+
# In case of connection error, do not create the background thread or queue,
|
49
|
+
# as if the opt-out env var was set
|
50
|
+
@_client = Contrast::Utils::TelemetryClient.new
|
51
|
+
ip_opt_out_telemetry = @_client.initialize_connection(URL)
|
52
|
+
if ip_opt_out_telemetry.nil?
|
53
|
+
logger.warn("Connection was not established properly!!! \n Telemetry reporting will be disabled!")
|
54
|
+
return false
|
55
|
+
end
|
56
|
+
|
57
|
+
true
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
def client
|
62
|
+
@_client ||= Contrast::Utils::TelemetryClient.new
|
63
|
+
end
|
64
|
+
|
65
|
+
def connection
|
66
|
+
@_connection ||= client.initialize_connection(URL)
|
67
|
+
end
|
68
|
+
|
69
|
+
def error_messages
|
70
|
+
@_error_messages ||= []
|
71
|
+
end
|
72
|
+
|
73
|
+
def attempt_to_start?
|
74
|
+
unless cs__class.enabled?
|
75
|
+
logger.warn('Telemetry service is disabled!')
|
76
|
+
return false
|
77
|
+
end
|
78
|
+
|
79
|
+
logger.debug('Attempting to start telemetry thread') unless running?
|
80
|
+
true
|
81
|
+
end
|
82
|
+
|
83
|
+
def start_thread!
|
84
|
+
return if running?
|
85
|
+
|
86
|
+
# It is recommended that implementations send a single payload of
|
87
|
+
# general metrics every 3 hours, starting from implementation startup.
|
88
|
+
@_thread = Contrast::Agent::Thread.new do
|
89
|
+
logger.debug('Starting background telemetry thread.')
|
90
|
+
loop do
|
91
|
+
next unless client && connection
|
92
|
+
|
93
|
+
# Start pushing exceptions to queue for reporting.
|
94
|
+
push_exceptions
|
95
|
+
until queue.empty?
|
96
|
+
event = queue.pop
|
97
|
+
begin
|
98
|
+
logger.debug('This is the current processed event', event)
|
99
|
+
sleep_time = request_with_response(event)
|
100
|
+
if sleep_time
|
101
|
+
sleep(sleep_time)
|
102
|
+
logger.debug('Retrying to process event', event)
|
103
|
+
retry_sleep_time = request_with_response(event)
|
104
|
+
sleep(retry_sleep_time) unless retry_sleep_time.nil?
|
105
|
+
end
|
106
|
+
rescue StandardError => e
|
107
|
+
logger.error('Could not send message to service from telemetry queue.', e)
|
108
|
+
stop!
|
109
|
+
end
|
110
|
+
end
|
111
|
+
sleep(SUGGESTED_TIMEOUT)
|
112
|
+
end
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
def send_event event
|
117
|
+
if ::Contrast::AGENT.disabled?
|
118
|
+
logger.warn('Attempted to queue event with Agent disabled', caller: caller, event: event)
|
119
|
+
return
|
120
|
+
end
|
121
|
+
|
122
|
+
return unless cs__class.enabled?
|
123
|
+
|
124
|
+
logger.debug('Enqueued event for sending', event_type: event.cs__class)
|
125
|
+
queue << event if event
|
126
|
+
end
|
127
|
+
|
128
|
+
def delete_queue!
|
129
|
+
@_queue&.clear
|
130
|
+
@_queue&.close
|
131
|
+
@_queue = nil
|
132
|
+
end
|
133
|
+
|
134
|
+
def stop!
|
135
|
+
return unless running?
|
136
|
+
|
137
|
+
@_enabled = false
|
138
|
+
delete_queue!
