libddwaf 1.0.14.2.1.beta1 → 1.2.1.0.0.beta1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/datadog/appsec/waf/version.rb +2 -2
  3. data/lib/datadog/appsec/waf.rb +63 -20
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e0e9161c6e4b7bc71963dbdd1dccd97c39746e5eee90015a41f2d57cee377031
4
- data.tar.gz: 4781e93c1751034e1978a7feb0fe53dd7f8e1885fb9a5cd9d55e48744ee224f1
3
+ metadata.gz: ce1d3c829e33bcd555ab89c972cd169aea9faae5d320ab9111d11092e9dcdbc9
4
+ data.tar.gz: '0785423054d10fc757993448985897091037cb97476430d9397089f2f73dc690'
5
5
  SHA512:
6
- metadata.gz: '0847c77f7f0e4814cb87c195947d74f90143091a45f9c4fee2779552fb995c8753188397c8631373ddbd8e3c195fa8803b0ab52aa5b7414c19d6164bd88ea31f'
7
- data.tar.gz: 03d731a4309c4337008273bd6f8061ea0858e396d64a4f53f46d478f0d59a584c945d7087b1a62fbd51ba8b756fa29281c341ef4546a913dc52191e334af3dcb
6
+ metadata.gz: 42ba1288045e98493243f5abfe1bd5c88d955cc6c109210d21fccb45c0f8de84b5d36a0f0e9b073b84c05eb4b63725bb9320f5bf6034d464e0bd4d58bbe42368
7
+ data.tar.gz: 3a28ac0d61aeaff6dbed900eea9b9640550adfd82b585fa717f37abc1c1d5210fda004d0a83682a4d027f00c1d93fffeaced07790faaae15802a0e27166570dc
data/lib/datadog/appsec/waf/version.rb CHANGED
@@ -2,8 +2,8 @@ module Datadog
2
2
  module AppSec
3
3
  module WAF
4
4
  module VERSION
5
- BASE_STRING = '1.0.14'
6
- STRING = "#{BASE_STRING}.2.1.beta1"
5
+ BASE_STRING = '1.2.1'
6
+ STRING = "#{BASE_STRING}.0.0.beta1"
7
7
  MINIMUM_RUBY_VERSION = '2.1'
8
8
  end
9
9
  end
data/lib/datadog/appsec/waf.rb CHANGED
@@ -73,6 +73,25 @@ module Datadog
73
73
  :ddwaf_obj_map, 1 << 4
74
74
 
75
75
  typedef :pointer, :charptr
76
+ typedef :pointer, :charptrptr
77
+
78
+ class UInt32Ptr < ::FFI::Struct
79
+ layout :value, :uint32
80
+ end
81
+
82
+ typedef UInt32Ptr.by_ref, :uint32ptr
83
+
84
+ class UInt64Ptr < ::FFI::Struct
85
+ layout :value, :uint64
86
+ end
87
+
88
+ typedef UInt64Ptr.by_ref, :uint64ptr
89
+
90
+ class SizeTPtr < ::FFI::Struct
91
+ layout :value, :size_t
92
+ end
93
+
94
+ typedef SizeTPtr.by_ref, :sizeptr
76
95
 
77
96
  class ObjectValueUnion < ::FFI::Union
78
97
  layout :stringValue, :charptr,
@@ -91,6 +110,8 @@ module Datadog
91
110
 
92
111
  typedef Object.by_ref, :ddwaf_object
93
112
 
113
+ ## setters
114
+
94
115
  attach_function :ddwaf_object_invalid, [:ddwaf_object], :ddwaf_object
95
116
  attach_function :ddwaf_object_string, [:ddwaf_object, :string], :ddwaf_object
96
117
  attach_function :ddwaf_object_stringl, [:ddwaf_object, :charptr, :size_t], :ddwaf_object
@@ -108,6 +129,19 @@ module Datadog
108
129
  attach_function :ddwaf_object_map_addl, [:ddwaf_object, :charptr, :size_t, :pointer], :bool
109
130
  attach_function :ddwaf_object_map_addl_nc, [:ddwaf_object, :charptr, :size_t, :pointer], :bool
110
131
 
