libddwaf 1.7.0.0.0 → 1.8.2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/lib/datadog/appsec/waf/version.rb +1 -1
- data/lib/datadog/appsec/waf.rb +24 -31
- data/sig/datadog/appsec/waf.rbs +4 -11
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 30f298fcc92fb8b2489965b0b4710e22de5b3350a53a7bcd2cde8b08ba093cbc
|
|
4
|
+
data.tar.gz: 88e66343e82297fdb2cb5471be19dbd84642128c8e899c77b98f67932688a21a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b6518befb55b60e1ac680a588ebaa30b913e775e54af30d1b99529fefd05d1943c4bc6c09adcaa2683a4a3367c987adda9fdf309f1967d29a8b41ec1a5c152e9
|
|
7
|
+
data.tar.gz: 561d74e78f7699287a2981599fb448438dadd6f76424d1822adf6f3d2ebe76cfc56f93c19bbac9ee3d4b501040fc0c54e533919d3b57a87a11ad8d13d042bcd5
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
# 2023-03-03 v1.8.2.0.0
|
|
2
|
+
|
|
3
|
+
- Update to libddwaf 1.8.2
|
|
4
|
+
- Added Waf::Handle#merge method
|
|
5
|
+
- Remove Waf::Handle#update_rule_data and Waf::Handle#toggle_rules methods
|
|
6
|
+
- Remove WAF::LibDDWAF.ddwaf_required_rule_data_ids method
|
|
7
|
+
|
|
1
8
|
# 2023-02-03 v1.7.0.0.0
|
|
2
9
|
|
|
3
10
|
- Update to libddwaf 1.7.0
|
data/lib/datadog/appsec/waf.rb
CHANGED
|
@@ -228,10 +228,10 @@ module Datadog
|
|
|
228
228
|
attach_function :ddwaf_ruleset_info_free, [:ddwaf_ruleset_info], :void
|
|
229
229
|
|
|
230
230
|
attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_ruleset_info], :ddwaf_handle
|
|
231
|
+
attach_function :ddwaf_update, [:ddwaf_handle, :ddwaf_object, :ddwaf_ruleset_info], :ddwaf_handle
|
|
231
232
|
attach_function :ddwaf_destroy, [:ddwaf_handle], :void
|
|
232
233
|
|
|
233
234
|
attach_function :ddwaf_required_addresses, [:ddwaf_handle, UInt32Ptr], :charptrptr
|
|
234
|
-
attach_function :ddwaf_required_rule_data_ids, [:ddwaf_handle, UInt32Ptr], :charptrptr
|
|
235
235
|
|
|
236
236
|
# updating
|
|
237
237
|
|
|
@@ -242,9 +242,6 @@ module Datadog
|
|
|
242
242
|
:ddwaf_match, 1
|
|
243
243
|
typedef DDWAF_RET_CODE, :ddwaf_ret_code
|
|
244
244
|
|
|
245
|
-
attach_function :ddwaf_update_rule_data, [:ddwaf_handle, :ddwaf_object], :ddwaf_ret_code
|
|
246
|
-
attach_function :ddwaf_toggle_rules, [:ddwaf_handle, :ddwaf_object], :ddwaf_ret_code
|
|
247
|
-
|
|
248
245
|
# running
|
|
249
246
|
|
|
250
247
|
typedef :pointer, :ddwaf_context
|
|
@@ -478,9 +475,7 @@ module Datadog
|
|
|
478
475
|
}
|
|
479
476
|
|
|
480
477
|
class Handle
|
|
481
|
-
attr_reader :handle_obj
|
|
482
|
-
|
|
483
|
-
attr_reader :ruleset_info
|
|
478
|
+
attr_reader :handle_obj, :ruleset_info, :config
|
|
484
479
|
|
|
485
480
|
def initialize(rule, limits: {}, obfuscator: {})
|
|
486
481
|
rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
|
|
@@ -492,7 +487,6 @@ module Datadog
|
|
|
492
487
|
if config_obj.null?