|
139
|
+
super
|
140
|
+
end
|
141
|
+
|
142
|
+
def request_with_response event
|
143
|
+
res = client.send_request(event, connection)
|
144
|
+
client.handle_response(res)
|
145
|
+
end
|
146
|
+
|
147
|
+
private
|
148
|
+
|
149
|
+
def queue
|
150
|
+
@_queue ||= Queue.new
|
151
|
+
end
|
152
|
+
end
|
153
|
+
end
|
154
|
+
end
|
155
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/utils/metrics_hash'
|
5
|
+
|
6
|
+
module Contrast
|
7
|
+
module Agent
|
8
|
+
module Telemetry
|
9
|
+
# This class will hold the basic information for a Telemetry Event
|
10
|
+
class Event
|
11
|
+
include Contrast::Utils
|
12
|
+
|
13
|
+
attr_reader :tags
|
14
|
+
|
15
|
+
def initialize
|
16
|
+
@tags = MetricsHash.new(String)
|
17
|
+
@timestamp = Time.now.iso8601
|
18
|
+
end
|
19
|
+
|
20
|
+
def path
|
21
|
+
''
|
22
|
+
end
|
23
|
+
|
24
|
+
def to_hash **_args
|
25
|
+
{
|
26
|
+
tags: @tags,
|
27
|
+
timestamp: @timestamp,
|
28
|
+
instance: Contrast::Agent::Telemetry::Base.instance_id,
|
29
|
+
application: Contrast::Agent::Telemetry::Base.application_id
|
30
|
+
}
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,119 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
module Contrast
|
5
|
+
module Agent
|
6
|
+
module Telemetry
|
7
|
+
module TelemetryException
|
8
|
+
# Here will be all known gems to obfuscate during the building of TelemetryExceptions
|
9
|
+
module Obfuscate
|
10
|
+
# List of known gems to be third parties not containing any
|
11
|
+
# user sensitive data.
|
12
|
+
KNOWN_GEMS = %w[
|
13
|
+
activesupport redis-activesupport redis builder dry-types rails rails-html-sanitizer rails-observers sinatra
|
14
|
+
benchmark-ips bundler climate_control execjs factory_bot debride fake_ftp fasterer flay openssl
|
15
|
+
parallel_tests contrast contrast-agent ruby pry-byebug byebug pry resolv ougai protobuf async nokogiri
|
16
|
+
benchmark grape-order grape-activerecord newrelic newrelic-grape grape-rails-cache grape-msgpack
|
17
|
+
grape-batch rspec rake rubocop grape-jbuilder rack-test rack-protection minitest grape-instrumentation
|
18
|
+
minitest-global_expectations rack-proxy rack-attack rack-ssl grape-cancan grape-attack grape-rake-tasks
|
19
|
+
grape-route-helpers benchmark-memory grape-rabl grape-kaminari grape-path-helpers grape-swagger-entity
|
20
|
+
grape-swagger-rails grape-roar newrelic-rake grapes-wagger-representative grape-forgery_protection
|
21
|
+
grape-papertrail grape-app grape-middleware-logger rack-protection rake-compile rhino rspec-benchmark
|
22
|
+
rspec_junit_formatter rspec-rails rake-performance rubocop-rails rubocop-rake rubocop-rspec
|
23
|
+
ruby-debug-ide simplecov sqlite steep tilt tzinfo-data warning xpath sinatra-activerecord sinatra-param
|
24
|
+
sinatra-partial sinatra-flash sinatra-reloader sinatra-sinatra rake_fly rack rack-accept grape grape-entity
|
25
|
+
sinatra-advanced-routes sinatra-warden grape_logging grape-swagger sinatra-namespace sinatra-resource
|
26
|
+
sinatra-hashfix sinatra-instrumentation sinatra-helpers redis-rack sinatra-support sinatra-assetpack
|
27
|
+
sinatra-router sinatra-cross_origin sinatra_more sinatra-jsonp faraday-rack zlib mustermann mustermann-grape
|
28
|
+
rspec-expectations rspec-core rspec-mocks rspec-sidekiq
|
29
|
+
].cs__freeze
|
30
|
+
KNOWN_ERRORS = %w[
|
31
|
+
ActiveModel Error Errors Resolv Rspec ActiveRecord nil NilClass NoMemoryError ScriptError
|
32
|
+
LoadError NotImplementedError SyntaxError SecurityError SignalException Interrupt
|
33
|
+
StandardError ArgumentError UncaughtThrowError FiberError IOError EOFError IndexError KeyError
|
34
|
+
StopIteration LocalJumpError NameError NoMethodError RangeError FloatDomainError RegexpError
|
35
|
+
RuntimeError FrozenError SystemCallError ThreadError TypeError ZeroDivisionError SystemExit
|
36
|
+
SystemStackError fatal Warning buffer OpenSSL SSL SSLError Errno Timeout Exception EOFError
|
37
|
+
ECONNRESET ECONNREFUSED ETIMEDOUT EINVAL ESHUTDOWN EHOSTDOWN EHOSTUNREACH EISCONN
|
38
|
+
ECONNABORTED ENETRESET ENETUNREACH Net HTTPBadResponse HTTPHeaderSyntaxError ProtocolError
|
39
|
+
Faraday BadRequestError UnauthorizedError ForbiddenError ResourceNotFound ProxyAuthError
|
40
|
+
ConflictError UnprocessableEntityError ClientError
|
41
|
+
].cs__freeze
|
42
|
+
CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'.cs__freeze
|
43
|
+
# This will generate different chars for each agent startup but will be constant
|
44
|
+
# for current run and will make identical obfuscation to be compared if given type
|
45
|
+
# is the same.
|
46
|
+
CYPHER = CHARS.chars.shuffle.join
|
47
|
+
|
48
|
+
class << self
|
49
|
+
# Returns paths for known gems.
|
50
|
+
#
|
51
|
+
# @return [Array<Regexp>] known paths
|
52
|
+
def known_gem_paths
|
53
|
+
@_known_gem_paths ||= KNOWN_GEMS.map do |gem_name|
|
54
|
+
to_regexp(File.join(
|
55
|
+
'gems', gem_name.tr('-', ''), 'lib'))
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
# Returns known modules names.
|
60
|
+
#
|
61
|
+
# @return [Array<Regexp>] known modules
|
62
|
+
def known_modules
|
63
|
+
@_known_modules ||= KNOWN_ERRORS.map { |module_name| to_regexp(module_name) }
|
64
|
+
end
|
65
|
+
|
66
|
+
# Obfuscate a type and replace it with random characters.
|
67
|
+
#
|
68
|
+
# @param type [String] the StackFrame type to obfuscate
|
69
|
+
# @return [String] obfuscated type
|
70
|
+
def obfuscate_type type
|
71
|
+
return unless type
|
72
|
+
|
73
|
+
check = type.tr('[^0-9].-', '')
|
74
|
+
type = cypher(type) unless match_known(known_gem_paths, check)
|
75
|
+
type
|
76
|
+
end
|
77
|
+
|
78
|
+
# Obfuscate a type and replace it with random characters.
|
79
|
+
#
|
80
|
+
# @param exception_type [String] the exception type to obfuscate
|
81
|
+
# @return [String] obfuscated exception type
|
82
|
+
def obfuscate_exception_type exception_type
|
83
|
+
return unless exception_type
|
84
|
+
|
85
|
+
exceptions = exception_type.split('::').each do |exception|
|
86
|
+
cypher(exception) unless match_known(known_modules, exception)
|
87
|
+
end
|
88
|
+
exceptions.join('::')
|
89
|
+
end
|
90
|
+
|
91
|
+
private
|
92
|
+
|
93
|
+
# Transforms string to regexp
|
94
|
+
#
|
95
|
+
# @param string [String]
|
96
|
+
def to_regexp string
|
97
|
+
/#{ string }/
|
98
|
+
end
|
99
|
+
|
100
|
+
# Add cypher to path to make it obscure, but unique enough for
|
101
|
+
# comparisons. Mutates original or duplicate if frozen string.
|
102
|
+
#
|
103
|
+
# @param string [String] string to be transformed.
|
104
|
+
def cypher string
|
105
|
+
string = string.dup if string.cs__frozen?
|
106
|
+
string.to_s.tr!(CHARS, CYPHER)
|
107
|
+
end
|
108
|
+
|
109
|
+
# @param known [Array<Regexp>] Array of regexp to match againts
|
110
|
+
# @param type [String] type to check
|
111
|
+
def match_known known, type
|
112
|
+
known.any? { |regexp| type =~ regexp }
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
116
|
+
end
|
117
|
+
end
|
118
|
+
end
|
119
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
module Contrast
|
5
|
+
module Agent
|
6
|
+
module Telemetry
|
7
|
+
module TelemetryException
|
8
|
+
# This class will hold the all the mutual information for the Telemetry Exception
|
9
|
+
class Base
|
10
|
+
def to_controlled_hash; end
|
11
|
+
|
12
|
+
protected
|
13
|
+
|
14
|
+
# Validate required and option fields
|
15
|
+
#
|
16
|
+
# @param validations [Hash] Validation hash to use
|
17
|
+
# @return [nil]
|
18
|
+
def validate validations
|
19
|
+
validations.each do |k, v|
|
20
|
+
next if v[:required] == false
|
21
|
+
|
22
|
+
validate_field(validations[k], k)
|
23
|
+
end
|
24
|
+
nil
|
25
|
+
end
|
26
|
+
|
27
|
+
# This method will validate every single field passed from validate
|
28
|
+
#
|
29
|
+
# @param validation_pair [Hash] Validation hash to use
|
30
|
+
# @param key[String] The key to check in VALIDATIONS
|
31
|
+
def validate_field validation_pair, key
|
32
|
+
value_to_validate = send(key.to_sym)
|
33
|
+
validate_class(value_to_validate, validation_pair[:class], key) if validation_pair.key?(:class)
|
34
|
+
value_length = if value_to_validate.cs__is_a?(String) || value_to_validate.cs__is_a?(Array)
|
35
|
+
value_to_validate.length
|
36
|
+
else
|
37
|
+
value_to_validate.entries.length
|
38
|
+
end
|
39
|
+
unless validation_pair[:range].include?(value_length)
|
40
|
+
raise(ArgumentError, "The provided value for #{ key } is invalid: #{ value_to_validate }")
|
41
|
+
end
|
42
|
+
|
43
|
+
nil
|
44
|
+
end
|
45
|
+
|
46
|
+
# With the all nested classes, we still need to double check if everything passed along the way
|
47
|
+
# is right
|
48
|
+
# @param message [Object] The message we want to check the class of
|
49
|
+
# @param klass [Class] The klass we want to check the message with
|
50
|
+
# @param field [Object] The field with the error
|
51
|
+
def validate_class message, klass, field
|
52
|
+
message = message[0] if message.cs__is_a?(Array)
|
53
|
+
raise(ArgumentError, "The provided value for #{ field } is of wrong class") unless message.cs__is_a?(klass)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require_relative 'telemetry_exception_base'
|
5
|
+
require_relative 'telemetry_exception_message'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Telemetry
|
10
|
+
module TelemetryException
|
11
|
+
# This class will hold the basic information for a Parent Telemetry Exception Event
|
12
|
+
class Event < Contrast::Agent::Telemetry::TelemetryException::Base
|
13
|
+
# Array of Telemetry Exceptions
|
14
|
+
# @return [Array<Contrast::Agent::Telemetry::TelemetryException::Message>]
|
15
|
+
attr_reader :exceptions
|
16
|
+
|
17
|
+
# Initialization of the Parent Event requires us to require the exception
|
18
|
+
# to be created
|
19
|
+
#
|
20
|
+
# @param message [Contrast::Agent::Telemetry::TelemetryException::Message]
|
21
|
+
def initialize message
|
22
|
+
super()
|
23
|
+
validate_class(message, Contrast::Agent::Telemetry::TelemetryException::Message, 'exception_message')
|
24
|
+
@exceptions = Array.new(1, message)
|
25
|
+
end
|
26
|
+
|
27
|
+
# @param message [Contrast::Agent::Telemetry::TelemetryException::Message]
|
28
|
+
def push message
|
29
|
+
validate_class(message, Contrast::Agent::Telemetry::TelemetryException::Message, 'exception_message')
|
30
|
+
@exceptions << message
|
31
|
+
end
|
32
|
+
|
33
|
+
def self.path
|
34
|
+
'/ruby/runtime'
|
35
|
+
end
|
36
|
+
|
37
|
+
def to_controlled_hash
|
38
|
+
exceptions.map(&:to_controlled_hash)
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,115 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require_relative 'telemetry_exception_base'
|
5
|
+
require_relative 'telemetry_exception_message_exception'
|
6
|
+
require 'contrast/utils/telemetry_identifier'
|
7
|
+
|
8
|
+
module Contrast
|
9
|
+
module Agent
|
10
|
+
module Telemetry
|
11
|
+
module TelemetryException
|
12
|
+
# This class will hold the all the information for the specific exceptions
|
13
|
+
# and will be passed in the the event to be sent to TS
|
14
|
+
class Message < Contrast::Agent::Telemetry::TelemetryException::Base
|
15
|
+
VALIDATIONS = {
|
16
|
+
instance: { required: true, range: 12..64 },
|
17
|
+
tags: { required: true, range: 0..512 },
|
18
|
+
logger: { required: false, range: 1..128 },
|
19
|
+
message: { required: false, range: 1..512 },
|
20
|
+
exceptions: {
|
21
|
+
required: true,
|
22
|
+
range: 1..512,
|
23
|
+
class: Contrast::Agent::Telemetry::TelemetryException::MessageException
|
24
|
+
}
|
25
|
+
}.cs__freeze
|
26
|
+
|
27
|
+
# Timestamp of creation in ISO8601 format
|
28
|
+
# @return [Integer]
|
29
|
+
attr_reader :timestamp
|
30
|
+
|
31
|
+
# An Instance ID as defined in Unique Identification // Application ID
|
32
|
+
# @return [String]
|
33
|
+
attr_reader :instance
|
34
|
+
|
35
|
+
# Tags are key-value string pairs that annotate either metrics
|
36
|
+
# or errors to help provide context, filtering, grouping, and deduplication.
|
37
|
+
# @return [Hash{String => String}]
|
38
|
+
attr_reader :tags
|
39
|
+
|
40
|
+
# @return [Integer] A number of the occurrences of the exception
|
41
|
+
attr_accessor :occurrences
|
42
|
+
|
43
|
+
# Array of exceptions, but in our case the Array will only include one exception
|
44
|
+
# @return [Array<Contrast::Agent::Telemetry::TelemetryException::MessageException>]
|
45
|
+
attr_reader :exceptions
|
46
|
+
|
47
|
+
# @return [String,nil] A string denoting the origin of this error.
|
48
|
+
attr_reader :logger
|
49
|
+
|
50
|
+
# @return [String | nil] A string message to provide additional context to the errors.
|
51
|
+
attr_reader :message
|
52
|
+
|
53
|
+
def initialize instance, tags, exceptions
|
54
|
+
super()
|
55
|
+
@tags = tags
|
56
|
+
@timestamp = Time.now.iso8601
|
57
|
+
@instance = instance
|
58
|
+
@occurrences = 1
|
59
|
+
@exceptions = exceptions
|
60
|
+
validate(VALIDATIONS)
|
61
|
+
end
|
62
|
+
|
63
|
+
# Optional parameters will be set separately from the required
|
64
|
+
#
|
65
|
+
# @param logger[String]
|
66
|
+
def logger= logger
|
67
|
+
validate_field(VALIDATIONS[:logger], 'logger')
|
68
|
+
@logger = logger
|
69
|
+
end
|
70
|
+
|
71
|
+
# Optional parameters will be set separately from the required
|
72
|
+
#
|
73
|
+
# @param message[String]
|
74
|
+
def message= message
|
75
|
+
validate_field(VALIDATIONS[:message], 'message')
|
76
|
+
@message = message
|
77
|
+
end
|
78
|
+
|
79
|
+
# Optional parameters will be set separately from the required
|
80
|
+
# This method is different and is regarding the way we proceed
|
81
|
+
# with incrementing occurrences
|
82
|
+
# If we keep track of them in different places and we store that value
|
83
|
+
# in separated variable - we may directly re-assign occurrences=
|
84
|
+
# But if we are not doing that - we may on same message generated
|
85
|
+
# to increment occurrences from here
|
86
|
+
def increment_occurrences
|
87
|
+
@occurrences += 1
|
88
|
+
end
|
89
|
+
|
90
|
+
def to_controlled_hash
|
91
|
+
super()
|
92
|
+
{
|
93
|
+
timestamp: timestamp,
|
94
|
+
instance: instance,
|
95
|
+
occurrences: occurrences,
|
96
|
+
tags: tags,
|
97
|
+
exceptions: exceptions.map(&:to_controlled_hash),
|
98
|
+
logger: logger,
|
99
|
+
message: message
|
100
|
+
}.compact
|
101
|
+
end
|
102
|
+
|
103
|
+
class << self
|
104
|
+
def build tags, exceptions, logger = nil, message = nil
|
105
|
+
inst = new(Contrast::Utils::Telemetry::Identifier.instance_id, tags, exceptions)
|
106
|
+
inst.logger = logger unless logger.nil?
|
107
|
+
inst.message = message unless message.nil?
|
108
|
+
inst
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
@@ -0,0 +1,83 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require_relative 'telemetry_exception_base'
|
5
|
+
require_relative 'telemetry_exception_stack_frame'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Telemetry
|
10
|
+
module TelemetryException
|
11
|
+
# This class will hold the all the information for the specific exception
|
12
|
+
# and will be passed in the Exception message itself
|
13
|
+
class MessageException < Contrast::Agent::Telemetry::TelemetryException::Base
|
14
|
+
VALIDATIONS = {
|
15
|
+
type: { required: true, range: 1..256 },
|
16
|
+
module_name: { required: false, range: 1..256 },
|
17
|
+
value: { required: false, range: 1..256 },
|
18
|
+
stack_frames: {
|
19
|
+
required: true,
|
20
|
+
range: 1..128,
|
21
|
+
class: Contrast::Agent::Telemetry::TelemetryException::StackFrame
|
22
|
+
}
|
23
|
+
}.cs__freeze
|
24
|
+
|
25
|
+
# @return [String] The type of the exception itself
|
26
|
+
attr_reader :type
|
27
|
+
|
28
|
+
# stack frames for the message exception
|
29
|
+
# @return [Array<Contrast::Agent::Telemetry::TelemetryException::StackFrame>]
|
30
|
+
attr_reader :stack_frames
|
31
|
+
|
32
|
+
# @return [String]
|
33
|
+
attr_reader :module_name
|
34
|
+
|
35
|
+
# @return [String]
|
36
|
+
attr_reader :value
|
37
|
+
|
38
|
+
def initialize type, stack_frame
|
39
|
+
super()
|
40
|
+
@type = type
|
41
|
+
@stack_frames = Array.new(1, stack_frame)
|
42
|
+
validate(VALIDATIONS)
|
43
|
+
end
|
44
|
+
|
45
|
+
# @param stack_frame [Contrast::Agent::Telemetry::TelemetryException::StackFrame]
|
46
|
+
def push stack_frame
|
47
|
+
validate_class(stack_frame, Contrast::Agent::Telemetry::TelemetryException::StackFrame, 'stack_frame')
|
48
|
+
@stack_frames << stack_frame
|
49
|
+
end
|
50
|
+
|
51
|
+
