Class: Contrast::Agent::Reporting::FindingEvent

Inherits:

ReportableHash

• Object
• ReportableHash
• Contrast::Agent::Reporting::FindingEvent

Defined in:

lib/contrast/agent/reporting/reporting_events/finding_event.rb

Overview

This is the new FindingEvent class which will include all the needed information for the new reporting system to relay this information in the Finding/Trace messages. These FindingEvents are used by TeamServer to construct the vulnerability information for the assess feature. They represent the operation the application underwent that transformed data during the dataflow.

Instance Attribute Summary

• #action ⇒ Symbol readonly

  What the event did; CREATION, A2O, A2P, A2A, A2R, O2A, O2O, O2P, O2R, P2A, P2O, P2P, P2R, TAG, TRIGGER.

• #args ⇒ Array<Contrast::Agent::Assess::ContrastObject, nil> readonly

  The safe representation of the Arguments with which the method was invoked.

• #code ⇒ nil readonly

  Unused.

• #event_id ⇒ Integer readonly

  The id of this event.

• #event_sources ⇒ Array<Contrast::Agent::Reporting::EventSource> readonly

  The source of taint.

• #field_name ⇒ nil readonly

  Unused.

• #object ⇒ Contrast::Agent::Assess::ContrastObject readonly

  The safe representation of the Object on which the method was invoked.

• #parent_object_ids ⇒ Array<Contrast::Agent::Reporting::FindingEventParentObject> readonly

  The ids of all the events directly preceding this.

• #policy_node ⇒ Contrast::Agent::Assess::Policy::PolicyNode readonly

  The node that governs this event.

• #properties ⇒ Array<Contrast::Agent::Reporting::FindingEventProperty> readonly
• #reportable_args ⇒ Array<Contrast::Agent::Reporting::FindingEventObject> readonly

  The arguments passed to the method.

• #reportable_object ⇒ Contrast::Agent::Reporting::FindingEventObject readonly

  The object this method was invoked on.

• #reportable_ret ⇒ Contrast::Agent::Reporting::FindingEventObject readonly

  The return of the method.

• #reportable_tags ⇒ String readonly

  Comma separated list of descriptions of what’s happened to the data.

• #request ⇒ Contrast::Agent::Request^? readonly

  Our wrapper around the Rack::Request for this context.

• #ret ⇒ Contrast::Agent::Assess::ContrastObject readonly

  The safe representation of the Return of the invoked method.

• #signature ⇒ Contrast::Agent::Reporting::FindingEventSignature readonly

  The signature of the method.

• #source ⇒ String readonly

  The source of the taint from the method; ^(O|R|Pd+)$.

• #source_name ⇒ String^? readonly
• #source_type ⇒ String^? readonly
• #stack ⇒ Array<Contrast::Agent::Reporting::FindingEventStack> readonly
• #stack_trace ⇒ Array<String> readonly

  The execution stack at the time the method for this event was invoked.

• #tags ⇒ Hash<Contrast::Agent::Assess::Tag> readonly
• #taint_ranges ⇒ Array<Contrast::Agent::Reporting::FindingEventTaintRange> readonly

  The tags and spans of the source that are tracked.

• #target ⇒ String readonly

  The target of the taint from the method; ^(O|R|Pd+)$.

• #thread ⇒ String readonly

  The id of the thread on which the method was invoked.

• #time ⇒ Integer readonly

  The time, in ms, when the event was generated.

• #type ⇒ String readonly

  The type of event; METHOD, PROPAGATION, TAG.

Class Method Summary

• .from_source(source) ⇒ Array<Contrast::Agent::Reporting::FindingEvent>

  Find all the events leading up to the given source and return an array of FindingEvents.

• .next_atomic_id ⇒ Object

Instance Method Summary

• #initialize(event_data = nil, source_type = nil, source_name = nil) ⇒ Contrast::Agent::Reporting::FindingEvent constructor

  Creates new FindingEvent.

• #initialize_routine(event_data, source_type = nil, source_name = nil) ⇒ Object

  Init routine to find parents events, capture stack trace and retrieve object, args, ret and properties.

• #parent_events ⇒ Array<Contrast::Agent::Reporting::FindingEvent>
• #to_controlled_hash ⇒ Hash

  Convert the instance variables on the class, and other information, into the identifiers required for TeamServer to process the JSON form of this message.

• #validate ⇒ Object

Methods inherited from ReportableHash

#event_json, #valid?

Methods included from Components::Logger::InstanceMethods

#cef_logger, #logger

Constructor Details

#initialize(event_data = nil, source_type = nil, source_name = nil) ⇒ Contrast::Agent::Reporting::FindingEvent

Creates new FindingEvent.

Parameters:

• event_data (Contrast::Agent::Assess::Events::EventData) (defaults to: nil)
• source_type (String, nil) (defaults to: nil) —

  the type of this source, from the source_node, or a KEY_TYPE if invoked for a map,

• source_name (String, nil) (defaults to: nil) —

  the name of this source, i.e. the key used to accessed if from a map or nil if a type like,

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 99

def initialize event_data = nil, source_type = nil, source_name = nil
  @event_sources = []
  @stack = []
  @time = Contrast::Utils::Timer.now_ms
  @thread = Thread.current.object_id.to_s
  @event_id = Contrast::Agent::Reporting::FindingEvent.next_atomic_id
  initialize_routine(event_data, source_type, source_name)
  super()
end

Instance Attribute Details

#action ⇒ Symbol (readonly)

Returns what the event did; CREATION, A2O, A2P, A2A, A2R, O2A, O2O, O2P, O2R, P2A, P2O, P2P, P2R, TAG, TRIGGER.

Returns:

• (Symbol) —

  what the event did; CREATION, A2O, A2P, A2A, A2R, O2A, O2O, O2P, O2R, P2A, P2O, P2P, P2R, TAG, TRIGGER.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 31

def action
  @action
end

#args ⇒ Array<Contrast::Agent::Assess::ContrastObject, nil> (readonly)

Returns the safe representation of the Arguments with which the method was invoked.

Returns:

• (Array<Contrast::Agent::Assess::ContrastObject, nil>) —

  the safe representation of the Arguments with which the method was invoked

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 36

def args
  @args
end

#code ⇒ nil (readonly)

Returns unused.

Returns:

• (nil) —

  unused.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 38

def code
  @code
end

#event_id ⇒ Integer (readonly)

Returns the id of this event.

Returns:

• (Integer) —

  the id of this event.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 40

def event_id
  @event_id
end

#event_sources ⇒ Array<Contrast::Agent::Reporting::EventSource> (readonly)

Returns the source of taint.

Returns:

• (Array<Contrast::Agent::Reporting::EventSource>) —

  the source of taint

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 42

def event_sources
  @event_sources
end

#field_name ⇒ nil (readonly)

Returns unused.

Returns:

• (nil) —

  unused.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 48

def field_name
  @field_name
end

#object ⇒ Contrast::Agent::Assess::ContrastObject (readonly)

Returns the safe representation of the Object on which the method was invoked.

Returns:

• (Contrast::Agent::Assess::ContrastObject) —

  the safe representation of the Object on which the method was invoked

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 55

def object
  @object
end

#parent_object_ids ⇒ Array<Contrast::Agent::Reporting::FindingEventParentObject> (readonly)

Returns the ids of all the events directly preceding this.

Returns:

• (Array<Contrast::Agent::Reporting::FindingEventParentObject>) —

  the ids of all the events directly preceding this

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 58

def parent_object_ids
  @parent_object_ids
end

#policy_node ⇒ Contrast::Agent::Assess::Policy::PolicyNode (readonly)

Returns the node that governs this event.

Returns:

• (Contrast::Agent::Assess::Policy::PolicyNode) —

  the node that governs this event.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 60

def policy_node
  @policy_node
end

#properties ⇒ Array<Contrast::Agent::Reporting::FindingEventProperty> (readonly)

Returns:

• (Array<Contrast::Agent::Reporting::FindingEventProperty>)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 62

def properties
  @properties
end

#reportable_args ⇒ Array<Contrast::Agent::Reporting::FindingEventObject> (readonly)

Returns the arguments passed to the method.

Returns:

• (Array<Contrast::Agent::Reporting::FindingEventObject>) —

  the arguments passed to the method.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 33

def reportable_args
  @reportable_args
end

#reportable_object ⇒ Contrast::Agent::Reporting::FindingEventObject (readonly)

Returns the object this method was invoked on.

Returns:

• (Contrast::Agent::Reporting::FindingEventObject) —

  the object this method was invoked on.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 50

def reportable_object
  @reportable_object
end

#reportable_ret ⇒ Contrast::Agent::Reporting::FindingEventObject (readonly)

Returns the return of the method.

Returns:

• (Contrast::Agent::Reporting::FindingEventObject) —

  the return of the method.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 64

def reportable_ret
  @reportable_ret
end

#reportable_tags ⇒ String (readonly)

Returns comma separated list of descriptions of what’s happened to the data.

Returns:

• (String) —

  comma separated list of descriptions of what’s happened to the data

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 74

def reportable_tags
  @reportable_tags
end

#request ⇒ Contrast::Agent::Request^? (readonly)

Returns our wrapper around the Rack::Request for this context.

Returns:

• (Contrast::Agent::Request, nil) —

  our wrapper around the Rack::Request for this context

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 52

def request
  @request
end

#ret ⇒ Contrast::Agent::Assess::ContrastObject (readonly)

Returns the safe representation of the Return of the invoked method.

Returns:

• (Contrast::Agent::Assess::ContrastObject) —

  the safe representation of the Return of the invoked method

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 66

def ret
  @ret
end

#signature ⇒ Contrast::Agent::Reporting::FindingEventSignature (readonly)

Returns the signature of the method.

Returns:

• (Contrast::Agent::Reporting::FindingEventSignature) —

  the signature of the method.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 68

def signature
  @signature
end

#source ⇒ String (readonly)

Returns the source of the taint from the method; ^(O|R|Pd+)$.

Returns:

• (String) —

  the source of the taint from the method; ^(O|R|Pd+)$

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 70

def source
  @source
end

#source_name ⇒ String^? (readonly)

Returns:

• (String, nil)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 46

def source_name
  @source_name
end

#source_type ⇒ String^? (readonly)

Returns:

• (String, nil)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 44

def source_type
  @source_type
end

#stack ⇒ Array<Contrast::Agent::Reporting::FindingEventStack> (readonly)

Returns:

• (Array<Contrast::Agent::Reporting::FindingEventStack>)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 72

def stack
  @stack
end

#stack_trace ⇒ Array<String> (readonly)

Returns the execution stack at the time the method for this event was invoked.

Returns:

• (Array<String>) —

  the execution stack at the time the method for this event was invoked

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 89

def stack_trace
  @stack_trace
end

#tags ⇒ Hash<Contrast::Agent::Assess::Tag> (readonly)

Returns:

• (Hash<Contrast::Agent::Assess::Tag>)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 76

def tags
  @tags
end

#taint_ranges ⇒ Array<Contrast::Agent::Reporting::FindingEventTaintRange> (readonly)

Returns the tags and spans of the source that are tracked.

Returns:

• (Array<Contrast::Agent::Reporting::FindingEventTaintRange>) —

  the tags and spans of the source that are tracked

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 79

def taint_ranges
  @taint_ranges
end

#target ⇒ String (readonly)

Returns the target of the taint from the method; ^(O|R|Pd+)$.

Returns:

• (String) —

  the target of the taint from the method; ^(O|R|Pd+)$

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 81

def target
  @target
end

#thread ⇒ String (readonly)

Returns the id of the thread on which the method was invoked.

