contrast-agent 4.4.1 → 4.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.simplecov +1 -1
- data/Gemfile +1 -1
- data/LICENSE.txt +1 -1
- data/Rakefile +1 -1
- data/exe/contrast_service +1 -1
- data/ext/build_funchook.rb +1 -1
- data/ext/cs__assess_active_record_named/cs__active_record_named.c +1 -1
- data/ext/cs__assess_active_record_named/extconf.rb +1 -1
- data/ext/cs__assess_array/cs__assess_array.c +1 -1
- data/ext/cs__assess_array/extconf.rb +1 -1
- data/ext/cs__assess_basic_object/cs__assess_basic_object.c +1 -1
- data/ext/cs__assess_basic_object/extconf.rb +1 -1
- data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +1 -1
- data/ext/cs__assess_fiber_track/extconf.rb +1 -1
- data/ext/cs__assess_hash/cs__assess_hash.c +4 -2
- data/ext/cs__assess_hash/extconf.rb +1 -1
- data/ext/cs__assess_kernel/cs__assess_kernel.c +1 -1
- data/ext/cs__assess_kernel/extconf.rb +1 -1
- data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +1 -1
- data/ext/cs__assess_marshal_module/extconf.rb +1 -1
- data/ext/cs__assess_module/cs__assess_module.c +1 -1
- data/ext/cs__assess_module/extconf.rb +1 -1
- data/ext/cs__assess_regexp/cs__assess_regexp.c +1 -1
- data/ext/cs__assess_regexp/extconf.rb +1 -1
- data/ext/cs__assess_string/cs__assess_string.c +1 -1
- data/ext/cs__assess_string/extconf.rb +1 -1
- data/ext/cs__assess_string_interpolation26/cs__assess_string_interpolation26.c +1 -1
- data/ext/cs__assess_string_interpolation26/extconf.rb +1 -1
- data/ext/cs__assess_yield_track/cs__assess_yield_track.c +1 -1
- data/ext/cs__assess_yield_track/extconf.rb +1 -1
- data/ext/cs__common/cs__common.c +5 -5
- data/ext/cs__common/cs__common.h +4 -4
- data/ext/cs__common/extconf.rb +1 -1
- data/ext/cs__contrast_patch/cs__contrast_patch.c +22 -25
- data/ext/cs__contrast_patch/extconf.rb +1 -1
- data/ext/cs__protect_kernel/cs__protect_kernel.c +1 -1
- data/ext/cs__protect_kernel/extconf.rb +1 -1
- data/ext/extconf_common.rb +1 -1
- data/lib/contrast-agent.rb +1 -1
- data/lib/contrast.rb +20 -1
- data/lib/contrast/agent.rb +1 -1
- data/lib/contrast/agent/assess.rb +1 -1
- data/lib/contrast/agent/assess/contrast_event.rb +54 -69
- data/lib/contrast/agent/assess/contrast_object.rb +1 -1
- data/lib/contrast/agent/assess/events/event_factory.rb +1 -1
- data/lib/contrast/agent/assess/events/source_event.rb +7 -2
- data/lib/contrast/agent/assess/finalizers/freeze.rb +1 -1
- data/lib/contrast/agent/assess/finalizers/hash.rb +26 -34
- data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +20 -19
- data/lib/contrast/agent/assess/policy/patcher.rb +1 -1
- data/lib/contrast/agent/assess/policy/policy.rb +1 -1
- data/lib/contrast/agent/assess/policy/policy_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +1 -1
- data/lib/contrast/agent/assess/policy/preshift.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagation_method.rb +2 -6
- data/lib/contrast/agent/assess/policy/propagation_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/append.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/base.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/center.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/custom.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/database_write.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/insert.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/keep.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/match_data.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/next.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/prepend.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/remove.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/replace.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/reverse.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/select.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/splat.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/split.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/substitution.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/trim.rb +1 -1
