RubyGems - sqreen - Versions diffs - 1.18.4-java → 1.18.5-java - Mend

sqreen 1.18.4-java → 1.18.5-java

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 43b9ddb790f25ff47df2953ec789110bc2273fa02fe632b76c36066da880ad9a
-  data.tar.gz: 05544de42de06ad978ea9dfe330b330a090eff0ae8661bdfa8509251cf57d9ce
+  metadata.gz: eb507312dca29a9446f8bce75d8b150c709e453efc0d09757f2637cb0b486771
+  data.tar.gz: 3138b8a6a57d9330e97767161003f9861409b1e30deaa140828456684a25d096
 SHA512:
-  metadata.gz: e3ba0e41808617dddbfc03d2f8807fa8039ad1ad40ac6a8b815082986ac8ef39aae795e1867faa685625c5a048f36a44beb4e29092528f7cb28aa087bd3a8034
-  data.tar.gz: b7f7b42ea91a2a9ece4e660485dac8aa65c4dfa635241f9e685b3ff855d21f68c091260814a9c7a14f3ecd9c6fe92f03824f084c718e8cb27691569537e5c011
+  metadata.gz: 1afa452809625ca8739de597abd0b714e5dc27682f365bc24e3a67c0319288321e13875f2b9a623ece2798e377ff7852938208bf7144c2f43726c731cc9b08bb
+  data.tar.gz: 4204ba1c27317034ff4ab051831bd36e3ab174dce731113242ca4fe2e405b2aedcf083e0dccd702302e09da4fc1277d5319c8195073ee5635c019b145638a842

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,8 @@
+## 1.18.5
+* Fix type mismatch in WAF time budget handling
+* Improve exception handling for non-WAF errors within WAF
 ## 1.18.4
 * Fix instrumentation conflict when a class defines a send method

data/lib/sqreen/rules/waf_cb.rb CHANGED Viewed

@@ -13,7 +13,7 @@ require 'sqreen/dependency/libsqreen'
 module Sqreen
   module Rules
     class WAFCB < RuleCB
-      BUDGET_MAX = 5000
+      BUDGET_MAX = 5
       def self.libsqreen?
         Sqreen::Dependency::LibSqreen.required?
@@ -52,7 +52,7 @@ module Sqreen
         @binding_accessors = @data['values'].fetch('binding_accessors', []).each_with_object({}) do |e, h|
           h[e] = BindingAccessor.new(e)
         end
-        @budget = @data['values'].fetch('budget', BUDGET_MAX)
+        @budget = @data['values'].fetch('budget_in_ms', BUDGET_MAX) * 1000
         ObjectSpace.define_finalizer(self, WAFCB.finalizer(@waf_rule_name.dup))
       end
@@ -70,8 +70,8 @@ module Sqreen
           h[e] = capper.call(b.resolve(*env))
         end
         waf_args = Sqreen::EncodingSanitizer.sanitize(waf_args)
-        budget = [self.budget, budget].compact.min
-        action, data = ::LibSqreen::WAF.run(waf_rule_name, waf_args, budget)
+        waf_budget = [self.budget, budget * 1_000_000].compact.min.to_i
+        action, data = ::LibSqreen::WAF.run(waf_rule_name, waf_args, waf_budget)
         case action
         when :monitor
@@ -103,13 +103,13 @@ module Sqreen
         lambda do |object_id|
           return unless WAFCB.libsqreen?
-          ::LibSqreen::WAF.delete(waf_rule_name, waf_args, budget)
+          ::LibSqreen::WAF.delete(waf_rule_name)
           Sqreen.log.debug("WAF rule #{rule_name} deleted, from #<#{name}:0x#{object_id.to_s(16).rjust(16, '0')}>")
         end
       end
       def record_exception(exception, infos = {}, at = Time.now.utc)
-        infos.merge!(exception_to_infos(exception))
+        infos.merge!(exception_to_infos(exception)) if exception.is_a?(Sqreen::WAFError)
         super(exception, infos, at)
       end

data/lib/sqreen/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # Please refer to our terms for more information: https://www.sqreen.com/terms.html
 module Sqreen
-  VERSION = '1.18.4'.freeze
+  VERSION = '1.18.5'.freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sqreen
 version: !ruby/object:Gem::Version
-  version: 1.18.4
+  version: 1.18.5
 platform: java
 authors:
 - Sqreen
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-02-10 00:00:00.000000000 Z
+date: 2020-02-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement