contrast-agent 4.14.1 → 5.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.simplecov +1 -1
- data/Gemfile +1 -1
- data/LICENSE.txt +1 -1
- data/Rakefile +1 -1
- data/exe/contrast_service +1 -1
- data/ext/build_funchook.rb +1 -1
- data/ext/cs__assess_array/cs__assess_array.c +1 -1
- data/ext/cs__assess_array/extconf.rb +1 -1
- data/ext/cs__assess_basic_object/cs__assess_basic_object.c +1 -1
- data/ext/cs__assess_basic_object/extconf.rb +1 -1
- data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +1 -1
- data/ext/cs__assess_fiber_track/extconf.rb +1 -1
- data/ext/cs__assess_hash/cs__assess_hash.c +1 -1
- data/ext/cs__assess_hash/extconf.rb +1 -1
- data/ext/cs__assess_kernel/cs__assess_kernel.c +1 -1
- data/ext/cs__assess_kernel/extconf.rb +1 -1
- data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +1 -1
- data/ext/cs__assess_marshal_module/extconf.rb +1 -1
- data/ext/cs__assess_module/cs__assess_module.c +1 -1
- data/ext/cs__assess_module/extconf.rb +1 -1
- data/ext/cs__assess_regexp/cs__assess_regexp.c +1 -1
- data/ext/cs__assess_regexp/extconf.rb +1 -1
- data/ext/cs__assess_string/cs__assess_string.c +1 -1
- data/ext/cs__assess_string/extconf.rb +1 -1
- data/ext/cs__assess_string_interpolation26/cs__assess_string_interpolation26.c +1 -1
- data/ext/cs__assess_string_interpolation26/extconf.rb +1 -1
- data/ext/cs__assess_yield_track/cs__assess_yield_track.c +1 -1
- data/ext/cs__assess_yield_track/extconf.rb +1 -1
- data/ext/cs__common/cs__common.c +1 -1
- data/ext/cs__common/extconf.rb +1 -1
- data/ext/cs__contrast_patch/cs__contrast_patch.c +1 -1
- data/ext/cs__contrast_patch/extconf.rb +1 -1
- data/ext/cs__os_information/cs__os_information.c +1 -1
- data/ext/cs__os_information/extconf.rb +1 -1
- data/ext/extconf_common.rb +1 -1
- data/lib/contrast/agent/assess/contrast_event.rb +7 -11
- data/lib/contrast/agent/assess/contrast_object.rb +1 -1
- data/lib/contrast/agent/assess/events/event_data.rb +30 -0
- data/lib/contrast/agent/assess/events/event_factory.rb +14 -6
- data/lib/contrast/agent/assess/events/source_event.rb +22 -3
- data/lib/contrast/agent/assess/finalizers/freeze.rb +1 -1
- data/lib/contrast/agent/assess/finalizers/hash.rb +1 -1
- data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +7 -7
- data/lib/contrast/agent/assess/policy/patcher.rb +1 -35
- data/lib/contrast/agent/assess/policy/policy.rb +1 -1
- data/lib/contrast/agent/assess/policy/policy_node.rb +2 -2
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +1 -1
- data/lib/contrast/agent/assess/policy/preshift.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagation_method.rb +55 -28
- data/lib/contrast/agent/assess/policy/propagation_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/append.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/base.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/center.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/custom.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/database_write.rb +6 -2
- data/lib/contrast/agent/assess/policy/propagator/insert.rb +5 -2
- data/lib/contrast/agent/assess/policy/propagator/keep.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/match_data.rb +7 -3
- data/lib/contrast/agent/assess/policy/propagator/next.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/prepend.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/rack_protection.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/remove.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/replace.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/reverse.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/select.rb +3 -2
- data/lib/contrast/agent/assess/policy/propagator/splat.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/split.rb +27 -25
- data/lib/contrast/agent/assess/policy/propagator/substitution.rb +3 -5
- data/lib/contrast/agent/assess/policy/propagator/substitution_utils.rb +190 -0
- data/lib/contrast/agent/assess/policy/propagator/trim.rb +9 -4
- data/lib/contrast/agent/assess/policy/propagator.rb +1 -1
- data/lib/contrast/agent/assess/policy/source_method.rb +39 -26
- data/lib/contrast/agent/assess/policy/source_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/source_validation/cross_site_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/source_validation/source_validation.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger/reflected_xss.rb +7 -2
- data/lib/contrast/agent/assess/policy/trigger/xpath.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_method.rb +37 -24
- data/lib/contrast/agent/assess/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/trigger_validation.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +1 -1
- data/lib/contrast/agent/assess/properties.rb +1 -1
- data/lib/contrast/agent/assess/property/evented.rb +25 -12
- data/lib/contrast/agent/assess/property/tagged.rb +1 -1
- data/lib/contrast/agent/assess/property/updated.rb +1 -1
- data/lib/contrast/agent/assess/rule/provider/hardcoded_key.rb +1 -19
- data/lib/contrast/agent/assess/rule/provider/hardcoded_password.rb +1 -13
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +7 -59
- data/lib/contrast/agent/assess/rule/provider.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/autocomplete_rule.rb +130 -0
- data/lib/contrast/agent/assess/rule/response/base_rule.rb +117 -0
- data/lib/contrast/agent/assess/tag.rb +1 -1
- data/lib/contrast/agent/assess/tracker.rb +1 -1
- data/lib/contrast/agent/assess.rb +1 -2
- data/lib/contrast/agent/at_exit_hook.rb +1 -1
- data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +13 -8
- data/lib/contrast/agent/deadzone/policy/policy.rb +1 -1
- data/lib/contrast/agent/disable_reaction.rb +1 -1
- data/lib/contrast/agent/exclusion_matcher.rb +1 -1
- data/lib/contrast/agent/inventory/database_config.rb +115 -77
- data/lib/contrast/agent/inventory/dependencies.rb +1 -1
- data/lib/contrast/agent/inventory/dependency_analysis.rb +1 -1
- data/lib/contrast/agent/inventory/dependency_usage_analysis.rb +3 -3
- data/lib/contrast/agent/inventory/policy/datastores.rb +1 -1
- data/lib/contrast/agent/inventory/policy/policy.rb +1 -1
- data/lib/contrast/agent/inventory/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/inventory.rb +1 -1
- data/lib/contrast/agent/metric_telemetry_event.rb +1 -1
- data/lib/contrast/agent/middleware.rb +3 -2
- data/lib/contrast/agent/module_data.rb +1 -1
- data/lib/contrast/agent/patching/policy/after_load_patch.rb +1 -1
- data/lib/contrast/agent/patching/policy/after_load_patcher.rb +1 -1
- data/lib/contrast/agent/patching/policy/method_policy.rb +28 -15
- data/lib/contrast/agent/patching/policy/method_policy_extend.rb +12 -10
- data/lib/contrast/agent/patching/policy/module_policy.rb +1 -1
- data/lib/contrast/agent/patching/policy/patch.rb +1 -1
- data/lib/contrast/agent/patching/policy/patch_status.rb +2 -26
- data/lib/contrast/agent/patching/policy/patcher.rb +1 -5
- data/lib/contrast/agent/patching/policy/policy.rb +1 -1
- data/lib/contrast/agent/patching/policy/policy_node.rb +1 -1
- data/lib/contrast/agent/patching/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_deserialization_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_sqli_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/applies_xxe_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/policy.rb +1 -1
- data/lib/contrast/agent/protect/policy/rule_applicator.rb +1 -1
- data/lib/contrast/agent/protect/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/protect/rule/base.rb +1 -1
- data/lib/contrast/agent/protect/rule/base_service.rb +1 -1
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +1 -1
- data/lib/contrast/agent/protect/rule/default_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/deserialization.rb +1 -1
- data/lib/contrast/agent/protect/rule/http_method_tampering.rb +1 -1
- data/lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/no_sqli.rb +1 -1
- data/lib/contrast/agent/protect/rule/path_traversal.rb +1 -1
- data/lib/contrast/agent/protect/rule/sql_sample_builder.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb +2 -2
- data/lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli.rb +1 -1
- data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +1 -1
- data/lib/contrast/agent/protect/rule/xss.rb +1 -1
- data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +1 -1
- data/lib/contrast/agent/protect/rule/xxe.rb +1 -1
- data/lib/contrast/agent/protect/rule.rb +1 -1
- data/lib/contrast/agent/reaction_processor.rb +1 -1
- data/lib/contrast/agent/reporting/report.rb +7 -1
- data/lib/contrast/agent/reporting/reporter.rb +21 -48
- data/lib/contrast/agent/reporting/reporting_events/application_inventory.rb +49 -0
- data/lib/contrast/agent/reporting/reporting_events/application_update.rb +82 -0
- data/lib/contrast/agent/reporting/reporting_events/architecture_component.rb +80 -0
- data/lib/contrast/agent/reporting/reporting_events/discovered_route.rb +59 -0
- data/lib/contrast/agent/reporting/reporting_events/finding.rb +138 -43
- data/lib/contrast/agent/reporting/reporting_events/finding_event.rb +264 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_event_source.rb +57 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_object.rb +90 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_request.rb +121 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_signature.rb +105 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_stack.rb +67 -0
- data/lib/contrast/agent/reporting/reporting_events/finding_taint_range.rb +58 -0
- data/lib/contrast/agent/reporting/reporting_events/library_discovery.rb +93 -0
- data/lib/contrast/agent/reporting/reporting_events/library_usage_observation.rb +50 -0
- data/lib/contrast/agent/reporting/reporting_events/observed_library_usage.rb +54 -0
- data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +66 -0
- data/lib/contrast/agent/reporting/reporting_events/preflight.rb +20 -6
- data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +36 -17
- data/lib/contrast/agent/reporting/reporting_events/reporting_event.rb +28 -18
- data/lib/contrast/agent/reporting/reporting_events/route_coverage.rb +76 -0
- data/lib/contrast/agent/reporting/reporting_events/route_discovery.rb +66 -0
- data/lib/contrast/agent/reporting/reporting_events/route_discovery_observation.rb +65 -0
- data/lib/contrast/agent/reporting/reporting_events/server_activity.rb +52 -0
- data/lib/contrast/agent/reporting/reporting_events/trace_event_source.rb +30 -0
- data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +22 -12
- data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb +67 -0
- data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb +165 -0
- data/lib/contrast/agent/reporting/reporting_utilities/headers.rb +55 -0
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +74 -156
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +154 -0
- data/lib/contrast/agent/reporting/reporting_utilities/reporting_storage.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_utilities/response.rb +30 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb +57 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +196 -0
- data/lib/contrast/agent/reporting/settings/application_settings.rb +67 -0
- data/lib/contrast/agent/reporting/settings/assess.rb +45 -0
- data/lib/contrast/agent/reporting/settings/assess_server_feature.rb +136 -0
- data/lib/contrast/agent/reporting/settings/exclusions.rb +123 -0
- data/lib/contrast/agent/reporting/settings/protect.rb +89 -0
- data/lib/contrast/agent/reporting/settings/protect_server_feature.rb +243 -0
- data/lib/contrast/agent/reporting/settings/reaction.rb +30 -0
- data/lib/contrast/agent/reporting/settings/server_features.rb +78 -0
- data/lib/contrast/agent/request.rb +44 -3
- data/lib/contrast/agent/request_context.rb +20 -7
- data/lib/contrast/agent/request_context_extend.rb +26 -1
- data/lib/contrast/agent/request_handler.rb +41 -5
- data/lib/contrast/agent/response.rb +23 -15
- data/lib/contrast/agent/rule_set.rb +1 -1
- data/lib/contrast/agent/scope.rb +1 -1
- data/lib/contrast/agent/service_heartbeat.rb +1 -1
- data/lib/contrast/agent/startup_metrics_telemetry_event.rb +34 -7
- data/lib/contrast/agent/static_analysis.rb +13 -3
- data/lib/contrast/agent/telemetry.rb +1 -1
- data/lib/contrast/agent/telemetry_event.rb +1 -1
- data/lib/contrast/agent/thread.rb +1 -1
- data/lib/contrast/agent/thread_watcher.rb +3 -3
- data/lib/contrast/agent/tracepoint_hook.rb +1 -4
- data/lib/contrast/agent/version.rb +2 -2
- data/lib/contrast/agent/worker_thread.rb +1 -1
- data/lib/contrast/agent.rb +4 -4
- data/lib/contrast/api/communication/connection_status.rb +1 -1
- data/lib/contrast/api/communication/messaging_queue.rb +4 -4
- data/lib/contrast/api/communication/response_processor.rb +9 -5
- data/lib/contrast/api/communication/service_lifecycle.rb +1 -1
- data/lib/contrast/api/communication/socket.rb +1 -1
- data/lib/contrast/api/communication/socket_client.rb +4 -1
- data/lib/contrast/api/communication/speedracer.rb +1 -1
- data/lib/contrast/api/communication/tcp_socket.rb +1 -1
- data/lib/contrast/api/communication/unix_socket.rb +1 -1
- data/lib/contrast/api/communication.rb +1 -1
- data/lib/contrast/api/decorators/address.rb +1 -1
- data/lib/contrast/api/decorators/agent_startup.rb +1 -1
- data/lib/contrast/api/decorators/application_settings.rb +1 -1
- data/lib/contrast/api/decorators/application_startup.rb +1 -1
- data/lib/contrast/api/decorators/application_update.rb +1 -1
- data/lib/contrast/api/decorators/architecture_component.rb +36 -0
- data/lib/contrast/api/decorators/finding.rb +1 -17
- data/lib/contrast/api/decorators/http_request.rb +3 -2
- data/lib/contrast/api/decorators/input_analysis.rb +1 -1
- data/lib/contrast/api/decorators/instrumentation_mode.rb +1 -1
- data/lib/contrast/api/decorators/library.rb +1 -1
- data/lib/contrast/api/decorators/library_usage_update.rb +1 -1
- data/lib/contrast/api/decorators/message.rb +1 -1
- data/lib/contrast/api/decorators/rasp_rule_sample.rb +1 -1
- data/lib/contrast/api/decorators/route_coverage.rb +1 -1
- data/lib/contrast/api/decorators/server_features.rb +1 -1
- data/lib/contrast/api/decorators/trace_event.rb +1 -1
- data/lib/contrast/api/decorators/trace_event_object.rb +1 -1
- data/lib/contrast/api/decorators/trace_event_signature.rb +1 -1
- data/lib/contrast/api/decorators/trace_taint_range.rb +1 -1
- data/lib/contrast/api/decorators/trace_taint_range_tags.rb +1 -1
- data/lib/contrast/api/decorators/user_input.rb +1 -1
- data/lib/contrast/api/decorators.rb +2 -1
- data/lib/contrast/api.rb +1 -1
- data/lib/contrast/components/agent.rb +5 -24
- data/lib/contrast/components/api.rb +18 -9
- data/lib/contrast/components/app_context.rb +2 -1
- data/lib/contrast/components/app_context_extend.rb +1 -1
- data/lib/contrast/components/assess.rb +12 -8
- data/lib/contrast/components/base.rb +1 -1
- data/lib/contrast/components/config.rb +30 -15
- data/lib/contrast/components/contrast_service.rb +1 -1
- data/lib/contrast/components/heap_dump.rb +1 -1
- data/lib/contrast/components/inventory.rb +5 -1
- data/lib/contrast/components/logger.rb +1 -1
- data/lib/contrast/components/protect.rb +6 -2
- data/lib/contrast/components/sampling.rb +1 -1
- data/lib/contrast/components/scope.rb +1 -1
- data/lib/contrast/components/settings.rb +25 -12
- data/lib/contrast/config/agent_configuration.rb +1 -1
- data/lib/contrast/config/api_configuration.rb +2 -2
- data/lib/contrast/config/api_proxy_configuration.rb +1 -1
- data/lib/contrast/config/application_configuration.rb +1 -1
- data/lib/contrast/config/assess_configuration.rb +1 -1
- data/lib/contrast/config/assess_rules_configuration.rb +1 -1
- data/lib/contrast/config/base_configuration.rb +1 -1
- data/lib/contrast/config/certification_configuration.rb +1 -1
- data/lib/contrast/config/env_variables.rb +1 -1
- data/lib/contrast/config/exception_configuration.rb +1 -1
- data/lib/contrast/config/heap_dump_configuration.rb +1 -1
- data/lib/contrast/config/inventory_configuration.rb +1 -1
- data/lib/contrast/config/logger_configuration.rb +1 -1
- data/lib/contrast/config/protect_configuration.rb +1 -1
- data/lib/contrast/config/protect_rule_configuration.rb +1 -1
- data/lib/contrast/config/protect_rules_configuration.rb +1 -1
- data/lib/contrast/config/request_audit_configuration.rb +1 -1
- data/lib/contrast/config/root_configuration.rb +1 -1
- data/lib/contrast/config/ruby_configuration.rb +4 -1
- data/lib/contrast/config/sampling_configuration.rb +1 -1
- data/lib/contrast/config/server_configuration.rb +1 -1
- data/lib/contrast/config/service_configuration.rb +1 -1
- data/lib/contrast/config.rb +1 -1
- data/lib/contrast/configuration.rb +1 -1
- data/lib/contrast/extension/assess/array.rb +4 -2
- data/lib/contrast/extension/assess/erb.rb +15 -5
- data/lib/contrast/extension/assess/eval_trigger.rb +3 -1
- data/lib/contrast/extension/assess/exec_trigger.rb +2 -1
- data/lib/contrast/extension/assess/fiber.rb +6 -3
- data/lib/contrast/extension/assess/hash.rb +1 -1
- data/lib/contrast/extension/assess/kernel.rb +8 -3
- data/lib/contrast/extension/assess/marshal.rb +6 -2
- data/lib/contrast/extension/assess/regexp.rb +8 -2
- data/lib/contrast/extension/assess/string.rb +8 -2
- data/lib/contrast/extension/assess.rb +1 -1
- data/lib/contrast/extension/delegator.rb +1 -1
- data/lib/contrast/extension/extension.rb +2 -4
- data/lib/contrast/extension/inventory.rb +1 -1
- data/lib/contrast/extension/kernel.rb +1 -1
- data/lib/contrast/extension/module.rb +1 -1
- data/lib/contrast/extension/protect/psych.rb +1 -1
- data/lib/contrast/extension/protect.rb +1 -1
- data/lib/contrast/extension/thread.rb +1 -1
- data/lib/contrast/framework/base_support.rb +5 -1
- data/lib/contrast/framework/grape/support.rb +25 -1
- data/lib/contrast/framework/manager.rb +26 -5
- data/lib/contrast/framework/manager_extend.rb +1 -1
- data/lib/contrast/framework/platform_version.rb +1 -1
- data/lib/contrast/framework/rack/patch/session_cookie.rb +1 -1
- data/lib/contrast/framework/rack/patch/support.rb +1 -1
- data/lib/contrast/framework/rack/support.rb +1 -1
- data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +1 -1
- data/lib/contrast/framework/rails/patch/assess_configuration.rb +1 -1
- data/lib/contrast/framework/rails/patch/rails_application_configuration.rb +1 -1
- data/lib/contrast/framework/rails/patch/support.rb +1 -1
- data/lib/contrast/framework/rails/railtie.rb +1 -1
- data/lib/contrast/framework/rails/support.rb +46 -2
- data/lib/contrast/framework/sinatra/support.rb +24 -2
- data/lib/contrast/funchook/funchook.rb +21 -18
- data/lib/contrast/logger/application.rb +1 -1
- data/lib/contrast/logger/format.rb +1 -1
- data/lib/contrast/logger/log.rb +1 -1
- data/lib/contrast/logger/request.rb +1 -1
- data/lib/contrast/logger/time.rb +1 -1
- data/lib/contrast/security_exception.rb +1 -1
- data/lib/contrast/tasks/config.rb +1 -1
- data/lib/contrast/tasks/service.rb +1 -1
- data/lib/contrast/utils/assess/propagation_method_utils.rb +1 -1
- data/lib/contrast/utils/assess/property/tagged_utils.rb +1 -1
- data/lib/contrast/utils/assess/sampling_util.rb +4 -4
- data/lib/contrast/utils/assess/source_method_utils.rb +1 -1
- data/lib/contrast/utils/assess/split_utils.rb +23 -0
- data/lib/contrast/utils/assess/tracking_util.rb +1 -1
- data/lib/contrast/utils/assess/trigger_method_utils.rb +3 -2
- data/lib/contrast/utils/class_util.rb +1 -1
- data/lib/contrast/utils/duck_utils.rb +1 -1
- data/lib/contrast/utils/env_configuration_item.rb +2 -2
- data/lib/contrast/utils/exclude_key.rb +1 -1
- data/lib/contrast/utils/findings.rb +5 -2
- data/lib/contrast/utils/hash_digest.rb +36 -6
- data/lib/contrast/utils/hash_digest_extend.rb +44 -1
- data/lib/contrast/utils/head_dump_utils_extend.rb +1 -1
- data/lib/contrast/utils/heap_dump_util.rb +1 -1
- data/lib/contrast/utils/invalid_configuration_util.rb +6 -5
- data/lib/contrast/utils/io_util.rb +1 -1
- data/lib/contrast/utils/job_servers_running.rb +1 -1
- data/lib/contrast/utils/log_utils.rb +1 -1
- data/lib/contrast/utils/lru_cache.rb +1 -1
- data/lib/contrast/utils/metrics_hash.rb +2 -2
- data/lib/contrast/utils/middleware_utils.rb +1 -1
- data/lib/contrast/utils/net_http_base.rb +14 -7
- data/lib/contrast/utils/object_share.rb +1 -6
- data/lib/contrast/utils/os.rb +9 -5
- data/lib/contrast/utils/patching/policy/patch_utils.rb +63 -99
- data/lib/contrast/utils/patching/policy/patcher_utils.rb +1 -1
- data/lib/contrast/utils/preflight_util.rb +1 -1
- data/lib/contrast/utils/request_utils.rb +9 -1
- data/lib/contrast/utils/resource_loader.rb +1 -1
- data/lib/contrast/utils/response_utils.rb +1 -1
- data/lib/contrast/utils/sha256_builder.rb +1 -1
- data/lib/contrast/utils/stack_trace_utils.rb +1 -1
- data/lib/contrast/utils/string_utils.rb +69 -67
- data/lib/contrast/utils/tag_util.rb +2 -1
- data/lib/contrast/utils/telemetry.rb +1 -1
- data/lib/contrast/utils/telemetry_client.rb +1 -1
- data/lib/contrast/utils/telemetry_identifier.rb +1 -1
- data/lib/contrast/utils/thread_tracker.rb +1 -1
- data/lib/contrast/utils/timer.rb +1 -1
- data/lib/contrast-agent.rb +1 -1
- data/lib/contrast.rb +1 -1
- data/ruby-agent.gemspec +4 -5
- metadata +58 -30
- data/ext/cs__assess_active_record_named/cs__active_record_named.c +0 -46
- data/ext/cs__assess_active_record_named/cs__active_record_named.h +0 -11
- data/ext/cs__assess_active_record_named/extconf.rb +0 -5
- data/lib/contrast/agent/assess/policy/rewriter_patch.rb +0 -95
- data/lib/contrast/agent/class_reopener.rb +0 -258
- data/lib/contrast/agent/rewriter.rb +0 -259
- data/lib/contrast/framework/rails/rewrite/action_controller_railties_helper_inherited.rb +0 -37
- data/lib/contrast/framework/rails/rewrite/active_record_attribute_methods_read.rb +0 -41
- data/lib/contrast/framework/rails/rewrite/active_record_named.rb +0 -75
- data/lib/contrast/framework/rails/rewrite/active_record_time_zone_inherited.rb +0 -35
- data/lib/contrast/utils/ruby_ast_rewriter.rb +0 -82
- data/lib/contrast/utils/substitution_utils.rb +0 -167
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4976ba07d49361d91d44561f93031bfbe6b0aaff32921c62c8a6841e1e9581ad
|
|
4
|
+
data.tar.gz: 510081d49ac928d43cd2f97ab310b6f6dcd122c1227e52d35c40f6ff5f423723
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e1dff81a71f5162d2f217ef061ae060b77d825a85fc0666e667b845e62f5e209b8d409bb2fe554af774f904d3586461a35c264fedb5c63c4f1d9a1130c7ed0c0
|
|
7
|
+
data.tar.gz: '013393f427c6539d164f7f647d2b8635ef4c7093e8dbd517631c03ae2ad3a5b7e8529bce82e80cea5f5c3ad630c537abd7114f98042f01b4977059ebb5ad1aaf'
|
data/.simplecov
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
SimpleCov.minimum_coverage line: 94.75
|
data/Gemfile
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
source 'https://rubygems.org'
|
data/LICENSE.txt
CHANGED
data/Rakefile
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$stdout.sync = true
|
data/exe/contrast_service
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
|
-
# Copyright (c)
|
|
2
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
3
3
|
# frozen_string_literal: true
|
|
4
4
|
|
|
5
5
|
def mac?
|
data/ext/build_funchook.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'fileutils'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
data/ext/cs__common/cs__common.c
CHANGED
data/ext/cs__common/extconf.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'mkmf'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
$TO_MAKE = File.basename(__dir__)
|
data/ext/extconf_common.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'mkmf'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/utils/assess/tracking_util'
|
|
@@ -42,21 +42,17 @@ module Contrast
|
|
|
42
42
|
end
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
-
# @param
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
# @param ret [Object] the Return of the invoked method
|
|
49
|
-
# @param args [Array<Object>] the Arguments with which the method was invoked
|
|
50
|
-
def initialize policy_node, tagged, object, ret, args
|
|
51
|
-
@policy_node = policy_node
|
|
45
|
+
# @param event_data [Contrast::Agent::Assess::Events::EventData]
|
|
46
|
+
def initialize event_data
|
|
47
|
+
@policy_node = event_data.policy_node
|
|
52
48
|
@time = Contrast::Utils::Timer.now_ms
|
|
53
49
|
@thread = Thread.current.object_id
|
|
54
50
|
|
|
55
51
|
# These methods rely on the above being set. Don't move them!
|
|
56
52
|
@event_id = Contrast::Agent::Assess::ContrastEvent.next_atomic_id
|
|
57
|
-
@tags = Contrast::Agent::Assess::Tracker.properties(tagged)&.get_tags
|
|
58
|
-
find_parent_events!(policy_node, object, ret, args)
|
|
59
|
-
snapshot!(object, ret, args)
|
|
53
|
+
@tags = Contrast::Agent::Assess::Tracker.properties(event_data.tagged)&.get_tags
|
|
54
|
+
find_parent_events!(event_data.policy_node, event_data.object, event_data.ret, event_data.args)
|
|
55
|
+
snapshot!(event_data.object, event_data.ret, event_data.args)
|
|
60
56
|
capture_stacktrace!
|
|
61
57
|
end
|
|
62
58
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/utils/class_util'
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
module Contrast
|
|
5
|
+
module Agent
|
|
6
|
+
module Assess
|
|
7
|
+
module Events
|
|
8
|
+
# this class will gather and build event
|
|
9
|
+
class EventData
|
|
10
|
+
attr_reader :policy_node, :tagged, :object, :ret, :args
|
|
11
|
+
|
|
12
|
+
# Group event data together
|
|
13
|
+
#
|
|
14
|
+
# @param policy_node [Contrast::Agent::Assess::Policy::PolicyNode, nil] the node that governs this event
|
|
15
|
+
# @param tagged [Object, nil] the Target to which this event pertains
|
|
16
|
+
# @param object [Object, nil] the Object on which the method was invoked
|
|
17
|
+
# @param ret [Object, nil] the Return of the invoked method
|
|
18
|
+
# @param args [Array<Object>, nil] the Arguments with which the method was invoked
|
|
19
|
+
def initialize policy_node, tagged, object, ret, args
|
|
20
|
+
@policy_node = policy_node
|
|
21
|
+
@tagged = tagged
|
|
22
|
+
@object = object
|
|
23
|
+
@ret = ret
|
|
24
|
+
@args = args
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/assess/contrast_event'
|
|
5
5
|
require 'contrast/agent/assess/events/source_event'
|
|
6
|
+
require 'contrast/agent/assess/events/event_data'
|
|
6
7
|
|
|
7
8
|
module Contrast
|
|
8
9
|
module Agent
|
|
@@ -10,13 +11,20 @@ module Contrast
|
|
|
10
11
|
module Events
|
|
11
12
|
# This module returns the event type appropriate to the given Node
|
|
12
13
|
module EventFactory
|
|
13
|
-
|
|
14
|
-
|
|
14
|
+
# This method returns the event type appropriate to the given Node
|
|
15
|
+
#
|
|
16
|
+
# @param event_data [Contrast::Agent::Assess::Events::EventData]
|
|
17
|
+
# @param source_type [String] the type of this source, from the
|
|
18
|
+
# source_node, or a KEY_TYPE if invoked for a map,
|
|
19
|
+
# @param source_name [String, nil] the name of this source, i.e.
|
|
20
|
+
# the key used to accessed if from a map or nil if a type like,
|
|
21
|
+
# @return [Contrast::Agent::Assess::Events::SourceEvent, Contrast::Agent::Assess::ContrastEvent]
|
|
22
|
+
def self.build event_data, source_type = nil, source_name = nil
|
|
23
|
+
case event_data.policy_node
|
|
15
24
|
when Contrast::Agent::Assess::Policy::SourceNode
|
|
16
|
-
Contrast::Agent::Assess::Events::SourceEvent.new(
|
|
17
|
-
source_name)
|
|
25
|
+
Contrast::Agent::Assess::Events::SourceEvent.new(event_data, source_type, source_name)
|
|
18
26
|
when Contrast::Agent::Assess::Policy::PolicyNode
|
|
19
|
-
Contrast::Agent::Assess::ContrastEvent.new(
|
|
27
|
+
Contrast::Agent::Assess::ContrastEvent.new(event_data)
|
|
20
28
|
end
|
|
21
29
|
end
|
|
22
30
|
end
|
|
@@ -1,7 +1,8 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/assess/contrast_event'
|
|
5
|
+
require 'contrast/agent/reporting/reporting_events/trace_event_source'
|
|
5
6
|
require 'contrast/utils/string_utils'
|
|
6
7
|
|
|
7
8
|
module Contrast
|
|
@@ -19,8 +20,13 @@ module Contrast
|
|
|
19
20
|
class SourceEvent < Contrast::Agent::Assess::ContrastEvent
|
|
20
21
|
attr_reader :request, :source_name, :source_type
|
|
21
22
|
|
|
22
|
-
|
|
23
|
-
|
|
23
|
+
# @param event_data [Contrast::Agent::Assess::Events::EventData]
|
|
24
|
+
# @param source_type [String] the type of this source, from the
|
|
25
|
+
# source_node, or a KEY_TYPE if invoked for a map,
|
|
26
|
+
# @param source_name [String, nil] the name of this source, i.e.
|
|
27
|
+
# the key used to accessed if from a map or nil if a type like,
|
|
28
|
+
def initialize event_data, source_type = nil, source_name = nil
|
|
29
|
+
super(event_data)
|
|
24
30
|
@source_type = source_type
|
|
25
31
|
@source_name = source_name
|
|
26
32
|
@request = Contrast::Agent::REQUEST_TRACKER.current&.request
|
|
@@ -61,6 +67,19 @@ module Contrast
|
|
|
61
67
|
dtm
|
|
62
68
|
end
|
|
63
69
|
|
|
70
|
+
# Probably only for source events, but we'll go
|
|
71
|
+
# with source_type instead. java & .net support source_type
|
|
72
|
+
# in propagation events, so we'll future proof this
|
|
73
|
+
def build_event_source
|
|
74
|
+
# You can have a source w/o a name, but not w/o a type
|
|
75
|
+
return unless source_type
|
|
76
|
+
|
|
77
|
+
trace_event_source = Contrast::Agent::Reporting::TraceEventSource.new
|
|
78
|
+
trace_event_source.type = forced_source_type
|
|
79
|
+
trace_event_source.name = forced_source_name
|
|
80
|
+
trace_event_source
|
|
81
|
+
end
|
|
82
|
+
|
|
64
83
|
# We have to do a little work to figure out what our TS appropriate
|
|
65
84
|
# target is. To break this down, the logic is as follows:
|
|
66
85
|
# 1) I'll set the event's source and target to TS values.
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/assess/tracker'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/utils/duck_utils'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/patching/policy/method_policy'
|
|
@@ -90,12 +90,12 @@ module Contrast
|
|
|
90
90
|
# @return [Contrast::Agent::Patching::Policy::MethodPolicy] the
|
|
91
91
|
# policy to apply to the given method
|
|
92
92
|
def build_source_policy method_name, dynamic_source_node
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
93
|
+
Contrast::Agent::Patching::Policy::MethodPolicy.new({
|
|
94
|
+
method_visibility: :public,
|
|
95
|
+
instance_method: true,
|
|
96
|
+
method_name: method_name,
|
|
97
|
+
source_node: dynamic_source_node
|
|
98
|
+
})
|
|
99
99
|
end
|
|
100
100
|
|
|
101
101
|
# @param request [Contrast::Agent::Request] the request during
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/assess/policy/policy'
|
|
@@ -42,40 +42,6 @@ module Contrast
|
|
|
42
42
|
rescue StandardError => e
|
|
43
43
|
logger.warn('Unable to patch assess during eval', e, module: mod.cs__name)
|
|
44
44
|
end
|
|
45
|
-
|
|
46
|
-
# Exposed so that methods can be dynamically patched on creation at
|
|
47
|
-
# runtime, like those generated by
|
|
48
|
-
# ActiveRecord::AttributeMethods::Read::ClassMethods#define_method_attribute
|
|
49
|
-
CLASS_TYPES = [Contrast::Utils::ObjectShare::CLASS, Contrast::Utils::ObjectShare::MODULE].cs__freeze
|
|
50
|
-
def patch_assess_method mod, method_name
|
|
51
|
-
# Module.define_method is called a lot in Class and Module. We
|
|
52
|
-
# currently do not expect these define_methods to result in methods
|
|
53
|
-
# that require patching, so for the sake of performance, we're going
|
|
54
|
-
# to skip evaluating them
|
|
55
|
-
mod = mod.cs__class unless mod.cs__is_a?(Module)
|
|
56
|
-
class_name = mod.cs__class
|
|
57
|
-
return if CLASS_TYPES.include?(class_name)
|
|
58
|
-
return unless ASSESS.enabled?
|
|
59
|
-
|
|
60
|
-
source_nodes = Contrast::Agent::Patching::Policy::ModulePolicy.nodes_for_module(policy.sources,
|
|
61
|
-
class_name)
|
|
62
|
-
return if source_nodes.empty?
|
|
63
|
-
|
|
64
|
-
method_array = []
|
|
65
|
-
method_array << method_name
|
|
66
|
-
source_nodes.each do |source_node|
|
|
67
|
-
next unless source_node.method_name.to_s == method_name
|
|
68
|
-
|
|
69
|
-
method_policy =
|
|
70
|
-
Contrast::Agent::Patching::Policy::MethodPolicy.new(source_node: source_node,
|
|
71
|
-
method_name: source_node.method_name,
|
|
72
|
-
method_visibility: source_node.method_visibility,
|
|
73
|
-
instance_method: true)
|
|
74
|
-
patcher.patch_method(mod, method_array, method_policy)
|
|
75
|
-
end
|
|
76
|
-
rescue StandardError => e
|
|
77
|
-
logger.warn('Unable to patch assess during define_method_attribute', e, module: mod.cs__name)
|
|
78
|
-
end
|
|
79
45
|
end
|
|
80
46
|
end
|
|
81
47
|
end
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'json'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/agent/patching/policy/policy_node'
|
|
@@ -141,7 +141,7 @@ module Contrast
|
|
|
141
141
|
|
|
142
142
|
t
|
|
143
143
|
else
|
|
144
|
-
Integer(t[1
|
|
144
|
+
Integer(t[1..])
|
|
145
145
|
end
|
|
146
146
|
end
|
|
147
147
|
converted
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/utils/object_share'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (c)
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'contrast/components/logger'
|