sqreen 1.18.5-java → 1.18.6-java

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/lib/sqreen/rules/waf_cb.rb +3 -2
  4. data/lib/sqreen/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: eb507312dca29a9446f8bce75d8b150c709e453efc0d09757f2637cb0b486771
4
- data.tar.gz: 3138b8a6a57d9330e97767161003f9861409b1e30deaa140828456684a25d096
3
+ metadata.gz: a3e35cc01e7532fdc2de3b453ec1dd4737c408ffc63186b36a15e87233e95a1d
4
+ data.tar.gz: 4926e2f50f1ab393372e54771d3f507d7a0423b81eaf24082fa899292bd40ae6
5
5
  SHA512:
6
- metadata.gz: 1afa452809625ca8739de597abd0b714e5dc27682f365bc24e3a67c0319288321e13875f2b9a623ece2798e377ff7852938208bf7144c2f43726c731cc9b08bb
7
- data.tar.gz: 4204ba1c27317034ff4ab051831bd36e3ab174dce731113242ca4fe2e405b2aedcf083e0dccd702302e09da4fc1277d5319c8195073ee5635c019b145638a842
6
+ metadata.gz: 2af302eb9db7834083e0d71967ca9777e8b2283ab7b39d44426696ae029a97c34e88d54182d0082ffb479f37426e89d9418e41c2e0c89dbc56375353c69296e6
7
+ data.tar.gz: bbd4764c0192e2f8ae8e84bb6737459ac0c84934187d1537071defd6a68cdd510e118f2328e870c02be777785d85fab37ecfe8292bd240e3a5a176640457ad8d
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 1.18.6
2
+
3
+ * Improve default WAF time budget handling logic
4
+
1
5
  ## 1.18.5
2
6
 
3
7
  * Fix type mismatch in WAF time budget handling
data/lib/sqreen/rules/waf_cb.rb CHANGED
@@ -52,7 +52,8 @@ module Sqreen
52
52
  @binding_accessors = @data['values'].fetch('binding_accessors', []).each_with_object({}) do |e, h|
53
53
  h[e] = BindingAccessor.new(e)
54
54
  end
55
- @budget = @data['values'].fetch('budget_in_ms', BUDGET_MAX) * 1000
55
+ @budget = (@data['values'].fetch('budget_in_ms', nil) || BUDGET_MAX) * 1000
56
+ Sqreen.log.debug("WAF budget for #{@waf_rule_name} set to #{@budget}us")
56
57
 
57
58
  ObjectSpace.define_finalizer(self, WAFCB.finalizer(@waf_rule_name.dup))
58
59
  end
@@ -70,7 +71,7 @@ module Sqreen
70
71
  h[e] = capper.call(b.resolve(*env))
71
72
  end
72
73
  waf_args = Sqreen::EncodingSanitizer.sanitize(waf_args)
73
- waf_budget = [self.budget, budget * 1_000_000].compact.min.to_i
74
+ waf_budget = [self.budget, budget && budget * 1_000_000].compact.min.to_i
74
75
  action, data = ::LibSqreen::WAF.run(waf_rule_name, waf_args, waf_budget)
75
76
 
76
77
  case action
data/lib/sqreen/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
3
 
4
4
  module Sqreen
5
- VERSION = '1.18.5'.freeze
5
+ VERSION = '1.18.6'.freeze
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.18.5
4
+ version: 1.18.6
5
5
  platform: java
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-02-11 00:00:00.000000000 Z
11
+ date: 2020-02-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement