contrast-agent 4.14.1 → 5.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.simplecov +1 -1
- data/Gemfile +1 -1
- data/LICENSE.txt +1 -1
- data/Rakefile +1 -1
- data/exe/contrast_service +1 -1
- data/ext/build_funchook.rb +1 -1
- data/ext/cs__assess_array/cs__assess_array.c +1 -1
- data/ext/cs__assess_array/extconf.rb +1 -1
- data/ext/cs__assess_basic_object/cs__assess_basic_object.c +1 -1
- data/ext/cs__assess_basic_object/extconf.rb +1 -1
- data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +1 -1
- data/ext/cs__assess_fiber_track/extconf.rb +1 -1
- data/ext/cs__assess_hash/cs__assess_hash.c +1 -1
- data/ext/cs__assess_hash/extconf.rb +1 -1
- data/ext/cs__assess_kernel/cs__assess_kernel.c +1 -1
- data/ext/cs__assess_kernel/extconf.rb +1 -1
- data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +1 -1
- data/ext/cs__assess_marshal_module/extconf.rb +1 -1
- data/ext/cs__assess_module/cs__assess_module.c +1 -1
- data/ext/cs__assess_module/extconf.rb +1 -1
- data/ext/cs__assess_regexp/cs__assess_regexp.c +1 -1
- data/ext/cs__assess_regexp/extconf.rb +1 -1
- data/ext/cs__assess_string/cs__assess_string.c +1 -1
- data/ext/cs__assess_string/extconf.rb +1 -1
- data/ext/cs__assess_string_interpolation26/cs__assess_string_interpolation26.c +1 -1
- data/ext/cs__assess_string_interpolation26/extconf.rb +1 -1
- data/ext/cs__assess_yield_track/cs__assess_yield_track.c +1 -1
- data/ext/cs__assess_yield_track/extconf.rb +1 -1
- data/ext/cs__common/cs__common.c +1 -1
- data/ext/cs__common/extconf.rb +1 -1
- data/ext/cs__contrast_patch/cs__contrast_patch.c +1 -1
- data/ext/cs__contrast_patch/extconf.rb +1 -1
- data/ext/cs__os_information/cs__os_information.c +1 -1
- data/ext/cs__os_information/extconf.rb +1 -1
- data/ext/extconf_common.rb +1 -1
- data/lib/contrast/agent/assess/contrast_event.rb +7 -11
- data/lib/contrast/agent/assess/contrast_object.rb +1 -1
- data/lib/contrast/agent/assess/events/event_data.rb +30 -0
- data/lib/contrast/agent/assess/events/event_factory.rb +14 -6
- data/lib/contrast/agent/assess/events/source_event.rb +22 -3
- data/lib/contrast/agent/assess/finalizers/freeze.rb +1 -1
- data/lib/contrast/agent/assess/finalizers/hash.rb +1 -1
- data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +7 -7
- data/lib/contrast/agent/assess/policy/patcher.rb +1 -35
- data/lib/contrast/agent/assess/policy/policy.rb +1 -1
- data/lib/contrast/agent/assess/policy/policy_node.rb +2 -2
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +1 -1
- data/lib/contrast/agent/assess/policy/preshift.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagation_method.rb +55 -28
- data/lib/contrast/agent/assess/policy/propagation_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/append.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/base.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/center.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/custom.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/database_write.rb +6 -2
- data/lib/contrast/agent/assess/policy/propagator/insert.rb +5 -2
- data/lib/contrast/agent/assess/policy/propagator/keep.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/match_data.rb +7 -3
- data/lib/contrast/agent/assess/policy/propagator/next.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/prepend.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/rack_protection.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/remove.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/replace.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/reverse.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/select.rb +3 -2
- data/lib/contrast/agent/assess/policy/propagator/splat.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/split.rb +27 -25
- data/lib/contrast/agent/assess/policy/propagator/substitution.rb +3 -5
- data/lib/contrast/agent/assess/policy/propagator/substitution_utils.rb +190 -0
- data/lib/contrast/agent/assess/policy/propagator/trim.rb +9 -4
- data/lib/contrast/agent/assess/policy/propagator.rb +1 -1
- data/lib/contrast/agent/assess/policy/source_method.rb +39 -26
- data/lib/contrast/agent/assess/policy/source_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/source_validation/cross_site_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/source_validation/source_validation.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger/reflected_xss.rb +7 -2
- data/lib/contrast/agent/assess/policy/trigger/xpath.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_method.rb +37 -24
- data/lib/contrast/agent/assess/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/trigger_validation.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +1 -1
- data/lib/contrast/agent/assess/properties.rb +1 -1
- data/lib/contrast/agent/assess/property/evented.rb +25 -12
- data/lib/contrast/agent/assess/property/tagged.rb +1 -1
- data/lib/contrast/agent/assess/property/updated.rb +1 -1
- data/lib/contrast/agent/assess/rule/provider/hardcoded_key.rb +1 -19
- data/lib/contrast/agent/assess/rule/provider/hardcoded_password.rb +1 -13
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +7 -59
- data/lib/contrast/agent/assess/rule/provider.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/autocomplete_rule.rb +130 -0
- data/lib/contrast/agent/assess/rule/response/base_rule.rb +117 -0
- data/lib/contrast/agent/assess/tag.rb +1 -1
- data/lib/contrast/agent/assess/tracker.rb +1 -1
- data/lib/contrast/agent/assess.rb +1 -2
- data/lib/contrast/agent/at_exit_hook.rb +1 -1
- data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +13 -8
- data/lib/contrast/agent/deadzone/policy/policy.rb +1 -1
- data/lib/contrast/agent/disable_reaction.rb +1 -1
- data/lib/contrast/agent/exclusion_matcher.rb +1 -1
- data/lib/contrast/agent/inventory/database_config.rb +115 -77
- data/lib/contrast/agent/inventory/dependencies.rb +1 -1
- data/lib/contrast/agent/inventory/dependency_analysis.rb +1 -1
- data/lib/contrast/agent/inventory/dependency_usage_analysis.rb +3 -3
- data/lib/contrast/agent/inventory/policy/datastores.rb +1 -1
- data/lib/contrast/agent/inventory/policy/policy.rb +1 -1
- data/lib/contrast/agent/inventory/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/inventory.rb +1 -1
- data/lib/contrast/agent/metric_telemetry_event.rb +1 -1
- data/lib/contrast/agent/middleware.rb +3 -2
- data/lib/contrast/agent/module_data.rb +1 -1
- data/lib/contrast/agent/patching/policy/after_load_patch.rb +1 -1
- data/lib/contrast/agent/patching/policy/after_load_patcher.rb +1 -1
- data/lib/contrast/agent/patching/policy/method_policy.rb +28 -15
- data/lib/contrast/agent/patching/policy/method_policy_extend.rb +12 -10
- data/lib/contrast/agent/patching/policy/module_policy.rb +1 -1
- data/lib/contrast/agent/patching/policy/patch.rb +1 -1
- data/lib/contrast/agent/patching/policy/patch_status.rb +2 -26
- data/lib/contrast/agent/patching/policy/patcher.rb +1 -5
- data/lib/contrast/agent/patching/policy/policy.rb +1 -1
- data/lib/contrast/agent/patching/policy/policy_node.rb +1 -1
- data/lib/contrast/agent/patching/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_deserialization_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_sqli_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_xxe_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/policy.rb +1 -1
- data/lib/contrast/agent/protect/policy/rule_applicator.rb +1 -1
- data/lib/contrast/agent/protect/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/protect/rule/base.rb +1 -1
- data/lib/contrast/agent/protect/rule/base_service.rb +1 -1
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +1 -1
- data/lib/contrast/agent/protect/rule/default_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/deserialization.rb +1 -1
- data/lib/contrast/agent/protect/rule/http_method_tampering.rb +1 -1
- data/lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/no_sqli.rb +1 -1
- data/lib/contrast/agent/protect/rule/path_traversal.rb +1 -1
- data/lib/contrast/agent/protect/rule/sql_sample_builder.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb +2 -2
- data/lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli.rb +1 -1
- data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +1 -1
- data/lib/contrast/agent/protect/rule/xss.rb +1 -1
- data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +1 -1
- data/lib/contrast/agent/protect/rule/xxe.rb +1 -1
- data/lib/contrast/agent/protect/rule.rb +1 -1
- data/lib/contrast/agent/reaction_processor.rb +1 -1
- data/lib/contrast/agent/reporting/report.rb +7 -1
- data/lib/contrast/agent/reporting/reporter.rb +21 -48
- data/lib/contrast/agent/reporting/reporting_events/application_inventory.rb +49 -0
- data/lib/contrast/agent/reporting/reporting_events/application_update.rb +82 -0
- data/lib/contrast/agent/reporting/reporting_events/architecture_component.rb +80 -0
- data/lib/contrast/agent/reporting/reporting_events/discovered_route.rb +59 -0
- data/lib/contrast/agent/reporting/reporting_events/finding.rb +138 -43
- data/lib/contrast/agent/reporting/reporting_events/finding_event.rb +264 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_event_source.rb +57 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_object.rb +90 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_request.rb +121 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_signature.rb +105 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_stack.rb +67 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_taint_range.rb +58 -0
- data/lib/contrast/agent/reporting/reporting_events/library_discovery.rb +93 -0
- data/lib/contrast/agent/reporting/reporting_events/library_usage_observation.rb +50 -0
- data/lib/contrast/agent/reporting/reporting_events/observed_library_usage.rb +54 -0
- data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +66 -0
- data/lib/contrast/agent/reporting/reporting_events/preflight.rb +20 -6
- data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +36 -17
- data/lib/contrast/agent/reporting/reporting_events/reporting_event.rb +28 -18
- data/lib/contrast/agent/reporting/reporting_events/route_coverage.rb +76 -0
- data/lib/contrast/agent/reporting/reporting_events/route_discovery.rb +66 -0
- data/lib/contrast/agent/reporting/reporting_events/route_discovery_observation.rb +65 -0
- data/lib/contrast/agent/reporting/reporting_events/server_activity.rb +52 -0
- data/lib/contrast/agent/reporting/reporting_events/trace_event_source.rb +30 -0
- data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +22 -12
- data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb +67 -0
- data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb +165 -0
- data/lib/contrast/agent/reporting/reporting_utilities/headers.rb +55 -0
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +74 -156
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +154 -0
- data/lib/contrast/agent/reporting/reporting_utilities/reporting_storage.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_utilities/response.rb +30 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb +57 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +196 -0
- data/lib/contrast/agent/reporting/settings/application_settings.rb +67 -0
- data/lib/contrast/agent/reporting/settings/assess.rb +45 -0
- data/lib/contrast/agent/reporting/settings/assess_server_feature.rb +136 -0
- data/lib/contrast/agent/reporting/settings/exclusions.rb +123 -0
- data/lib/contrast/agent/reporting/settings/protect.rb +89 -0
- data/lib/contrast/agent/reporting/settings/protect_server_feature.rb +243 -0
- data/lib/contrast/agent/reporting/settings/reaction.rb +30 -0
- data/lib/contrast/agent/reporting/settings/server_features.rb +78 -0
- data/lib/contrast/agent/request.rb +44 -3
- data/lib/contrast/agent/request_context.rb +20 -7
- data/lib/contrast/agent/request_context_extend.rb +26 -1
- data/lib/contrast/agent/request_handler.rb +41 -5
- data/lib/contrast/agent/response.rb +23 -15
- data/lib/contrast/agent/rule_set.rb +1 -1
- data/lib/contrast/agent/scope.rb +1 -1
- data/lib/contrast/agent/service_heartbeat.rb +1 -1
- data/lib/contrast/agent/startup_metrics_telemetry_event.rb +34 -7
- data/lib/contrast/agent/static_analysis.rb +13 -3
- data/lib/contrast/agent/telemetry.rb +1 -1
- data/lib/contrast/agent/telemetry_event.rb +1 -1
- data/lib/contrast/agent/thread.rb +1 -1
- data/lib/contrast/agent/thread_watcher.rb +3 -3
- data/lib/contrast/agent/tracepoint_hook.rb +1 -4
- data/lib/contrast/agent/version.rb +2 -2
- data/lib/contrast/agent/worker_thread.rb +1 -1
- data/lib/contrast/agent.rb +4 -4
- data/lib/contrast/api/communication/connection_status.rb +1 -1
- data/lib/contrast/api/communication/messaging_queue.rb +4 -4
- data/lib/contrast/api/communication/response_processor.rb +9 -5
- data/lib/contrast/api/communication/service_lifecycle.rb +1 -1
- data/lib/contrast/api/communication/socket.rb +1 -1
- data/lib/contrast/api/communication/socket_client.rb +4 -1
- data/lib/contrast/api/communication/speedracer.rb +1 -1
- data/lib/contrast/api/communication/tcp_socket.rb +1 -1
- data/lib/contrast/api/communication/unix_socket.rb +1 -1
- data/lib/contrast/api/communication.rb +1 -1
- data/lib/contrast/api/decorators/address.rb +1 -1
- data/lib/contrast/api/decorators/agent_startup.rb +1 -1
- data/lib/contrast/api/decorators/application_settings.rb +1 -1
- data/lib/contrast/api/decorators/application_startup.rb +1 -1
- data/lib/contrast/api/decorators/application_update.rb +1 -1
- data/lib/contrast/api/decorators/architecture_component.rb +36 -0
- data/lib/contrast/api/decorators/finding.rb +1 -17
- data/lib/contrast/api/decorators/http_request.rb +3 -2
- data/lib/contrast/api/decorators/input_analysis.rb +1 -1
- data/lib/contrast/api/decorators/instrumentation_mode.rb +1 -1
- data/lib/contrast/api/decorators/library.rb +1 -1
- data/lib/contrast/api/decorators/library_usage_update.rb +1 -1
- data/lib/contrast/api/decorators/message.rb +1 -1
- data/lib/contrast/api/decorators/rasp_rule_sample.rb +1 -1
- data/lib/contrast/api/decorators/route_coverage.rb +1 -1
- data/lib/contrast/api/decorators/server_features.rb +1 -1
- data/lib/contrast/api/decorators/trace_event.rb +1 -1
- data/lib/contrast/api/decorators/trace_event_object.rb +1 -1
- data/lib/contrast/api/decorators/trace_event_signature.rb +1 -1
- data/lib/contrast/api/decorators/trace_taint_range.rb +1 -1
- data/lib/contrast/api/decorators/trace_taint_range_tags.rb +1 -1
- data/lib/contrast/api/decorators/user_input.rb +1 -1
- data/lib/contrast/api/decorators.rb +2 -1
- data/lib/contrast/api.rb +1 -1
- data/lib/contrast/components/agent.rb +5 -24
- data/lib/contrast/components/api.rb +18 -9
- data/lib/contrast/components/app_context.rb +2 -1
- data/lib/contrast/components/app_context_extend.rb +1 -1
- data/lib/contrast/components/assess.rb +12 -8
- data/lib/contrast/components/base.rb +1 -1
- data/lib/contrast/components/config.rb +30 -15
- data/lib/contrast/components/contrast_service.rb +1 -1
- data/lib/contrast/components/heap_dump.rb +1 -1
- data/lib/contrast/components/inventory.rb +5 -1
- data/lib/contrast/components/logger.rb +1 -1
- data/lib/contrast/components/protect.rb +6 -2
- data/lib/contrast/components/sampling.rb +1 -1
- data/lib/contrast/components/scope.rb +1 -1
- data/lib/contrast/components/settings.rb +25 -12
- data/lib/contrast/config/agent_configuration.rb +1 -1
- data/lib/contrast/config/api_configuration.rb +2 -2
- data/lib/contrast/config/api_proxy_configuration.rb +1 -1
- data/lib/contrast/config/application_configuration.rb +1 -1
- data/lib/contrast/config/assess_configuration.rb +1 -1
- data/lib/contrast/config/assess_rules_configuration.rb +1 -1
- data/lib/contrast/config/base_configuration.rb +1 -1
- data/lib/contrast/config/certification_configuration.rb +1 -1
- data/lib/contrast/config/env_variables.rb +1 -1
- data/lib/contrast/config/exception_configuration.rb +1 -1
- data/lib/contrast/config/heap_dump_configuration.rb +1 -1
- data/lib/contrast/config/inventory_configuration.rb +1 -1
- data/lib/contrast/config/logger_configuration.rb +1 -1
- data/lib/contrast/config/protect_configuration.rb +1 -1
- data/lib/contrast/config/protect_rule_configuration.rb +1 -1
- data/lib/contrast/config/protect_rules_configuration.rb +1 -1
- data/lib/contrast/config/request_audit_configuration.rb +1 -1
- data/lib/contrast/config/root_configuration.rb +1 -1
- data/lib/contrast/config/ruby_configuration.rb +4 -1
- data/lib/contrast/config/sampling_configuration.rb +1 -1
- data/lib/contrast/config/server_configuration.rb +1 -1
- data/lib/contrast/config/service_configuration.rb +1 -1
- data/lib/contrast/config.rb +1 -1
- data/lib/contrast/configuration.rb +1 -1
- data/lib/contrast/extension/assess/array.rb +4 -2
- data/lib/contrast/extension/assess/erb.rb +15 -5
- data/lib/contrast/extension/assess/eval_trigger.rb +3 -1
- data/lib/contrast/extension/assess/exec_trigger.rb +2 -1
- data/lib/contrast/extension/assess/fiber.rb +6 -3
- data/lib/contrast/extension/assess/hash.rb +1 -1
- data/lib/contrast/extension/assess/kernel.rb +8 -3
- data/lib/contrast/extension/assess/marshal.rb +6 -2
- data/lib/contrast/extension/assess/regexp.rb +8 -2
- data/lib/contrast/extension/assess/string.rb +8 -2
- data/lib/contrast/extension/assess.rb +1 -1
- data/lib/contrast/extension/delegator.rb +1 -1
- data/lib/contrast/extension/extension.rb +2 -4
- data/lib/contrast/extension/inventory.rb +1 -1
- data/lib/contrast/extension/kernel.rb +1 -1
- data/lib/contrast/extension/module.rb +1 -1
- data/lib/contrast/extension/protect/psych.rb +1 -1
- data/lib/contrast/extension/protect.rb +1 -1
- data/lib/contrast/extension/thread.rb +1 -1
- data/lib/contrast/framework/base_support.rb +5 -1
- data/lib/contrast/framework/grape/support.rb +25 -1
- data/lib/contrast/framework/manager.rb +26 -5
- data/lib/contrast/framework/manager_extend.rb +1 -1
- data/lib/contrast/framework/platform_version.rb +1 -1
- data/lib/contrast/framework/rack/patch/session_cookie.rb +1 -1
- data/lib/contrast/framework/rack/patch/support.rb +1 -1
- data/lib/contrast/framework/rack/support.rb +1 -1
- data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +1 -1
- data/lib/contrast/framework/rails/patch/assess_configuration.rb +1 -1
- data/lib/contrast/framework/rails/patch/rails_application_configuration.rb +1 -1
- data/lib/contrast/framework/rails/patch/support.rb +1 -1
- data/lib/contrast/framework/rails/railtie.rb +1 -1
- data/lib/contrast/framework/rails/support.rb +46 -2
- data/lib/contrast/framework/sinatra/support.rb +24 -2
- data/lib/contrast/funchook/funchook.rb +21 -18
- data/lib/contrast/logger/application.rb +1 -1
- data/lib/contrast/logger/format.rb +1 -1
- data/lib/contrast/logger/log.rb +1 -1
- data/lib/contrast/logger/request.rb +1 -1
- data/lib/contrast/logger/time.rb +1 -1
- data/lib/contrast/security_exception.rb +1 -1
- data/lib/contrast/tasks/config.rb +1 -1
- data/lib/contrast/tasks/service.rb +1 -1
- data/lib/contrast/utils/assess/propagation_method_utils.rb +1 -1
- data/lib/contrast/utils/assess/property/tagged_utils.rb +1 -1
- data/lib/contrast/utils/assess/sampling_util.rb +4 -4
- data/lib/contrast/utils/assess/source_method_utils.rb +1 -1
- data/lib/contrast/utils/assess/split_utils.rb +23 -0
- data/lib/contrast/utils/assess/tracking_util.rb +1 -1
- data/lib/contrast/utils/assess/trigger_method_utils.rb +3 -2
- data/lib/contrast/utils/class_util.rb +1 -1
- data/lib/contrast/utils/duck_utils.rb +1 -1
- data/lib/contrast/utils/env_configuration_item.rb +2 -2
- data/lib/contrast/utils/exclude_key.rb +1 -1
- data/lib/contrast/utils/findings.rb +5 -2
- data/lib/contrast/utils/hash_digest.rb +36 -6
- data/lib/contrast/utils/hash_digest_extend.rb +44 -1
- data/lib/contrast/utils/head_dump_utils_extend.rb +1 -1
- data/lib/contrast/utils/heap_dump_util.rb +1 -1
- data/lib/contrast/utils/invalid_configuration_util.rb +6 -5
- data/lib/contrast/utils/io_util.rb +1 -1
- data/lib/contrast/utils/job_servers_running.rb +1 -1
- data/lib/contrast/utils/log_utils.rb +1 -1
- data/lib/contrast/utils/lru_cache.rb +1 -1
- data/lib/contrast/utils/metrics_hash.rb +2 -2
- data/lib/contrast/utils/middleware_utils.rb +1 -1
- data/lib/contrast/utils/net_http_base.rb +14 -7
- data/lib/contrast/utils/object_share.rb +1 -6
- data/lib/contrast/utils/os.rb +9 -5
- data/lib/contrast/utils/patching/policy/patch_utils.rb +63 -99
- data/lib/contrast/utils/patching/policy/patcher_utils.rb +1 -1
- data/lib/contrast/utils/preflight_util.rb +1 -1
- data/lib/contrast/utils/request_utils.rb +9 -1
- data/lib/contrast/utils/resource_loader.rb +1 -1
- data/lib/contrast/utils/response_utils.rb +1 -1
- data/lib/contrast/utils/sha256_builder.rb +1 -1
- data/lib/contrast/utils/stack_trace_utils.rb +1 -1
- data/lib/contrast/utils/string_utils.rb +69 -67
- data/lib/contrast/utils/tag_util.rb +2 -1
- data/lib/contrast/utils/telemetry.rb +1 -1
- data/lib/contrast/utils/telemetry_client.rb +1 -1
- data/lib/contrast/utils/telemetry_identifier.rb +1 -1
- data/lib/contrast/utils/thread_tracker.rb +1 -1
- data/lib/contrast/utils/timer.rb +1 -1
- data/lib/contrast-agent.rb +1 -1
- data/lib/contrast.rb +1 -1
- data/ruby-agent.gemspec +4 -5
- metadata +58 -30
- data/ext/cs__assess_active_record_named/cs__active_record_named.c +0 -46
- data/ext/cs__assess_active_record_named/cs__active_record_named.h +0 -11
- data/ext/cs__assess_active_record_named/extconf.rb +0 -5
- data/lib/contrast/agent/assess/policy/rewriter_patch.rb +0 -95
- data/lib/contrast/agent/class_reopener.rb +0 -258
- data/lib/contrast/agent/rewriter.rb +0 -259
- data/lib/contrast/framework/rails/rewrite/action_controller_railties_helper_inherited.rb +0 -37
- data/lib/contrast/framework/rails/rewrite/active_record_attribute_methods_read.rb +0 -41
- data/lib/contrast/framework/rails/rewrite/active_record_named.rb +0 -75
- data/lib/contrast/framework/rails/rewrite/active_record_time_zone_inherited.rb +0 -35
- data/lib/contrast/utils/ruby_ast_rewriter.rb +0 -82
- data/lib/contrast/utils/substitution_utils.rb +0 -167
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4976ba07d49361d91d44561f93031bfbe6b0aaff32921c62c8a6841e1e9581ad
|
|
4
|
+
data.tar.gz: 510081d49ac928d43cd2f97ab310b6f6dcd122c1227e52d35c40f6ff5f423723
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e1dff81a71f5162d2f217ef061ae060b77d825a85fc0666e667b845e62f5e209b8d409bb2fe554af774f904d3586461a35c264fedb5c63c4f1d9a1130c7ed0c0
|
|
7
|
+
data.tar.gz: '013393f427c6539d164f7f647d2b8635ef4c7093e8dbd517631c03ae2ad3a5b7e8529bce82e80cea5f5c3ad630c537abd7114f98042f01b4977059ebb5ad1aaf'
|
data/.simplecov
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
SimpleCov.minimum_coverage line: 94.75
|
data/Gemfile
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
source 'https://rubygems.org'
|
data/LICENSE.txt
CHANGED
data/Rakefile
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$stdout.sync = true
|
data/exe/contrast_service
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
|
-
# Copyright (c)
|
|
2
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
3
3
|
# frozen_string_literal: true
|
|
4
4
|
|
|
5
5
|
def mac?
|
data/ext/build_funchook.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'fileutils'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
data/ext/cs__common/cs__common.c
CHANGED
data/ext/cs__common/extconf.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'mkmf'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
data/ext/extconf_common.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'mkmf'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/utils/assess/tracking_util'
|
|
@@ -42,21 +42,17 @@ module Contrast
|
|
|
42
42
|
end
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
-
# @param
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
# @param ret [Object] the Return of the invoked method
|
|
49
|
-
# @param args [Array<Object>] the Arguments with which the method was invoked
|
|
50
|
-
def initialize policy_node, tagged, object, ret, args
|
|
51
|
-
@policy_node = policy_node
|
|
45
|
+
# @param event_data [Contrast::Agent::Assess::Events::EventData]
|
|
46
|
+
def initialize event_data
|
|
47
|
+
@policy_node = event_data.policy_node
|
|
52
48
|
@time = Contrast::Utils::Timer.now_ms
|
|
53
49
|
@thread = Thread.current.object_id
|
|
54
50
|
|
|
55
51
|
# These methods rely on the above being set. Don't move them!
|
|
56
52
|
@event_id = Contrast::Agent::Assess::ContrastEvent.next_atomic_id
|
|
57
|
-
@tags = Contrast::Agent::Assess::Tracker.properties(tagged)&.get_tags
|
|
58
|
-
find_parent_events!(policy_node, object, ret, args)
|
|
59
|
-
snapshot!(object, ret, args)
|
|
53
|
+
@tags = Contrast::Agent::Assess::Tracker.properties(event_data.tagged)&.get_tags
|
|
54
|
+
find_parent_events!(event_data.policy_node, event_data.object, event_data.ret, event_data.args)
|
|
55
|
+
snapshot!(event_data.object, event_data.ret, event_data.args)
|
|
60
56
|
capture_stacktrace!
|
|
61
57
|
end
|
|
62
58
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/utils/class_util'
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
module Contrast
|
|
5
|
+
module Agent
|
|
6
|
+
module Assess
|
|
7
|
+
module Events
|
|
8
|
+
# this class will gather and build event
|
|
9
|
+
class EventData
|
|
10
|
+
attr_reader :policy_node, :tagged, :object, :ret, :args
|
|
11
|
+
|
|
12
|
+
# Group event data together
|
|
13
|
+
#
|
|
14
|
+
# @param policy_node [Contrast::Agent::Assess::Policy::PolicyNode, nil] the node that governs this event
|
|
15
|
+
# @param tagged [Object, nil] the Target to which this event pertains
|
|
16
|
+
# @param object [Object, nil] the Object on which the method was invoked
|
|
17
|
+
# @param ret [Object, nil] the Return of the invoked method
|
|
18
|
+
# @param args [Array<Object>, nil] the Arguments with which the method was invoked
|
|
19
|
+
def initialize policy_node, tagged, object, ret, args
|
|
20
|
+
@policy_node = policy_node
|
|
21
|
+
@tagged = tagged
|
|
22
|
+
@object = object
|
|
23
|
+
@ret = ret
|
|
24
|
+
@args = args
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/assess/contrast_event'
|
|
5
5
|
require 'contrast/agent/assess/events/source_event'
|
|
6
|
+
require 'contrast/agent/assess/events/event_data'
|
|
6
7
|
|
|
7
8
|
module Contrast
|
|
8
9
|
module Agent
|
|
@@ -10,13 +11,20 @@ module Contrast
|
|
|
10
11
|
module Events
|
|
11
12
|
# This module returns the event type appropriate to the given Node
|
|
12
13
|
module EventFactory
|
|
13
|
-
|
|
14
|
-
|
|
14
|
+
# This method returns the event type appropriate to the given Node
|
|
15
|
+
#
|
|
16
|
+
# @param event_data [Contrast::Agent::Assess::Events::EventData]
|
|
17
|
+
# @param source_type [String] the type of this source, from the
|
|
18
|
+
# source_node, or a KEY_TYPE if invoked for a map,
|
|
19
|
+
# @param source_name [String, nil] the name of this source, i.e.
|
|
20
|
+
# the key used to accessed if from a map or nil if a type like,
|
|
21
|
+
# @return [Contrast::Agent::Assess::Events::SourceEvent, Contrast::Agent::Assess::ContrastEvent]
|
|
22
|
+
def self.build event_data, source_type = nil, source_name = nil
|
|
23
|
+
case event_data.policy_node
|
|
15
24
|
when Contrast::Agent::Assess::Policy::SourceNode
|
|
16
|
-
Contrast::Agent::Assess::Events::SourceEvent.new(
|
|
17
|
-
source_name)
|
|
25
|
+
Contrast::Agent::Assess::Events::SourceEvent.new(event_data, source_type, source_name)
|
|
18
26
|
when Contrast::Agent::Assess::Policy::PolicyNode
|
|
19
|
-
Contrast::Agent::Assess::ContrastEvent.new(
|
|
27
|
+
Contrast::Agent::Assess::ContrastEvent.new(event_data)
|
|
20
28
|
end
|
|
21
29
|
end
|
|
22
30
|
end
|
|
@@ -1,7 +1,8 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/assess/contrast_event'
|
|
5
|
+
require 'contrast/agent/reporting/reporting_events/trace_event_source'
|
|
5
6
|
require 'contrast/utils/string_utils'
|
|
6
7
|
|
|
7
8
|
module Contrast
|
|
@@ -19,8 +20,13 @@ module Contrast
|
|
|
19
20
|
class SourceEvent < Contrast::Agent::Assess::ContrastEvent
|
|
20
21
|
attr_reader :request, :source_name, :source_type
|
|
21
22
|
|
|
22
|
-
|
|
23
|
-
|
|
23
|
+
# @param event_data [Contrast::Agent::Assess::Events::EventData]
|
|
24
|
+
# @param source_type [String] the type of this source, from the
|
|
25
|
+
# source_node, or a KEY_TYPE if invoked for a map,
|
|
26
|
+
# @param source_name [String, nil] the name of this source, i.e.
|
|
27
|
+
# the key used to accessed if from a map or nil if a type like,
|
|
28
|
+
def initialize event_data, source_type = nil, source_name = nil
|
|
29
|
+
super(event_data)
|
|
24
30
|
@source_type = source_type
|
|
25
31
|
@source_name = source_name
|
|
26
32
|
@request = Contrast::Agent::REQUEST_TRACKER.current&.request
|
|
@@ -61,6 +67,19 @@ module Contrast
|
|
|
61
67
|
dtm
|
|
62
68
|
end
|
|
63
69
|
|
|
70
|
+
# Probably only for source events, but we'll go
|
|
71
|
+
# with source_type instead. java & .net support source_type
|
|
72
|
+
# in propagation events, so we'll future proof this
|
|
73
|
+
def build_event_source
|
|
74
|
+
# You can have a source w/o a name, but not w/o a type
|
|
75
|
+
return unless source_type
|
|
76
|
+
|
|
77
|
+
trace_event_source = Contrast::Agent::Reporting::TraceEventSource.new
|
|
78
|
+
trace_event_source.type = forced_source_type
|
|
79
|
+
trace_event_source.name = forced_source_name
|
|
80
|
+
trace_event_source
|
|
81
|
+
end
|
|
82
|
+
|
|
64
83
|
# We have to do a little work to figure out what our TS appropriate
|
|
65
84
|
# target is. To break this down, the logic is as follows:
|
|
66
85
|
# 1) I'll set the event's source and target to TS values.
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/assess/tracker'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/utils/duck_utils'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/patching/policy/method_policy'
|
|
@@ -90,12 +90,12 @@ module Contrast
|
|
|
90
90
|
# @return [Contrast::Agent::Patching::Policy::MethodPolicy] the
|
|
91
91
|
# policy to apply to the given method
|
|
92
92
|
def build_source_policy method_name, dynamic_source_node
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
93
|
+
Contrast::Agent::Patching::Policy::MethodPolicy.new({
|
|
94
|
+
method_visibility: :public,
|
|
95
|
+
instance_method: true,
|
|
96
|
+
method_name: method_name,
|
|
97
|
+
source_node: dynamic_source_node
|
|
98
|
+
})
|
|
99
99
|
end
|
|
100
100
|
|
|
101
101
|
# @param request [Contrast::Agent::Request] the request during
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/assess/policy/policy'
|
|
@@ -42,40 +42,6 @@ module Contrast
|
|
|
42
42
|
rescue StandardError => e
|
|
43
43
|
logger.warn('Unable to patch assess during eval', e, module: mod.cs__name)
|
|
44
44
|
end
|
|
45
|
-
|
|
46
|
-
# Exposed so that methods can be dynamically patched on creation at
|
|
47
|
-
# runtime, like those generated by
|
|
48
|
-
# ActiveRecord::AttributeMethods::Read::ClassMethods#define_method_attribute
|
|
49
|
-
CLASS_TYPES = [Contrast::Utils::ObjectShare::CLASS, Contrast::Utils::ObjectShare::MODULE].cs__freeze
|
|
50
|
-
def patch_assess_method mod, method_name
|
|
51
|
-
# Module.define_method is called a lot in Class and Module. We
|
|
52
|
-
# currently do not expect these define_methods to result in methods
|
|
53
|
-
# that require patching, so for the sake of performance, we're going
|
|
54
|
-
# to skip evaluating them
|
|
55
|
-
mod = mod.cs__class unless mod.cs__is_a?(Module)
|
|
56
|
-
class_name = mod.cs__class
|
|
57
|
-
return if CLASS_TYPES.include?(class_name)
|
|
58
|
-
return unless ASSESS.enabled?
|
|
59
|
-
|
|
60
|
-
source_nodes = Contrast::Agent::Patching::Policy::ModulePolicy.nodes_for_module(policy.sources,
|
|
61
|
-
class_name)
|
|
62
|
-
return if source_nodes.empty?
|
|
63
|
-
|
|
64
|
-
method_array = []
|
|
65
|
-
method_array << method_name
|
|
66
|
-
source_nodes.each do |source_node|
|
|
67
|
-
next unless source_node.method_name.to_s == method_name
|
|
68
|
-
|
|
69
|
-
method_policy =
|
|
70
|
-
Contrast::Agent::Patching::Policy::MethodPolicy.new(source_node: source_node,
|
|
71
|
-
method_name: source_node.method_name,
|
|
72
|
-
method_visibility: source_node.method_visibility,
|
|
73
|
-
instance_method: true)
|
|
74
|
-
patcher.patch_method(mod, method_array, method_policy)
|
|
75
|
-
end
|
|
76
|
-
rescue StandardError => e
|
|
77
|
-
logger.warn('Unable to patch assess during define_method_attribute', e, module: mod.cs__name)
|
|
78
|
-
end
|
|
79
45
|
end
|
|
80
46
|
end
|
|
81
47
|
end
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'json'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/patching/policy/policy_node'
|
|
@@ -141,7 +141,7 @@ module Contrast
|
|
|
141
141
|
|
|
142
142
|
t
|
|
143
143
|
else
|
|
144
|
-
Integer(t[1
|
|
144
|
+
Integer(t[1..])
|
|
145
145
|
end
|
|
146
146
|
end
|
|
147
147
|
converted
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/utils/object_share'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/components/logger'
|