bindings

package

v4.0.0 Latest Latest Go to latest Published: May 12, 2025 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/DataDog/go-libddwaf

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Constants
type WAFBuilder
type WAFConfig
type WAFConfigLimits
type WAFConfigObfuscator
type WAFContext
type WAFHandle
type WAFLib
- func NewWAFLib() (dl *WAFLib, err error)
type WAFObject
type WAFObjectType
- func (w WAFObjectType) String() string
type WAFResult
type WAFReturnCode

Constants ¶

View Source

const (
	MaxStringLength   = 4096
	MaxContainerDepth = 20
	MaxContainerSize  = 256
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type WAFBuilder ¶

type WAFBuilder uintptr

WAFBuilder is a forward declaration in ddwaf.h header We basically don't need to modify it, only to give it to the waf

type WAFConfig ¶

type WAFConfig struct {
	Limits     WAFConfigLimits
	Obfuscator WAFConfigObfuscator
	FreeFn     uintptr
	// contains filtered or unexported fields
}

type WAFConfigLimits ¶

type WAFConfigLimits struct {
	MaxContainerSize  uint32
	MaxContainerDepth uint32
	MaxStringLength   uint32
	// contains filtered or unexported fields
}

type WAFConfigObfuscator ¶

type WAFConfigObfuscator struct {
	KeyRegex   uintptr // char *
	ValueRegex uintptr // char *
	// contains filtered or unexported fields
}

type WAFContext ¶

type WAFContext uintptr

WAFContext is a forward declaration in ddwaf.h header We basically don't need to modify it, only to give it to the waf

type WAFHandle ¶

type WAFHandle uintptr

WAFHandle is a forward declaration in ddwaf.h header We basically don't need to modify it, only to give it to the waf

type WAFLib ¶

type WAFLib struct {
	// contains filtered or unexported fields
}

WAFLib is the type wrapper for all C calls to the waf It uses `libwaf` to make C calls All calls must go through this one-liner to be type safe since purego calls are not type safe

func NewWAFLib ¶

func NewWAFLib() (dl *WAFLib, err error)

NewWAFLib loads the libddwaf shared library and resolves all tge relevant symbols. The caller is responsible for calling wafDl.Close on the returned object once they are done with it so that associated resources can be released.

func (*WAFLib) BuilderAddOrUpdateConfig ¶

func (waf *WAFLib) BuilderAddOrUpdateConfig(builder WAFBuilder, path string, config *WAFObject, diags *WAFObject) bool

BuilderAddOrUpdateConfig adds or updates a configuration based on the given path, which must be a unique identifier for the provided configuration. Returns false in case of an error.

func (*WAFLib) BuilderBuildInstance ¶

func (waf *WAFLib) BuilderBuildInstance(builder WAFBuilder) WAFHandle

BuilderBuildInstance builds a WAF instance based on the current set of configurations. Returns nil in case of an error.

func (*WAFLib) BuilderDestroy ¶

func (waf *WAFLib) BuilderDestroy(builder WAFBuilder)

BuilderDestroy destroys a WAF builder instance.

func (*WAFLib) BuilderGetConfigPaths ¶

func (waf *WAFLib) BuilderGetConfigPaths(builder WAFBuilder, filter string) []string

BuilderGetConfigPaths returns the list of currently loaded paths. Returns nil in case of an error.

func (*WAFLib) BuilderInit ¶

func (waf *WAFLib) BuilderInit(cfg *WAFConfig) WAFBuilder

BuilderInit initializes a new WAF builder with the provided configuration, which may be nil. Returns nil in case of an error.

func (*WAFLib) BuilderRemoveConfig ¶

func (waf *WAFLib) BuilderRemoveConfig(builder WAFBuilder, path string) bool

BuilderRemoveConfig removes a configuration based on the provided path. Returns false in case of an error.

func (*WAFLib) Close ¶

func (waf *WAFLib) Close() error

func (*WAFLib) ContextDestroy ¶

func (waf *WAFLib) ContextDestroy(context WAFContext)

func (*WAFLib) ContextInit ¶

func (waf *WAFLib) ContextInit(handle WAFHandle) WAFContext

func (*WAFLib) Destroy ¶

func (waf *WAFLib) Destroy(handle WAFHandle)

