Skip to content

Commit

Permalink
add parentId in event and nr-csec-parent-id in fuzz request
Browse files Browse the repository at this point in the history
  • Loading branch information
prateeksen committed Dec 27, 2023
1 parent afcafa9 commit 03bd76f
Show file tree
Hide file tree
Showing 6 changed files with 17 additions and 14 deletions.
2 changes: 1 addition & 1 deletion lib/newrelic_security/agent/configuration/manager.rb
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ def initialize
@cache[:'security.application_info.port'] = ::NewRelic::Agent.config[:'security.application_info.port'].to_i
@cache[:listen_port] = nil
@cache[:app_root] = NewRelic::Security::Agent::Utils.app_root
@cache[:json_version] = :'1.0.1'
@cache[:json_version] = :'1.1.1'

@environment_source = NewRelic::Security::Agent::Configuration::EnvironmentSource.new
@server_source = NewRelic::Security::Agent::Configuration::ServerSource.new
Expand Down
1 change: 1 addition & 0 deletions lib/newrelic_security/agent/control/collector.rb
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ def collect(case_type, args, event_category = nil, **keyword_args)
event.copy_http_info(NewRelic::Security::Agent::Control::HTTPContext.get_context)
event.isIASTEnable = true if NewRelic::Security::Agent::Utils.is_IAST?
event.isIASTRequest = true if NewRelic::Security::Agent::Utils.is_IAST_request?(event.httpRequest[:headers])
event.parentId = event.httpRequest[:headers][NR_CSEC_PARENT_ID] if event.httpRequest[:headers].key?(NR_CSEC_PARENT_ID)
find_deserialisation(event, stk) if case_type != REFLECTED_XSS && NewRelic::Security::Agent.config[:'security.detection.deserialization.enabled']
find_rci(event, stk) if case_type != REFLECTED_XSS && NewRelic::Security::Agent.config[:'security.detection.rci.enabled']
event.stacktrace = stk[0..user_frame_index].map(&:to_s)
Expand Down
12 changes: 11 additions & 1 deletion lib/newrelic_security/agent/control/control_command.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ def handle_ic_command(message)
NewRelic::Security::Agent.config.update_port = message_object[:reflectedMetaData][LISTEN_PORT].to_i unless NewRelic::Security::Agent.config[:listen_port]
NewRelic::Security::Agent.agent.iast_client.last_fuzz_cc_timestamp = current_time_millis
NewRelic::Security::Agent.agent.iast_client.processed_ids << message_object[:id]
NewRelic::Security::Agent.agent.iast_client.enqueue(message_object[:arguments])
NewRelic::Security::Agent.agent.iast_client.enqueue(prepare_fuzz_request(message_object))
when 12
NewRelic::Security::Agent.logger.info "Validator asked to reconnect(CC#12), calling reconnect_at_will"
reconnect_at_will
Expand Down Expand Up @@ -103,6 +103,16 @@ def reconnect_at_will
def current_time_millis
(Time.now.to_f * 1000).to_i
end

def prepare_fuzz_request(message_object)
message_object[:arguments][0].gsub!(NR_CSEC_VALIDATOR_HOME_TMP, NR_SECURITY_HOME_TMP)
message_object[:arguments][0].gsub!(NR_CSEC_VALIDATOR_FILE_SEPARATOR, ::File::SEPARATOR)
prepared_fuzz_request = ::JSON.parse(message_object[:arguments][0])
prepared_fuzz_request[HEADERS][NR_CSEC_PARENT_ID] = message_object[:id]
prepared_fuzz_request
rescue Exception => exception
NewRelic::Security::Agent.logger.error "Exception in preparing fuzz request : #{exception.inspect} #{exception.backtrace}"
end

end
end
Expand Down
3 changes: 2 additions & 1 deletion lib/newrelic_security/agent/control/event.rb
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ module Control

class Event

attr_accessor :sourceMethod, :userMethodName, :userFileName, :lineNumber, :id, :apiId, :isIASTEnable, :isIASTRequest, :httpRequest, :stacktrace, :metaData
attr_accessor :sourceMethod, :userMethodName, :userFileName, :lineNumber, :id, :apiId, :isIASTEnable, :isIASTRequest, :httpRequest, :stacktrace, :metaData, :parentId
attr_reader :jsonName, :caseType, :eventCategory, :parameters

def initialize(case_type, args, event_category)
Expand Down Expand Up @@ -45,6 +45,7 @@ def initialize(case_type, args, event_category)
@isAPIBlocked = nil
@isIASTEnable = false
@isIASTRequest = false
@parentId = nil
end

def as_json
Expand Down
12 changes: 1 addition & 11 deletions lib/newrelic_security/agent/control/iast_client.rb
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ def create_dequeue_threads
Thread.current.name = "newrelic_security_iast_thread"
loop do
fuzz_request = @fuzzQ.deq #thread blocks when the queue is empty
process_fuzz_request(fuzz_request[0])
fire_request(fuzz_request)
fuzz_request = nil
end
end
Expand Down Expand Up @@ -81,16 +81,6 @@ def current_time_millis
(Time.now.to_f * 1000).to_i
end

def process_fuzz_request(fuzz_request)
fuzz_request.gsub!(NR_CSEC_VALIDATOR_HOME_TMP, NR_SECURITY_HOME_TMP)
fuzz_request.gsub!(NR_CSEC_VALIDATOR_FILE_SEPARATOR, ::File::SEPARATOR)
prepared_fuzz_request = ::JSON.parse(fuzz_request)
fire_request(prepared_fuzz_request)
prepared_fuzz_request = nil
rescue Exception => exception
NewRelic::Security::Agent.logger.error "Exception in processing fuzz request : #{exception.inspect} #{exception.backtrace}"
end

def fire_request(request)
unless @http
@http = ::Net::HTTP.new('localhost', NewRelic::Security::Agent.config[:listen_port])
Expand Down
1 change: 1 addition & 0 deletions lib/newrelic_security/constants.rb
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ module NewRelic::Security
NR_SECURITY_HOME_TMP = 'nr-security-home/tmp/'
NR_CSEC_FUZZ_REQUEST_ID = 'nr-csec-fuzz-request-id'
NR_CSEC_TRACING_DATA = 'nr-csec-tracing-data'
NR_CSEC_PARENT_ID = 'nr-csec-parent-id'
NOSQL_DB_COMMAND = 'NOSQL_DB_COMMAND'
SQL_DB_COMMAND = 'SQL_DB_COMMAND'
FILE_OPERATION = 'FILE_OPERATION'
Expand Down

0 comments on commit 03bd76f

Please sign in to comment.