Class: Contrast::Agent::Reporting::FindingEvent

Inherits:

ReportableHash

• Object
• ReportableHash
• Contrast::Agent::Reporting::FindingEvent

Defined in:

lib/contrast/agent/reporting/reporting_events/finding_event.rb

Overview

This is the new FindingEvent class which will include all the needed information for the new reporting system to relay this information in the Finding/Trace messages. These FindingEvents are used by TeamServer to construct the vulnerability information for the assess feature. They represent the operation the application underwent that transformed data during the dataflow.

Instance Attribute Summary

• #action ⇒ Symbol readonly

  What the event did; CREATION, A2O, A2P, A2A, A2R, O2A, O2O, O2P, O2R, P2A, P2O, P2P, P2R, TAG, TRIGGER.

• #args ⇒ Array<Contrast::Agent::Assess::ContrastObject, nil> readonly

  The safe representation of the Arguments with which the method was invoked.

• #code ⇒ nil readonly

  Unused.

• #event_id ⇒ Integer readonly

  The id of this event.

• #event_sources ⇒ Array<Contrast::Agent::Reporting::EventSource> readonly

  The source of taint.

• #field_name ⇒ nil readonly

  Unused.

• #object ⇒ Contrast::Agent::Assess::ContrastObject readonly

  The safe representation of the Object on which the method was invoked.

• #parent_object_ids ⇒ Array<Contrast::Agent::Reporting::FindingEventParentObject> readonly

  The ids of all the events directly preceding this.

• #policy_node ⇒ Contrast::Agent::Assess::Policy::PolicyNode readonly

  The node that governs this event.

• #properties ⇒ Array<Contrast::Agent::Reporting::FindingEventProperty> readonly
• #reportable_args ⇒ Array<Contrast::Agent::Reporting::FindingEventObject> readonly

  The arguments passed to the method.

• #reportable_object ⇒ Contrast::Agent::Reporting::FindingEventObject readonly

  The object this method was invoked on.

• #reportable_ret ⇒ Contrast::Agent::Reporting::FindingEventObject readonly

  The return of the method.

• #reportable_tags ⇒ String readonly

  Comma separated list of descriptions of what’s happened to the data.

• #request ⇒ Contrast::Agent::Request^? readonly

  Our wrapper around the Rack::Request for this context.

• #ret ⇒ Contrast::Agent::Assess::ContrastObject readonly

  The safe representation of the Return of the invoked method.

• #signature ⇒ Contrast::Agent::Reporting::FindingEventSignature readonly

  The signature of the method.

• #source ⇒ String readonly

  The source of the taint from the method; ^(O|R|P\d+)$.

• #source_name ⇒ String^? readonly
• #source_type ⇒ String^? readonly
• #stack ⇒ Array<Contrast::Agent::Reporting::FindingEventStack> readonly
• #stack_trace ⇒ Array<String> readonly

  The execution stack at the time the method for this event was invoked.

• #tags ⇒ Hash<Contrast::Agent::Assess::Tag> readonly
• #taint_ranges ⇒ Array<Contrast::Agent::Reporting::FindingEventTaintRange> readonly

  The tags and spans of the source that are tracked.

• #target ⇒ String readonly

  The target of the taint from the method; ^(O|R|P\d+)$.

• #thread ⇒ String readonly

  The id of the thread on which the method was invoked.

• #time ⇒ Integer readonly

  The time, in ms, when the event was generated.

• #type ⇒ String readonly

  The type of event; METHOD, PROPAGATION, TAG.

Class Method Summary

• .from_source(source) ⇒ Array<Contrast::Agent::Reporting::FindingEvent>

  Find all the events leading up to the given source and return an array of FindingEvents.

• .next_atomic_id ⇒ Object

Instance Method Summary

• #initialize(event_data = nil, source_type = nil, source_name = nil) ⇒ Contrast::Agent::Reporting::FindingEvent constructor

  Creates new FindingEvent.

• #initialize_routine(event_data, source_type = nil, source_name = nil) ⇒ Object

  Init routine to find parents events, capture stack trace and retrieve object, args, ret and properties.

• #parent_events ⇒ Array<Contrast::Agent::Reporting::FindingEvent>
• #to_controlled_hash ⇒ Hash

  Convert the instance variables on the class, and other information, into the identifiers required for TeamServer to process the JSON form of this message.

• #validate ⇒ Object

Methods inherited from ReportableHash

#event_json, #valid?

Methods included from Components::Logger::InstanceMethods

#cef_logger, #logger

Constructor Details

#initialize(event_data = nil, source_type = nil, source_name = nil) ⇒ Contrast::Agent::Reporting::FindingEvent

Creates new FindingEvent.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 99

def initialize event_data = nil, source_type = nil, source_name = nil
  @event_sources = []
  @stack = []
  @time = Contrast::Utils::Timer.now_ms
  @thread = Thread.current.object_id.to_s
  @event_id = Contrast::Agent::Reporting::FindingEvent.next_atomic_id
  initialize_routine(event_data, source_type, source_name)
  super()
end

