sqreen 1.18.5 → 1.18.6

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/lib/sqreen/rules/waf_cb.rb +3 -2
  4. data/lib/sqreen/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 321074d4cc69c79e906d6b4a865e49a36a22f786201a8def57d48d1164716282
4
- data.tar.gz: 1edd7b85daa4ef20b624d0ff2ee16178b4cfe14d948c065cceba7374f1ad41d2
3
+ metadata.gz: a4b8ec01ad0365518711b01aa8a424f179f2d115d614da821b212cbb82e8754e
4
+ data.tar.gz: 96c2e3da8c0678ba9720d613db4edf828af3559a36862bca313dab9dcd7c181a
5
5
  SHA512:
6
- metadata.gz: '0085800cf5856cdab2003506d1fad265b1bb5744cf80063e4e380af44a5cc4d49a6bca7a2e6199882cea7d296511089ae1c8c2155c4e04840795afb5bbcd6817'
7
- data.tar.gz: f1f2dc1680ec65f9cfd8cefde2c47fae7bbf0300f9c2d18811a21b0d1e6ac01abb0679027ce69b5faf322975ab5d17afd92c05a6bc85cf2459fc514f385e0bbc
6
+ metadata.gz: a7cdd3a299af7569fdab2e5cad439e5eedd6de6cdd80d474703408e64b325ae70f4837d4326c4e28a93e658b9c3c15c4279821ad1e0e0e91252faa7ff33e9c1b
7
+ data.tar.gz: '0691dc3e4aa7650c4fd2a4be33cf5f32843b062b4932fed4711866208011dccd3920f7dda468e4d25555e4b97a7e9ce8a41820cccacd1e473f29f26d2704b25b'
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 1.18.6
2
+
3
+ * Improve default WAF time budget handling logic
4
+
1
5
  ## 1.18.5
2
6
 
3
7
  * Fix type mismatch in WAF time budget handling
data/lib/sqreen/rules/waf_cb.rb CHANGED
@@ -52,7 +52,8 @@ module Sqreen
52
52
  @binding_accessors = @data['values'].fetch('binding_accessors', []).each_with_object({}) do |e, h|
53
53
  h[e] = BindingAccessor.new(e)
54
54
  end
55
- @budget = @data['values'].fetch('budget_in_ms', BUDGET_MAX) * 1000
55
+ @budget = (@data['values'].fetch('budget_in_ms', nil) || BUDGET_MAX) * 1000
56
+ Sqreen.log.debug("WAF budget for #{@waf_rule_name} set to #{@budget}us")
56
57
 
57
58
  ObjectSpace.define_finalizer(self, WAFCB.finalizer(@waf_rule_name.dup))
58
59
  end
@@ -70,7 +71,7 @@ module Sqreen
70
71
  h[e] = capper.call(b.resolve(*env))
71
72
  end
72
73
  waf_args = Sqreen::EncodingSanitizer.sanitize(waf_args)
73
- waf_budget = [self.budget, budget * 1_000_000].compact.min.to_i
74
+ waf_budget = [self.budget, budget && budget * 1_000_000].compact.min.to_i
74
75
  action, data = ::LibSqreen::WAF.run(waf_rule_name, waf_args, waf_budget)
75
76
 
76
77
  case action
data/lib/sqreen/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
3
 
4
4
  module Sqreen
5
- VERSION = '1.18.5'.freeze
5
+ VERSION = '1.18.6'.freeze
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.18.5
4
+ version: 1.18.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-02-11 00:00:00.000000000 Z
11
+ date: 2020-02-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sq_mini_racer