libddwaf 1.24.1.0.3-x86_64-linux → 1.24.1.1.1-x86_64-linux
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -1
- data/lib/datadog/appsec/waf/context.rb +7 -1
- data/lib/datadog/appsec/waf/converter.rb +35 -17
- data/lib/datadog/appsec/waf/handle.rb +3 -1
- data/lib/datadog/appsec/waf/lib_ddwaf.rb +8 -0
- data/lib/datadog/appsec/waf/result.rb +9 -0
- data/lib/datadog/appsec/waf/version.rb +1 -1
- data/lib/libddwaf.rb +2 -0
- data/libddwaf.gemspec +1 -1
- data/sig/datadog/appsec/waf/converter.rbs +1 -1
- data/sig/datadog/appsec/waf/handle.rbs +1 -1
- data/sig/datadog/appsec/waf/lib_ddwaf.rbs +3 -0
- data/sig/datadog/appsec/waf/result.rbs +6 -0
- data/sig/datadog/appsec/waf.rbs +2 -0
- metadata +3 -6
    
        checksums.yaml
    CHANGED
    
    | @@ -1,7 +1,7 @@ | |
| 1 1 | 
             
            ---
         | 
| 2 2 | 
             
            SHA256:
         | 
| 3 | 
            -
              metadata.gz:  | 
| 4 | 
            -
              data.tar.gz:  | 
| 3 | 
            +
              metadata.gz: 0cd7c1d506263ff40f8a4fe977a552b47afb1e9973fb764b70a881ddd2be1fa6
         | 
| 4 | 
            +
              data.tar.gz: 3fd07ba586f14ad9a856c5ab8a83eeb9226671d08c65d12a3d00e74fba70a47f
         | 
| 5 5 | 
             
            SHA512:
         | 
| 6 | 
            -
              metadata.gz:  | 
| 7 | 
            -
              data.tar.gz:  | 
| 6 | 
            +
              metadata.gz: 206088b063f0cd02cc33a6bdd9ebc1f1e3c5821af23c211c798a93ce5f1aa3b4098fbdf95d9cb51b0db2461fe950312476ca82c8cc9bcdb06f333661d791f92f
         | 
| 7 | 
            +
              data.tar.gz: f11671b9319faf3ff7687cfdc6a440b66d31e5e0824c95e4bc02c749cddde5b7553cf6420e81dbb5c505ba79c9137cdab8ad10f87944322ab3a26e7426bf3e0a
         | 
    
        data/CHANGELOG.md
    CHANGED
    
    | @@ -1,4 +1,20 @@ | |
| 1 | 
            -
            # Unreleased | 
| 1 | 
            +
            # Unreleased
         | 
| 2 | 
            +
             | 
| 3 | 
            +
            ## Added
         | 
| 4 | 
            +
             | 
| 5 | 
            +
            - Add `WAF::Result#input_truncated?` method that indicates that result is based on truncated input objects (see `LibDDWAF::Object#input_truncated?`)
         | 
| 6 | 
            +
             | 
| 7 | 
            +
            # 2025-08-15 v1.24.1.1.0
         | 
| 8 | 
            +
             | 
| 9 | 
            +
            ## Added
         | 
| 10 | 
            +
             | 
| 11 | 
            +
            - Add `LibDDWAF::Object#input_truncated?` method that returns true if the input object was truncated during conversion to libddwaf object
         | 
| 12 | 
            +
             | 
| 13 | 
            +
            ## Changed
         | 
| 14 | 
            +
             | 
| 15 | 
            +
            - Change `Handle#known_addresses` to cache the result
         | 
| 16 | 
            +
             | 
| 17 | 
            +
            # 2025-05-20 v1.24.1.0.0
         | 
| 2 18 |  | 
| 3 19 | 
             
            ## Added
         | 
| 4 20 |  | 
| @@ -74,7 +74,7 @@ module Datadog | |
| 74 74 |  | 
| 75 75 | 
             
                      code = LibDDWAF.ddwaf_run(@context_ptr, persistent_data_obj, ephemeral_data_obj, result_obj, timeout)
         | 
| 76 76 |  | 
| 77 | 
            -
                      Result.new(
         | 
| 77 | 
            +
                      result = Result.new(
         | 
| 78 78 | 
             
                        RESULT_CODE[code],
         | 
| 79 79 | 
             
                        Converter.object_to_ruby(result_obj[:events]),
         | 
| 80 80 | 
             
                        result_obj[:total_runtime],
         | 
| @@ -82,6 +82,12 @@ module Datadog | |
| 82 82 | 
             
