RubyGems - newrelic_security - Versions diffs - 0.1.0 → 0.2.0 - Mend

newrelic_security 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c07c9ef96a8884449bdd0d5be44eccf3fee5ae6dde565863fe1eb24449a902f6
-  data.tar.gz: 56f813a8034eed9fd717a0c549275cd1c1e1386c50acdb2142379fbcc980838d
+  metadata.gz: 5b1160c4b821177b6ce0400848a72bf09899780ff83abadb60b3e60f35b8338b
+  data.tar.gz: 98cfb5a7d513e842690dce03aa515a7e148a252a5f0666f16e40899e2ad511d0
 SHA512:
-  metadata.gz: 0a3b7c2e86f9ea2c3a6c4c28da88676f904e78c5cce82fb152897aade9acda32ca9ea485d26dfa7ebb6ef1356c14df9d85407971d05a0a0f69e1ec43824227a1
-  data.tar.gz: d3c6dcd24fe5ed0b54537b503e6994e6ed6701d5bab53f90220cce4b300e14a619db19cab4befec08560b72c941898a082a1b3c9738ed29e3fb8feae714edeb2
+  metadata.gz: 56dea910383ac11f0b87a29f304e0f5042336c142c1d8ca60a2cdaf15bf172102000e28e8f382fd99781afebd061a0693e3f5ff8ea9fba981cdc4de128abdc20
+  data.tar.gz: 04bb28178707141c66ac94158fdb3cd632ccb22a1a9c4b4f5f7d9438989ee3c6fba2124abc89ffbf135d34e249b5921cd5d4b924e50768f07363b219567867bb

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,26 @@
 # New Relic Ruby Security Agent Release Notes
+## v0.2.0
+Version 0.2.0 introuduces Error reporting as part of security. Any unhandled or 5xx errors in application runtime will now be visible in IAST capability UI. Updated json_version: **1.2.4**
+- Feature: Unhandled and 5xx error reproting [PR#134](https://github.com/newrelic/csec-ruby-agent/pull/134)
+- Bugfix: Fix for API route not present in rails7 [PR#127](https://github.com/newrelic/csec-ruby-agent/pull/127)
+- Bugfix: Fix for Sqlite3 parameters sent in wrong fromat [PR#130](https://github.com/newrelic/csec-ruby-agent/pull/130)
+- Bugfix: Fix for multiple events have same id [PR#135](https://github.com/newrelic/csec-ruby-agent/pull/135)
+- Bugfix: Fix for NR_CSEC_VALIDATOR_HOME_TMP placeholder value not replaced during File Access fuzzing [PR#138](https://github.com/newrelic/csec-ruby-agent/pull/138)
+- Bugfix: Fix for appServerInfo fields are not present in File Operation events [PR#139](https://github.com/newrelic/csec-ruby-agent/pull/139)
+- Sending security agent critical errors to APM error inbox [PR#137](https://github.com/newrelic/csec-ruby-agent/pull/137)
+- Added key identifiers in entityGuid and acccountId in all json reporting [PR#101](https://github.com/newrelic/csec-ruby-agent/pull/101)
 ## v0.1.0
 Version 0.1.0 introduces `newrelic_security` agent for public preview under Newrelic pre-release software notice.

data/lib/newrelic_security/agent/agent.rb CHANGED Viewed

@@ -17,13 +17,15 @@ require 'newrelic_security/agent/control/critical_message'
 require 'newrelic_security/agent/control/event_counter'
 require 'newrelic_security/agent/control/event_stats'
 require 'newrelic_security/agent/control/exit_event'
+require 'newrelic_security/agent/control/application_runtime_error'
+require 'newrelic_security/agent/control/error_reporting'
 require 'newrelic_security/instrumentation-security/instrumentation_loader'
 module NewRelic::Security
   module Agent
     class Agent
-      attr_accessor :websocket_client, :event_processor, :iast_client, :http_request_count, :event_processed_count, :event_sent_count, :event_drop_count, :route_map, :iast_event_stats, :rasp_event_stats, :exit_event_stats
+      attr_accessor :websocket_client, :event_processor, :iast_client, :http_request_count, :event_processed_count, :event_sent_count, :event_drop_count, :route_map, :iast_event_stats, :rasp_event_stats, :exit_event_stats, :error_reporting
       def initialize
         NewRelic::Security::Agent.config
@@ -41,6 +43,7 @@ module NewRelic::Security
         @iast_event_stats = NewRelic::Security::Agent::Control::EventStats.new
         @rasp_event_stats = NewRelic::Security::Agent::Control::EventStats.new
         @exit_event_stats = NewRelic::Security::Agent::Control::EventStats.new
+        @error_reporting = NewRelic::Security::Agent::Control::ErrorReporting.new
       end
       def init
@@ -93,7 +96,8 @@ module NewRelic::Security
       def find_or_create_file_path(path)
         ::FileUtils.mkdir_p(path) unless ::File.directory?(path)
         ::File.directory?(path)
-      rescue
+      rescue => e
+        ::NewRelic::Agent.notice_error(e)
         return false
       end

data/lib/newrelic_security/agent/configuration/manager.rb CHANGED Viewed

@@ -39,7 +39,7 @@ module NewRelic::Security
           @cache[:listen_port] = nil
           @cache[:app_root] = NewRelic::Security::Agent::Utils.app_root
           @cache[:jruby_objectspace_enabled] = false
-          @cache[:json_version] = :'1.2.0'
+          @cache[:json_version] = :'1.2.4'
           @environment_source = NewRelic::Security::Agent::Configuration::EnvironmentSource.new
           @server_source = NewRelic::Security::Agent::Configuration::ServerSource.new
@@ -47,8 +47,7 @@ module NewRelic::Security
           @yaml_source = NewRelic::Security::Agent::Configuration::YamlSource.new
           @default_source = NewRelic::Security::Agent::Configuration::DefaultSource.new
         rescue Exception => exception
-          # TODO: remove this puts once agent stablizes
-          puts "Exception in Configuration::Manager.initialize : #{exception.inspect} #{exception.backtrace}"
+          ::NewRelic::Agent.notice_error(exception)
         end
         def [](key)

data/lib/newrelic_security/agent/control/app_info.rb CHANGED Viewed

@@ -26,6 +26,8 @@ module NewRelic::Security
           @jsonVersion = NewRelic::Security::Agent.config[:json_version]
           @startTime = current_time_millis
           @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @appAccountId = NewRelic::Security::Agent.config[:account_id]
+          @appEntityGuid = NewRelic::Security::Agent.config[:entity_guid]
           @framework = NewRelic::Security::Agent.config[:framework]
           @groupName = NewRelic::Security::Agent.config[:mode]
           @userProvidedApplicationInfo = Hash.new

data/lib/newrelic_security/agent/control/application_runtime_error.rb ADDED Viewed

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+require 'json'
+require 'digest'
+module NewRelic::Security
+  module Agent
+    module Control
+      class ApplicationRuntimeError
+        attr_reader :jsonName, :exception
+        attr_accessor :counter
+        def initialize(exception, ctxt, response_code, category)
+          @collectorType = RUBY
+          @language = Ruby
+          @jsonName = :'application-runtime-error'
+          @eventType = :'application-runtime-error'
+          @collectorVersion = NewRelic::Security::VERSION
+          @buildNumber = nil
+          @jsonVersion = NewRelic::Security::Agent.config[:json_version]
+          @timestamp = current_time_millis
+          @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @appAccountId = NewRelic::Security::Agent.config[:account_id]
+          @appEntityGuid = NewRelic::Security::Agent.config[:entity_guid]
+          @framework = NewRelic::Security::Agent.config[:framework]
+          @groupName = NewRelic::Security::Agent.config[:mode]
+          @policyVersion = nil
+          @linkingMetadata = add_linking_metadata
+          @httpRequest = get_http_request_data(ctxt)
+          @exception = exception
+          @counter = 1
+          @responseCode = response_code
+          @category = category
+          @traceId = generate_trace_id(ctxt, category)
+        end
+        def as_json
+          instance_variables.map! do |ivar|
+            [ivar[1..-1].to_sym, instance_variable_get(ivar)]
+          end.to_h
+        end
+        def to_json(*_args)
+          as_json.to_json
+        end
+        private
+        def current_time_millis
+          (Time.now.to_f * 1000).to_i
+        end
+        def add_linking_metadata
+          linking_metadata = {}
+          linking_metadata[:agentRunId] = NewRelic::Security::Agent.config[:agent_run_id]
+          linking_metadata.merge!(NewRelic::Security::Agent.config[:linking_metadata])
+          # TODO: add other fields as well in linking metadata, for event and heathcheck as well
+        end
+        def get_http_request_data(ctxt)
+          return if ctxt.nil?
+          http_request = {}
+          http_request[:parameterMap] = {}
+          http_request[:body] = ctxt.body
+          http_request[:generationTime] = ctxt.time_stamp
+          http_request[:dataTruncated] = false
+          http_request[:method] = ctxt.method
+          http_request[:route] = ctxt.route.split(AT_THE_RATE)[1] if ctxt.route
+          http_request[:url] = URI(ctxt.req[REQUEST_URI]).respond_to?(:request_uri) ? URI(ctxt.req[REQUEST_URI]).request_uri : ctxt.req[REQUEST_URI]
+          http_request[:requestURI] = "#{ctxt.req[RACK_URL_SCHEME]}://#{ctxt.req[HTTP_HOST]}#{ctxt.req[PATH_INFO]}"
+          http_request[:clientIP] = ctxt.headers.key?(X_FORWARDED_FOR) ? ctxt.headers[X_FORWARDED_FOR].split(COMMA)[0].to_s : ctxt.req[REMOTE_ADDR].to_s
+          http_request[:serverPort] = ctxt.req[SERVER_PORT].to_i
+          http_request[:protocol] = ctxt.req[RACK_URL_SCHEME]
+          http_request[:contextPath] = ROOT_PATH
+          http_request[:headers] = ctxt.headers
+          http_request[:contentType] = ctxt.req[CONTENT_TYPE] if ctxt.req.key?(CONTENT_TYPE)
+          http_request[:headers][CONTENT_TYPE1] = ctxt.req[CONTENT_TYPE] if ctxt.req.key?(CONTENT_TYPE)
+          http_request[:dataTruncated] = ctxt.data_truncated
+          http_request
+        end
+        def generate_trace_id(ctxt, category)
+          @exception[:stackTrace]
+          method, route = ctxt.route.split(AT_THE_RATE) if ctxt.route
+          if @exception[:stackTrace]
+            ::Digest::SHA256.hexdigest("#{@exception[:stackTrace].join(PIPE)}#{category}#{route}#{method}").to_s
+          else
+            ::Digest::SHA256.hexdigest("#{category}#{route}#{method}").to_s
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/agent/control/application_url_mappings.rb CHANGED Viewed

@@ -21,6 +21,8 @@ module NewRelic::Security
           @jsonVersion = NewRelic::Security::Agent.config[:json_version]
           @timestamp = current_time_millis
           @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @appAccountId = NewRelic::Security::Agent.config[:account_id]
+          @appEntityGuid = NewRelic::Security::Agent.config[:entity_guid]
           @framework = NewRelic::Security::Agent.config[:framework]
           @groupName = NewRelic::Security::Agent.config[:mode]
           @policyVersion = nil

data/lib/newrelic_security/agent/control/control_command.rb CHANGED Viewed

@@ -32,7 +32,7 @@ module NewRelic::Security
               fuzz_request = NewRelic::Security::Agent::Control::FuzzRequest.new(message_object[:id])
               fuzz_request.request = prepare_fuzz_request(message_object)
               fuzz_request.case_type = message_object[:arguments][1]
-              fuzz_request.reflected_metadata =  message_object[:reflectedMetaData]
+              fuzz_request.reflected_metadata = message_object[:reflectedMetaData]
               NewRelic::Security::Agent.agent.iast_client.pending_request_ids << message_object[:id]
               NewRelic::Security::Agent.agent.iast_client.enqueue(fuzz_request)
               fuzz_request = nil
@@ -104,6 +104,7 @@ module NewRelic::Security
         def prepare_fuzz_request(message_object)
           message_object[:arguments][0].gsub!(NR_CSEC_VALIDATOR_HOME_TMP, NewRelic::Security::Agent.config[:fuzz_dir_path])
+          message_object[:arguments][0].gsub!(NR_CSEC_VALIDATOR_HOME_TMP_URL_ENCODED, NewRelic::Security::Agent.config[:fuzz_dir_path])
           message_object[:arguments][0].gsub!(NR_CSEC_VALIDATOR_FILE_SEPARATOR, ::File::SEPARATOR)
           prepared_fuzz_request = ::JSON.parse(message_object[:arguments][0])
           prepared_fuzz_request[HEADERS][NR_CSEC_PARENT_ID] = message_object[:id]

data/lib/newrelic_security/agent/control/critical_message.rb CHANGED Viewed

@@ -21,6 +21,8 @@ module NewRelic::Security
           @buildNumber = nil
           @jsonVersion = NewRelic::Security::Agent.config[:json_version]
           @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @appAccountId = NewRelic::Security::Agent.config[:account_id]
+          @appEntityGuid = NewRelic::Security::Agent.config[:entity_guid]
           @linkingMetadata = add_linking_metadata
           @timestamp = current_time_millis
           @message = message

data/lib/newrelic_security/agent/control/error_reporting.rb ADDED Viewed

@@ -0,0 +1,74 @@
+module NewRelic::Security
+  module Agent
+    module Control
+      class ErrorReporting
+        STATUS_CODES_5XX = {
+          500 => "Internal Server Error",
+          501 => "Not Implemented",
+          502 => "Bad Gateway",
+          503 => "Service Unavailable",
+          504 => "Gateway Timeout",
+          505 => "HTTP Version Not Supported",
+          506 => "Variant Also Negotiates",
+          507 => "Insufficient Storage",
+          508 => "Loop Detected",
+          509 => "Bandwidth Limit Exceeded",
+          510 => "Not Extended",
+          511 => "Network Authentication Required"
+        }.freeze
+        attr_accessor :exceptions_map
+        def initialize
+          @exceptions_map = {}
+        end
+        def generate_unhandled_exception(noticed_error, ctxt, response_code)
+          unhandled_exception = {}
+          category = nil
+          if noticed_error
+            unhandled_exception[:message] = noticed_error.message
+            unhandled_exception[:cause] = nil
+            unhandled_exception[:type] = noticed_error.exception_class_name
+            unhandled_exception[:stackTrace] = noticed_error.stack_trace
+            category = noticed_error.exception_class_name
+          end
+          category = STATUS_CODES_5XX[response_code] if response_code
+          application_runtime_error = NewRelic::Security::Agent::Control::ApplicationRuntimeError.new(unhandled_exception, ctxt, response_code, category)
+          key = if response_code
+            # TODO: when do refactoring of ctxt.route, use both route and method to generate key
+            ctxt.route&.+ response_code.to_s
+                else
+            application_runtime_error.exception[:type] + application_runtime_error.exception[:stackTrace][0]
+                end
+          application_runtime_error.counter = @exceptions_map[key].counter + 1 if @exceptions_map.key?(key)
+          @exceptions_map[key] = application_runtime_error
+        rescue Exception => exception
+          NewRelic::Security::Agent.logger.error "Exception in generating unhandled exception: #{exception.inspect} #{exception.backtrace}\n"
+        end
+        def extract_noticed_error(current_transaction, ctxt, response_code)
+          # TODO: Below operation is expensive, talk to APM to get optimized way to do this
+          current_transaction.exceptions.each do |_, span|
+            current_transaction.segments.each do |segment|
+              generate_unhandled_exception(segment.noticed_error, ctxt, response_code) if span[:span_id] == segment.guid
+            end
+          end
+        rescue Exception => exception
+          NewRelic::Security::Agent.logger.error "Exception in extract_noticed_error: #{exception.inspect} #{exception.backtrace}\n"
+        end
+        def report_unhandled_or_5xx_exceptions(current_transaction, ctxt, response_code = nil)
+          http_response_code = response_code || current_transaction&.http_response_code
+          if current_transaction.exceptions.empty? && http_response_code&.between?(500, 599)
+            generate_unhandled_exception(nil, ctxt, response_code)
+          else
+            extract_noticed_error(current_transaction, ctxt, response_code) unless current_transaction.exceptions.empty?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/agent/control/event.rb CHANGED Viewed

