sqreen-alt 1.11.0 → 1.11.1

data/lib/sqreen/performance_notifications.rb

@@ -15,22 +15,13 @@ module Sqreen
   #
   module PerformanceNotifications
     @subscriptions_all = {}
-    @subscriptions_regexp = {}
-    @subscriptions_val = Hash.new { |h, k| h[k] = [] }
     @subscription_id = 0
     class << self
       # Subsribe to receive notificiations about an event
       # returns a subscription indentitifcation
-      def subscribe(pattern = nil, &block)
+      def subscribe(&block)
         id = (@subscription_id += 1)
-        case pattern
-        when NilClass
-          @subscriptions_all[id] = block
-        when Regexp
-          @subscriptions_regexp[id] = [pattern, block]
-        else
-          @subscriptions_val[pattern].push([id, block])
-        end
+        @subscriptions_all[id] = block
         id
       end
 
@@ -44,22 +35,20 @@ module Sqreen
         end
       end
 
-      # Is there a subscriber for this key
-      def listen_for?(key)
-        return true unless @subscriptions_all.empty?
-        return true if @subscriptions_val.key?(key)
-        @subscriptions_regexp.values.any? { |r| r.first.match(key) }
+      # Is there a subscriber
+      def listen_for?
+        !@subscriptions_all.empty?
       end
 
       # Instrument a call identified by key
       def instrument(key, meta = {}, &block)
-        return yield unless listen_for?(key)
+        return yield unless listen_for?
         _instrument(key, meta, &block)
       end
 
       def notify(key, start, stop, meta = {})
-        return unless listen_for?(key)
-        notifiers_for(key).each do |callable|
+        return unless listen_for?
+        notifiers.each do |callable|
           callable.call(key, start, stop, meta)
         end
       end
@@ -67,33 +56,18 @@ module Sqreen
       # Unsubscrube for a given subscription
       def unsubscribe(subscription)
         return unless @subscriptions_all.delete(subscription).nil?
-        return unless @subscriptions_regexp.delete(subscription).nil?
-        @subscriptions_val.delete_if do |_, v|
-          v.delete_if { |r| r.first == subscription }
-          v.empty?
-        end
       end
 
       # Unsubscribe from everything
       # not threadsafe
       def unsubscribe_all!
         @subscriptions_all.clear
-        @subscriptions_regexp.clear
-        @subscriptions_val.clear
       end
 
       private
 
-      def notifiers_for(key)
-        reg = @subscriptions_regexp.values.map do |r|
-          r.first.match(key) && r.last
-        end
-        reg.compact!
-        str = []
-        if @subscriptions_val.key?(key)
-          str = @subscriptions_val[key].map(&:last)
-        end
-        @subscriptions_all.values + str + reg
+      def notifiers
+        @subscriptions_all.values
       end
 
       if SQREEN_MONO_TIME

data/lib/sqreen/performance_notifications/log.rb

@@ -21,8 +21,7 @@ module Sqreen
         def enable(facility = nil)
           return unless @subid.nil?
           @facility = facility
-          @subid = Sqreen::PerformanceNotifications.subscribe(nil,
-                                                              &method(:log))
+          @subid = Sqreen::PerformanceNotifications.subscribe(&method(:log))
         end
 
         def disable

data/lib/sqreen/performance_notifications/log_performance.rb

@@ -55,8 +55,7 @@ module Sqreen
         def enable(facility = nil)
           return unless @subid.nil?
           @facility = facility
-          @subid = Sqreen::PerformanceNotifications.subscribe(nil,
-                                                              &method(:log))
+          @subid = Sqreen::PerformanceNotifications.subscribe(&method(:log))
         end
 
         def disable

data/lib/sqreen/performance_notifications/metrics.rb

@@ -21,8 +21,7 @@ module Sqreen
           metrics_engine.create_metric('name' => EVENT_CAT,
                                        'period' => period,
                                        'kind' => 'Average')
-          @subid = Sqreen::PerformanceNotifications.subscribe(nil,
-                                                              &method(:log))
+          @subid = Sqreen::PerformanceNotifications.subscribe(&method(:log))
         end
 
         def disable

data/lib/sqreen/performance_notifications/newrelic.rb

@@ -76,8 +76,7 @@ module Sqreen
           return unless level > 0
           @level = level
           Sqreen.log.debug('Enabling New Relic reporting')
-          @subid = Sqreen::PerformanceNotifications.subscribe(nil,
-                                                              &method(:log))
+          @subid = Sqreen::PerformanceNotifications.subscribe(&method(:log))
         end
 
         def disable

data/lib/sqreen/remote_command.rb

@@ -30,7 +30,7 @@ module Sqreen
     def process(runner, context_infos = {})
       failing = validate_command(runner)
       return failing if failing
-      Sqreen.log.debug format('processing command %s', @name)
+      Sqreen.log.debug { format('processing command %s', @name) }
       begin
         output = runner.send(KNOWN_COMMANDS[@name], *@params, context_infos)
       rescue => e
@@ -46,14 +46,14 @@ module Sqreen
       return res_list unless commands
 
       unless commands.is_a? Array
-        Sqreen.log.debug format('Wrong commands type %s', commands.class)
-        Sqreen.log.debug commands.inspect
+        Sqreen.log.debug { format('Wrong commands type %s', commands.class) }
+        Sqreen.log.debug { commands.inspect }
         return res_list
       end
       commands.each do |cmd_json|
-        Sqreen.log.debug cmd_json
+        Sqreen.log.debug { cmd_json }
         cmd = RemoteCommand.new(cmd_json)
-        Sqreen.log.debug cmd.inspect
+        Sqreen.log.debug { cmd.inspect }
         uuid = cmd.uuid
         res_list[uuid] = cmd.process(runner, context_infos)
       end
@@ -71,12 +71,12 @@ module Sqreen
     def validate_command(runner)
       unless KNOWN_COMMANDS.include?(@name)
         msg = format("unknown command name '%s'", @name)
-        Sqreen.log.debug msg
+        Sqreen.log.debug { msg }
         return { :status => false, :reason => msg }
       end
       return nil if runner.respond_to?(KNOWN_COMMANDS[@name])
       msg = format("not implemented '%s'", @name)
-      Sqreen.log.debug msg
+      Sqreen.log.debug { msg }
       { :status => false, :reason => msg }
     end
 

data/lib/sqreen/rule_callback.rb

@@ -35,6 +35,7 @@ module Sqreen
         @data = rule_hash[Attrs::DATA]
         @rule = rule_hash
         @payload_tpl = @rule[Attrs::PAYLOAD] || DEFAULT_PAYLOAD
+        @overtimeable = true
         condition_callbacks(@rule[Attrs::CONDITIONS])
         count_callback_calls(@rule[Attrs::CALL_COUNT_INTERVAL])
       end
@@ -48,6 +49,8 @@ module Sqreen
       end
 
       def whitelisted?
+        whitelisted = SharedStorage.get(:whitelisted)
+        return whitelisted unless whitelisted.nil?
         framework && !framework.whitelisted_match.nil?
       end
 
@@ -105,6 +108,7 @@ module Sqreen
       end
 
       def overtime!
+        return false unless @overtimeable
         Sqreen.log.debug { "rulecb #{self} is overtime!" }
         return true if framework.nil? || !framework.mark_request_overtime!
         record_observation(

data/lib/sqreen/rules.rb

@@ -83,7 +83,7 @@ module Sqreen
       end
 
       if cb_class.nil?
-        Sqreen.log.debug "Cannot setup #{cbname.inspect} [#{rule_name}]"
+        Sqreen.log.debug { "Cannot setup #{cbname.inspect} [#{rule_name}]" }
         return nil
       end
 
@@ -110,7 +110,7 @@ module Sqreen
         'exception' => e,
         'rulespack_id' => rulespack_id,
         'rule_name' => rule_name)
-      Sqreen.log.debug("Creating cb from rule #{rule_name} failed (#{e.inspect})")
+      Sqreen.log.debug { "Creating cb from rule #{rule_name} failed (#{e.inspect})" }
       nil
     end
 

data/lib/sqreen/rules_callbacks/binding_accessor_matcher.rb

@@ -47,7 +47,10 @@ module Sqreen
         end
       end
 
-      def pre(inst, *args, &_block)
+      def pre(inst, args, budget = nil, &_block)
+        unless budget.nil?
+          finish = budget + Sqreen::PerformanceNotifications.time.to_f
+        end
         resol_cache = Hash.new do |hash, accessor|
           hash[accessor] = accessor.resolve(binding, framework, inst, args)
         end
@@ -58,6 +61,9 @@ module Sqreen
             next unless val.respond_to?(:each)
             next if val.respond_to?(:seek)
             val.each do |v|
+              if !budget.nil? && Sqreen::PerformanceNotifications.time.to_f > finish
+                return nil
+              end
               next if !v.is_a?(String) || (!matcher.min_size.nil? && v.size < matcher.min_size)
               next if v.size > MAX_LENGTH
               next if matcher.match(v).nil?

data/lib/sqreen/rules_callbacks/binding_accessor_metrics.rb

@@ -38,19 +38,19 @@ module Sqreen
         @expr[FAILING_CB]
       end
 
-      def pre(inst, *args, &_block)
+      def pre(inst, args, _budget = nil, &_block)
         return unless pre?
 
         add_metrics(PRE_CB, inst, args)
       end
 
-      def post(rv, inst, *args, &_block)
+      def post(rv, inst, args, _budget = nil, &_block)
         return unless post?
 
         add_metrics(POST_CB, inst, args, rv)
       end
 
-      def failing(exception, inst, *args, &_block)
+      def failing(exception, inst, args, _budget = nil, &_block)
         return unless failing?
 
         add_metrics(FAILING_CB, inst, args, exception)

data/lib/sqreen/rules_callbacks/blacklist_ips.rb

@@ -15,7 +15,7 @@ module Sqreen
         raise ArgumentError.new("no ips given") if @ips.empty?
       end
 
-      def pre(_inst, *_args, &_block)
+      def pre(_inst, _args, _budget = nil, &_block)
         return unless framework
         ip = framework.client_ip
         return unless ip

data/lib/sqreen/rules_callbacks/count_http_codes.rb

@@ -10,15 +10,16 @@ module Sqreen
     # Save request context for handling further down
     class CountHTTPCodes < RuleCB
       METRIC_CATEGORY = 'http_code'.freeze
-      def post(rv, _inst, *_args, &_block)
+      def initialize(*args)
+        super(*args)
+        @overtimeable = false
+      end
+
+      def post(rv, _inst, _args, _budget = nil, &_block)
         return unless rv.is_a?(Array) && !rv.empty?
         record_observation(METRIC_CATEGORY, rv[0], 1)
         advise_action(nil)
       end
-
-      def overtime!
-        false
-      end
     end
 
     # Count 1 for each things located by the binding accessor
@@ -31,7 +32,7 @@ module Sqreen
         @metric_category = rule_hash[Attrs::METRICS].first['name']
       end
 
-      def post(rv, inst, *args, &_block)
+      def post(rv, inst, args, _budget = nil, &_block)
         return unless rv.is_a?(Array) && !rv.empty?
         key = @accessors.map do |accessor|
           accessor.resolve(binding, framework, inst, args, @data, rv)

data/lib/sqreen/rules_callbacks/crawler_user_agent_matches.rb

@@ -9,7 +9,7 @@ module Sqreen
     # FIXME: Factor with UserAgentMatchesCB
     # Look for crawlers
     class CrawlerUserAgentMatchesCB < MatcherRuleCB
-      def pre(_inst, *_args, &_block)
+      def pre(_inst, _args, _budget = nil, &_block)
         ua = framework.client_user_agent
         return unless ua
         found = match(ua)

data/lib/sqreen/rules_callbacks/crawler_user_agent_matches_metrics.rb

@@ -10,7 +10,7 @@ module Sqreen
     class CrawlerUserAgentMatchesMetricsCB < MatcherRuleCB
       CRAWLER_CATEGORY = 'crawler'.freeze
 
-      def pre(_inst, *_args, &_block)
+      def pre(_inst, _args, _budget = nil, &_block)
         ua = framework.client_user_agent
         return unless ua
         found = match(ua)

data/lib/sqreen/rules_callbacks/custom_error.rb

@@ -17,6 +17,7 @@ module Sqreen
           raise Sqreen::Exception, 'No data'
         end
         configure_custom_error(@data['values'][0])
+        @overtimeable = false
       end
 
       def configure_custom_error(custom_error)
@@ -31,7 +32,7 @@ module Sqreen
         end
       end
 
-      def failing(except, _inst, *_args, &_block)
+      def failing(except, _inst, _args, _budget = nil, &_block)
         oexcept = nil
         if except.respond_to?(:original_exception)
           oexcept = except.original_exception
@@ -59,10 +60,6 @@ module Sqreen
         }
         [@status_code, headers, page]
       end
-
-      def overtime!
-        false
-      end
     end
   end
 end

data/lib/sqreen/rules_callbacks/execjs.rb

@@ -8,7 +8,7 @@ else
   begin
     require 'mini_racer'
     SQREEN_MINI_RACER = true
-    GC_MINI_RACER = 10000
+    GC_MINI_RACER = 10_000
   rescue LoadError
     require 'therubyracer'
     SQREEN_MINI_RACER = false
@@ -25,10 +25,43 @@ require 'sqreen/binding_accessor'
 require 'sqreen/events/remote_exception'
 
 module Sqreen
+  if SQREEN_MINI_RACER
+    # Context specialized for Sqreen usage
+    class SqreenContext < MiniRacer::Context
+      def eval_unsafe(str, filename = nil, timeoutv = nil)
+        # Beware, timeout could be kept in the context
+        # if perf cap is removed after having been activated
+        # As it's unused by execjscb we are not cleaning it
+        return super(str, filename) if timeoutv.nil?
+        return if timeoutv <= 0.0
+        timeoutv *= 1000 # Timeout are currently expressed in seconds
+        @timeout = timeoutv
+        @eval_thread = Thread.current
+        timeout do
+          super(str, filename)
+        end
+      end
+    end
+
+    # Weak ref to a context
+    # enables us to skip a method missing call
+    class WeakCtx < WeakRef
+      def initialize(*args)
+        super(*args)
+      end
+
+      def eval_unsafe(str, filename, timeoutv)
+        __getobj__.eval_unsafe(str, filename, timeoutv)
+      end
+    end
+  end
   module Rules
     # Exec js callbacks
     class ExecJSCB < RuleCB
       attr_accessor :restrict_max_depth
+      attr_reader :runtimes
+      attr_accessor :recycle_runtime_every
+
       def initialize(klass, method, rule_hash)
         super(klass, method, rule_hash)
         callbacks = @rule[Attrs::CALLBACKS]
@@ -41,13 +74,15 @@ module Sqreen
         end
 
         build_runnable(callbacks)
-        if !SQREEN_MINI_RACER
+        @restrict_max_depth = 20
+        unless SQREEN_MINI_RACER
           @compiled = ExecJS.compile(@source)
-        else
-          @snapshot = MiniRacer::Snapshot.new(@source)
-          @runtimes = []
+          return
         end
-        @restrict_max_depth = 20
+        @recycle_runtime_every = GC_MINI_RACER
+        @snapshot = MiniRacer::Snapshot.new(@source)
+        @runtimes = []
+        @key = "SQREEN_MINI_RACER_CONTEXT_#{object_id}".freeze
       end
 
       def pre?
@@ -62,22 +97,22 @@ module Sqreen
         @js_failing
       end
 
-      def pre(inst, *args, &_block)
+      def pre(inst, args, budget = nil, &_block)
         return unless pre?
 
-        call_callback('pre', inst, args)
+        call_callback('pre', inst, budget, args)
       end
 
-      def post(rv, inst, *args, &_block)
+      def post(rv, inst, args, budget = nil, &_block)
         return unless post?
 
-        call_callback('post', inst, args, rv)
+        call_callback('post', inst, budget, args, rv)
       end
 
-      def failing(rv, inst, *args, &_block)
+      def failing(rv, inst, args, budget = nil, &_block)
         return unless failing?
 
-        call_callback('failing', inst, args, rv)
+        call_callback('failing', inst, budget, args, rv)
       end
 
       def self.hash_val_included(needed, haystack, min_length = 8, max_depth = 20)
@@ -86,7 +121,7 @@ module Sqreen
         to_do = haystack.map { |k, v| [new_obj, k, v, 0] }
         until to_do.empty?
           where, key, value, deepness = to_do.pop
-          safe_key = key.kind_of?(Integer) ? key : key.to_s
+          safe_key = key.is_a?(Integer) ? key : key.to_s
           if value.is_a?(Hash) && deepness < max_depth
             val = {}
             insert << [where, safe_key, val]
@@ -126,12 +161,12 @@ module Sqreen
       def record_and_continue?(ret)
         case ret
         when NilClass
-          return false
+          false
         when Hash
           ret.keys.each do |k|
             ret[(begin
                                      k.to_sym
-                                   rescue
+                                   rescue StandardError
                                      k
                                    end)] = ret[k] end
           record_event(ret[:record]) unless ret[:record].nil?
@@ -141,15 +176,17 @@ module Sqreen
               record_observation(*obs)
             end
           end
-          return !ret[:call].nil?
+          !ret[:call].nil?
         else
           raise Sqreen::Exception, "Invalid return type #{ret.inspect}"
         end
       end
 
       def push_runtime(runtime)
-        @runtimes.delete_if do |th, _runt|
-          th.nil? || !th.weakref_alive? || !th.alive?
+        @runtimes.delete_if do |th, runt, _thid|
+          del = th.nil? || !th.weakref_alive? || !th.alive?
+          runt.dispose if del
+          del
         end
         @runtimes.push [WeakRef.new(Thread.current), runtime, Thread.current.object_id]
       end
@@ -159,39 +196,41 @@ module Sqreen
         runtime.dispose
       end
 
-      def call_callback(name, inst, args, rv = nil)
+      def call_callback(name, inst, budget, args, rv = nil)
+        mini_racer_context = nil
         if SQREEN_MINI_RACER
-          mini_racer_context = Thread.current["SQREEN_MINI_RACER_CONTEXT_#{object_id}"]
-          if mini_racer_context.nil? || mini_racer_context[:r].nil? || !mini_racer_context[:r].weakref_alive?
-            new_runtime = MiniRacer::Context.new(:snapshot => @snapshot)
-            push_runtime new_runtime
-            Thread.current["SQREEN_MINI_RACER_CONTEXT_#{object_id}"] = {
-              :c => 0,
-              :r => WeakRef.new(new_runtime),
-            }
-          elsif mini_racer_context[:c] >= GC_MINI_RACER
+          mini_racer_context = Thread.current[@key]
+          dead_runtime = !mini_racer_context || !mini_racer_context[:r] || !mini_racer_context[:r].weakref_alive?
+          if !dead_runtime && mini_racer_context[:c] >= @recycle_runtime_every
             dispose_runtime(mini_racer_context[:r])
-            new_runtime = MiniRacer::Context.new(:snapshot => @snapshot)
+            dead_runtime = true
+          end
+          if dead_runtime
+            new_runtime = SqreenContext.new(:snapshot => @snapshot)
             push_runtime new_runtime
-            Thread.current["SQREEN_MINI_RACER_CONTEXT_#{object_id}"] = {
+            mini_racer_context = {
               :c => 0,
-              :r => WeakRef.new(new_runtime),
+              :r => WeakCtx.new(new_runtime),
             }
+            Thread.current[@key] = mini_racer_context
           end
         end
         ret = nil
         args_override = nil
         arguments = nil
-        loop do
+        while true
           arguments = (args_override || @argument_requirements[name]).map do |accessor|
             accessor.resolve(binding, framework, inst, args, @data, rv)
           end
           arguments = restrict(name, arguments) if @conditions.key?(name)
           Sqreen.log.debug { [name, arguments].inspect }
           if SQREEN_MINI_RACER
-            mini_racer_context = Thread.current["SQREEN_MINI_RACER_CONTEXT_#{object_id}"]
             mini_racer_context[:c] += 1
-            ret = mini_racer_context[:r].eval("#{name}.apply(this, #{::JSON.generate(arguments)})")
+            begin
+              ret = mini_racer_context[:r].eval_unsafe("#{name}.apply(this, #{::JSON.generate(arguments)})", nil, budget)
+            rescue MiniRacer::ScriptTerminatedError
+              ret = nil
+            end
           else
             ret = @compiled.call(name, *arguments)
           end
@@ -204,8 +243,8 @@ module Sqreen
           args_override = ret[:args]
           args_override = build_accessor(args_override) if args_override
         end
-      rescue => e
-        Sqreen.log.warn "we catch a JScb exception: #{e.inspect}"
+      rescue StandardError => e
+        Sqreen.log.warn { "we catch a JScb exception: #{e.inspect}" }
         Sqreen.log.debug e.backtrace
         record_exception(e, :cb => name, :args => arguments)
         nil
@@ -226,7 +265,7 @@ module Sqreen
 
       def restrict(cbname, arguments)
         condition = @conditions[cbname]
-        return arguments if condition.nil? or @argument_requirements[cbname].nil?
+        return arguments if condition.nil? || @argument_requirements[cbname].nil?
 
         each_hash_val_include(condition) do |needle, haystack, min_length|
           # We could actually run the binding accessor expression here.