Class: Contrast::Agent::Assess::Tag

Inherits:
Object
  • Object
show all
Includes:
Components::Logger::InstanceMethods
Defined in:
lib/contrast/agent/assess/tag.rb

Overview

A Tag represents a range in a given piece of data. It is used by the Agent to determine if a vulnerable dataflow has occurred.

Constant Summary collapse

ERROR_NEGATIVE_START =

Update range should be how start and end index of tags are changed, as it includes validation

Note that we allow start_idx == end_idx b/c this is how we determine if a tag range is ‘covered’ in trigger detection

'Unable to set start idx negative'
BELOW = 
'BELOW'
ERROR_END_BEFORE_START = 
'Unable to set start idx after end idx'
LOW_SPAN = 
'LOW_SPAN'
WITHIN = 
'WITHIN'
WITHOUT = 
'WITHOUT'
HIGH_SPAN = 
'HIGH_SPAN'
ABOVE = 
'ABOVE'

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Components::Logger::InstanceMethods

#cef_logger, #logger

Constructor Details

#initialize(label, length, start_idx = 0) ⇒ Tag

Initialize a new tag

Parameters:

  • label (String)

    the label of the tag

  • length (Integer)

    the length of the string described with this tag

  • start_idx (Integer) (defaults to: 0)

    (0) the starting position in the string for this tag



39
40
41
42
43
44
 
# File 'lib/contrast/agent/assess/tag.rb', line 39

def initialize label, length, start_idx = 0
  @label = label
  update_range(start_idx, start_idx + length)
rescue ArgumentError => e
  logger.error('Range update for Tag failed with: ', e)
end

Instance Attribute Details

#end_idxObject (readonly)

the label of this tag



14
15
16
 
# File 'lib/contrast/agent/assess/tag.rb', line 14

def end_idx
  @end_idx
end

#labelObject (readonly)

the label of this tag



14
15
16
 
# File 'lib/contrast/agent/assess/tag.rb', line 14

def label
  @label
end

#lengthObject (readonly)

the label of this tag



14
15
16
 
# File 'lib/contrast/agent/assess/tag.rb', line 14

def length
  @length
end

#start_idxObject (readonly)

the label of this tag



14
15
16
 
# File 'lib/contrast/agent/assess/tag.rb', line 14

def start_idx
  @start_idx
end

Instance Method Details

#above?(idx) ⇒ Boolean

Return true if the tag is above the given position in the string

Parameters:

  • idx (Integer)

    the index to check

Returns:

  • (Boolean) 


57
58
59
 
# File 'lib/contrast/agent/assess/tag.rb', line 57

def above? idx
  idx < start_idx
end

#compare_range(start, stop) ⇒ Object

The tag is __ the range rrrrrrr == self.range, the range of the tag



145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
 
# File 'lib/contrast/agent/assess/tag.rb', line 145

def compare_range start, stop
  # the range starts below the given values
  if @start_idx < start
    # r starts and stops below
    # rrrrrrrrrrrrr
    #               start       stop
    return BELOW if @end_idx <= start
    # r starts below and finishes within
    # rrrrrrrrrrrrr
    #    start       stop
    return LOW_SPAN if @end_idx > start && @end_idx <= stop
    # r starts below and finishes above stop
    #  rrrrrrrrrrrrrrrrrrrrrrrr
    #     start       stop
    return WITHOUT if @end_idx > stop
  end

  # the range starts at or above the given values
  # r is between start and stop
  #        rrrrrrrrrrrrrrr
  # start                   stop
  return WITHIN if @start_idx < stop && @end_idx <= stop
  # r starts within and finishes above stop
  #           rrrrrrrrrrrrr
  #   start       stop
  return HIGH_SPAN if @start_idx < stop && @end_idx > stop

  # the range is above the given values
  # starts and stops above
  #                   rrrrrrrrrrrrr
  #  start       stop
  ABOVE
end

#copy_modified(shift) ⇒ Object

Modification to tracked String can change the position and length of the tracked tag shift : negative value moves left



129
130
131
132
133
134
135
136
 
# File 'lib/contrast/agent/assess/tag.rb', line 129

def copy_modified shift
  start = start_idx + shift
  # Tags cannot start below 0
  new_start_idx = start >= 0 ? start : 0
  # If a tag were to go negative, cut off the negative portion from length
  new_length = start >= 0 ? length : (length + start)
  Contrast::Agent::Assess::Tag.new(label, new_length, new_start_idx)
end

#covers?(idx) ⇒ Boolean

Return true if the tag covers the given position in the string

Parameters:

  • idx (Integer)

    the index to check

Returns:

  • (Boolean) 


50
51
52
 
# File 'lib/contrast/agent/assess/tag.rb', line 50

def covers? idx
  idx >= start_idx && idx < end_idx
end

#extends_beyond_string_size?(string_length) ⇒ Boolean

Returns:

  • (Boolean) 


69
70
71
 
# File 'lib/contrast/agent/assess/tag.rb', line 69

def extends_beyond_string_size? string_length
  @end_idx > string_length
end

#merge(other) ⇒ Object

Given a tag, merge its ranges with this one such that the lowest start and highest end become the values of this tag

Returns true if the other tag was merged into this tag



117
118
119
120
121
122
123
124
125
 
# File 'lib/contrast/agent/assess/tag.rb', line 117

def merge other
  return unless overlaps?(other.start_idx, other.end_idx)

  start = other.start_idx < @start_idx ? other.start_idx : @start_idx
  finish = other.end_idx > @end_idx ? other.end_idx : @end_idx
  update_range(start, finish)
rescue ArgumentError => e
  logger.error('Range update for Tag failed with: ', e)
end

#overlaps?(start_idx, end_idx) ⇒ Boolean

Return if a given tag overlaps this one

Returns:

  • (Boolean) 


74
75
76
77
78
79
 
# File 'lib/contrast/agent/assess/tag.rb', line 74

def overlaps? start_idx, end_idx
  return true if @start_idx <  start_idx && @end_idx >= start_idx  # we start below range & end in it
  return true if @start_idx >= start_idx && @end_idx <= end_idx    # we start and end in range

  @start_idx <= end_idx && @end_idx > end_idx                      # we start in range & end above it
end

#rangeRange

Return the range that this tag covers, from start (inclusive) to end (exclusive).

Returns:

  • (Range) 


65
66
67
 
# File 'lib/contrast/agent/assess/tag.rb', line 65

def range
  start_idx...end_idx
end

#repurpose(start_idx, end_idx) ⇒ Object 



105
106
107
108
109
 
# File 'lib/contrast/agent/assess/tag.rb', line 105

def repurpose start_idx, end_idx
  update_range(start_idx, end_idx)
rescue ArgumentError => e
  logger.error('Range update for Tag failed with: ', e)
end

#shift(idx) ⇒ Object 



81
82
83
84
85
 
# File 'lib/contrast/agent/assess/tag.rb', line 81

def shift idx
  update_range(@start_idx + idx, @end_idx + idx)
rescue ArgumentError => e
  logger.error('Range update for Tag failed with: ', e)
end

#shift_end(idx) ⇒ Object 



87
88
89
90
91
 
# File 'lib/contrast/agent/assess/tag.rb', line 87

def shift_end idx
  update_range(@start_idx, @end_idx + idx)
rescue ArgumentError => e
  logger.error('Range update for Tag failed with: ', e)
end

#str_valObject Also known as: to_s 



138
139
140
 
# File 'lib/contrast/agent/assess/tag.rb', line 138

def str_val
  @_str_val ||= "[#{ start_idx },#{ end_idx }]"
end

#update_end(end_idx) ⇒ Object 



99
100
101
102
103
 
# File 'lib/contrast/agent/assess/tag.rb', line 99

def update_end end_idx
  update_range(@start_idx, end_idx)
rescue ArgumentError => e
  logger.error('Range update for Tag failed with: ', e)
end

#update_start(start_idx) ⇒ Object 



93
94
95
96
97
 
# File 'lib/contrast/agent/assess/tag.rb', line 93

def update_start start_idx
  update_range(start_idx, @end_idx)
rescue ArgumentError => e
  logger.error('Range update for Tag failed with: ', e)
end