@@ -26,9 +26,11 @@ module NewRelic::Security
           @buildNumber = nil
           @jsonVersion = NewRelic::Security::Agent.config[:json_version]
           @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @appAccountId = NewRelic::Security::Agent.config[:account_id]
+          @appEntityGuid = NewRelic::Security::Agent.config[:entity_guid]
           @httpRequest = Hash.new
           @httpResponse = Hash.new
-          @metaData = { :reflectedMetaData => { :listen_port => NewRelic::Security::Agent.config[:listen_port].to_s } }
+          @metaData = { :reflectedMetaData => { :listen_port => NewRelic::Security::Agent.config[:listen_port].to_s }, :appServerInfo => { :applicationDirectory => NewRelic::Security::Agent.config[:app_root], :serverBaseDirectory => NewRelic::Security::Agent.config[:app_root] } }
           @linkingMetadata = add_linking_metadata
           @pid = pid
           @parameters = args
@@ -113,7 +115,7 @@ module NewRelic::Security
           http_request[:contentType] = "TODO: "
           http_request[:isGrpc] = ctxt.is_grpc
           @httpRequest = http_request
-          @metaData = ctxt.metadata
+          @metaData.merge!(ctxt.metadata)
         end
         private
@@ -128,13 +130,20 @@ module NewRelic::Security
         end
         def event_id
-          "#{Process.pid}:#{::Thread.current.object_id}:#{thread_monotonic_ctr}"
+          "#{Process.pid}:#{current_transaction&.guid}:#{thread_monotonic_ctr}"
+        end
+        def current_transaction
+          ::NewRelic::Agent::Tracer.current_transaction if defined?(::NewRelic::Agent::Tracer)
         end
         def thread_monotonic_ctr
           ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context if NewRelic::Security::Agent::Control::HTTPContext.get_context
           ctxt = NewRelic::Security::Agent::Control::GRPCContext.get_context if NewRelic::Security::Agent::Control::GRPCContext.get_context
-          ctxt.event_counter = ctxt.event_counter + 1 if ctxt
+          return unless ctxt
+          ctxt.mutex.synchronize do
+            ctxt.event_counter = ctxt.event_counter + 1
+          end
         end
         def add_linking_metadata

data/lib/newrelic_security/agent/control/event_processor.rb CHANGED Viewed

@@ -5,6 +5,7 @@ module NewRelic::Security
     module Control
       EVENT_QUEUE_SIZE = 10_000
       HEALTH_INTERVAL = 300
+      ERROR_REPORTING_INTERVAL = 30
       class EventProcessor
@@ -15,6 +16,7 @@ module NewRelic::Security
           @eventQ = ::SizedQueue.new(EVENT_QUEUE_SIZE)
           create_dequeue_threads
           create_keep_alive_thread
+          create_error_reporting_thread
           NewRelic::Security::Agent.init_logger.info "[STEP-5] => Security agent components started"
         end
@@ -128,6 +130,25 @@ module NewRelic::Security
           NewRelic::Security::Agent.logger.error "Exception in health check thread, #{exception.inspect}"
         end
+        def create_error_reporting_thread
+          @error_reporting_thread = Thread.new {
+            Thread.current.name = "newrelic_security_error_reporting_thread"
+            while true do
+              sleep ERROR_REPORTING_INTERVAL
+              send_error_reporting_event if NewRelic::Security::Agent::Control::WebsocketClient.instance.is_open?
+            end
+          }
+        rescue Exception => exception
+          NewRelic::Security::Agent.logger.error "Exception in error_reporting thread, #{exception.inspect}"
+        end
+        def send_error_reporting_event
+          NewRelic::Security::Agent.agent.error_reporting&.exceptions_map&.each_value do |exception|
+            NewRelic::Security::Agent::Control::WebsocketClient.instance.send(exception)
+          end
+          NewRelic::Security::Agent.agent.error_reporting&.exceptions_map&.clear
+        end
       end
     end
   end

data/lib/newrelic_security/agent/control/exit_event.rb CHANGED Viewed

@@ -14,6 +14,8 @@ module NewRelic::Security
           @collectorVersion =  NewRelic::Security::VERSION
           @buildNumber = nil
           @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @appAccountId = NewRelic::Security::Agent.config[:account_id]
+          @appEntityGuid = NewRelic::Security::Agent.config[:entity_guid]
           @groupName = NewRelic::Security::Agent.config[:mode]
           @jsonVersion = NewRelic::Security::Agent.config[:json_version]
           @policyVersion = nil

data/lib/newrelic_security/agent/control/grpc_context.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module NewRelic::Security
       class GRPCContext
-        attr_accessor :time_stamp, :method, :headers, :body, :route, :cache, :fuzz_files, :url, :server_name, :server_port, :client_ip, :client_port, :is_grpc, :metadata, :event_counter
+        attr_accessor :time_stamp, :method, :headers, :body, :route, :cache, :fuzz_files, :url, :server_name, :server_port, :client_ip, :client_port, :is_grpc, :metadata, :event_counter, :mutex
         def initialize(grpc_request)
           @time_stamp = current_time_millis
@@ -32,6 +32,7 @@ module NewRelic::Security
           @cache = {}
           @fuzz_files = ::Set.new
           @event_counter = 0
+          @mutex = Mutex.new
           NewRelic::Security::Agent.agent.http_request_count.increment
         end

data/lib/newrelic_security/agent/control/health_check.rb CHANGED Viewed

@@ -18,6 +18,8 @@ module NewRelic::Security
           @framework = NewRelic::Security::Agent.config[:framework]
           @protectedServer = nil
           @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @appAccountId = NewRelic::Security::Agent.config[:account_id]
+          @appEntityGuid = NewRelic::Security::Agent.config[:entity_guid]
           @collectorVersion = NewRelic::Security::VERSION
           @buildNumber = nil
           @jsonVersion = NewRelic::Security::Agent.config[:json_version]

