Skip to content

Commit 3c96b70

Browse files
sezen-datadogsezen-datadog
committed
pr
1 parent 128c062 commit 3c96b70

File tree

3 files changed

+23
-15
lines changed

3 files changed

+23
-15
lines changed

dd-java-agent/appsec/src/main/java/com/datadog/appsec/gateway/AppSecRequestContext.java

+3-3
Original file line numberDiff line numberDiff line change
@@ -77,9 +77,9 @@ public class AppSecRequestContext implements DataBundle, Closeable {
7777
public static final Set<String> RESPONSE_HEADERS_ALLOW_LIST =
7878
new TreeSet<>(
7979
Arrays.asList("content-length", "content-type", "content-encoding", "content-language"));
80-
private static final int DD_WAF_RUN_INTERNAL_ERROR = -3;
81-
private static final int DD_WAF_RUN_INVALID_OBJECT_ERROR = -2;
82-
private static final int DD_WAF_RUN_INVALID_ARGUMENT_ERROR = -1;
80+
public static final int DD_WAF_RUN_INTERNAL_ERROR = -3;
81+
public static final int DD_WAF_RUN_INVALID_OBJECT_ERROR = -2;
82+
public static final int DD_WAF_RUN_INVALID_ARGUMENT_ERROR = -1;
8383

8484
static {
8585
REQUEST_HEADERS_ALLOW_LIST.addAll(DEFAULT_REQUEST_HEADERS_ALLOW_LIST);

dd-java-agent/appsec/src/test/groovy/com/datadog/appsec/gateway/AppSecRequestContextSpecification.groovy

+6-6
Original file line numberDiff line numberDiff line change
@@ -293,14 +293,14 @@ class AppSecRequestContextSpecification extends DDSpecification {
293293

294294
def "test increase and get RaspErrors"() {
295295
when:
296-
ctx.increaseRaspErrorCode(-3)
297-
ctx.increaseRaspErrorCode(-3)
298-
ctx.increaseRaspErrorCode(-2)
296+
ctx.increaseRaspErrorCode(AppSecRequestContext.DD_WAF_RUN_INTERNAL_ERROR)
297+
ctx.increaseRaspErrorCode(AppSecRequestContext.DD_WAF_RUN_INTERNAL_ERROR)
298+
ctx.increaseRaspErrorCode(AppSecRequestContext.DD_WAF_RUN_INVALID_OBJECT_ERROR)
299299

300300
then:
301-
ctx.getRaspError(-3) == 2
302-
ctx.getRaspError(-2) == 1
303-
ctx.getRaspError(-1) == 0
301+
ctx.getRaspError(AppSecRequestContext.DD_WAF_RUN_INTERNAL_ERROR) == 2
302+
ctx.getRaspError(AppSecRequestContext.DD_WAF_RUN_INVALID_OBJECT_ERROR) == 1
303+
ctx.getRaspError(AppSecRequestContext.DD_WAF_RUN_INVALID_ARGUMENT_ERROR) == 0
304304
ctx.getRaspError(0) == 0
305305
}
306306
}

internal-api/src/test/groovy/datadog/trace/api/telemetry/WafMetricCollectorTest.groovy

+14-6
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,9 @@ import java.util.concurrent.TimeUnit
88

99
class WafMetricCollectorTest extends DDSpecification {
1010

11+
public static final int DD_WAF_RUN_INTERNAL_ERROR = -3
12+
public static final int DD_WAF_RUN_INVALID_OBJECT_ERROR = -2
13+
1114
def "no metrics - drain empty list"() {
1215
when:
1316
WafMetricCollector.get().prepareMetrics()
@@ -32,8 +35,8 @@ class WafMetricCollectorTest extends DDSpecification {
3235
WafMetricCollector.get().raspRuleMatch(RuleType.SQL_INJECTION)
3336
WafMetricCollector.get().raspRuleEval(RuleType.SQL_INJECTION)
3437
WafMetricCollector.get().raspTimeout(RuleType.SQL_INJECTION)
35-
WafMetricCollector.get().raspErrorCode(RuleType.SHELL_INJECTION, -3)
36-
WafMetricCollector.get().raspErrorCode(RuleType.SQL_INJECTION, -2)
38+
WafMetricCollector.get().raspErrorCode(RuleType.SHELL_INJECTION, DD_WAF_RUN_INTERNAL_ERROR)
39+
WafMetricCollector.get().raspErrorCode(RuleType.SQL_INJECTION, DD_WAF_RUN_INVALID_OBJECT_ERROR)
3740

3841
WafMetricCollector.get().prepareMetrics()
3942

@@ -144,15 +147,20 @@ class WafMetricCollectorTest extends DDSpecification {
144147
'rule_type:command_injection',
145148
'rule_variant:shell',
146149
'event_rules_version:rules.3',
147-
'waf_error:-3'
150+
'waf_error:' + DD_WAF_RUN_INTERNAL_ERROR
148151
].toSet()
149152

150153
def raspInvalidObjectCode = (WafMetricCollector.RaspError)metrics[11]
151154
raspInvalidObjectCode.type == 'count'
152155
raspInvalidObjectCode.value == 1
153156
raspInvalidObjectCode.namespace == 'appsec'
154157
raspInvalidObjectCode.metricName == 'rasp.error'
155-
raspInvalidObjectCode.tags.toSet() == ['rule_type:sql_injection', 'waf_version:waf_ver1', 'waf_error:-2'].toSet()
158+
raspInvalidObjectCode.tags.toSet() == [
159+
'rule_type:sql_injection',
160+
'waf_version:waf_ver1',
161+
'waf_error:' + DD_WAF_RUN_INVALID_OBJECT_ERROR
162+
]
163+
.toSet()
156164
}
157165

158166
def "overflowing WafMetricCollector does not crash"() {
@@ -326,7 +334,7 @@ class WafMetricCollectorTest extends DDSpecification {
326334
WafMetricCollector.get().raspRuleMatch(ruleType)
327335
WafMetricCollector.get().raspRuleEval(ruleType)
328336
WafMetricCollector.get().raspTimeout(ruleType)
329-
WafMetricCollector.get().raspErrorCode(ruleType, -3)
337+
WafMetricCollector.get().raspErrorCode(ruleType, DD_WAF_RUN_INTERNAL_ERROR)
330338
WafMetricCollector.get().prepareMetrics()
331339

332340
then:
@@ -378,7 +386,7 @@ class WafMetricCollectorTest extends DDSpecification {
378386
'rule_type:command_injection',
379387
'rule_variant:' + ruleType.variant,
380388
'event_rules_version:rules.1',
381-
'waf_error:-3'
389+
'waf_error:' + DD_WAF_RUN_INTERNAL_ERROR
382390
].toSet()
383391

384392
where:

0 commit comments

Comments
 (0)