libddwaf 1.0.13.0.0.beta1-x86_64-linux → 1.0.14.2.0.beta1-x86_64-linux

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/lib/datadog/appsec/waf/version.rb +11 -0
  3. data/lib/datadog/{security → appsec}/waf.rb +53 -45
  4. data/lib/libddwaf.rb +1 -1
  5. data/vendor/libddwaf/{libddwaf-1.0.13-linux-x86_64 → libddwaf-1.0.14-linux-x86_64}/include/ddwaf.h +0 -0
  6. data/vendor/libddwaf/libddwaf-1.0.14-linux-x86_64/lib/libddwaf.so +0 -0
  7. metadata +10 -13
  8. data/lib/datadog/security/waf/version.rb +0 -12
  9. data/vendor/libddwaf/libddwaf-1.0.13-linux-x86_64/lib/libddwaf.so +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 622d720ffee7b06c4802b8ce3c7193682900d3ec70cbd87ae6368eec545dd7ea
4
- data.tar.gz: e9fcbddf1e9e4bf647c68c7d144a4fe67284ab6e6617abeef5bd605658a55a0c
3
+ metadata.gz: 659822366033074af5606727ca54c6407a12fcdc111ae1f86946f07e9a2491e5
4
+ data.tar.gz: a865f00c0760febd59cb0dadeca26c18ac7dff46cfff5a8f6d930cb8fa0c05be
5
5
  SHA512:
6
- metadata.gz: ae918e6a2539d47f9758380ec4ca2150980af916f6501ef4b3df8ccb98eb800fcea618b1445534e29bbc3df4557191609df33b0a630ae598426415a950fb927b
7
- data.tar.gz: f60104d69e160d299c5ecfb39acdfee4c8dbeb0f4c2e5dcb8f4264ce9e43608296983a673eaabff9b005ac8c59878ea91b88c6c314ad9cf033327ecce2525e41
6
+ metadata.gz: 7a17bb3548e9d1c6396334d976669f99a6700d0029c98c075689eb83c24b970f623fbdb1625c9aa77ce94bc9a8c2e2293523f2a93de124ce11ff13ba99480986
7
+ data.tar.gz: 6772a47fdf93dee1e077683ffdf8f9d952f4cf01c37b7549f5c654d24d1dc2680e61588d1f743194eb41ec5da8e94dfa404388c4fdfac76c9fe8d959f797db7b
data/lib/datadog/appsec/waf/version.rb ADDED
@@ -0,0 +1,11 @@
1
+ module Datadog
2
+ module AppSec
3
+ module WAF
4
+ module VERSION
5
+ BASE_STRING = '1.0.14'
6
+ STRING = "#{BASE_STRING}.2.0.beta1"
7
+ MINIMUM_RUBY_VERSION = '2.1'
8
+ end
9
+ end
10
+ end
11
+ end
data/lib/datadog/{security → appsec}/waf.rb RENAMED
@@ -1,9 +1,9 @@
1
1
  require 'ffi'
2
2
  require 'json'
3
- require 'datadog/security/waf/version'
3
+ require 'datadog/appsec/waf/version'
4
4
 
5
5
  module Datadog
6
- module Security
6
+ module AppSec
7
7
  module WAF
8
8
  module LibDDWAF
9
9
  class Error < StandardError; end
@@ -15,10 +15,10 @@ module Datadog
15
15
  os_name = java.lang.System.get_property('os.name')
16
16
 
17
17
  os = case os_name
18
- when /linux/i then 'linux'
19
- when /mac/i then 'darwin'
20
- else raise Error, "unsupported JRuby os.name: #{os_name.inspect}"
21
- end
18
+ when /linux/i then 'linux'
19
+ when /mac/i then 'darwin'
20
+ else raise Error, "unsupported JRuby os.name: #{os_name.inspect}"
21
+ end
22
22
 
23
23
  return os
24
24
  end
@@ -46,7 +46,7 @@ module Datadog
46
46
  end
47
47
 
48
48
  def self.shared_lib_path
49
- File.join(__dir__, "../../../vendor/libddwaf/libddwaf-#{Datadog::Security::WAF::VERSION::BASE_STRING}-#{local_os}-#{local_cpu}/lib/libddwaf#{shared_lib_extname}")
49
+ File.join(__dir__, "../../../vendor/libddwaf/libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{local_os}-#{local_cpu}/lib/libddwaf#{shared_lib_extname}")
50
50
  end
51
51
 
52
52
  ffi_lib [shared_lib_path]
@@ -55,8 +55,8 @@ module Datadog
55
55
 
56
56
  class Version < ::FFI::Struct
57
57
  layout :major, :uint16,
58
- :minor, :uint16,
59
- :patch, :uint16
58
+ :minor, :uint16,
59
+ :patch, :uint16
60
60
  end
61
61
 
62
62
  typedef Version.by_ref, :ddwaf_version
@@ -76,17 +76,17 @@ module Datadog
76
76
 
77
77
  class ObjectValueUnion < ::FFI::Union
78
78
  layout :stringValue, :charptr,
79
- :uintValue, :uint64,
80
- :intValue, :int64,
81
- :array, :pointer
79
+ :uintValue, :uint64,
80
+ :intValue, :int64,
81
+ :array, :pointer
82
82
  end
83
83
 
84
84
  class Object < ::FFI::Struct
85
85
  layout :parameterName, :charptr,
86
- :parameterNameLength, :uint64,
87
- :valueUnion, ObjectValueUnion,
88
- :nbEntries, :uint64,
89
- :type, DDWAF_OBJ_TYPE
86
+ :parameterNameLength, :uint64,
87
+ :valueUnion, ObjectValueUnion,
88
+ :nbEntries, :uint64,
89
+ :type, DDWAF_OBJ_TYPE
90
90
  end
91
91
 
92
92
  typedef Object.by_ref, :ddwaf_object
@@ -118,8 +118,8 @@ module Datadog
118
118
 
119
119
  class Config < ::FFI::Struct
120
120
  layout :maxArrayLength, :uint64,
121
- :maxMapDepth, :uint64,
122
- :maxTimeStore, :uint64
121
+ :maxMapDepth, :uint64,
122
+ :maxTimeStore, :uint64
123
123
  end
124
124
 
125
125
  typedef Config.by_ref, :ddwaf_config
@@ -127,6 +127,8 @@ module Datadog
127
127
  attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config], :ddwaf_handle
128
128
  attach_function :ddwaf_destroy, [:ddwaf_handle], :void
129
129
 
130
+ attach_function :ddwaf_required_addresses, [:ddwaf_handle, :pointer], :pointer
131
+
130
132
  # running
131
133
 
132
134
  typedef :pointer, :ddwaf_context
@@ -136,7 +138,6 @@ module Datadog
136
138
  attach_function :ddwaf_context_init, [:ddwaf_handle, :ddwaf_object_free_fn], :ddwaf_context
137
139
  attach_function :ddwaf_context_destroy, [:ddwaf_context], :void
138
140
 
139
-
140
141
  DDWAF_RET_CODE = enum :ddwaf_err_internal, -4,
141
142
  :ddwaf_err_invalid_object, -3,
142
143
  :ddwaf_err_invalid_argument, -2,
@@ -147,9 +148,9 @@ module Datadog
147
148
 
148
149
  class Result < ::FFI::Struct
149
150
  layout :action, DDWAF_RET_CODE,
150
- :data, :string,
151
- :perfData, :string,
152
- :perfTotalRuntime, :uint32 # in us
151
+ :data, :string,
152
+ :perfData, :string,
153
+ :perfTotalRuntime, :uint32 # in us
153
154
  end
154
155
 
155
156
  typedef Result.by_ref, :ddwaf_result
@@ -161,11 +162,11 @@ module Datadog
161
162
  # logging
162
163
 
163
164
  DDWAF_LOG_LEVEL = enum :ddwaf_log_trace,
164
- :ddwaf_log_debug,
165
- :ddwaf_log_info,
166
- :ddwaf_log_warn,
167
- :ddwaf_log_error,
168
- :ddwaf_log_off
165
+ :ddwaf_log_debug,
166
+ :ddwaf_log_info,
167
+ :ddwaf_log_warn,
168
+ :ddwaf_log_error,
169
+ :ddwaf_log_off
169
170
 
170
171
  callback :ddwaf_log_cb, [DDWAF_LOG_LEVEL, :string, :string, :uint, :charptr, :uint64], :void
171
172
 
@@ -280,8 +281,8 @@ module Datadog
280
281
  end
281
282
  when :ddwaf_obj_map
282
283
  (0...obj[:nbEntries]).each.with_object({}) do |i, h|
283
- ptr = obj[:valueUnion][:array] + i * Datadog::Security::WAF::LibDDWAF::Object.size
284
- o = Datadog::Security::WAF::LibDDWAF::Object.new(ptr)
284
+ ptr = obj[:valueUnion][:array] + i * Datadog::AppSec::WAF::LibDDWAF::Object.size
285
+ o = Datadog::AppSec::WAF::LibDDWAF::Object.new(ptr)
285
286
  l = o[:parameterNameLength]
286
287
  k = o[:parameterName].read_bytes(l)
287
288
  v = object_to_ruby(LibDDWAF::Object.new(ptr))
@@ -295,7 +296,7 @@ module Datadog
295
296
  logger.debug { { level: level, func: func, file: file, message: message.read_bytes(len) }.inspect }
296
297
  end
297
298
 
298
- Datadog::Security::WAF::LibDDWAF.ddwaf_set_log_cb(@log_cb, :ddwaf_log_trace)
299
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_set_log_cb(@log_cb, :ddwaf_log_trace)
299
300
  end
300
301
 
301
302
  class Handle
@@ -306,12 +307,12 @@ module Datadog
306
307
  DEFAULT_MAX_TIME_STORE = 0
307
308
 
308
309
  def initialize(rule, config = {})
309
- rule_obj = Datadog::Security::WAF.ruby_to_object(rule)
310
+ rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
310
311
  if rule_obj.null? || rule_obj[:type] == :ddwaf_object_invalid
311
312
  fail LibDDWAF::Error, "Could not convert object #{rule.inspect}"
312
313
  end
313
314
 
314
- config_obj = Datadog::Security::WAF::LibDDWAF::Config.new
315
+ config_obj = Datadog::AppSec::WAF::LibDDWAF::Config.new
315
316
  if config_obj.null?
316
317
  fail LibDDWAF::Error, 'Could not create config struct'
317
318
  end
@@ -320,19 +321,19 @@ module Datadog
320
321
  config_obj[:maxMapDepth] = config[:max_map_depth] || DEFAULT_MAX_MAP_DEPTH
321
322
  config_obj[:maxTimeStore] = config[:max_time_store] || DEFAULT_MAX_TIME_STORE
322
323
 
323
- @handle_obj = Datadog::Security::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj)
324
+ @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj)
324
325
  if @handle_obj.null?
325
326
  fail LibDDWAF::Error, 'Could not create handle'
326
327
  end
327
328
 
328
329
  ObjectSpace.define_finalizer(self, Handle.finalizer(handle_obj))
329
330
  ensure
330
- Datadog::Security::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
331
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
331
332
  end
332
333
 
333
334
  def self.finalizer(handle_obj)
334
335
  proc do |object_id|
335
- Datadog::Security::WAF::LibDDWAF.ddwaf_destroy(handle_obj)
336
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_destroy(handle_obj)
336
337
  end
337
338
  end
338
339
  end
@@ -344,19 +345,24 @@ module Datadog
344
345
 
345
346
  def initialize(handle)
346
347
  handle_obj = handle.handle_obj
347
- free_func = Datadog::Security::WAF::LibDDWAF::ObjectNoFree
348
+ free_func = Datadog::AppSec::WAF::LibDDWAF::ObjectNoFree
348
349
 
349
- @context_obj = Datadog::Security::WAF::LibDDWAF.ddwaf_context_init(handle_obj, free_func)
350
+ @context_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_init(handle_obj, free_func)
350
351
  if @context_obj.null?
351
352
  fail LibDDWAF::Error, 'Could not create context'
352
353
  end
353
354
 
354
- ObjectSpace.define_finalizer(self, Context.finalizer(context_obj))
355
+ @input_objs = []
356
+
357
+ ObjectSpace.define_finalizer(self, Context.finalizer(context_obj, @input_objs))
355
358
  end
356
359
 
357
- def self.finalizer(context_obj)
360
+ def self.finalizer(context_obj, input_objs)
358
361
  proc do |object_id|
359
- Datadog::Security::WAF::LibDDWAF.ddwaf_context_destroy(context_obj)
362
+ input_objs.each do |input_obj|
363
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(input_obj)
364
+ end
365
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_destroy(context_obj)
360
366
  end
361
367
  end
362
368
 
@@ -372,17 +378,20 @@ module Datadog
372
378
  }
373
379
 
374
380
  def run(input, timeout = DEFAULT_TIMEOUT_US)
375
- input_obj = Datadog::Security::WAF.ruby_to_object(input)
381
+ input_obj = Datadog::AppSec::WAF.ruby_to_object(input)
376
382
  if input_obj.null?
377
383
  fail LibDDWAF::Error, "Could not convert input: #{input.inspect}"
378
384
  end
379
385
 
380
- result_obj = Datadog::Security::WAF::LibDDWAF::Result.new
386
+ result_obj = Datadog::AppSec::WAF::LibDDWAF::Result.new
381
387
  if result_obj.null?
382
388
  fail LibDDWAF::Error, "Could not create result object"
383
389
  end
384
390
 
385
- code = Datadog::Security::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
391
+ # retain C objects in memory for subsequent calls to run
392
+ @input_objs << input_obj
393
+
394
+ code = Datadog::AppSec::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
386
395
 
387
396
  result = Result.new(
388
397
  ACTION_MAP_OUT[result_obj[:action]],
@@ -393,8 +402,7 @@ module Datadog
393
402
 
394
403
  [ACTION_MAP_OUT[code], result]
395
404
  ensure
396
- Datadog::Security::WAF::LibDDWAF.ddwaf_object_free(input_obj) if input_obj
397
- Datadog::Security::WAF::LibDDWAF.ddwaf_result_free(result_obj) if result_obj
405
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_result_free(result_obj) if result_obj
398
406
  end
399
407
  end
400
408
  end
data/lib/libddwaf.rb CHANGED
@@ -1 +1 @@
1
- require 'datadog/security/waf'
1
+ require 'datadog/appsec/waf'
metadata CHANGED
@@ -1,29 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libddwaf
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.13.0.0.beta1
4
+ version: 1.0.14.2.0.beta1
5
5
  platform: x86_64-linux
6
6
  authors:
7
7
  - Datadog, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-23 00:00:00.000000000 Z
11
+ date: 2022-02-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ">="
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '0'
19
+ version: '1.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ">="
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '0'
26
+ version: '1.0'
27
27
  description: 'libddwaf packages a WAF implementation in C++, exposed to Ruby
28
28
 
29
29
  '
@@ -38,11 +38,11 @@ files:
38
38
  - LICENSE.Apache
39
39
  - LICENSE.BSD3
40
40
  - NOTICE
41
- - lib/datadog/security/waf.rb
42
- - lib/datadog/security/waf/version.rb
41
+ - lib/datadog/appsec/waf.rb
42
+ - lib/datadog/appsec/waf/version.rb
43
43
  - lib/libddwaf.rb
44
- - vendor/libddwaf/libddwaf-1.0.13-linux-x86_64/include/ddwaf.h
45
- - vendor/libddwaf/libddwaf-1.0.13-linux-x86_64/lib/libddwaf.so
44
+ - vendor/libddwaf/libddwaf-1.0.14-linux-x86_64/include/ddwaf.h
45
+ - vendor/libddwaf/libddwaf-1.0.14-linux-x86_64/lib/libddwaf.so
46
46
  homepage: https://github.com/DataDog/libddwaf
47
47
  licenses:
48
48
  - BSD-3-Clause
@@ -57,9 +57,6 @@ required_ruby_version: !ruby/object:Gem::Requirement
57
57
  - - ">="
58
58
  - !ruby/object:Gem::Version
59
59
  version: '2.1'
60
- - - "<"
61
- - !ruby/object:Gem::Version
62
- version: '3.2'
63
60
  required_rubygems_version: !ruby/object:Gem::Requirement
64
61
  requirements:
65
62
  - - ">="
data/lib/datadog/security/waf/version.rb DELETED
@@ -1,12 +0,0 @@
1
- module Datadog
2
- module Security
3
- module WAF
4
- module VERSION
5
- BASE_STRING = '1.0.13'
6
- STRING = "#{BASE_STRING}.0.0.beta1"
7
- MINIMUM_RUBY_VERSION = '2.1'
8
- MAXIMUM_RUBY_VERSION = '3.2'
9
- end
10
- end
11
- end
12
- end