- data/lib/contrast/agent/assess/policy/rewriter_patch.rb +1 -1
- data/lib/contrast/agent/assess/policy/source_method.rb +87 -76
- data/lib/contrast/agent/assess/policy/source_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/source_validation/cross_site_validator.rb +8 -6
- data/lib/contrast/agent/assess/policy/source_validation/source_validation.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger/reflected_xss.rb +3 -3
- data/lib/contrast/agent/assess/policy/trigger/xpath.rb +7 -8
- data/lib/contrast/agent/assess/policy/trigger_method.rb +99 -62
- data/lib/contrast/agent/assess/policy/trigger_node.rb +3 -3
- data/lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/trigger_validation.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +1 -1
- data/lib/contrast/agent/assess/properties.rb +1 -1
- data/lib/contrast/agent/assess/property/evented.rb +1 -1
- data/lib/contrast/agent/assess/property/tagged.rb +1 -1
- data/lib/contrast/agent/assess/property/updated.rb +1 -1
- data/lib/contrast/agent/assess/rule/provider.rb +1 -1
- data/lib/contrast/agent/assess/rule/provider/hardcoded_key.rb +1 -1
- data/lib/contrast/agent/assess/rule/provider/hardcoded_password.rb +1 -1
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +1 -1
- data/lib/contrast/agent/assess/tag.rb +1 -1
- data/lib/contrast/agent/assess/tracker.rb +1 -1
- data/lib/contrast/agent/at_exit_hook.rb +1 -1
- data/lib/contrast/agent/class_reopener.rb +1 -1
- data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +1 -1
- data/lib/contrast/agent/deadzone/policy/policy.rb +1 -1
- data/lib/contrast/agent/disable_reaction.rb +1 -1
- data/lib/contrast/agent/exclusion_matcher.rb +1 -1
- data/lib/contrast/agent/inventory.rb +1 -2
- data/lib/contrast/agent/inventory/dependencies.rb +1 -1
- data/lib/contrast/agent/inventory/dependency_analysis.rb +1 -1
- data/lib/contrast/agent/inventory/dependency_usage_analysis.rb +35 -23
- data/lib/contrast/agent/inventory/policy/datastores.rb +1 -1
- data/lib/contrast/agent/inventory/policy/policy.rb +1 -1
- data/lib/contrast/agent/inventory/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/middleware.rb +8 -9
- data/lib/contrast/agent/module_data.rb +1 -1
- data/lib/contrast/agent/patching/policy/after_load_patch.rb +1 -1
- data/lib/contrast/agent/patching/policy/after_load_patcher.rb +1 -1
- data/lib/contrast/agent/patching/policy/method_policy.rb +1 -1
- data/lib/contrast/agent/patching/policy/module_policy.rb +1 -1
- data/lib/contrast/agent/patching/policy/patch.rb +8 -6
- data/lib/contrast/agent/patching/policy/patch_status.rb +1 -1
- data/lib/contrast/agent/patching/policy/patcher.rb +8 -10
- data/lib/contrast/agent/patching/policy/policy.rb +1 -1
- data/lib/contrast/agent/patching/policy/policy_node.rb +1 -1
- data/lib/contrast/agent/patching/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_deserialization_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_sqli_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_xxe_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/policy.rb +1 -1
