tcell_agent 2.1.1 → 2.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/lib/tcell_agent/instrumentation/cmdi.rb +15 -15
  3. data/lib/tcell_agent/instrumentation/lfi.rb +16 -5
  4. data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb +39 -100
  5. data/lib/tcell_agent/rails/routes/grape.rb +3 -9
  6. data/lib/tcell_agent/version.rb +1 -1
  7. data/spec/lib/tcell_agent/instrumentation/cmdi_spec.rb +46 -4
  8. data/spec/lib/tcell_agent/instrumentation/lfi_spec.rb +47 -2
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fef169c3426eb04bcf907ba86a06b56508b3510b5a460dd20bdd0e859c773832
4
- data.tar.gz: c60696ff6d4058537d8162cc28c5f956340a5b5a533bf1df7b805f1f8b208f90
3
+ metadata.gz: 4165181c541a536526e945db454826fb168c253186d130bbbf904f6882ea238e
4
+ data.tar.gz: 55b8b9d149c14d45da6d1d41a8b48d4031df5e6ce385f9d91980def10f90d623
5
5
  SHA512:
6
- metadata.gz: ffaeef09c1dbf616146f6407abdcd5c53c292098c9e6e3bb9ab32602c8f5cb94ac69e2d958e00ef6fd58b6c1c6e133104935617fd06410752f704132eaa78d81
7
- data.tar.gz: 77a9ab760568d411be5535f0c9842376289667892b39b88bed4bfc6646a496d8cf26a1d6704e78c644d7564aa4fc9e1955d6cbbf36ec40a91ff01d3ad37807c1
6
+ metadata.gz: 491683e5c3c0b39e4c01567fd93b4dc39e9c7612c9e10568aebb88fdb19d8e068b98d4d9ec9ea64c50f59323e365b9d337bf7128cd4a8d663f4ab67284172b56
7
+ data.tar.gz: c9dc2b88411fbf8d69f4251582bbd6c8ede11daf9a98c6547e188bf0636eec562039e79b61316962cf7fe9e264317e7e8bdd4e93ab367af431a4d13a53bb7697
data/lib/tcell_agent/instrumentation/cmdi.rb CHANGED
@@ -25,18 +25,18 @@ module TCellAgent
25
25
  cmd = ''
26
26
 
27
27
  TCellAgent::Instrumentation.safe_block('CMDI Parsing *args') do
28
- unless args.empty?
29
- args_copy = Array.new(args)
30
- args_copy.shift if args_copy.first.is_a?(Hash)
31
- args_copy.pop if args_copy.last.is_a?(Hash)
32
-
33
- if args_copy.first.is_a?(Array)
34
- cmd_n_argv0 = args_copy.shift
35
- args_copy.unshift(cmd_n_argv0.first)
36
- end
28
+ return cmd if args.nil? || args.empty?
29
+
30
+ args_copy = Array.new(args)
31
+ args_copy.shift if args_copy.first.is_a?(Hash)
32
+ args_copy.pop if args_copy.last.is_a?(Hash)
37
33
 
38
- cmd = args_copy.join(' ')
34
+ if args_copy.first.is_a?(Array)
35
+ cmd_n_argv0 = args_copy.shift
36
+ args_copy.unshift(cmd_n_argv0.first)
39
37
  end
38
+
39
+ cmd = args_copy.join(' ')
40
40
  end
41
41
 
42
42
  cmd
@@ -46,12 +46,12 @@ module TCellAgent
46
46
  cmd = ''
47
47
 
48
48
  TCellAgent::Instrumentation.safe_block('CMDI Parsing *args') do
49
- unless args.empty?
50
- args_copy = Array.new(args)
51
- first_arg = args_copy.shift
49
+ return cmd if args.nil? || args.empty?
52
50
 
53
- cmd = first_arg[1..-1] if first_arg && (first_arg.is_a? String) && first_arg[0] == '|'
54
- end
51
+ args_copy = Array.new(args)
52
+ first_arg = args_copy.shift
53
+
54
+ cmd = first_arg[1..-1] if first_arg && (first_arg.is_a? String) && first_arg[0] == '|'
55
55
  end
56
56
 
57
57
  cmd
data/lib/tcell_agent/instrumentation/lfi.rb CHANGED
@@ -26,15 +26,23 @@ module TCellAgent
26
26
  path = ''
27
27
  mode = ''
28
28
 
29
- return ['', ''] if args.empty?
30
-
31
29
  TCellAgent::Instrumentation.safe_block('LFI Parsing *args') do
30
+ return ['', ''] if args.nil? || args.empty?
31
+
32
32
  args_copy = Array.new(args)
33
33
  path = args_copy.shift
34
34
  mode = args_copy.shift || 'r'
35
35
 
36
36
  if path && path.to_s[0] != '|'
37
- [File.expand_path(path).to_s, convert_mode(mode)]
37
+ path = File.expand_path(path.to_s)
38
+
39
+ mode = if mode && mode.is_a?(Hash)
40
+ convert_mode(mode[:mode])
41
+ else
42
+ convert_mode(mode)
43
+ end
44
+
45
+ [path, mode]
38
46
  else
39
47
  ['', '']
40
48
  end
@@ -53,8 +61,11 @@ module TCellAgent
53
61
  path = ARGF.filename
54
62
  end
55
63
 
56
- path = File.expand_path(path) unless path.nil?
57
- [path.to_s, mode]
64
+ if path && path.to_s[0] != '|'
65
+ [File.expand_path(path.to_s), mode]
66
+ else
67
+ ['', '']
68
+ end
58
69
  end
59
70
  end
60
71
 
data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb CHANGED
@@ -1,76 +1,52 @@
1
1
  module Kernel
2
- class << self
3
- alias_method :tcell_original_1_open, :open
4
- def open(*args, &block)
5
- path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
6
-
7
- if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
8
- raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
9
- end
10
-
11
- if path.empty?
12
- cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
13
- if cmd && TCellAgent::Cmdi.block_command?(cmd)
14
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
15
- end
16
- end
2
+ private
17
3
 
18
- tcell_original_1_open(*args, &block)
19
- end
20
-
21
- alias_method :tcell_original_1_gets, :gets
22
- def gets(*args, &block)
23
- path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
24
-
25
- if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
26
- raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
27
- end
28
-
29
- tcell_original_1_gets(*args, &block)
30
- end
4
+ alias_method :tcell_original_backtick, :`
5
+ alias_method :tcell_original_exec, :exec
6
+ alias_method :tcell_original_open, :open
7
+ alias_method :tcell_original_gets, :gets
8
+ alias_method :tcell_original_readline, :readline
9
+ alias_method :tcell_original_spawn, :spawn
10
+ alias_method :tcell_original_system, :system
31
11
 
12
+ class << self
13
+ alias_method :tcell_original_exec, :exec
14
+ alias_method :tcell_original_open, :open
15
+ alias_method :tcell_original_gets, :gets
32
16
  alias_method :tcell_original_readline, :readline
33
- def readline(*args, &block)
34
- path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
35
-
36
- if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
37
- raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
38
- end
17
+ alias_method :tcell_original_spawn, :spawn
18
+ alias_method :tcell_original_system, :system
19
+ end
39
20
 
40
- tcell_original_readline(*args, &block)
21
+ def `(cmd)
22
+ if TCellAgent::Cmdi.block_command?(cmd)
23
+ raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
41
24
  end
42
25
 
43
- alias_method :tcell_original_1_spawn, :spawn
44
- def spawn(*args)
45
- cmd = TCellAgent::Cmdi.parse_command(*args)
46
- if TCellAgent::Cmdi.block_command?(cmd)
47
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
48
- end
49
-
50
- tcell_original_1_spawn(*args)
51
- end
26
+ tcell_original_backtick(cmd)
27
+ end
52
28
 
53
- alias_method :tcell_original_1_system, :system
54
- def system(*args)
29
+ if TCellAgent.configuration.should_instrument_cmdi_exec?
30
+ def exec(*args)
55
31
  cmd = TCellAgent::Cmdi.parse_command(*args)
56
32
  if TCellAgent::Cmdi.block_command?(cmd)
57
33
  raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
58
34
  end
59
35
 
60
- tcell_original_1_system(*args)
36
+ tcell_original_exec(*args)
61
37
  end
62
38
  end
63
39
 
64
- alias_method :tcell_original_backtick, :`
65
- def `(cmd)
66
- if TCellAgent::Cmdi.block_command?(cmd)
67
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
40
+ def gets(*args, &block)
41
+ path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
42
+
43
+ if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
44
+ raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
68
45
  end
69
46
 
70
- tcell_original_backtick(cmd)
47
+ tcell_original_gets(*args, &block)
71
48
  end
72
49
 
73
- alias_method :tcell_original_2_open, :open
74
50
  def open(*args, &block)
75
51
  path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
76
52
 
@@ -85,21 +61,9 @@ module Kernel
85
61
  end
86
62
  end
87
63
 
88
- tcell_original_2_open(*args, &block)
64
+ tcell_original_open(*args, &block)
89
65
  end
90
66
 
91
- alias_method :tcell_original_2_gets, :gets
92
- def gets(*args, &block)
93
- path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
94
-
95
- if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
96
- raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
97
- end
98
-
99
- tcell_original_2_gets(*args, &block)
100
- end
101
-
102
- alias_method :tcell_original_readline, :readline
103
67
  def readline(*args, &block)
104
68
  path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
105
69
 
@@ -110,54 +74,29 @@ module Kernel
110
74
  tcell_original_readline(*args, &block)
111
75
  end
112
76
 
113
- alias_method :tcell_original_2_spawn, :spawn
114
77
  def spawn(*args)
115
78
  cmd = TCellAgent::Cmdi.parse_command(*args)
116
79
  if TCellAgent::Cmdi.block_command?(cmd)
117
80
  raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
118
81
  end
119
82
 
120
- tcell_original_2_spawn(*args)
83
+ tcell_original_spawn(*args)
121
84
  end
122
85
 
123
- alias_method :tcell_original_2_system, :system
124
86
  def system(*args)
125
87
  cmd = TCellAgent::Cmdi.parse_command(*args)
126
88
  if TCellAgent::Cmdi.block_command?(cmd)
127
89
  raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
128
90
  end
129
91
 
130
- tcell_original_2_system(*args)
92
+ tcell_original_system(*args)
131
93
  end
132
- end
133
-
134
- if TCellAgent.configuration.should_instrument_cmdi_exec?
135
- module Kernel
136
- class << self
137
- alias_method :tcell_original_exec, :exec
138
- def exec(*args)
139
- cmd = TCellAgent::Cmdi.parse_command(*args)
140
- if TCellAgent::Cmdi.block_command?(cmd)
141
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
142
- end
143
-
144
- tcell_original_exec(*args)
145
- end
146
- end
147
-
148
- alias_method :tcell_original_exec, :exec
149
-
150
- private
151
-
152
- def exec(*args)
153
- cmd = TCellAgent::Cmdi.parse_command(*args)
154
- if TCellAgent::Cmdi.block_command?(cmd)
155
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
156
- end
157
94
 
158
- tcell_original_exec(*args)
159
- end
160
- end
161
- else
162
- TCellAgent.logger.debug('Disabling cmdi Kernel::exec instrumentation', 'TCellAgent::Cmdi')
95
+ module_function :`
96
+ module_function :exec
97
+ module_function :gets
98
+ module_function :open
99
+ module_function :readline
100
+ module_function :spawn
101
+ module_function :system
163
102
  end
data/lib/tcell_agent/rails/routes/grape.rb CHANGED
@@ -5,15 +5,9 @@ module TCellAgent
5
5
  def self.grape_route?(route)
6
6
  if defined?(Grape::API)
7
7
  begin
8
- if ::Rails::VERSION::MAJOR == 4 && ::Rails::VERSION::MINOR < 2
9
- # does app inherit from Grape::API?
10
- route.app < Grape::API
11
- else
12
- # does app inherit from Grape::API?
13
- route.app.app < Grape::API
14
- end
15
-
16
- return true
8
+ return route.app < Grape::API if ::Rails::VERSION::MAJOR == 4 &&
9
+ ::Rails::VERSION::MINOR < 2
10
+ return route.app.app < Grape::API
17
11
  rescue StandardError # rubocop:disable Lint/HandleExceptions
18
12
  # do nothing
19
13
  end
data/lib/tcell_agent/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # See the file "LICENSE" for the full license governing this code.
2
2
 
