libddwaf 1.0.14.2.1.beta1-x86_64-darwin → 1.3.0.0.0-x86_64-darwin
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/datadog/appsec/waf/version.rb +2 -2
- data/lib/datadog/appsec/waf.rb +81 -25
- data/vendor/libddwaf/{libddwaf-1.0.14-darwin-x86_64 → libddwaf-1.3.0-darwin-x86_64}/include/ddwaf.h +161 -23
- data/vendor/libddwaf/libddwaf-1.3.0-darwin-x86_64/lib/libddwaf.dylib +0 -0
- metadata +4 -4
- data/vendor/libddwaf/libddwaf-1.0.14-darwin-x86_64/lib/libddwaf.dylib +0 -0
    
        checksums.yaml
    CHANGED
    
    | @@ -1,7 +1,7 @@ | |
| 1 1 | 
             
            ---
         | 
| 2 2 | 
             
            SHA256:
         | 
| 3 | 
            -
              metadata.gz:  | 
| 4 | 
            -
              data.tar.gz:  | 
| 3 | 
            +
              metadata.gz: 497853cda138deb534653806812b6b9860b67d9a53892272d6cd211988f95668
         | 
| 4 | 
            +
              data.tar.gz: 94fa45fe7bcd7082ec72f442ee9592cd9a6f74fa546c91027a009c3a236d0dab
         | 
| 5 5 | 
             
            SHA512:
         | 
| 6 | 
            -
              metadata.gz:  | 
| 7 | 
            -
              data.tar.gz:  | 
| 6 | 
            +
              metadata.gz: 846194bd98f44c7ef1c2fe7c62619bc13a5b680193037eb0816e08d5b7f6a0eef930ef5d303aa02e413b4806290723408294b3d62dad0e7d00284917f6961fd9
         | 
| 7 | 
            +
              data.tar.gz: 50d0e060b5a6274307fc49c1730af3f45bc999270b1abbc4ef9949354057f2ee9e1065e5cfd5bbf62e5cc335ea8017076037100bd9d59fd47ca18be723d14fd1
         | 
    
        data/lib/datadog/appsec/waf.rb
    CHANGED
    
    | @@ -73,6 +73,25 @@ module Datadog | |
| 73 73 | 
             
                                          :ddwaf_obj_map,      1 << 4
         | 
| 74 74 |  | 
| 75 75 | 
             
                    typedef :pointer, :charptr
         | 
| 76 | 
            +
                    typedef :pointer, :charptrptr
         | 
| 77 | 
            +
             | 
| 78 | 
            +
                    class UInt32Ptr < ::FFI::Struct
         | 
| 79 | 
            +
                      layout :value, :uint32
         | 
| 80 | 
            +
                    end
         | 
| 81 | 
            +
             | 
| 82 | 
            +
                    typedef UInt32Ptr.by_ref, :uint32ptr
         | 
| 83 | 
            +
             | 
| 84 | 
            +
                    class UInt64Ptr < ::FFI::Struct
         | 
| 85 | 
            +
                      layout :value, :uint64
         | 
| 86 | 
            +
                    end
         | 
| 87 | 
            +
             | 
| 88 | 
            +
                    typedef UInt64Ptr.by_ref, :uint64ptr
         | 
| 89 | 
            +
             | 
| 90 | 
            +
                    class SizeTPtr < ::FFI::Struct
         | 
| 91 | 
            +
                      layout :value, :size_t
         | 
| 92 | 
            +
                    end
         | 
| 93 | 
            +
             | 
| 94 | 
            +
                    typedef SizeTPtr.by_ref, :sizeptr
         | 
| 76 95 |  | 
| 77 96 | 
             
                    class ObjectValueUnion < ::FFI::Union
         | 
| 78 97 | 
             
                      layout :stringValue, :charptr,
         | 
| @@ -91,6 +110,8 @@ module Datadog | |
| 91 110 |  | 
| 92 111 | 
             
                    typedef Object.by_ref, :ddwaf_object
         | 
| 93 112 |  | 
| 113 | 
            +
                    ## setters
         | 
| 114 | 
            +
             | 
| 94 115 | 
             
                    attach_function :ddwaf_object_invalid, [:ddwaf_object], :ddwaf_object
         | 
| 95 116 | 
             
                    attach_function :ddwaf_object_string, [:ddwaf_object, :string], :ddwaf_object
         | 
| 96 117 | 
             
                    attach_function :ddwaf_object_stringl, [:ddwaf_object, :charptr, :size_t], :ddwaf_object
         | 
| @@ -108,6 +129,19 @@ module Datadog | |
| 108 129 | 
             
                    attach_function :ddwaf_object_map_addl, [:ddwaf_object, :charptr, :size_t, :pointer], :bool
         | 
| 109 130 | 
             
                    attach_function :ddwaf_object_map_addl_nc, [:ddwaf_object, :charptr, :size_t, :pointer], :bool
         | 
| 110 131 |  | 
| 132 | 
            +
                    ## getters
         | 
| 133 | 
            +
             | 
| 134 | 
            +
                    attach_function :ddwaf_object_type, [:ddwaf_object], DDWAF_OBJ_TYPE
         | 
| 135 | 
            +
                    attach_function :ddwaf_object_size, [:ddwaf_object], :uint64
         | 
| 136 | 
            +
                    attach_function :ddwaf_object_length, [:ddwaf_object], :size_t
         | 
| 137 | 
            +
                    attach_function :ddwaf_object_get_key, [:ddwaf_object, :sizeptr], :charptr
         | 
| 138 | 
            +
                    attach_function :ddwaf_object_get_string, [:ddwaf_object, :sizeptr], :charptr
         | 
| 139 | 
            +
                    attach_function :ddwaf_object_get_unsigned, [:ddwaf_object], :uint64
         | 
| 140 | 
            +
                    attach_function :ddwaf_object_get_signed, [:ddwaf_object], :int64
         | 
| 141 | 
            +
                    attach_function :ddwaf_object_get_index, [:ddwaf_object, :size_t], :ddwaf_object
         | 
| 142 | 
            +
             | 
| 143 | 
            +
                    ## freeers
         | 
| 144 | 
            +
             | 
| 111 145 | 
             
                    ObjectFree = attach_function :ddwaf_object_free, [:ddwaf_object], :void
         | 
| 112 146 | 
             
                    ObjectNoFree = ::FFI::Pointer::NULL
         | 
| 113 147 |  | 
| @@ -117,17 +151,39 @@ module Datadog | |
| 117 151 | 
             
                    typedef Object.by_ref, :ddwaf_rule
         | 
| 118 152 |  | 
| 119 153 | 
             
                    class Config < ::FFI::Struct
         | 
| 120 | 
            -
                       | 
| 121 | 
            -
             | 
| 122 | 
            -
             | 
| 154 | 
            +
                      class Limits < ::FFI::Struct
         | 
| 155 | 
            +
                        layout :max_container_size,  :uint32,
         | 
| 156 | 
            +
                               :max_container_depth, :uint32,
         | 
| 157 | 
            +
                               :max_string_length,   :uint32
         | 
| 158 | 
            +
                      end
         | 
| 159 | 
            +
             | 
| 160 | 
            +
                      class Obfuscator < ::FFI::Struct
         | 
| 161 | 
            +
                        layout :key_regex,   :string,
         | 
| 162 | 
            +
                               :value_regex, :string
         | 
| 163 | 
            +
                      end
         | 
| 164 | 
            +
             | 
| 165 | 
            +
                      layout :limits,     Limits,
         | 
| 166 | 
            +
                             :obfuscator, Obfuscator
         | 
| 123 167 | 
             
                    end
         | 
| 124 168 |  | 
| 125 169 | 
             
                    typedef Config.by_ref, :ddwaf_config
         | 
| 126 170 |  | 
| 127 | 
            -
                     | 
| 171 | 
            +
                    class RuleSetInfo < ::FFI::Struct
         | 
| 172 | 
            +
                      layout :loaded, :uint16,
         | 
| 173 | 
            +
                             :failed, :uint16,
         | 
| 174 | 
            +
                             :errors, Object,
         | 
| 175 | 
            +
                             :version, :string
         | 
| 176 | 
            +
                    end
         | 
| 177 | 
            +
             | 
| 178 | 
            +
                    typedef RuleSetInfo.by_ref, :ddwaf_ruleset_info
         | 
| 179 | 
            +
                    RuleSetInfoNone = Datadog::AppSec::WAF::LibDDWAF::RuleSetInfo.new(::FFI::Pointer::NULL)
         | 
| 180 | 
            +
             | 
| 181 | 
            +
                    attach_function :ddwaf_ruleset_info_free, [:ddwaf_ruleset_info], :void
         | 
| 182 | 
            +
             | 
| 183 | 
            +
                    attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_ruleset_info], :ddwaf_handle
         | 
| 128 184 | 
             
                    attach_function :ddwaf_destroy, [:ddwaf_handle], :void
         | 
| 129 185 |  | 
| 130 | 
            -
                    attach_function :ddwaf_required_addresses, [:ddwaf_handle, : | 
| 186 | 
            +
                    attach_function :ddwaf_required_addresses, [:ddwaf_handle, :uint32ptr], :charptrptr
         | 
| 131 187 |  | 
| 132 188 | 
             
                    # running
         | 
| 133 189 |  | 
| @@ -138,19 +194,17 @@ module Datadog | |
| 138 194 | 
             
                    attach_function :ddwaf_context_init, [:ddwaf_handle, :ddwaf_object_free_fn], :ddwaf_context
         | 
| 139 195 | 
             
                    attach_function :ddwaf_context_destroy, [:ddwaf_context], :void
         | 
| 140 196 |  | 
| 141 | 
            -
                    DDWAF_RET_CODE = enum :ddwaf_err_internal,         - | 
| 142 | 
            -
                                          :ddwaf_err_invalid_object,   - | 
| 143 | 
            -
                                          :ddwaf_err_invalid_argument, - | 
| 144 | 
            -
                                          :ddwaf_err_timeout,          -1,
         | 
| 197 | 
            +
                    DDWAF_RET_CODE = enum :ddwaf_err_internal,         -3,
         | 
| 198 | 
            +
                                          :ddwaf_err_invalid_object,   -2,
         | 
| 199 | 
            +
                                          :ddwaf_err_invalid_argument, -1,
         | 
| 145 200 | 
             
                                          :ddwaf_good,                  0,
         | 
| 146 201 | 
             
                                          :ddwaf_monitor,               1,
         | 
| 147 202 | 
             
                                          :ddwaf_block,                 2
         | 
| 148 203 |  | 
| 149 204 | 
             
                    class Result < ::FFI::Struct
         | 
| 150 | 
            -
                      layout : | 
| 205 | 
            +
                      layout :timeout,          :bool,
         | 
| 151 206 | 
             
                             :data,             :string,
         | 
| 152 | 
            -
                             : | 
| 153 | 
            -
                             :perfTotalRuntime, :uint32 # in us
         | 
| 207 | 
            +
                             :total_runtime,    :uint64
         | 
| 154 208 | 
             
                    end
         | 
| 155 209 |  | 
| 156 210 | 
             
                    typedef Result.by_ref, :ddwaf_result
         | 
| @@ -287,7 +341,7 @@ module Datadog | |
| 287 341 |  | 
| 288 342 | 
             
                  def self.logger=(logger)
         | 
| 289 343 | 
             
                    @log_cb = proc do |level, func, file, line, message, len|
         | 
| 290 | 
            -
                      logger.debug { { level: level, func: func, file: file, message: message.read_bytes(len) }.inspect }
         | 
| 344 | 
            +
                      logger.debug { { level: level, func: func, file: file, line: line, message: message.read_bytes(len) }.inspect }
         | 
| 291 345 | 
             
                    end
         | 
| 292 346 |  | 
| 293 347 | 
             
                    Datadog::AppSec::WAF::LibDDWAF.ddwaf_set_log_cb(@log_cb, :ddwaf_log_trace)
         | 
| @@ -296,9 +350,9 @@ module Datadog | |
| 296 350 | 
             
                  class Handle
         | 
| 297 351 | 
             
                    attr_reader :handle_obj
         | 
| 298 352 |  | 
| 299 | 
            -
                     | 
| 300 | 
            -
                     | 
| 301 | 
            -
                     | 
| 353 | 
            +
                    DEFAULT_MAX_CONTAINER_SIZE  = 0
         | 
| 354 | 
            +
                    DEFAULT_MAX_CONTAINER_DEPTH = 0
         | 
| 355 | 
            +
                    DEFAULT_MAX_STRING_LENGTH   = 0
         | 
| 302 356 |  | 
| 303 357 | 
             
                    def initialize(rule, config = {})
         | 
| 304 358 | 
             
                      rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
         | 
| @@ -311,17 +365,20 @@ module Datadog | |
| 311 365 | 
             
                        fail LibDDWAF::Error, 'Could not create config struct'
         | 
| 312 366 | 
             
                      end
         | 
| 313 367 |  | 
| 314 | 
            -
                      config_obj[: | 
| 315 | 
            -
                      config_obj[: | 
| 316 | 
            -
                      config_obj[: | 
| 368 | 
            +
                      config_obj[:limits][:max_container_size]  = config[:max_container_size]  || DEFAULT_MAX_CONTAINER_SIZE
         | 
| 369 | 
            +
                      config_obj[:limits][:max_container_depth] = config[:max_container_depth] || DEFAULT_MAX_CONTAINER_DEPTH
         | 
| 370 | 
            +
                      config_obj[:limits][:max_string_length]   = config[:max_string_length]   || DEFAULT_MAX_STRING_LENGTH
         | 
| 371 | 
            +
             | 
| 372 | 
            +
                      ruleset_info = LibDDWAF::RuleSetInfoNone
         | 
| 317 373 |  | 
| 318 | 
            -
                      @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj)
         | 
| 374 | 
            +
                      @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj, ruleset_info)
         | 
| 319 375 | 
             
                      if @handle_obj.null?
         | 
| 320 376 | 
             
                        fail LibDDWAF::Error, 'Could not create handle'
         | 
| 321 377 | 
             
                      end
         | 
| 322 378 |  | 
| 323 379 | 
             
                      ObjectSpace.define_finalizer(self, Handle.finalizer(handle_obj))
         | 
| 324 380 | 
             
                    ensure
         | 
| 381 | 
            +
                      Datadog::AppSec::WAF::LibDDWAF.ddwaf_ruleset_info_free(ruleset_info) if ruleset_info
         | 
| 325 382 | 
             
                      Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
         | 
| 326 383 | 
             
                    end
         | 
| 327 384 |  | 
| @@ -332,7 +389,7 @@ module Datadog | |
| 332 389 | 
             
                    end
         | 
| 333 390 | 
             
                  end
         | 
| 334 391 |  | 
| 335 | 
            -
                  Result = Struct.new(:action, :data, : | 
| 392 | 
            +
                  Result = Struct.new(:action, :data, :total_runtime, :timeout)
         | 
| 336 393 |  | 
| 337 394 | 
             
                  class Context
         | 
| 338 395 | 
             
                    attr_reader :context_obj
         | 
| @@ -365,7 +422,6 @@ module Datadog | |
| 365 422 | 
             
                      ddwaf_err_internal:         :err_internal,
         | 
| 366 423 | 
             
                      ddwaf_err_invalid_object:   :err_invalid_object,
         | 
| 367 424 | 
             
                      ddwaf_err_invalid_argument: :err_invalid_argument,
         | 
| 368 | 
            -
                      ddwaf_err_timeout:          :err_timeout,
         | 
| 369 425 | 
             
                      ddwaf_good:                 :good,
         | 
| 370 426 | 
             
                      ddwaf_monitor:              :monitor,
         | 
| 371 427 | 
             
                      ddwaf_block:                :block,
         | 
| @@ -388,10 +444,10 @@ module Datadog | |
| 388 444 | 
             
                      code = Datadog::AppSec::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
         | 
| 389 445 |  | 
| 390 446 | 
             
                      result = Result.new(
         | 
| 391 | 
            -
                        ACTION_MAP_OUT[ | 
| 447 | 
            +
                        ACTION_MAP_OUT[code],
         | 
| 392 448 | 
             
                        (JSON.parse(result_obj[:data]) if result_obj[:data] != nil),
         | 
| 393 | 
            -
                         | 
| 394 | 
            -
                        result_obj[: | 
| 449 | 
            +
                        result_obj[:total_runtime],
         | 
| 450 | 
            +
                        result_obj[:timeout],
         | 
| 395 451 | 
             
                      )
         | 
| 396 452 |  | 
| 397 453 | 
             
                      [ACTION_MAP_OUT[code], result]
         | 
    
        data/vendor/libddwaf/{libddwaf-1.0.14-darwin-x86_64 → libddwaf-1.3.0-darwin-x86_64}/include/ddwaf.h
    RENAMED
    
    | @@ -17,8 +17,8 @@ extern "C" | |
| 17 17 | 
             
            #include <stddef.h>
         | 
| 18 18 |  | 
| 19 19 | 
             
            #define DDWAF_MAX_STRING_LENGTH 4096
         | 
| 20 | 
            -
            #define  | 
| 21 | 
            -
            #define  | 
| 20 | 
            +
            #define DDWAF_MAX_CONTAINER_DEPTH 20
         | 
| 21 | 
            +
            #define DDWAF_MAX_CONTAINER_SIZE 256
         | 
| 22 22 | 
             
            #define DDWAF_RUN_TIMEOUT 5000
         | 
| 23 23 |  | 
| 24 24 | 
             
            /**
         | 
| @@ -48,10 +48,9 @@ typedef enum | |
| 48 48 | 
             
             **/
         | 
| 49 49 | 
             
            typedef enum
         | 
| 50 50 | 
             
            {
         | 
| 51 | 
            -
                DDWAF_ERR_INTERNAL     = - | 
| 52 | 
            -
                DDWAF_ERR_INVALID_OBJECT = - | 
| 53 | 
            -
                DDWAF_ERR_INVALID_ARGUMENT = - | 
| 54 | 
            -
                DDWAF_ERR_TIMEOUT      = -1,
         | 
| 51 | 
            +
                DDWAF_ERR_INTERNAL     = -3,
         | 
| 52 | 
            +
                DDWAF_ERR_INVALID_OBJECT = -2,
         | 
| 53 | 
            +
                DDWAF_ERR_INVALID_ARGUMENT = -1,
         | 
| 55 54 | 
             
                DDWAF_GOOD             = 0,
         | 
| 56 55 | 
             
                DDWAF_MONITOR          = 1,
         | 
| 57 56 | 
             
                DDWAF_BLOCK            = 2
         | 
| @@ -72,13 +71,21 @@ typedef enum | |
| 72 71 | 
             
                DDWAF_LOG_OFF,
         | 
| 73 72 | 
             
            } DDWAF_LOG_LEVEL;
         | 
| 74 73 |  | 
| 74 | 
            +
            #ifdef __cplusplus
         | 
| 75 | 
            +
            class PowerWAF;
         | 
| 76 | 
            +
            class PWAdditive;
         | 
| 77 | 
            +
            using ddwaf_handle = PowerWAF *;
         | 
| 78 | 
            +
            using ddwaf_context = PWAdditive *;
         | 
| 79 | 
            +
            #else
         | 
| 75 80 | 
             
            typedef struct _ddwaf_handle* ddwaf_handle;
         | 
| 76 81 | 
             
            typedef struct _ddwaf_context* ddwaf_context;
         | 
| 82 | 
            +
            #endif
         | 
| 83 | 
            +
             | 
| 77 84 | 
             
            typedef struct _ddwaf_object ddwaf_object;
         | 
| 78 85 | 
             
            typedef struct _ddwaf_config ddwaf_config;
         | 
| 79 86 | 
             
            typedef struct _ddwaf_result ddwaf_result;
         | 
| 80 87 | 
             
            typedef struct _ddwaf_version ddwaf_version;
         | 
| 81 | 
            -
             | 
| 88 | 
            +
            typedef struct _ddwaf_ruleset_info ddwaf_ruleset_info;
         | 
| 82 89 | 
             
            /**
         | 
| 83 90 | 
             
             * @struct ddwaf_object
         | 
| 84 91 | 
             
             *
         | 
| @@ -94,7 +101,7 @@ struct _ddwaf_object | |
| 94 101 | 
             
                    const char* stringValue;
         | 
| 95 102 | 
             
                    uint64_t uintValue;
         | 
| 96 103 | 
             
                    int64_t intValue;
         | 
| 97 | 
            -
                     | 
| 104 | 
            +
                    ddwaf_object* array;
         | 
| 98 105 | 
             
                };
         | 
| 99 106 | 
             
                uint64_t nbEntries;
         | 
| 100 107 | 
             
                DDWAF_OBJ_TYPE type;
         | 
| @@ -107,12 +114,22 @@ struct _ddwaf_object | |
| 107 114 | 
             
             **/
         | 
| 108 115 | 
             
            struct _ddwaf_config
         | 
| 109 116 | 
             
            {
         | 
| 110 | 
            -
                 | 
| 111 | 
            -
             | 
| 112 | 
            -
             | 
| 113 | 
            -
             | 
| 114 | 
            -
             | 
| 115 | 
            -
             | 
| 117 | 
            +
                struct {
         | 
| 118 | 
            +
                    /** Maximum size of ddwaf::object containers. */
         | 
| 119 | 
            +
                    uint32_t max_container_size;
         | 
| 120 | 
            +
                    /** Maximum depth of ddwaf::object containers. */
         | 
| 121 | 
            +
                    uint32_t max_container_depth;
         | 
| 122 | 
            +
                    /** Maximum length of ddwaf::object strings. */
         | 
| 123 | 
            +
                    uint32_t max_string_length;
         | 
| 124 | 
            +
                } limits;
         | 
| 125 | 
            +
             | 
| 126 | 
            +
                /** Obfuscator regexes - the strings are owned by the caller */
         | 
| 127 | 
            +
                struct {
         | 
| 128 | 
            +
                    /** Regular expression for key-based obfuscation */
         | 
| 129 | 
            +
                    const char *key_regex;
         | 
| 130 | 
            +
                    /** Regular expression for value-based obfuscation */
         | 
| 131 | 
            +
                    const char *value_regex;
         | 
| 132 | 
            +
                } obfuscator;
         | 
| 116 133 | 
             
            };
         | 
| 117 134 |  | 
| 118 135 | 
             
            /**
         | 
| @@ -122,14 +139,12 @@ struct _ddwaf_config | |
| 122 139 | 
             
             **/
         | 
| 123 140 | 
             
            struct _ddwaf_result
         | 
| 124 141 | 
             
            {
         | 
| 125 | 
            -
                /**  | 
| 126 | 
            -
                 | 
| 142 | 
            +
                /** Whether there has been a timeout during the operation **/
         | 
| 143 | 
            +
                bool timeout;
         | 
| 127 144 | 
             
