libddwaf 1.24.1.2.0-x86_64-darwin → 1.25.1.0.0-x86_64-darwin

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c307d3853359633c27951b5b01851ff85bcf573e49651877d944eaf6e4d69be6
-  data.tar.gz: 368c663258d6f4645195fce8329986d9db27ff3a8a609dca6e1c9c4e02826a06
+  metadata.gz: d1ac616d225d5519ea6bbca7cd044cf802b4f7f0cc4f17c3d05a6efbd8ee34da
+  data.tar.gz: 46ac1e815a7184e147d9bdcb5ede864b1ab8a93f6e54a03380e0955196149fe8
 SHA512:
-  metadata.gz: 8e3f47f9e0ce640144c86411db27a6c0390d6a5194da34b182e328307f689532f1d5527815596ebda5028f44a3296f07033f8b33430bc2eb98a1e64ff83acd6c
-  data.tar.gz: d49b9b18b00930368827eedf1db22949857935555bc9bd8a6e3a090d9376ce11f8005451c8f8c03e41556388418f384b92fb138e05fe6dc2fcf96030c30bd839
+  metadata.gz: '038c427b03b4af7239d1d6c776fb60dbb23e622bb096951b092e4a2215ca8a85d71d6f2a30e99c3f96b4c5a0a9bb3289c9a34689e9dc1962b8dae828f25f0216'
+  data.tar.gz: cedff7ac3f57641e3104ba4803516e5f049dcc9beb11094a75aaaa531154c5c2fc336159f500fe8e7a6baf07ba9798bdfe7ae89891980ad32a05a203e04693b3

data/CHANGELOG.md

@@ -1,5 +1,25 @@
 # Unreleased
 
+# 2025-09-16 v1.25.1.0.0
+
+## Added
+
+- Add `Result#keep?` method
+
+## Changed
+
+- Change `LibDDWAF::Object#input_truncated?` to `LibDDWAF::Object#truncated?` method
+- Change `LibDDWAF::Object#mark_as_input_truncated?` to `LibDDWAF::Object#mark_truncated?` method
+- Change `Result#timeout` to `Result#timeout?` method
+- Change `Result#derivatives` to `Result#attributes` method
+- Change `Result#total_runtime` to `Result#duration` method
+
+# 2025-09-15 v1.24.1.2.1
+
+## Fixed
+
+- Fix conversion of non-string Hash keys with potential size truncation
+
 # 2025-09-02 v1.24.1.2.0
 
 ## Added

data/lib/datadog/appsec/waf/context.rb

@@ -69,27 +69,33 @@ module Datadog
             raise ConversionError, "Could not convert ephemeral data: #{ephemeral_data.inspect}"
           end
 
-          result_obj = LibDDWAF::Result.new
+          result_obj = LibDDWAF::Object.new
           raise LibDDWAFError, "Could not create result object" if result_obj.null?
 
           code = LibDDWAF.ddwaf_run(@context_ptr, persistent_data_obj, ephemeral_data_obj, result_obj, timeout)
+          result = Converter.object_to_ruby(result_obj) #: ::Hash[::String, WAF::data]
+
+          if result.nil?
+            raise ConversionError, "Could not convert result into object: #{code}"
+          end
 
           result = Result.new(
-            RESULT_CODE[code],
-            Converter.object_to_ruby(result_obj[:events]),
-            result_obj[:total_runtime],
-            result_obj[:timeout],
-            Converter.object_to_ruby(result_obj[:actions]),
-            Converter.object_to_ruby(result_obj[:derivatives])
+            status: RESULT_CODE[code],
+            events: result["events"],
+            actions: result["actions"],
+            attributes: result["attributes"],
+            duration: result["duration"], #: ::Integer
+            timeout: result["timeout"],   #: bool
+            keep: result["keep"]          #: bool
           )
 
-          if persistent_data_obj.input_truncated? || ephemeral_data_obj.input_truncated?
+          if persistent_data_obj.truncated? || ephemeral_data_obj.truncated?
             result.mark_input_truncated!
           end
 
           result
         ensure
-          LibDDWAF.ddwaf_result_free(result_obj) if result_obj
+          LibDDWAF.ddwaf_object_free(result_obj) if result_obj
           LibDDWAF.ddwaf_object_free(ephemeral_data_obj) if ephemeral_data_obj
         end
 

data/lib/datadog/appsec/waf/converter.rb

@@ -15,11 +15,15 @@ module Datadog
             res = LibDDWAF.ddwaf_object_array(obj)
             raise ConversionError, "Could not convert into object: #{val}" if res.null?
 