- data/lib/contrast/agent/protect/policy/rule_applicator.rb +1 -1
- data/lib/contrast/agent/protect/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/protect/rule.rb +1 -1
- data/lib/contrast/agent/protect/rule/base.rb +7 -18
- data/lib/contrast/agent/protect/rule/base_service.rb +2 -2
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +2 -2
- data/lib/contrast/agent/protect/rule/default_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/deserialization.rb +1 -1
- data/lib/contrast/agent/protect/rule/http_method_tampering.rb +1 -1
- data/lib/contrast/agent/protect/rule/no_sqli.rb +2 -2
- data/lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/path_traversal.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli.rb +2 -2
- data/lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb +2 -2
- data/lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +1 -1
- data/lib/contrast/agent/protect/rule/xss.rb +1 -1
- data/lib/contrast/agent/protect/rule/xxe.rb +1 -1
- data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +1 -1
- data/lib/contrast/agent/railtie.rb +1 -1
- data/lib/contrast/agent/reaction_processor.rb +1 -1
- data/lib/contrast/agent/request.rb +2 -1
- data/lib/contrast/agent/request_context.rb +5 -10
- data/lib/contrast/agent/request_handler.rb +1 -1
- data/lib/contrast/agent/response.rb +1 -1
- data/lib/contrast/agent/rewriter.rb +1 -1
- data/lib/contrast/agent/rule_set.rb +3 -3
- data/lib/contrast/agent/scope.rb +1 -1
- data/lib/contrast/agent/service_heartbeat.rb +1 -1
- data/lib/contrast/agent/static_analysis.rb +1 -1
- data/lib/contrast/agent/thread.rb +1 -1
- data/lib/contrast/agent/thread_watcher.rb +1 -1
- data/lib/contrast/agent/tracepoint_hook.rb +1 -1
- data/lib/contrast/agent/version.rb +2 -2
- data/lib/contrast/agent/worker_thread.rb +1 -1
- data/lib/contrast/api.rb +1 -1
- data/lib/contrast/api/communication.rb +1 -1
- data/lib/contrast/api/communication/connection_status.rb +1 -1
- data/lib/contrast/api/communication/messaging_queue.rb +1 -1
- data/lib/contrast/api/communication/response_processor.rb +1 -1
- data/lib/contrast/api/communication/service_lifecycle.rb +1 -1
- data/lib/contrast/api/communication/socket.rb +1 -1
- data/lib/contrast/api/communication/socket_client.rb +1 -1
- data/lib/contrast/api/communication/speedracer.rb +3 -3
- data/lib/contrast/api/communication/tcp_socket.rb +1 -1
- data/lib/contrast/api/communication/unix_socket.rb +1 -1
- data/lib/contrast/api/decorators.rb +1 -1
- data/lib/contrast/api/decorators/address.rb +1 -1
- data/lib/contrast/api/decorators/agent_startup.rb +1 -1
- data/lib/contrast/api/decorators/application_settings.rb +1 -1
- data/lib/contrast/api/decorators/application_startup.rb +4 -2
- data/lib/contrast/api/decorators/application_update.rb +1 -1
- data/lib/contrast/api/decorators/http_request.rb +1 -1
- data/lib/contrast/api/decorators/input_analysis.rb +1 -1
- data/lib/contrast/api/decorators/instrumentation_mode.rb +37 -0
- data/lib/contrast/api/decorators/library.rb +1 -1
- data/lib/contrast/api/decorators/library_usage_update.rb +1 -1
- data/lib/contrast/api/decorators/message.rb +1 -1
- data/lib/contrast/api/decorators/rasp_rule_sample.rb +1 -1
- data/lib/contrast/api/decorators/route_coverage.rb +1 -1
- data/lib/contrast/api/decorators/server_features.rb +1 -1
- data/lib/contrast/api/decorators/trace_event.rb +1 -1
- data/lib/contrast/api/decorators/trace_event_object.rb +1 -1
- data/lib/contrast/api/decorators/trace_event_signature.rb +1 -1
- data/lib/contrast/api/decorators/trace_taint_range.rb +1 -1
- data/lib/contrast/api/decorators/trace_taint_range_tags.rb +1 -1
- data/lib/contrast/api/decorators/user_input.rb +1 -1
- data/lib/contrast/common_agent_configuration.rb +1 -1
- data/lib/contrast/components/agent.rb +1 -1
- data/lib/contrast/components/app_context.rb +1 -1
- data/lib/contrast/components/assess.rb +1 -1
- data/lib/contrast/components/config.rb +1 -1
- data/lib/contrast/components/contrast_service.rb +1 -1
- data/lib/contrast/components/heap_dump.rb +1 -1
- data/lib/contrast/components/interface.rb +1 -1
- data/lib/contrast/components/inventory.rb +1 -1
- data/lib/contrast/components/logger.rb +1 -1
- data/lib/contrast/components/protect.rb +4 -2
- data/lib/contrast/components/sampling.rb +1 -1
- data/lib/contrast/components/scope.rb +1 -1
- data/lib/contrast/components/settings.rb +2 -2
- data/lib/contrast/config.rb +1 -1
- data/lib/contrast/config/agent_configuration.rb +1 -1
- data/lib/contrast/config/application_configuration.rb +1 -1
- data/lib/contrast/config/assess_configuration.rb +1 -1
- data/lib/contrast/config/assess_rules_configuration.rb +1 -1
- data/lib/contrast/config/base_configuration.rb +1 -1
- data/lib/contrast/config/default_value.rb +1 -1
- data/lib/contrast/config/exception_configuration.rb +1 -1
- data/lib/contrast/config/heap_dump_configuration.rb +1 -1
- data/lib/contrast/config/inventory_configuration.rb +1 -1
- data/lib/contrast/config/logger_configuration.rb +1 -1
- data/lib/contrast/config/protect_configuration.rb +1 -1
- data/lib/contrast/config/protect_rule_configuration.rb +23 -1
- data/lib/contrast/config/protect_rules_configuration.rb +1 -1
- data/lib/contrast/config/root_configuration.rb +1 -1
- data/lib/contrast/config/ruby_configuration.rb +1 -1
- data/lib/contrast/config/sampling_configuration.rb +1 -1
- data/lib/contrast/config/server_configuration.rb +1 -1
- data/lib/contrast/config/service_configuration.rb +1 -1
- data/lib/contrast/configuration.rb +1 -1
- data/lib/contrast/delegators/input_analysis.rb +12 -0
- data/lib/contrast/extension/assess.rb +1 -1
- data/lib/contrast/extension/assess/array.rb +1 -1
- data/lib/contrast/extension/assess/erb.rb +1 -1
- data/lib/contrast/extension/assess/eval_trigger.rb +1 -5
- data/lib/contrast/extension/assess/exec_trigger.rb +1 -5
- data/lib/contrast/extension/assess/fiber.rb +1 -1
- data/lib/contrast/extension/assess/hash.rb +1 -1
- data/lib/contrast/extension/assess/kernel.rb +1 -1
- data/lib/contrast/extension/assess/marshal.rb +1 -5
- data/lib/contrast/extension/assess/regexp.rb +1 -1
- data/lib/contrast/extension/assess/string.rb +1 -1
- data/lib/contrast/extension/delegator.rb +1 -1
- data/lib/contrast/extension/inventory.rb +1 -1
- data/lib/contrast/extension/kernel.rb +1 -1
- data/lib/contrast/extension/module.rb +1 -1
- data/lib/contrast/extension/protect.rb +1 -1
- data/lib/contrast/extension/protect/kernel.rb +1 -1
- data/lib/contrast/extension/protect/psych.rb +1 -1
- data/lib/contrast/extension/thread.rb +1 -1
- data/lib/contrast/framework/base_support.rb +1 -1
- data/lib/contrast/framework/manager.rb +3 -3
- data/lib/contrast/framework/platform_version.rb +1 -1
- data/lib/contrast/framework/rack/patch/session_cookie.rb +1 -1
- data/lib/contrast/framework/rack/patch/support.rb +1 -1
- data/lib/contrast/framework/rack/support.rb +1 -1
- data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +1 -1
- data/lib/contrast/framework/rails/patch/assess_configuration.rb +1 -1
- data/lib/contrast/framework/rails/patch/rails_application_configuration.rb +4 -4
- data/lib/contrast/framework/rails/patch/support.rb +1 -1
- data/lib/contrast/framework/rails/rewrite/action_controller_railties_helper_inherited.rb +1 -1
- data/lib/contrast/framework/rails/rewrite/active_record_attribute_methods_read.rb +1 -1
- data/lib/contrast/framework/rails/rewrite/active_record_named.rb +1 -1
- data/lib/contrast/framework/rails/rewrite/active_record_time_zone_inherited.rb +1 -1
- data/lib/contrast/framework/rails/support.rb +1 -1
- data/lib/contrast/framework/sinatra/support.rb +1 -1
- data/lib/contrast/funchook/funchook.rb +1 -1
- data/lib/contrast/logger/application.rb +1 -1
- data/lib/contrast/logger/format.rb +1 -1
- data/lib/contrast/logger/log.rb +1 -1
- data/lib/contrast/logger/request.rb +1 -1
- data/lib/contrast/logger/time.rb +1 -1
- data/lib/contrast/security_exception.rb +1 -1
- data/lib/contrast/tasks/config.rb +1 -1
- data/lib/contrast/tasks/service.rb +1 -1
- data/lib/contrast/utils/assess/sampling_util.rb +1 -1
- data/lib/contrast/utils/assess/tracking_util.rb +1 -1
- data/lib/contrast/utils/class_util.rb +15 -3
- data/lib/contrast/utils/duck_utils.rb +1 -1
- data/lib/contrast/utils/env_configuration_item.rb +1 -1
- data/lib/contrast/utils/hash_digest.rb +14 -19
- data/lib/contrast/utils/heap_dump_util.rb +1 -1
- data/lib/contrast/utils/invalid_configuration_util.rb +1 -1
- data/lib/contrast/utils/inventory_util.rb +1 -1
- data/lib/contrast/utils/io_util.rb +1 -1
- data/lib/contrast/utils/job_servers_running.rb +1 -1
- data/lib/contrast/utils/object_share.rb +1 -1
- data/lib/contrast/utils/os.rb +1 -1
- data/lib/contrast/utils/preflight_util.rb +1 -1
- data/lib/contrast/utils/resource_loader.rb +1 -1
- data/lib/contrast/utils/ruby_ast_rewriter.rb +1 -1
- data/lib/contrast/utils/sha256_builder.rb +1 -1
- data/lib/contrast/utils/stack_trace_utils.rb +1 -1
- data/lib/contrast/utils/string_utils.rb +1 -1
- data/lib/contrast/utils/tag_util.rb +1 -1
- data/lib/contrast/utils/thread_tracker.rb +1 -1
- data/lib/contrast/utils/timer.rb +1 -1
- data/resources/assess/policy.json +5 -2
- data/resources/deadzone/policy.json +7 -17
- data/ruby-agent.gemspec +4 -5
- data/service_executables/VERSION +1 -1
- data/service_executables/linux/contrast-service +0 -0
- data/service_executables/mac/contrast-service +0 -0
- metadata +20 -33
- data/lib/contrast/agent/inventory/gemfile_digest_cache.rb +0 -38
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 34510a6c078720ccde6e95d4c0ee3a59eb6fa7db96da03ad7d047a3e926979ad
|
|
4
|
+
data.tar.gz: c9bceacdf3de12ef0554e066d8275084d4ff199cdff143077f32f08fc5415b31
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d5a507dcf5c610fbd2dd05b711ea9b1a553bbca720b769fc54f034d2d323184f23fb39ff793edf2d5074b568a4b557f817779f07d7937b966ab19d1acd3bdfb5
|
|
7
|
+
data.tar.gz: c00857ade1593231404e02583d9726e29e474a49b984f46a57d9a103591259757c94677cb01075de92c63e096eee0d9dd68c2f7f9703ebf0b9d09ea267c282e4
|
data/.simplecov
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
SimpleCov.minimum_coverage line: 94.75
|
data/Gemfile
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
source 'https://rubygems.org'
|
data/LICENSE.txt
CHANGED
data/Rakefile
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$stdout.sync = true
|
data/exe/contrast_service
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
|
-
# Copyright (c)
|
|
2
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
3
3
|
# frozen_string_literal: true
|
|
4
4
|
|
|
5
5
|
def mac?
|
data/ext/build_funchook.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'fileutils'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright (c)
|
|
1
|
+
/* Copyright (c) 2021 Contrast Security, Inc. See
|
|
2
2
|
* https://www.contrastsecurity.com/enduser-terms-0317a for more details. */
|
|
3
3
|
|
|
4
4
|
#include "cs__assess_hash.h"
|
|
@@ -17,6 +17,7 @@ static VALUE contrast_assess_hash_bracket_constructor(const int argc,
|
|
|
17
17
|
const VALUE hash) {
|
|
18
18
|
VALUE result;
|
|
19
19
|
|
|
20
|
+
|
|
20
21
|
/* Array of Arrays: Hash[ [ [key, value], ... ] ] -> new_hash */
|
|
21
22
|
if (RB_TYPE_P(argv[0], T_ARRAY)) {
|
|
22
23
|
int i;
|
|
@@ -33,12 +34,13 @@ static VALUE contrast_assess_hash_bracket_constructor(const int argc,
|
|
|
33
34
|
}
|
|
34
35
|
}
|
|
35
36
|
|
|
37
|
+
const VALUE * argv_final = argv;
|
|
36
38
|
/* unhandled case - shouldn't need it since issue is only unfrozen
|
|
37
39
|
* String keys
|
|
38
40
|
* # Hash[ object ] -> new_hash
|
|
39
41
|
*/
|
|
40
42
|
result =
|
|
41
|
-
rb_funcall2(hash, rb_sym_assess_hash_bracket_constructor, argc,
|
|
43
|
+
rb_funcall2(hash, rb_sym_assess_hash_bracket_constructor, argc, argv_final);
|
|
42
44
|
|
|
43
45
|
return result;
|
|
44
46
|
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
data/ext/cs__common/cs__common.c
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright (c)
|
|
1
|
+
/* Copyright (c) 2021 Contrast Security, Inc. See
|
|
2
2
|
* https://www.contrastsecurity.com/enduser-terms-0317a for more details. */
|
|
3
3
|
|
|
4
4
|
#include "cs__common.h"
|
|
@@ -59,7 +59,7 @@ VALUE contrast_patcher() {
|
|
|
59
59
|
}
|
|
60
60
|
|
|
61
61
|
VALUE contrast_register_patch(const char *module_name, const char *method_name,
|
|
62
|
-
VALUE(c_fn)(const int,
|
|
62
|
+
VALUE(c_fn)(const int, VALUE *,
|
|
63
63
|
const VALUE)) {
|
|
64
64
|
return _contrast_register_patch(module_name, method_name, c_fn,
|
|
65
65
|
IMPL_ALIAS_INSTANCE);
|
|
@@ -67,7 +67,7 @@ VALUE contrast_register_patch(const char *module_name, const char *method_name,
|
|
|
67
67
|
|
|
68
68
|
VALUE contrast_register_singleton_patch(const char *module_name,
|
|
69
69
|
const char *method_name,
|
|
70
|
-
VALUE(c_fn)(const int,
|
|
70
|
+
VALUE(c_fn)(const int, VALUE *,
|
|
71
71
|
const VALUE)) {
|
|
72
72
|
return _contrast_register_patch(module_name, method_name, c_fn,
|
|
73
73
|
IMPL_ALIAS_SINGLETON);
|
|
@@ -75,14 +75,14 @@ VALUE contrast_register_singleton_patch(const char *module_name,
|
|
|
75
75
|
|
|
76
76
|
VALUE contrast_register_singleton_prepend_patch(
|
|
77
77
|
const char *module_name, const char *method_name,
|
|
78
|
-
VALUE(c_fn)(const int,
|
|
78
|
+
VALUE(c_fn)(const int, VALUE *, const VALUE)) {
|
|
79
79
|
return _contrast_register_patch(module_name, method_name, c_fn,
|
|
80
80
|
IMPL_PREPEND);
|
|
81
81
|
}
|
|
82
82
|
|
|
83
83
|
static VALUE
|
|
84
84
|
_contrast_register_patch(const char *module_name, const char *method_name,
|
|
85
|
-
VALUE(c_fn)(const int,
|
|
85
|
+
VALUE(c_fn)(const int, VALUE *, const VALUE),
|
|
86
86
|
patch_impl patch) {
|
|
87
87
|
VALUE contrast_bind_module = rb_funcall(rb_cModule, rb_intern("new"), 0);
|
|
88
88
|
VALUE unbound_method = Qnil;
|
data/ext/cs__common/cs__common.h
CHANGED
|
@@ -38,21 +38,21 @@ void contrast_alias_method(const VALUE target, const char *to,
|
|
|
38
38
|
const char *from);
|
|
39
39
|
|
|
40
40
|
VALUE contrast_register_patch(const char *module_name, const char *method_name,
|
|
41
|
-
VALUE(c_fn)(const int,
|
|
41
|
+
VALUE(c_fn)(const int, VALUE *,
|
|
42
42
|
const VALUE));
|
|
43
43
|
|
|
44
44
|
VALUE contrast_register_singleton_patch(const char *module_name,
|
|
45
45
|
const char *method_name,
|
|
46
|
-
VALUE(c_fn)(const int,
|
|
46
|
+
VALUE(c_fn)(const int, VALUE *,
|
|
47
47
|
const VALUE));
|
|
48
48
|
|
|
49
49
|
VALUE contrast_register_singleton_prepend_patch(
|
|
50
50
|
const char *module_name, const char *method_name,
|
|
51
|
-
VALUE(c_fn)(const int,
|
|
51
|
+
VALUE(c_fn)(const int, VALUE *, const VALUE));
|
|
52
52
|
|
|
53
53
|
static VALUE
|
|
54
54
|
_contrast_register_patch(const char *module_name, const char *method_name,
|
|
55
|
-
VALUE(c_fn)(const int,
|
|
55
|
+
VALUE(c_fn)(const int, VALUE *, const VALUE),
|
|
56
56
|
patch_impl patch_impl);
|
|
57
57
|
|
|
58
58
|
VALUE contrast_patcher();
|
data/ext/cs__common/extconf.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'mkmf'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* Copyright (c)
|
|
1
|
+
/* Copyright (c) 2021 Contrast Security, Inc. See
|
|
2
2
|
* https://www.contrastsecurity.com/enduser-terms-0317a for more details. */
|
|
3
3
|
|
|
4
4
|
#include "cs__contrast_patch.h"
|
|
@@ -38,12 +38,21 @@ VALUE contrast_patch_call_original(const VALUE *args) {
|
|
|
38
38
|
* change Ruby method scope (always call this function from C, not Ruby),
|
|
39
39
|
* which is the point of this C call.
|
|
40
40
|
*/
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
41
|
+
/* Ruby >= 2.7 */
|
|
42
|
+
#ifdef RB_PASS_CALLED_KEYWORDS
|
|
43
|
+
if (rb_block_given_p()) {
|
|
44
|
+
return rb_funcall_with_block_kw(object, method_id, argc, params, rb_block_proc(), RB_PASS_CALLED_KEYWORDS);
|
|
45
|
+
} else {
|
|
46
|
+
return rb_funcallv_kw(object, method_id, argc, params, RB_PASS_CALLED_KEYWORDS);
|
|
47
|
+
}
|
|
48
|
+
/* Ruby < 2.7 */
|
|
49
|
+
#else
|
|
50
|
+
if (rb_block_given_p()) {
|
|
51
|
+
return rb_funcall_with_block(object, method_id, argc, params, rb_block_proc());
|
|
52
|
+
} else {
|
|
53
|
+
return rb_funcall2(object, method_id, argc, params);
|
|
54
|
+
}
|
|
55
|
+
#endif
|
|
47
56
|
}
|
|
48
57
|
|
|
49
58
|
VALUE contrast_call_pre_patch(const VALUE method_policy, const VALUE method,
|
|
@@ -110,8 +119,7 @@ VALUE contrast_call_super(const VALUE *args) {
|
|
|
110
119
|
}
|
|
111
120
|
|
|
112
121
|
