Class: Contrast::Extension::Assess::StringPropagator

Inherits:

Object

Object
Contrast::Extension::Assess::StringPropagator

show all

Extended by:: Components::Logger::InstanceMethods, Components::Scope::InstanceMethods

Defined in:: lib/contrast/extension/assess/string.rb,
ext/cs__assess_string_interpolation/cs__assess_string_interpolation.c

Overview

This Class provides us with a way to invoke String propagation for those methods which are too complex to fit into one of the standard Contrast::Agent::Assess::Policy::Propagator molds without cluttering up the String Class or exposing our methods there.

Constant Summary collapse

NODE_HASH =

{
    'class_name' => 'String',
    'instance_method' => true,
    'method_name' => 'interpolate',
    'method_visibility' => 'public',
    'action' => 'CUSTOM',
    'source' => 'O,P0',
    'target' => 'R',
    'patch_class' => 'NOOP',
    'patch_method' => 'track_interpolation'
}.cs__freeze

INTERPOLATION_NODE =

Contrast::Agent::Assess::Policy::PropagationNode.new(NODE_HASH)

Class Method Summary collapse

.track_interpolation(inputs, result) ⇒ Object

We call this method from C, and the Scope check is happening there.

Methods included from Components::Scope::InstanceMethods

contrast_enter_method_scopes!, contrast_exit_method_scopes!, with_app_scope, with_contrast_scope, with_deserialization_scope, with_split_scope

Methods included from Components::Logger::InstanceMethods

cef_logger, logger

Class Method Details

.track_interpolation(inputs, result) ⇒ `Object`

We call this method from C, and the Scope check is happening there. If we are in Contrast Scope the method won’t be invoked.

Parameters:

inputs (Array<String>) —

Inputs for interpolation.
result (String) —

The result from the interpolation.

# File 'lib/contrast/extension/assess/string.rb', line 38

def track_interpolation inputs, result
  return unless inputs.any? { |input| Contrast::Agent::Assess::Tracker.tracked?(input) }
  return unless (properties = Contrast::Agent::Assess::Tracker.properties!(result))

  parent_events = []
  offset = 0
  inputs.each do |input|
    properties.copy_from(input, result, offset)
    add_dynamic_sources_info(input, result)
    offset += input.length
    parent_event = Contrast::Agent::Assess::Tracker.properties(input)&.event
    parent_events << parent_event if parent_event
  end
  event_data = Contrast::Agent::Assess::Events::EventData.new(INTERPOLATION_NODE,
                                                              result,
                                                              inputs,
                                                              result,
                                                              inputs)
  properties.build_event(event_data)
  properties.event.instance_variable_set(:@_parent_events, parent_events)
rescue StandardError => e
  logger.error('Unable to track interpolation', e)
end