newrelic_security 0.1.0 → 0.3.0

data/lib/newrelic_security/instrumentation-security/roda/instrumentation.rb

@@ -8,11 +8,12 @@ module NewRelic::Security
       def _roda_handle_main_route_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:roda) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)
         ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context
-        ctxt.route = "#{env[REQUEST_METHOD].to_s}@#{env[PATH_INFO].to_s}" if ctxt
+        ctxt.route = "#{env[REQUEST_METHOD]}@#{env[PATH_INFO]}" if ctxt
         NewRelic::Security::Agent::Utils.parse_fuzz_header(NewRelic::Security::Agent::Control::HTTPContext.get_context)
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
@@ -26,6 +27,7 @@ module NewRelic::Security
         # NewRelic::Security::Agent.logger.debug "\n\nHTTP Context : #{::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data).inspect}\n\n"
         NewRelic::Security::Agent::Control::ReflectedXSS.check_xss(NewRelic::Security::Agent::Control::HTTPContext.get_context, retval) if NewRelic::Security::Agent.config[:'security.detection.rxss.enabled']
         NewRelic::Security::Agent::Utils.delete_created_files(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, retval[0])
         NewRelic::Security::Agent::Control::HTTPContext.reset_context
         NewRelic::Security::Agent.logger.debug "Exit event : #{event}"
       rescue => exception

data/lib/newrelic_security/instrumentation-security/roda/prepend.rb

@@ -6,7 +6,13 @@ module NewRelic::Security
 
         def _roda_handle_main_route(*args)
           retval = nil
-          event = _roda_handle_main_route_on_enter(self.env) { retval = super }
+          event = _roda_handle_main_route_on_enter(env) do
+            begin
+              retval = super
+            ensure
+              NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, nil)
+            end
+          end
           _roda_handle_main_route_on_exit(event, retval) { return retval }
         end
         

data/lib/newrelic_security/instrumentation-security/sinatra/chain.rb

@@ -20,6 +20,12 @@ module NewRelic::Security
               def route_eval(&block)
                 route_eval_on_enter { route_eval_without_security(&block) }
               end
+
+              alias_method :dispatch_without_security, :dispatch!
+
+              def dispatch!
+                dispatch_on_enter { dispatch_without_security }
+              end
             end
           end
         end

data/lib/newrelic_security/instrumentation-security/sinatra/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def call_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:sinatra) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)
@@ -24,6 +25,7 @@ module NewRelic::Security
         # NewRelic::Security::Agent.logger.debug "\n\nHTTP Context : #{::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data).inspect}\n\n"
         NewRelic::Security::Agent::Control::ReflectedXSS.check_xss(NewRelic::Security::Agent::Control::HTTPContext.get_context, retval) if NewRelic::Security::Agent.config[:'security.detection.rxss.enabled']
         NewRelic::Security::Agent::Utils.delete_created_files(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, retval[0])
         NewRelic::Security::Agent::Control::HTTPContext.reset_context
         NewRelic::Security::Agent.logger.debug "Exit event : #{event}"
       rescue => exception
@@ -41,6 +43,13 @@ module NewRelic::Security
       ensure
         yield
       end
+
+      def dispatch_on_enter
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        yield
+      ensure
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context)
+      end
             
     end
   end

data/lib/newrelic_security/instrumentation-security/sinatra/prepend.rb

@@ -14,6 +14,10 @@ module NewRelic::Security
           def route_eval
             route_eval_on_enter { super }
           end
+
+          def dispatch!
+            dispatch_on_enter { super }
+          end
         end
       end
     end

