Class: Contrast::Agent::Protect::Rule::Sqli Deprecated

Inherits:

BaseService

• Object
• Base
• BaseService
• Contrast::Agent::Protect::Rule::Sqli

Defined in:

lib/contrast/agent/protect/rule/sqli.rb,
lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb,
lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb,
lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb

Overview

Deprecated.

RUBY-356

Defined Under Namespace

Classes: DefaultSqlScanner, MysqlSqlScanner, PostgresSqlScanner, SqliteSqlScanner

Constant Summary

NAME =

'sql-injection'

BLOCK_MESSAGE =

'SQLi rule triggered. Response blocked.'

Constants inherited from Base

Base::BLOCKING_MODES, Base::OFF, Base::POSTFILTER_MODES, Base::STACK_COLLECTION_RESULTS, Base::UNKNOWN_USER_INPUT

Instance Attribute Summary

Attributes inherited from Base

#mode

Instance Method Summary

• #block_message ⇒ Object
• #build_attack_with_match(context, input_analysis_result, result, query_string, **kwargs) ⇒ Object
• #infilter(context, database, query_string) ⇒ Object
• #name ⇒ Object

Methods inherited from BaseService

#infilter?, #postfilter

Methods inherited from Base

#append_to_activity, #build_attack_without_match, #enabled?, #excluded?, #infilter?, #initialize, #postfilter, #prefilter, #stream_safe?

Methods included from Components::Interface

included

Constructor Details

This class inherits a constructor from Contrast::Agent::Protect::Rule::Base

Instance Method Details

#block_message ⇒ Object

# File 'lib/contrast/agent/protect/rule/sqli.rb', line 20

def block_message
  BLOCK_MESSAGE
end

#build_attack_with_match(context, input_analysis_result, result, query_string, **kwargs) ⇒ Object

# File 'lib/contrast/agent/protect/rule/sqli.rb', line 35

def build_attack_with_match context, input_analysis_result, result, query_string, **kwargs
  attack_string = input_analysis_result.value
  regexp = Regexp.new(Regexp.escape(attack_string), Regexp::IGNORECASE)

  return nil unless query_string.match?(regexp)

  database = kwargs[:database]
  scanner = select_scanner(database)

  ss = StringScanner.new(query_string)
  length = attack_string.length
  while ss.scan_until(regexp)
    # the pos of StringScanner is at the end of the regexp (input string),
    # we need the beginning
    idx = ss.pos - attack_string.length
    last_boundary, boundary = scanner.crosses_boundary(query_string, idx, input_analysis_result.value)
    next unless last_boundary && boundary

    input_analysis_result.attack_count = input_analysis_result.attack_count + 1

    kwargs[:start_idx] = idx
    kwargs[:end_idx] = idx + length
    kwargs[:boundary_overrun_idx] = boundary
    kwargs[:input_boundary_idx] = last_boundary

    result ||= build_attack_result(context)
    update_successful_attack_response(context, input_analysis_result, result, query_string)
    append_sample(context, input_analysis_result, result, query_string, **kwargs)
  end

  result
end

#infilter(context, database, query_string) ⇒ Object

Raises:

• (Contrast::SecurityException)

# File 'lib/contrast/agent/protect/rule/sqli.rb', line 24

def infilter context, database, query_string
  return nil unless infilter?(context)

  result = find_attacker(context, query_string, database: database)
  return nil unless result

  append_to_activity(context, result)

  raise Contrast::SecurityException.new(self, BLOCK_MESSAGE) if blocked?
end

#name ⇒ Object

# File 'lib/contrast/agent/protect/rule/sqli.rb', line 16

def name
  NAME
end