Module: Threatstack::Instrumentation::TSKernel

Defined in:
lib/instrumentation/kernel.rb

Constant Summary collapse

METHOD_NAMES =

methods to wrap

['exec', 'system', '`'].freeze
@@logger = 
Threatstack::Utils::TSLogger.create 'KernelInstrumentation'

Class Method Summary collapse

Class Method Details

.wrap_methodsObject 



15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/instrumentation/kernel.rb', line 15

def self.wrap_methods
  # executed every time a wrapped method is called
  on_method_call = Proc.new do |params|
    module_name = params[:target_class].name.downcase
    method_name = params[:method_name].downcase
    called_by = params[:caller_loc] ? params[:caller_loc].first : nil
    file_path = called_by ? called_by.absolute_path : nil
    # special case for ` method emulation
    if method_name == '`' && !file_path.nil? && file_path =~ /.*\/kernel\/agnostics\.rb$/
      called_by = params[:caller_loc][1]
      file_path = called_by ? called_by.absolute_path : nil
    end
    line_num = called_by ? called_by.lineno : nil

    arg = params[:args] ? params[:args].first : nil
    args = arg ? [arg] : []

    # create and queue the event
    Threatstack::Instrumentation.create_instrumentation_event(module_name, method_name, file_path, line_num, args)
  end
  @@logger.info "Instrumenting Kernel methods: #{METHOD_NAMES}"
  instrumenter =  Threatstack::Instrumentation::Instrumenter.instance
  METHOD_NAMES.each do |method_name|
    instrumenter.wrap_class_method(Kernel, method_name, &on_method_call)
    instrumenter.wrap_instance_method(Kernel, method_name, &on_method_call)
  end
end