From 3a6ec990c0dc4994a0242b2eedeecd167ecbb73c Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Mon, 15 Apr 2024 19:15:34 +0530 Subject: [PATCH 01/11] fix for NR-255708 --- .../instrumentation-security/sqlite3/instrumentation.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/newrelic_security/instrumentation-security/sqlite3/instrumentation.rb b/lib/newrelic_security/instrumentation-security/sqlite3/instrumentation.rb index 8e3e34b4..931cfa00 100644 --- a/lib/newrelic_security/instrumentation-security/sqlite3/instrumentation.rb +++ b/lib/newrelic_security/instrumentation-security/sqlite3/instrumentation.rb @@ -10,7 +10,8 @@ def execute_on_enter(sql, bind_vars, *args) NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}" hash = {} hash[:sql] = sql - hash[:parameters] = bind_vars.map(&:to_s) + hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.map(&:to_s) + hash[:parameters] = hash[:parameters] + args unless args.empty? event = NewRelic::Security::Agent::Control::Collector.collect(SQL_DB_COMMAND, [hash], SQLITE) unless NewRelic::Security::Instrumentation::InstrumentationUtils.sql_filter_events?(hash[:sql]) rescue => exception NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}" @@ -56,7 +57,8 @@ def execute_batch_on_enter(sql, bind_vars, *args) NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}" hash = {} hash[:sql] = sql - hash[:parameters] = bind_vars.map(&:to_s) + hash[:parameters] = bind_vars.is_a?(String) ? [bind_vars] : bind_vars.map(&:to_s) + hash[:parameters] = hash[:parameters] + args unless args.empty? event = NewRelic::Security::Agent::Control::Collector.collect(SQL_DB_COMMAND, [hash], SQLITE) unless NewRelic::Security::Instrumentation::InstrumentationUtils.sql_filter_events?(hash[:sql]) rescue => exception NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}" From a6f443b930527ed27f55b870ba1b748b7f037778 Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Tue, 16 Apr 2024 19:31:30 +0530 Subject: [PATCH 02/11] fix for NR-256408 --- lib/newrelic_security/agent/configuration/manager.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/newrelic_security/agent/configuration/manager.rb b/lib/newrelic_security/agent/configuration/manager.rb index 5d8455dd..d4c89a47 100644 --- a/lib/newrelic_security/agent/configuration/manager.rb +++ b/lib/newrelic_security/agent/configuration/manager.rb @@ -109,6 +109,7 @@ def detect_framework return :padrino if defined?(::Padrino) return :sinatra if defined?(::Sinatra) return :roda if defined?(::Roda) + return :grape if defined?(::Grape) end def generate_uuid From 51a9eead4bc60898fbe4527dd9dd9d74c4cd2e9a Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Tue, 16 Apr 2024 19:34:15 +0530 Subject: [PATCH 03/11] fix for NR-256426 --- lib/newrelic_security/agent/control/iast_client.rb | 2 +- .../agent/control/iast_data_transfer_request.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/newrelic_security/agent/control/iast_client.rb b/lib/newrelic_security/agent/control/iast_client.rb index 7c0a9612..533d07f9 100644 --- a/lib/newrelic_security/agent/control/iast_client.rb +++ b/lib/newrelic_security/agent/control/iast_client.rb @@ -69,7 +69,7 @@ def create_iast_data_transfer_request_processor if batch_size > 100 && remaining_record_capacity > batch_size iast_data_transfer_request = NewRelic::Security::Agent::Control::IASTDataTransferRequest.new iast_data_transfer_request.batchSize = batch_size * 2 - iast_data_transfer_request.pendingRequestIds = pending_request_ids + iast_data_transfer_request.pendingRequestIds = pending_request_ids.to_a iast_data_transfer_request.completedRequests = completed_requests NewRelic::Security::Agent.agent.event_processor.send_iast_data_transfer_request(iast_data_transfer_request) end diff --git a/lib/newrelic_security/agent/control/iast_data_transfer_request.rb b/lib/newrelic_security/agent/control/iast_data_transfer_request.rb index f3a7d6cb..1645f5c7 100644 --- a/lib/newrelic_security/agent/control/iast_data_transfer_request.rb +++ b/lib/newrelic_security/agent/control/iast_data_transfer_request.rb @@ -12,7 +12,7 @@ def initialize @jsonName = :'iast-data-request' @applicationUUID = NewRelic::Security::Agent.config[:uuid] @batchSize = 10 - @pendingRequestIds = ::Set.new + @pendingRequestIds = [] @completedRequests = Hash.new end From 19e089ee3845827376d093b787a2ad1437352b96 Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Wed, 17 Apr 2024 19:27:37 +0530 Subject: [PATCH 04/11] Fix for NR-233114 & NR-233125 --- lib/newrelic_security/agent/agent.rb | 2 +- .../agent/control/control_command.rb | 1 - .../agent/control/iast_client.rb | 28 +++++++++++-------- 3 files changed, 17 insertions(+), 14 deletions(-) diff --git a/lib/newrelic_security/agent/agent.rb b/lib/newrelic_security/agent/agent.rb index ef348ff7..9add2c4e 100644 --- a/lib/newrelic_security/agent/agent.rb +++ b/lib/newrelic_security/agent/agent.rb @@ -74,7 +74,7 @@ def start_event_processor end def start_iast_client - @iast_client&.iast_dequeue_thread&.kill + @iast_client&.iast_dequeue_threads&.each { |t| t.kill if t } @iast_client&.iast_data_transfer_request_processor_thread&.kill @iast_client = nil @iast_client = NewRelic::Security::Agent::Control::IASTClient.new diff --git a/lib/newrelic_security/agent/control/control_command.rb b/lib/newrelic_security/agent/control/control_command.rb index 09c8b138..cccea852 100644 --- a/lib/newrelic_security/agent/control/control_command.rb +++ b/lib/newrelic_security/agent/control/control_command.rb @@ -89,7 +89,6 @@ def parse_message(message) end def reconnect_at_will - @stop_fuzzing = true if NewRelic::Security::Agent::Utils.is_IAST? while NewRelic::Security::Agent.agent.iast_client.fuzzQ && NewRelic::Security::Agent.agent.iast_client.fuzzQ.size > 0 NewRelic::Security::Agent.logger.info "Waiting for fuzzQ to get empty, current size: #{NewRelic::Security::Agent.agent.iast_client.fuzzQ.size}" diff --git a/lib/newrelic_security/agent/control/iast_client.rb b/lib/newrelic_security/agent/control/iast_client.rb index 533d07f9..39dc38da 100644 --- a/lib/newrelic_security/agent/control/iast_client.rb +++ b/lib/newrelic_security/agent/control/iast_client.rb @@ -3,6 +3,7 @@ require 'json' require 'uri' require 'set' +require 'resolv' module NewRelic::Security module Agent @@ -16,11 +17,10 @@ module Control class IASTClient - attr_reader :fuzzQ, :iast_dequeue_thread + attr_reader :fuzzQ, :iast_dequeue_threads attr_accessor :cooldown_till_timestamp, :last_fuzz_cc_timestamp, :pending_request_ids, :completed_requests, :iast_data_transfer_request_processor_thread def initialize - @http = nil @fuzzQ = ::SizedQueue.new(FUZZQ_QUEUE_SIZE) @cooldown_till_timestamp = current_time_millis @last_fuzz_cc_timestamp = current_time_millis @@ -40,12 +40,15 @@ def enqueue(message) def create_dequeue_threads # TODO: Create 3 or more consumers for event sending - @iast_dequeue_thread = Thread.new do - Thread.current.name = "newrelic_security_iast_thread" - loop do - fuzz_request = @fuzzQ.deq #thread blocks when the queue is empty - fire_request(fuzz_request.id, fuzz_request.request) - fuzz_request = nil + @iast_dequeue_threads = [] + 3.times do |t| + @iast_dequeue_threads << Thread.new do + Thread.current.name = "newrelic_security_iast_thread-#{t}" + loop do + fuzz_request = @fuzzQ.deq #thread blocks when the queue is empty + fire_request(fuzz_request.id, fuzz_request.request) + fuzz_request = nil + end end end rescue Exception => exception @@ -84,17 +87,18 @@ def current_time_millis end def fire_request(fuzz_request_id, request) - unless @http - @http = ::Net::HTTP.new('localhost', NewRelic::Security::Agent.config[:listen_port]) - @http.open_timeout = 5 + unless ::Thread.current[:http] + Thread.current[:http] = ::Net::HTTP.new('127.0.0.1', NewRelic::Security::Agent.config[:listen_port]) + Thread.current[:http].open_timeout = 5 end request[HEADERS].delete(VERSION) if request[HEADERS].key?(VERSION) - response = @http.send_request(request[METHOD], ::URI.parse(request[URL]).to_s, request[BODY], request[HEADERS]) + response = Thread.current[:http].send_request(request[METHOD], ::URI.parse(request[URL]).to_s, request[BODY], request[HEADERS]) NewRelic::Security::Agent.logger.debug "IAST fuzz request : #{request.inspect} \nresponse: #{response.inspect}\n" rescue Exception => exception NewRelic::Security::Agent.logger.debug "Unable to fire IAST fuzz request : #{exception.inspect} #{exception.backtrace}, sending fuzzfail event for #{request.inspect}\n" NewRelic::Security::Agent::Utils.create_fuzz_fail_event(request[HEADERS][NR_CSEC_FUZZ_REQUEST_ID]) ensure + NewRelic::Security::Agent.agent.iast_client.completed_requests[fuzz_request_id] = [] NewRelic::Security::Agent.agent.iast_client.pending_request_ids.delete(fuzz_request_id) end From 022fcc57db6a633e397b454445f340252e3991e5 Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Fri, 19 Apr 2024 11:22:49 +0530 Subject: [PATCH 05/11] fix for NR-256451 --- lib/newrelic_security/agent/control/reflected_xss.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/newrelic_security/agent/control/reflected_xss.rb b/lib/newrelic_security/agent/control/reflected_xss.rb index 888d3fce..19c3afe7 100644 --- a/lib/newrelic_security/agent/control/reflected_xss.rb +++ b/lib/newrelic_security/agent/control/reflected_xss.rb @@ -45,7 +45,7 @@ module ReflectedXSS def check_xss(http_req, retval) # TODO: Check if enableHTTPRequestPrinting is required. - return unless http_req + return if http_req.nil? || retval.empty? if retval[1].key?(Content_Type) && (retval[1][Content_Type].start_with?(*UNSUPPORTED_MEDIA_TYPES) || retval[1][Content_Type].start_with?(*UNSUPPORTED_CONTENT_TYPES)) return end From 50cc5e0fe0f77493f707ba3d9ce0998d4c6092e6 Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Fri, 19 Apr 2024 12:15:04 +0530 Subject: [PATCH 06/11] Update reconnect sequence & require 'resolv-replace' --- .../agent/control/control_command.rb | 14 ++++---------- lib/newrelic_security/agent/control/iast_client.rb | 5 ++++- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/lib/newrelic_security/agent/control/control_command.rb b/lib/newrelic_security/agent/control/control_command.rb index cccea852..6c92db06 100644 --- a/lib/newrelic_security/agent/control/control_command.rb +++ b/lib/newrelic_security/agent/control/control_command.rb @@ -34,6 +34,7 @@ def handle_ic_command(message) fuzz_request.case_type = message_object[:arguments][1] NewRelic::Security::Agent.agent.iast_client.pending_request_ids << message_object[:id] NewRelic::Security::Agent.agent.iast_client.enqueue(fuzz_request) + fuzz_request = nil when 12 NewRelic::Security::Agent.logger.info "Validator asked to reconnect(CC#12), calling reconnect_at_will" reconnect_at_will @@ -89,17 +90,10 @@ def parse_message(message) end def reconnect_at_will - if NewRelic::Security::Agent::Utils.is_IAST? - while NewRelic::Security::Agent.agent.iast_client.fuzzQ && NewRelic::Security::Agent.agent.iast_client.fuzzQ.size > 0 - NewRelic::Security::Agent.logger.info "Waiting for fuzzQ to get empty, current size: #{NewRelic::Security::Agent.agent.iast_client.fuzzQ.size}" - sleep 0.1 - end - end + NewRelic::Security::Agent.agent.iast_client.fuzzQ.clear + NewRelic::Security::Agent.agent.iast_client.completed_requests.clear + NewRelic::Security::Agent.agent.iast_client.pending_request_ids.clear NewRelic::Security::Agent.config.disable_security - while NewRelic::Security::Agent.agent.event_processor.eventQ && NewRelic::Security::Agent.agent.event_processor.eventQ.size > 0 - NewRelic::Security::Agent.logger.info "Waiting for eventQ to get empty, current size: #{NewRelic::Security::Agent.agent.event_processor.eventQ.size}" - sleep 0.1 - end Thread.new { NewRelic::Security::Agent.agent.reconnect(0) } end diff --git a/lib/newrelic_security/agent/control/iast_client.rb b/lib/newrelic_security/agent/control/iast_client.rb index 39dc38da..8de156e1 100644 --- a/lib/newrelic_security/agent/control/iast_client.rb +++ b/lib/newrelic_security/agent/control/iast_client.rb @@ -4,6 +4,7 @@ require 'uri' require 'set' require 'resolv' +require 'resolv-replace' module NewRelic::Security module Agent @@ -92,8 +93,10 @@ def fire_request(fuzz_request_id, request) Thread.current[:http].open_timeout = 5 end request[HEADERS].delete(VERSION) if request[HEADERS].key?