Instance Attribute Details

#action ⇒ Symbol (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 31

def action
  @action
end

#args ⇒ Array<Contrast::Agent::Assess::ContrastObject, nil> (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 36

def args
  @args
end

#code ⇒ nil (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 38

def code
  @code
end

#event_id ⇒ Integer (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 40

def event_id
  @event_id
end

#event_sources ⇒ Array<Contrast::Agent::Reporting::EventSource> (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 42

def event_sources
  @event_sources
end

#field_name ⇒ nil (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 48

def field_name
  @field_name
end

#object ⇒ Contrast::Agent::Assess::ContrastObject (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 55

def object
  @object
end

#parent_object_ids ⇒ Array<Contrast::Agent::Reporting::FindingEventParentObject> (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 58

def parent_object_ids
  @parent_object_ids
end

#policy_node ⇒ Contrast::Agent::Assess::Policy::PolicyNode (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 60

def policy_node
  @policy_node
end

#properties ⇒ Array<Contrast::Agent::Reporting::FindingEventProperty> (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 62

def properties
  @properties
end

#reportable_args ⇒ Array<Contrast::Agent::Reporting::FindingEventObject> (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 33

def reportable_args
  @reportable_args
end

#reportable_object ⇒ Contrast::Agent::Reporting::FindingEventObject (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 50

def reportable_object
  @reportable_object
end

#reportable_ret ⇒ Contrast::Agent::Reporting::FindingEventObject (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 64

def reportable_ret
  @reportable_ret
end

#reportable_tags ⇒ String (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 74

def reportable_tags
  @reportable_tags
end

#request ⇒ Contrast::Agent::Request^? (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 52

def request
  @request
end

#ret ⇒ Contrast::Agent::Assess::ContrastObject (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 66

def ret
  @ret
end

#signature ⇒ Contrast::Agent::Reporting::FindingEventSignature (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 68

def signature
  @signature
end

#source ⇒ String (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 70

def source
  @source
end

#source_name ⇒ String^? (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 46

def source_name
  @source_name
end

#source_type ⇒ String^? (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 44

def source_type
  @source_type
end

#stack ⇒ Array<Contrast::Agent::Reporting::FindingEventStack> (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 72

def stack
  @stack
end

#stack_trace ⇒ Array<String> (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 89

def stack_trace
  @stack_trace
end

#tags ⇒ Hash<Contrast::Agent::Assess::Tag> (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 76

def tags
  @tags
end

#taint_ranges ⇒ Array<Contrast::Agent::Reporting::FindingEventTaintRange> (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 79

def taint_ranges
  @taint_ranges
end

#target ⇒ String (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 81

def target
  @target
end

#thread ⇒ String (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 83

def thread
  @thread
end

#time ⇒ Integer (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 85

def time
  @time
end

#type ⇒ String (readonly)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 87

def type
  @type
end

Class Method Details

.from_source(source) ⇒ Array<Contrast::Agent::Reporting::FindingEvent>

Find all the events leading up to the given source and return an array of FindingEvents

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 159

def from_source source
  return unless source && (props = Contrast::Agent::Assess::Tracker.properties(source))

  build_events([], props.event) if props.event
end

.next_atomic_id ⇒ Object

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 140

def self.next_atomic_id
  @atomic_mutex.synchronize do
    @atomic_id += 1
    # Rollover things
  rescue StandardError
    @atomic_id = 1
  end
end

Instance Method Details

#initialize_routine(event_data, source_type = nil, source_name = nil) ⇒ Object

Init routine to find parents events, capture stack trace and retrieve object, args, ret and properties.

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 116

def initialize_routine event_data, source_type = nil, source_name = nil
  return unless event_data&.cs__is_a?(Contrast::Agent::Assess::Events::EventData)

  # Initialize source event:
  if event_data.policy_node.cs__class == Contrast::Agent::Assess::Policy::SourceNode
    build_source_event(source_type, source_name)
  end

  @policy_node = event_data.policy_node
  @tags = Contrast::Agent::Assess::Tracker.properties(event_data.tagged)&.get_tags
  find_parent_events!(event_data.policy_node, event_data.object, event_data.ret, event_data.args)
  snapshot!(event_data.object, event_data.ret, event_data.args)
  display_params!
  capture_stacktrace!
  stack!
  properties!
  # following methods must be called after snapshot!
  dataflow!
  @signature = Contrast::Agent::Reporting::FindingEventSignature.new(policy_node, args, ret)
end

#parent_events ⇒ Array<Contrast::Agent::Reporting::FindingEvent>

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 150

def parent_events
  @_parent_events ||= []
end

#to_controlled_hash ⇒ Hash

Convert the instance variables on the class, and other information, into the identifiers required for TeamServer to process the JSON form of this message.

Raises:

• (ArgumentError)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 189

def to_controlled_hash # rubocop:disable Metrics/AbcSize
  validate
  {
      action: action,
      args: reportable_args.map(&:to_controlled_hash),
      # code: code, # Unused by our agent
      objectId: event_id,
      eventSources: event_sources.map(&:to_controlled_hash),
      # fieldName: field_name, # Unused by our agent
      object: reportable_object.to_controlled_hash,
      parentObjectIds: parent_object_ids.map(&:to_controlled_hash),
      properties: properties.map(&:to_controlled_hash),
      ret: reportable_ret&.to_controlled_hash,
      signature: signature.to_controlled_hash,
      source: source || '',
      stack: stack.map(&:to_controlled_hash),
      tags: reportable_tags.join(','),
      taintRanges: taint_ranges.map(&:to_controlled_hash),
      target: target || '',
      thread: thread,
      time: time,
      type: type
  }
end

#validate ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/contrast/agent/reporting/reporting_events/finding_event.rb', line 215

def validate
  validate_base
  validate_dataflow
end