From 26c41f139eaab3e88d7104d239a9076ec571a641 Mon Sep 17 00:00:00 2001 From: Alejandro Estringana Ruiz Date: Tue, 23 Jul 2024 13:11:11 +0200 Subject: [PATCH] Wrap lfi functions --- Makefile | 2 + ext/integrations/integrations.c | 9 +++ ext/integrations/integrations.h | 1 + .../Filesystem/FilesystemIntegration.php | 68 ++++++++++++++++ .../Filesystem/FilesystemTest.php | 80 +++++++++++++++++++ tests/Integrations/Filesystem/dummy | 1 + tests/Integrations/Filesystem/index.php | 20 +++++ 7 files changed, 181 insertions(+) create mode 100644 src/DDTrace/Integrations/Filesystem/FilesystemIntegration.php create mode 100644 tests/Integrations/Filesystem/FilesystemTest.php create mode 100644 tests/Integrations/Filesystem/dummy create mode 100644 tests/Integrations/Filesystem/index.php diff --git a/Makefile b/Makefile index 0e2331b25ff..5bf57ff3511 100644 --- a/Makefile +++ b/Makefile @@ -1173,6 +1173,8 @@ test_integrations_amqp35: global_test_run_dependencies test_integrations_deferred_loading: global_test_run_dependencies $(MAKE) test_scenario_predis1 $(call run_tests_debug,tests/Integrations/DeferredLoading) +test_integrations_filesystem: global_test_run_dependencies + $(call run_tests_debug,tests/Integrations/Filesystem) test_integrations_curl: global_test_run_dependencies $(call run_tests_debug,tests/Integrations/Curl) test_integrations_elasticsearch1: global_test_run_dependencies diff --git a/ext/integrations/integrations.c b/ext/integrations/integrations.c index 259d5910b86..6f2c1d5bede 100644 --- a/ext/integrations/integrations.c +++ b/ext/integrations/integrations.c @@ -245,6 +245,15 @@ void ddtrace_integrations_minit(void) { DD_SET_UP_DEFERRED_LOADING_BY_FUNCTION(DDTRACE_INTEGRATION_EXEC, "proc_open", "DDTrace\\Integrations\\Exec\\ExecIntegration"); + DD_SET_UP_DEFERRED_LOADING_BY_FUNCTION(DDTRACE_INTEGRATION_FILESYSTEM, "file_get_contents", + "DDTrace\\Integrations\\Filesystem\\FilesystemIntegration"); + DD_SET_UP_DEFERRED_LOADING_BY_FUNCTION(DDTRACE_INTEGRATION_FILESYSTEM, "file_put_contents", + "DDTrace\\Integrations\\Filesystem\\FilesystemIntegration"); + DD_SET_UP_DEFERRED_LOADING_BY_FUNCTION(DDTRACE_INTEGRATION_FILESYSTEM, "fopen", "DDTrace\\Integrations\\Filesystem\\FilesystemIntegration"); + DD_SET_UP_DEFERRED_LOADING_BY_FUNCTION(DDTRACE_INTEGRATION_FILESYSTEM, "readfile", "DDTrace\\Integrations\\Filesystem\\FilesystemIntegration"); + DD_SET_UP_DEFERRED_LOADING_BY_FUNCTION(DDTRACE_INTEGRATION_FILESYSTEM, "stat", "DDTrace\\Integrations\\Filesystem\\FilesystemIntegration"); + DD_SET_UP_DEFERRED_LOADING_BY_FUNCTION(DDTRACE_INTEGRATION_FILESYSTEM, "lstat", "DDTrace\\Integrations\\Filesystem\\FilesystemIntegration"); + DD_SET_UP_DEFERRED_LOADING_BY_FUNCTION(DDTRACE_INTEGRATION_CURL, "curl_exec", "DDTrace\\Integrations\\Curl\\CurlIntegration"); DD_SET_UP_DEFERRED_LOADING_BY_FUNCTION(DDTRACE_INTEGRATION_CURL, "curl_multi_exec", diff --git a/ext/integrations/integrations.h b/ext/integrations/integrations.h index 9ca0c4cae70..244204d1ebd 100644 --- a/ext/integrations/integrations.h +++ b/ext/integrations/integrations.h @@ -16,6 +16,7 @@ INTEGRATION(CAKEPHP, "cakephp") \ INTEGRATION(CODEIGNITER, "codeigniter") \ INTEGRATION(EXEC, "exec") \ + INTEGRATION(FILESYSTEM, "filesystem") \ INTEGRATION(CURL, "curl") \ INTEGRATION(DRUPAL, "drupal") \ INTEGRATION(ELASTICSEARCH, "elasticsearch") \ diff --git a/src/DDTrace/Integrations/Filesystem/FilesystemIntegration.php b/src/DDTrace/Integrations/Filesystem/FilesystemIntegration.php new file mode 100644 index 00000000000..f471897d049 --- /dev/null +++ b/src/DDTrace/Integrations/Filesystem/FilesystemIntegration.php @@ -0,0 +1,68 @@ +args) == 0 || !is_string($hook->args[0])) { + return; + } + + $filename = $hook->args[0]; + if (function_exists('\datadog\appsec\push_address')) { + \datadog\appsec\push_address("server.io.fs.file", $filename); + } + }; + } + +} diff --git a/tests/Integrations/Filesystem/FilesystemTest.php b/tests/Integrations/Filesystem/FilesystemTest.php new file mode 100644 index 00000000000..273d2b9cc0d --- /dev/null +++ b/tests/Integrations/Filesystem/FilesystemTest.php @@ -0,0 +1,80 @@ +getEvents(); + $this->assertEquals(1, count($events)); + $this->assertEquals($value, $events[0]["server.io.fs.file"]); + $this->assertEquals('push_address', $events[0]['eventName']); + } + + public function testFileGetContents() + { + $traces = $this->tracesFromWebRequest(function () { + $response = $this->call(GetSpec::create('Root', '/?function=file_get_contents&path=./index.php')); + TestCase::assertSame('OK', $response); + }); + + $this->assertEvent('./index.php'); + } + + public function testFilePutContents() + { + $traces = $this->tracesFromWebRequest(function () { + $response = $this->call(GetSpec::create('Root', '/?function=file_put_contents&path=./somefile')); + TestCase::assertSame('OK', $response); + }); + $this->assertEvent('./somefile'); + } + + public function testFopen() + { + $traces = $this->tracesFromWebRequest(function () { + $response = $this->call(GetSpec::create('Root', '/?function=fopen&path=./index.php')); + TestCase::assertSame('OK', $response); + }); + $this->assertEvent('./index.php'); + } + + public function testReadFile() + { + $traces = $this->tracesFromWebRequest(function () { + $response = $this->call(GetSpec::create('Root', '/?function=readfile&path=./dummy')); + TestCase::assertSame("Dummy file content\nOK", $response); + }); + $this->assertEvent('./dummy'); + } + + public function testStat() + { + $traces = $this->tracesFromWebRequest(function () { + $response = $this->call(GetSpec::create('Root', '/?function=stat&path=./dummy')); + TestCase::assertSame("OK", $response); + }); + $this->assertEvent('./dummy'); + } + + public function testLstat() + { + $traces = $this->tracesFromWebRequest(function () { + $response = $this->call(GetSpec::create('Root', '/?function=lstat&path=./dummy')); + TestCase::assertSame("OK", $response); + }); + $this->assertEvent('./dummy'); + } +} diff --git a/tests/Integrations/Filesystem/dummy b/tests/Integrations/Filesystem/dummy new file mode 100644 index 00000000000..7fb944a598a --- /dev/null +++ b/tests/Integrations/Filesystem/dummy @@ -0,0 +1 @@ +Dummy file content diff --git a/tests/Integrations/Filesystem/index.php b/tests/Integrations/Filesystem/index.php new file mode 100644 index 00000000000..6e371a1630e --- /dev/null +++ b/tests/Integrations/Filesystem/index.php @@ -0,0 +1,20 @@ +