|
|
493
488
|
fail LibDDWAF::Error, 'Could not create config struct'
|
|
494
489
|
end
|
|
495
|
-
retain(config_obj)
|
|
496
490
|
|
|
497
491
|
config_obj[:limits][:max_container_size] = limits[:max_container_size] || LibDDWAF::DEFAULT_MAX_CONTAINER_SIZE
|
|
498
492
|
config_obj[:limits][:max_container_depth] = limits[:max_container_depth] || LibDDWAF::DEFAULT_MAX_CONTAINER_DEPTH
|
|
@@ -501,6 +495,8 @@ module Datadog
|
|
|
501
495
|
config_obj[:obfuscator][:value_regex] = FFI::MemoryPointer.from_string(obfuscator[:value_regex]) if obfuscator[:value_regex]
|
|
502
496
|
config_obj[:free_fn] = Datadog::AppSec::WAF::LibDDWAF::ObjectNoFree
|
|
503
497
|
|
|
498
|
+
@config = config_obj
|
|
499
|
+
|
|
504
500
|
ruleset_info = LibDDWAF::RuleSetInfo.new
|
|
505
501
|
|
|
506
502
|
@handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj, ruleset_info)
|
|
@@ -539,26 +535,35 @@ module Datadog
|
|
|
539
535
|
list.get_array_of_string(0, count[:value])
|
|
540
536
|
end
|
|
541
537
|
|
|
542
|
-
def
|
|
538
|
+
def merge(data)
|
|
543
539
|
data_obj = Datadog::AppSec::WAF.ruby_to_object(data, coerce: false)
|
|
544
|
-
|
|
540
|
+
ruleset_info = LibDDWAF::RuleSetInfo.new
|
|
541
|
+
new_handle = Datadog::AppSec::WAF::LibDDWAF.ddwaf_update(handle_obj, data_obj, ruleset_info)
|
|
545
542
|
|
|
546
|
-
|
|
543
|
+
return if new_handle.null?
|
|
544
|
+
|
|
545
|
+
info = {
|
|
546
|
+
loaded: ruleset_info[:loaded],
|
|
547
|
+
failed: ruleset_info[:failed],
|
|
548
|
+
errors: WAF.object_to_ruby(ruleset_info[:errors]),
|
|
549
|
+
version: ruleset_info[:version],
|
|
550
|
+
}
|
|
551
|
+
new_from_handle(new_handle, info, config)
|
|
547
552
|
ensure
|
|
548
553
|
Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(data_obj) if data_obj
|
|
554
|
+
Datadog::AppSec::WAF::LibDDWAF.ddwaf_ruleset_info_free(ruleset_info) if ruleset_info
|
|
549
555
|
end
|
|
550
556
|
|
|
551
|
-
|
|
552
|
-
map_obj = Datadog::AppSec::WAF.ruby_to_object(map, coerce: false)
|
|
553
|
-
res = Datadog::AppSec::WAF::LibDDWAF.ddwaf_toggle_rules(@handle_obj, map_obj)
|
|
557
|
+
private
|
|
554
558
|
|
|
555
|
-
|
|
556
|
-
|
|
557
|
-
|
|
559
|
+
def new_from_handle(handle_object, info, config)
|
|
560
|
+
obj = self.class.allocate
|
|
561
|
+
obj.instance_variable_set(:@handle_obj, handle_object)
|
|
562
|
+
obj.instance_variable_set(:@ruleset_info, info)
|
|
563
|
+
obj.instance_variable_set(:@config, config)
|
|
564
|
+
obj
|
|
558
565
|
end
|
|
559
566
|
|
|
560
|
-
private
|
|
561
|
-
|
|
562
567
|
def validate!