def module_name= module_name
|
52
|
+
@module_name = module_name
|
53
|
+
validate_field(VALIDATIONS[:module_name], 'module_name')
|
54
|
+
end
|
55
|
+
|
56
|
+
def value= value
|
57
|
+
@value = value
|
58
|
+
validate_field(VALIDATIONS[:value], 'value')
|
59
|
+
end
|
60
|
+
|
61
|
+
def to_controlled_hash
|
62
|
+
super
|
63
|
+
{
|
64
|
+
type: type,
|
65
|
+
module: module_name,
|
66
|
+
stackFrames: stack_frames.map(&:to_controlled_hash),
|
67
|
+
value: value
|
68
|
+
}.compact
|
69
|
+
end
|
70
|
+
|
71
|
+
class << self
|
72
|
+
def build type, value, module_name, stackframes
|
73
|
+
inst = new(type, stackframes)
|
74
|
+
inst.module_name = module_name if module_name
|
75
|
+
inst.value = value
|
76
|
+
inst
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
@@ -0,0 +1,64 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require_relative 'telemetry_exception_base'
|
5
|
+
|
6
|
+
module Contrast
|
7
|
+
module Agent
|
8
|
+
module Telemetry
|
9
|
+
module TelemetryException
|
10
|
+
# This class will hold the all the information for the specific exception
|
11
|
+
# and will be passed in the Exception message itself
|
12
|
+
class StackFrame < Contrast::Agent::Telemetry::TelemetryException::Base
|
13
|
+
VALIDATIONS = {
|
14
|
+
function: { required: true, range: 1..256 },
|
15
|
+
type: { required: true, range: 1..256 },
|
16
|
+
module_name: { required: false, range: 1..256 }
|
17
|
+
}.cs__freeze
|
18
|
+
|
19
|
+
# @return [String] The type of the exception itself
|
20
|
+
attr_reader :type
|
21
|
+
|
22
|
+
# @return [String] the function of the stack trace
|
23
|
+
attr_reader :function
|
24
|
+
|
25
|
+
# @return [Boolean] Is it in contrast
|
26
|
+
attr_accessor :in_contrast
|
27
|
+
|
28
|
+
# @return [String]
|
29
|
+
attr_reader :module_name
|
30
|
+
|
31
|
+
def initialize function, type
|
32
|
+
super()
|
33
|
+
@function = function
|
34
|
+
@type = type
|
35
|
+
@in_contrast = false
|
36
|
+
validate(VALIDATIONS)
|
37
|
+
end
|
38
|
+
|
39
|
+
def module_name= module_name
|
40
|
+
@module_name = module_name
|
41
|
+
validate_field(VALIDATIONS[:module_name], 'module_name')
|
42
|
+
end
|
43
|
+
|
44
|
+
def to_controlled_hash
|
45
|
+
super
|
46
|
+
{ function: function, type: type, module: module_name, inContrast: in_contrast }.compact
|
47
|
+
end
|
48
|
+
|
49
|
+
class << self
|
50
|
+
# @param method [String] method, triggered the logger on warn/error/fatal
|
51
|
+
# @param type [String] the type ( where it occurred )
|
52
|
+
# @param module_name [String, nil] Name of the module if any.
|
53
|
+
def build method, type, module_name = nil
|
54
|
+
inst = new(method, type)
|
55
|
+
inst.module_name = module_name if module_name
|
56
|
+
inst.in_contrast = type.include?('lib/contrast')
|
57
|
+
inst
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|