wafrift-evolution 0.2.3

Genetic algorithm engine, differential analysis, intelligence feedback loop, and WAF-aware advisor.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

//! Build script: compile community-contributed differential probes
//! (`rules/probes/differential.toml`) into a Rust source file.

use serde::Deserialize;
use std::fs;
use std::path::Path;

#[derive(Deserialize)]
struct ProbesFile {
    baseline_payload: String,
    baseline_description: String,
    sql_keywords: Vec<String>,
    sql_operators: Vec<String>,
    sql_comments: Vec<String>,
    sql_tautologies: Vec<String>,
    #[serde(default)]
    xss_tag: Vec<TagOrFn>,
    xss_events: Vec<String>,
    #[serde(default)]
    xss_function: Vec<TagOrFn>,
    command_separators: Vec<String>,
    command_names: Vec<String>,
    command_paths: Vec<String>,
}

#[derive(Deserialize)]
struct TagOrFn {
    name: String,
    payload: String,
    expected_blocked: bool,
}

fn emit_str_array(out: &mut String, name: &str, values: &[String]) {
    out.push_str(&format!("pub(crate) const {name}: &[&str] = &[\n"));
    for v in values {
        out.push_str(&format!("    {:?},\n", v));
    }
    out.push_str("];\n\n");
}

fn emit_tagfn_array(out: &mut String, name: &str, values: &[TagOrFn]) {
    out.push_str(&format!(
        "pub(crate) const {name}: &[(&str, &str, bool)] = &[\n"
    ));
    for e in values {
        out.push_str(&format!(
            "    ({:?}, {:?}, {}),\n",
            e.name, e.payload, e.expected_blocked
        ));
    }
    out.push_str("];\n\n");
}

fn main() {
    let in_path = Path::new("rules/probes/differential.toml");
    let out_dir = std::env::var("OUT_DIR").unwrap();
    let out_path = Path::new(&out_dir).join("differential_data.rs");

    let raw =
        fs::read_to_string(in_path).unwrap_or_else(|e| panic!("read {}: {e}", in_path.display()));
    let parsed: ProbesFile =
        toml::from_str(&raw).unwrap_or_else(|e| panic!("parse {}: {e}", in_path.display()));

    let mut out = String::with_capacity(8192);
    out.push_str(
        "// Auto-generated by build.rs from rules/probes/differential.toml — do not edit.\n\n",
    );
    out.push_str(&format!(
        "pub(crate) const BASELINE_PAYLOAD: &str = {:?};\n",
        parsed.baseline_payload
    ));
    out.push_str(&format!(
        "pub(crate) const BASELINE_DESCRIPTION: &str = {:?};\n\n",
        parsed.baseline_description
    ));

    emit_str_array(&mut out, "SQL_KEYWORDS", &parsed.sql_keywords);
    emit_str_array(&mut out, "SQL_OPERATORS", &parsed.sql_operators);
    emit_str_array(&mut out, "SQL_COMMENTS", &parsed.sql_comments);
    emit_str_array(&mut out, "SQL_TAUTOLOGIES", &parsed.sql_tautologies);
    emit_tagfn_array(&mut out, "XSS_TAGS", &parsed.xss_tag);
    emit_str_array(&mut out, "XSS_EVENTS", &parsed.xss_events);
    emit_tagfn_array(&mut out, "XSS_FUNCTIONS", &parsed.xss_function);
    emit_str_array(&mut out, "COMMAND_SEPARATORS", &parsed.command_separators);
    emit_str_array(&mut out, "COMMAND_NAMES", &parsed.command_names);
    emit_str_array(&mut out, "COMMAND_PATHS", &parsed.command_paths);

    fs::write(&out_path, out).expect("write differential_data.rs");
    println!("cargo::rerun-if-changed={}", in_path.display());
}