Skip to content

Commit

Permalink
logger added
Browse files Browse the repository at this point in the history
  • Loading branch information
@sumitsuthar
sumitsuthar committed Nov 23, 2023
1 parent 8a090c9 commit 1c181fd
Show file tree
Hide file tree
Showing 15 changed files with 51 additions and 22 deletions.
1 change: 1 addition & 0 deletions lib/instrumentation-security/hooks/@nestjs/nr-nestjs-core.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ module.exports = function initialize(shim) {
if (!shim.isFunction(fn)) {
return fn
}
logger.debug(`Instrumenting routerExplorer.prototype.applyCallbackToRouter`)
return function wrappedApplyCallbackToRouter() {
try {
const stakTrace = secUtils.traceElementForRoute();
Expand Down
2 changes: 2 additions & 0 deletions lib/instrumentation-security/hooks/express/nr-express.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ function wrapExpress4(shim, express) {
if (!shim.isFunction(fn)) {
return fn
}
logger.debug('Instrumenting express.Router.route');
return function wrappedRoute() {
try {
const stakTrace = secUtils.traceElementForRoute();
Expand All @@ -62,6 +63,7 @@ function wrapExpress4(shim, express) {
if (!shim.isFunction(fn)) {
return fn
}
logger.debug('Instrumenting express.Router.process_params')
return function wrappedParam() {
extractParams(shim, arguments[2]);
const route = fn.apply(this, arguments)
Expand Down
1 change: 1 addition & 0 deletions lib/instrumentation-security/hooks/fastify/nr-fastify.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ const setupRouteHandler = (shim, fastify, moduleName) => {
if (!shim.isFunction(fn)) {
return fn
}
logger.debug(`Instrumenting ${moduleName}.${fun}`);
return function wrappedRoute() {
try {
const stakTrace = secUtils.traceElementForRoute();
Expand Down
29 changes: 17 additions & 12 deletions lib/instrumentation-security/hooks/fs/nr-fs.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,8 +94,8 @@ const promiseFunctionProbableToFI = [
*/
function initialize(shim, mod, moduleName) {

logger.info("Instrumenting FS module");

logger.info(`Instrumenting ${moduleName}`);
requireHook.initialize(shim)
const binding = process.binding("fs");
openHook(shim, binding, moduleName);
Expand All @@ -116,6 +116,7 @@ function initialize(shim, mod, moduleName) {
*/
function openHook(shim, mod, moduleName) {
shim.wrap(mod, "open", function makeOpenWrapper(shim, fn) {
logger.debug(`Instrumenting ${moduleName}.open`);
return function openWrapper() {
const parameters = Array.prototype.slice.apply(arguments);
const interceptedArgs = [arguments[0]];
Expand All @@ -128,7 +129,7 @@ function openHook(shim, mod, moduleName) {
parameters[0] = arguments[0];
}
}
if (request && typeof parameters[0] === STRING && !lodash.isEmpty(parameters[0]) ) {
if (request && typeof parameters[0] === STRING && !lodash.isEmpty(parameters[0])) {
const policy = API.getPolicy();
const dynamicScanningFlag = policy.data ? policy.data.vulnerabilityScan.iastScan.enabled : false;
const url = request.url;
Expand All @@ -151,14 +152,14 @@ function openHook(shim, mod, moduleName) {
this.secEvent = API.generateSecEvent(secMetadata);
API.sendEvent(this.secEvent);
const callbackFlag = isCallback(arguments);
if (callbackFlag && request.headers[NR_CSEC_FUZZ_REQUEST_ID]) {
if (callbackFlag && request.headers[NR_CSEC_FUZZ_REQUEST_ID]) {
callbackHook(shim, arguments[3], 'oncomplete', this.secEvent);
}
}

}
const result = fn.apply(this, arguments);
if(result>0 && request && request.headers[NR_CSEC_FUZZ_REQUEST_ID]){
if (result > 0 && request && request.headers[NR_CSEC_FUZZ_REQUEST_ID]) {
//here generate exit event.
API.generateExitEvent(this.secEvent);
delete this.secEvent;
Expand All @@ -177,18 +178,19 @@ function openHook(shim, mod, moduleName) {
function probableToFAHooks(shim, mod, moduleName) {
functionsProbableToFA.forEach(function (fun) {
shim.wrap(mod, fun, function makeFAWrapper(shim, fn) {
logger.debug(`Instrumenting ${moduleName}.${fun}`);
return function FAWrapper() {
const interceptedArgs = [arguments[0]];
shim.interceptedArgs = interceptedArgs;
const request = requestManager.getRequest(shim);
if (request && typeof arguments[0] === STRING && !lodash.isEmpty(arguments[0])) {
if (request && typeof arguments[0] === STRING && !lodash.isEmpty(arguments[0])) {
const traceObject = secUtils.getTraceObject(shim);
const secMetadata = securityMetaData.getSecurityMetaData(request, interceptedArgs, traceObject, secUtils.getExecutionId(), EVENT_TYPE.FILE_OPERATION, EVENT_CATEGORY.FILE)
this.secEvent = API.generateSecEvent(secMetadata);
API.sendEvent(this.secEvent);
const callbackFlag = isCallback(arguments);
if (callbackFlag && request.headers[NR_CSEC_FUZZ_REQUEST_ID]) {
callbackHook(shim, arguments, arguments.length-1, this.secEvent);
if (callbackFlag && request.headers[NR_CSEC_FUZZ_REQUEST_ID]) {
callbackHook(shim, arguments, arguments.length - 1, this.secEvent);
}
}
return fn.apply(this, arguments);
Expand All @@ -206,11 +208,12 @@ function probableToFAHooks(shim, mod, moduleName) {
function probableToFIHooks(shim, mod, moduleName) {
functionProbableToFI.forEach(function (fun) {
shim.wrap(mod, fun, function makeFIWrapper(shim, fn) {
logger.debug(`Instrumenting ${moduleName}.${fun}`);
return function FIWrapper() {
const interceptedArgs = [arguments[0]];
shim.interceptedArgs = interceptedArgs;
const request = requestManager.getRequest(shim);
if (request && typeof arguments[0] === STRING && !lodash.isEmpty(arguments[0])) {
if (request && typeof arguments[0] === STRING && !lodash.isEmpty(arguments[0])) {
const traceObject = secUtils.getTraceObject(shim);
if (fun === COPY_FILE || fun === RENAME) {
const secMetadata = securityMetaData.getSecurityMetaData(request, arguments[1], traceObject, secUtils.getExecutionId(), getCase(arguments[1]), EVENT_CATEGORY.FILE)
Expand All @@ -222,7 +225,7 @@ function probableToFIHooks(shim, mod, moduleName) {
API.sendEvent(this.secEvent);
const callbackFlag = isCallback(arguments);
if (callbackFlag && request.headers[NR_CSEC_FUZZ_REQUEST_ID]) {
callbackHook(shim, arguments, arguments.length-1, this.secEvent);
callbackHook(shim, arguments, arguments.length - 1, this.secEvent);
}
}
return fn.apply(this, arguments);
Expand All @@ -239,12 +242,13 @@ function probableToFIHooks(shim, mod, moduleName) {
*/
function probablePromiseToFAHooks(shim, mod, moduleName) {
promiseFunctionsProbableToFA.forEach(function (fun) {
logger.debug(`Instrumenting Promise ${moduleName}.${fun}`);
shim.wrap(mod, fun, function makeFAWrapper(shim, fn) {
return function FAWrapper() {
const interceptedArgs = [arguments[0]];
shim.interceptedArgs = interceptedArgs;
const request = requestManager.getRequest(shim);
if (request && typeof arguments[0] === STRING && !lodash.isEmpty(arguments[0])) {
if (request && typeof arguments[0] === STRING && !lodash.isEmpty(arguments[0])) {
const traceObject = secUtils.getTraceObject(shim);
const secMetadata = securityMetaData.getSecurityMetaData(request, interceptedArgs, traceObject, secUtils.getExecutionId(), EVENT_TYPE.FILE_OPERATION, EVENT_CATEGORY.FILE)
this.secEvent = API.generateSecEvent(secMetadata);
Expand All @@ -264,12 +268,13 @@ function probablePromiseToFAHooks(shim, mod, moduleName) {
*/
function probablePromiseToFIHooks(shim, mod, moduleName) {
promiseFunctionProbableToFI.forEach(function (fun) {
logger.debug(`Instrumenting Promise ${moduleName}.${fun}`);
shim.wrap(mod, fun, function makeFIWrapper(shim, fn) {
return function FIWrapper() {
const interceptedArgs = [arguments[0]];
shim.interceptedArgs = interceptedArgs;
const request = requestManager.getRequest(shim);
if (request && typeof arguments[0] === STRING && !lodash.isEmpty(arguments[0])) {
if (request && typeof arguments[0] === STRING && !lodash.isEmpty(arguments[0])) {
const traceObject = secUtils.getTraceObject(shim);
if (fun === COPY_FILE || fun === RENAME) {
const secMetadata = securityMetaData.getSecurityMetaData(request, arguments[1], traceObject, secUtils.getExecutionId(), getCase(arguments[1]), EVENT_CATEGORY.FILE)
Expand Down
3 changes: 2 additions & 1 deletion lib/instrumentation-security/hooks/hapi/nr-hapi.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ module.exports = function initialize(shim, hapi, moduleName) {
return
}

logger.info("Instrumenting Hapi")
logger.info(`Instrumenting ${moduleName}`);
// 'Server' and 'server' both point to the same export,
// but we can't make any assumption about which will be used.
// Since we wrap the prototype, the second wrap should exit early.
Expand All @@ -49,6 +49,7 @@ function serverPostConstructor(shim) {
*/
function wrapProtoRoute(shim, proto) {
shim.wrap(proto, 'route', function wrapRoute(shim, original) {
logger.debug(`Instrumenting ${proto}.route`);
return function wrappedRoute() {
const args = shim.argsToArray.apply(shim, arguments)
if (!shim.isObject(args[0])) {
Expand Down
7 changes: 5 additions & 2 deletions lib/instrumentation-security/hooks/http/nr-http.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ const CSEC_HOME_TMP = `${CSEC_HOME}/nr-security-home/tmp/language-agent/${proces
* @param {*} moduleName
*/
function initialize(shim, mod, moduleName) {
logger.info('Instrumenting HTTP module');
logger.info(`Instrumenting ${moduleName}`);
emitHook(shim, mod, moduleName);
createServerHook(shim, mod, moduleName);
outboundHook(shim, mod, 'request', moduleName);
Expand Down Expand Up @@ -87,6 +87,7 @@ function setupRequestMapCleanup() {
* @param {*} moduleName
*/
function outboundHook(shim, mod, method, moduleName) {
logger.debug(`Instrumenting ${moduleName}.${method}`);
shim.wrap(mod, method, function makeRequestWrapper(shim, fn) {
return function requestWrapper() {
const request = requestManager.getRequest(shim);
Expand Down Expand Up @@ -255,6 +256,7 @@ function addRequestData(shim, request) {
*/
function emitHook(shim, mod, moduleName) {
shim.wrap(mod && mod.Server && mod.Server.prototype, 'emit', function makeEmitWrapper(shim, fn) {
logger.debug(`Instrumenting ${moduleName}.Server.prototype.emit`);
return function emitWrapper() {
const req = arguments[1];
const resp = arguments[2];
Expand Down Expand Up @@ -292,8 +294,9 @@ function emitHook(shim, mod, moduleName) {
* @param {*} shim
* @param {*} mod
*/
function createServerHook(shim, mod) {
function createServerHook(shim, mod, moduleName) {
shim.wrap(mod, 'createServer', function createServerWrapper(shim, fn) {
logger.debug(`Instrumenting ${moduleName}.createServer`);
return function wrappedCreateServer() {
shim.wrap(arguments, '0', function appWrapper(shim, fn) {
return function wrappedApp() {
Expand Down
4 changes: 3 additions & 1 deletion lib/instrumentation-security/hooks/koa/@koa/nr-@koa-router.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ const logger = API.getLogger();
* @param {*} moduleName
*/
function initialize(shim, mod, moduleName) {
logger.info('Instrumenting @koa/router');
logger.info(`Instrumenting ${moduleName}`);
const VerbMethods = ['all', 'delete', 'get', 'head', 'opts', 'post', 'put', 'patch'];

// RouteMap hooks
Expand All @@ -29,6 +29,7 @@ function initialize(shim, mod, moduleName) {
if (!shim.isFunction(fn)) {
return fn
}
logger.debug(`Instrumenting ${moduleName}.prototype.${fun}`);
return function wrappedRoute() {
try {
const stakTrace = secUtils.traceElementForRoute();
Expand Down Expand Up @@ -59,6 +60,7 @@ function initialize(shim, mod, moduleName) {
*/
function paramHook(shim, mod, moduleName) {
shim.wrap(mod && mod.prototype, 'params', function wrapMatch(shim, fn) {
logger.debug(`Instrumenting ${moduleName}.prototype.params`);
return function wrappedMatch() {
const segment = shim.getActiveSegment();
if (segment && segment.transaction) {
Expand Down
1 change: 1 addition & 0 deletions lib/instrumentation-security/hooks/ldap/nr-ldap.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ function initialize(shim, mod, moduleName){
*/
function ldapHooks(shim, mod, methodName, moduleName){
shim.wrap(mod, methodName, function makeWrapper(shim,fn){
logger.debug(`Instrumenting ${moduleName}.${methodName}`);
return function wrapper(){
const param = {};
param.name = arguments[0];
Expand Down
2 changes: 2 additions & 0 deletions lib/instrumentation-security/hooks/mongodb/common.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ function payloadType(obj) {

function queryHook(shim, mod, method) {
shim.wrap(mod, method, function makeQueryWrapper(shim, fn) {
logger.debug(`Instrumenting mongodb.${method}`);
return function queryWrapper() {
const request = requestManager.getRequest(shim);
if (CURSOR_OPS.includes(method)) {
Expand Down Expand Up @@ -194,6 +195,7 @@ function callbackHook(shim, mod, fun, secEvent) {

common.queryHookV2 = function queryHookV2(shim, mod, method) {
shim.wrap(mod, method, function makeQueryWrapper(shim, fn) {
logger.debug(`Instrumenting mongodb.${method}`);
return function queryWrapper() {
const request = requestManager.getRequest(shim);
if (CURSOR_OPS.includes(method)) {
Expand Down
2 changes: 1 addition & 1 deletion lib/instrumentation-security/hooks/mongodb/nr-mongodb.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ module.exports = initialize;
* @param {Shim} shim
*/
function initialize(shim, mongodb, moduleName) {
logger.info("Instrumenting Mongodb");
logger.info(`Instrumenting ${moduleName}`);
if (!mongodb) {
return;
}
Expand Down
7 changes: 5 additions & 2 deletions lib/instrumentation-security/hooks/mysql/nr-mysql.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ const symbols = {
createPoolCluster: Symbol('createPoolCluster'),
wrappedPoolConnection: Symbol('wrappedPoolConnection')
}

let modName = '';
module.exports = initialize;

/**
Expand All @@ -28,6 +28,7 @@ module.exports = initialize;
* @param {*} moduleName
*/
function initialize(shim, mysql, moduleName) {
modName = moduleName;
logger.info("Instrumenting", moduleName);
if (shim._moduleRoot.includes("mysql2")) {
promiseInitialize(shim, mysql, moduleName);
Expand Down Expand Up @@ -119,6 +120,7 @@ function wrapGetConnection(shim, connectable) {

const proto = Object.getPrototypeOf(connectable);
shim.wrap(proto, "getConnection", function doWrapGetConnection(shim, fn) {
logger.debug(`Instrumenting ${modName}.getConnection`);
return function wrappedGetConnection() {
const args = shim.toArray(arguments);
const cbIdx = args.length - 1;
Expand Down Expand Up @@ -208,7 +210,7 @@ function extractQueryArgs(shim, args) {
// query(opts [, values], callback)
rawQuery = args[0].sql;
try {
if (args[0].values && typeof args[0].values == 'object') {
if (args[0].values && typeof args[0].values == 'object') {
param = Object.values(args[0].values)
}
} catch (error) {
Expand Down Expand Up @@ -240,6 +242,7 @@ function extractQueryArgs(shim, args) {
*/
function queryHook(shim, mod, method, isPoolQuery) {
shim.wrap(mod, method, function makeQueryWrapper(shim, fn) {
logger.debug(`Instrumenting ${modName}.${method}`);
return function queryWrapper() {
const parameters = extractQueryArgs(shim, arguments);
shim.interceptedArgs = parameters;
Expand Down
3 changes: 3 additions & 0 deletions lib/instrumentation-security/hooks/native/nr-childProcess.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ function initialize(shim, childProcess, moduleName) {
*/
function execFileHook(shim, childProcess, moduleName) {
shim.wrap(childProcess, "execFile", function makeWrapper(shim, fn) {
logger.debug(`Instrumenting ${moduleName}.execFile`);
return function wrapper() {
const interceptedArgs = [arguments[0]];
shim.interceptedArgs = interceptedArgs;
Expand Down Expand Up @@ -54,6 +55,7 @@ function execFileHook(shim, childProcess, moduleName) {
*/
function spawnSyncHook(shim, childProcess, moduleName) {
shim.wrap(childProcess, "spawn", function makeWrapper(shim, fn) {
logger.debug(`Instrumenting ${moduleName}.spawnSync`);
return function wrapper() {
const interceptedArgs = arguments[0].args;
shim.interceptedArgs = interceptedArgs;
Expand Down Expand Up @@ -83,6 +85,7 @@ function spawnSyncHook(shim, childProcess, moduleName) {
*/
function spawnHook(shim, childProcess, moduleName) {
shim.wrap(childProcess, "spawn", function makeWrapper(shim, fn) {
logger.debug(`Instrumenting ${moduleName}.spawn`);
return function wrapper() {
let param = [];
param.push(arguments[0]);
Expand Down
1 change: 1 addition & 0 deletions lib/instrumentation-security/hooks/postgres/nr-postgres.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@ module.exports = function initialize(shim, pgsql, moduleName) {

function queryHook(shim, mod, method){
shim.wrap(mod, method, function makeQueryWrapper(shim, fn){
logger.debug(`Instrumenting pg.${method}`);
return function queryWrapper(){
const request = requestManager.getRequest(shim);
const sqlArgs = [];
Expand Down
4 changes: 3 additions & 1 deletion lib/instrumentation-security/hooks/restify/nr-restify.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,13 @@ const logger = API.getLogger();
* @param {*} moduleName
*/
function initialize(shim, mod, moduleName) {
logger.info('Instrumenting Restify');
logger.info(`Instrumenting ${moduleName}`);
try {
const registryRadix = shim.require("./lib/routerRegistryRadix");

//routerRadix hook
shim.wrap(registryRadix && registryRadix.prototype, 'add', function makeWrapper(shim, fn) {
logger.info(`Instrumenting registryRadix.prototype.add`);
return function wrapper() {
if (arguments[0]) {
try {
Expand All @@ -47,6 +48,7 @@ function initialize(shim, mod, moduleName) {
const router = shim.require("./lib/router");

shim.wrap(router && router.prototype, 'lookup', function lookupWrapper(shim, fn) {
logger.info(`Instrumenting router.prototype.lookup`);
return function wrappedLookup() {
const result = fn.apply(this, arguments);
extractParams(shim, arguments[0]);
Expand Down
6 changes: 4 additions & 2 deletions lib/instrumentation-security/hooks/xpath/nr-xpath.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ function initialize(shim, mod, moduleName){
xpathHooks(shim, mod, 'useNamespaces', moduleName);
}
else if(moduleName==='xpath.js'){
wrappedXPathDotJS(shim, mod);
wrappedXPathDotJS(shim, mod, moduleName);
}

}
Expand All @@ -40,6 +40,7 @@ function initialize(shim, mod, moduleName){
*/
function xpathHooks(shim, mod, methodName, moduleName){
shim.wrap(mod, methodName, function makeWrapper(shim,fn){
logger.debug(`Instrumenting ${moduleName}.${methodName}`);
return function wrapper(){
const interceptedArgs = [arguments[0]];
shim.interceptedArgs = interceptedArgs;
Expand Down Expand Up @@ -67,8 +68,9 @@ function xpathHooks(shim, mod, methodName, moduleName){
* @param {*} shim
* @param {*} mod
*/
function wrappedXPathDotJS(shim, mod){
function wrappedXPathDotJS(shim, mod, moduleName){
const wrappedExport = shim.wrapExport(mod, function wrapXpathJSModule(shim, fn) {
logger.debug(`Instrumenting ${moduleName}`);
return function wrappedXpathJSModule() {
const interceptedArgs = [arguments[1]];
shim.interceptedArgs = interceptedArgs;
Expand Down

0 comments on commit 1c181fd

Please sign in to comment.