libddwaf 1.3.0.0.0 → 1.3.0.1.0.beta1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/datadog/appsec/waf/version.rb +1 -1
  3. data/lib/datadog/appsec/waf.rb +37 -10
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e8b78667a6dfc507d91c8336a177dd479ac79cb70bb4f1080d5ae6387205616f
4
- data.tar.gz: f587ef6e280ccb7d82acc6075e1db5c45760edf724b2c19323872f5061ef8807
3
+ metadata.gz: f08099f754c71a8e53726a1630a854024e2f07f61eb4e97766a03d8cf577b5ba
4
+ data.tar.gz: be443d67e7ec09184360498e01b25e3820922df0bc3cb2c0c922e3f8e730b422
5
5
  SHA512:
6
- metadata.gz: 6294b519d6c4c0b79fabca6eae2d1495c312df079a5a54e6f30496715b722bd586fc281df70d04a0149c178984eb25ed563f98f7eedab207fc188d2ca88de889
7
- data.tar.gz: f8b10e577377dfe4ad813c991aca6dbe4eacf1abe518f002ee52194bd9749605f8968fad5d88a5f6c8305a081681580f187b640257b51c103ede8e7ce49b7ada
6
+ metadata.gz: c0444eee4ac5ce5eb1b0f0116a65dc8a5b743bee9963cc93832904355340f2489a11805086e871cdd7bb928ba8a217aebdc3cff824b2f5c134daea8716a1863a
7
+ data.tar.gz: f01abfb200387bd70574f95285b9c9681ba1bafb43548d8abc522a3c63f5bcacd3738a8617b02b4949b8582ce67627f9f54fb04fced1b9b2c4e2ff342886ae04
data/lib/datadog/appsec/waf/version.rb CHANGED
@@ -3,7 +3,7 @@ module Datadog
3
3
  module WAF
4
4
  module VERSION
5
5
  BASE_STRING = '1.3.0'
6
- STRING = "#{BASE_STRING}.0.0"
6
+ STRING = "#{BASE_STRING}.1.0.beta1"
7
7
  MINIMUM_RUBY_VERSION = '2.1'
8
8
  end
9
9
  end
data/lib/datadog/appsec/waf.rb CHANGED
@@ -6,7 +6,13 @@ module Datadog
6
6
  module AppSec
7
7
  module WAF
8
8
  module LibDDWAF
9
- class Error < StandardError; end
9
+ class Error < StandardError
10
+ attr_reader :ruleset_info
11
+
12
+ def initialize(msg, ruleset_info: nil)
13
+ @ruleset_info = ruleset_info
14
+ end
15
+ end
10
16
 
11
17
  extend ::FFI::Library
12
18
 
@@ -158,8 +164,8 @@ module Datadog
158
164
  end
159
165
 
160
166
  class Obfuscator < ::FFI::Struct
161
- layout :key_regex, :string,
162
- :value_regex, :string
167
+ layout :key_regex, :pointer, # :charptr
168
+ :value_regex, :pointer # :charptr
163
169
  end
164
170
 
165
171
  layout :limits, Limits,
@@ -183,7 +189,7 @@ module Datadog
183
189
  attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_ruleset_info], :ddwaf_handle
184
190
  attach_function :ddwaf_destroy, [:ddwaf_handle], :void
185
191
 
186
- attach_function :ddwaf_required_addresses, [:ddwaf_handle, :uint32ptr], :charptrptr
192
+ attach_function :ddwaf_required_addresses, [:ddwaf_handle, UInt32Ptr], :charptrptr
187
193
 
188
194
  # running
189
195
 
@@ -354,7 +360,9 @@ module Datadog
354
360
  DEFAULT_MAX_CONTAINER_DEPTH = 0
355
361
  DEFAULT_MAX_STRING_LENGTH = 0
356
362
 
357
- def initialize(rule, config = {})
363
+ attr_reader :ruleset_info
364
+
365
+ def initialize(rule, limits: {}, obfuscator: {})
358
366
  rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
359
367
  if rule_obj.null? || rule_obj[:type] == :ddwaf_object_invalid
360
368
  fail LibDDWAF::Error, "Could not convert object #{rule.inspect}"
@@ -365,15 +373,25 @@ module Datadog
365
373
  fail LibDDWAF::Error, 'Could not create config struct'
366
374
  end
367
375
 
368
- config_obj[:limits][:max_container_size] = config[:max_container_size] || DEFAULT_MAX_CONTAINER_SIZE
369
- config_obj[:limits][:max_container_depth] = config[:max_container_depth] || DEFAULT_MAX_CONTAINER_DEPTH
370
- config_obj[:limits][:max_string_length] = config[:max_string_length] || DEFAULT_MAX_STRING_LENGTH
376
+ config_obj[:limits][:max_container_size] = limits[:max_container_size] || DEFAULT_MAX_CONTAINER_SIZE
377
+ config_obj[:limits][:max_container_depth] = limits[:max_container_depth] || DEFAULT_MAX_CONTAINER_DEPTH
378
+ config_obj[:limits][:max_string_length] = limits[:max_string_length] || DEFAULT_MAX_STRING_LENGTH
379
+ config_obj[:obfuscator][:key_regex] = FFI::MemoryPointer.from_string(obfuscator[:key_regex]) if obfuscator[:key_regex]
380
+ config_obj[:obfuscator][:value_regex] = FFI::MemoryPointer.from_string(obfuscator[:value_regex]) if obfuscator[:value_regex]
371
381
 
372
- ruleset_info = LibDDWAF::RuleSetInfoNone
382
+ ruleset_info = LibDDWAF::RuleSetInfo.new
373
383
 
374
384
  @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj, ruleset_info)
385
+
386
+ @ruleset_info = {
387
+ loaded: ruleset_info[:loaded],
388
+ failed: ruleset_info[:failed],
389
+ errors: WAF.object_to_ruby(ruleset_info[:errors]),
390
+ version: ruleset_info[:version],
391
+ }
392
+
375
393
  if @handle_obj.null?
376
- fail LibDDWAF::Error, 'Could not create handle'
394
+ fail LibDDWAF::Error.new('Could not create handle', ruleset_info: @ruleset_info)
377
395
  end
378
396
 
379
397
  ObjectSpace.define_finalizer(self, Handle.finalizer(handle_obj))
@@ -387,6 +405,15 @@ module Datadog
387
405
  Datadog::AppSec::WAF::LibDDWAF.ddwaf_destroy(handle_obj)
388
406
  end
389
407
  end
408
+
409
+ def required_addresses
410
+ count = Datadog::AppSec::WAF::LibDDWAF::UInt32Ptr.new
411
+ list = Datadog::AppSec::WAF::LibDDWAF.ddwaf_required_addresses(handle_obj, count)
412
+
413
+ return [] if count == 0 # list is null
414
+
415
+ list.get_array_of_string(0, count[:value])
416
+ end
390
417
  end
391
418
 
392
419
  Result = Struct.new(:action, :data, :total_runtime, :timeout)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: libddwaf
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0.0.0
4
+ version: 1.3.0.1.0.beta1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Datadog, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-04-29 00:00:00.000000000 Z
11
+ date: 2022-04-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi