Use abortController.signal.reason instead of abortData object

DataDog · Jun 13, 2024 · 983dd0c · 983dd0c
1 parent 3c4ebb7
commit 983dd0c
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 16 deletions.
diff --git a/integration-tests/appsec/index.spec.js b/integration-tests/appsec/index.spec.js
@@ -1,10 +1,10 @@
 'use strict'
 
 const getPort = require('get-port')
-const { createSandbox, FakeAgent, spawnProc } = require('../helpers')
 const path = require('path')
 const Axios = require('axios')
 const { assert } = require('chai')
+const { createSandbox, FakeAgent, spawnProc } = require('../helpers')
 
 describe('RASP', () => {
   let axios, sandbox, cwd, appPort, appFile, agent, proc, stdioHandler
@@ -51,15 +51,19 @@ describe('RASP', () => {
     stdioHandler = () => {
       hasOutput = true
     }
+
     try {
       await axios.get(`${path}?host=ifconfig.pro`)
+
       assert.fail('Request should have failed')
     } catch (e) {
       if (!e.response) {
         throw e
       }
+
       assert.strictEqual(e.response.status, 403)
     }
+
     return new Promise((resolve, reject) => {
       setTimeout(() => {
         if (hasOutput) {
@@ -75,13 +79,13 @@ describe('RASP', () => {
     it('should block when error is unhandled', async () => {
       try {
         await axios.get('/ssrf/http/unhandled-error?host=ifconfig.pro')
+
         assert.fail('Request should have failed')
       } catch (e) {
         assert.strictEqual(e.response.status, 403)
       }
     })
 
-    // Not implemented yet
     it('should not crash the app when app send data after blocking', () => {
       return testNotCrashedAfterBlocking('/ssrf/http/unhandled-async-write-A')
     })

diff --git a/integration-tests/appsec/rasp/index.js b/integration-tests/appsec/rasp/index.js
@@ -1,8 +1,9 @@
 'use strict'
 
+require('dd-trace').init()
+
 const path = require('path')
 const fs = require('fs')
-require('dd-trace').init()
 
 const http = require('https')
 const express = require('express')

diff --git a/packages/datadog-instrumentations/src/http/client.js b/packages/datadog-instrumentations/src/http/client.js
@@ -44,7 +44,7 @@ function createAbortedClientRequest (http, args) {
   return new ClientRequest({
     _defaultAgent: http.globalAgent, // needed to support http and https
     ...args.options,
-    agent: {
+    agent: { // noop agent, to prevent doing a real request
       addRequest: noop
     }
   })
@@ -68,11 +68,9 @@ function patch (http, methodName) {
         return request.apply(this, arguments)
       }
 
-      const abortData = {
-        abortController: new AbortController()
-      }
+      const abortController = new AbortController()
 
-      const ctx = { args, http, abortData }
+      const ctx = { args, http, abortController }
 
       return startChannel.runStores(ctx, () => {
         let finished = false
@@ -97,11 +95,11 @@ function patch (http, methodName) {
 
         try {
           let req
-          if (abortData.abortController?.signal.aborted) {
+          if (abortController.signal.aborted) {
             req = createAbortedClientRequest(http, args)
 
             process.nextTick(() => {
-              req.emit('error', abortData.error || new Error('Aborted'))
+              req.emit('error', abortController.signal.reason || new Error('Aborted'))
             })
           } else {
             req = request.call(this, options, callback)

diff --git a/packages/datadog-instrumentations/src/http/server.js b/packages/datadog-instrumentations/src/http/server.js
@@ -172,7 +172,7 @@ function wrapSetHeader (setHeader) {
     const setHeaderResult = setHeader.apply(this, arguments)
 
     if (finishSetHeaderCh.hasSubscribers) {
-      finishSetHeaderCh.publish({ name, value, res })
+      finishSetHeaderCh.publish({ name, value, res: this })
     }
 
     return setHeaderResult

diff --git a/packages/dd-trace/src/appsec/rasp.js b/packages/dd-trace/src/appsec/rasp.js
@@ -57,14 +57,13 @@ function analyzeSsrf (ctx) {
   const actions = waf.run({ persistent }, req, RULE_TYPES.SSRF)
 
   const res = store?.res
-  handleResult(actions, req, res, ctx.abortData)
+  handleResult(actions, req, res, ctx.abortController)
 }
 
-function handleResult (actions, req, res, abortData) {
+function handleResult (actions, req, res, abortController) {
   const blockingAction = getBlockingAction(actions)
-  if (blockingAction && abortData) {
-    abortData.abortController.abort()
-    abortData.error = new AbortError(req, res, blockingAction)
+  if (blockingAction && abortController) {
+    abortController.abort(new AbortError(req, res, blockingAction))
   }
 }