                        Converter.object_to_ruby(result_obj[:actions]),
         | 
| 83 83 | 
             
                        Converter.object_to_ruby(result_obj[:derivatives])
         | 
| 84 84 | 
             
                      )
         | 
| 85 | 
            +
             | 
| 86 | 
            +
                      if persistent_data_obj.truncated? || ephemeral_data_obj.truncated?
         | 
| 87 | 
            +
                        result.mark_input_truncated!
         | 
| 88 | 
            +
                      end
         | 
| 89 | 
            +
             | 
| 90 | 
            +
                      result
         | 
| 85 91 | 
             
                    ensure
         | 
| 86 92 | 
             
                      LibDDWAF.ddwaf_result_free(result_obj) if result_obj
         | 
| 87 93 | 
             
                      LibDDWAF.ddwaf_object_free(ephemeral_data_obj) if ephemeral_data_obj
         | 
| @@ -8,27 +8,32 @@ module Datadog | |
| 8 8 | 
             
                    module_function
         | 
| 9 9 |  | 
| 10 10 | 
             
                    # standard:disable Metrics/MethodLength,Metrics/CyclomaticComplexity
         | 
| 11 | 
            -
                    def ruby_to_object(val, max_container_size: nil, max_container_depth: nil, max_string_length: nil, coerce: true)
         | 
| 11 | 
            +
                    def ruby_to_object(val, max_container_size: nil, max_container_depth: nil, max_string_length: nil, top_obj: nil, coerce: true)
         | 
| 12 12 | 
             
                      case val
         | 
| 13 13 | 
             
                      when Array
         | 
| 14 14 | 
             
                        obj = LibDDWAF::Object.new
         | 
| 15 15 | 
             
                        res = LibDDWAF.ddwaf_object_array(obj)
         | 
| 16 16 | 
             
                        raise ConversionError, "Could not convert into object: #{val}" if res.null?
         | 
| 17 17 |  | 
| 18 | 
            -
                         | 
| 19 | 
            -
             | 
| 18 | 
            +
                        if max_container_depth == 0
         | 
| 19 | 
            +
                          top_obj&.mark_truncated!
         | 
| 20 | 
            +
                        else
         | 
| 20 21 | 
             
                          val.each.with_index do |e, i|
         | 
| 22 | 
            +
                            if max_container_size && i >= max_container_size
         | 
| 23 | 
            +
                              (top_obj || obj).mark_truncated!
         | 
| 24 | 
            +
                              break val
         | 
| 25 | 
            +
                            end
         | 
| 26 | 
            +
             | 
| 21 27 | 
             
                            member = Converter.ruby_to_object(
         | 
| 22 28 | 
             
                              e,
         | 
| 23 29 | 
             
                              max_container_size: max_container_size,
         | 
| 24 30 | 
             
                              max_container_depth: (max_container_depth - 1 if max_container_depth),
         | 
| 25 31 | 
             
                              max_string_length: max_string_length,
         | 
| 32 | 
            +
                              top_obj: top_obj || obj,
         | 
| 26 33 | 
             
                              coerce: coerce
         | 
| 27 34 | 
             
                            )
         | 
| 28 35 | 
             
                            e_res = LibDDWAF.ddwaf_object_array_add(obj, member)
         | 
| 29 36 | 
             
                            raise ConversionError, "Could not add to array object: #{e.inspect}" unless e_res
         | 
| 30 | 
            -
             | 
| 31 | 
            -
                            break val if max_index && i >= max_index
         | 
| 32 37 | 
             
                          end
         | 
| 33 38 | 
             
                        end
         | 
| 34 39 |  | 
| @@ -38,25 +43,33 @@ module Datadog | |
| 38 43 | 
             
                        res = LibDDWAF.ddwaf_object_map(obj)
         | 
| 39 44 | 
             
                        raise ConversionError, "Could not convert into object: #{val}" if res.null?
         | 
| 40 45 |  | 
| 41 | 
            -
                         | 
| 42 | 
            -
             | 
| 46 | 
            +
                        if max_container_depth == 0
         | 
| 47 | 
            +
                          top_obj&.mark_truncated!
         | 
| 48 | 
            +
                        else
         | 
| 43 49 | 
             
                          val.each.with_index do |e, i|
         | 
| 50 | 
            +
                            if max_container_size && i >= max_container_size
         | 
| 51 | 
            +
                              (top_obj || obj).mark_truncated!
         | 
| 52 | 
            +
                              break val
         | 
| 53 | 
            +
                            end
         | 
| 54 | 
            +
             | 
| 44 55 | 
             
                            # for Steep, which doesn't handle |(k, v), i|
         | 
| 45 | 
            -
                            k = e[0]
         | 
| 56 | 
            +
                            k = e[0].to_s
         | 
| 46 57 | 
             
                            v = e[1]
         | 
| 47 58 |  | 
| 48 | 
            -
                             | 
| 59 | 
            +
                            if max_string_length && k.length > max_string_length
         | 
| 60 | 
            +
                              k = k[0, max_string_length]
         | 
| 61 | 
            +
                              (top_obj || obj).mark_truncated!
         | 
| 62 | 
            +
                            end
         | 
| 49 63 | 
             
                            member = Converter.ruby_to_object(
         | 
| 50 64 | 
             
                              v,
         | 
| 51 65 | 
             
                              max_container_size: max_container_size,
         | 
| 52 66 | 
             
                              max_container_depth: (max_container_depth - 1 if max_container_depth),
         | 
| 53 67 | 
             
                              max_string_length: max_string_length,
         | 
| 68 | 
            +
                              top_obj: top_obj || obj,
         | 
| 54 69 | 
             
                              coerce: coerce
         | 
| 55 70 | 
             
                            )
         | 
| 56 | 
            -
                            kv_res = LibDDWAF.ddwaf_object_map_addl(obj, k | 
| 57 | 
            -
                            raise ConversionError, "Could not add to map object: #{ | 
| 58 | 
            -
             | 
| 59 | 
            -
                            break val if max_index && i >= max_index
         | 
| 71 | 
            +
                            kv_res = LibDDWAF.ddwaf_object_map_addl(obj, k, k.bytesize, member)
         | 
| 72 | 
            +
                            raise ConversionError, "Could not add to map object: #{e[0].inspect} => #{v.inspect}" unless kv_res
         | 
| 60 73 | 
             
                          end
         | 
| 61 74 | 
             
                        end
         | 
| 62 75 |  | 
| @@ -64,16 +77,21 @@ module Datadog | |
| 64 77 | 
             
                      when String
         | 
| 65 78 | 
             
                        obj = LibDDWAF::Object.new
         | 
| 66 79 | 
             
                        encoded_val = val.to_s.encode(Encoding::UTF_8, invalid: :replace, undef: :replace)
         | 
| 67 | 
            -
                         | 
| 68 | 
            -
             | 
| 69 | 
            -
             | 
| 80 | 
            +
                        if max_string_length && encoded_val.length > max_string_length
         | 
| 81 | 
            +
                          encoded_val = encoded_val[0, max_string_length] #: String
         | 
| 82 | 
            +
                          (top_obj || obj).mark_truncated!
         | 
| 83 | 
            +
                        end
         | 
| 84 | 
            +
                        res = LibDDWAF.ddwaf_object_stringl(obj, encoded_val, encoded_val.bytesize)
         | 
| 70 85 | 
             
                        raise ConversionError, "Could not convert into object: #{val.inspect}" if res.null?
         | 
| 71 86 |  | 
| 72 87 | 
             
                        obj
         | 
| 73 88 | 
             
                      when Symbol
         | 
| 74 89 | 
             
                        obj = LibDDWAF::Object.new
         | 
| 75 | 
            -
                        val = val.to_s[0, max_string_length] if max_string_length
         | 
| 76 90 | 
             
                        str = val.to_s
         | 
| 91 | 
            +
                        if max_string_length && str.length > max_string_length
         | 
| 92 | 
            +
                          str = str[0, max_string_length] #: String
         | 
| 93 | 
            +
                          (top_obj || obj).mark_truncated!
         | 
| 94 | 
            +
                        end
         | 
| 77 95 | 
             
                        res = LibDDWAF.ddwaf_object_stringl(obj, str, str.bytesize)
         | 
| 78 96 | 
             
                        raise ConversionError, "Could not convert into object: #{val.inspect}" if res.null?
         | 
| 79 97 |  | 
| @@ -37,6 +37,8 @@ module Datadog | |
| 37 37 | 
             
                    #
         | 
| 38 38 | 
             
                    # @return [Array<String>] the list of known addresses
         | 
| 39 39 | 
             
                    def known_addresses
         | 
| 40 | 
            +
                      return @known_addresses if defined?(@known_addresses)
         | 
| 41 | 
            +
             | 
| 40 42 | 
             
                      ensure_pointer_presence!
         | 
| 41 43 |  | 
| 42 44 | 
             
                      count = LibDDWAF::UInt32Ptr.new
         | 
| @@ -44,7 +46,7 @@ module Datadog | |
| 44 46 |  | 
| 45 47 | 
             
                      return [] if count == 0 # list is null
         | 
| 46 48 |  | 
| 47 | 
            -
                      list.get_array_of_string(0, count[:value])
         | 
| 49 | 
            +
                      @known_addresses = list.get_array_of_string(0, count[:value]).compact
         | 
| 48 50 | 
             
                    end
         | 
| 49 51 |  | 
| 50 52 | 
             
                    private
         | 
| @@ -136,6 +136,14 @@ module Datadog | |
| 136 136 | 
             
                        :valueUnion, ObjectValueUnion,
         | 
| 137 137 | 
             
                        :nbEntries, :uint64,
         | 
| 138 138 | 
             
                        :type, :ddwaf_obj_type
         | 
| 139 | 
            +
             | 
| 140 | 
            +
                      def truncated?
         | 
| 141 | 
            +
                        @truncated == true
         | 
| 142 | 
            +
                      end
         | 
| 143 | 
            +
             | 
| 144 | 
            +
                      def mark_truncated!
         | 
| 145 | 
            +
                        @truncated = true
         | 
| 146 | 
            +
                      end
         | 
| 139 147 | 
             
                    end
         | 
| 140 148 |  | 
| 141 149 | 
             
                    typedef Object.by_ref, :ddwaf_object
         | 
| @@ -15,6 +15,15 @@ module Datadog | |
| 15 15 | 
             
                      @timeout = timeout
         | 
| 16 16 | 
             
                      @actions = actions
         | 
| 17 17 | 
             
                      @derivatives = derivatives
         | 
| 18 | 
            +
                      @input_truncated = false
         | 
| 19 | 
            +
                    end
         | 
| 20 | 
            +
             | 
| 21 | 
            +
                    def mark_input_truncated!
         | 
| 22 | 
            +
                      @input_truncated = true
         | 
| 23 | 
            +
                    end
         | 
| 24 | 
            +
             | 
| 25 | 
            +
                    def input_truncated?
         | 
| 26 | 
            +
                      @input_truncated
         | 
| 18 27 | 
             
                    end
         | 
| 19 28 |  | 
| 20 29 | 
             
                    def to_h
         | 
| @@ -5,7 +5,7 @@ module Datadog | |
| 5 5 | 
             
                    BASE_STRING = "1.24.1"
         | 
| 6 6 | 
             
                    # NOTE: Every change to the `BASE_STRING` should be accompanied
         | 
| 7 7 | 
             
                    #       by a reset of the patch version in the `STRING` below.
         | 
| 8 | 
            -
                    STRING = "#{BASE_STRING}. | 
| 8 | 
            +
                    STRING = "#{BASE_STRING}.1.1"
         | 
| 9 9 | 
             
                    MINIMUM_RUBY_VERSION = "2.5"
         | 
| 10 10 | 
             
                  end
         | 
| 11 11 | 
             
                end
         | 
    
        data/lib/libddwaf.rb
    CHANGED
    
    
    
        data/libddwaf.gemspec
    CHANGED
    
    | @@ -11,7 +11,7 @@ Gem::Specification.new do |spec| | |
| 11 11 | 
             
              spec.email = ["dev@datadoghq.com"]
         | 
| 12 12 |  | 
| 13 13 | 
             
              spec.summary = "Datadog WAF"
         | 
| 14 | 
            -
              spec.description = <<-EOS.gsub( | 
| 14 | 
            +
              spec.description = <<-EOS.gsub(/^\s+/, "")
         | 
| 15 15 | 
             
                libddwaf packages a WAF implementation in C++, exposed to Ruby
         | 
| 16 16 | 
             
              EOS
         | 
| 17 17 |  | 
| @@ -2,7 +2,7 @@ module Datadog | |
| 2 2 | 
             
              module AppSec
         | 
| 3 3 | 
             
                module WAF
         | 
| 4 4 | 
             
                  module Converter
         | 
| 5 | 
            -
                    def self.ruby_to_object: (top val, ?max_container_size: ::Integer?, ?max_container_depth: ::Integer?, ?max_string_length: ::Integer?, ?coerce: bool?) -> LibDDWAF::Object
         | 
| 5 | 
            +
                    def self.ruby_to_object: (top val, ?max_container_size: ::Integer?, ?max_container_depth: ::Integer?, ?max_string_length: ::Integer?, ?top_obj: LibDDWAF::Object?, ?coerce: bool?) -> LibDDWAF::Object
         | 
| 6 6 |  | 
| 7 7 | 
             
                    def self.object_to_ruby: (LibDDWAF::Object obj) -> WAF::data
         | 
| 8 8 | 
             
                  end
         | 
| @@ -14,6 +14,8 @@ module Datadog | |
| 14 14 |  | 
| 15 15 | 
             
                    @derivatives: WAF::data
         | 
| 16 16 |  | 
| 17 | 
            +
                    @input_truncated: bool
         | 
| 18 | 
            +
             | 
| 17 19 | 
             
                    attr_reader status: ::Symbol
         | 
| 18 20 |  | 
| 19 21 | 
             
                    attr_reader events: WAF::data
         | 
| @@ -27,6 +29,10 @@ module Datadog | |
| 27 29 | 
             
                    attr_reader derivatives: WAF::data
         | 
| 28 30 |  | 
| 29 31 | 
             
                    def initialize: (::Symbol status, WAF::data events, ::Float total_runtime, bool timeout, WAF::data actions, WAF::data derivatives) -> void
         | 
| 32 | 
            +
             | 
| 33 | 
            +
                    def mark_input_truncated!: () -> bool
         | 
| 34 | 
            +
             | 
| 35 | 
            +
                    def input_truncated?: () -> bool
         | 
| 30 36 | 
             
                  end
         | 
| 31 37 | 
             
                end
         | 
| 32 38 | 
             
              end
         | 
    
        data/sig/datadog/appsec/waf.rbs
    CHANGED
    
    | @@ -2,6 +2,8 @@ module Datadog | |
| 2 2 | 
             
              module AppSec
         | 
| 3 3 | 
             
                module WAF
         | 
| 4 4 | 
             
                  type data = String | Symbol | Integer | Float | TrueClass | FalseClass | Array[data] | Hash[(String | Symbol | nil), data] | nil
         | 
| 5 | 
            +
                  type known_addresses = ::Array[::String]
         | 
| 6 | 
            +
                  type diagnostics = ::Hash[::String, untyped]
         | 
| 5 7 |  | 
| 6 8 | 
             
                  def self.version: () -> ::String
         | 
| 7 9 |  | 
    
        metadata
    CHANGED
    
    | @@ -1,14 +1,13 @@ | |
| 1 1 | 
             
            --- !ruby/object:Gem::Specification
         | 
| 2 2 | 
             
            name: libddwaf
         | 
| 3 3 | 
             
            version: !ruby/object:Gem::Version
         | 
| 4 | 
            -
              version: 1.24.1. | 
| 4 | 
            +
              version: 1.24.1.1.1
         | 
| 5 5 | 
             
            platform: x86_64-linux
         | 
| 6 6 | 
             
            authors:
         | 
| 7 7 | 
             
            - Datadog, Inc.
         | 
| 8 | 
            -
            autorequire:
         | 
| 9 8 | 
             
            bindir: bin
         | 
| 10 9 | 
             
            cert_chain: []
         | 
| 11 | 
            -
            date: 2025- | 
| 10 | 
            +
            date: 2025-09-16 00:00:00.000000000 Z
         | 
| 12 11 | 
             
            dependencies:
         | 
| 13 12 | 
             
            - !ruby/object:Gem::Dependency
         | 
| 14 13 | 
             
              name: ffi
         | 
| @@ -69,7 +68,6 @@ licenses: | |
| 69 68 | 
             
            - BSD-3-Clause
         | 
| 70 69 | 
             
            metadata:
         | 
| 71 70 | 
             
              allowed_push_host: https://rubygems.org
         | 
| 72 | 
            -
            post_install_message:
         | 
| 73 71 | 
             
            rdoc_options: []
         | 
| 74 72 | 
             
            require_paths:
         | 
| 75 73 | 
             
            - lib
         | 
| @@ -84,8 +82,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement | |
| 84 82 | 
             
                - !ruby/object:Gem::Version
         | 
| 85 83 | 
             
                  version: 2.0.0
         | 
| 86 84 | 
             
            requirements: []
         | 
| 87 | 
            -
            rubygems_version: 3. | 
| 88 | 
            -
            signing_key:
         | 
| 85 | 
            +
            rubygems_version: 3.6.2
         | 
| 89 86 | 
             
            specification_version: 4
         | 
| 90 87 | 
             
            summary: Datadog WAF
         | 
| 91 88 | 
             
            test_files: []
         |