Skip to content

Commit

Permalink
testing with IAST totally disabled
Browse files Browse the repository at this point in the history
Signed-off-by: Juanjo Alvarez <juanjo.alvarezmartinez@datadoghq.com>
  • Loading branch information
juanjux committed Jul 24, 2024
1 parent e412b7b commit 9d6ab8f
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 18 deletions.
13 changes: 7 additions & 6 deletions ddtrace/_monkey.py
Original file line number Diff line number Diff line change
Expand Up @@ -222,12 +222,13 @@ def patch_all(**patch_modules):
modules.update(patch_modules)

patch(raise_errors=False, **modules)
if asm_config._iast_enabled:
from ddtrace.appsec._iast._patch_modules import patch_iast
from ddtrace.appsec.iast import enable_iast_propagation

patch_iast()
enable_iast_propagation()
# JJJ disabled
# if asm_config._iast_enabled:
# from ddtrace.appsec._iast._patch_modules import patch_iast
# from ddtrace.appsec.iast import enable_iast_propagation
#
# patch_iast()
# enable_iast_propagation()

if asm_config._ep_enabled or asm_config._iast_enabled:
from ddtrace.appsec._common_module_patches import patch_common_modules
Expand Down
3 changes: 2 additions & 1 deletion ddtrace/appsec/_iast/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,8 @@ def ddtrace_iast_flask_patch():


def enable_iast_propagation():
if asbool(os.getenv("DD_IAST_ENABLED", False)):
if False: # JJJ disabled to test
# if asbool(os.getenv("DD_IAST_ENABLED", False)):
from ddtrace.appsec._iast._utils import _is_python_version_supported

if _is_python_version_supported():
Expand Down
23 changes: 12 additions & 11 deletions ddtrace/appsec/_iast/_patch_modules.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,15 @@ def patch_iast(patch_modules=IAST_PATCH):
IAST_PATCH: list of implemented vulnerabilities
"""
# TODO: Devise the correct patching strategy for IAST
from ddtrace._monkey import _on_import_factory

for module in (m for m, e in patch_modules.items() if e):
when_imported("hashlib")(
_on_import_factory(module, prefix="ddtrace.appsec._iast.taint_sinks", raise_errors=False)
)

when_imported("json")(
_on_import_factory("json_tainting", prefix="ddtrace.appsec._iast._patches", raise_errors=False)
)
# JJJ disabled for test
# # TODO: Devise the correct patching strategy for IAST
# from ddtrace._monkey import _on_import_factory
#
# for module in (m for m, e in patch_modules.items() if e):
# when_imported("hashlib")(
# _on_import_factory(module, prefix="ddtrace.appsec._iast.taint_sinks", raise_errors=False)
# )
#
# when_imported("json")(
# _on_import_factory("json_tainting", prefix="ddtrace.appsec._iast._patches", raise_errors=False)
# )

0 comments on commit 9d6ab8f

Please sign in to comment.