Destroy destroys a WAF instance.

func (*WAFLib) GetVersion ¶

func (waf *WAFLib) GetVersion() string

GetVersion returned string is a static string so we do not need to free it

func (*WAFLib) Handle ¶

func (waf *WAFLib) Handle() uintptr

func (*WAFLib) KnownActions ¶

func (waf *WAFLib) KnownActions(handle WAFHandle) []string

func (*WAFLib) KnownAddresses ¶

func (waf *WAFLib) KnownAddresses(handle WAFHandle) []string

func (*WAFLib) ObjectFree ¶

func (waf *WAFLib) ObjectFree(obj *WAFObject)

func (*WAFLib) ResultFree ¶

func (waf *WAFLib) ResultFree(result *WAFResult)

func (*WAFLib) Run ¶

func (waf *WAFLib) Run(context WAFContext, persistentData, ephemeralData *WAFObject, result *WAFResult, timeout uint64) WAFReturnCode

func (*WAFLib) SetLogCb ¶

func (waf *WAFLib) SetLogCb(cb uintptr, level log.Level)

SetLogCb sets the log callback function for the WAF.

type WAFObject ¶

type WAFObject struct {
	ParameterName       uintptr
	ParameterNameLength uint64
	Value               uintptr
	NbEntries           uint64
	Type                WAFObjectType
	// contains filtered or unexported fields
}

func (*WAFObject) IsArray ¶

func (w *WAFObject) IsArray() bool

IsArray determines whether this WAF Object is an array or not.

func (*WAFObject) IsInvalid ¶

func (w *WAFObject) IsInvalid() bool

IsInvalid determines whether this WAF Object has the invalid type (which is the 0-value).

func (*WAFObject) IsMap ¶

func (w *WAFObject) IsMap() bool

IsMap determines whether this WAF Object is a map or not.

func (*WAFObject) IsNil ¶

func (w *WAFObject) IsNil() bool

IsNil determines whether this WAF Object is nil or not.

func (*WAFObject) IsUnusable ¶

func (w *WAFObject) IsUnusable() bool

IsUnusable returns true if the wafObject has no impact on the WAF execution But we still need this kind of objects to forward map keys in case the value of the map is invalid

func (*WAFObject) SetArray ¶

func (w *WAFObject) SetArray(pinner pin.Pinner, capacity uint64) []WAFObject

SetArray sets the receiving WAFObject to a new array with the given capacity.

func (*WAFObject) SetMap ¶

func (w *WAFObject) SetMap(pinner pin.Pinner, capacity uint64) []WAFObject

SetMap sets the receiving WAFObject to a new map with the given capacity.

func (*WAFObject) SetMapKey ¶

func (w *WAFObject) SetMapKey(pinner pin.Pinner, key string)

SetMapKey sets the receiving WAFObject to a new map key with the given string.

func (*WAFObject) SetString ¶

func (w *WAFObject) SetString(pinner pin.Pinner, str string)

SetString sets the receiving WAFObject value to the given string.

type WAFObjectType ¶

type WAFObjectType uint32

WAFObjectType is an enum in C which has the size of DWORD. But DWORD is 4 bytes in amd64 and arm64 so uint32 it is.

const (
	WAFIntType WAFObjectType = 1 << iota
	WAFUintType
	WAFStringType
	WAFArrayType
	WAFMapType
	WAFBoolType
	WAFFloatType
	WAFNilType
)

const WAFInvalidType WAFObjectType = 0

func (WAFObjectType) String ¶

func (w WAFObjectType) String() string

type WAFResult ¶

type WAFResult struct {
	Timeout      byte
	Events       WAFObject
	Actions      WAFObject
	Derivatives  WAFObject
	TotalRuntime uint64
	// contains filtered or unexported fields
}

type WAFReturnCode ¶

type WAFReturnCode int32

const (
	WAFErrInternal WAFReturnCode = iota - 3
	WAFErrInvalidObject
	WAFErrInvalidArgument
	WAFOK
	WAFMatch
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL