libddwaf 1.0.14.1.0.beta1-x86_64-linux → 1.0.14.2.1.beta1-x86_64-linux
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/datadog/{security → appsec}/waf/version.rb +2 -3
- data/lib/datadog/{security → appsec}/waf.rb +23 -27
- data/lib/libddwaf.rb +1 -1
- metadata +8 -11
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cbbad6a0fc8e957d7110a4b66d42d64e7dd3aade7116b442c38b8bf270b54c86
|
4
|
+
data.tar.gz: '0181b7399b0a59a4e14e455ad2737c8ec15820c7365913fae22e34679a5bfc22'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 493dec85beac29a1dbb4c0319177b09839248896d4f91f3478013031082858c6ea33aa9df5e6da3f5aa4ac2b822ed0168690c82b27076d27179ed9afa0559391
|
7
|
+
data.tar.gz: d89ee2e9c995ee60c4f52563c95dc313be90cd271f86efe4b614213829e65ea2d7e874e1a1b235f7fc6ac6df0503ade24ac5ed9d32cfcc307de341d67321bacc
|
@@ -1,11 +1,10 @@
|
|
1
1
|
module Datadog
|
2
|
-
module
|
2
|
+
module AppSec
|
3
3
|
module WAF
|
4
4
|
module VERSION
|
5
5
|
BASE_STRING = '1.0.14'
|
6
|
-
STRING = "#{BASE_STRING}.1.
|
6
|
+
STRING = "#{BASE_STRING}.2.1.beta1"
|
7
7
|
MINIMUM_RUBY_VERSION = '2.1'
|
8
|
-
MAXIMUM_RUBY_VERSION = '3.2'
|
9
8
|
end
|
10
9
|
end
|
11
10
|
end
|
@@ -1,9 +1,9 @@
|
|
1
1
|
require 'ffi'
|
2
2
|
require 'json'
|
3
|
-
require 'datadog/
|
3
|
+
require 'datadog/appsec/waf/version'
|
4
4
|
|
5
5
|
module Datadog
|
6
|
-
module
|
6
|
+
module AppSec
|
7
7
|
module WAF
|
8
8
|
module LibDDWAF
|
9
9
|
class Error < StandardError; end
|
@@ -46,7 +46,7 @@ module Datadog
|
|
46
46
|
end
|
47
47
|
|
48
48
|
def self.shared_lib_path
|
49
|
-
File.join(__dir__, "../../../vendor/libddwaf/libddwaf-#{Datadog::
|
49
|
+
File.join(__dir__, "../../../vendor/libddwaf/libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{local_os}-#{local_cpu}/lib/libddwaf#{shared_lib_extname}")
|
50
50
|
end
|
51
51
|
|
52
52
|
ffi_lib [shared_lib_path]
|
@@ -127,6 +127,8 @@ module Datadog
|
|
127
127
|
attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config], :ddwaf_handle
|
128
128
|
attach_function :ddwaf_destroy, [:ddwaf_handle], :void
|
129
129
|
|
130
|
+
attach_function :ddwaf_required_addresses, [:ddwaf_handle, :pointer], :pointer
|
131
|
+
|
130
132
|
# running
|
131
133
|
|
132
134
|
typedef :pointer, :ddwaf_context
|
@@ -251,13 +253,7 @@ module Datadog
|
|
251
253
|
|
252
254
|
obj
|
253
255
|
else
|
254
|
-
|
255
|
-
res = LibDDWAF.ddwaf_object_invalid(obj)
|
256
|
-
if res.null?
