Skip to content

Test CI #3675

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
iamluc wants to merge 1 commit into
base: master
Choose a base branch
from
+70 −29
Draft

Test CI #3675

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 42 additions & 0 deletions appsec/src/extension/configuration.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,48 @@ static bool _parse_uint64(
return _parse_uint(value, decoded_value, LONG_MAX);
}

static bool _parse_list(
zai_str value, zval *nonnull decoded_value, bool persistent)
{
zval tmp;
ZVAL_ARR(&tmp, pemalloc(sizeof(HashTable), persistent)); // NOLINT
zend_hash_init(Z_ARRVAL(tmp), 8, NULL,
persistent ? ZVAL_INTERNAL_PTR_DTOR : ZVAL_PTR_DTOR, persistent);

char *data = (char *)value.ptr;
if (data && *data) { // non-empty
const char *val_start;
const char *val_end;
do {
if (*data != ',' && *data != ' ' && *data != '\t' &&
*data != '\n') {
val_start = val_end = data;
while (*++data && *data != ',') {
if (*data != ' ' && *data != '\t' && *data != '\n') {
val_end = data;
}
}
size_t val_len = val_end - val_start + 1;
zval val;
ZVAL_NEW_STR(
&val, zend_string_init(val_start, val_len, persistent));
zend_hash_next_index_insert_new(Z_ARRVAL(tmp), &val);
} else {
++data;
}
} while (*data);

if (zend_hash_num_elements(Z_ARRVAL(tmp)) == 0) {
zend_hash_destroy(Z_ARRVAL(tmp));
pefree(Z_ARRVAL(tmp), persistent);
return false;
}
}

ZVAL_COPY_VALUE(decoded_value, &tmp);
return true;
}

#define CUSTOM(...) CUSTOM
// NOLINTNEXTLINE(bugprone-macro-parentheses)
#define CALIAS_EXPAND(name) {.ptr = name, .len = sizeof(name) - 1},
Expand Down
15 changes: 9 additions & 6 deletions appsec/src/extension/configuration.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,11 +26,11 @@ extern bool runtime_config_first_init;
#define DEFAULT_OBFUSCATOR_VALUE_REGEX \
"(?i)(?:p(?:ass)?w(?:or)?d|pass(?:[_-]?phrase)?|secret(?:[_-]?key)?|(?:(?:api|private|public|access)[_-]?)key(?:[_-]?id)?|(?:(?:auth|access|id|refresh)[_-]?)?token|consumer[_-]?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?|jsessionid|phpsessid|asp\\.net(?:[_-]|-)sessionid|sid|jwt)(?:\\s*=([^;&]+)|\"\\s*:\\s*(\"[^\"]+\"|\\d+))|bearer\\s+([a-z0-9\\._\\-]+)|token\\s*:\\s*([a-z0-9]{13})|gh[opsu]_([0-9a-zA-Z]{36})|ey[I-L][\\w=-]+\\.(ey[I-L][\\w=-]+(?:\\.[\\w.+\\/=-]+)?)|[\\-]{5}BEGIN[a-z\\s]+PRIVATE\\sKEY[\\-]{5}([^\\-]+)[\\-]{5}END[a-z\\s]+PRIVATE\\sKEY|ssh-rsa\\s*([a-z0-9\\/\\.+]{100,})"

#define DD_BASE(path) "/opt/datadog-php/" path
#define DD_BASE(path) "/opt/datadog-php/"

// clang-format off
#define DD_CONFIGURATION_GENERAL \
CONFIG(BOOL, DD_APPSEC_ENABLED, "false", .ini_change = zai_config_system_ini_change) \
CONFIG(BOOL, DD_APPSEC_ENABLED, "false", .ini_change = zai_config_system_ini_change) \
SYSCFG(BOOL, DD_APPSEC_CLI_START_ON_RINIT, "false") \
SYSCFG(STRING, DD_APPSEC_RULES, "") \
SYSCFG(CUSTOM(uint64_t), DD_APPSEC_WAF_TIMEOUT, "10000", .parser = _parse_uint64) \
Expand All @@ -44,30 +44,33 @@ extern bool runtime_config_first_init;
SYSCFG(BOOL, DD_APPSEC_TESTING_HELPER_METRICS, "false") \
CONFIG(CUSTOM(INT), DD_APPSEC_LOG_LEVEL, "warn", .parser = dd_parse_log_level) \
SYSCFG(STRING, DD_APPSEC_LOG_FILE, "php_error_reporting") \
SYSCFG(BOOL, DD_APPSEC_HELPER_LAUNCH, "true") \
CONFIG(STRING, DD_APPSEC_HELPER_PATH, DD_BASE("bin/libddappsec-helper.so")) \
SYSCFG(BOOL, DD_APPSEC_STACK_TRACE_ENABLED, "true") \
SYSCFG(BOOL, DD_APPSEC_RASP_ENABLED , "true") \
SYSCFG(INT, DD_APPSEC_MAX_STACK_TRACE_DEPTH, "32") \
SYSCFG(INT, DD_APPSEC_MAX_STACK_TRACES, "2") \
SYSCFG(STRING, DD_APPSEC_HELPER_LOG_FILE, "/dev/null") \
SYSCFG(STRING, DD_APPSEC_HELPER_LOG_LEVEL, "info") \
CONFIG(CUSTOM(SET), DD_EXTRA_SERVICES, "", .parser = _parse_list) \
CONFIG(STRING, DD_SERVICE, "") \
CONFIG(STRING, DD_ENV, "") \
CONFIG(STRING, DD_VERSION, "") \
CONFIG(BOOL, DD_REMOTE_CONFIG_ENABLED, "true") \
CONFIG(STRING, DD_AGENT_HOST, "localhost") \
CONFIG(CUSTOM(uint32_t), DD_REMOTE_CONFIG_POLL_INTERVAL, "1000", .parser = _parse_uint32) \
CONFIG(STRING, DD_AGENT_HOST, "") \
CONFIG(INT, DD_TRACE_AGENT_PORT, "0") \
CONFIG(INT, DD_APPSEC_MAX_BODY_BUFF_SIZE, "524288") \
CONFIG(STRING, DD_TRACE_AGENT_URL, "") \
CONFIG(BOOL, DD_TRACE_ENABLED, "true") \
CALIAS(CUSTOM(STRING), DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE, "ident", \
CALIASES("DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING"), .parser = dd_parse_user_collection_mode) \
CALIAS(CUSTOM(STRING), DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE, "ident", \
CALIASES("DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING"), .parser = dd_parse_user_collection_mode) \
CONFIG(BOOL, DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING_ENABLED, "true") \
CONFIG(STRING, DD_APPSEC_HTTP_BLOCKED_TEMPLATE_HTML, "") \
CONFIG(STRING, DD_APPSEC_HTTP_BLOCKED_TEMPLATE_JSON, "") \
CONFIG(BOOL, DD_APM_TRACING_ENABLED, "true") \
CONFIG(BOOL, DD_API_SECURITY_ENABLED, "true", .ini_change = zai_config_system_ini_change) \
CONFIG(DOUBLE, DD_API_SECURITY_SAMPLE_DELAY, "30", .ini_change = zai_config_system_ini_change)
CONFIG(DOUBLE, DD_API_SECURITY_SAMPLE_DELAY, "30.0", .ini_change = zai_config_system_ini_change)

#ifdef __linux__
#define DD_CONFIGURATION \
Expand Down
2 changes: 1 addition & 1 deletion ext/auto_flush.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ char *ddtrace_agent_url(void) {
return zend_strndup(ZSTR_VAL(hostname), ZSTR_LEN(hostname));
}

if (ZSTR_LEN(hostname) > 0 && zai_config_memoized_entries[DDTRACE_CONFIG_DD_AGENT_HOST].name_index != ZAI_CONFIG_ORIGIN_DEFAULT) {
if (ZSTR_LEN(hostname) > 0) {
bool isIPv6 = memchr(ZSTR_VAL(hostname), ':', ZSTR_LEN(hostname));

int64_t port = get_global_DD_TRACE_AGENT_PORT();
Expand Down
26 changes: 13 additions & 13 deletions ext/configuration.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ enum ddtrace_sampling_rules_format {
#define DD_TRACE_AGENT_FLUSH_INTERVAL_VAL 1001

#define DD_INTEGRATION_ANALYTICS_ENABLED_DEFAULT false
#define DD_INTEGRATION_ANALYTICS_SAMPLE_RATE_DEFAULT 1.0
#define DD_INTEGRATION_ANALYTICS_SAMPLE_RATE_DEFAULT 1

#if PHP_VERSION_ID >= 80300 || defined(_WIN32)
#define DD_SIDECAR_TRACE_SENDER_DEFAULT true
Expand Down Expand Up @@ -100,12 +100,12 @@ enum ddtrace_sampling_rules_format {
CONFIG(STRING, DD_TRACE_SOURCES_PATH, DD_DEFAULT_SOURCES_PATH, .ini_change = zai_config_system_ini_change) \
CONFIG(BOOL, DD_AUTOLOAD_NO_COMPILE, "false", .ini_change = zai_config_system_ini_change) \
CONFIG(STRING, DD_TRACE_AGENT_URL, "", .ini_change = zai_config_system_ini_change) \
CONFIG(STRING, DD_AGENT_HOST, "localhost", .ini_change = zai_config_system_ini_change) \
CONFIG(STRING, DD_DOGSTATSD_URL, "http://localhost:8125") \
CONFIG(STRING, DD_DOGSTATSD_HOST, "localhost") \
CONFIG(STRING, DD_AGENT_HOST, "", .ini_change = zai_config_system_ini_change) \
CONFIG(STRING, DD_DOGSTATSD_URL, "") \
CONFIG(STRING, DD_DOGSTATSD_HOST, "") \
CONFIG(STRING, DD_API_KEY, "", .ini_change = zai_config_system_ini_change) \
CONFIG(BOOL, DD_DISTRIBUTED_TRACING, "true") \
CONFIG(INT, DD_DOGSTATSD_PORT, "8125") \
CONFIG(STRING, DD_DOGSTATSD_PORT, "8125") \
CONFIG(STRING, DD_ENV, "", .ini_change = ddtrace_alter_dd_env, \
.env_config_fallback = ddtrace_conf_otel_resource_attributes_env) \
CONFIG(BOOL, DD_AUTOFINISH_SPANS, "false") \
Expand All @@ -114,10 +114,10 @@ enum ddtrace_sampling_rules_format {
CONFIG(STRING, DD_SERVICE, "", .ini_change = ddtrace_alter_dd_service, \
.env_config_fallback = ddtrace_conf_otel_service_name) \
CONFIG(MAP, DD_SERVICE_MAPPING, "") \
CONFIG(CUSTOM(MAP), DD_TAGS, "", \
CONFIG(CUSTOM(MAP), DD_TAGS, "", \
.env_config_fallback = ddtrace_conf_otel_resource_attributes_tags, \
.parser = dd_parse_tags) \
CONFIG(INT, DD_TRACE_AGENT_PORT, "8126", .ini_change = zai_config_system_ini_change) \
.parser = dd_parse_tags) \
CONFIG(INT, DD_TRACE_AGENT_PORT, "0", .ini_change = zai_config_system_ini_change) \
CONFIG(BOOL, DD_TRACE_ANALYTICS_ENABLED, "false") \
CONFIG(BOOL, DD_TRACE_APPEND_TRACE_IDS_TO_LOGS, "false") \
CONFIG(BOOL, DD_TRACE_AUTO_FLUSH_ENABLED, "false") /* true in CLI */ \
Expand Down Expand Up @@ -177,7 +177,7 @@ enum ddtrace_sampling_rules_format {
CONFIG(SET_LOWERCASE, DD_TRACE_PROPAGATION_STYLE_INJECT, "datadog,tracecontext,baggage") \
CONFIG(SET_LOWERCASE, DD_TRACE_PROPAGATION_STYLE, "datadog,tracecontext,baggage", \
.env_config_fallback = ddtrace_conf_otel_propagators) \
CONFIG(SET, DD_TRACE_BAGGAGE_TAG_KEYS, "user.id, session.id, account.id") \
CONFIG(SET, DD_TRACE_BAGGAGE_TAG_KEYS, "user.id,session.id,account.id") \
CONFIG(BOOL, DD_TRACE_IGNORE_AGENT_SAMPLING_RATES, "false", .ini_change = zai_config_system_ini_change) \
CONFIG(SET, DD_TRACE_TRACED_INTERNAL_FUNCTIONS, "") \
CONFIG(INT, DD_TRACE_AGENT_TIMEOUT, DD_CFG_EXPSTR(DD_TRACE_AGENT_TIMEOUT_VAL), \
Expand All @@ -190,7 +190,7 @@ enum ddtrace_sampling_rules_format {
CONFIG(BOOL, DD_TRACE_GENERATE_ROOT_SPAN, "true", .ini_change = ddtrace_span_alter_root_span_config) \
CONFIG(INT, DD_TRACE_SPANS_LIMIT, "1000") \
CONFIG(BOOL, DD_TRACE_128_BIT_TRACEID_GENERATION_ENABLED, "true") \
CONFIG(BOOL, DD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED, "true") \
CONFIG(BOOL, DD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED, "true") \
CONFIG(INT, DD_TRACE_BGS_CONNECT_TIMEOUT, DD_CFG_EXPSTR(DD_TRACE_BGS_CONNECT_TIMEOUT_VAL), \
.ini_change = zai_config_system_ini_change) \
CONFIG(INT, DD_TRACE_BGS_TIMEOUT, DD_CFG_EXPSTR(DD_TRACE_BGS_TIMEOUT_VAL), \
Expand Down Expand Up @@ -248,16 +248,16 @@ enum ddtrace_sampling_rules_format {
CONFIG(BOOL, DD_TRACE_WEBSOCKET_MESSAGES_INHERIT_SAMPLING, "true") \
CONFIG(BOOL, DD_TRACE_WEBSOCKET_MESSAGES_SEPARATE_TRACES, "true") \
CONFIG(BOOL, DD_INJECT_FORCE, "false", .ini_change = zai_config_system_ini_change) \
CONFIG(DOUBLE, DD_REMOTE_CONFIG_POLL_INTERVAL_SECONDS, "5.0", .ini_change = zai_config_system_ini_change) \
CONFIG(BOOL, DD_REMOTE_CONFIG_ENABLED, "true", .ini_change = zai_config_system_ini_change) \
CONFIG(DOUBLE, DD_REMOTE_CONFIG_POLL_INTERVAL_SECONDS, "5", .ini_change = zai_config_system_ini_change) \
CONFIG(BOOL, DD_REMOTE_CONFIG_ENABLED, "true", .ini_change = zai_config_system_ini_change) \
CONFIG(BOOL, DD_DYNAMIC_INSTRUMENTATION_ENABLED, "false", .ini_change = ddtrace_alter_dynamic_instrumentation_config) \
CONFIG(SET, DD_DYNAMIC_INSTRUMENTATION_REDACTED_IDENTIFIERS, "", .ini_change = zai_config_system_ini_change) \
CONFIG(BOOL, DD_APM_TRACING_ENABLED, "true") \
CONFIG(SET, DD_DYNAMIC_INSTRUMENTATION_REDACTED_TYPES, "", .ini_change = zai_config_system_ini_change) \
CONFIG(INT, DD_TRACE_BAGGAGE_MAX_ITEMS, "64") \
CONFIG(INT, DD_TRACE_BAGGAGE_MAX_BYTES, "8192") \
CONFIG(BOOL, DD_TRACE_INFERRED_PROXY_SERVICES_ENABLED, "false") \
CONFIG(SET, DD_TRACE_HTTP_CLIENT_ERROR_STATUSES, "400-499", .ini_change = zai_config_system_ini_change) \
CONFIG(SET, DD_TRACE_HTTP_CLIENT_ERROR_STATUSES, "500-599", .ini_change = zai_config_system_ini_change) \
CONFIG(SET, DD_TRACE_HTTP_SERVER_ERROR_STATUSES, "500-599", .ini_change = zai_config_system_ini_change) \
CONFIG(BOOL, DD_CODE_ORIGIN_FOR_SPANS_ENABLED, "true", .ini_change = ddtrace_alter_DD_CODE_ORIGIN_FOR_SPANS_ENABLED) \
CONFIG(INT, DD_CODE_ORIGIN_MAX_USER_FRAMES, "8") \
Expand Down
14 changes: 5 additions & 9 deletions ext/dogstatsd.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,13 @@ ZEND_EXTERN_MODULE_GLOBALS(ddtrace);