132
+ ## getters
133
+
134
+ attach_function :ddwaf_object_type, [:ddwaf_object], DDWAF_OBJ_TYPE
135
+ attach_function :ddwaf_object_size, [:ddwaf_object], :uint64
136
+ attach_function :ddwaf_object_length, [:ddwaf_object], :size_t
137
+ attach_function :ddwaf_object_get_key, [:ddwaf_object, :sizeptr], :charptr
138
+ attach_function :ddwaf_object_get_string, [:ddwaf_object, :sizeptr], :charptr
139
+ attach_function :ddwaf_object_get_unsigned, [:ddwaf_object], :uint64
140
+ attach_function :ddwaf_object_get_signed, [:ddwaf_object], :int64
141
+ attach_function :ddwaf_object_get_index, [:ddwaf_object, :size_t], :ddwaf_object
142
+
143
+ ## freeers
144
+
111
145
  ObjectFree = attach_function :ddwaf_object_free, [:ddwaf_object], :void
112
146
  ObjectNoFree = ::FFI::Pointer::NULL
113
147
 
@@ -118,16 +152,27 @@ module Datadog
118
152
 
119
153
  class Config < ::FFI::Struct
120
154
  layout :maxArrayLength, :uint64,
121
- :maxMapDepth, :uint64,
122
- :maxTimeStore, :uint64
155
+ :maxMapDepth, :uint64
123
156
  end
124
157
 
125
158
  typedef Config.by_ref, :ddwaf_config
126
159
 
127
- attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config], :ddwaf_handle
160
+ class RuleSetInfo < ::FFI::Struct
161
+ layout :loaded, :uint16,
162
+ :failed, :uint16,
163
+ :errors, Object,
164
+ :version, :string
165
+ end
166
+
167
+ typedef RuleSetInfo.by_ref, :ddwaf_ruleset_info
168
+ RuleSetInfoNone = Datadog::AppSec::WAF::LibDDWAF::RuleSetInfo.new(::FFI::Pointer::NULL)
169
+
170
+ attach_function :ddwaf_ruleset_info_free, [:ddwaf_ruleset_info], :void
171
+
172
+ attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_ruleset_info], :ddwaf_handle
128
173
  attach_function :ddwaf_destroy, [:ddwaf_handle], :void
129
174
 
130
- attach_function :ddwaf_required_addresses, [:ddwaf_handle, :pointer], :pointer
175
+ attach_function :ddwaf_required_addresses, [:ddwaf_handle, :uint32ptr], :charptrptr
131
176
 
132
177
  # running
133
178
 
@@ -138,19 +183,17 @@ module Datadog
138
183
  attach_function :ddwaf_context_init, [:ddwaf_handle, :ddwaf_object_free_fn], :ddwaf_context
139
184
  attach_function :ddwaf_context_destroy, [:ddwaf_context], :void
140
185
 
141
- DDWAF_RET_CODE = enum :ddwaf_err_internal, -4,
142
- :ddwaf_err_invalid_object, -3,
143
- :ddwaf_err_invalid_argument, -2,
144
- :ddwaf_err_timeout, -1,
186
+ DDWAF_RET_CODE = enum :ddwaf_err_internal, -3,
187
+ :ddwaf_err_invalid_object, -2,
188
+ :ddwaf_err_invalid_argument, -1,
145
189
  :ddwaf_good, 0,
146
190
  :ddwaf_monitor, 1,
147
191
  :ddwaf_block, 2
148
192
 
149
193
  class Result < ::FFI::Struct
150
- layout :action, DDWAF_RET_CODE,
194
+ layout :timeout, :bool,
151
195
  :data, :string,
152
- :perfData, :string,
153
- :perfTotalRuntime, :uint32 # in us
196
+ :total_runtime, :uint64
154
197
  end
155
198
 
156
199
  typedef Result.by_ref, :ddwaf_result
@@ -287,7 +330,7 @@ module Datadog
287
330
 
288
331
  def self.logger=(logger)
289
332
  @log_cb = proc do |level, func, file, line, message, len|
290
- logger.debug { { level: level, func: func, file: file, message: message.read_bytes(len) }.inspect }
333
+ logger.debug { { level: level, func: func, file: file, line: line, message: message.read_bytes(len) }.inspect }
291
334
  end
292
335
 
293
336
  Datadog::AppSec::WAF::LibDDWAF.ddwaf_set_log_cb(@log_cb, :ddwaf_log_trace)
@@ -298,7 +341,6 @@ module Datadog
298
341
 
299
342
  DEFAULT_MAX_ARRAY_LENGTH = 0
300
343
  DEFAULT_MAX_MAP_DEPTH = 0
301
- DEFAULT_MAX_TIME_STORE = 0
302
344
 
303
345
  def initialize(rule, config = {})
304
346
  rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
@@ -313,15 +355,17 @@ module Datadog
313
355
 
314
356
  config_obj[:maxArrayLength] = config[:max_array_length] || DEFAULT_MAX_ARRAY_LENGTH
315
357
  config_obj[:maxMapDepth] = config[:max_map_depth] || DEFAULT_MAX_MAP_DEPTH
316
- config_obj[:maxTimeStore] = config[:max_time_store] || DEFAULT_MAX_TIME_STORE
317
358
 
318
- @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj)
359
+ ruleset_info = LibDDWAF::RuleSetInfoNone
360
+
361
+ @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj, ruleset_info)
319
362
  if @handle_obj.null?
320
363
  fail LibDDWAF::Error, 'Could not create handle'
321
364
  end
322
365
 
323
366
  ObjectSpace.define_finalizer(self, Handle.finalizer(handle_obj))
324
367
  ensure
368
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_ruleset_info_free(ruleset_info) if ruleset_info
325
369
  Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
326
370
  end
327
371
 
@@ -332,7 +376,7 @@ module Datadog
332
376
  end
333
377
  end
334
378
 
335
- Result = Struct.new(:action, :data, :perf_data, :perf_total_runtime)
379
+ Result = Struct.new(:action, :data, :total_runtime, :timeout)
336
380
 
337
381
  class Context
338
382
  attr_reader :context_obj
@@ -365,7 +409,6 @@ module Datadog
365
409
  ddwaf_err_internal: :err_internal,
366
410
  ddwaf_err_invalid_object: :err_invalid_object,
367
411
  ddwaf_err_invalid_argument: :err_invalid_argument,
368
- ddwaf_err_timeout: :err_timeout,
369
412
  ddwaf_good: :good,
370
413
  ddwaf_monitor: :monitor,
371
414
  ddwaf_block: :block,
@@ -388,10 +431,10 @@ module Datadog
388
431
  code = Datadog::AppSec::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
389
432
 
390
433
  result = Result.new(
391
- ACTION_MAP_OUT[result_obj[:action]],
434
+ ACTION_MAP_OUT[code],
392
435
  (JSON.parse(result_obj[:data]) if result_obj[:data] != nil),
393
- (JSON.parse(result_obj[:perfData]) if result_obj[:perfData] != nil),
394
- result_obj[:perfTotalRuntime],
436
+ result_obj[:total_runtime],
437
+ result_obj[:timeout],
395
438
  )
396
439
 
397
440
  [ACTION_MAP_OUT[code], result]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libddwaf
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.14.2.1.beta1
4
+ version: 1.2.1.0.0.beta1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Datadog, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-03 00:00:00.000000000 Z
11
+ date: 2022-03-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi