Module: Datadog::AppSec::WAF::LibDDWAF

Extended by:

FFI::Library

Defined in:

lib/datadog/appsec/waf/lib_ddwaf.rb

Overview

FFI-binding for C-libddwaf See github.com/DataDog/libddwaf

Defined Under Namespace

Classes: Config, Error, Object, ObjectValueUnion, Result, SizeTPtr, UInt32Ptr, UInt64Ptr

Constant Summary

DDWAF_OBJ_TYPE =

ddwaf::object data structure

enum :ddwaf_obj_invalid,  0,
:ddwaf_obj_signed,   1 << 0,
:ddwaf_obj_unsigned, 1 << 1,
:ddwaf_obj_string,   1 << 2,
:ddwaf_obj_array,    1 << 3,
:ddwaf_obj_map,      1 << 4,
:ddwaf_obj_bool,     1 << 5,
:ddwaf_obj_float,    1 << 6,
:ddwaf_obj_null,     1 << 7

ObjectFree =

freeers

attach_function :ddwaf_object_free, [:ddwaf_object], :void

ObjectNoFree =

::FFI::Pointer::NULL

DDWAF_RET_CODE =

updating

enum :ddwaf_err_internal,         -3,
:ddwaf_err_invalid_object,   -2,
:ddwaf_err_invalid_argument, -1,
:ddwaf_ok,                    0,
:ddwaf_match,                 1

DDWAF_LOG_LEVEL =

logging

enum :ddwaf_log_trace,
:ddwaf_log_debug,
:ddwaf_log_info,
:ddwaf_log_warn,
:ddwaf_log_error,
:ddwaf_log_off

DEFAULT_MAX_CONTAINER_SIZE =

256

DEFAULT_MAX_CONTAINER_DEPTH =

20

DEFAULT_MAX_STRING_LENGTH =

in bytes, UTF-8 worst case being 4x size in terms of code point)

16_384

DDWAF_MAX_CONTAINER_SIZE =

256

DDWAF_MAX_CONTAINER_DEPTH =

20

DDWAF_MAX_STRING_LENGTH =

4096

DDWAF_RUN_TIMEOUT =

5000

Class Method Summary

• .libddwaf_dir ⇒ Object
• .libddwaf_vendor_dir ⇒ Object
• .local_cpu ⇒ Object
• .local_os ⇒ Object
• .local_version ⇒ Object
• .shared_lib_extname ⇒ Object
• .shared_lib_path ⇒ Object
• .shared_lib_triplet(version: local_version) ⇒ Object
• .source_dir ⇒ Object
• .vendor_dir ⇒ Object

Instance Method Summary

• #ddwaf_object_invalid ⇒ Object

  setters.

• #ddwaf_object_type ⇒ Object

  getters.

Class Method Details

.libddwaf_dir ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 82

def self.libddwaf_dir
  default = File.join(libddwaf_vendor_dir,
                      "libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{shared_lib_triplet}")
  candidates = [
    default
  ]

  if local_os == 'linux'
    candidates << File.join(libddwaf_vendor_dir,
                            "libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{shared_lib_triplet(version: nil)}")
  end

  candidates.find { |d| Dir.exist?(d) } || default
end

.libddwaf_vendor_dir ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 74

def self.libddwaf_vendor_dir
  File.join(vendor_dir, 'libddwaf')
end

.local_cpu ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 50

def self.local_cpu
  if RUBY_ENGINE == 'jruby'
    os_arch = java.lang.System.get_property('os.arch')

    cpu = case os_arch
          when 'amd64' then 'x86_64'
          when 'aarch64' then local_os == 'darwin' ? 'arm64' : 'aarch64'
          else raise Error, "unsupported JRuby os.arch: #{os_arch.inspect}"
          end

    return cpu
  end

  Gem::Platform.local.cpu
end

.local_os ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 25

def self.local_os
  if RUBY_ENGINE == 'jruby'
    os_name = java.lang.System.get_property('os.name')

    os = case os_name
         when /linux/i then 'linux'
         when /mac/i   then 'darwin'
         else raise Error, "unsupported JRuby os.name: #{os_name.inspect}"
         end

    return os
  end

  Gem::Platform.local.os
end

.local_version ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 41

def self.local_version
  return nil unless local_os == 'linux'

  # Old rubygems don't handle non-gnu linux correctly
  return ::Regexp.last_match(1) if RUBY_PLATFORM =~ /linux-(.+)$/

  'gnu'
end

.shared_lib_extname ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 97

def self.shared_lib_extname
  if Gem::Platform.local.os == 'darwin'
    '.dylib'
  elsif Gem::Platform.local.os == 'java' && java.lang.System.get_property('os.name').match(/mac/i)
    '.dylib'
  else
    '.so'
  end
end

.shared_lib_path ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 107

def self.shared_lib_path
  File.join(libddwaf_dir, 'lib', "libddwaf#{shared_lib_extname}")
end

.shared_lib_triplet(version: local_version) ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 78

def self.shared_lib_triplet(version: local_version)
  version ? "#{local_os}-#{version}-#{local_cpu}" : "#{local_os}-#{local_cpu}"
end

.source_dir ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 66

def self.source_dir
  __dir__ || raise('__dir__ is nil: eval?')
end

.vendor_dir ⇒ Object

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 70

def self.vendor_dir
  File.join(source_dir, '../../../../vendor')
end

Instance Method Details

#ddwaf_object_invalid ⇒ Object

setters

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 179

attach_function :ddwaf_object_invalid, [:ddwaf_object], :ddwaf_object

#ddwaf_object_type ⇒ Object

getters

# File 'lib/datadog/appsec/waf/lib_ddwaf.rb', line 201

attach_function :ddwaf_object_type, [:ddwaf_object], DDWAF_OBJ_TYPE