RubyGems - libddwaf - Versions diffs - 1.15.0.0.0 → 1.18.0.0.0 - Mend

libddwaf 1.15.0.0.0 → 1.18.0.0.0

Files changed (16) hide show

checksums.yaml +4 -4
data/lib/datadog/appsec/waf/context.rb +122 -0
data/lib/datadog/appsec/waf/converter.rb +172 -0
data/lib/datadog/appsec/waf/handle.rb +108 -0
data/lib/datadog/appsec/waf/lib_ddwaf.rb +307 -0
data/lib/datadog/appsec/waf/result.rb +33 -0
data/lib/datadog/appsec/waf/version.rb +1 -1
data/lib/datadog/appsec/waf.rb +17 -679
data/sig/datadog/appsec/waf/context.rbs +39 -0
data/sig/datadog/appsec/waf/converter.rbs +11 -0
data/sig/datadog/appsec/waf/handle.rbs +42 -0
data/sig/datadog/appsec/waf/lib_ddwaf.rbs +156 -0
data/sig/datadog/appsec/waf/result.rbs +33 -0
data/sig/datadog/appsec/waf.rbs +1 -213
metadata +13 -4
data/libddwaf-releases.sha256 +0 -126

data/lib/datadog/appsec/waf.rb CHANGED Viewed

@@ -1,458 +1,26 @@
-require 'ffi'
-require 'json'
+# frozen_string_literal: true
+require 'datadog/appsec/waf/lib_ddwaf'
+require 'datadog/appsec/waf/converter'
+require 'datadog/appsec/waf/result'
+require 'datadog/appsec/waf/context'
+require 'datadog/appsec/waf/handle'
 require 'datadog/appsec/waf/version'
 module Datadog
   module AppSec
-    # rubocop:disable Metrics/ModuleLength
     module WAF
-      module LibDDWAF
-        class Error < StandardError
-          attr_reader :diagnostics
-          def initialize(msg, diagnostics: nil)
-            @diagnostics = diagnostics
-          end
-        end
-        extend ::FFI::Library
-        def self.local_os
-          if RUBY_ENGINE == 'jruby'
-            os_name = java.lang.System.get_property('os.name')
-            os = case os_name
-                 when /linux/i then 'linux'
-                 when /mac/i   then 'darwin'
-                 else raise Error, "unsupported JRuby os.name: #{os_name.inspect}"
-                 end
-            return os
-          end
-          Gem::Platform.local.os
-        end
-        def self.local_version
-          return nil unless local_os == 'linux'
-          # Old rubygems don't handle non-gnu linux correctly
-          return $1 if RUBY_PLATFORM =~ /linux-(.+)$/
-          'gnu'
-        end
-        def self.local_cpu
-          if RUBY_ENGINE == 'jruby'
-            os_arch = java.lang.System.get_property('os.arch')
-            cpu = case os_arch
-                  when 'amd64' then 'x86_64'
-                  when 'aarch64' then 'aarch64'
-                  else raise Error, "unsupported JRuby os.arch: #{os_arch.inspect}"
-                  end
-            return cpu
-          end
-          Gem::Platform.local.cpu
-        end
-        def self.source_dir
-          __dir__ || raise('__dir__ is nil: eval?')
-        end
-        def self.vendor_dir
-          File.join(source_dir, '../../../vendor')
-        end
-        def self.libddwaf_vendor_dir
-          File.join(vendor_dir, 'libddwaf')
-        end
-        def self.shared_lib_triplet(version: local_version)
-          version ? "#{local_os}-#{version}-#{local_cpu}" : "#{local_os}-#{local_cpu}"
-        end
-        def self.libddwaf_dir
-          default = File.join(libddwaf_vendor_dir,
-                              "libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{shared_lib_triplet}")
-          candidates = [
-            default
-          ]
-          if local_os == 'linux'
-            candidates << File.join(libddwaf_vendor_dir,
-                                    "libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{shared_lib_triplet(version: nil)}")
-          end
-          candidates.find { |d| Dir.exist?(d) } || default
-        end
-        def self.shared_lib_extname
-          Gem::Platform.local.os == 'darwin' ? '.dylib' : '.so'
-        end
-        def self.shared_lib_path
-          File.join(libddwaf_dir, 'lib', "libddwaf#{shared_lib_extname}")
-        end
-        ffi_lib [shared_lib_path]
-        # version
-        attach_function :ddwaf_get_version, [], :string
-        # ddwaf::object data structure
-        DDWAF_OBJ_TYPE = enum :ddwaf_obj_invalid,  0,
-                              :ddwaf_obj_signed,   1 << 0,
-                              :ddwaf_obj_unsigned, 1 << 1,
-                              :ddwaf_obj_string,   1 << 2,
-                              :ddwaf_obj_array,    1 << 3,
-                              :ddwaf_obj_map,      1 << 4,
-                              :ddwaf_obj_bool,     1 << 5,
-                              :ddwaf_obj_float,    1 << 6,
-                              :ddwaf_obj_null,     1 << 7
-        typedef DDWAF_OBJ_TYPE, :ddwaf_obj_type
-        typedef :pointer, :charptr
-        typedef :pointer, :charptrptr
-        class UInt32Ptr < ::FFI::Struct
-          layout :value, :uint32
-        end
-        typedef UInt32Ptr.by_ref, :uint32ptr
-        class UInt64Ptr < ::FFI::Struct
-          layout :value, :uint64
-        end
+      module_function
-        typedef UInt64Ptr.by_ref, :uint64ptr
-        class SizeTPtr < ::FFI::Struct
-          layout :value, :size_t
-        end
-        typedef SizeTPtr.by_ref, :sizeptr
-        class ObjectValueUnion < ::FFI::Union
-          layout :stringValue, :charptr,
-                 :uintValue,   :uint64,
-                 :intValue,    :int64,
-                 :array,       :pointer,
-                 :boolean,     :bool,
-                 :f64,         :double
-        end
-        class Object < ::FFI::Struct
-          layout :parameterName,       :charptr,
-                 :parameterNameLength, :uint64,
-                 :valueUnion,          ObjectValueUnion,
-                 :nbEntries,           :uint64,
-                 :type,                :ddwaf_obj_type
-        end
-        typedef Object.by_ref, :ddwaf_object
-        ## setters
-        attach_function :ddwaf_object_invalid, [:ddwaf_object], :ddwaf_object
-        attach_function :ddwaf_object_string, [:ddwaf_object, :string], :ddwaf_object
-        attach_function :ddwaf_object_stringl, [:ddwaf_object, :charptr, :size_t], :ddwaf_object
-        attach_function :ddwaf_object_stringl_nc, [:ddwaf_object, :charptr, :size_t], :ddwaf_object
-        attach_function :ddwaf_object_string_from_unsigned, [:ddwaf_object, :uint64], :ddwaf_object
-        attach_function :ddwaf_object_string_from_signed, [:ddwaf_object, :int64], :ddwaf_object
-        attach_function :ddwaf_object_unsigned, [:ddwaf_object, :uint64], :ddwaf_object
-        attach_function :ddwaf_object_signed, [:ddwaf_object, :int64], :ddwaf_object
-        attach_function :ddwaf_object_bool, [:ddwaf_object, :bool], :ddwaf_object
-        attach_function :ddwaf_object_null, [:ddwaf_object], :ddwaf_object
-        attach_function :ddwaf_object_float, [:ddwaf_object, :double], :ddwaf_object
-        attach_function :ddwaf_object_array, [:ddwaf_object], :ddwaf_object
-        attach_function :ddwaf_object_array_add, [:ddwaf_object, :ddwaf_object], :bool
-        attach_function :ddwaf_object_map, [:ddwaf_object], :ddwaf_object
-        attach_function :ddwaf_object_map_add, [:ddwaf_object, :string, :pointer], :bool
-        attach_function :ddwaf_object_map_addl, [:ddwaf_object, :charptr, :size_t, :pointer], :bool
-        attach_function :ddwaf_object_map_addl_nc, [:ddwaf_object, :charptr, :size_t, :pointer], :bool
-        ## getters
-        attach_function :ddwaf_object_type, [:ddwaf_object], DDWAF_OBJ_TYPE
-        attach_function :ddwaf_object_size, [:ddwaf_object], :uint64
-        attach_function :ddwaf_object_length, [:ddwaf_object], :size_t
-        attach_function :ddwaf_object_get_key, [:ddwaf_object, :sizeptr], :charptr
-        attach_function :ddwaf_object_get_string, [:ddwaf_object, :sizeptr], :charptr
-        attach_function :ddwaf_object_get_unsigned, [:ddwaf_object], :uint64
-        attach_function :ddwaf_object_get_signed, [:ddwaf_object], :int64
-        attach_function :ddwaf_object_get_index, [:ddwaf_object, :size_t], :ddwaf_object
-        attach_function :ddwaf_object_get_bool, [:ddwaf_object], :bool
-        attach_function :ddwaf_object_get_float, [:ddwaf_object], :double
-        ## freeers
-        ObjectFree = attach_function :ddwaf_object_free, [:ddwaf_object], :void
-        ObjectNoFree = ::FFI::Pointer::NULL
-        # main handle
-        typedef :pointer, :ddwaf_handle
-        typedef Object.by_ref, :ddwaf_rule
-        callback :ddwaf_object_free_fn, [:ddwaf_object], :void
-        class Config < ::FFI::Struct
-          class Limits < ::FFI::Struct
-            layout :max_container_size,  :uint32,
-                   :max_container_depth, :uint32,
-                   :max_string_length,   :uint32
-          end
-          class Obfuscator < ::FFI::Struct
-            layout :key_regex,   :pointer, # should be :charptr
-                   :value_regex, :pointer  # should be :charptr
-          end
-          layout :limits,     Limits,
-                 :obfuscator, Obfuscator,
-                 :free_fn,    :pointer #:ddwaf_object_free_fn
-        end
-        typedef Config.by_ref, :ddwaf_config
-        attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_object], :ddwaf_handle
-        attach_function :ddwaf_update, [:ddwaf_handle, :ddwaf_object, :ddwaf_object], :ddwaf_handle
-        attach_function :ddwaf_destroy, [:ddwaf_handle], :void
-        attach_function :ddwaf_known_addresses, [:ddwaf_handle, UInt32Ptr], :charptrptr
-        # updating
-        DDWAF_RET_CODE = enum :ddwaf_err_internal,         -3,
-                              :ddwaf_err_invalid_object,   -2,
-                              :ddwaf_err_invalid_argument, -1,
-                              :ddwaf_ok,                    0,
-                              :ddwaf_match,                 1
-        typedef DDWAF_RET_CODE, :ddwaf_ret_code
-        # running
-        typedef :pointer, :ddwaf_context
-        attach_function :ddwaf_context_init, [:ddwaf_handle], :ddwaf_context
-        attach_function :ddwaf_context_destroy, [:ddwaf_context], :void
-        class Result < ::FFI::Struct
-          layout :timeout,       :bool,
-                 :events,        Object,
-                 :actions,       Object,
-                 :derivatives,   Object,
-                 :total_runtime, :uint64
-        end
-        typedef Result.by_ref, :ddwaf_result
-        typedef :uint64, :timeout_us
-        attach_function :ddwaf_run, [:ddwaf_context, :ddwaf_object, :ddwaf_object, :ddwaf_result, :timeout_us], :ddwaf_ret_code, blocking: true
-        attach_function :ddwaf_result_free, [:ddwaf_result], :void
-        # logging
-        DDWAF_LOG_LEVEL = enum :ddwaf_log_trace,
-                               :ddwaf_log_debug,
-                               :ddwaf_log_info,
-                               :ddwaf_log_warn,
-                               :ddwaf_log_error,
-                               :ddwaf_log_off
-        typedef DDWAF_LOG_LEVEL, :ddwaf_log_level
-        callback :ddwaf_log_cb, [:ddwaf_log_level, :string, :string, :uint, :charptr, :uint64], :void
-        attach_function :ddwaf_set_log_cb, [:ddwaf_log_cb, :ddwaf_log_level], :bool
-        DEFAULT_MAX_CONTAINER_SIZE  = 256
-        DEFAULT_MAX_CONTAINER_DEPTH = 20
-        DEFAULT_MAX_STRING_LENGTH   = 16_384 # in bytes, UTF-8 worst case being 4x size in terms of code point)
-        DDWAF_MAX_CONTAINER_SIZE  = 256
-        DDWAF_MAX_CONTAINER_DEPTH = 20
-        DDWAF_MAX_STRING_LENGTH   = 4096
-        DDWAF_RUN_TIMEOUT = 5000
-      end
-      def self.version
+      def version
         LibDDWAF.ddwaf_get_version
       end
-      # rubocop:disable Metrics/MethodLength,Metrics/CyclomaticComplexity,Metrics/PerceivedComplexity
-      def self.ruby_to_object(val, max_container_size: nil, max_container_depth: nil, max_string_length: nil, coerce: true)
-        case val
-        when Array
-          obj = LibDDWAF::Object.new
-          res = LibDDWAF.ddwaf_object_array(obj)
-          if res.null?
-            fail LibDDWAF::Error, "Could not convert into object: #{val}"
-          end
-          max_index = max_container_size - 1 if max_container_size
-          val.each.with_index do |e, i|
-            member = ruby_to_object(e,
-                                    max_container_size: max_container_size,
-                                    max_container_depth: (max_container_depth - 1 if max_container_depth),
-                                    max_string_length: max_string_length,
-                                    coerce: coerce)
-            e_res = LibDDWAF.ddwaf_object_array_add(obj, member)
-            unless e_res
-              fail LibDDWAF::Error, "Could not add to array object: #{e.inspect}"
-            end
-            break val if max_index && i >= max_index
-          end unless max_container_depth == 0
-          obj
-        when Hash
-          obj = LibDDWAF::Object.new
-          res = LibDDWAF.ddwaf_object_map(obj)
-          if res.null?
-            fail LibDDWAF::Error, "Could not convert into object: #{val}"
-          end
+      def log_callback(level, func, file, line, message, len)
+        return if WAF.logger.nil?
-          max_index = max_container_size - 1 if max_container_size
-          val.each.with_index do |e, i|
-            k, v = e[0], e[1] # for Steep, which doesn't handle |(k, v), i|
-            k = k.to_s[0, max_string_length] if max_string_length
-            member = ruby_to_object(v,
-                                    max_container_size: max_container_size,
-                                    max_container_depth: (max_container_depth - 1 if max_container_depth),
-                                    max_string_length: max_string_length,
-                                    coerce: coerce)
-            kv_res = LibDDWAF.ddwaf_object_map_addl(obj, k.to_s, k.to_s.bytesize, member)
-            unless kv_res
-              fail LibDDWAF::Error, "Could not add to map object: #{k.inspect} => #{v.inspect}"
-            end
-            break val if max_index && i >= max_index
-          end unless max_container_depth == 0
-          obj
-        when String
-          obj = LibDDWAF::Object.new
-          encoded_val = val.to_s.encode('utf-8', invalid: :replace, undef: :replace)
-          val = encoded_val[0, max_string_length] if max_string_length
-          str = val.to_s
-          res = LibDDWAF.ddwaf_object_stringl(obj, str, str.bytesize)
-          if res.null?
-            fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
-          end
-          obj
-        when Symbol
-          obj = LibDDWAF::Object.new
-          val = val.to_s[0, max_string_length] if max_string_length
-          str = val.to_s
-          res = LibDDWAF.ddwaf_object_stringl(obj, str, str.bytesize)
-          if res.null?
-            fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
-          end
-          obj
-        when Integer
-          obj = LibDDWAF::Object.new
-          res = if coerce
-                  LibDDWAF.ddwaf_object_string(obj, val.to_s)
-                elsif val < 0
-                  LibDDWAF.ddwaf_object_signed(obj, val)
-                else
-                  LibDDWAF.ddwaf_object_unsigned(obj, val)
-                end
-          if res.null?
-            fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
-          end
-          obj
-        when Float
-          obj = LibDDWAF::Object.new
-          res = if coerce
-                  LibDDWAF.ddwaf_object_string(obj, val.to_s)
-                else
-                  LibDDWAF.ddwaf_object_float(obj, val)
-                end
-          if res.null?
-            fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
-          end
-          obj
-        when TrueClass, FalseClass
-          obj = LibDDWAF::Object.new
-          res = if coerce
-                  LibDDWAF.ddwaf_object_string(obj, val.to_s)
-                else
-                  LibDDWAF.ddwaf_object_bool(obj, val)
-                end
-          if res.null?
-            fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
-          end
-          obj
-        when NilClass
-          obj = LibDDWAF::Object.new
-          res = if coerce
-                  LibDDWAF.ddwaf_object_string(obj, '')
-                else
-                  LibDDWAF.ddwaf_object_null(obj)
-                end
-          if res.null?
-            fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
-          end
-          obj
-        else
-          ruby_to_object(''.freeze)
-        end
-      end
-      # rubocop:enable Metrics/MethodLength,Metrics/CyclomaticComplexity,Metrics/PerceivedComplexity
-      def self.object_to_ruby(obj)
-        case obj[:type]
-        when :ddwaf_obj_invalid, :ddwaf_obj_null
-          nil
-        when :ddwaf_obj_bool
-          obj[:valueUnion][:boolean]
-        when :ddwaf_obj_string
-          obj[:valueUnion][:stringValue].read_bytes(obj[:nbEntries])
-        when :ddwaf_obj_signed
-          obj[:valueUnion][:intValue]
-        when :ddwaf_obj_unsigned
-          obj[:valueUnion][:uintValue]
-        when :ddwaf_obj_float
-          obj[:valueUnion][:f64]
-        when :ddwaf_obj_array
-          (0...obj[:nbEntries]).each.with_object([]) do |i, a|
-            ptr = obj[:valueUnion][:array] + i * LibDDWAF::Object.size
-            e = object_to_ruby(LibDDWAF::Object.new(ptr))
-            a << e # steep:ignore
-          end
-        when :ddwaf_obj_map
-          (0...obj[:nbEntries]).each.with_object({}) do |i, h|
-            ptr = obj[:valueUnion][:array] + i * Datadog::AppSec::WAF::LibDDWAF::Object.size
-            o = Datadog::AppSec::WAF::LibDDWAF::Object.new(ptr)
-            l = o[:parameterNameLength]
-            k = o[:parameterName].read_bytes(l)
-            v = object_to_ruby(LibDDWAF::Object.new(ptr))
-            h[k] = v # steep:ignore
-          end
-        end
-      end
-      def self.log_callback(level, func, file, line, message, len)
-        return if logger.nil?
-        logger.debug do
+        WAF.logger.debug do
           {
             level: level,
             func: func,
@@ -463,14 +31,14 @@ module Datadog
         end
       end
-      def self.logger
+      def logger
         @logger
       end
-      def self.logger=(logger)
+      def logger=(logger)
         unless @log_callback
-          log_callback = method(:log_callback)
-          Datadog::AppSec::WAF::LibDDWAF.ddwaf_set_log_cb(log_callback, :ddwaf_log_trace)
+          log_callback = WAF.method(:log_callback)
+          LibDDWAF.ddwaf_set_log_cb(log_callback, :ddwaf_log_trace)
           # retain logging proc if set properly
           @log_callback = log_callback
@@ -478,236 +46,6 @@ module Datadog
         @logger = logger
       end
-      RESULT_CODE = {
-        ddwaf_err_internal:         :err_internal,
-        ddwaf_err_invalid_object:   :err_invalid_object,
-        ddwaf_err_invalid_argument: :err_invalid_argument,
-        ddwaf_ok:                   :ok,
-        ddwaf_match:                :match,
-      }
-      class Handle
-        attr_reader :handle_obj, :diagnostics, :config
-        def initialize(rule, limits: {}, obfuscator: {})
-          rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
-          if rule_obj.null? || rule_obj[:type] == :ddwaf_object_invalid
-            fail LibDDWAF::Error, "Could not convert object #{rule.inspect}"
-          end
-          config_obj = Datadog::AppSec::WAF::LibDDWAF::Config.new
-          if config_obj.null?
-            fail LibDDWAF::Error, 'Could not create config struct'
-          end
-          config_obj[:limits][:max_container_size]  = limits[:max_container_size]  || LibDDWAF::DEFAULT_MAX_CONTAINER_SIZE
-          config_obj[:limits][:max_container_depth] = limits[:max_container_depth] || LibDDWAF::DEFAULT_MAX_CONTAINER_DEPTH
-          config_obj[:limits][:max_string_length]   = limits[:max_string_length]   || LibDDWAF::DEFAULT_MAX_STRING_LENGTH
-          config_obj[:obfuscator][:key_regex]       = FFI::MemoryPointer.from_string(obfuscator[:key_regex])   if obfuscator[:key_regex]
-          config_obj[:obfuscator][:value_regex]     = FFI::MemoryPointer.from_string(obfuscator[:value_regex]) if obfuscator[:value_regex]
-          config_obj[:free_fn] = Datadog::AppSec::WAF::LibDDWAF::ObjectNoFree
-          @config = config_obj
-          diagnostics_obj = Datadog::AppSec::WAF::LibDDWAF::Object.new
-          @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj, diagnostics_obj)
-          @diagnostics = Datadog::AppSec::WAF.object_to_ruby(diagnostics_obj)
-          if @handle_obj.null?
-            fail LibDDWAF::Error.new('Could not create handle', diagnostics: @diagnostics)
-          end
-          validate!
-        ensure
-          Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(diagnostics_obj) if diagnostics_obj
-          Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
-        end
-        def finalize
-          invalidate!
-          Datadog::AppSec::WAF::LibDDWAF.ddwaf_destroy(handle_obj)
-        end
-        def required_addresses
-          valid!
-          count = Datadog::AppSec::WAF::LibDDWAF::UInt32Ptr.new
-          list = Datadog::AppSec::WAF::LibDDWAF.ddwaf_known_addresses(handle_obj, count)
-          return [] if count == 0 # list is null
-          list.get_array_of_string(0, count[:value])
-        end
-        def merge(data)
-          data_obj = Datadog::AppSec::WAF.ruby_to_object(data, coerce: false)
-          diagnostics_obj = LibDDWAF::Object.new
-          new_handle = Datadog::AppSec::WAF::LibDDWAF.ddwaf_update(handle_obj, data_obj, diagnostics_obj)
-          return if new_handle.null?
-          diagnostics = Datadog::AppSec::WAF.object_to_ruby(diagnostics_obj)
-          new_from_handle(new_handle, diagnostics, config)
-        ensure
-          Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(data_obj) if data_obj
-          Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(diagnostics_obj) if diagnostics_obj
-        end
-        private
-        def new_from_handle(handle_object, diagnostics, config)
-          obj = self.class.allocate
-          obj.instance_variable_set(:@handle_obj, handle_object)
-          obj.instance_variable_set(:@diagnostics, diagnostics)
-          obj.instance_variable_set(:@config, config)
-          obj
-        end
-        def validate!
-          @valid = true
-        end
-        def invalidate!
-          @valid = false
-        end
-        def valid?
-          @valid
-        end
-        def valid!
-          return if valid?
-          fail LibDDWAF::Error, "Attempt to use an invalid instance: #{inspect}"
-        end
-      end
-      class Result
-        attr_reader :status, :events, :total_runtime, :timeout, :actions, :derivatives
-        def initialize(status, events, total_runtime, timeout, actions, derivatives)
-          @status = status
-          @events = events
-          @total_runtime = total_runtime
-          @timeout = timeout
-          @actions = actions
-          @derivatives = derivatives
-        end
-      end
-      class Context
-        attr_reader :context_obj
-        def initialize(handle)
-          handle_obj = handle.handle_obj
-          retain(handle)
-          @context_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_init(handle_obj)
-          if @context_obj.null?
-            fail LibDDWAF::Error, 'Could not create context'
-          end
-          validate!
-        end
-        def finalize
-          invalidate!
-          retained.each do |retained_obj|
-            next unless retained_obj.is_a?(Datadog::AppSec::WAF::LibDDWAF::Object)
-            Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(retained_obj)
-          end
-          Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_destroy(context_obj)
-        end
-        def run(persistent_data, ephemeral_data, timeout = LibDDWAF::DDWAF_RUN_TIMEOUT)
-          valid!
-          persistent_data_obj = Datadog::AppSec::WAF.ruby_to_object(
-            persistent_data,
-            max_container_size: LibDDWAF::DDWAF_MAX_CONTAINER_SIZE,
-            max_container_depth: LibDDWAF::DDWAF_MAX_CONTAINER_DEPTH,
-            max_string_length: LibDDWAF::DDWAF_MAX_STRING_LENGTH,
-            coerce: false
-          )
-          if persistent_data_obj.null?
-            fail LibDDWAF::Error, "Could not convert persistent data: #{persistent_data.inspect}"
-          end
-          # retain C objects in memory for subsequent calls to run
-          retain(persistent_data_obj)
-          ephemeral_data_obj = Datadog::AppSec::WAF.ruby_to_object(
-            ephemeral_data,
-            max_container_size: LibDDWAF::DDWAF_MAX_CONTAINER_SIZE,
-            max_container_depth: LibDDWAF::DDWAF_MAX_CONTAINER_DEPTH,
-            max_string_length: LibDDWAF::DDWAF_MAX_STRING_LENGTH,
-            coerce: false
-          )
-          if ephemeral_data_obj.null?
-            fail LibDDWAF::Error, "Could not convert ephemeral data: #{ephemeral_data.inspect}"
-          end
-          result_obj = Datadog::AppSec::WAF::LibDDWAF::Result.new
-          if result_obj.null?
-            fail LibDDWAF::Error, "Could not create result object"
-          end
-          code = Datadog::AppSec::WAF::LibDDWAF.ddwaf_run(@context_obj, persistent_data_obj, ephemeral_data_obj, result_obj, timeout)
-          result = Result.new(
-            RESULT_CODE[code],
-            Datadog::AppSec::WAF.object_to_ruby(result_obj[:events]),
-            result_obj[:total_runtime],
-            result_obj[:timeout],
-            Datadog::AppSec::WAF.object_to_ruby(result_obj[:actions]),
-            Datadog::AppSec::WAF.object_to_ruby(result_obj[:derivatives]),
-          )
-          [RESULT_CODE[code], result]
-        ensure
-          Datadog::AppSec::WAF::LibDDWAF.ddwaf_result_free(result_obj) if result_obj
-        end
-        private
-        def validate!
-          @valid = true
-        end
-        def invalidate!
-          @valid = false
-        end
-        def valid?
-          @valid
-        end
-        def valid!
-          return if valid?
-          fail LibDDWAF::Error, "Attempt to use an invalid instance: #{inspect}"
-        end
-        def retained
-          @retained ||= []
-        end
-        def retain(object)
-          retained << object
-        end
-        def release(object)
-          retained.delete(object)
-        end
-      end
     end
-    # rubocop:enable Metrics/ModuleLength
   end
 end