Send pushed params to helper

DataDog · Dec 11, 2023 · 813e40d · 813e40d
1 parent ed11359
commit 813e40d
Show file tree

Hide file tree

Showing 3 changed files with 103 additions and 0 deletions.
diff --git a/appsec/src/extension/tags.c b/appsec/src/extension/tags.c
@@ -4,9 +4,11 @@
 // This product includes software developed at Datadog
 // (https://www.datadoghq.com/). Copyright 2021 Datadog, Inc.
 #include "tags.h"
+#include "commands/request_exec.h"
 #include "ddappsec.h"
 #include "ddtrace.h"
 #include "ext/pcre/php_pcre.h"
+#include "helper_process.h"
 #include "ip_extraction.h"
 #include "logging.h"
 #include "php_compat.h"
@@ -1138,6 +1140,39 @@ static PHP_FUNCTION(datadog_appsec_track_custom_event)
     dd_tags_set_sampling_priority();
 }
 
+static PHP_FUNCTION(datadog_appsec_push_params)
+{
+    UNUSED(return_value);
+    if (DDAPPSEC_G(enabled) != ENABLED) {
+        mlog(dd_log_debug, "Trying to access to push_params "
+                           "function while appsec is disabled");
+        return;
+    }
+
+    zval *parameters = NULL;
+    if (zend_parse_parameters(ZEND_NUM_ARGS(), "z", &parameters) == FAILURE ||
+        Z_TYPE_P(parameters) != IS_ARRAY) {
+        mlog(dd_log_warning, "Unexpected parameters type. Expected array");
+        return;
+    }
+
+    zval parameters_zv;
+    ZVAL_ARR(&parameters_zv, zend_new_array(1));
+    zend_string *key =
+        zend_string_init(ZEND_STRL("server.request.path_params"), 0);
+    zend_hash_add(Z_ARRVAL(parameters_zv), key, parameters);
+
+    dd_conn *conn = dd_helper_mgr_cur_conn();
+    if (conn == NULL) {
+        mlog_g(dd_log_debug, "No connection; skipping push_params");
+        RETURN_FALSE;
+    }
+
+    dd_request_exec(conn, &parameters_zv);
+    zval_ptr_dtor(&parameters_zv);
+    zend_string_release(key);
+}
+
 static bool _set_appsec_enabled(zval *metrics_zv)
 {
     zval zv;
@@ -1228,11 +1263,16 @@ ZEND_ARG_INFO(0, event_name)
 ZEND_ARG_INFO(0, metadata)
 ZEND_END_ARG_INFO()
 
+ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(push_params_arginfo, 0, 0, IS_VOID, 1)
+ZEND_ARG_INFO(0, parameters)
+ZEND_END_ARG_INFO()
+
 static const zend_function_entry functions[] = {
     ZEND_RAW_FENTRY(DD_APPSEC_NS "track_user_signup_event", PHP_FN(datadog_appsec_track_user_signup_event), datadog_appsec_track_user_signup_event_arginfo, 0)
     ZEND_RAW_FENTRY(DD_APPSEC_NS "track_user_login_success_event", PHP_FN(datadog_appsec_track_user_login_success_event), track_user_login_success_event_arginfo, 0)
     ZEND_RAW_FENTRY(DD_APPSEC_NS "track_user_login_failure_event", PHP_FN(datadog_appsec_track_user_login_failure_event), track_user_login_failure_event_arginfo, 0)
     ZEND_RAW_FENTRY(DD_APPSEC_NS "track_custom_event", PHP_FN(datadog_appsec_track_custom_event), track_custom_event_arginfo, 0)
+    ZEND_RAW_FENTRY(DD_APPSEC_NS "push_params", PHP_FN(datadog_appsec_push_params), push_params_arginfo, 0)
     PHP_FE_END
 };
 

diff --git a/appsec/tests/extension/inc/mock_helper.php b/appsec/tests/extension/inc/mock_helper.php
@@ -152,6 +152,16 @@ function print_commands($sort = true) {
         print_r($commands);
     }
 
+    function get_command($command) {
+            $commands = $this->get_commands();
+            foreach($commands as $c) {
+                if ($c[0] == $command) {
+                    return $c;
+                }
+            }
+            return [];
+        }
+
     static function ksort_recurse(&$arr) {
         if (!is_array($arr)) {
             return;

diff --git a/appsec/tests/extension/push_params.phpt b/appsec/tests/extension/push_params.phpt
@@ -0,0 +1,53 @@
+--TEST--
+Push params ara sent on request_exec
+--INI--
+extension=ddtrace.so
+datadog.appsec.log_file=/tmp/php_appsec_test.log
+datadog.appsec.waf_timeout=42
+datadog.appsec.log_level=debug
+datadog.appsec.enabled=1
+--ENV--
+DD_TRACE_GENERATE_ROOT_SPAN=0
+REQUEST_URI=/static01/dynamic01/static02/dynamic02
+URL_SCHEME=http
+HTTP_CONTENT_TYPE=text/plain
+HTTP_CONTENT_LENGTH=0
+--FILE--
+<?php
+use function datadog\appsec\testing\{rinit,rshutdown};
+use function datadog\appsec\push_params;
+
+include __DIR__ . '/inc/mock_helper.php';
+
+$helper = Helper::createInitedRun([
+    response_list(response_request_init(['ok', []])),
+    response_list(response_request_exec(['ok', [], [], [], [], false]))
+]);
+
+var_dump(rinit());
+push_params(["some" => "params", "more" => "parameters"]);
+var_dump(rshutdown());
+
+var_dump($helper->get_command("request_exec"));
+
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+array(2) {
+  [0]=>
+  string(12) "request_exec"
+  [1]=>
+  array(1) {
+    [0]=>
+    array(1) {
+      ["server.request.path_params"]=>
+      array(2) {
+        ["some"]=>
+        string(6) "params"
+        ["more"]=>
+        string(10) "parameters"
+      }
+    }
+  }
+}