|
|
563
568
|
@valid = true
|
|
564
569
|
end
|
|
@@ -576,18 +581,6 @@ module Datadog
|
|
|
576
581
|
|
|
577
582
|
fail LibDDWAF::Error, "Attempt to use an invalid instance: #{inspect}"
|
|
578
583
|
end
|
|
579
|
-
|
|
580
|
-
def retained
|
|
581
|
-
@retained ||= []
|
|
582
|
-
end
|
|
583
|
-
|
|
584
|
-
def retain(object)
|
|
585
|
-
retained << object
|
|
586
|
-
end
|
|
587
|
-
|
|
588
|
-
def release(object)
|
|
589
|
-
retained.delete(object)
|
|
590
|
-
end
|
|
591
584
|
end
|
|
592
585
|
|
|
593
586
|
class Result
|
data/sig/datadog/appsec/waf.rbs
CHANGED
|
@@ -101,6 +101,7 @@ module Datadog
|
|
|
101
101
|
def self.ddwaf_ruleset_info_free: (RuleSetInfo) -> void
|
|
102
102
|
|
|
103
103
|
def self.ddwaf_init: (top, Config, RuleSetInfo) -> ::FFI::Pointer
|
|
104
|
+
def self.ddwaf_update: (::FFI::Pointer, LibDDWAF::Object, RuleSetInfo) -> ::FFI::Pointer
|
|
104
105
|
def self.ddwaf_destroy: (::FFI::Pointer) -> void
|
|
105
106
|
|
|
106
107
|
def self.ddwaf_required_addresses: (::FFI::Pointer, UInt32Ptr) -> ::FFI::Pointer
|
|
@@ -110,9 +111,6 @@ module Datadog
|
|
|
110
111
|
|
|
111
112
|
DDWAF_RET_CODE: ::FFI::Enum
|
|
112
113
|
|
|
113
|
-
def self.ddwaf_update_rule_data: (::FFI::Pointer, LibDDWAF::Object) -> ::Symbol
|
|
114
|
-
def self.ddwaf_toggle_rules: (::FFI::Pointer, LibDDWAF::Object) -> ::Symbol
|
|
115
|
-
|
|
116
114
|
# running
|
|
117
115
|
|
|
118
116
|
def self.ddwaf_context_init: (::FFI::Pointer) -> ::FFI::Pointer
|
|
@@ -168,27 +166,22 @@ module Datadog
|
|
|
168
166
|
class Handle
|
|
169
167
|
attr_reader handle_obj: ::FFI::Pointer
|
|
170
168
|
attr_reader ruleset_info: Hash[Symbol, untyped]
|
|
169
|
+
attr_reader config: WAF::LibDDWAF::Config
|
|
171
170
|
|
|
172
171
|
def initialize: (data rule, ?limits: ::Hash[::Symbol, ::Integer], ?obfuscator: ::Hash[::Symbol, ::String]) -> void
|
|
173
172
|
def finalize: () -> untyped
|
|
174
173
|
def required_addresses: () -> ::Array[::String]
|
|
175
|
-
def
|
|
176
|
-
def toggle_rules: (::Hash[::String, bool]) -> ::Symbol
|
|
174
|
+
def update: (untyped data) -> Handle
|
|
177
175
|
|
|
178
176
|
private
|
|
179
177
|
|
|
180
178
|
@valid: bool
|
|
181
179
|
|
|
180
|
+
def new_from_handle: (::FFI::Pointer handle_object, Hash[Symbol, untyped] info, WAF::LibDDWAF::Config config) -> untyped
|
|
182
181
|
def validate!: () -> void
|
|
183
182
|
def invalidate!: () -> void
|
|
184
183
|
def valid?: () -> (nil | bool)
|
|
185
184
|
def valid!: () -> void
|
|
186
|
-
|
|
187
|
-
@retained: Array[untyped]
|
|
188
|
-
|
|
189
|
-
def retained: () -> Array[untyped]
|
|
190
|
-
def retain: (top object) -> void
|
|
191
|
-
def release: (top object) -> void
|
|
192
185
|
end
|
|
193
186
|
|
|
194
187
|
type result_data = Array[untyped] | nil
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: libddwaf
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.8.2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Datadog, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-03-
|
|
11
|
+
date: 2023-03-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ffi
|