Module: Datadog::AppSec::WAF::LibDDWAF

Extended by:

FFI::Library

Defined in:

lib/datadog/appsec/waf.rb

Defined Under Namespace

Classes: Config, Error, Object, ObjectValueUnion, Result, SizeTPtr, UInt32Ptr, UInt64Ptr

Constant Summary

DDWAF_OBJ_TYPE =

ddwaf::object data structure

enum :ddwaf_obj_invalid,  0,
:ddwaf_obj_signed,   1 << 0,
:ddwaf_obj_unsigned, 1 << 1,
:ddwaf_obj_string,   1 << 2,
:ddwaf_obj_array,    1 << 3,
:ddwaf_obj_map,      1 << 4,
:ddwaf_obj_bool,     1 << 5

ObjectFree =

freeers

attach_function :ddwaf_object_free, [:ddwaf_object], :void

ObjectNoFree =

::FFI::Pointer::NULL

DDWAF_RET_CODE =

updating

enum :ddwaf_err_internal,         -3,
:ddwaf_err_invalid_object,   -2,
:ddwaf_err_invalid_argument, -1,
:ddwaf_ok,                    0,
:ddwaf_match,                 1

DDWAF_LOG_LEVEL =

logging

enum :ddwaf_log_trace,
:ddwaf_log_debug,
:ddwaf_log_info,
:ddwaf_log_warn,
:ddwaf_log_error,
:ddwaf_log_off

DEFAULT_MAX_CONTAINER_SIZE =

256

DEFAULT_MAX_CONTAINER_DEPTH =

20

DEFAULT_MAX_STRING_LENGTH =

in bytes, UTF-8 worst case being 4x size in terms of code point)

16_384

DDWAF_MAX_CONTAINER_SIZE =

256

DDWAF_MAX_CONTAINER_DEPTH =

20

DDWAF_MAX_STRING_LENGTH =

4096

DDWAF_RUN_TIMEOUT =

5000

Class Method Summary

• .libddwaf_dir ⇒ Object
• .libddwaf_vendor_dir ⇒ Object
• .local_cpu ⇒ Object
• .local_os ⇒ Object
• .local_version ⇒ Object
• .shared_lib_extname ⇒ Object
• .shared_lib_path ⇒ Object
• .shared_lib_triplet(version: local_version) ⇒ Object
• .source_dir ⇒ Object
• .vendor_dir ⇒ Object

Instance Method Summary

• #ddwaf_object_invalid ⇒ Object

  setters.

• #ddwaf_object_type ⇒ Object

  getters.

Class Method Details

.libddwaf_dir ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 77

def self.libddwaf_dir
  default = File.join(libddwaf_vendor_dir,
                      "libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{shared_lib_triplet}")
  candidates = [
    default
  ]

  if local_os == 'linux'
    candidates << File.join(libddwaf_vendor_dir,
                            "libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{shared_lib_triplet(version: nil)}")
  end

  candidates.find { |d| Dir.exist?(d) } || default
end

.libddwaf_vendor_dir ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 69

def self.libddwaf_vendor_dir
  File.join(vendor_dir, 'libddwaf')
end

.local_cpu ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 45

def self.local_cpu
  if RUBY_ENGINE == 'jruby'
    os_arch = java.lang.System.get_property('os.arch')

    cpu = case os_arch
          when 'amd64' then 'x86_64'
          when 'aarch64' then 'aarch64'
          else raise Error, "unsupported JRuby os.arch: #{os_arch.inspect}"
          end

    return cpu
  end

  Gem::Platform.local.cpu
end

.local_os ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 20

def self.local_os
  if RUBY_ENGINE == 'jruby'
    os_name = java.lang.System.get_property('os.name')

    os = case os_name
         when /linux/i then 'linux'
         when /mac/i   then 'darwin'
         else raise Error, "unsupported JRuby os.name: #{os_name.inspect}"
         end

    return os
  end

  Gem::Platform.local.os
end

.local_version ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 36

def self.local_version
  return nil unless local_os == 'linux'

  # Old rubygems don't handle non-gnu linux correctly
  return $1 if RUBY_PLATFORM =~ /linux-(.+)$/

  'gnu'
end

.shared_lib_extname ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 92

def self.shared_lib_extname
  Gem::Platform.local.os == 'darwin' ? '.dylib' : '.so'
end

.shared_lib_path ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 96

def self.shared_lib_path
  File.join(libddwaf_dir, 'lib', "libddwaf#{shared_lib_extname}")
end

.shared_lib_triplet(version: local_version) ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 73

def self.shared_lib_triplet(version: local_version)
  version ? "#{local_os}-#{version}-#{local_cpu}" : "#{local_os}-#{local_cpu}"
end

.source_dir ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 61

def self.source_dir
  __dir__ || raise('__dir__ is nil: eval?')
end

.vendor_dir ⇒ Object

# File 'lib/datadog/appsec/waf.rb', line 65

def self.vendor_dir
  File.join(source_dir, '../../../vendor')
end

Instance Method Details

#ddwaf_object_invalid ⇒ Object

setters

# File 'lib/datadog/appsec/waf.rb', line 158

attach_function :ddwaf_object_invalid, [:ddwaf_object], :ddwaf_object

#ddwaf_object_type ⇒ Object

getters

# File 'lib/datadog/appsec/waf.rb', line 178

attach_function :ddwaf_object_type, [:ddwaf_object], DDWAF_OBJ_TYPE