                /** Run result in JSON format **/
         | 
| 128 145 | 
             
                const char* data;
         | 
| 129 | 
            -
                /**  | 
| 130 | 
            -
                 | 
| 131 | 
            -
                /** Total run time in microseconds **/
         | 
| 132 | 
            -
                uint32_t perfTotalRuntime;
         | 
| 146 | 
            +
                /** Total WAF runtime in nanoseconds **/
         | 
| 147 | 
            +
                uint64_t total_runtime;
         | 
| 133 148 | 
             
            };
         | 
| 134 149 |  | 
| 135 150 | 
             
            /**
         | 
| @@ -144,6 +159,24 @@ struct _ddwaf_version | |
| 144 159 | 
             
                uint16_t patch;
         | 
| 145 160 | 
             
            };
         | 
| 146 161 |  | 
| 162 | 
            +
            /**
         | 
| 163 | 
            +
             * @ddwaf_ruleset_info
         | 
| 164 | 
            +
             *
         | 
| 165 | 
            +
             * Structure containing diagnostics on the provided ruleset.
         | 
| 166 | 
            +
             * */
         | 
| 167 | 
            +
            struct _ddwaf_ruleset_info
         | 
| 168 | 
            +
            {
         | 
| 169 | 
            +
                /** Number of rules successfully loaded **/
         | 
| 170 | 
            +
                uint16_t loaded;
         | 
| 171 | 
            +
                /** Number of rules which failed to parse **/
         | 
| 172 | 
            +
                uint16_t failed;
         | 
| 173 | 
            +
                /** Map from an error string to an array of all the rule ids for which
         | 
| 174 | 
            +
                 *  that error was raised. {error: [rule_ids]} **/
         | 
| 175 | 
            +
                ddwaf_object errors;
         | 
| 176 | 
            +
                /** Ruleset version **/
         | 
| 177 | 
            +
                const char *version;
         | 
| 178 | 
            +
            };
         | 
| 179 | 
            +
             | 
| 147 180 | 
             
            /**
         | 
| 148 181 | 
             
             * @typedef ddwaf_object_free_fn
         | 
| 149 182 | 
             
             *
         | 
| @@ -174,10 +207,12 @@ typedef void (*ddwaf_log_cb)( | |
| 174 207 | 
             
             *
         | 
| 175 208 | 
             
             * @param rule ddwaf::object containing the patterns to be used by the WAF. (nonnull)
         | 
| 176 209 | 
             
             * @param config Optional configuration of the WAF. (nullable)
         | 
| 210 | 
            +
             * @param info Optional ruleset parsing diagnostics. (nullable)
         | 
| 177 211 | 
             
             *
         | 
| 178 212 | 
             
             * @return Handle to the WAF instance.
         | 
| 179 213 | 
             
             **/
         | 
| 180 | 
            -
            ddwaf_handle ddwaf_init(const ddwaf_object *rule, | 
| 214 | 
            +
            ddwaf_handle ddwaf_init(const ddwaf_object *rule,
         | 
| 215 | 
            +
                const ddwaf_config* config, ddwaf_ruleset_info *info);
         | 
| 181 216 |  | 
| 182 217 | 
             
            /**
         | 
| 183 218 | 
             
             * ddwaf_destroy
         | 
| @@ -187,7 +222,14 @@ ddwaf_handle ddwaf_init(const ddwaf_object *rule, const ddwaf_config* config); | |
| 187 222 | 
             
             * @param Handle to the WAF instance.
         | 
| 188 223 | 
             
             */
         | 
| 189 224 | 
             
            void ddwaf_destroy(ddwaf_handle handle);
         | 
| 190 | 
            -
             | 
| 225 | 
            +
            /**
         | 
| 226 | 
            +
             * ddwaf_ruleset_info_free
         | 
| 227 | 
            +
             *
         | 
| 228 | 
            +
             * Free the memory associated with the ruleset info structure.
         | 
| 229 | 
            +
             *
         | 
| 230 | 
            +
             * @param info Ruleset info to free.
         | 
| 231 | 
            +
             * */
         | 
| 232 | 
            +
            void ddwaf_ruleset_info_free(ddwaf_ruleset_info *info);
         | 
| 191 233 | 
             
            /**
         | 
| 192 234 | 
             
             * ddwaf_required_addresses
         | 
| 193 235 | 
             
             *
         | 
| @@ -248,7 +290,8 @@ ddwaf_context ddwaf_context_init(const ddwaf_handle handle, ddwaf_object_free_fn | |
| 248 290 | 
             
             *                           data is unknown. The result structure will not be
         | 
| 249 291 | 
             
             *                           filled if this error occurs.
         | 
| 250 292 | 
             
             **/
         | 
| 251 | 
            -
            DDWAF_RET_CODE ddwaf_run(ddwaf_context context, ddwaf_object *data, | 
| 293 | 
            +
            DDWAF_RET_CODE ddwaf_run(ddwaf_context context, ddwaf_object *data,
         | 
| 294 | 
            +
                                     ddwaf_result *result,  uint64_t timeout);
         | 
| 252 295 |  | 
| 253 296 | 
             
            /**
         | 
| 254 297 | 
             
             * ddwaf_context_destroy
         | 
| @@ -451,6 +494,101 @@ bool ddwaf_object_map_addl(ddwaf_object *map, const char *key, size_t length, dd | |
| 451 494 | 
             
             **/
         | 
| 452 495 | 
             
            bool ddwaf_object_map_addl_nc(ddwaf_object *map, const char *key, size_t length, ddwaf_object *object);
         | 
| 453 496 |  | 
| 497 | 
            +
            /**
         | 
| 498 | 
            +
             * ddwaf_object_type
         | 
| 499 | 
            +
             *
         | 
| 500 | 
            +
             * Returns the type of the object.
         | 
| 501 | 
            +
             *
         | 
| 502 | 
            +
             * @param object The object from which to get the type.
         | 
| 503 | 
            +
             *
         | 
| 504 | 
            +
             * @return The object type of DDWAF_OBJ_INVALID if NULL.
         | 
| 505 | 
            +
             **/
         | 
| 506 | 
            +
            DDWAF_OBJ_TYPE ddwaf_object_type(ddwaf_object *object);
         | 
| 507 | 
            +
             | 
| 508 | 
            +
            /**
         | 
| 509 | 
            +
             * ddwaf_object_size
         | 
| 510 | 
            +
             *
         | 
| 511 | 
            +
             * Returns the size of the container object.
         | 
| 512 | 
            +
             *
         | 
| 513 | 
            +
             * @param object The object from which to get the size.
         | 
| 514 | 
            +
             *
         | 
| 515 | 
            +
             * @return The object size or 0 if the object is not a container (array, map).
         | 
| 516 | 
            +
             **/
         | 
| 517 | 
            +
            size_t ddwaf_object_size(ddwaf_object *object);
         | 
| 518 | 
            +
             | 
| 519 | 
            +
            /**
         | 
| 520 | 
            +
             * ddwaf_object_length
         | 
| 521 | 
            +
             *
         | 
| 522 | 
            +
             * Returns the length of the string object.
         | 
| 523 | 
            +
             *
         | 
| 524 | 
            +
             * @param object The object from which to get the length.
         | 
| 525 | 
            +
             *
         | 
| 526 | 
            +
             * @return The string length or 0 if the object is not a string.
         | 
| 527 | 
            +
             **/
         | 
| 528 | 
            +
            size_t ddwaf_object_length(ddwaf_object *object);
         | 
| 529 | 
            +
             | 
| 530 | 
            +
            /**
         | 
| 531 | 
            +
             * ddwaf_object_get_key
         | 
| 532 | 
            +
             *
         | 
| 533 | 
            +
             * Returns the key contained within the object.
         | 
| 534 | 
            +
             *
         | 
| 535 | 
            +
             * @param object The object from which to get the key.
         | 
| 536 | 
            +
             * @param length Output parameter on which to return the length of the key,
         | 
| 537 | 
            +
             *               this parameter is optional / nullable.
         | 
| 538 | 
            +
             *
         | 
| 539 | 
            +
             * @return The key of the object or NULL if the object doesn't contain a key.
         | 
| 540 | 
            +
             **/
         | 
| 541 | 
            +
            const char* ddwaf_object_get_key(ddwaf_object *object, size_t *length);
         | 
| 542 | 
            +
             | 
| 543 | 
            +
            /**
         | 
| 544 | 
            +
             * ddwaf_object_get_string
         | 
| 545 | 
            +
             *
         | 
| 546 | 
            +
             * Returns the string contained within the object.
         | 
| 547 | 
            +
             *
         | 
| 548 | 
            +
             * @param object The object from which to get the string.
         | 
| 549 | 
            +
             * @param length Output parameter on which to return the length of the string,
         | 
| 550 | 
            +
             *               this parameter is optional / nullable.
         | 
| 551 | 
            +
             *
         | 
| 552 | 
            +
             * @return The string of the object or NULL if the object is not a string.
         | 
| 553 | 
            +
             **/
         | 
| 554 | 
            +
            const char* ddwaf_object_get_string(ddwaf_object *object, size_t *length);
         | 
| 555 | 
            +
             | 
| 556 | 
            +
            /**
         | 
| 557 | 
            +
             * ddwaf_object_get_unsigned
         | 
| 558 | 
            +
             *
         | 
| 559 | 
            +
             * Returns the uint64 contained within the object.
         | 
| 560 | 
            +
             *
         | 
| 561 | 
            +
             * @param object The object from which to get the integer.
         | 
| 562 | 
            +
             *
         | 
| 563 | 
            +
             * @return The integer or 0 if the object is not an unsigned.
         | 
| 564 | 
            +
             **/
         | 
| 565 | 
            +
            uint64_t ddwaf_object_get_unsigned(ddwaf_object *object);
         | 
| 566 | 
            +
             | 
| 567 | 
            +
            /**
         | 
| 568 | 
            +
             * ddwaf_object_get_signed
         | 
| 569 | 
            +
             *
         | 
| 570 | 
            +
             * Returns the int64 contained within the object.
         | 
| 571 | 
            +
             *
         | 
| 572 | 
            +
             * @param object The object from which to get the integer.
         | 
| 573 | 
            +
             *
         | 
| 574 | 
            +
             * @return The integer or 0 if the object is not a signed.
         | 
| 575 | 
            +
             **/
         | 
| 576 | 
            +
            int64_t ddwaf_object_get_signed(ddwaf_object *object);
         | 
| 577 | 
            +
             | 
| 578 | 
            +
            /**
         | 
| 579 | 
            +
             * ddwaf_object_get_index
         | 
| 580 | 
            +
             *
         | 
| 581 | 
            +
             * Returns the object contained in the container at the given index.
         | 
| 582 | 
            +
             *
         | 
| 583 | 
            +
             * @param object The container from which to extract the object.
         | 
| 584 | 
            +
             * @param index The position of the required object within the container.
         | 
| 585 | 
            +
             *
         | 
| 586 | 
            +
             * @return The requested object or NULL if the index is out of bounds or the
         | 
| 587 | 
            +
             *         object is not a container.
         | 
| 588 | 
            +
             **/
         | 
| 589 | 
            +
            ddwaf_object* ddwaf_object_get_index(ddwaf_object *object, size_t index);
         | 
| 590 | 
            +
             | 
| 591 | 
            +
             | 
| 454 592 | 
             
            /**
         | 
| 455 593 | 
             
             * ddwaf_object_free
         | 
| 456 594 | 
             
             *
         | 
| Binary file | 
    
        metadata
    CHANGED
    
    | @@ -1,14 +1,14 @@ | |
| 1 1 | 
             
            --- !ruby/object:Gem::Specification
         | 
| 2 2 | 
             
            name: libddwaf
         | 
| 3 3 | 
             
            version: !ruby/object:Gem::Version
         | 
| 4 | 
            -
              version: 1.0. | 
| 4 | 
            +
              version: 1.3.0.0.0
         | 
| 5 5 | 
             
            platform: x86_64-darwin
         | 
| 6 6 | 
             
            authors:
         | 
| 7 7 | 
             
            - Datadog, Inc.
         | 
| 8 8 | 
             
            autorequire:
         | 
| 9 9 | 
             
            bindir: bin
         | 
| 10 10 | 
             
            cert_chain: []
         | 
| 11 | 
            -
            date: 2022- | 
| 11 | 
            +
            date: 2022-04-29 00:00:00.000000000 Z
         | 
| 12 12 | 
             
            dependencies:
         | 
| 13 13 | 
             
            - !ruby/object:Gem::Dependency
         | 
| 14 14 | 
             
              name: ffi
         | 
| @@ -41,8 +41,8 @@ files: | |
| 41 41 | 
             
            - lib/datadog/appsec/waf.rb
         | 
| 42 42 | 
             
            - lib/datadog/appsec/waf/version.rb
         | 
| 43 43 | 
             
            - lib/libddwaf.rb
         | 
| 44 | 
            -
            - vendor/libddwaf/libddwaf-1.0 | 
| 45 | 
            -
            - vendor/libddwaf/libddwaf-1.0 | 
| 44 | 
            +
            - vendor/libddwaf/libddwaf-1.3.0-darwin-x86_64/include/ddwaf.h
         | 
| 45 | 
            +
            - vendor/libddwaf/libddwaf-1.3.0-darwin-x86_64/lib/libddwaf.dylib
         | 
| 46 46 | 
             
            homepage: https://github.com/DataDog/libddwaf
         | 
| 47 47 | 
             
            licenses:
         | 
| 48 48 | 
             
            - BSD-3-Clause
         | 
| Binary file |