libddwaf 1.18.0.0.0 → 1.18.0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/actions/docker-build-ruby/action.yml +2 -13
- data/.github/workflows/package.yml +8 -12
- data/.github/workflows/test.yml +18 -13
- data/CHANGELOG.md +6 -0
- data/lib/datadog/appsec/waf/context.rb +4 -0
- data/lib/datadog/appsec/waf/lib_ddwaf.rb +8 -2
- data/lib/datadog/appsec/waf/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4fad2f4be2e60e15913e130d28130af2f3d3d6d40aea05dba4a1d3d967cc4c12
|
|
4
|
+
data.tar.gz: aac3e2f4ae75f5a9387341997ab07861f1b8ee8d0ae63cc6ad97bd99b421b132
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 83b667e79adbefbf6d52c3dd425ff2bd973d1a9e9a32c3ca817e08963c86ab9bbf3002e54d7a57fbbfc6e86a0e6254350d6b02e700e4af84852ce8a9d1936ab6
|
|
7
|
+
data.tar.gz: e242033561aa9e4dfd3d66c44170ea5595f27499ee6fe30bfbff66bd7af61edb5c2986494bbb4b986a7bf4b005da243b9df66ce7d82c78bc8b215cc03f86913c
|
|
@@ -1,17 +1,12 @@
|
|
|
1
1
|
name: Build docker image
|
|
2
2
|
description:
|
|
3
|
-
|
|
4
|
-
This action builds the image for the specified architecture and libc.
|
|
3
|
+
This action builds the image for the specified ruby version and libc.
|
|
5
4
|
|
|
6
5
|
inputs:
|
|
7
6
|
ruby-version:
|
|
8
7
|
description: Ruby version
|
|
9
8
|
required: true
|
|
10
9
|
|
|
11
|
-
arch:
|
|
12
|
-
description: Build architecture
|
|
13
|
-
required: true
|
|
14
|
-
|
|
15
10
|
libc:
|
|
16
11
|
description: Which libc is used
|
|
17
12
|
required: true
|
|
@@ -29,11 +24,6 @@ outputs:
|
|
|
29
24
|
runs:
|
|
30
25
|
using: "composite"
|
|
31
26
|
steps:
|
|
32
|
-
- name: Set up QEMU
|
|
33
|
-
uses: docker/setup-qemu-action@v3
|
|
34
|
-
with:
|
|
35
|
-
platforms: ${{ inputs.arch }}
|
|
36
|
-
|
|
37
27
|
- name: Set up Docker Buildx
|
|
38
28
|
uses: docker/setup-buildx-action@v3
|
|
39
29
|
|
|
@@ -48,10 +38,9 @@ runs:
|
|
|
48
38
|
tags: libddwaf-rb-test:latest
|
|
49
39
|
cache-from: type=gha
|
|
50
40
|
cache-to: type=gha,mode=max
|
|
51
|
-
platforms: linux/${{ inputs.arch }}
|
|
52
41
|
|
|
53
42
|
- name: Set run-cmd output
|
|
54
43
|
id: set-run-cmd
|
|
55
44
|
shell: bash
|
|
56
45
|
run: |
|
|
57
|
-
echo "run-cmd=docker run
|
|
46
|
+
echo "run-cmd=docker run -v gems:/usr/local/bundle -v ${{ github.workspace }}:/libddwaf-rb -w /libddwaf-rb libddwaf-rb-test:latest" >> "$GITHUB_OUTPUT"
|
|
@@ -7,17 +7,16 @@ jobs:
|
|
|
7
7
|
strategy:
|
|
8
8
|
fail-fast: false
|
|
9
9
|
matrix:
|
|
10
|
-
os: [ubuntu-24.04]
|
|
10
|
+
os: [ubuntu-24.04, ubuntu-24.04-arm]
|
|
11
11
|
ruby: ["3.3"]
|
|
12
|
-
arch: [amd64, arm64]
|
|
13
12
|
libc: [gnu]
|
|
14
13
|
include:
|
|
15
|
-
-
|
|
14
|
+
- os: ubuntu-24.04
|
|
16
15
|
platform: x86_64-linux
|
|
17
|
-
-
|
|
16
|
+
- os: ubuntu-24.04-arm
|
|
18
17
|
platform: aarch64-linux
|
|
19
18
|
|
|
20
|
-
name: Test build without fetching libddwaf (Ruby ${{ matrix.ruby }}, ${{ matrix.
|
|
19
|
+
name: Test build without fetching libddwaf (Ruby ${{ matrix.ruby }}, ${{ matrix.os }}, ${{ matrix.libc }})
|
|
21
20
|
runs-on: ${{ matrix.os }}
|
|
22
21
|
|
|
23
22
|
steps:
|
|
@@ -29,7 +28,6 @@ jobs:
|
|
|
29
28
|
uses: ./.github/actions/docker-build-ruby
|
|
30
29
|
with:
|
|
31
30
|
ruby-version: ${{ matrix.ruby }}
|
|
32
|
-
arch: ${{ matrix.arch }}
|
|
33
31
|
libc: ${{ matrix.libc }}
|
|
34
32
|
|
|
35
33
|
- name: Bundle install
|
|
@@ -52,14 +50,13 @@ jobs:
|
|
|
52
50
|
strategy:
|
|
53
51
|
fail-fast: false
|
|
54
52
|
matrix:
|
|
55
|
-
os: [ubuntu-24.04]
|
|
53
|
+
os: [ubuntu-24.04, ubuntu-24.04-arm]
|
|
56
54
|
ruby: ["3.3", "9.4"]
|
|
57
|
-
arch: [amd64, arm64]
|
|
58
55
|
libc: [gnu, musl]
|
|
59
56
|
include:
|
|
60
|
-
-
|
|
57
|
+
- os: ubuntu-24.04
|
|
61
58
|
platform: x86_64-linux:llvm
|
|
62
|
-
-
|
|
59
|
+
- os: ubuntu-24.04-arm
|
|
63
60
|
platform: aarch64-linux:llvm
|
|
64
61
|
- ruby: 3.3
|
|
65
62
|
jruby: false
|
|
@@ -69,7 +66,7 @@ jobs:
|
|
|
69
66
|
- ruby: 9.4
|
|
70
67
|
libc: musl
|
|
71
68
|
|
|
72
|
-
name: Test gem build (${{ matrix.jruby == true && 'Jruby' || 'Ruby'}} ${{ matrix.ruby }}, ${{ matrix.
|
|
69
|
+
name: Test gem build (${{ matrix.jruby == true && 'Jruby' || 'Ruby'}} ${{ matrix.ruby }}, ${{ matrix.os }}, ${{ matrix.libc }})
|
|
73
70
|
runs-on: ${{ matrix.os }}
|
|
74
71
|
|
|
75
72
|
steps:
|
|
@@ -81,7 +78,6 @@ jobs:
|
|
|
81
78
|
uses: ./.github/actions/docker-build-ruby
|
|
82
79
|
with:
|
|
83
80
|
ruby-version: ${{ matrix.ruby }}
|
|
84
|
-
arch: ${{ matrix.arch }}
|
|
85
81
|
libc: ${{ matrix.libc }}
|
|
86
82
|
jruby: ${{ matrix.jruby }}
|
|
87
83
|
|
data/.github/workflows/test.yml
CHANGED
|
@@ -7,17 +7,16 @@ jobs:
|
|
|
7
7
|
strategy:
|
|
8
8
|
fail-fast: false
|
|
9
9
|
matrix:
|
|
10
|
-
os: [ubuntu-24.04]
|
|
11
|
-
ruby: ["2.5", "2.6", "2.7", "3.0", "3.1", "3.2", "3.3"]
|
|
12
|
-
arch: [amd64, arm64]
|
|
10
|
+
os: [ubuntu-24.04, ubuntu-24.04-arm]
|
|
11
|
+
ruby: ["2.5", "2.6", "2.7", "3.0", "3.1", "3.2", "3.3", "3.4"]
|
|
13
12
|
libc: [gnu, musl]
|
|
14
13
|
include:
|
|
15
|
-
-
|
|
14
|
+
- os: ubuntu-24.04
|
|
16
15
|
platform: x86_64-linux
|
|
17
|
-
-
|
|
16
|
+
- os: ubuntu-24.04-arm
|
|
18
17
|
platform: aarch64-linux
|
|
19
18
|
|
|
20
|
-
name: Test (Ruby ${{ matrix.ruby }}, ${{ matrix.
|
|
19
|
+
name: Test (Ruby ${{ matrix.ruby }}, ${{ matrix.os }}, ${{ matrix.libc }})
|
|
21
20
|
runs-on: ${{ matrix.os }}
|
|
22
21
|
|
|
23
22
|
steps:
|
|
@@ -29,7 +28,6 @@ jobs:
|
|
|
29
28
|
uses: ./.github/actions/docker-build-ruby
|
|
30
29
|
with:
|
|
31
30
|
ruby-version: ${{ matrix.ruby }}
|
|
32
|
-
arch: ${{ matrix.arch }}
|
|
33
31
|
libc: ${{ matrix.libc }}
|
|
34
32
|
|
|
35
33
|
- name: Bundle install
|
|
@@ -44,20 +42,22 @@ jobs:
|
|
|
44
42
|
- name: Run specs
|
|
45
43
|
run: ${{ steps.build-image.outputs.run-cmd }} bundle exec rake spec
|
|
46
44
|
|
|
45
|
+
- name: Run stress tests
|
|
46
|
+
run: ${{ steps.build-image.outputs.run-cmd }} bundle exec rake spec:stress_tests
|
|
47
|
+
|
|
47
48
|
test-jruby-linux:
|
|
48
49
|
strategy:
|
|
49
50
|
fail-fast: false
|
|
50
51
|
matrix:
|
|
51
|
-
os: [ubuntu-24.04]
|
|
52
|
+
os: [ubuntu-24.04, ubuntu-24.04-arm]
|
|
52
53
|
jruby: ["9.3", "9.4"]
|
|
53
|
-
arch: [amd64, arm64]
|
|
54
54
|
include:
|
|
55
|
-
-
|
|
55
|
+
- os: ubuntu-24.04
|
|
56
56
|
platform: x86_64-linux
|
|
57
|
-
-
|
|
57
|
+
- os: ubuntu-24.04-arm
|
|
58
58
|
platform: aarch64-linux
|
|
59
59
|
|
|
60
|
-
name: Test (Jruby ${{ matrix.jruby }}, ${{ matrix.
|
|
60
|
+
name: Test (Jruby ${{ matrix.jruby }}, ${{ matrix.os }})
|
|
61
61
|
runs-on: ${{ matrix.os }}
|
|
62
62
|
|
|
63
63
|
steps:
|
|
@@ -70,7 +70,6 @@ jobs:
|
|
|
70
70
|
with:
|
|
71
71
|
ruby-version: ${{ matrix.jruby }}
|
|
72
72
|
jruby: true
|
|
73
|
-
arch: ${{ matrix.arch }}
|
|
74
73
|
libc: gnu
|
|
75
74
|
|
|
76
75
|
- name: Bundle install
|
|
@@ -85,6 +84,9 @@ jobs:
|
|
|
85
84
|
- name: Run specs
|
|
86
85
|
run: ${{ steps.build-image.outputs.run-cmd }} bundle exec rake spec
|
|
87
86
|
|
|
87
|
+
- name: Run stress tests
|
|
88
|
+
run: ${{ steps.build-image.outputs.run-cmd }} bundle exec rake spec:stress_tests
|
|
89
|
+
|
|
88
90
|
test-darwin:
|
|
89
91
|
strategy:
|
|
90
92
|
fail-fast: false
|
|
@@ -116,3 +118,6 @@ jobs:
|
|
|
116
118
|
|
|
117
119
|
- name: Run specs
|
|
118
120
|
run: bundle exec rake spec
|
|
121
|
+
|
|
122
|
+
- name: Run stress tests
|
|
123
|
+
run: bundle exec rake spec:stress_tests
|
data/CHANGELOG.md
CHANGED
|
@@ -1,8 +1,14 @@
|
|
|
1
|
+
# 2025-02-20 v.1.18.0.0.1
|
|
2
|
+
|
|
3
|
+
- Fixed memory-leak in `Datadog::AppSec::WAF::Context#run` when non-empty ephemeral data passed
|
|
4
|
+
|
|
1
5
|
# 2024-10-29 v.1.15.0.0.0
|
|
6
|
+
|
|
2
7
|
- Update to libddwaf 1.15.0
|
|
3
8
|
- Changed `Datadog::AppSec::WAF::Context#run` interface to accommodate ephemeral data ([Breaking change](https://github.com/DataDog/libddwaf/blob/master/CHANGELOG.md#v1150-unstable))
|
|
4
9
|
|
|
5
10
|
# 2023-09-11 v.1.14.0.0.0
|
|
11
|
+
|
|
6
12
|
- Update to libddwaf 1.14.0
|
|
7
13
|
- Add support for `Float` and `Nil` scalar values when converting from ruby to WAF Object and vice versa.
|
|
8
14
|
|
|
@@ -35,6 +35,7 @@ module Datadog
|
|
|
35
35
|
LibDDWAF.ddwaf_object_free(retained_obj)
|
|
36
36
|
end
|
|
37
37
|
|
|
38
|
+
retained.clear
|
|
38
39
|
LibDDWAF.ddwaf_context_destroy(context_obj)
|
|
39
40
|
end
|
|
40
41
|
|
|
@@ -83,10 +84,13 @@ module Datadog
|
|
|
83
84
|
[RESULT_CODE[code], result]
|
|
84
85
|
ensure
|
|
85
86
|
LibDDWAF.ddwaf_result_free(result_obj) if result_obj
|
|
87
|
+
LibDDWAF.ddwaf_object_free(ephemeral_data_obj) if ephemeral_data_obj
|
|
86
88
|
end
|
|
87
89
|
|
|
88
90
|
private
|
|
89
91
|
|
|
92
|
+
# FIXME: Rename into something which reflect that it's impossible to run
|
|
93
|
+
# libddwaf on finalized context (closed)
|
|
90
94
|
def validate!
|
|
91
95
|
@valid = true
|
|
92
96
|
end
|
|
@@ -53,7 +53,7 @@ module Datadog
|
|
|
53
53
|
|
|
54
54
|
cpu = case os_arch
|
|
55
55
|
when 'amd64' then 'x86_64'
|
|
56
|
-
when 'aarch64' then 'aarch64'
|
|
56
|
+
when 'aarch64' then local_os == 'darwin' ? 'arm64' : 'aarch64'
|
|
57
57
|
else raise Error, "unsupported JRuby os.arch: #{os_arch.inspect}"
|
|
58
58
|
end
|
|
59
59
|
|
|
@@ -95,7 +95,13 @@ module Datadog
|
|
|
95
95
|
end
|
|
96
96
|
|
|
97
97
|
def self.shared_lib_extname
|
|
98
|
-
Gem::Platform.local.os == 'darwin'
|
|
98
|
+
if Gem::Platform.local.os == 'darwin'
|
|
99
|
+
'.dylib'
|
|
100
|
+
elsif Gem::Platform.local.os == 'java' && java.lang.System.get_property('os.name').match(/mac/i)
|
|
101
|
+
'.dylib'
|
|
102
|
+
else
|
|
103
|
+
'.so'
|
|
104
|
+
end
|
|
99
105
|
end
|
|
100
106
|
|
|
101
107
|
def self.shared_lib_path
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: libddwaf
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.18.0.0.
|
|
4
|
+
version: 1.18.0.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Datadog, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-02-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ffi
|
|
@@ -93,7 +93,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
93
93
|
- !ruby/object:Gem::Version
|
|
94
94
|
version: 2.0.0
|
|
95
95
|
requirements: []
|
|
96
|
-
rubygems_version: 3.5.
|
|
96
|
+
rubygems_version: 3.5.21
|
|
97
97
|
signing_key:
|
|
98
98
|
specification_version: 4
|
|
99
99
|
summary: Datadog WAF
|