sqreen 1.9.2 → 1.10.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +5 -5
  2. data/lib/sqreen-alt.rb +1 -0
  3. data/lib/sqreen/rules_callbacks/execjs.rb +23 -4
  4. data/lib/sqreen/shared_storage.rb +5 -6
  5. data/lib/sqreen/version.rb +1 -1
  6. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: e18e5e4043a3cb2cfa23b0de7e196fb36b2cb180
4
- data.tar.gz: 62cc6f1b5b08aa6b01b9401085dea466e45bb2bc
2
+ SHA256:
3
+ metadata.gz: db75e03bbaf0ff955d869f7e5fea1dd06d911ef363fe85b875befbabc147c948
4
+ data.tar.gz: 118223689c18fa3627f901b857c67c0309d6f17a5b4eeffdf631da37d801bebf
5
5
  SHA512:
6
- metadata.gz: 0217afc0de67b065771e9cb102b94c12c6885ffd27031043f96fc14af7754b0f25a845c1a44a69b7dc5ef798f72300a4fc657aea583dab71398ebae01ad75c30
7
- data.tar.gz: 929ae4a93889afb4ec576932c7e92993c9e52385f247d2bab928796ae6cb07037ccfad1fe42d53d459918f1024460003f5c74b0aa30d46ad1900c0cfedee23b1
6
+ metadata.gz: cba1b32cb6753e60442e7f17a3b4e8267f978e37552303dec79cb92e429958b3815d9f7c18bda5dd72b4db7bca923ab6e6cafb062fb1194b952bfee977585c7a
7
+ data.tar.gz: 6c73b78873835a36ba2b69ef8ac01b06927b138622a9c082690fa45d65c06d5a65f5234da28d6b9928850d107d269428742406b1cd05534ee1bdcec742773d35
data/lib/sqreen-alt.rb ADDED
@@ -0,0 +1 @@
1
+ require "sqreen"
data/lib/sqreen/rules_callbacks/execjs.rb CHANGED
@@ -3,8 +3,15 @@
3
3
 
4
4
  if defined?(::JRUBY_VERSION)
5
5
  require 'rhino'
6
+ SQREEN_V8_THREAD = false
6
7
  else
7
- require 'therubyracer'
8
+ begin
9
+ require 'mini_racer'
10
+ SQREEN_V8_THREAD = true
11
+ rescue LoadError
12
+ require 'therubyracer'
13
+ SQREEN_V8_THREAD = false
14
+ end
8
15
  end
9
16
 
10
17
  require 'execjs'
@@ -32,7 +39,9 @@ module Sqreen
32
39
  end
33
40
 
34
41
  build_runnable(callbacks)
35
- @compiled = ExecJS.compile(@source)
42
+ if !SQREEN_V8_THREAD
43
+ @compiled = ExecJS.compile(@source)
44
+ end
36
45
  @restrict_max_depth = 20
37
46
  end
38
47
 
@@ -122,7 +131,10 @@ module Sqreen
122
131
  end)] = ret[k] end
123
132
  record_event(ret[:record]) unless ret[:record].nil?
124
133
  unless ret['observations'].nil?
125
- ret['observations'].each { |obs| record_observation(*obs) }
134
+ ret['observations'].each do |obs|
135
+ obs[3] = Time.parse(obs[3]) if obs.size >= 3 && obs[3].is_a?(String)
136
+ record_observation(*obs)
137
+ end
126
138
  end
127
139
  return !ret[:call].nil?
128
140
  else
@@ -131,6 +143,9 @@ module Sqreen
131
143
  end
132
144
 
133
145
  def call_callback(name, inst, args, rv = nil)
146
+ if SQREEN_V8_THREAD
147
+ Thread.current["SQREEN_EXECJS_SOURCE#{self.object_id}"] ||= ExecJS.compile(@source)
148
+ end
134
149
  ret = nil
135
150
  args_override = nil
136
151
  arguments = nil
@@ -140,7 +155,11 @@ module Sqreen
140
155
  end
141
156
  arguments = restrict(name, arguments) if @conditions.key?(name)
142
157
  Sqreen.log.debug { [name, arguments].inspect }
143
- ret = @compiled.call(name, *arguments)
158
+ if SQREEN_V8_THREAD
159
+ ret = Thread.current["SQREEN_EXECJS_SOURCE#{self.object_id}"].call(name, *arguments)
160
+ else
161
+ ret = @compiled.call(name, *arguments)
162
+ end
144
163
  unless record_and_continue?(ret)
145
164
  return nil if ret.nil?
146
165
  return advise_action(ret[:status], ret)
data/lib/sqreen/shared_storage.rb CHANGED
@@ -3,22 +3,21 @@
3
3
 
4
4
  module Sqreen
5
5
  module SharedStorage
6
- @@shared = {}
7
6
 
8
7
  def self::get(key, default = nil)
9
- h = @@shared[Thread.current]
8
+ h = Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"]
10
9
  return h.fetch(key, default) if h
11
10
  default
12
11
  end
13
12
 
14
13
  def self::set(key, obj)
15
- main_key = Thread.current
16
- @@shared[main_key] = {} unless @@shared.key? main_key
17
- @@shared[main_key][key] = obj
14
+ Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"] ||= {}
15
+ Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"][key] = obj
18
16
  end
19
17
 
20
18
  def self.clear
21
- @@shared.delete(Thread.current)
19
+ return unless Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"].is_a?(Hash)
20
+ Thread.current["SQREEN_SHARED_STORAGE_#{self.object_id}"].clear
22
21
  end
23
22
 
24
23
  def self.inc(value)
data/lib/sqreen/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # Copyright (c) 2015 Sqreen. All Rights Reserved.
2
2
  # Please refer to our terms for more information: https://www.sqreen.io/terms.html
3
3
  module Sqreen
4
- VERSION = '1.9.2'.freeze
4
+ VERSION = '1.10.0'.freeze
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.9.2
4
+ version: 1.10.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-06 00:00:00.000000000 Z
11
+ date: 2018-02-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: execjs
@@ -48,6 +48,7 @@ files:
48
48
  - CODE_OF_CONDUCT.md
49
49
  - README.md
50
50
  - Rakefile
51
+ - lib/sqreen-alt.rb
51
52
  - lib/sqreen.rb
52
53
  - lib/sqreen/attack_detected.html
53
54
  - lib/sqreen/binding_accessor.rb
@@ -140,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
140
141
  version: '0'
141
142
  requirements: []
142
143
  rubyforge_project:
143
- rubygems_version: 2.6.12
144
+ rubygems_version: 2.7.5
144
145
  signing_key:
145
146
  specification_version: 4
146
147
  summary: Sqreen Ruby agent