Remove proxyquire references to not iast modules from iast test (#2378)

DataDog · Sep 15, 2022 · 96d0c90 · 96d0c90
1 parent 183cd83
commit 96d0c90
Show file tree

Hide file tree

Showing 8 changed files with 534 additions and 369 deletions.
diff --git a/packages/dd-trace/src/appsec/iast/analyzers/vulnerability-analyzer.js b/packages/dd-trace/src/appsec/iast/analyzers/vulnerability-analyzer.js
@@ -2,7 +2,7 @@
 
 const Plugin = require('../../../../src/plugins/plugin')
 const { storage } = require('../../../../../datadog-core')
-const { getFirstNonDDPathAndLine } = require('./../path-line')
+const { getFirstNonDDPathAndLine } = require('../path-line')
 const { createVulnerability, addVulnerability } = require('../vulnerability-reporter')
 const { getIastContext } = require('../iast-context')
 const overheadController = require('../overhead-controller')

diff --git a/packages/dd-trace/src/appsec/iast/index.js b/packages/dd-trace/src/appsec/iast/index.js
@@ -4,8 +4,7 @@ const web = require('../../plugins/util/web')
 const { storage } = require('../../../../datadog-core')
 const overheadController = require('./overhead-controller')
 const dc = require('diagnostics_channel')
-const { saveIastContext, getIastContext, cleanIastContext } = require('./iast-context')
-
+const iastContextFunctions = require('./iast-context')
 // TODO Change to `apm:http:server:request:[start|close]` when the subscription
 //  order of the callbacks can be enforce
 const requestStart = dc.channel('dd-trace:incomingHttpRequestStart')
@@ -33,7 +32,7 @@ function onIncomingHttpRequestStart (data) {
         const rootSpan = topContext.span
         const isRequestAcquired = overheadController.acquireRequest(rootSpan)
         if (isRequestAcquired) {
-          const iastContext = saveIastContext(store, topContext, { rootSpan, req: data.req })
+          const iastContext = iastContextFunctions.saveIastContext(store, topContext, { rootSpan, req: data.req })
           overheadController.initializeRequestContext(iastContext)
         }
       }
@@ -44,13 +43,12 @@ function onIncomingHttpRequestStart (data) {
 function onIncomingHttpRequestEnd (data) {
   if (data && data.req) {
     const store = storage.getStore()
-    const iastContext = getIastContext(storage.getStore())
+    const iastContext = iastContextFunctions.getIastContext(storage.getStore())
     if (iastContext && iastContext.rootSpan) {
-      overheadController.releaseRequest()
       sendVulnerabilities(iastContext, iastContext.rootSpan)
     }
     // TODO web.getContext(data.req) is required when the request is aborted
-    if (cleanIastContext(store, web.getContext(data.req), iastContext)) {
+    if (iastContextFunctions.cleanIastContext(store, web.getContext(data.req), iastContext)) {
       overheadController.releaseRequest()
     }
   }

diff --git a/packages/dd-trace/src/appsec/iast/path-line.js b/packages/dd-trace/src/appsec/iast/path-line.js
@@ -51,6 +51,9 @@ function getFirstNonDDPathAndLineFromCallsites (callsites) {
 function isExcluded (callsite) {
   if (callsite.isNative()) return true
   const filename = callsite.getFileName()
+  if (!filename) {
+    return true
+  }
   for (let i = 0; i < EXCLUDED_PATHS.length; i++) {
     if (filename.indexOf(EXCLUDED_PATHS[i]) > -1) {
       return true

diff --git a/packages/dd-trace/test/appsec/iast/analyzers/vulnerability-analyzer.spec.js b/packages/dd-trace/test/appsec/iast/analyzers/vulnerability-analyzer.spec.js
@@ -30,7 +30,7 @@ describe('vulnerability-analyzer', () => {
     }
     VulnerabilityAnalyzer = proxyquire('../../../../src/appsec/iast/analyzers/vulnerability-analyzer', {
       '../vulnerability-reporter': vulnerabilityReporter,
-      './../path-line': pathLine,
+      '../path-line': pathLine,
       '../overhead-controller': overheadController,
       '../iast-context': iastContextHandler
     })