Skip to content

Commit

Permalink
only stringio ast patching
Browse files Browse the repository at this point in the history
  • Loading branch information
@gnufede
gnufede committed Sep 20, 2024
1 parent d3fa59e commit ac1bd7d
Show file tree
Hide file tree
Showing 4 changed files with 23 additions and 23 deletions.
8 changes: 4 additions & 4 deletions ddtrace/appsec/_common_module_patches.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@
def patch_common_modules():
try_wrap_function_wrapper("builtins", "open", wrapped_open_CFDDB7ABBA9081B6)
try_wrap_function_wrapper("urllib.request", "OpenerDirector.open", wrapped_open_ED4CF71136E15EBF)
try_wrap_function_wrapper("_io", "BytesIO.read", wrapped_read_F3E51D71B4EC16EF)
try_wrap_function_wrapper("_io", "StringIO.read", wrapped_read_F3E51D71B4EC16EF)
# try_wrap_function_wrapper("_io", "BytesIO.read", wrapped_read_F3E51D71B4EC16EF)
# try_wrap_function_wrapper("_io", "StringIO.read", wrapped_read_F3E51D71B4EC16EF)
try_wrap_function_wrapper("os", "system", wrapped_system_5542593D237084A7)
core.on("asm.block.dbapi.execute", execute_4C9BAC8E228EB347)
if asm_config._iast_enabled:
Expand All @@ -41,8 +41,8 @@ def patch_common_modules():
def unpatch_common_modules():
try_unwrap("builtins", "open")
try_unwrap("urllib.request", "OpenerDirector.open")
try_unwrap("_io", "BytesIO.read")
try_unwrap("_io", "StringIO.read")
# try_unwrap("_io", "BytesIO.read")
# try_unwrap("_io", "StringIO.read")


def wrapped_read_F3E51D71B4EC16EF(original_read_callable, instance, args, kwargs):
Expand Down
4 changes: 2 additions & 2 deletions ddtrace/appsec/_iast/_ast/visitor.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,15 +41,15 @@ def _mark_avoid_convert_recursively(node):
"alias_module": "ddtrace_aspects",
"functions": {
"StringIO": "ddtrace_aspects.stringio_aspect",
"BytesIO": "ddtrace_aspects.bytesio_aspect",
# "BytesIO": "ddtrace_aspects.bytesio_aspect",
"str": "ddtrace_aspects.str_aspect",
"bytes": "ddtrace_aspects.bytes_aspect",
"bytearray": "ddtrace_aspects.bytearray_aspect",
"ddtrace_iast_flask_patch": "ddtrace_aspects.empty_func", # To avoid recursion
},
"stringalike_methods": {
"StringIO": "ddtrace_aspects.stringio_aspect",
"BytesIO": "ddtrace_aspects.bytesio_aspect",
# "BytesIO": "ddtrace_aspects.bytesio_aspect",
"decode": "ddtrace_aspects.decode_aspect",
"join": "ddtrace_aspects.join_aspect",
"encode": "ddtrace_aspects.encode_aspect",
Expand Down
32 changes: 16 additions & 16 deletions tests/appsec/iast/_ast/test_ast_patching.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,19 +192,19 @@ def test_astpatch_stringio_module_changed(module_name):
assert "ddtrace_aspects.stringio_aspect(" in new_code


@pytest.mark.parametrize(
"module_name",
[
("tests.appsec.iast.fixtures.ast.io.module_bytesio"),
("tests.appsec.iast.fixtures.ast.io.function_bytesio"),
],
)
def test_astpatch_bytesio_module_changed(module_name):
module_path, new_source = astpatch_module(__import__(module_name, fromlist=[None]))
assert ("", "") != (module_path, new_source)
new_code = astunparse.unparse(new_source)
assert new_code.startswith(
"\nimport ddtrace.appsec._iast.taint_sinks as ddtrace_taint_sinks"
"\nimport ddtrace.appsec._iast._taint_tracking.aspects as ddtrace_aspects"
)
assert "ddtrace_aspects.bytesio_aspect(" in new_code
# @pytest.mark.parametrize(
# "module_name",
# [
# ("tests.appsec.iast.fixtures.ast.io.module_bytesio"),
# ("tests.appsec.iast.fixtures.ast.io.function_bytesio"),
# ],
# )
# def test_astpatch_bytesio_module_changed(module_name):
# module_path, new_source = astpatch_module(__import__(module_name, fromlist=[None]))
# assert ("", "") != (module_path, new_source)
# new_code = astunparse.unparse(new_source)
# assert new_code.startswith(
# "\nimport ddtrace.appsec._iast.taint_sinks as ddtrace_taint_sinks"
# "\nimport ddtrace.appsec._iast._taint_tracking.aspects as ddtrace_aspects"
# )
# assert "ddtrace_aspects.bytesio_aspect(" in new_code
2 changes: 1 addition & 1 deletion tests/appsec/integrations/test_flask_iast_patching.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ def test_flask_iast_ast_patching_re(style, endpoint, function):
@pytest.mark.parametrize(
"function",
[
"bytesio",
# "bytesio",
"stringio",
],
)
Expand Down

0 comments on commit ac1bd7d

Please sign in to comment.