Sha256: b3f0fae1bb0fdc0681e152d6ea75f46e4cc9f295858a2991b241eca689ef2de6
Contents?: true
Size: 1.63 KB
Versions: 4
Compression:
Stored size: 1.63 KB
Contents
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: false
require 'ffi'
require 'contrast-agent-lib'
require 'contrast/utils/object_share'
module Contrast
module AgentLib
# This module is defined in Rust as external, we used it here.
# Initializes the AgentLib. Here will be all methods from
# the C bindings contrast_c::path_semantic_file_security_bypass module.
module PathSemanticFileSecurityBypass
extend FFI::Library
ffi_lib ContrastAgentLib::CONTRAST_C
# Attach all the needed functions
# @param file_path[String] This is the full path of the file, being accessed
# @param is_custom_code[Integer] whether the file is being accessed by custom (user) code,
# rather than framework code.
attach_function :does_file_path_bypass_security, %i[string int], :int
private
# do we need to get the full path before we invoke it or here I need to extract the full path?
# This is the function from the agent lib, that checks if
# a given file_path is attempting to access system files
# or bypass file security
# This is used for the `path-traversal-semantic-file-security-bypass` rule.
#
# @param file_path[String] This is the full path of the file, being accessed
# @param is_custom_code[Integer] whether the file is being accessed by custom (user) code,
# rather than framework code.
def dl__does_file_bypass_security file_path, is_custom_code
does_file_path_bypass_security(file_path, is_custom_code)
end
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems