libddwaf 1.11.0.0.0 → 1.14.0.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -2
- data/Steepfile +0 -1
- data/lib/datadog/appsec/waf/version.rb +1 -1
- data/lib/datadog/appsec/waf.rb +46 -17
- data/sig/datadog/appsec/waf.rbs +9 -5
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '058fd59aa02f0d4be3c917d5a01d68c868cb41b77c903ee28d7b2106e5945f02'
|
4
|
+
data.tar.gz: 5dcaa2c486a0de0ca591ca06775d29184b3a8d9f6da539fed1cfa583ad86db9e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0107d27ac04857784db5e789374a5b370d1afb92ec80cb31ed1289e154665c6216c20cbf7b4dc6a557db3cd14e65ebab38e4d52ed503f14b3c87d91b1869c32b
|
7
|
+
data.tar.gz: 5e7fe5e71a1a570705b5b950010e57b17c8c4bd1976fd7e97f35cc07eb7d0ac193198d52937950f88d609f4722b89551c4f79fe07dba11aaf2ef98cdbe54db07
|
data/CHANGELOG.md
CHANGED
@@ -1,8 +1,15 @@
|
|
1
|
+
# 2023-09-11 v.1.14.0.0.0
|
2
|
+
- Update to libddwaf 1.14.0
|
3
|
+
- Add support for `Float` and `Nil` scalar values when converting from ruby to WAF Object and vice versa.
|
4
|
+
|
5
|
+
|
1
6
|
# 2023-08-29 v.1.11.0.0.0
|
2
7
|
|
3
8
|
- Update to libddwaf 1.11.0
|
4
|
-
-
|
5
|
-
The schema of the
|
9
|
+
- Changed `Datadog::AppSec::WAF::Handle#ruleset_info` to `Datadog::AppSec::WAF::Handle#diagnostics``. (Breaking change)
|
10
|
+
The schema of the diagnostics variable can be found [here](https://github.com/DataDog/libddwaf/blob/master/schema/diagnostics.json)
|
11
|
+
- Changed `Datadog::AppSec::WAF::Result#data` to `Datadog::AppSec::WAF::Result#events`. (Breaking change)
|
12
|
+
The schema of the events variable can be found [here](https://github.com/DataDog/libddwaf/blob/master/schema/events.json)
|
6
13
|
|
7
14
|
|
8
15
|
# 2023-08-28 v.1.10.0.0.0
|
data/Steepfile
CHANGED
data/lib/datadog/appsec/waf.rb
CHANGED
@@ -111,7 +111,10 @@ module Datadog
|
|
111
111
|
:ddwaf_obj_string, 1 << 2,
|
112
112
|
:ddwaf_obj_array, 1 << 3,
|
113
113
|
:ddwaf_obj_map, 1 << 4,
|
114
|
-
:ddwaf_obj_bool, 1 << 5
|
114
|
+
:ddwaf_obj_bool, 1 << 5,
|
115
|
+
:ddwaf_obj_float, 1 << 6,
|
116
|
+
:ddwaf_obj_null, 1 << 7
|
117
|
+
|
115
118
|
typedef DDWAF_OBJ_TYPE, :ddwaf_obj_type
|
116
119
|
|
117
120
|
typedef :pointer, :charptr
|
@@ -140,7 +143,8 @@ module Datadog
|
|
140
143
|
:uintValue, :uint64,
|
141
144
|
:intValue, :int64,
|
142
145
|
:array, :pointer,
|
143
|
-
:boolean, :bool
|
146
|
+
:boolean, :bool,
|
147
|
+
:f64, :double
|
144
148
|
end
|
145
149
|
|
146
150
|
class Object < ::FFI::Struct
|
@@ -159,11 +163,13 @@ module Datadog
|
|
159
163
|
attach_function :ddwaf_object_string, [:ddwaf_object, :string], :ddwaf_object
|
160
164
|
attach_function :ddwaf_object_stringl, [:ddwaf_object, :charptr, :size_t], :ddwaf_object
|
161
165
|
attach_function :ddwaf_object_stringl_nc, [:ddwaf_object, :charptr, :size_t], :ddwaf_object
|
166
|
+
attach_function :ddwaf_object_string_from_unsigned, [:ddwaf_object, :uint64], :ddwaf_object
|
167
|
+
attach_function :ddwaf_object_string_from_signed, [:ddwaf_object, :int64], :ddwaf_object
|
162
168
|
attach_function :ddwaf_object_unsigned, [:ddwaf_object, :uint64], :ddwaf_object
|
163
169
|
attach_function :ddwaf_object_signed, [:ddwaf_object, :int64], :ddwaf_object
|
164
|
-
attach_function :ddwaf_object_unsigned_force, [:ddwaf_object, :uint64], :ddwaf_object
|
165
|
-
attach_function :ddwaf_object_signed_force, [:ddwaf_object, :int64], :ddwaf_object
|
166
170
|
attach_function :ddwaf_object_bool, [:ddwaf_object, :bool], :ddwaf_object
|
171
|
+
attach_function :ddwaf_object_null, [:ddwaf_object], :ddwaf_object
|
172
|
+
attach_function :ddwaf_object_float, [:ddwaf_object, :double], :ddwaf_object
|
167
173
|
|
168
174
|
attach_function :ddwaf_object_array, [:ddwaf_object], :ddwaf_object
|
169
175
|
attach_function :ddwaf_object_array_add, [:ddwaf_object, :ddwaf_object], :bool
|
@@ -184,6 +190,7 @@ module Datadog
|
|
184
190
|
attach_function :ddwaf_object_get_signed, [:ddwaf_object], :int64
|
185
191
|
attach_function :ddwaf_object_get_index, [:ddwaf_object, :size_t], :ddwaf_object
|
186
192
|
attach_function :ddwaf_object_get_bool, [:ddwaf_object], :bool
|
193
|
+
attach_function :ddwaf_object_get_float, [:ddwaf_object], :double
|
187
194
|
|
188
195
|
## freeers
|
189
196
|
|
@@ -239,10 +246,11 @@ module Datadog
|
|
239
246
|
attach_function :ddwaf_context_destroy, [:ddwaf_context], :void
|
240
247
|
|
241
248
|
class Result < ::FFI::Struct
|
242
|
-
layout :timeout,
|
243
|
-
:events,
|
244
|
-
:actions,
|
245
|
-
:
|
249
|
+
layout :timeout, :bool,
|
250
|
+
:events, Object,
|
251
|
+
:actions, Object,
|
252
|
+
:derivatives, Object,
|
253
|
+
:total_runtime, :uint64
|
246
254
|
end
|
247
255
|
|
248
256
|
typedef Result.by_ref, :ddwaf_result
|
@@ -280,7 +288,7 @@ module Datadog
|
|
280
288
|
LibDDWAF.ddwaf_get_version
|
281
289
|
end
|
282
290
|
|
283
|
-
# rubocop:disable Metrics/MethodLength
|
291
|
+
# rubocop:disable Metrics/MethodLength,Metrics/CyclomaticComplexity,Metrics/PerceivedComplexity
|
284
292
|
def self.ruby_to_object(val, max_container_size: nil, max_container_depth: nil, max_string_length: nil, coerce: true)
|
285
293
|
case val
|
286
294
|
when Array
|
@@ -358,9 +366,9 @@ module Datadog
|
|
358
366
|
res = if coerce
|
359
367
|
LibDDWAF.ddwaf_object_string(obj, val.to_s)
|
360
368
|
elsif val < 0
|
361
|
-
LibDDWAF.
|
369
|
+
LibDDWAF.ddwaf_object_signed(obj, val)
|
362
370
|
else
|
363
|
-
LibDDWAF.
|
371
|
+
LibDDWAF.ddwaf_object_unsigned(obj, val)
|
364
372
|
end
|
365
373
|
if res.null?
|
366
374
|
fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
|
@@ -369,7 +377,11 @@ module Datadog
|
|
369
377
|
obj
|
370
378
|
when Float
|
371
379
|
obj = LibDDWAF::Object.new
|
372
|
-
res =
|
380
|
+
res = if coerce
|
381
|
+
LibDDWAF.ddwaf_object_string(obj, val.to_s)
|
382
|
+
else
|
383
|
+
LibDDWAF.ddwaf_object_float(obj, val)
|
384
|
+
end
|
373
385
|
if res.null?
|
374
386
|
fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
|
375
387
|
end
|
@@ -386,16 +398,28 @@ module Datadog
|
|
386
398
|
fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
|
387
399
|
end
|
388
400
|
|
401
|
+
obj
|
402
|
+
when NilClass
|
403
|
+
obj = LibDDWAF::Object.new
|
404
|
+
res = if coerce
|
405
|
+
LibDDWAF.ddwaf_object_string(obj, '')
|
406
|
+
else
|
407
|
+
LibDDWAF.ddwaf_object_null(obj)
|
408
|
+
end
|
409
|
+
if res.null?
|
410
|
+
fail LibDDWAF::Error, "Could not convert into object: #{val.inspect}"
|
411
|
+
end
|
412
|
+
|
389
413
|
obj
|
390
414
|
else
|
391
415
|
ruby_to_object(''.freeze)
|
392
416
|
end
|
393
417
|
end
|
394
|
-
# rubocop:enable Metrics/MethodLength
|
418
|
+
# rubocop:enable Metrics/MethodLength,Metrics/CyclomaticComplexity,Metrics/PerceivedComplexity
|
395
419
|
|
396
420
|
def self.object_to_ruby(obj)
|
397
421
|
case obj[:type]
|
398
|
-
when :ddwaf_obj_invalid
|
422
|
+
when :ddwaf_obj_invalid, :ddwaf_obj_null
|
399
423
|
nil
|
400
424
|
when :ddwaf_obj_bool
|
401
425
|
obj[:valueUnion][:boolean]
|
@@ -405,6 +429,8 @@ module Datadog
|
|
405
429
|
obj[:valueUnion][:intValue]
|
406
430
|
when :ddwaf_obj_unsigned
|
407
431
|
obj[:valueUnion][:uintValue]
|
432
|
+
when :ddwaf_obj_float
|
433
|
+
obj[:valueUnion][:f64]
|
408
434
|
when :ddwaf_obj_array
|
409
435
|
(0...obj[:nbEntries]).each.with_object([]) do |i, a|
|
410
436
|
ptr = obj[:valueUnion][:array] + i * LibDDWAF::Object.size
|
@@ -561,14 +587,15 @@ module Datadog
|
|
561
587
|
end
|
562
588
|
|
563
589
|
class Result
|
564
|
-
attr_reader :status, :events, :total_runtime, :timeout, :actions
|
590
|
+
attr_reader :status, :events, :total_runtime, :timeout, :actions, :derivatives
|
565
591
|
|
566
|
-
def initialize(status, events, total_runtime, timeout, actions)
|
592
|
+
def initialize(status, events, total_runtime, timeout, actions, derivatives)
|
567
593
|
@status = status
|
568
594
|
@events = events
|
569
595
|
@total_runtime = total_runtime
|
570
596
|
@timeout = timeout
|
571
597
|
@actions = actions
|
598
|
+
@derivatives = derivatives
|
572
599
|
end
|
573
600
|
end
|
574
601
|
|
@@ -609,7 +636,8 @@ module Datadog
|
|
609
636
|
input_obj = Datadog::AppSec::WAF.ruby_to_object(input,
|
610
637
|
max_container_size: max_container_size,
|
611
638
|
max_container_depth: max_container_depth,
|
612
|
-
max_string_length: max_string_length
|
639
|
+
max_string_length: max_string_length,
|
640
|
+
coerce: false)
|
613
641
|
if input_obj.null?
|
614
642
|
fail LibDDWAF::Error, "Could not convert input: #{input.inspect}"
|
615
643
|
end
|
@@ -630,6 +658,7 @@ module Datadog
|
|
630
658
|
result_obj[:total_runtime],
|
631
659
|
result_obj[:timeout],
|
632
660
|
Datadog::AppSec::WAF.object_to_ruby(result_obj[:actions]),
|
661
|
+
Datadog::AppSec::WAF.object_to_ruby(result_obj[:derivatives]),
|
633
662
|
)
|
634
663
|
|
635
664
|
[RESULT_CODE[code], result]
|
data/sig/datadog/appsec/waf.rbs
CHANGED
@@ -52,9 +52,11 @@ module Datadog
|
|
52
52
|
def self.ddwaf_object_stringl_nc: (LibDDWAF::Object, ::String, ::Integer) -> ::FFI::Pointer
|
53
53
|
def self.ddwaf_object_unsigned: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
|
54
54
|
def self.ddwaf_object_signed: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
|
55
|
-
def self.
|
56
|
-
def self.
|
55
|
+
def self.ddwaf_object_string_from_unsigned: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
|
56
|
+
def self.ddwaf_object_string_from_signed: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
|
57
57
|
def self.ddwaf_object_bool: (LibDDWAF::Object, bool) -> ::FFI::Pointer
|
58
|
+
def self.ddwaf_object_float: (LibDDWAF::Object, ::Float) -> ::FFI::Pointer
|
59
|
+
def self.ddwaf_object_null: (LibDDWAF::Object) -> ::FFI::Pointer
|
58
60
|
|
59
61
|
def self.ddwaf_object_array: (LibDDWAF::Object) -> ::FFI::Pointer
|
60
62
|
def self.ddwaf_object_array_add: (LibDDWAF::Object, LibDDWAF::Object) -> bool
|
@@ -75,6 +77,7 @@ module Datadog
|
|
75
77
|
def self.ddwaf_object_get_signed: (LibDDWAF::Object, SizeTPtr) -> ::Integer
|
76
78
|
def self.ddwaf_object_get_index: (LibDDWAF::Object, ::Integer) -> LibDDWAF::Object
|
77
79
|
def self.ddwaf_object_get_bool: (LibDDWAF::Object) -> bool
|
80
|
+
def self.ddwaf_object_get_float: (LibDDWAF::Object) -> ::Float
|
78
81
|
|
79
82
|
# freeers
|
80
83
|
|
@@ -139,9 +142,9 @@ module Datadog
|
|
139
142
|
|
140
143
|
def self.version: () -> ::String
|
141
144
|
|
142
|
-
type data = String | Symbol | Integer | Float | TrueClass | FalseClass | Array[data] | Hash[String | Symbol, data] | nil
|
145
|
+
type data = String | Symbol | Integer | Float | TrueClass | FalseClass | Array[data] | Hash[(String | Symbol | nil), data] | nil
|
143
146
|
|
144
|
-
def self.ruby_to_object: (
|
147
|
+
def self.ruby_to_object: (top val, ?max_container_size: ::Integer?, ?max_container_depth: ::Integer?, ?max_string_length: ::Integer?, ?coerce: bool?) -> ::Datadog::AppSec::WAF::LibDDWAF::Object
|
145
148
|
def self.object_to_ruby: (::Datadog::AppSec::WAF::LibDDWAF::Object obj) -> data
|
146
149
|
|
147
150
|
self.@logger: ::Logger
|
@@ -180,8 +183,9 @@ module Datadog
|
|
180
183
|
attr_reader total_runtime: ::Float
|
181
184
|
attr_reader timeout: bool
|
182
185
|
attr_reader actions: data
|
186
|
+
attr_reader derivatives: data
|
183
187
|
|
184
|
-
def initialize: (::Symbol, data, ::Float, bool, data) -> void
|
188
|
+
def initialize: (::Symbol, data, ::Float, bool, data, data) -> void
|
185
189
|
end
|
186
190
|
|
187
191
|
class Context
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: libddwaf
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.14.0.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Datadog, Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-09-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ffi
|