internal static IntPtr?Configure(string rulesFile, WafNative wafNative, Encoder encoder)
        {
            var argCache  = new List <Obj>();
            var configObj = GetConfigObj(rulesFile, argCache, encoder);

            if (configObj == null)
            {
                return(null);
            }

            try
            {
                DdwafConfigStruct args = default;
                var ruleHandle         = wafNative.Init(configObj.RawPtr, ref args);
                if (ruleHandle == IntPtr.Zero)
                {
                    Log.Warning("DDAS-0005-00: WAF initialization failed.");
                }

                return(ruleHandle);
            }
            finally
            {
                wafNative.ObjectFree(configObj.RawPtr);

                configObj.Dispose();
                foreach (var arg in argCache)
                {
                    arg.Dispose();
                }
            }
        }
Esempio n. 2
0
        /// <summary>
        /// Loads library and configure it with the ruleset file
        /// </summary>
        /// <param name="rulesFile">can be null, means use rules embedded in the manifest </param>
        /// <returns>the waf wrapper around waf native</returns>
        internal static Waf Create(string rulesFile = null)
        {
            var libraryHandle = LibraryLoader.LoadAndGetHandle();

            if (libraryHandle == IntPtr.Zero)
            {
                return(null);
            }

            var wafNative  = new WafNative(libraryHandle);
            var encoder    = new Encoder(wafNative);
            var ruleHandle = WafConfigurator.Configure(rulesFile, wafNative, encoder);

            return(ruleHandle == null ? null : new Waf(ruleHandle.Value, wafNative, encoder));
        }
        public void LetsFuzz()
        {
            // if we don't throw any exceptions and generate a valid object the the test is successful

            var libraryHandle = LibraryLoader.LoadAndGetHandle();
            var wafNative     = new WafNative(libraryHandle);
            var encoder       = new AppSec.Waf.Encoder(wafNative);

            var jsonGenerator = new JsonGenerator();

            var errorOccured = false;

            for (int i = 0; i < 100; i++)
            {
                var buffer = jsonGenerator.GenerateJsonBuffer();
                try
                {
                    using var memoryStream = new MemoryStream(buffer.Array, buffer.Offset, buffer.Count, false);
                    using var streamReader = new StreamReader(memoryStream);
                    using var jsonReader   = new JsonTextReader(streamReader);
                    var root = JToken.ReadFrom(jsonReader);

                    var l = new List <Obj>();
                    using var result = encoder.Encode(root, l);

                    // check the object is valid
                    Assert.NotEqual(ObjType.Invalid, result.ArgsType);

                    l.ForEach(x => x.Dispose());
                }
                catch (Exception ex)
                {
                    errorOccured = true;

                    _outputHelper.WriteLine($"Error occured on run '{i}' parsing json: {ex}");
                    _outputHelper.WriteLine("Json causing the error was:");
                    ViewJson(buffer);
                }
            }

            Assert.False(errorOccured);
        }
Esempio n. 4
0
 private Waf(IntPtr ruleHandle, WafNative wafNative, Encoder encoder)
 {
     this.ruleHandle = ruleHandle;
     this.wafNative  = wafNative;
     this.encoder    = encoder;
 }
Esempio n. 5
0
 public Encoder(WafNative wafNative) => _wafNative = wafNative;
Esempio n. 6
0
 public Result(DdwafResultStruct returnStruct, DDWAF_RET_CODE returnCode, WafNative wafNative)
 {
     this.returnStruct = returnStruct;
     this.returnCode   = returnCode;
     this.wafNative    = wafNative;
 }