Sha256: 03283f8a22b7356f824e176b0e901be29ba979180281581368679422380e8328
Contents?: true
Size: 1.58 KB
Versions: 3
Compression:
Stored size: 1.58 KB
Contents
# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true
module Contrast
module Utils
# DO NOT REMOVE THIS!
#
# Marshal is pretty cool. It does a lot of things well. What it doesn't
# mess around with though is StringIO. And what we don't want to do is
# serialize ourselves out with Marshal.dump.
#
# Unfortunately, we have to mess around w/ that. To isolate our things from
# user dumped Strings (and so that we can marshal findings), we have
# decided to make this class not marshalled.
module PreventMarshalSerialization
def marshal_dump
nil
end
def marshal_load *_args
nil
end
end
# DO NOT REMOVE THIS!
#
# Psych/YAML is also pretty cool. But it doesn't mess with anonymous
# classes. In order to make things we extend serializable, we need to make
# sure we play nice.
module PreventPsychSerialization
def encode_with *_args
nil
end
def init_with *_args
nil
end
end
# DO NOT REMOVE THIS!
#
# This module is used to prevent deserialization of our classes, not b/c
# we're trying to be sneaky, but b/c there is a high probability that the
# events we're capturing have non-serializable data in them and b/c we
# can't be sure the serialized data will be used in an application running
# Contrast.
module PreventSerialization
include PreventMarshalSerialization
include PreventPsychSerialization
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems