Module: Contrast::Agent::Protect::Policy::AppliesPathTraversalRule

Extended by:
RuleApplicator
Defined in:
lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb

Overview

This Module is how we apply the Path Traversal rule. It is called from our patches of the targeted methods in which File or IO access occur. It is responsible for deciding if the infilter methods of the rule should be invoked.

Class Method Summary collapse

Methods included from RuleApplicator

apply_classification, apply_rule

Methods included from Components::Logger::InstanceMethods

#cef_logger, #logger

Class Method Details

.invoke(method, _exception, properties, object, args) ⇒ Object 



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb', line 21

def invoke method, _exception, properties, object, args
  return unless args&.any?

  path = args[0]
  return unless path.is_a?(String)
  return if skip_analysis?

  action = properties['action']
  write_marker = write?(action, *args)
  possible_write = write_marker && possible_write?(write_marker)

  # Get the ia for current rule:
  apply_classification(rule_name, Contrast::Agent::REQUEST_TRACKER.current)

  # Invoke semantic rules from here, not in a separate protect policy
  invoke_semantic_rules(path, possible_write, object, method)
  path_traversal_rule(path, possible_write, object, method)

  # If the action was copy, we need to handle the write half of it.
  # We handled read in line above.
  return unless action == COPY
  return unless args.length > 1

  dst = args[1]
  return unless dst.is_a?(String)

  invoke_semantic_rules(dst, true, object, method)
  path_traversal_rule(dst, true, object, method)
end