3
3
  module TCellAgent
4
- VERSION = '2.1.1'.freeze
4
+ VERSION = '2.1.2'.freeze
5
5
  end
data/spec/lib/tcell_agent/instrumentation/cmdi_spec.rb CHANGED
@@ -148,10 +148,52 @@ module TCellAgent
148
148
  end
149
149
  end
150
150
  describe '.parse_command_from_open' do
151
- context 'with string command' do
152
- it 'should parse the command properly' do
153
- cmd = TCellAgent::Cmdi.parse_command_from_open('|echo')
154
- expect(cmd).to eq('echo')
151
+ context 'with empty parameters' do
152
+ it 'should not return a command' do
153
+ cmd = TCellAgent::Cmdi.parse_command_from_open
154
+ expect(cmd).to eq('')
155
+ end
156
+ end
157
+ context 'with empty array' do
158
+ it 'should not return a command' do
159
+ args = []
160
+ cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
161
+ expect(cmd).to eq('')
162
+ end
163
+ end
164
+ context 'with a string command' do
165
+ context 'with an empty string' do
166
+ it 'should return an empty string' do
167
+ cmd = TCellAgent::Cmdi.parse_command_from_open('')
168
+ expect(cmd).to eq('')
169
+ end
170
+ end
171
+ context 'with an empty command' do
172
+ it 'should return an empty string' do
173
+ cmd = TCellAgent::Cmdi.parse_command_from_open('|')
174
+ expect(cmd).to eq('')
175
+ end
176
+ end
177
+ context 'with a non-empty command' do
178
+ it 'should parse the command properly' do
179
+ cmd = TCellAgent::Cmdi.parse_command_from_open('|echo')
180
+ expect(cmd).to eq('echo')
181
+
182
+ cmd = TCellAgent::Cmdi.parse_command_from_open('|ls -l /tmp')
183
+ expect(cmd).to eq('ls -l /tmp')
184
+ end
185
+ end
186
+ end
187
+ context 'with a filename argument' do
188
+ it 'should not return a command' do
189
+ cmd = TCellAgent::Cmdi.parse_command_from_open('/tmp')
190
+ expect(cmd).to eq('')
191
+ end
192
+ end
193
+ context 'with a non-string first argument' do
194
+ it 'should return an empty string' do
195
+ cmd = TCellAgent::Cmdi.parse_command_from_open({})
196
+ expect(cmd).to eq('')
155
197
  end
156
198
  end
157
199
  end
data/spec/lib/tcell_agent/instrumentation/lfi_spec.rb CHANGED
@@ -3,7 +3,7 @@ require 'spec_helper'
3
3
  module TCellAgent
4
4
  module Instrumentation
5
5
  module Lfi
6
- describe 'extract path and mode' do
6
+ describe '.extract_path_mode' do
7
7
  context 'with path' do
8
8
  it 'should extract the path correctly' do
9
9
  args = '/path-to-file'
@@ -34,51 +34,91 @@ module TCellAgent
34
34
  args = '/path-to-file', 'r'
35
35
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
36
36
  expect(mode).to eq('Read')
37
+
38
+ args = '/path-to-file', { :mode => 'r' }
39
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
40
+ expect(mode).to eq('Read')
37
41
  end
38
42
  it 'should return Write for mode w' do
39
43
  args = '/path-to-file', 'w'
40
44
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
41
45
  expect(mode).to eq('Write')
46
+
47
+ args = '/path-to-file', { :mode => 'w' }
48
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
49
+ expect(mode).to eq('Write')
42
50
  end
43
51
  it 'should return Write for mode a' do
44
52
  args = '/path-to-file', 'a'
45
53
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
46
54
  expect(mode).to eq('Write')
55
+
56
+ args = '/path-to-file', { :mode => 'a' }
57
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
58
+ expect(mode).to eq('Write')
47
59
  end
48
60
  it 'should return ReadWrite for mode r+' do
49
61
  args = '/path-to-file', 'r+'
50
62
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
51
63
  expect(mode).to eq('ReadWrite')
64
+
65
+ args = '/path-to-file', { :mode => 'r+' }
66
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
67
+ expect(mode).to eq('ReadWrite')
52
68
  end
53
69
  it 'should return ReadWrite for mode w+' do
54
70
  args = '/path-to-file', 'w+'
55
71
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
56
72
  expect(mode).to eq('ReadWrite')
73
+
74
+ args = '/path-to-file', { :mode => 'w+' }
75
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
76
+ expect(mode).to eq('ReadWrite')
57
77
  end
58
78
  it 'should return ReadWrite for mode a+' do
59
79
  args = '/path-to-file', 'a+'
60
80
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
61
81
  expect(mode).to eq('ReadWrite')
82
+
83
+ args = '/path-to-file', { :mode => 'a+' }
84
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
85
+ expect(mode).to eq('ReadWrite')
62
86
  end
63
87
  it 'should return Read for mode ::File::RDONLY (0)' do
64
88
  args = '/path-to-file', ::File::RDONLY
65
89
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
66
90
  expect(mode).to eq('Read')
91
+
92
+ args = '/path-to-file', { :mode => ::File::RDONLY }
93
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
94
+ expect(mode).to eq('Read')
67
95
  end
68
96
  it 'should return Write for mode ::File::WRONLY (1)' do
69
97
  args = '/path-to-file', ::File::WRONLY
70
98
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
71
99
  expect(mode).to eq('Write')
100
+
101
+ args = '/path-to-file', { :mode => ::File::WRONLY }
102
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
103
+ expect(mode).to eq('Write')
72
104
  end
73
105
  it 'should return ReadWrite for mode ::File::RDWR (2)' do
74
106
  args = '/path-to-file', ::File::RDWR
75
107
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
76
108
  expect(mode).to eq('ReadWrite')
109
+
110
+ args = '/path-to-file', { :mode => ::File::RDWR }
111
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
112
+ expect(mode).to eq('ReadWrite')
77
113
  end
78
114
  it 'should return Write for mode ::File::CREAT | ::File::EXCL | ::File::WRONLY (2561)' do
79
115
  args = '/path-to-file', ::File::CREAT | ::File::EXCL | ::File::WRONLY
80
116
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
81
117
  expect(mode).to eq('Write')
118
+
119
+ args = '/path-to-file', { :mode => ::File::CREAT | ::File::EXCL | ::File::WRONLY }
120
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
121
+ expect(mode).to eq('Write')
82
122
  end
83
123
  end
84
124
  context 'with an invalid mode' do
@@ -87,11 +127,16 @@ module TCellAgent
87
127
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
88
128
  expect(mode).to eq('Read')
89
129
  end
90
- it 'should return Read when mode is a hash' do
130
+ it 'should return Read when mode is an empty hash' do
91
131
  args = '/path-to-file', {}
92
132
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
93
133
  expect(mode).to eq('Read')
94
134
  end
135
+ it 'should return Read when mode is a hash without a :mode key' do
136
+ args = '/path-to-file', { :placeholder => 'testing' }
137
+ _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
138
+ expect(mode).to eq('Read')
139
+ end
95
140
  it 'should return Read when mode is an array' do
96
141
  args = '/path-to-file', []
97
142
  _path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tcell_agent
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.1
4
+ version: 2.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rafael
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-26 00:00:00.000000000 Z
11
+ date: 2020-06-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi