libddwaf 1.7.0.0.0 → 1.8.2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/lib/datadog/appsec/waf/version.rb +1 -1
- data/lib/datadog/appsec/waf.rb +24 -31
- data/sig/datadog/appsec/waf.rbs +4 -11
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 30f298fcc92fb8b2489965b0b4710e22de5b3350a53a7bcd2cde8b08ba093cbc
|
|
4
|
+
data.tar.gz: 88e66343e82297fdb2cb5471be19dbd84642128c8e899c77b98f67932688a21a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b6518befb55b60e1ac680a588ebaa30b913e775e54af30d1b99529fefd05d1943c4bc6c09adcaa2683a4a3367c987adda9fdf309f1967d29a8b41ec1a5c152e9
|
|
7
|
+
data.tar.gz: 561d74e78f7699287a2981599fb448438dadd6f76424d1822adf6f3d2ebe76cfc56f93c19bbac9ee3d4b501040fc0c54e533919d3b57a87a11ad8d13d042bcd5
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
# 2023-03-03 v1.8.2.0.0
|
|
2
|
+
|
|
3
|
+
- Update to libddwaf 1.8.2
|
|
4
|
+
- Added Waf::Handle#merge method
|
|
5
|
+
- Remove Waf::Handle#update_rule_data and Waf::Handle#toggle_rules methods
|
|
6
|
+
- Remove WAF::LibDDWAF.ddwaf_required_rule_data_ids method
|
|
7
|
+
|
|
1
8
|
# 2023-02-03 v1.7.0.0.0
|
|
2
9
|
|
|
3
10
|
- Update to libddwaf 1.7.0
|
data/lib/datadog/appsec/waf.rb
CHANGED
|
@@ -228,10 +228,10 @@ module Datadog
|
|
|
228
228
|
attach_function :ddwaf_ruleset_info_free, [:ddwaf_ruleset_info], :void
|
|
229
229
|
|
|
230
230
|
attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_ruleset_info], :ddwaf_handle
|
|
231
|
+
attach_function :ddwaf_update, [:ddwaf_handle, :ddwaf_object, :ddwaf_ruleset_info], :ddwaf_handle
|
|
231
232
|
attach_function :ddwaf_destroy, [:ddwaf_handle], :void
|
|
232
233
|
|
|
233
234
|
attach_function :ddwaf_required_addresses, [:ddwaf_handle, UInt32Ptr], :charptrptr
|
|
234
|
-
attach_function :ddwaf_required_rule_data_ids, [:ddwaf_handle, UInt32Ptr], :charptrptr
|
|
235
235
|
|
|
236
236
|
# updating
|
|
237
237
|
|
|
@@ -242,9 +242,6 @@ module Datadog
|
|
|
242
242
|
:ddwaf_match, 1
|
|
243
243
|
typedef DDWAF_RET_CODE, :ddwaf_ret_code
|
|
244
244
|
|
|
245
|
-
attach_function :ddwaf_update_rule_data, [:ddwaf_handle, :ddwaf_object], :ddwaf_ret_code
|
|
246
|
-
attach_function :ddwaf_toggle_rules, [:ddwaf_handle, :ddwaf_object], :ddwaf_ret_code
|
|
247
|
-
|
|
248
245
|
# running
|
|
249
246
|
|
|
250
247
|
typedef :pointer, :ddwaf_context
|
|
@@ -478,9 +475,7 @@ module Datadog
|
|
|
478
475
|
}
|
|
479
476
|
|
|
480
477
|
class Handle
|
|
481
|
-
attr_reader :handle_obj
|
|
482
|
-
|
|
483
|
-
attr_reader :ruleset_info
|
|
478
|
+
attr_reader :handle_obj, :ruleset_info, :config
|
|
484
479
|
|
|
485
480
|
def initialize(rule, limits: {}, obfuscator: {})
|
|
486
481
|
rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
|
|
@@ -492,7 +487,6 @@ module Datadog
|
|
|
492
487
|
if config_obj.null?
|
|
493
488
|
fail LibDDWAF::Error, 'Could not create config struct'
|
|
494
489
|
end
|
|
495
|
-
retain(config_obj)
|
|
496
490
|
|
|
497
491
|
config_obj[:limits][:max_container_size] = limits[:max_container_size] || LibDDWAF::DEFAULT_MAX_CONTAINER_SIZE
|
|
498
492
|
config_obj[:limits][:max_container_depth] = limits[:max_container_depth] || LibDDWAF::DEFAULT_MAX_CONTAINER_DEPTH
|
|
@@ -501,6 +495,8 @@ module Datadog
|
|
|
501
495
|
config_obj[:obfuscator][:value_regex] = FFI::MemoryPointer.from_string(obfuscator[:value_regex]) if obfuscator[:value_regex]
|
|
502
496
|
config_obj[:free_fn] = Datadog::AppSec::WAF::LibDDWAF::ObjectNoFree
|
|
503
497
|
|
|
498
|
+
@config = config_obj
|
|
499
|
+
|
|
504
500
|
ruleset_info = LibDDWAF::RuleSetInfo.new
|
|
505
501
|
|
|
506
502
|
@handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj, ruleset_info)
|
|
@@ -539,26 +535,35 @@ module Datadog
|
|
|
539
535
|
list.get_array_of_string(0, count[:value])
|
|
540
536
|
end
|
|
541
537
|
|
|
542
|
-
def
|
|
538
|
+
def merge(data)
|
|
543
539
|
data_obj = Datadog::AppSec::WAF.ruby_to_object(data, coerce: false)
|
|
544
|
-
|
|
540
|
+
ruleset_info = LibDDWAF::RuleSetInfo.new
|
|
541
|
+
new_handle = Datadog::AppSec::WAF::LibDDWAF.ddwaf_update(handle_obj, data_obj, ruleset_info)
|
|
545
542
|
|
|
546
|
-
|
|
543
|
+
return if new_handle.null?
|
|
544
|
+
|
|
545
|
+
info = {
|
|
546
|
+
loaded: ruleset_info[:loaded],
|
|
547
|
+
failed: ruleset_info[:failed],
|
|
548
|
+
errors: WAF.object_to_ruby(ruleset_info[:errors]),
|
|
549
|
+
version: ruleset_info[:version],
|
|
550
|
+
}
|
|
551
|
+
new_from_handle(new_handle, info, config)
|
|
547
552
|
ensure
|
|
548
553
|
Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(data_obj) if data_obj
|
|
554
|
+
Datadog::AppSec::WAF::LibDDWAF.ddwaf_ruleset_info_free(ruleset_info) if ruleset_info
|
|
549
555
|
end
|
|
550
556
|
|
|
551
|
-
|
|
552
|
-
map_obj = Datadog::AppSec::WAF.ruby_to_object(map, coerce: false)
|
|
553
|
-
res = Datadog::AppSec::WAF::LibDDWAF.ddwaf_toggle_rules(@handle_obj, map_obj)
|
|
557
|
+
private
|
|
554
558
|
|
|
555
|
-
|
|
556
|
-
|
|
557
|
-
|
|
559
|
+
def new_from_handle(handle_object, info, config)
|
|
560
|
+
obj = self.class.allocate
|
|
561
|
+
obj.instance_variable_set(:@handle_obj, handle_object)
|
|
562
|
+
obj.instance_variable_set(:@ruleset_info, info)
|
|
563
|
+
obj.instance_variable_set(:@config, config)
|
|
564
|
+
obj
|
|
558
565
|
end
|
|
559
566
|
|
|
560
|
-
private
|
|
561
|
-
|
|
562
567
|
def validate!
|
|
563
568
|
@valid = true
|
|
564
569
|
end
|
|
@@ -576,18 +581,6 @@ module Datadog
|
|
|
576
581
|
|
|
577
582
|
fail LibDDWAF::Error, "Attempt to use an invalid instance: #{inspect}"
|
|
578
583
|
end
|
|
579
|
-
|
|
580
|
-
def retained
|
|
581
|
-
@retained ||= []
|
|
582
|
-
end
|
|
583
|
-
|
|
584
|
-
def retain(object)
|
|
585
|
-
retained << object
|
|
586
|
-
end
|
|
587
|
-
|
|
588
|
-
def release(object)
|
|
589
|
-
retained.delete(object)
|
|
590
|
-
end
|
|
591
584
|
end
|
|
592
585
|
|
|
593
586
|
class Result
|
data/sig/datadog/appsec/waf.rbs
CHANGED
|
@@ -101,6 +101,7 @@ module Datadog
|
|
|
101
101
|
def self.ddwaf_ruleset_info_free: (RuleSetInfo) -> void
|
|
102
102
|
|
|
103
103
|
def self.ddwaf_init: (top, Config, RuleSetInfo) -> ::FFI::Pointer
|
|
104
|
+
def self.ddwaf_update: (::FFI::Pointer, LibDDWAF::Object, RuleSetInfo) -> ::FFI::Pointer
|
|
104
105
|
def self.ddwaf_destroy: (::FFI::Pointer) -> void
|
|
105
106
|
|
|
106
107
|
def self.ddwaf_required_addresses: (::FFI::Pointer, UInt32Ptr) -> ::FFI::Pointer
|
|
@@ -110,9 +111,6 @@ module Datadog
|
|
|
110
111
|
|
|
111
112
|
DDWAF_RET_CODE: ::FFI::Enum
|
|
112
113
|
|
|
113
|
-
def self.ddwaf_update_rule_data: (::FFI::Pointer, LibDDWAF::Object) -> ::Symbol
|
|
114
|
-
def self.ddwaf_toggle_rules: (::FFI::Pointer, LibDDWAF::Object) -> ::Symbol
|
|
115
|
-
|
|
116
114
|
# running
|
|
117
115
|
|
|
118
116
|
def self.ddwaf_context_init: (::FFI::Pointer) -> ::FFI::Pointer
|
|
@@ -168,27 +166,22 @@ module Datadog
|
|
|
168
166
|
class Handle
|
|
169
167
|
attr_reader handle_obj: ::FFI::Pointer
|
|
170
168
|
attr_reader ruleset_info: Hash[Symbol, untyped]
|
|
169
|
+
attr_reader config: WAF::LibDDWAF::Config
|
|
171
170
|
|
|
172
171
|
def initialize: (data rule, ?limits: ::Hash[::Symbol, ::Integer], ?obfuscator: ::Hash[::Symbol, ::String]) -> void
|
|
173
172
|
def finalize: () -> untyped
|
|
174
173
|
def required_addresses: () -> ::Array[::String]
|
|
175
|
-
def
|
|
176
|
-
def toggle_rules: (::Hash[::String, bool]) -> ::Symbol
|
|
174
|
+
def update: (untyped data) -> Handle
|
|
177
175
|
|
|
178
176
|
private
|
|
179
177
|
|
|
180
178
|
@valid: bool
|
|
181
179
|
|
|
180
|
+
def new_from_handle: (::FFI::Pointer handle_object, Hash[Symbol, untyped] info, WAF::LibDDWAF::Config config) -> untyped
|
|
182
181
|
def validate!: () -> void
|
|
183
182
|
def invalidate!: () -> void
|
|
184
183
|
def valid?: () -> (nil | bool)
|
|
185
184
|
def valid!: () -> void
|
|
186
|
-
|
|
187
|
-
@retained: Array[untyped]
|
|
188
|
-
|
|
189
|
-
def retained: () -> Array[untyped]
|
|
190
|
-
def retain: (top object) -> void
|
|
191
|
-
def release: (top object) -> void
|
|
192
185
|
end
|
|
193
186
|
|
|
194
187
|
type result_data = Array[untyped] | nil
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: libddwaf
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.8.2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Datadog, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-03-
|
|
11
|
+
date: 2023-03-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ffi
|