|
257
|
-
fail LibDDWAF::Error, "Could not convert into object: #{val}"
|
258
|
-
end
|
259
|
-
|
260
|
-
obj
|
256
|
+
ruby_to_object(''.freeze)
|
261
257
|
end
|
262
258
|
end
|
263
259
|
|
@@ -279,8 +275,8 @@ module Datadog
|
|
279
275
|
end
|
280
276
|
when :ddwaf_obj_map
|
281
277
|
(0...obj[:nbEntries]).each.with_object({}) do |i, h|
|
282
|
-
ptr = obj[:valueUnion][:array] + i * Datadog::
|
283
|
-
o = Datadog::
|
278
|
+
ptr = obj[:valueUnion][:array] + i * Datadog::AppSec::WAF::LibDDWAF::Object.size
|
279
|
+
o = Datadog::AppSec::WAF::LibDDWAF::Object.new(ptr)
|
284
280
|
l = o[:parameterNameLength]
|
285
281
|
k = o[:parameterName].read_bytes(l)
|
286
282
|
v = object_to_ruby(LibDDWAF::Object.new(ptr))
|
@@ -294,7 +290,7 @@ module Datadog
|
|
294
290
|
logger.debug { { level: level, func: func, file: file, message: message.read_bytes(len) }.inspect }
|
295
291
|
end
|
296
292
|
|
297
|
-
Datadog::
|
293
|
+
Datadog::AppSec::WAF::LibDDWAF.ddwaf_set_log_cb(@log_cb, :ddwaf_log_trace)
|
298
294
|
end
|
299
295
|
|
300
296
|
class Handle
|
@@ -305,12 +301,12 @@ module Datadog
|
|
305
301
|
DEFAULT_MAX_TIME_STORE = 0
|
306
302
|
|
307
303
|
def initialize(rule, config = {})
|
308
|
-
rule_obj = Datadog::
|
304
|
+
rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
|
309
305
|
if rule_obj.null? || rule_obj[:type] == :ddwaf_object_invalid
|
310
306
|
fail LibDDWAF::Error, "Could not convert object #{rule.inspect}"
|
311
307
|
end
|
312
308
|
|
313
|
-
config_obj = Datadog::
|
309
|
+
config_obj = Datadog::AppSec::WAF::LibDDWAF::Config.new
|
314
310
|
if config_obj.null?
|
315
311
|
fail LibDDWAF::Error, 'Could not create config struct'
|
316
312
|
end
|
@@ -319,19 +315,19 @@ module Datadog
|
|
319
315
|
config_obj[:maxMapDepth] = config[:max_map_depth] || DEFAULT_MAX_MAP_DEPTH
|
320
316
|
config_obj[:maxTimeStore] = config[:max_time_store] || DEFAULT_MAX_TIME_STORE
|
321
317
|
|
322
|
-
@handle_obj = Datadog::
|
318
|
+
@handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj)
|
323
319
|
if @handle_obj.null?
|
324
320
|
fail LibDDWAF::Error, 'Could not create handle'
|
325
321
|
end
|
326
322
|
|
327
323
|
ObjectSpace.define_finalizer(self, Handle.finalizer(handle_obj))
|
328
324
|
ensure
|
329
|
-
Datadog::
|
325
|
+
Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
|
330
326
|
end
|
331
327
|
|
332
328
|
def self.finalizer(handle_obj)
|
333
329
|
proc do |object_id|
|
334
|
-
Datadog::
|
330
|
+
Datadog::AppSec::WAF::LibDDWAF.ddwaf_destroy(handle_obj)
|
335
331
|
end
|
336
332
|
end
|
337
333
|
end
|
@@ -343,9 +339,9 @@ module Datadog
|
|
343
339
|
|
344
340
|
def initialize(handle)
|
345
341
|
handle_obj = handle.handle_obj
|
346
|
-
free_func = Datadog::
|
342
|
+
free_func = Datadog::AppSec::WAF::LibDDWAF::ObjectNoFree
|
347
343
|
|
348
|
-
@context_obj = Datadog::
|
344
|
+
@context_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_init(handle_obj, free_func)
|
349
345
|
if @context_obj.null?
|
350
346
|
fail LibDDWAF::Error, 'Could not create context'
|
351
347
|
end
|
@@ -358,9 +354,9 @@ module Datadog
|
|
358
354
|
def self.finalizer(context_obj, input_objs)
|
359
355
|
proc do |object_id|
|
360
356
|
input_objs.each do |input_obj|
|
361
|
-
Datadog::
|
357
|
+
Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(input_obj)
|
362
358
|
end
|
363
|
-
Datadog::
|
359
|
+
Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_destroy(context_obj)
|
364
360
|
end
|
365
361
|
end
|
366
362
|
|
@@ -369,19 +365,19 @@ module Datadog
|
|
369
365
|
ddwaf_err_internal: :err_internal,
|
370
366
|
ddwaf_err_invalid_object: :err_invalid_object,
|
371
367
|
ddwaf_err_invalid_argument: :err_invalid_argument,
|
372
|
-
ddwaf_err_timeout: :
|
368
|
+
ddwaf_err_timeout: :err_timeout,
|
373
369
|
ddwaf_good: :good,
|
374
370
|
ddwaf_monitor: :monitor,
|
375
371
|
ddwaf_block: :block,
|
376
372
|
}
|
377
373
|
|
378
374
|
def run(input, timeout = DEFAULT_TIMEOUT_US)
|
379
|
-
input_obj = Datadog::
|
375
|
+
input_obj = Datadog::AppSec::WAF.ruby_to_object(input)
|
380
376
|
if input_obj.null?
|
381
377
|
fail LibDDWAF::Error, "Could not convert input: #{input.inspect}"
|
382
378
|
end
|
383
379
|
|
384
|
-
result_obj = Datadog::
|
380
|
+
result_obj = Datadog::AppSec::WAF::LibDDWAF::Result.new
|
385
381
|
if result_obj.null?
|
386
382
|
fail LibDDWAF::Error, "Could not create result object"
|
387
383
|
end
|
@@ -389,7 +385,7 @@ module Datadog
|
|
389
385
|
# retain C objects in memory for subsequent calls to run
|
390
386
|
@input_objs << input_obj
|
391
387
|
|
392
|
-
code = Datadog::
|
388
|
+
code = Datadog::AppSec::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
|
393
389
|
|
394
390
|
result = Result.new(
|
395
391
|
ACTION_MAP_OUT[result_obj[:action]],
|
@@ -400,7 +396,7 @@ module Datadog
|
|
400
396
|
|
401
397
|
[ACTION_MAP_OUT[code], result]
|
402
398
|
ensure
|
403
|
-
Datadog::
|
399
|
+
Datadog::AppSec::WAF::LibDDWAF.ddwaf_result_free(result_obj) if result_obj
|
404
400
|
end
|
405
401
|
end
|
406
402
|
end
|
data/lib/libddwaf.rb
CHANGED
@@ -1 +1 @@
|
|
1
|
-
require 'datadog/
|
1
|
+
require 'datadog/appsec/waf'
|
metadata
CHANGED
@@ -1,29 +1,29 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: libddwaf
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.14.1.
|
4
|
+
version: 1.0.14.2.1.beta1
|
5
5
|
platform: x86_64-linux
|
6
6
|
authors:
|
7
7
|
- Datadog, Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-03-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ffi
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- - "
|
17
|
+
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0'
|
19
|
+
version: '1.0'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
|
-
- - "
|
24
|
+
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '0'
|
26
|
+
version: '1.0'
|
27
27
|
description: 'libddwaf packages a WAF implementation in C++, exposed to Ruby
|
28
28
|
|
29
29
|
'
|
@@ -38,8 +38,8 @@ files:
|
|
38
38
|
- LICENSE.Apache
|
39
39
|
- LICENSE.BSD3
|
40
40
|
- NOTICE
|
41
|
-
- lib/datadog/
|
42
|
-
- lib/datadog/
|
41
|
+
- lib/datadog/appsec/waf.rb
|
42
|
+
- lib/datadog/appsec/waf/version.rb
|
43
43
|
- lib/libddwaf.rb
|
44
44
|
- vendor/libddwaf/libddwaf-1.0.14-linux-x86_64/include/ddwaf.h
|
45
45
|
- vendor/libddwaf/libddwaf-1.0.14-linux-x86_64/lib/libddwaf.so
|
@@ -57,9 +57,6 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
57
57
|
- - ">="
|
58
58
|
- !ruby/object:Gem::Version
|
59
59
|
version: '2.1'
|
60
|
-
- - "<"
|
61
|
-
- !ruby/object:Gem::Version
|
62
|
-
version: '3.2'
|
63
60
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
64
61
|
requirements:
|
65
62
|
- - ">="
|