VALUE contrast_run_patches(const VALUE *wrapped_args) {
|
|
113
|
-
VALUE impl, method, method_policy, object, original_args, original_ret,
|
|
114
|
-
preshift, transformed_ret;
|
|
122
|
+
VALUE impl, method, method_policy, object, original_args, original_ret, preshift, transformed_ret;
|
|
115
123
|
int argc;
|
|
116
124
|
VALUE *argv;
|
|
117
125
|
VALUE rescue_args[6];
|
|
@@ -266,14 +274,6 @@ VALUE contrast_patch_dispatch(const int argc, const VALUE *argv,
|
|
|
266
274
|
} else if (!RTEST(method_policy)) {
|
|
267
275
|
/* nothing to be done without a method policy */
|
|
268
276
|
do_contrast = 0;
|
|
269
|
-
} else if (!RTEST(rb_funcall(contrast_patcher(), rb_sym_in_request_context,
|
|
270
|
-
0))) {
|
|
271
|
-
/* (RUBY-290, checking for a request_context is to be deprecated)
|
|
272
|
-
* if we're not within a request context, don't analyze (by fiat)
|
|
273
|
-
* We reset scope at the end of request contexts right now, don't remove
|
|
274
|
-
* this check without also handling that code.
|
|
275
|
-
*/
|
|
276
|
-
do_contrast = 0;
|
|
277
277
|
}
|
|
278
278
|
|
|
279
279
|
original_args[0] = INT2NUM(argc);
|
|
@@ -311,14 +311,14 @@ VALUE contrast_patch_dispatch(const int argc, const VALUE *argv,
|
|
|
311
311
|
wrapped_args[5] = INT2NUM(argc);
|
|
312
312
|
wrapped_args[6] = (VALUE)argv;
|
|
313
313
|
|
|
314
|
-
return rb_ensure(contrast_run_patches, (VALUE)wrapped_args,
|
|
315
|
-
contrast_ensure_function, method_policy);
|
|
314
|
+
return rb_ensure(contrast_run_patches, (VALUE)wrapped_args, contrast_ensure_function, method_policy);
|
|
316
315
|
|
|
317
316
|
call_original:
|
|
318
317
|
|
|
319
318
|
/* exit scope */
|
|
320
319
|
contrast_ensure_function(method_policy);
|
|
321
320
|
|
|
321
|
+
|
|
322
322
|
switch (impl) {
|
|
323
323
|
case IMPL_ALIAS_INSTANCE:
|
|
324
324
|
case IMPL_ALIAS_SINGLETON:
|
|
@@ -343,13 +343,10 @@ VALUE contrast_prepend_patch(const int argc, const VALUE *argv,
|
|
|
343
343
|
return contrast_patch_dispatch(argc, argv, IMPL_PREPEND, object);
|
|
344
344
|
}
|
|
345
345
|
|
|
346
|
-
VALUE contrast_patch_define_method(const VALUE self, const VALUE clazz,
|
|
347
|
-
const VALUE method_policy,
|
|
346
|
+
VALUE contrast_patch_define_method(const VALUE self, const VALUE clazz, const VALUE method_policy,
|
|
348
347
|
const VALUE cs_method) {
|
|
349
|
-
const VALUE original_method_name =
|
|
350
|
-
|
|
351
|
-
const VALUE is_instance_method =
|
|
352
|
-
rb_funcall(method_policy, rb_sym_instance_method, 0);
|
|
348
|
+
const VALUE original_method_name = rb_funcall(method_policy, rb_sym_method_name, 0);
|
|
349
|
+
const VALUE is_instance_method = rb_funcall(method_policy, rb_sym_instance_method, 0);
|
|
353
350
|
char *cStr;
|
|
354
351
|
VALUE str;
|
|
355
352
|
rb_funcall(patch_status, rb_sym_set_info_for, 5, clazz,
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
data/ext/extconf_common.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'mkmf'
|