data/lib/newrelic_security/instrumentation-security/sqlite3/instrumentation.rb

@@ -10,7 +10,7 @@ module NewRelic::Security
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
         hash = {}
         hash[:sql] = sql
-        hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.map(&:to_s)
+        hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.flatten
         hash[:parameters] = hash[:parameters] + args.map(&:to_s) unless args.empty?
         event = NewRelic::Security::Agent::Control::Collector.collect(SQL_DB_COMMAND, [hash], SQLITE) unless NewRelic::Security::Instrumentation::InstrumentationUtils.sql_filter_events?(hash[:sql])
       rescue => exception
@@ -34,7 +34,7 @@ module NewRelic::Security
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
         hash = {}
         hash[:sql] = sql
-        hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.map(&:to_s)
+        hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.flatten
         hash[:parameters] = hash[:parameters] + args unless args.empty?
         event = NewRelic::Security::Agent::Control::Collector.collect(SQL_DB_COMMAND, [hash], SQLITE) unless NewRelic::Security::Instrumentation::InstrumentationUtils.sql_filter_events?(hash[:sql])
       rescue => exception
@@ -102,7 +102,7 @@ module NewRelic::Security
       def bind_params_on_enter(*bind_vars)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id][:parameters] = bind_vars.map(&:to_s) if NewRelic::Security::Agent::Control::HTTPContext.get_context && NewRelic::Security::Agent::Control::HTTPContext.get_context.cache.key?(self.object_id)
+        NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id][:parameters] = bind_vars.flatten if NewRelic::Security::Agent::Control::HTTPContext.get_context && NewRelic::Security::Agent::Control::HTTPContext.get_context.cache.key?(self.object_id)
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
       ensure
@@ -129,7 +129,7 @@ module NewRelic::Security
           else
             hash = {}
             hash[:sql] = NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[key][:sql]
-            hash[:parameters] = bind_vars.map(&:to_s)
+            hash[:parameters] = bind_vars.flatten
             ic_args.push(hash)
           end
         end

data/lib/newrelic_security/newrelic-security-api/api.rb

@@ -14,7 +14,7 @@ module NewRelic::Security
     # @api public
     # 
     def is_security_active?
-      NewRelic::Security::Agent.config[:'agent.enabled'] && NewRelic::Security::Agent.config[:enabled]
+      NewRelic::Security::Agent.config[:'agent.enabled'] && NewRelic::Security::Agent.config[:'security.enabled'] && NewRelic::Security::Agent.config[:enabled]
     end
 
     #

data/lib/newrelic_security/parse-cron/cron_parser.rb

@@ -0,0 +1,294 @@
+require 'set'
+require 'date'
+
+module NewRelic::Security
+  module ParseCron
+
+    # Parses cron expressions and computes the next occurence of the "job"
+    class CronParser
+      # internal "mutable" time representation
+      class InternalTime
+        attr_accessor :year, :month, :day, :hour, :min, :time_source
+
+        def initialize(time, time_source = Time)
+          @year = time.year
+          @month = time.month
+          @day = time.day
+          @hour = time.hour
+          @min = time.min
+
+          @time_source = time_source
+        end
+
+        def to_time
+          time_source.local(@year, @month, @day, @hour, @min, 0)
+        end
+
+        def inspect
+          [year, month, day, hour, min].inspect
+        end
+      end
+
+      SYMBOLS = {
+        "jan" => "1",
+        "feb" => "2",
+        "mar" => "3",
+        "apr" => "4",
+        "may" => "5",
+        "jun" => "6",
+        "jul" => "7",
+        "aug" => "8",
+        "sep" => "9",
+        "oct" => "10",
+        "nov" => "11",
+        "dec" => "12",
+
+        "sun" => "0",
+        "mon" => "1",
+        "tue" => "2",
+        "wed" => "3",
+        "thu" => "4",
+        "fri" => "5",
+        "sat" => "6"
+      }
+
+      def initialize(source, time_source = Time)
+        @source = interpret_vixieisms(source)
+        @time_source = time_source
+        validate_source
+      end
+
+      def interpret_vixieisms(spec)
+        case spec
+        when '@reboot'
+          raise ArgumentError, "Can't predict last/next run of @reboot"
+        when '@yearly', '@annually'
+          '0 0 1 1 *'
+        when '@monthly'
+          '0 0 1 * *'
+        when '@weekly'
+          '0 0 * * 0'
+        when '@daily', '@midnight'
+          '0 0 * * *'
+        when '@hourly'
+          '0 * * * *'
+        else
+          spec
+        end
+      end
+
+      # returns the next occurence after the given date
+      def next(now = @time_source.now, num = 1)
+        t = InternalTime.new(now, @time_source)
+
+        unless time_specs[:month][0].include?(t.month)
+          nudge_month(t)
+          t.day = 0
+        end
+
+        unless interpolate_weekdays(t.year, t.month)[0].include?(t.day)
+          nudge_date(t)
+          t.hour = -1
+        end
+
+        unless time_specs[:hour][0].include?(t.hour)
+          nudge_hour(t)
+          t.min = -1
+        end
+
+        # always nudge the minute
+        nudge_minute(t)
+        t = t.to_time
+        if num > 1
+          recursive_calculate(:next, t, num)
+        else
+          t
+        end
+      end
+
+      # returns the last occurence before the given date
+      def last(now = @time_source.now, num = 1)
+        t = InternalTime.new(now, @time_source)
+
+        unless time_specs[:month][0].include?(t.month)
+          nudge_month(t, :last)
+          t.day = 32
+        end
+
+        if t.day == 32 || !interpolate_weekdays(t.year, t.month)[0].include?(t.day)
+          nudge_date(t, :last)
+          t.hour = 24
+        end
+
+        unless time_specs[:hour][0].include?(t.hour)
+          nudge_hour(t, :last)
+          t.min = 60
+        end
+
+        # always nudge the minute
+        nudge_minute(t, :last)
+        t = t.to_time
+        if num > 1
+          recursive_calculate(:last, t, num)
+        else
+          t
+        end
+      end
+
+      SUBELEMENT_REGEX = %r{^(\d+)(-(\d+)(/(\d+))?)?$}
+      def parse_element(elem, allowed_range)
+        values = elem.split(',').map do |subel|
+          if subel =~ /^\*/
+            step = subel.length > 1 ? subel[2..-1].to_i : 1
+            stepped_range(allowed_range, step)
+          else
+            raise ArgumentError, "Bad Vixie-style specification #{subel}" unless SUBELEMENT_REGEX === subel
+            if ::Regexp.last_match(5) # with range
+              stepped_range(::Regexp.last_match(1).to_i..::Regexp.last_match(3).to_i, ::Regexp.last_match(5).to_i)
+            elsif ::Regexp.last_match(3) # range without step
+              stepped_range(::Regexp.last_match(1).to_i..::Regexp.last_match(3).to_i, 1)
+            else # just a numeric
+              [::Regexp.last_match(1).to_i]
+            end
+            
+              
+            
+          end
+        end.flatten.sort
+
+        [Set.new(values), values, elem]
+      end
+
+      protected
+
+      def recursive_calculate(meth, time, num)
+        array = [time]
+        num.-(1).times do |_num|
+          array << send(meth, array.last)
+        end
+        array
+      end
+
+      # returns a list of days which do both match time_spec[:dom] or time_spec[:dow]
+      def interpolate_weekdays(year, month)
+        @_interpolate_weekdays_cache ||= {}
+        @_interpolate_weekdays_cache["#{year}-#{month}"] ||= interpolate_weekdays_without_cache(year, month)
+      end
+
+      def interpolate_weekdays_without_cache(year, month)
+        t = Date.new(year, month, 1)
+        valid_mday, _, mday_field = time_specs[:dom]
+        valid_wday, _, wday_field = time_specs[:dow]
+
+        # Careful, if both DOW and DOM fields are non-wildcard,
+        # then we only need to match *one* for cron to run the job:
+        unless mday_field == '*' and wday_field == '*'
+          valid_mday = [] if mday_field == '*'
+          valid_wday = [] if wday_field == '*'
+        end
+        # Careful: crontabs may use either 0 or 7 for Sunday:
+        valid_wday << 0 if valid_wday.include?(7)
+
+        result = []
+        while t.month == month
+          result << t.mday if valid_mday.include?(t.mday) || valid_wday.include?(t.wday)
+          t = t.succ
+        end
+
+        [Set.new(result), result]
+      end
+
+      def nudge_year(t, dir = :next)
+        t.year = t.year + (dir == :next ? 1 : -1)
+      end
+
+      def nudge_month(t, dir = :next)
+        spec = time_specs[:month][1]
+        next_value = find_best_next(t.month, spec, dir)
+        t.month = next_value || (dir == :next ? spec.first : spec.last)
+
+        nudge_year(t, dir) if next_value.nil?
+
+        # we changed the month, so its likely that the date is incorrect now
+        valid_days = interpolate_weekdays(t.year, t.month)[1]
+        t.day = dir == :next ? valid_days.first : valid_days.last
+      end
+
+      def date_valid?(t, _dir = :next)
+        interpolate_weekdays(t.year, t.month)[0].include?(t.day)
+      end
+
+      def nudge_date(t, dir = :next, can_nudge_month = true)
+        spec = interpolate_weekdays(t.year, t.month)[1]
+        next_value = find_best_next(t.day, spec, dir)
+        t.day = next_value || (dir == :next ? spec.first : spec.last)
+
+        nudge_month(t, dir) if next_value.nil? && can_nudge_month
+      end
+
+      def nudge_hour(t, dir = :next)
+        spec = time_specs[:hour][1]
+        next_value = find_best_next(t.hour, spec, dir)
+        t.hour = next_value || (dir == :next ? spec.first : spec.last)
+
+        nudge_date(t, dir) if next_value.nil?
+      end
+
+      def nudge_minute(t, dir = :next)
+        spec = time_specs[:minute][1]
+        next_value = find_best_next(t.min, spec, dir)
+        t.min = next_value || (dir == :next ? spec.first : spec.last)
+
+        nudge_hour(t, dir) if next_value.nil?
+      end
+
+      def time_specs
+        @time_specs ||= begin
+          # tokens now contains the 5 fields
+          tokens = substitute_parse_symbols(@source).split(/\s+/)
+          {
+            :minute => parse_element(tokens[0], 0..59), #minute
+            :hour => parse_element(tokens[1], 0..23), #hour
+            :dom => parse_element(tokens[2], 1..31), #DOM
+            :month => parse_element(tokens[3], 1..12), #mon
+            :dow => parse_element(tokens[4], 0..6) #DOW
+          }
+        end
+      end
+
+      def substitute_parse_symbols(str)
+        SYMBOLS.inject(str.downcase) do |s, (symbol, replacement)|
+          s.gsub(symbol, replacement)
+        end
+      end
+
+      def stepped_range(rng, step = 1)
+        len = rng.last - rng.first
+
+        num = len.div(step)
+        result = (0..num).map { |i| rng.first + (step * i) }
+
+        result.pop if result[-1] == rng.last and rng.exclude_end?
+        result
+      end
+
+      # returns the smallest element from allowed which is greater than current
+      # returns nil if no matching value was found
+      def find_best_next(current, allowed, dir)
+        if dir == :next
+          allowed.sort.find { |val| val > current }
+        else
+          allowed.sort.reverse.find { |val| val < current }
+        end
+      end
+
+      def validate_source
+        raise ArgumentError, 'not a valid cronline' unless @source.respond_to?(:split)
+        source_length = @source.split(/\s+/).length
+        return if source_length >= 5 && source_length <= 6
+        raise ArgumentError, 'not a valid cronline'
+        
+      end
+    end
+  end
+end

data/lib/newrelic_security/version.rb

@@ -1,5 +1,5 @@
 module NewRelic
   module Security
-    VERSION = "0.1.0"
+    VERSION = "0.3.0"
   end
 end

data/newrelic_security.gemspec

@@ -39,7 +39,7 @@ Gem::Specification.new do |spec|
   ]
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'newrelic_rpm', '>= 9.12.0'
+  spec.add_dependency 'newrelic_rpm', '>= 9.16.0'
 
   spec.add_development_dependency 'minitest', "#{RUBY_VERSION >= '2.7.0' ? '~> 5.18' : '4.7.5'}"
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: newrelic_security
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Prateek Sen
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2024-07-29 00:00:00.000000000 Z
+date: 2024-11-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: newrelic_rpm
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 9.12.0
+        version: 9.16.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 9.12.0
+        version: 9.16.0
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -151,10 +151,12 @@ files:
 - lib/newrelic_security/agent/configuration/server_source.rb
 - lib/newrelic_security/agent/configuration/yaml_source.rb
 - lib/newrelic_security/agent/control/app_info.rb
+- lib/newrelic_security/agent/control/application_runtime_error.rb
 - lib/newrelic_security/agent/control/application_url_mappings.rb
 - lib/newrelic_security/agent/control/collector.rb
 - lib/newrelic_security/agent/control/control_command.rb
 - lib/newrelic_security/agent/control/critical_message.rb
+- lib/newrelic_security/agent/control/error_reporting.rb
 - lib/newrelic_security/agent/control/event.rb
 - lib/newrelic_security/agent/control/event_counter.rb
 - lib/newrelic_security/agent/control/event_processor.rb
@@ -168,6 +170,7 @@ files:
 - lib/newrelic_security/agent/control/iast_client.rb
 - lib/newrelic_security/agent/control/iast_data_transfer_request.rb
 - lib/newrelic_security/agent/control/reflected_xss.rb
+- lib/newrelic_security/agent/control/scan_scheduler.rb
 - lib/newrelic_security/agent/control/websocket_client.rb
 - lib/newrelic_security/agent/logging/init_logger.rb
 - lib/newrelic_security/agent/logging/logger.rb
@@ -268,6 +271,7 @@ files:
 - lib/newrelic_security/instrumentation-security/sqlite3/instrumentation.rb
 - lib/newrelic_security/instrumentation-security/sqlite3/prepend.rb
 - lib/newrelic_security/newrelic-security-api/api.rb
+- lib/newrelic_security/parse-cron/cron_parser.rb
 - lib/newrelic_security/version.rb
 - lib/newrelic_security/websocket-client-simple/client.rb
 - lib/newrelic_security/websocket-client-simple/event_emitter.rb