(VERSION) + time_before_request = (Time.now.to_f * 1000).to_i response = Thread.current[:http].send_request(request[METHOD], ::URI.parse(request[URL]).to_s, request[BODY], request[HEADERS]) - NewRelic::Security::Agent.logger.debug "IAST fuzz request : #{request.inspect} \nresponse: #{response.inspect}\n" + time_after_request = (Time.now.to_f * 1000).to_i + NewRelic::Security::Agent.logger.debug "IAST fuzz request : time taken : #{time_after_request - time_before_request}ms, #{request.inspect} \nresponse: #{response.inspect}\n" rescue Exception => exception NewRelic::Security::Agent.logger.debug "Unable to fire IAST fuzz request : #{exception.inspect} #{exception.backtrace}, sending fuzzfail event for #{request.inspect}\n" NewRelic::Security::Agent::Utils.create_fuzz_fail_event(request[HEADERS][NR_CSEC_FUZZ_REQUEST_ID]) From da878cb58a120e4ac7725e4be90883b7563e619c Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Thu, 25 Apr 2024 14:07:03 +0530 Subject: [PATCH 07/11] update http client test for casetype based count check --- .../httpclient/httpclient_test.rb | 12 ++++++------ .../instrumentation-security/httprb/httprb_test.rb | 10 +++++----- .../net_http/net_http_test.rb | 12 ++++++------ 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb b/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb index c9468386..aa54e97d 100644 --- a/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb +++ b/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb @@ -20,7 +20,7 @@ def test_get_content #puts @output args = [{:Method=>:get, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -35,7 +35,7 @@ def test_request assert_equal 200, @output args = [{:Method=>"GET", :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -49,7 +49,7 @@ def test_get assert_equal 200, @output args = [{:Method=>:get, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -63,7 +63,7 @@ def test_head assert_equal 200, @output args = [{:Method=>:head, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -83,7 +83,7 @@ def test_async #assert_equal 200, @output args = [{:Method=>:get, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -99,7 +99,7 @@ def test_async # case_type = "FILE_OPERATION" # args = ["www.google.com"] # expected_event = NewRelic::Security::Agent::Control::Event.new(case_type, args, @@event_category) - # assert_equal 3, $event_list.length + # assert_equal 3, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) # assert_equal expected_event.caseType, $event_list[0].caseType # assert_equal expected_event.parameters, $event_list[0].parameters # assert_nil expected_event.eventCategory, $event_list[0].eventCategory diff --git a/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb b/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb index 79813b15..45f98653 100644 --- a/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb +++ b/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb @@ -16,7 +16,7 @@ def test_get @output = response.code assert_equal 200, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -30,7 +30,7 @@ def test_get_ssl @output = response.code assert_equal 200, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -44,7 +44,7 @@ def test_post_json @output = response.code assert_equal 201, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -58,7 +58,7 @@ def test_put_json @output = response.code assert_equal 200, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -72,7 +72,7 @@ def test_delete_json @output = response.code assert_equal 204, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory diff --git a/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb b/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb index 0f971d8c..46ccf18d 100644 --- a/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb +++ b/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb @@ -28,7 +28,7 @@ def test_get_request assert_equal "200", @output expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, @@args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -42,7 +42,7 @@ def test_get_uri #puts @output args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -58,7 +58,7 @@ def test_get_response_dynamic assert_equal "200", @output.code args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com?limit=10&page=3", :path=>"", :query=>"limit=10&page=3", :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -76,7 +76,7 @@ def test_get_start assert_equal "200", @output.code args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -93,7 +93,7 @@ def test_get_start_ssl assert_equal "200", @output.code args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -109,7 +109,7 @@ def test_persistent_request assert_equal "200", @output args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :path=>"/", :query=>nil, :URI=>"http://www.google.com:80/", :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "connection"=>"keep-alive", "keep-alive"=>"30"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, $event_list.length + assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory From 9550689230e9a57a63948055582f9abbeadc84cc Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Thu, 25 Apr 2024 14:23:04 +0530 Subject: [PATCH 08/11] update event count for http client tests --- .../httpclient/httpclient_test.rb | 10 +++++----- .../instrumentation-security/httprb/httprb_test.rb | 10 +++++----- .../net_http/net_http_test.rb | 12 ++++++------ 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb b/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb index aa54e97d..b728281c 100644 --- a/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb +++ b/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb @@ -20,7 +20,7 @@ def test_get_content #puts @output args = [{:Method=>:get, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -35,7 +35,7 @@ def test_request assert_equal 200, @output args = [{:Method=>"GET", :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -49,7 +49,7 @@ def test_get assert_equal 200, @output args = [{:Method=>:get, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -63,7 +63,7 @@ def test_head assert_equal 200, @output args = [{:Method=>:head, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -83,7 +83,7 @@ def test_async #assert_equal 200, @output args = [{:Method=>:get, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory diff --git a/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb b/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb index 45f98653..be4e9029 100644 --- a/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb +++ b/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb @@ -16,7 +16,7 @@ def test_get @output = response.code assert_equal 200, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -30,7 +30,7 @@ def test_get_ssl @output = response.code assert_equal 200, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -44,7 +44,7 @@ def test_post_json @output = response.code assert_equal 201, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -58,7 +58,7 @@ def test_put_json @output = response.code assert_equal 200, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -72,7 +72,7 @@ def test_delete_json @output = response.code assert_equal 204, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory diff --git a/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb b/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb index 46ccf18d..3883d27f 100644 --- a/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb +++ b/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb @@ -28,7 +28,7 @@ def test_get_request assert_equal "200", @output expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, @@args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -42,7 +42,7 @@ def test_get_uri #puts @output args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -58,7 +58,7 @@ def test_get_response_dynamic assert_equal "200", @output.code args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com?limit=10&page=3", :path=>"", :query=>"limit=10&page=3", :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -76,7 +76,7 @@ def test_get_start assert_equal "200", @output.code args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -93,7 +93,7 @@ def test_get_start_ssl assert_equal "200", @output.code args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -109,7 +109,7 @@ def test_persistent_request assert_equal "200", @output args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :path=>"/", :query=>nil, :URI=>"http://www.google.com:80/", :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "connection"=>"keep-alive", "keep-alive"=>"30"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 2, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory From 307fd802a1920ebabb4455ff14d6029a23515585 Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Thu, 25 Apr 2024 14:57:00 +0530 Subject: [PATCH 09/11] reverted unit tests related fixes --- .../httpclient/httpclient_test.rb | 12 ++++++------ .../instrumentation-security/httprb/httprb_test.rb | 10 +++++----- .../net_http/net_http_test.rb | 12 ++++++------ 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb b/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb index b728281c..c9468386 100644 --- a/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb +++ b/test/newrelic_security/instrumentation-security/httpclient/httpclient_test.rb @@ -20,7 +20,7 @@ def test_get_content #puts @output args = [{:Method=>:get, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -35,7 +35,7 @@ def test_request assert_equal 200, @output args = [{:Method=>"GET", :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -49,7 +49,7 @@ def test_get assert_equal 200, @output args = [{:Method=>:get, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -63,7 +63,7 @@ def test_head assert_equal 200, @output args = [{:Method=>:head, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -83,7 +83,7 @@ def test_async #assert_equal 200, @output args = [{:Method=>:get, :scheme=>"https", :host=>"www.google.com", :port=>443, :URI=>"https://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -99,7 +99,7 @@ def test_async # case_type = "FILE_OPERATION" # args = ["www.google.com"] # expected_event = NewRelic::Security::Agent::Control::Event.new(case_type, args, @@event_category) - # assert_equal 3, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + # assert_equal 3, $event_list.length # assert_equal expected_event.caseType, $event_list[0].caseType # assert_equal expected_event.parameters, $event_list[0].parameters # assert_nil expected_event.eventCategory, $event_list[0].eventCategory diff --git a/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb b/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb index be4e9029..79813b15 100644 --- a/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb +++ b/test/newrelic_security/instrumentation-security/httprb/httprb_test.rb @@ -16,7 +16,7 @@ def test_get @output = response.code assert_equal 200, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -30,7 +30,7 @@ def test_get_ssl @output = response.code assert_equal 200, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -44,7 +44,7 @@ def test_post_json @output = response.code assert_equal 201, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -58,7 +58,7 @@ def test_put_json @output = response.code assert_equal 200, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory @@ -72,7 +72,7 @@ def test_delete_json @output = response.code assert_equal 204, @output expected_event = NewRelic::Security::Agent::Control::Event.new(HTTP_REQUEST, args, nil) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[0].caseType assert_equal expected_event.parameters, $event_list[0].parameters assert_nil expected_event.eventCategory, $event_list[0].eventCategory diff --git a/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb b/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb index 3883d27f..0f971d8c 100644 --- a/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb +++ b/test/newrelic_security/instrumentation-security/net_http/net_http_test.rb @@ -28,7 +28,7 @@ def test_get_request assert_equal "200", @output expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, @@args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -42,7 +42,7 @@ def test_get_uri #puts @output args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -58,7 +58,7 @@ def test_get_response_dynamic assert_equal "200", @output.code args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com?limit=10&page=3", :path=>"", :query=>"limit=10&page=3", :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -76,7 +76,7 @@ def test_get_start assert_equal "200", @output.code args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -93,7 +93,7 @@ def test_get_start_ssl assert_equal "200", @output.code args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :URI=>"http://www.google.com", :path=>"", :query=>nil, :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "host"=>"www.google.com"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory @@ -109,7 +109,7 @@ def test_persistent_request assert_equal "200", @output args = [{:Method=>"GET", :scheme=>"http", :host=>"www.google.com", :port=>80, :path=>"/", :query=>nil, :URI=>"http://www.google.com:80/", :Body=>nil, :Headers=>{"accept-encoding"=>"gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "accept"=>"*/*", "user-agent"=>"Ruby", "connection"=>"keep-alive", "keep-alive"=>"30"}}] expected_event = NewRelic::Security::Agent::Control::Event.new(@@case_type, args, @@event_category) - assert_equal 1, NewRelic::Security::Agent::Control::Collector.get_event_count(HTTP_REQUEST) + assert_equal 2, $event_list.length assert_equal expected_event.caseType, $event_list[1].caseType assert_equal expected_event.parameters, $event_list[1].parameters assert_nil expected_event.eventCategory, $event_list[1].eventCategory From 1e87098a72d93ee70a914dd16fe105adfba7396d Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Thu, 2 May 2024 17:54:07 +0530 Subject: [PATCH 10/11] fix for regression issue: NR-264721 --- lib/newrelic_security/agent/control/collector.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/newrelic_security/agent/control/collector.rb b/lib/newrelic_security/agent/control/collector.rb index 7a16213f..ffafc1d6 100644 --- a/lib/newrelic_security/agent/control/collector.rb +++ b/lib/newrelic_security/agent/control/collector.rb @@ -43,6 +43,7 @@ def collect(case_type, args, event_category = nil, **keyword_args) find_deserialisation(event, stk) if case_type != REFLECTED_XSS && NewRelic::Security::Agent.config[:'security.detection.deserialization.enabled'] find_rci(event, stk) if case_type != REFLECTED_XSS && NewRelic::Security::Agent.config[:'security.detection.rci.enabled'] event.stacktrace = stk[0..user_frame_index].map(&:to_s) + route = nil if case_type == REFLECTED_XSS event.httpResponse[:contentType] = keyword_args[:response_header] route = NewRelic::Security::Agent::Control::HTTPContext.get_context.route @@ -52,7 +53,7 @@ def collect(case_type, args, event_category = nil, **keyword_args) end # In rails 5 method name keeps chaning for same api call (ex: _app_views_sqli_sqlinjectionattackcase_html_erb__1999281606898621405_2624809100). # Hence, considering only frame absolute_path & lineno for apiId calculation. - event.apiId = "#{case_type}-#{calculate_api_id(stk[0..user_frame_index].map { |frame| "#{frame.absolute_path}:#{frame.lineno}" }, event.httpRequest[:method])}" + event.apiId = "#{case_type}-#{calculate_api_id(stk[0..user_frame_index].map { |frame| "#{frame.absolute_path}:#{frame.lineno}" }, event.httpRequest[:method], route)}" NewRelic::Security::Agent.agent.event_processor.send_event(event) if event.httpRequest[:headers].key?(NR_CSEC_FUZZ_REQUEST_ID) && event.apiId == event.httpRequest[:headers][NR_CSEC_FUZZ_REQUEST_ID].split(COLON_IAST_COLON)[0] NewRelic::Security::Agent.agent.iast_client.completed_requests[event.parentId] << event.id @@ -78,7 +79,8 @@ def get_user_frame_index(stk) return -1 end - def calculate_api_id(stk, method) + def calculate_api_id(stk, method, route) + stk << route if route ::Digest::SHA256.hexdigest("#{stk.join(PIPE)}|#{method}").to_s rescue Exception => e NewRelic::Security::Agent.logger.error "Exception in calculate_api_id : #{e} #{e.backtrace}" From f21c66428a45173b53b06e2774df90afe7161024 Mon Sep 17 00:00:00 2001 From: Prateek Sen Date: Fri, 3 May 2024 13:58:11 +0530 Subject: [PATCH 11/11] fix for regression due to last fix --- lib/newrelic_security/agent/control/http_context.rb | 1 - lib/newrelic_security/constants.rb | 2 ++ .../instrumentation-security/padrino/instrumentation.rb | 5 ++++- .../instrumentation-security/roda/instrumentation.rb | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/newrelic_security/agent/control/http_context.rb b/lib/newrelic_security/agent/control/http_context.rb index 95423fc8..2cf6fa57 100644 --- a/lib/newrelic_security/agent/control/http_context.rb +++ b/lib/newrelic_security/agent/control/http_context.rb @@ -43,7 +43,6 @@ def initialize(env) strio.rewind @body = @body.force_encoding(Encoding::UTF_8) if @body.is_a?(String) @cache = Hash.new - @route = "#{env[REQUEST_METHOD].to_s}@#{env[PATH_INFO].to_s}" NewRelic::Security::Agent.agent.http_request_count.increment NewRelic::Security::Agent.agent.iast_client.completed_requests[@headers[NR_CSEC_PARENT_ID]] = [] if @headers.key?(NR_CSEC_PARENT_ID) end diff --git a/lib/newrelic_security/constants.rb b/lib/newrelic_security/constants.rb index 6c7064a0..1abda380 100644 --- a/lib/newrelic_security/constants.rb +++ b/lib/newrelic_security/constants.rb @@ -46,6 +46,8 @@ module NewRelic::Security DELETE = 'delete' WRITE = 'write' BINWRITE = 'binwrite' + REQUEST_METHOD = 'REQUEST_METHOD' + PATH_INFO = 'PATH_INFO' CONTENT_TYPE = 'CONTENT_TYPE' REQUEST_URI = 'REQUEST_URI' SERVER_PORT = 'SERVER_PORT' diff --git a/lib/newrelic_security/instrumentation-security/padrino/instrumentation.rb b/lib/newrelic_security/instrumentation-security/padrino/instrumentation.rb index 28b0b19e..4177cd83 100644 --- a/lib/newrelic_security/instrumentation-security/padrino/instrumentation.rb +++ b/lib/newrelic_security/instrumentation-security/padrino/instrumentation.rb @@ -10,7 +10,10 @@ def call_on_enter(env) NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}" NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port] NewRelic::Security::Agent::Utils.get_app_routes(:padrino) if NewRelic::Security::Agent.agent.route_map.empty? - NewRelic::Security::Agent::Control::HTTPContext.set_context(env.instance_variable_get(:@env)) + extracted_env = env.instance_variable_get(:@env) + NewRelic::Security::Agent::Control::HTTPContext.set_context(extracted_env) + ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context + ctxt.route = "#{extracted_env[REQUEST_METHOD].to_s}@#{extracted_env[PATH_INFO].to_s}" if ctxt NewRelic::Security::Agent::Utils.parse_fuzz_header rescue => exception NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}" diff --git a/lib/newrelic_security/instrumentation-security/roda/instrumentation.rb b/lib/newrelic_security/instrumentation-security/roda/instrumentation.rb index c5e10e57..337fbd2f 100644 --- a/lib/newrelic_security/instrumentation-security/roda/instrumentation.rb +++ b/lib/newrelic_security/instrumentation-security/roda/instrumentation.rb @@ -11,6 +11,8 @@ def _roda_handle_main_route_on_enter(env) NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port] NewRelic::Security::Agent::Utils.get_app_routes(:roda) if NewRelic::Security::Agent.agent.route_map.empty? NewRelic::Security::Agent::Control::HTTPContext.set_context(env) + ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context + ctxt.route = "#{env[REQUEST_METHOD].to_s}@#{env[PATH_INFO].to_s}" if ctxt NewRelic::Security::Agent::Utils.parse_fuzz_header rescue => exception NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"