data/lib/newrelic_security/agent/control/http_context.rb CHANGED Viewed

@@ -10,13 +10,14 @@ module NewRelic::Security
       UNDERSCORE = '_'
       HYPHEN = '-'
       REQUEST_METHOD = 'REQUEST_METHOD'
+      HTTP_HOST = 'HTTP_HOST'
       PATH_INFO = 'PATH_INFO'
       RACK_INPUT = 'rack.input'
-      CGI_VARIABLES = ::Set.new(%W[ AUTH_TYPE CONTENT_LENGTH CONTENT_TYPE GATEWAY_INTERFACE HTTPS PATH_INFO PATH_TRANSLATED REQUEST_URI QUERY_STRING REMOTE_ADDR REMOTE_HOST REMOTE_IDENT REMOTE_USER REQUEST_METHOD SCRIPT_NAME SERVER_NAME SERVER_PORT SERVER_PROTOCOL SERVER_SOFTWARE rack.url_scheme ])
+      CGI_VARIABLES = ::Set.new(%W[ AUTH_TYPE CONTENT_LENGTH CONTENT_TYPE GATEWAY_INTERFACE HTTPS HTTP_HOST PATH_INFO PATH_TRANSLATED REQUEST_URI QUERY_STRING REMOTE_ADDR REMOTE_HOST REMOTE_IDENT REMOTE_USER REQUEST_METHOD SCRIPT_NAME SERVER_NAME SERVER_PORT SERVER_PROTOCOL SERVER_SOFTWARE rack.url_scheme ])
       class HTTPContext
-        attr_accessor :time_stamp, :req, :method, :headers, :params, :body, :data_truncated, :route, :cache, :fuzz_files, :event_counter
+        attr_accessor :time_stamp, :req, :method, :headers, :params, :body, :data_truncated, :route, :cache, :fuzz_files, :event_counter, :mutex
         def initialize(env)
           @time_stamp = current_time_millis
@@ -47,6 +48,7 @@ module NewRelic::Security
           @cache = Hash.new
           @fuzz_files = ::Set.new
           @event_counter = 0
+          @mutex = Mutex.new
           NewRelic::Security::Agent.agent.http_request_count.increment
           NewRelic::Security::Agent.agent.iast_client.completed_requests[@headers[NR_CSEC_PARENT_ID]] = [] if @headers.key?(NR_CSEC_PARENT_ID)
         end
@@ -66,6 +68,10 @@ module NewRelic::Security
         def self.reset_context
           ::NewRelic::Agent::Tracer.current_transaction.remove_instance_variable(:@security_context_data) if ::NewRelic::Agent::Tracer.current_transaction.instance_variable_defined?(:@security_context_data)
         end
+        def self.get_current_transaction
+          ::NewRelic::Agent::Tracer.current_transaction
+        end
       end
     end

data/lib/newrelic_security/agent/control/iast_data_transfer_request.rb CHANGED Viewed

@@ -11,6 +11,8 @@ module NewRelic::Security
         def initialize
           @jsonName = :'iast-data-request'
           @applicationUUID = NewRelic::Security::Agent.config[:uuid]
+          @appAccountId = NewRelic::Security::Agent.config[:account_id]
+          @appEntityGuid = NewRelic::Security::Agent.config[:entity_guid]
           @batchSize = 10
           @pendingRequestIds = []
           @completedRequests = Hash.new

data/lib/newrelic_security/agent/control/websocket_client.rb CHANGED Viewed

@@ -76,21 +76,26 @@ module NewRelic::Security
             connection.on :error do |e|
               NewRelic::Security::Agent.logger.error "Error in websocket connection : #{e.inspect} #{e.backtrace}"
+              ::NewRelic::Agent.notice_error(e)
               Thread.new { NewRelic::Security::Agent::Control::WebsocketClient.instance.close(true) }
             end
           rescue Errno::EPIPE => exception
             NewRelic::Security::Agent.logger.error "Unable to connect to validator_service: #{exception.inspect}"
+            ::NewRelic::Agent.notice_error(exception)
             NewRelic::Security::Agent.config.disable_security
           rescue Errno::ECONNRESET => exception
             NewRelic::Security::Agent.logger.error "Unable to connect to validator_service: #{exception.inspect}"
+            ::NewRelic::Agent.notice_error(exception)
             NewRelic::Security::Agent.config.disable_security
             Thread.new { NewRelic::Security::Agent.agent.reconnect(15) }
           rescue Errno::ECONNREFUSED => exception
             NewRelic::Security::Agent.logger.error "Unable to connect to validator_service: #{exception.inspect}"
+            ::NewRelic::Agent.notice_error(exception)
             NewRelic::Security::Agent.config.disable_security
             Thread.new { NewRelic::Security::Agent.agent.reconnect(15) }
           rescue => exception
             NewRelic::Security::Agent.logger.error "Exception in websocket init: #{exception.inspect} #{exception.backtrace}"
+            ::NewRelic::Agent.notice_error(exception)
             NewRelic::Security::Agent.config.disable_security
             Thread.new { NewRelic::Security::Agent.agent.reconnect(15) }
           end

data/lib/newrelic_security/agent/utils/agent_utils.rb CHANGED Viewed

@@ -36,10 +36,11 @@ module NewRelic::Security
               decrypted_data.split(COMMA).each do |filename|
                 begin
                   filename.gsub!(NR_CSEC_VALIDATOR_HOME_TMP, NewRelic::Security::Agent.config[:fuzz_dir_path])
+                  filename.gsub!(NR_CSEC_VALIDATOR_HOME_TMP_URL_ENCODED, NewRelic::Security::Agent.config[:fuzz_dir_path])
                   filename.gsub!(NR_CSEC_VALIDATOR_FILE_SEPARATOR, ::File::SEPARATOR)
                   dirname = ::File.dirname(filename)
                   ::FileUtils.mkdir_p(dirname, :mode => 0770) unless ::File.directory?(dirname)
-                  ctxt&.fuzz_files << filename
+                  ctxt&.fuzz_files&.<< filename
                   ::File.open(filename, ::File::WRONLY | ::File::CREAT | ::File::EXCL) do |fd|
                       # puts "Ownership acquired by : #{Process.pid}"
                   end unless ::File.exist?(filename)
@@ -115,7 +116,7 @@ module NewRelic::Security
         elsif framework == :grape
           ObjectSpace.each_object(::Grape::Endpoint) { |z|
             z.instance_variable_get(:@routes)&.each { |route|
-              http_method = route.instance_variable_get(:@request_method) ? route.instance_variable_get(:@request_method) : route.instance_variable_get(:@options)[:method]
+              http_method = route.instance_variable_get(:@request_method) || route.instance_variable_get(:@options)[:method]
               NewRelic::Security::Agent.agent.route_map << "#{http_method}@#{route.pattern.origin}"
             }
           }

data/lib/newrelic_security/constants.rb CHANGED Viewed

@@ -7,6 +7,7 @@ module NewRelic::Security
   LANGUAGE_COLLECTOR = 'LANGUAGE_COLLECTOR'
   STANDARD_OUT = 'STDOUT'
   NR_CSEC_VALIDATOR_HOME_TMP = '{{NR_CSEC_VALIDATOR_HOME_TMP}}'
+  NR_CSEC_VALIDATOR_HOME_TMP_URL_ENCODED = '%7B%7BNR_CSEC_VALIDATOR_HOME_TMP%7D%7D'
   NR_CSEC_VALIDATOR_FILE_SEPARATOR = '{{NR_CSEC_VALIDATOR_FILE_SEPARATOR}}'
   SEC_HOME_PATH = 'nr-security-home'
   LOGS_DIR = 'logs'

data/lib/newrelic_security/instrumentation-security/grape/chain.rb CHANGED Viewed

@@ -12,10 +12,15 @@ module NewRelic::Security
                 def call(env)
                   retval = nil
-                  event = call_on_enter(env) { retval = call_without_security(env) }
+                  event = call_on_enter(env) do
+                    begin
+                      retval = call_without_security(env)
+                    ensure
+                      NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, nil)
+                    end
+                  end
                   call_on_exit(event, retval) { return retval }
                 end
               end
             end
           end

data/lib/newrelic_security/instrumentation-security/grape/instrumentation.rb CHANGED Viewed

@@ -24,6 +24,7 @@ module NewRelic::Security
         # NewRelic::Security::Agent.logger.debug "\n\nHTTP Context : #{::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data).inspect}\n\n"
         NewRelic::Security::Agent::Control::ReflectedXSS.check_xss(NewRelic::Security::Agent::Control::HTTPContext.get_context, retval) if NewRelic::Security::Agent.config[:'security.detection.rxss.enabled']
         NewRelic::Security::Agent::Utils.delete_created_files(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, retval[0])
         NewRelic::Security::Agent::Control::HTTPContext.reset_context
         NewRelic::Security::Agent.logger.debug "Exit event : #{event}"
       rescue => exception
@@ -40,7 +41,7 @@ module NewRelic::Security
         def prepare_env_from_route_on_enter(route)
           NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
           ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context
-          http_method = route.instance_variable_get(:@request_method) ? route.instance_variable_get(:@request_method) : route.instance_variable_get(:@options)[:method]
+          http_method = route.instance_variable_get(:@request_method) || route.instance_variable_get(:@options)[:method]
           ctxt.route = "#{http_method}@#{route.options[:namespace]}" unless ctxt.nil?
         rescue => exception
           NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"

data/lib/newrelic_security/instrumentation-security/grape/prepend.rb CHANGED Viewed

@@ -8,7 +8,13 @@ module NewRelic::Security
             def call(env)
               retval = nil
-              event = call_on_enter(env) { retval = super(env) }
+              event = call_on_enter(env) do
+                begin
+                  retval = super(env)
+                ensure
+                  NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, nil)
+                end
+              end
               call_on_exit(event, retval) { return retval }
             end

data/lib/newrelic_security/instrumentation-security/padrino/chain.rb CHANGED Viewed

@@ -21,6 +21,23 @@ module NewRelic::Security
           end
         end
       end
+      module Router
+        module Chain
+          def self.instrument!
+            ::Padrino::Router.class_eval do
+              include NewRelic::Security::Instrumentation::Padrino::Router
+              alias_method :call_without_security, :call
+              def call(env, &block)
+                retval = call_without_security(env, &block)
+                call_on_exit(retval) { return retval }
+              end
+            end
+          end
+        end
+      end
     end
   end
 end

data/lib/newrelic_security/instrumentation-security/padrino/instrumentation.rb CHANGED Viewed

@@ -13,7 +13,7 @@ module NewRelic::Security
         extracted_env = env.instance_variable_get(:@env)
         NewRelic::Security::Agent::Control::HTTPContext.set_context(extracted_env)
         ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context
-        ctxt.route = "#{extracted_env[REQUEST_METHOD].to_s}@#{extracted_env[PATH_INFO].to_s}" if ctxt
+        ctxt.route = "#{extracted_env[REQUEST_METHOD]}@#{extracted_env[PATH_INFO]}" if ctxt
         NewRelic::Security::Agent::Utils.parse_fuzz_header(NewRelic::Security::Agent::Control::HTTPContext.get_context)
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
@@ -27,6 +27,7 @@ module NewRelic::Security
         # NewRelic::Security::Agent.logger.debug "\n\nHTTP Context : #{::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data).inspect}\n\n"
         NewRelic::Security::Agent::Control::ReflectedXSS.check_xss(NewRelic::Security::Agent::Control::HTTPContext.get_context, retval) if NewRelic::Security::Agent.config[:'security.detection.rxss.enabled']
         NewRelic::Security::Agent::Utils.delete_created_files(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, retval[0])
         NewRelic::Security::Agent::Control::HTTPContext.reset_context
         NewRelic::Security::Agent.logger.debug "Exit event : #{event}"
       rescue => exception
@@ -34,9 +35,20 @@ module NewRelic::Security
       ensure
         yield
       end
+    end
+    module Padrino::Router
+      def call_on_exit(retval)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, retval[0])
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
     end
   end
 end
 NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:padrino, ::Padrino::PathRouter::Router, ::NewRelic::Security::Instrumentation::Padrino::PathRouter::Router)
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:padrino, ::Padrino::Router, ::NewRelic::Security::Instrumentation::Padrino::Router)

data/lib/newrelic_security/instrumentation-security/padrino/prepend.rb CHANGED Viewed

@@ -15,6 +15,18 @@ module NewRelic::Security
           end
         end
       end
+      module Router
+        module Prepend
+          include NewRelic::Security::Instrumentation::Padrino::Router
+          def call(env, &block)
+            retval = super
+            call_on_exit(retval) { return retval }
+          end
+        end
+      end
     end
   end
 end

data/lib/newrelic_security/instrumentation-security/rails/chain.rb CHANGED Viewed

@@ -29,12 +29,36 @@ module NewRelic::Security
                 include NewRelic::Security::Instrumentation::ActionDispatch::Journey::Router
                 alias_method :find_routes_without_security, :find_routes
                 def find_routes(req)
                   retval = nil
                   event = find_routes_on_enter(req) { retval = find_routes_without_security(req) }
                   find_routes_on_exit(event, retval) { return retval }
-                end
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+    module ActionDispatch
+      module Routing
+        module RouteSet
+          module Dispatcher
+            module Chain
+              def self.instrument!
+                ::ActionDispatch::Routing::RouteSet::Dispatcher.class_eval do
+                  include NewRelic::Security::Instrumentation::ActionDispatch::Routing::RouteSet::Dispatcher
+                  alias_method :serve_without_security, :serve
+                  def serve(req)
+                    retval = nil
+                    event = serve_on_enter(req) { retval = serve_without_security(req) }
+                    serve_on_exit(event, retval) { return retval }
+                  end
+                end
               end
             end
           end

data/lib/newrelic_security/instrumentation-security/rails/instrumentation.rb CHANGED Viewed

@@ -24,6 +24,7 @@ module NewRelic::Security
         # NewRelic::Security::Agent.logger.debug "\n\nHTTP Context : #{::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data).inspect}\n\n"
         NewRelic::Security::Agent::Control::ReflectedXSS.check_xss(NewRelic::Security::Agent::Control::HTTPContext.get_context, retval) if NewRelic::Security::Agent.config[:'security.detection.rxss.enabled']
         NewRelic::Security::Agent::Utils.delete_created_files(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, retval[0])
         NewRelic::Security::Agent::Control::HTTPContext.reset_context
         NewRelic::Security::Agent.logger.debug "Exit event : #{event}"
       rescue => exception
@@ -31,11 +32,11 @@ module NewRelic::Security
       ensure
         yield
       end
     end
     module ActionDispatch::Journey::Router
       def find_routes_on_enter(req)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
@@ -45,7 +46,7 @@ module NewRelic::Security
         yield
         return event
       end
       def find_routes_on_exit(event, retval)
         NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
@@ -60,8 +61,32 @@ module NewRelic::Security
         yield
       end
     end
+    module ActionDispatch::Routing::RouteSet::Dispatcher
+      def serve_on_enter(req)
+        event = nil
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context
+        ctxt.route = "#{ctxt.method}@#{req.route_uri_pattern.to_s.gsub(/\(\.:format\)/, EMPTY_STRING)}" if ctxt && req.respond_to?(:route_uri_pattern)
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+        return event
+      end
+      def serve_on_exit(event, retval)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+    end
   end
 end
 NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:rails, ::Rails::Engine, ::NewRelic::Security::Instrumentation::Rails::Engine)
 NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:rails, ::ActionDispatch::Journey::Router, ::NewRelic::Security::Instrumentation::ActionDispatch::Journey::Router)
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:rails, ::ActionDispatch::Routing::RouteSet::Dispatcher, ::NewRelic::Security::Instrumentation::ActionDispatch::Routing::RouteSet::Dispatcher)

data/lib/newrelic_security/instrumentation-security/rails/prepend.rb CHANGED Viewed

@@ -29,5 +29,23 @@ module NewRelic::Security
         end
       end
     end
+    module ActionDispatch
+      module Routing
+        module RouteSet
+          module Dispatcher
+            module Prepend
+              include NewRelic::Security::Instrumentation::ActionDispatch::Routing::RouteSet::Dispatcher
+              def serve(req)
+                retval = nil
+                event = serve_on_enter(req) { retval = super }
+                serve_on_exit(event, retval) { return retval }
+              end
+            end
+          end
+        end
+      end
+    end
   end
 end

data/lib/newrelic_security/instrumentation-security/roda/chain.rb CHANGED Viewed

@@ -10,10 +10,15 @@ module NewRelic::Security
             def _roda_handle_main_route(*args)
               retval = nil
-              event = _roda_handle_main_route_on_enter(self.env) { retval = _roda_handle_main_route_without_security(*args) }
+              event = _roda_handle_main_route_on_enter(env) do
+                begin
+                  retval = _roda_handle_main_route_without_security(*args)
+                ensure
+                  NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, nil)
+                end
+              end
               _roda_handle_main_route_on_exit(event, retval) { return retval }
             end
           end
         end
       end

data/lib/newrelic_security/instrumentation-security/roda/instrumentation.rb CHANGED Viewed

@@ -12,7 +12,7 @@ module NewRelic::Security
         NewRelic::Security::Agent::Utils.get_app_routes(:roda) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)
         ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context
-        ctxt.route = "#{env[REQUEST_METHOD].to_s}@#{env[PATH_INFO].to_s}" if ctxt
+        ctxt.route = "#{env[REQUEST_METHOD]}@#{env[PATH_INFO]}" if ctxt
         NewRelic::Security::Agent::Utils.parse_fuzz_header(NewRelic::Security::Agent::Control::HTTPContext.get_context)
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
@@ -26,6 +26,7 @@ module NewRelic::Security
         # NewRelic::Security::Agent.logger.debug "\n\nHTTP Context : #{::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data).inspect}\n\n"
         NewRelic::Security::Agent::Control::ReflectedXSS.check_xss(NewRelic::Security::Agent::Control::HTTPContext.get_context, retval) if NewRelic::Security::Agent.config[:'security.detection.rxss.enabled']
         NewRelic::Security::Agent::Utils.delete_created_files(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, retval[0])
         NewRelic::Security::Agent::Control::HTTPContext.reset_context
         NewRelic::Security::Agent.logger.debug "Exit event : #{event}"
       rescue => exception

data/lib/newrelic_security/instrumentation-security/roda/prepend.rb CHANGED Viewed

@@ -6,7 +6,13 @@ module NewRelic::Security
         def _roda_handle_main_route(*args)
           retval = nil
-          event = _roda_handle_main_route_on_enter(self.env) { retval = super }
+          event = _roda_handle_main_route_on_enter(env) do
+            begin
+              retval = super
+            ensure
+              NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, nil)
+            end
+          end
           _roda_handle_main_route_on_exit(event, retval) { return retval }
         end

data/lib/newrelic_security/instrumentation-security/sinatra/chain.rb CHANGED Viewed

@@ -20,6 +20,12 @@ module NewRelic::Security
               def route_eval(&block)
                 route_eval_on_enter { route_eval_without_security(&block) }
               end
+              alias_method :dispatch_without_security, :dispatch!
+              def dispatch!
+                dispatch_on_enter { dispatch_without_security }
+              end
             end
           end
         end

data/lib/newrelic_security/instrumentation-security/sinatra/instrumentation.rb CHANGED Viewed

@@ -24,6 +24,7 @@ module NewRelic::Security
         # NewRelic::Security::Agent.logger.debug "\n\nHTTP Context : #{::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data).inspect}\n\n"
         NewRelic::Security::Agent::Control::ReflectedXSS.check_xss(NewRelic::Security::Agent::Control::HTTPContext.get_context, retval) if NewRelic::Security::Agent.config[:'security.detection.rxss.enabled']
         NewRelic::Security::Agent::Utils.delete_created_files(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, retval[0])
         NewRelic::Security::Agent::Control::HTTPContext.reset_context
         NewRelic::Security::Agent.logger.debug "Exit event : #{event}"
       rescue => exception
@@ -41,6 +42,13 @@ module NewRelic::Security
       ensure
         yield
       end
+      def dispatch_on_enter
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        yield
+      ensure
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context)
+      end
     end
   end

data/lib/newrelic_security/instrumentation-security/sinatra/prepend.rb CHANGED Viewed

@@ -14,6 +14,10 @@ module NewRelic::Security
           def route_eval
             route_eval_on_enter { super }
           end
+          def dispatch!
+            dispatch_on_enter { super }
+          end
         end
       end
     end

data/lib/newrelic_security/instrumentation-security/sqlite3/instrumentation.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module NewRelic::Security
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
         hash = {}
         hash[:sql] = sql
-        hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.map(&:to_s)
+        hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.flatten
         hash[:parameters] = hash[:parameters] + args.map(&:to_s) unless args.empty?
         event = NewRelic::Security::Agent::Control::Collector.collect(SQL_DB_COMMAND, [hash], SQLITE) unless NewRelic::Security::Instrumentation::InstrumentationUtils.sql_filter_events?(hash[:sql])
       rescue => exception
@@ -34,7 +34,7 @@ module NewRelic::Security
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
         hash = {}
         hash[:sql] = sql
-        hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.map(&:to_s)
+        hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.flatten
         hash[:parameters] = hash[:parameters] + args unless args.empty?
         event = NewRelic::Security::Agent::Control::Collector.collect(SQL_DB_COMMAND, [hash], SQLITE) unless NewRelic::Security::Instrumentation::InstrumentationUtils.sql_filter_events?(hash[:sql])
       rescue => exception
@@ -102,7 +102,7 @@ module NewRelic::Security
       def bind_params_on_enter(*bind_vars)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id][:parameters] = bind_vars.map(&:to_s) if NewRelic::Security::Agent::Control::HTTPContext.get_context && NewRelic::Security::Agent::Control::HTTPContext.get_context.cache.key?(self.object_id)
+        NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id][:parameters] = bind_vars.flatten if NewRelic::Security::Agent::Control::HTTPContext.get_context && NewRelic::Security::Agent::Control::HTTPContext.get_context.cache.key?(self.object_id)
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
       ensure
@@ -129,7 +129,7 @@ module NewRelic::Security
           else
             hash = {}
             hash[:sql] = NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[key][:sql]
-            hash[:parameters] = bind_vars.map(&:to_s)
+            hash[:parameters] = bind_vars.flatten
             ic_args.push(hash)
           end
         end

data/lib/newrelic_security/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module NewRelic
   module Security
-    VERSION = "0.1.0"
+    VERSION = "0.2.0"
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: newrelic_security
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Prateek Sen
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-07-29 00:00:00.000000000 Z
+date: 2024-10-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: newrelic_rpm
@@ -151,10 +151,12 @@ files:
 - lib/newrelic_security/agent/configuration/server_source.rb
 - lib/newrelic_security/agent/configuration/yaml_source.rb
 - lib/newrelic_security/agent/control/app_info.rb
+- lib/newrelic_security/agent/control/application_runtime_error.rb
 - lib/newrelic_security/agent/control/application_url_mappings.rb
 - lib/newrelic_security/agent/control/collector.rb
 - lib/newrelic_security/agent/control/control_command.rb
 - lib/newrelic_security/agent/control/critical_message.rb
+- lib/newrelic_security/agent/control/error_reporting.rb
 - lib/newrelic_security/agent/control/event.rb
 - lib/newrelic_security/agent/control/event_counter.rb
 - lib/newrelic_security/agent/control/event_processor.rb