sqreen 1.18.5-java → 1.18.6-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/lib/sqreen/rules/waf_cb.rb +3 -2
  4. data/lib/sqreen/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: eb507312dca29a9446f8bce75d8b150c709e453efc0d09757f2637cb0b486771
4
- data.tar.gz: 3138b8a6a57d9330e97767161003f9861409b1e30deaa140828456684a25d096
3
+ metadata.gz: a3e35cc01e7532fdc2de3b453ec1dd4737c408ffc63186b36a15e87233e95a1d
4
+ data.tar.gz: 4926e2f50f1ab393372e54771d3f507d7a0423b81eaf24082fa899292bd40ae6
5
5
  SHA512:
6
- metadata.gz: 1afa452809625ca8739de597abd0b714e5dc27682f365bc24e3a67c0319288321e13875f2b9a623ece2798e377ff7852938208bf7144c2f43726c731cc9b08bb
7
- data.tar.gz: 4204ba1c27317034ff4ab051831bd36e3ab174dce731113242ca4fe2e405b2aedcf083e0dccd702302e09da4fc1277d5319c8195073ee5635c019b145638a842
6
+ metadata.gz: 2af302eb9db7834083e0d71967ca9777e8b2283ab7b39d44426696ae029a97c34e88d54182d0082ffb479f37426e89d9418e41c2e0c89dbc56375353c69296e6
7
+ data.tar.gz: bbd4764c0192e2f8ae8e84bb6737459ac0c84934187d1537071defd6a68cdd510e118f2328e870c02be777785d85fab37ecfe8292bd240e3a5a176640457ad8d
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 1.18.6
2
+
3
+ * Improve default WAF time budget handling logic
4
+
1
5
  ## 1.18.5
2
6
 
3
7
  * Fix type mismatch in WAF time budget handling
data/lib/sqreen/rules/waf_cb.rb CHANGED
@@ -52,7 +52,8 @@ module Sqreen
52
52
  @binding_accessors = @data['values'].fetch('binding_accessors', []).each_with_object({}) do |e, h|
53
53
  h[e] = BindingAccessor.new(e)
54
54
  end
55
- @budget = @data['values'].fetch('budget_in_ms', BUDGET_MAX) * 1000
55
+ @budget = (@data['values'].fetch('budget_in_ms', nil) || BUDGET_MAX) * 1000
56
+ Sqreen.log.debug("WAF budget for #{@waf_rule_name} set to #{@budget}us")
56
57
 
57
58
  ObjectSpace.define_finalizer(self, WAFCB.finalizer(@waf_rule_name.dup))
58
59
  end
@@ -70,7 +71,7 @@ module Sqreen
70
71
  h[e] = capper.call(b.resolve(*env))
71
72
  end
72
73
  waf_args = Sqreen::EncodingSanitizer.sanitize(waf_args)
73
- waf_budget = [self.budget, budget * 1_000_000].compact.min.to_i
74
+ waf_budget = [self.budget, budget && budget * 1_000_000].compact.min.to_i
74
75
  action, data = ::LibSqreen::WAF.run(waf_rule_name, waf_args, waf_budget)
75
76
 
76
77
  case action
data/lib/sqreen/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
  # Please refer to our terms for more information: https://www.sqreen.com/terms.html
3
3
 
4
4
  module Sqreen
5
- VERSION = '1.18.5'.freeze
5
+ VERSION = '1.18.6'.freeze
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sqreen
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.18.5
4
+ version: 1.18.6
5
5
  platform: java
6
6
  authors:
7
7
  - Sqreen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-02-11 00:00:00.000000000 Z
11
+ date: 2020-02-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement