libddwaf 1.10.0.0.0 → 1.11.0.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +11 -0
  3. data/lib/datadog/appsec/waf/version.rb +1 -1
  4. data/lib/datadog/appsec/waf.rb +26 -59
  5. data/sig/datadog/appsec/waf.rbs +10 -22
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 856059b09f92992e36ec1bff0fa9587ec9a2fa242bb525a2ca2f8cc4b31da6ee
4
- data.tar.gz: 59b33db57f599533d86db3149285986618400904ba4733a3d31aad64f22f40ef
3
+ metadata.gz: a81f6cc78531db0b34041a7d24f0cc782554124bbccd05340bcdc940686fc016
4
+ data.tar.gz: 7c92e8bc95465d9bf326648483d2d7a60ceec7629bd842deaf1f36cfc355f0aa
5
5
  SHA512:
6
- metadata.gz: 5112da5879361ddc0b7a52d8d7d09fd1c8ea69c4aebd8385a524f563e5bb1750395eb5cab57cfacee428baf7691e7d8445a8328ae88238fe9e1b1cf3264e2a0f
7
- data.tar.gz: 1a1cf2c96a16e34a3795fc67fb31de6f06c8babd9a912e6e208a85b638edbbf02ec435f1b7f389af207c3641355068d789146aaf03850a01af3709cae0d8c1cb
6
+ metadata.gz: 38691a5c6731218f61e9f384126d01210b7e5fcbb5de075c91efceb5da0403056720a5c3026baad76820c31ff1f4f30bfde949f022110ee2681427ed9c842b58
7
+ data.tar.gz: 1ccfcc3eedbd47a72add509225f9337c5ab930e33591bdee5423854e716ea97189e64b32ce2df5a163257a604500cce51d9c3ced226fdc7efcc5cf814548b491
data/CHANGELOG.md CHANGED
@@ -1,3 +1,14 @@
1
+ # 2023-08-29 v.1.11.0.0.0
2
+
3
+ - Update to libddwaf 1.11.0
4
+ - Rename Handle#ruleset_info to Handle#diagnostics. (Breaking change)
5
+ The schema of the new diagnostics variable can be [here](https://github.com/DataDog/libddwaf/blob/master/schema/diagnostics.json)
6
+
7
+
8
+ # 2023-08-28 v.1.10.0.0.0
9
+
10
+ - Update to libddwaf 1.10.0
11
+
1
12
  # 2023-06-13 v.1.9.0.0.1
2
13
 
3
14
  - Handle invalid encoding
data/lib/datadog/appsec/waf/version.rb CHANGED
@@ -2,7 +2,7 @@ module Datadog
2
2
  module AppSec
3
3
  module WAF
4
4
  module VERSION
5
- BASE_STRING = '1.10.0'
5
+ BASE_STRING = '1.11.0'
6
6
  STRING = "#{BASE_STRING}.0.0"
7
7
  MINIMUM_RUBY_VERSION = '2.1'
8
8
  end
data/lib/datadog/appsec/waf.rb CHANGED
@@ -8,10 +8,10 @@ module Datadog
8
8
  module WAF
9
9
  module LibDDWAF
10
10
  class Error < StandardError
11
- attr_reader :ruleset_info
11
+ attr_reader :diagnostics
12
12
 
13
- def initialize(msg, ruleset_info: nil)
14
- @ruleset_info = ruleset_info
13
+ def initialize(msg, diagnostics: nil)
14
+ @diagnostics = diagnostics
15
15
  end
16
16
  end
17
17
 
@@ -216,20 +216,8 @@ module Datadog
216
216
 
217
217
  typedef Config.by_ref, :ddwaf_config
218
218
 
219
- class RuleSetInfo < ::FFI::Struct
220
- layout :loaded, :uint16,
221
- :failed, :uint16,
222
- :errors, Object,
223
- :version, :string
224
- end
225
-
226
- typedef RuleSetInfo.by_ref, :ddwaf_ruleset_info
227
- RuleSetInfoNone = Datadog::AppSec::WAF::LibDDWAF::RuleSetInfo.new(::FFI::Pointer::NULL)
228
-
229
- attach_function :ddwaf_ruleset_info_free, [:ddwaf_ruleset_info], :void
230
-
231
- attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_ruleset_info], :ddwaf_handle
232
- attach_function :ddwaf_update, [:ddwaf_handle, :ddwaf_object, :ddwaf_ruleset_info], :ddwaf_handle
219
+ attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_object], :ddwaf_handle
220
+ attach_function :ddwaf_update, [:ddwaf_handle, :ddwaf_object, :ddwaf_object], :ddwaf_handle
233
221
  attach_function :ddwaf_destroy, [:ddwaf_handle], :void
234
222
 
235
223
  attach_function :ddwaf_required_addresses, [:ddwaf_handle, UInt32Ptr], :charptrptr
@@ -250,15 +238,10 @@ module Datadog
250
238
  attach_function :ddwaf_context_init, [:ddwaf_handle], :ddwaf_context
251
239
  attach_function :ddwaf_context_destroy, [:ddwaf_context], :void
252
240
 
253
- class ResultActions < ::FFI::Struct
254
- layout :array, :charptrptr,
255
- :size, :uint32
256
- end
257
-
258
241
  class Result < ::FFI::Struct
259
- layout :timeout, :bool,
260
- :data, :string,
261
- :actions, ResultActions,
242
+ layout :timeout, :bool,
243
+ :events, Object,
244
+ :actions, Object,
262
245
  :total_runtime, :uint64
263
246
  end
264
247
 
@@ -479,7 +462,7 @@ module Datadog
479
462
  }
480
463
 
481
464
  class Handle
482
- attr_reader :handle_obj, :ruleset_info, :config
465
+ attr_reader :handle_obj, :diagnostics, :config
483
466
 
484
467
  def initialize(rule, limits: {}, obfuscator: {})
485
468
  rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
@@ -501,24 +484,19 @@ module Datadog
501
484
 
502
485
  @config = config_obj
503
486
 
504
- ruleset_info = LibDDWAF::RuleSetInfo.new
487
+ diagnostics_obj = Datadog::AppSec::WAF::LibDDWAF::Object.new
505
488
 
506
- @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj, ruleset_info)
489
+ @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj, diagnostics_obj)
507
490
 
508
- @ruleset_info = {
509
- loaded: ruleset_info[:loaded],
510
- failed: ruleset_info[:failed],
511
- errors: WAF.object_to_ruby(ruleset_info[:errors]),
512
- version: ruleset_info[:version],
513
- }
491
+ @diagnostics = Datadog::AppSec::WAF.object_to_ruby(diagnostics_obj)
514
492
 
515
493
  if @handle_obj.null?
516
- fail LibDDWAF::Error.new('Could not create handle', ruleset_info: @ruleset_info)
494
+ fail LibDDWAF::Error.new('Could not create handle', diagnostics: @diagnostics)
517
495
  end
518
496
 
519
497
  validate!
520
498
  ensure
521
- Datadog::AppSec::WAF::LibDDWAF.ddwaf_ruleset_info_free(ruleset_info) if ruleset_info
499
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(diagnostics_obj) if diagnostics_obj
522
500
  Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
523
501
  end
524
502
 
@@ -541,29 +519,24 @@ module Datadog
541
519
 
542
520
  def merge(data)
543
521
  data_obj = Datadog::AppSec::WAF.ruby_to_object(data, coerce: false)
544
- ruleset_info = LibDDWAF::RuleSetInfo.new
545
- new_handle = Datadog::AppSec::WAF::LibDDWAF.ddwaf_update(handle_obj, data_obj, ruleset_info)
522
+ diagnostics_obj = LibDDWAF::Object.new
523
+ new_handle = Datadog::AppSec::WAF::LibDDWAF.ddwaf_update(handle_obj, data_obj, diagnostics_obj)
546
524
 
547
525
  return if new_handle.null?
548
526
 
549
- info = {
550
- loaded: ruleset_info[:loaded],
551
- failed: ruleset_info[:failed],
552
- errors: WAF.object_to_ruby(ruleset_info[:errors]),
553
- version: ruleset_info[:version],
554
- }
555
- new_from_handle(new_handle, info, config)
527
+ diagnostics = Datadog::AppSec::WAF.object_to_ruby(diagnostics_obj)
528
+ new_from_handle(new_handle, diagnostics, config)
556
529
  ensure
557
530
  Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(data_obj) if data_obj
558
- Datadog::AppSec::WAF::LibDDWAF.ddwaf_ruleset_info_free(ruleset_info) if ruleset_info
531
+ Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(diagnostics_obj) if diagnostics_obj
559
532
  end
560
533
 
561
534
  private
562
535
 
563
- def new_from_handle(handle_object, info, config)
536
+ def new_from_handle(handle_object, diagnostics, config)
564
537
  obj = self.class.allocate
565
538
  obj.instance_variable_set(:@handle_obj, handle_object)
566
- obj.instance_variable_set(:@ruleset_info, info)
539
+ obj.instance_variable_set(:@diagnostics, diagnostics)
567
540
  obj.instance_variable_set(:@config, config)
568
541
  obj
569
542
  end
@@ -588,11 +561,11 @@ module Datadog
588
561
  end
589
562
 
590
563
  class Result
591
- attr_reader :status, :data, :total_runtime, :timeout, :actions
564
+ attr_reader :status, :events, :total_runtime, :timeout, :actions
592
565
 
593
- def initialize(status, data, total_runtime, timeout, actions)
566
+ def initialize(status, events, total_runtime, timeout, actions)
594
567
  @status = status
595
- @data = data
568
+ @events = events
596
569
  @total_runtime = total_runtime
597
570
  @timeout = timeout
598
571
  @actions = actions
@@ -651,18 +624,12 @@ module Datadog
651
624
 
652
625
  code = Datadog::AppSec::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
653
626
 
