RubyGems - libddwaf - Versions diffs - 1.22.0.0.2-x86_64-linux → 1.24.1.0.3-x86_64-linux - Mend

libddwaf 1.22.0.0.2-x86_64-linux → 1.24.1.0.3-x86_64-linux

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +21 -2
data/README.md +124 -0
data/lib/datadog/appsec/waf/context.rb +24 -38
data/lib/datadog/appsec/waf/converter.rb +62 -69
data/lib/datadog/appsec/waf/errors.rb +19 -0
data/lib/datadog/appsec/waf/handle.rb +29 -77
data/lib/datadog/appsec/waf/handle_builder.rb +91 -0
data/lib/datadog/appsec/waf/lib_ddwaf.rb +90 -123
data/lib/datadog/appsec/waf/version.rb +3 -3
data/lib/datadog/appsec/waf.rb +9 -7
data/lib/libddwaf.rb +1 -1
data/libddwaf.gemspec +43 -0
data/sig/datadog/appsec/waf/context.rbs +29 -0
data/sig/datadog/appsec/waf/converter.rbs +11 -0
data/sig/datadog/appsec/waf/errors.rbs +20 -0
data/sig/datadog/appsec/waf/handle.rbs +21 -0
data/sig/datadog/appsec/waf/handle_builder.rbs +23 -0
data/sig/datadog/appsec/waf/lib_ddwaf.rbs +158 -0
data/sig/datadog/appsec/waf/result.rbs +33 -0
data/sig/datadog/appsec/waf/version.rbs +13 -0
data/sig/datadog/appsec/waf.rbs +16 -0
data/sig/libddwaf.rbs +0 -0
data/vendor/libddwaf/libddwaf-1.24.1-linux-x86_64/lib/libddwaf.so +0 -0
data/vendor/rbs/gem/0/gem.rbs +7 -0
data/vendor/rbs/jruby/0/jruby.rbs +3 -0
metadata +19 -3
data/vendor/libddwaf/libddwaf-1.22.0-linux-x86_64/lib/libddwaf.so +0 -0

data/lib/datadog/appsec/waf/handle_builder.rb ADDED Viewed

@@ -0,0 +1,91 @@
+# frozen_string_literal: true
+module Datadog
+  module AppSec
+    module WAF
+      # This class represents the libddwaf WAF builder, which is used to generate WAF handles.
+      #
+      # It handles merging of potentially overlapping configurations.
+      class HandleBuilder
+        def initialize(limits: {}, obfuscator: {})
+          handle_config_obj = LibDDWAF::HandleBuilderConfig.new
+          if handle_config_obj.null?
+            raise LibDDWAFError, "Could not create config struct"
+          end
+          handle_config_obj[:limits][:max_container_size] = limits[:max_container_size] || LibDDWAF::DEFAULT_MAX_CONTAINER_SIZE
+          handle_config_obj[:limits][:max_container_depth] = limits[:max_container_depth] || LibDDWAF::DEFAULT_MAX_CONTAINER_DEPTH
+          handle_config_obj[:limits][:max_string_length] = limits[:max_string_length] || LibDDWAF::DEFAULT_MAX_STRING_LENGTH
+          handle_config_obj[:obfuscator][:key_regex] = FFI::MemoryPointer.from_string(obfuscator[:key_regex]) if obfuscator[:key_regex]
+          handle_config_obj[:obfuscator][:value_regex] = FFI::MemoryPointer.from_string(obfuscator[:value_regex]) if obfuscator[:value_regex]
+          handle_config_obj[:free_fn] = LibDDWAF::ObjectNoFree
+          @builder_ptr = LibDDWAF.ddwaf_builder_init(handle_config_obj)
+        end
+        # Destroys the WAF builder and sets the pointer to nil.
+        #
+        # The instance becomes unusable after this method is called.
+        def finalize!
+          builder_ptr_to_destroy = @builder_ptr
+          @builder_ptr = nil
+          LibDDWAF.ddwaf_builder_destroy(builder_ptr_to_destroy)
+        end
+        # Builds a WAF handle from the current state of the builder.
+        #
+        # @raise [LibDDWAFError] if no rules were added to the builder before building the handle
+        # @return [Handle] the WAF handle
+        def build_handle
+          ensure_pointer_presence!
+          handle_obj = LibDDWAF.ddwaf_builder_build_instance(@builder_ptr)
+          raise LibDDWAFError, "Could not create handle" if handle_obj.null?
+          Handle.new(handle_obj)
+        end
+        # :section: Configuration management methods
+        # methods for adding, updating, and removing configurations from the WAF handle builder.
+        # Adds or updates a configuration in the WAF handle builder for the given path.
+        #
+        # @return [Hash] diagnostics object
+        # NOTE: default config that was read from file at application startup
+        # has to be removed before adding configurations obtained through Remote Configuration.
+        def add_or_update_config(config, path:)
+          ensure_pointer_presence!
+          config_obj = Converter.ruby_to_object(config)
+          diagnostics_obj = LibDDWAF::Object.new
+          LibDDWAF.ddwaf_builder_add_or_update_config(@builder_ptr, path, path.length, config_obj, diagnostics_obj)
+          Converter.object_to_ruby(diagnostics_obj)
+        ensure
+          LibDDWAF.ddwaf_object_free(config_obj) if config_obj
+          LibDDWAF.ddwaf_object_free(diagnostics_obj) if diagnostics_obj
+        end
+        # Removes a configuration from the WAF handle builder for the given path.
+        #
+        # @return [Boolean] true if the configuration was removed, false otherwise
+        def remove_config_at_path(path)
+          ensure_pointer_presence!
+          LibDDWAF.ddwaf_builder_remove_config(@builder_ptr, path, path.length)
+        end
+        private
+        def ensure_pointer_presence!
+          return if @builder_ptr
+          raise InstanceFinalizedError, "Cannot use WAF handle builder after it has been finalized"
+        end
+      end
+    end
+  end
+end

data/lib/datadog/appsec/waf/lib_ddwaf.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
-require 'ffi'
-require 'datadog/appsec/waf/version'
+require "ffi"
+require "datadog/appsec/waf/version"
 module Datadog
   module AppSec
@@ -9,28 +9,27 @@ module Datadog
       # FFI-binding for C-libddwaf
       # See https://github.com/DataDog/libddwaf
       module LibDDWAF
-        # An exception binding raises in most of the cases
-        class Error < StandardError
-          attr_reader :diagnostics
+        DEFAULT_MAX_CONTAINER_SIZE = 256
+        DEFAULT_MAX_CONTAINER_DEPTH = 20
+        DEFAULT_MAX_STRING_LENGTH = 16_384 # in bytes, UTF-8 worst case being 4x size in terms of code point
-          def initialize(msg, diagnostics: nil)
-            @diagnostics = diagnostics
+        DDWAF_MAX_CONTAINER_SIZE = 256
+        DDWAF_MAX_CONTAINER_DEPTH = 20
+        DDWAF_MAX_STRING_LENGTH = 4096
-            super(msg)
-          end
-        end
+        DDWAF_RUN_TIMEOUT = 5000
         extend ::FFI::Library
         def self.local_os
-          if RUBY_ENGINE == 'jruby'
-            os_name = java.lang.System.get_property('os.name')
+          if RUBY_ENGINE == "jruby"
+            os_name = java.lang.System.get_property("os.name")
             os = case os_name
-                 when /linux/i then 'linux'
-                 when /mac/i   then 'darwin'
-                 else raise Error, "unsupported JRuby os.name: #{os_name.inspect}"
-                 end
+            when /linux/i then "linux"
+            when /mac/i then "darwin"
+            else raise Error, "unsupported JRuby os.name: #{os_name.inspect}"
+            end
             return os
           end
@@ -38,24 +37,15 @@ module Datadog
           Gem::Platform.local.os
         end
-        def self.local_version
-          return nil unless local_os == 'linux'
-          # Old rubygems don't handle non-gnu linux correctly
-          return ::Regexp.last_match(1) if RUBY_PLATFORM =~ /linux-(.+)$/
-          'gnu'
-        end
         def self.local_cpu
-          if RUBY_ENGINE == 'jruby'
-            os_arch = java.lang.System.get_property('os.arch')
+          if RUBY_ENGINE == "jruby"
+            os_arch = java.lang.System.get_property("os.arch")
             cpu = case os_arch
-                  when 'amd64' then 'x86_64'
-                  when 'aarch64' then local_os == 'darwin' ? 'arm64' : 'aarch64'
-                  else raise Error, "unsupported JRuby os.arch: #{os_arch.inspect}"
-                  end
+            when "amd64" then "x86_64"
+            when "aarch64" then (local_os == "darwin") ? "arm64" : "aarch64"
+            else raise Error, "unsupported JRuby os.arch: #{os_arch.inspect}"
+            end
             return cpu
           end
@@ -64,48 +54,24 @@ module Datadog
         end
         def self.source_dir
-          __dir__ || raise('__dir__ is nil: eval?')
-        end
-        def self.vendor_dir
-          File.join(source_dir, '../../../../vendor')
-        end
-        def self.libddwaf_vendor_dir
-          File.join(vendor_dir, 'libddwaf')
-        end
-        def self.shared_lib_triplet(version: local_version)
-          version ? "#{local_os}-#{version}-#{local_cpu}" : "#{local_os}-#{local_cpu}"
-        end
-        def self.libddwaf_dir
-          default = File.join(libddwaf_vendor_dir,
-                              "libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{shared_lib_triplet}")
-          candidates = [
-            default
-          ]
-          if local_os == 'linux'
-            candidates << File.join(libddwaf_vendor_dir,
-                                    "libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{shared_lib_triplet(version: nil)}")
-          end
-          candidates.find { |d| Dir.exist?(d) } || default
+          __dir__ || raise("__dir__ is nil: eval?")
         end
         def self.shared_lib_extname
-          if Gem::Platform.local.os == 'darwin'
-            '.dylib'
-          elsif Gem::Platform.local.os == 'java' && java.lang.System.get_property('os.name').match(/mac/i)
-            '.dylib'
+          if Gem::Platform.local.os == "darwin"
+            ".dylib"
+          elsif Gem::Platform.local.os == "java" && java.lang.System.get_property("os.name").match(/mac/i)
+            ".dylib"
           else
-            '.so'
+            ".so"
           end
         end
         def self.shared_lib_path
-          File.join(libddwaf_dir, 'lib', "libddwaf#{shared_lib_extname}")
+          variant = "#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{local_os}-#{local_cpu}"
+          libddwaf_dir = File.join(source_dir, "../../../../vendor/libddwaf/libddwaf-#{variant}")
+          File.join(libddwaf_dir, "lib", "libddwaf#{shared_lib_extname}")
         end
         ffi_lib [shared_lib_path]
@@ -116,15 +82,15 @@ module Datadog
         # ddwaf::object data structure
-        DDWAF_OBJ_TYPE = enum :ddwaf_obj_invalid,  0,
-                              :ddwaf_obj_signed,   1 << 0,
-                              :ddwaf_obj_unsigned, 1 << 1,
-                              :ddwaf_obj_string,   1 << 2,
-                              :ddwaf_obj_array,    1 << 3,
-                              :ddwaf_obj_map,      1 << 4,
-                              :ddwaf_obj_bool,     1 << 5,
-                              :ddwaf_obj_float,    1 << 6,
-                              :ddwaf_obj_null,     1 << 7
+        DDWAF_OBJ_TYPE = enum :ddwaf_obj_invalid, 0,
+          :ddwaf_obj_signed, 1 << 0,
+          :ddwaf_obj_unsigned, 1 << 1,
+          :ddwaf_obj_string, 1 << 2,
+          :ddwaf_obj_array, 1 << 3,
+          :ddwaf_obj_map, 1 << 4,
+          :ddwaf_obj_bool, 1 << 5,
+          :ddwaf_obj_float, 1 << 6,
+          :ddwaf_obj_null, 1 << 7
         typedef DDWAF_OBJ_TYPE, :ddwaf_obj_type
@@ -155,21 +121,21 @@ module Datadog
         # Ruby representation of C union
         class ObjectValueUnion < ::FFI::Union
           layout :stringValue, :charptr,
-                 :uintValue,   :uint64,
-                 :intValue,    :int64,
-                 :array,       :pointer,
-                 :boolean,     :bool,
-                 :f64,         :double
+            :uintValue, :uint64,
+            :intValue, :int64,
+            :array, :pointer,
+            :boolean, :bool,
+            :f64, :double
         end
         # Ruby representation of ddwaf_object
         # See https://github.com/DataDog/libddwaf/blob/10e3a1dfc7bc9bb8ab11a09a9f8b6b339eaf3271/include/ddwaf.h#L94C1-L115C3
         class Object < ::FFI::Struct
-          layout :parameterName,       :charptr,
-                 :parameterNameLength, :uint64,
-                 :valueUnion,          ObjectValueUnion,
-                 :nbEntries,           :uint64,
-                 :type,                :ddwaf_obj_type
+          layout :parameterName, :charptr,
+            :parameterNameLength, :uint64,
+            :valueUnion, ObjectValueUnion,
+            :nbEntries, :uint64,
+            :type, :ddwaf_obj_type
         end
         typedef Object.by_ref, :ddwaf_object
@@ -214,51 +180,62 @@ module Datadog
         ObjectFree = attach_function :ddwaf_object_free, [:ddwaf_object], :void
         ObjectNoFree = ::FFI::Pointer::NULL
-        # main handle
+        # handle builder
+        typedef :pointer, :ddwaf_builder
         typedef :pointer, :ddwaf_handle
-        typedef Object.by_ref, :ddwaf_rule
+        typedef :pointer, :ddwaf_diagnostics
         callback :ddwaf_object_free_fn, [:ddwaf_object], :void
         # Ruby representation of ddwaf_config
         # https://github.com/DataDog/libddwaf/blob/10e3a1dfc7bc9bb8ab11a09a9f8b6b339eaf3271/include/ddwaf.h#L129-L152
-        class Config < ::FFI::Struct
+        class HandleBuilderConfig < ::FFI::Struct
           # Ruby representation of ddwaf_config_limits
           # https://github.com/DataDog/libddwaf/blob/10e3a1dfc7bc9bb8ab11a09a9f8b6b339eaf3271/include/ddwaf.h#L131-L138
           class Limits < ::FFI::Struct
-            layout :max_container_size,  :uint32,
-                   :max_container_depth, :uint32,
-                   :max_string_length,   :uint32
+            layout :max_container_size, :uint32,
+              :max_container_depth, :uint32,
+              :max_string_length, :uint32
           end
           # Ruby representation of ddwaf_config_obfuscator
           # https://github.com/DataDog/libddwaf/blob/10e3a1dfc7bc9bb8ab11a09a9f8b6b339eaf3271/include/ddwaf.h#L141-L146
           class Obfuscator < ::FFI::Struct
-            layout :key_regex,   :pointer, # should be :charptr
-                   :value_regex, :pointer  # should be :charptr
+            layout :key_regex, :pointer, # should be :charptr
+              :value_regex, :pointer  # should be :charptr
           end
-          layout :limits,     Limits,
-                 :obfuscator, Obfuscator,
-                 :free_fn,    :pointer # :ddwaf_object_free_fn
+          layout :limits, Limits,
+            :obfuscator, Obfuscator,
+            :free_fn, :pointer # :ddwaf_object_free_fn
         end
-        typedef Config.by_ref, :ddwaf_config
+        typedef HandleBuilderConfig.by_ref, :ddwaf_config
+        attach_function :ddwaf_builder_init, [:ddwaf_config], :ddwaf_builder
+        attach_function :ddwaf_builder_destroy, [:ddwaf_builder], :void
+        attach_function :ddwaf_builder_add_or_update_config, [:ddwaf_builder, :string, :size_t, :ddwaf_object, :ddwaf_diagnostics], :bool
+        attach_function :ddwaf_builder_remove_config, [:ddwaf_builder, :string, :size_t], :bool
+        attach_function :ddwaf_builder_build_instance, [:ddwaf_builder], :ddwaf_handle
+        # handle
+        callback :ddwaf_object_free_fn, [:ddwaf_object], :void
-        attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_object], :ddwaf_handle
-        attach_function :ddwaf_update, [:ddwaf_handle, :ddwaf_object, :ddwaf_object], :ddwaf_handle
         attach_function :ddwaf_destroy, [:ddwaf_handle], :void
         attach_function :ddwaf_known_addresses, [:ddwaf_handle, UInt32Ptr], :charptrptr
         # updating
-        DDWAF_RET_CODE = enum :ddwaf_err_internal,         -3,
-                              :ddwaf_err_invalid_object,   -2,
-                              :ddwaf_err_invalid_argument, -1,
-                              :ddwaf_ok,                    0,
-                              :ddwaf_match,                 1
+        DDWAF_RET_CODE = enum :ddwaf_err_internal, -3,
+          :ddwaf_err_invalid_object, -2,
+          :ddwaf_err_invalid_argument, -1,
+          :ddwaf_ok, 0,
+          :ddwaf_match, 1
         typedef DDWAF_RET_CODE, :ddwaf_ret_code
         # running
@@ -271,11 +248,11 @@ module Datadog
         # Ruby representation of ddwaf_result
         # See https://github.com/DataDog/libddwaf/blob/10e3a1dfc7bc9bb8ab11a09a9f8b6b339eaf3271/include/ddwaf.h#L154-L173
         class Result < ::FFI::Struct
-          layout :timeout,       :bool,
-                 :events,        Object,
-                 :actions,       Object,
-                 :derivatives,   Object,
-                 :total_runtime, :uint64
+          layout :timeout, :bool,
+            :events, Object,
+            :actions, Object,
+            :derivatives, Object,
+            :total_runtime, :uint64
         end
         typedef Result.by_ref, :ddwaf_result
@@ -287,26 +264,16 @@ module Datadog
         # logging
         DDWAF_LOG_LEVEL = enum :ddwaf_log_trace,
-                               :ddwaf_log_debug,
-                               :ddwaf_log_info,
-                               :ddwaf_log_warn,
-                               :ddwaf_log_error,
-                               :ddwaf_log_off
+          :ddwaf_log_debug,
+          :ddwaf_log_info,
+          :ddwaf_log_warn,
+          :ddwaf_log_error,
+          :ddwaf_log_off
         typedef DDWAF_LOG_LEVEL, :ddwaf_log_level
         callback :ddwaf_log_cb, [:ddwaf_log_level, :string, :string, :uint, :charptr, :uint64], :void
         attach_function :ddwaf_set_log_cb, [:ddwaf_log_cb, :ddwaf_log_level], :bool
-        DEFAULT_MAX_CONTAINER_SIZE  = 256
-        DEFAULT_MAX_CONTAINER_DEPTH = 20
-        DEFAULT_MAX_STRING_LENGTH   = 16_384 # in bytes, UTF-8 worst case being 4x size in terms of code point)
-        DDWAF_MAX_CONTAINER_SIZE  = 256
-        DDWAF_MAX_CONTAINER_DEPTH = 20
-        DDWAF_MAX_STRING_LENGTH   = 4096
-        DDWAF_RUN_TIMEOUT = 5000
       end
     end
   end

data/lib/datadog/appsec/waf/version.rb CHANGED Viewed

@@ -2,11 +2,11 @@ module Datadog
   module AppSec
     module WAF
       module VERSION
-        BASE_STRING = '1.22.0'
+        BASE_STRING = "1.24.1"
         # NOTE: Every change to the `BASE_STRING` should be accompanied
         #       by a reset of the patch version in the `STRING` below.
-        STRING = "#{BASE_STRING}.0.2"
-        MINIMUM_RUBY_VERSION = '2.5'
+        STRING = "#{BASE_STRING}.0.3"
+        MINIMUM_RUBY_VERSION = "2.5"
       end
     end
   end

data/lib/datadog/appsec/waf.rb CHANGED Viewed

@@ -1,12 +1,14 @@
 # frozen_string_literal: true
-require 'datadog/appsec/waf/lib_ddwaf'
-require 'datadog/appsec/waf/converter'
-require 'datadog/appsec/waf/result'
-require 'datadog/appsec/waf/context'
-require 'datadog/appsec/waf/handle'
-require 'datadog/appsec/waf/version'
+require "datadog/appsec/waf/lib_ddwaf"
+require "datadog/appsec/waf/handle_builder"
+require "datadog/appsec/waf/handle"
+require "datadog/appsec/waf/converter"
+require "datadog/appsec/waf/errors"
+require "datadog/appsec/waf/result"
+require "datadog/appsec/waf/context"
+require "datadog/appsec/waf/version"
 module Datadog
   module AppSec

data/lib/libddwaf.rb CHANGED Viewed

	@@ -1 +1 @@
1	- require 'datadog/appsec/waf'
1	+ require "datadog/appsec/waf"

data/libddwaf.gemspec ADDED Viewed

@@ -0,0 +1,43 @@
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "datadog/appsec/waf/version"
+Gem::Specification.new do |spec|
+  spec.name = "libddwaf"
+  spec.version = Datadog::AppSec::WAF::VERSION::STRING
+  spec.required_ruby_version = [">= #{Datadog::AppSec::WAF::VERSION::MINIMUM_RUBY_VERSION}"]
+  spec.required_rubygems_version = ">= 2.0.0"
+  spec.authors = ["Datadog, Inc."]
+  spec.email = ["dev@datadoghq.com"]
+  spec.summary = "Datadog WAF"
+  spec.description = <<-EOS.gsub(/^[\s]+/, "")
+    libddwaf packages a WAF implementation in C++, exposed to Ruby
+  EOS
+  spec.homepage = "https://github.com/DataDog/libddwaf-rb"
+  spec.license = "BSD-3-Clause"
+  if spec.respond_to?(:metadata)
+    spec.metadata["allowed_push_host"] = "https://rubygems.org"
+  else
+    raise "RubyGems 2.0 or newer is required to protect against public gem pushes."
+  end
+  libddwaf_version = Datadog::AppSec::WAF::VERSION::BASE_STRING
+  spec.files = ["libddwaf.gemspec"]
+  spec.files.concat(Dir.glob("lib/**/*.rb"))
+  spec.files.concat(Dir.glob("{vendor/rbs,sig}/**/*.rbs"))
+  spec.files.concat(Dir.glob("{README,CHANGELOG,LICENSE,NOTICE}*"))
+  spec.files.concat(%W[
+    vendor/libddwaf/libddwaf-#{libddwaf_version}-darwin-arm64/lib/libddwaf.dylib
+    vendor/libddwaf/libddwaf-#{libddwaf_version}-darwin-x86_64/lib/libddwaf.dylib
+    vendor/libddwaf/libddwaf-#{libddwaf_version}-linux-aarch64/lib/libddwaf.so
+    vendor/libddwaf/libddwaf-#{libddwaf_version}-linux-x86_64/lib/libddwaf.so
+  ])
+  spec.require_paths = ["lib"]
+  spec.add_dependency "ffi", "~> 1.0"
+end

data/sig/datadog/appsec/waf/context.rbs ADDED Viewed

@@ -0,0 +1,29 @@
+module Datadog
+  module AppSec
+    module WAF
+      class Context
+        @context_ptr: ::FFI::Pointer
+        @retained: Array[untyped]
+        RESULT_CODE: ::Hash[::Symbol, ::Symbol]
+        def initialize: (::FFI::Pointer context_ptr) -> void
+        def finalize!: () -> void
+        def run: (WAF::data persistent_data, WAF::data ephemeral_data, ?::Integer timeout) -> Result
+        private
+        def ensure_pointer_presence!: () -> void
+        def retained: () -> Array[untyped]
+        def retain: (top object) -> void
+        def release: (top object) -> void
+      end
+    end
+  end
+end

data/sig/datadog/appsec/waf/converter.rbs ADDED Viewed

@@ -0,0 +1,11 @@
+module Datadog
+  module AppSec
+    module WAF
+      module Converter
+        def self.ruby_to_object: (top val, ?max_container_size: ::Integer?, ?max_container_depth: ::Integer?, ?max_string_length: ::Integer?, ?coerce: bool?) -> LibDDWAF::Object
+        def self.object_to_ruby: (LibDDWAF::Object obj) -> WAF::data
+      end
+    end
+  end
+end

data/sig/datadog/appsec/waf/errors.rbs ADDED Viewed

@@ -0,0 +1,20 @@
+module Datadog
+  module AppSec
+    module WAF
+      class Error < StandardError
+      end
+      class InstanceFinalizedError < Error
+      end
+      class ConversionError < Error
+      end
+      class LibDDWAFError < Error
+        attr_reader diagnostics: WAF::data
+        def initialize: (::String msg, ?diagnostics: WAF::data?) -> void
+      end
+    end
+  end
+end

data/sig/datadog/appsec/waf/handle.rbs ADDED Viewed

@@ -0,0 +1,21 @@
+module Datadog
+  module AppSec
+    module WAF
+      class Handle
+        @handle_ptr: ::FFI::Pointer
+        def initialize: (::FFI::Pointer handle_ptr) -> void
+        def finalize!: () -> void
+        def build_context: () -> Context
+        def known_addresses: () -> ::Array[::String?]
+        private
+        def ensure_pointer_presence!: () -> void
+      end
+    end
+  end
+end

data/sig/datadog/appsec/waf/handle_builder.rbs ADDED Viewed

@@ -0,0 +1,23 @@
+module Datadog
+  module AppSec
+    module WAF
+      class HandleBuilder
+        @builder_ptr: ::FFI::Pointer
+        def initialize: (?limits: ::Hash[::Symbol, ::Integer], ?obfuscator: ::Hash[::Symbol, ::String]) -> void
+        def finalize!: () -> void
+        def build_handle: () -> Handle
+        def add_or_update_config: (data config, path: ::String) -> data
+        def remove_config_at_path: (::String path) -> bool
+        private
+        def ensure_pointer_presence!: () -> void
+      end
+    end
+  end
+end