char *ddtrace_dogstatsd_url(void) {
zend_string *url = get_DD_DOGSTATSD_URL();
if (ZSTR_LEN(url) > 0 && zai_config_memoized_entries[DDTRACE_CONFIG_DD_DOGSTATSD_URL].name_index != ZAI_CONFIG_ORIGIN_DEFAULT) {
if (ZSTR_LEN(url) > 0) {
return zend_strndup(ZSTR_VAL(url), ZSTR_LEN(url) + 1);
}

zend_string *hostname = get_DD_DOGSTATSD_HOST();
if (ZSTR_LEN(hostname) == 0 || zai_config_memoized_entries[DDTRACE_CONFIG_DD_DOGSTATSD_HOST].name_index == ZAI_CONFIG_ORIGIN_DEFAULT) {
if (zai_config_memoized_entries[DDTRACE_CONFIG_DD_AGENT_HOST].name_index == ZAI_CONFIG_ORIGIN_DEFAULT) {
hostname = ZSTR_EMPTY_ALLOC();
} else {
hostname = get_global_DD_AGENT_HOST();
}
if (ZSTR_LEN(hostname) == 0) {
hostname = get_global_DD_AGENT_HOST();
}

if (ZSTR_LEN(hostname) > 7 && strncmp(ZSTR_VAL(hostname), "unix://", 7) == 0) {
Expand All @@ -29,7 +25,7 @@ char *ddtrace_dogstatsd_url(void) {
if (ZSTR_LEN(hostname) > 0) {
bool isIPv6 = memchr(ZSTR_VAL(hostname), ':', ZSTR_LEN(hostname));

int port = get_DD_DOGSTATSD_PORT();
int port = atoi(ZSTR_VAL(get_DD_DOGSTATSD_PORT()));
if (port <= 0 || port > 65535) {
port = 8125;
}
Expand All @@ -43,7 +39,7 @@ char *ddtrace_dogstatsd_url(void) {
}

int64_t port = get_global_DD_TRACE_AGENT_PORT();
if (port <= 0 || port > 65535 || zai_config_memoized_entries[DDTRACE_CONFIG_DD_TRACE_AGENT_PORT].name_index == ZAI_CONFIG_ORIGIN_DEFAULT) {
if (port <= 0 || port > 65535) {
port = 8125;
}
char *formatted_url;
Expand Down
Loading