Module: Contrast::Api::Decorators::TraceEvent

Included in:: Contrast::Api::Dtm::TraceEvent

Defined in:: lib/contrast/api/decorators/trace_event.rb

Overview

Used to decorate the Contrast::Api::Dtm::TraceEvent protobuf model to convert our Contrast::Agent::AssessContrastEvent to the dtm.

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

.included(klass) ⇒ Object

Instance Method Summary collapse

#build_event_args(contrast_event, taint_target) ⇒ Object

Wrapper around build_event_object for the args array.
#build_parent_ids(contrast_event) ⇒ Object
#build_stack(contrast_event) ⇒ Object
#build_taint_ranges(contrast_event, taint_target) ⇒ Object

TeamServer only supports one object’s taint ranges at a time.

Class Method Details

.included(klass) ⇒ `Object`



12
13
14

# File 'lib/contrast/api/decorators/trace_event.rb', line 12

def self.included klass
  klass.extend(ClassMethods)
end

Instance Method Details

#build_event_args(contrast_event, taint_target) ⇒ `Object`

Wrapper around build_event_object for the args array. Handles tainting the correct argument.

# File 'lib/contrast/api/decorators/trace_event.rb', line 18

def build_event_args contrast_event, taint_target
  contrast_event.args.each_index do |idx|
    truncate_arg = taint_target != idx
    event_arg = Contrast::Api::Dtm::TraceEventObject.build(contrast_event.args[idx], truncate_arg)
    args << event_arg
  end
end

#build_parent_ids(contrast_event) ⇒ `Object`

# File 'lib/contrast/api/decorators/trace_event.rb', line 55

def build_parent_ids contrast_event
  contrast_event&.parent_events&.each do |event|
    next unless event

    parent = Contrast::Api::Dtm::ParentObjectId.new
    parent.id = event.event_id.to_i
    parent_object_ids << parent
  end
end

#build_stack(contrast_event) ⇒ `Object`

# File 'lib/contrast/api/decorators/trace_event.rb', line 65

def build_stack contrast_event
  # We delayed doing this as long as possible b/c it's expensive
  stack_dtms = Contrast::Utils::StackTraceUtils.build_assess_stack_array(contrast_event.stack_trace)
  self.stack += stack_dtms
end

#build_taint_ranges(contrast_event, taint_target) ⇒ `Object`

TeamServer only supports one object’s taint ranges at a time. We’ll find the taint ranges for the target and return those

# File 'lib/contrast/api/decorators/trace_event.rb', line 28

def build_taint_ranges contrast_event, taint_target
  # If there's no taint_target, this isn't a dataflow trace, but a
  # trigger one
  return Contrast::Utils::ObjectShare::EMPTY_ARRAY unless taint_target

  properties = case taint_target
               when Contrast::Utils::ObjectShare::OBJECT_KEY
                 Contrast::Agent::Assess::Tracker.properties(contrast_event.object)
               when Contrast::Utils::ObjectShare::RETURN_KEY
                 Contrast::Agent::Assess::Tracker.properties(contrast_event.ret)
               else
                 target = contrast_event.args[taint_target]
                 if target.is_a?(Hash)
                   if contrast_event.policy_node&.targets&.any?
                     Contrast::Agent::Assess::Tracker.properties(target[contrast_event.policy_node.targets[0]])
                   else
                     Contrast::Agent::Assess::Tracker.properties(target[contrast_event.policy_node.sources[0]])
                   end
                 else
                   Contrast::Agent::Assess::Tracker.properties(target)
                 end
               end
  return unless properties.tracked?

  self.taint_ranges += properties.tags_to_dtm
end