Sha256: fe16f4c00371c5f654209139f68054ef006faa264f02644952446cc2035191ed
Contents?: true
Size: 1.63 KB
Versions: 18
Compression:
Stored size: 1.63 KB
Contents
# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: false
require 'ffi'
require 'contrast-agent-lib'
require 'contrast/utils/object_share'
module Contrast
module AgentLib
# This module is defined in Rust as external, we used it here.
# Initializes the AgentLib. Here will be all methods from
# the C bindings contrast_c::path_semantic_file_security_bypass module.
module PathSemanticFileSecurityBypass
extend FFI::Library
ffi_lib ContrastAgentLib::CONTRAST_C
# Attach all the needed functions
# @param file_path[String] This is the full path of the file, being accessed
# @param is_custom_code[Integer] whether the file is being accessed by custom (user) code,
# rather than framework code.
attach_function :does_file_path_bypass_security, %i[string int], :int
private
# do we need to get the full path before we invoke it or here I need to extract the full path?
# This is the function from the agent lib, that checks if
# a given file_path is attempting to access system files
# or bypass file security
# This is used for the `path-traversal-semantic-file-security-bypass` rule.
#
# @param file_path[String] This is the full path of the file, being accessed
# @param is_custom_code[Integer] whether the file is being accessed by custom (user) code,
# rather than framework code.
def dl__does_file_bypass_security file_path, is_custom_code
does_file_path_bypass_security(file_path, is_custom_code)
end
end
end
end
Version data entries
18 entries across 18 versions & 1 rubygems