-            max_index = max_container_size - 1 if max_container_size
             if max_container_depth == 0
-              top_obj&.mark_as_input_truncated!
+              top_obj&.mark_truncated!
             else
               val.each.with_index do |e, i|
+                if max_container_size && i >= max_container_size
+                  (top_obj || obj).mark_truncated!
+                  break val
+                end
+
                 member = Converter.ruby_to_object(
                   e,
                   max_container_size: max_container_size,
@@ -30,11 +34,6 @@ module Datadog
                 )
                 e_res = LibDDWAF.ddwaf_object_array_add(obj, member)
                 raise ConversionError, "Could not add to array object: #{e.inspect}" unless e_res
-
-                if max_index && i >= max_index
-                  (top_obj || obj).mark_as_input_truncated!
-                  break val
-                end
               end
             end
 
@@ -44,18 +43,22 @@ module Datadog
             res = LibDDWAF.ddwaf_object_map(obj)
             raise ConversionError, "Could not convert into object: #{val}" if res.null?
 
-            max_index = max_container_size - 1 if max_container_size
             if max_container_depth == 0
-              top_obj&.mark_as_input_truncated!
+              top_obj&.mark_truncated!
             else
               val.each.with_index do |e, i|
+                if max_container_size && i >= max_container_size
+                  (top_obj || obj).mark_truncated!
+                  break val
+                end
+
                 # for Steep, which doesn't handle |(k, v), i|
-                k = e[0]
+                k = e[0].to_s
                 v = e[1]
 
                 if max_string_length && k.length > max_string_length
-                  k = k.to_s[0, max_string_length]
-                  (top_obj || obj).mark_as_input_truncated!
+                  k = k[0, max_string_length]
+                  (top_obj || obj).mark_truncated!
                 end
                 member = Converter.ruby_to_object(
                   v,
@@ -65,13 +68,8 @@ module Datadog
                   top_obj: top_obj || obj,
                   coerce: coerce
                 )
-                kv_res = LibDDWAF.ddwaf_object_map_addl(obj, k.to_s, k.to_s.bytesize, member)
-                raise ConversionError, "Could not add to map object: #{k.inspect} => #{v.inspect}" unless kv_res
-
-                if max_index && i >= max_index
-                  (top_obj || obj).mark_as_input_truncated!
-                  break val
-                end
+                kv_res = LibDDWAF.ddwaf_object_map_addl(obj, k, k.bytesize, member)
+                raise ConversionError, "Could not add to map object: #{e[0].inspect} => #{v.inspect}" unless kv_res
               end
             end
 
@@ -80,21 +78,20 @@ module Datadog
             obj = LibDDWAF::Object.new
             encoded_val = val.to_s.encode(Encoding::UTF_8, invalid: :replace, undef: :replace)
             if max_string_length && encoded_val.length > max_string_length
-              encoded_val = encoded_val[0, max_string_length]
-              (top_obj || obj).mark_as_input_truncated!
+              encoded_val = encoded_val[0, max_string_length] #: String
+              (top_obj || obj).mark_truncated!
             end
-            str = encoded_val.to_s
-            res = LibDDWAF.ddwaf_object_stringl(obj, str, str.bytesize)
+            res = LibDDWAF.ddwaf_object_stringl(obj, encoded_val, encoded_val.bytesize)
             raise ConversionError, "Could not convert into object: #{val.inspect}" if res.null?
 
             obj
           when Symbol
             obj = LibDDWAF::Object.new
-            if max_string_length
-              val = val.to_s[0, max_string_length]
-              (top_obj || obj).mark_as_input_truncated!
-            end
             str = val.to_s
+            if max_string_length && str.length > max_string_length
+              str = str[0, max_string_length] #: String
+              (top_obj || obj).mark_truncated!
+            end
             res = LibDDWAF.ddwaf_object_stringl(obj, str, str.bytesize)
             raise ConversionError, "Could not convert into object: #{val.inspect}" if res.null?
 
@@ -173,7 +170,7 @@ module Datadog
               a << e # steep:ignore
             end
           when :ddwaf_obj_map
-            (0...obj[:nbEntries]).each.with_object({}) do |i, h|
+            (0...obj[:nbEntries]).each.with_object({}) do |i, h| #$ ::Hash[::String, WAF::data]
               ptr = obj[:valueUnion][:array] + i * Datadog::AppSec::WAF::LibDDWAF::Object.size
               o = Datadog::AppSec::WAF::LibDDWAF::Object.new(ptr)
               l = o[:parameterNameLength]

data/lib/datadog/appsec/waf/lib_ddwaf.rb

@@ -137,12 +137,12 @@ module Datadog
             :nbEntries, :uint64,
             :type, :ddwaf_obj_type
 
-          def input_truncated?
-            @input_truncated == true
+          def truncated?
+            @truncated == true
           end
 
-          def mark_as_input_truncated!
-            @input_truncated = true
+          def mark_truncated!
+            @truncated = true
           end
         end
 
@@ -253,21 +253,9 @@ module Datadog
         attach_function :ddwaf_context_init, [:ddwaf_handle], :ddwaf_context
         attach_function :ddwaf_context_destroy, [:ddwaf_context], :void
 
-        # Ruby representation of ddwaf_result
-        # See https://github.com/DataDog/libddwaf/blob/10e3a1dfc7bc9bb8ab11a09a9f8b6b339eaf3271/include/ddwaf.h#L154-L173
-        class Result < ::FFI::Struct
-          layout :timeout, :bool,
-            :events, Object,
-            :actions, Object,
-            :derivatives, Object,
-            :total_runtime, :uint64
-        end
-
-        typedef Result.by_ref, :ddwaf_result
         typedef :uint64, :timeout_us
 
-        attach_function :ddwaf_run, [:ddwaf_context, :ddwaf_object, :ddwaf_object, :ddwaf_result, :timeout_us], :ddwaf_ret_code, blocking: true
-        attach_function :ddwaf_result_free, [:ddwaf_result], :void
+        attach_function :ddwaf_run, [:ddwaf_context, :ddwaf_object, :ddwaf_object, :ddwaf_object, :timeout_us], :ddwaf_ret_code, blocking: true
 
         # logging
 

data/lib/datadog/appsec/waf/result.rb

@@ -4,17 +4,18 @@ module Datadog
   module AppSec
     module WAF
       # Ruby representation of the ddwaf_result of a libddwaf run.
-      # See https://github.com/DataDog/libddwaf/blob/10e3a1dfc7bc9bb8ab11a09a9f8b6b339eaf3271/include/ddwaf.h#L159-L173
+      # See https://github.com/DataDog/libddwaf/blob/8dbee187ff74a0aa25e1bcbdde51677f77930e1b/include/ddwaf.h#L277-L290
       class Result
-        attr_reader :status, :events, :total_runtime, :timeout, :actions, :derivatives
+        attr_reader :status, :events, :actions, :attributes, :duration
 
-        def initialize(status, events, total_runtime, timeout, actions, derivatives)
+        def initialize(status:, events:, actions:, attributes:, duration:, timeout:, keep:)
           @status = status
           @events = events
-          @total_runtime = total_runtime
-          @timeout = timeout
           @actions = actions
-          @derivatives = derivatives
+          @attributes = attributes
+          @duration = duration
+          @timeout = timeout
+          @keep = keep
           @input_truncated = false
         end
 
@@ -22,6 +23,14 @@ module Datadog
           @input_truncated = true
         end
 
+        def timeout?
+          @timeout
+        end
+
+        def keep?
+          @keep
+        end
+
         def input_truncated?
           @input_truncated
         end
@@ -30,10 +39,12 @@ module Datadog
           {
             status: @status,
             events: @events,
-            total_runtime: @total_runtime,
-            timeout: @timeout,
             actions: @actions,
-            derivatives: @derivatives
+            attributes: @attributes,
+            duration: @duration,
+            timeout: @timeout,
+            keep: @keep,
+            input_truncated: @input_truncated
           }
         end
       end

data/lib/datadog/appsec/waf/version.rb

@@ -2,10 +2,10 @@ module Datadog
   module AppSec
     module WAF
       module VERSION
-        BASE_STRING = "1.24.1"
+        BASE_STRING = "1.25.1"
         # NOTE: Every change to the `BASE_STRING` should be accompanied
         #       by a reset of the patch version in the `STRING` below.
-        STRING = "#{BASE_STRING}.2.0"
+        STRING = "#{BASE_STRING}.0.0"
         MINIMUM_RUBY_VERSION = "2.5"
       end
     end

data/libddwaf.gemspec

@@ -11,7 +11,7 @@ Gem::Specification.new do |spec|
   spec.email = ["dev@datadoghq.com"]
 
   spec.summary = "Datadog WAF"
-  spec.description = <<-EOS.gsub(/^[\s]+/, "")
+  spec.description = <<-EOS.gsub(/^\s+/, "")
     libddwaf packages a WAF implementation in C++, exposed to Ruby
   EOS
 

data/sig/datadog/appsec/waf/converter.rbs

@@ -2,9 +2,9 @@ module Datadog
   module AppSec
     module WAF
       module Converter
-        def self.ruby_to_object: (top val, ?max_container_size: ::Integer?, ?max_container_depth: ::Integer?, ?max_string_length: ::Integer?, ?top_obj: LibDDWAF::Object?, ?coerce: bool?) -> LibDDWAF::Object
+        def self?.ruby_to_object: (top val, ?max_container_size: ::Integer?, ?max_container_depth: ::Integer?, ?max_string_length: ::Integer?, ?top_obj: LibDDWAF::Object?, ?coerce: bool?) -> LibDDWAF::Object
 
-        def self.object_to_ruby: (LibDDWAF::Object obj) -> WAF::data
+        def self?.object_to_ruby: (LibDDWAF::Object obj) -> WAF::data
       end
     end
   end

data/sig/datadog/appsec/waf/lib_ddwaf.rbs

@@ -58,9 +58,9 @@ module Datadog
         end
 
         class Object < ::FFI::Struct[::FFI::AbstractMemory, untyped]
-          def input_truncated?: () -> bool
+          def truncated?: () -> bool
 
-          def mark_as_input_truncated!: () -> bool
+          def mark_truncated!: () -> bool
         end
 
         # setters
@@ -139,11 +139,7 @@ module Datadog
         def self.ddwaf_context_init: (::FFI::Pointer) -> ::FFI::Pointer
         def self.ddwaf_context_destroy: (::FFI::Pointer) -> void
 
-        class Result < ::FFI::Struct[::FFI::AbstractMemory, untyped]
-        end
-
-        def self.ddwaf_run: (::FFI::Pointer, Object, Object, Result, ::Integer) -> ::Symbol
-        def self.ddwaf_result_free: (Result) -> void
+        def self.ddwaf_run: (::FFI::Pointer, Object, Object, Object, ::Integer) -> ::Symbol
 
         # logging
 

data/sig/datadog/appsec/waf/result.rbs

@@ -6,13 +6,15 @@ module Datadog
 
         @events: WAF::data
 
-        @total_runtime: ::Float
+        @actions: WAF::data
 
-        @timeout: bool
+        @attributes: WAF::data
 
-        @actions: WAF::data
+        @duration: ::Integer
 
-        @derivatives: WAF::data
+        @timeout: bool
+
+        @keep: bool
 
         @input_truncated: bool
 
@@ -20,19 +22,31 @@ module Datadog
 
         attr_reader events: WAF::data
 
-        attr_reader total_runtime: ::Float
-
-        attr_reader timeout: bool
-
         attr_reader actions: WAF::data
 
-        attr_reader derivatives: WAF::data
+        attr_reader attributes: WAF::data
+
+        attr_reader duration: ::Integer
 
-        def initialize: (::Symbol status, WAF::data events, ::Float total_runtime, bool timeout, WAF::data actions, WAF::data derivatives) -> void
+        def initialize: (
+          status: ::Symbol,
+          events: WAF::data,
+          actions: WAF::data,
+          attributes: WAF::data,
+          duration: ::Integer,
+          timeout: bool,
+          keep: bool
+        ) -> void
 
         def mark_input_truncated!: () -> bool
 
+        def timeout?: () -> bool
+
+        def keep?: () -> bool
+
         def input_truncated?: () -> bool
+
+        def to_h: () -> ::Hash[::Symbol, WAF::data]
       end
     end
   end

data/sig/datadog/appsec/waf.rbs

@@ -1,18 +1,18 @@
 module Datadog
   module AppSec
     module WAF
-      type data = String | Symbol | Integer | Float | TrueClass | FalseClass | Array[data] | Hash[(String | Symbol | nil), data] | nil
+      type data = nil | bool | ::String | ::Symbol | ::Integer | ::Float | ::Array[data] | ::Hash[(::String | ::Symbol | nil), data]
       type known_addresses = ::Array[::String]
       type diagnostics = ::Hash[::String, untyped]
 
-      def self.version: () -> ::String
+      def self?.version: () -> ::String
 
       self.@logger: ::Logger
       self.@log_callback: LibDDWAF::ddwaf_log_cb
 
-      def self.log_callback: (LibDDWAF::ddwaf_log_level, ::String, ::String, ::Integer, ::FFI::Pointer, ::Integer) -> void
-      def self.logger: () -> ::Logger
-      def self.logger=: (::Logger logger) -> void
+      def self?.log_callback: (LibDDWAF::ddwaf_log_level, ::String, ::String, ::Integer, ::FFI::Pointer, ::Integer) -> void
+      def self?.logger: () -> ::Logger
+      def self?.logger=: (::Logger logger) -> void
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: libddwaf
 version: !ruby/object:Gem::Version
-  version: 1.24.1.2.0
+  version: 1.25.1.0.0
 platform: x86_64-darwin
 authors:
 - Datadog, Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-09-02 00:00:00.000000000 Z
+date: 2025-09-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -61,7 +61,7 @@ files:
 - sig/datadog/appsec/waf/result.rbs
 - sig/datadog/appsec/waf/version.rbs
 - sig/libddwaf.rbs
-- vendor/libddwaf/libddwaf-1.24.1-darwin-x86_64/lib/libddwaf.dylib
+- vendor/libddwaf/libddwaf-1.25.1-darwin-x86_64/lib/libddwaf.dylib
 - vendor/rbs/gem/0/gem.rbs
 - vendor/rbs/jruby/0/jruby.rbs
 homepage: https://github.com/DataDog/libddwaf-rb