Returns:

• (String) —

  the id of the thread on which the method was invoked

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 83

def thread
  @thread
end

#time ⇒ Integer (readonly)

Returns the time, in ms, when the event was generated.

Returns:

• (Integer) —

  the time, in ms, when the event was generated

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 85

def time
  @time
end

#type ⇒ String (readonly)

Returns the type of event; METHOD, PROPAGATION, TAG.

Returns:

• (String) —

  the type of event; METHOD, PROPAGATION, TAG

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 87

def type
  @type
end

Class Method Details

.from_source(source) ⇒ Array<Contrast::Agent::Reporting::FindingEvent>

Find all the events leading up to the given source and return an array of FindingEvents

Parameters:

• source (Object) —

  something that may have been tracked

Returns:

• (Array<Contrast::Agent::Reporting::FindingEvent>)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 159

def from_source source
  return unless source && (props = Contrast::Agent::Assess::Tracker.properties(source))

  build_events([], props.event) if props.event
end

.next_atomic_id ⇒ Object

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 140

def self.next_atomic_id
  @atomic_mutex.synchronize do
    @atomic_id += 1
    # Rollover things
  rescue StandardError
    @atomic_id = 1
  end
end

Instance Method Details

#initialize_routine(event_data, source_type = nil, source_name = nil) ⇒ Object

Init routine to find parents events, capture stack trace and retrieve object, args, ret and properties.

Parameters:

• event_data (Contrast::Agent::Assess::Events::EventData)
• source_type (String, nil) (defaults to: nil) —

  the type of this source, from the source_node, or a KEY_TYPE if invoked for a map,

• source_name (String, nil) (defaults to: nil) —

  the name of this source, i.e. the key used to accessed if from a map or nil if a type like,

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 116

def initialize_routine event_data, source_type = nil, source_name = nil
  return unless event_data&.cs__is_a?(Contrast::Agent::Assess::Events::EventData)

  # Initialize source event:
  if event_data.policy_node.cs__class == Contrast::Agent::Assess::Policy::SourceNode
    build_source_event(source_type, source_name)
  end

  @policy_node = event_data.policy_node
  @tags = Contrast::Agent::Assess::Tracker.properties(event_data.tagged)&.get_tags
  find_parent_events!(event_data.policy_node, event_data.object, event_data.ret, event_data.args)
  snapshot!(event_data.object, event_data.ret, event_data.args)
  display_params!
  capture_stacktrace!
  stack!
  properties!
  # following methods must be called after snapshot!
  dataflow!
  @signature = Contrast::Agent::Reporting::FindingEventSignature.new(policy_node, args, ret)
end

#parent_events ⇒ Array<Contrast::Agent::Reporting::FindingEvent>

Returns:

• (Array<Contrast::Agent::Reporting::FindingEvent>)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 150

def parent_events
  @_parent_events ||= []
end

#to_controlled_hash ⇒ Hash

Convert the instance variables on the class, and other information, into the identifiers required for TeamServer to process the JSON form of this message.

Returns:

• (Hash)

Raises:

• (ArgumentError)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 189

def to_controlled_hash # rubocop:disable Metrics/AbcSize
  validate
  {
      action: action,
      args: reportable_args.map(&:to_controlled_hash),
      # code: code, # Unused by our agent
      objectId: event_id,
      eventSources: event_sources.map(&:to_controlled_hash),
      # fieldName: field_name, # Unused by our agent
      object: reportable_object.to_controlled_hash,
      parentObjectIds: parent_object_ids.map(&:to_controlled_hash),
      properties: properties.map(&:to_controlled_hash),
      ret: reportable_ret&.to_controlled_hash,
      signature: signature.to_controlled_hash,
      source: source || '',
      stack: stack.map(&:to_controlled_hash),
      tags: reportable_tags.join(','),
      taintRanges: taint_ranges.map(&:to_controlled_hash),
      target: target || '',
      thread: thread,
      time: time,
      type: type
  }
end

#validate ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 215

def validate
  validate_base
  validate_dataflow
end