654
- actions = if result_obj[:actions][:size] > 0
655
- result_obj[:actions][:array].get_array_of_string(0, result_obj[:actions][:size])
656
- else
657
- []
658
- end
659
-
660
627
  result = Result.new(
661
628
  RESULT_CODE[code],
662
- (JSON.parse(result_obj[:data]) if result_obj[:data] != nil),
629
+ Datadog::AppSec::WAF.object_to_ruby(result_obj[:events]),
663
630
  result_obj[:total_runtime],
664
631
  result_obj[:timeout],
665
- actions,
632
+ Datadog::AppSec::WAF.object_to_ruby(result_obj[:actions]),
666
633
  )
667
634
 
668
635
  [RESULT_CODE[code], result]
data/sig/datadog/appsec/waf.rbs CHANGED
@@ -3,9 +3,9 @@ module Datadog
3
3
  module WAF
4
4
  module LibDDWAF
5
5
  class Error < StandardError
6
- attr_reader ruleset_info: Hash[Symbol, untyped] | nil
6
+ attr_reader diagnostics: ::Datadog::AppSec::WAF::data
7
7
 
8
- def initialize: (::String msg, ?ruleset_info: Hash[Symbol, untyped]?) -> void
8
+ def initialize: (::String msg, ?diagnostics: ::Datadog::AppSec::WAF::data?) -> void
9
9
  end
10
10
 
11
11
  extend ::FFI::Library
@@ -93,15 +93,8 @@ module Datadog
93
93
  end
94
94
  end
95
95
 
96
- class RuleSetInfo < ::FFI::Struct
97
- end
98
-
99
- RuleSetInfoNone: ::Datadog::AppSec::WAF::LibDDWAF::RuleSetInfo
100
-
101
- def self.ddwaf_ruleset_info_free: (RuleSetInfo) -> void
102
-
103
- def self.ddwaf_init: (top, Config, RuleSetInfo) -> ::FFI::Pointer
104
- def self.ddwaf_update: (::FFI::Pointer, LibDDWAF::Object, RuleSetInfo) -> ::FFI::Pointer
96
+ def self.ddwaf_init: (top, Config, Object) -> ::FFI::Pointer
97
+ def self.ddwaf_update: (::FFI::Pointer, LibDDWAF::Object, LibDDWAF::Object) -> ::FFI::Pointer
105
98
  def self.ddwaf_destroy: (::FFI::Pointer) -> void
106
99
 
107
100
  def self.ddwaf_required_addresses: (::FFI::Pointer, UInt32Ptr) -> ::FFI::Pointer
@@ -116,9 +109,6 @@ module Datadog
116
109
  def self.ddwaf_context_init: (::FFI::Pointer) -> ::FFI::Pointer
117
110
  def self.ddwaf_context_destroy: (::FFI::Pointer) -> void
118
111
 
119
- class ResultActions < ::FFI::Struct
120
- end
121
-
122
112
  class Result < ::FFI::Struct
123
113
  end
124
114
 
@@ -165,35 +155,33 @@ module Datadog
165
155
 
166
156
  class Handle
167
157
  attr_reader handle_obj: ::FFI::Pointer
168
- attr_reader ruleset_info: Hash[Symbol, untyped]
158
+ attr_reader diagnostics: data
169
159
  attr_reader config: WAF::LibDDWAF::Config
170
160
 
171
161
  def initialize: (data rule, ?limits: ::Hash[::Symbol, ::Integer], ?obfuscator: ::Hash[::Symbol, ::String]) -> void
172
162
  def finalize: () -> untyped
173
163
  def required_addresses: () -> ::Array[::String]
174
- def update: (untyped data) -> Handle
164
+ def merge: (untyped data) -> Handle?
175
165
 
176
166
  private
177
167
 
178
168
  @valid: bool
179
169
 
180
- def new_from_handle: (::FFI::Pointer handle_object, Hash[Symbol, untyped] info, WAF::LibDDWAF::Config config) -> untyped
170
+ def new_from_handle: (::FFI::Pointer handle_object, data diagnostics, WAF::LibDDWAF::Config config) -> untyped
181
171
  def validate!: () -> void
182
172
  def invalidate!: () -> void
183
173
  def valid?: () -> (nil | bool)
184
174
  def valid!: () -> void
185
175
  end
186
176
 
187
- type result_data = Array[untyped] | nil
188
-
189
177
  class Result
190
178
  attr_reader status: ::Symbol
191
- attr_reader data: untyped
179
+ attr_reader events: data
192
180
  attr_reader total_runtime: ::Float
193
181
  attr_reader timeout: bool
194
- attr_reader actions: ::Array[::String]
182
+ attr_reader actions: data
195
183
 
196
- def initialize: (::Symbol, result_data, ::Float, bool, ::Array[::String]) -> void
184
+ def initialize: (::Symbol, data, ::Float, bool, data) -> void
197
185
  end
198
186
 
199
187
  class Context
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libddwaf
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.10.0.0.0
4
+ version: 1.11.0.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Datadog, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-28 00:00:00.000000000 Z
11
+ date: 2023-08-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi