feat(asm): fix segmentation fault parsing JSON in Python2 (backport #4082) (#4096)

mergify[bot] · web-flow · commit 1949d45303c6 · 2022-08-16T13:40:19.000Z
This is an automatic backport of pull request #4082 done by [Mergify](https://mergify.com). --- <details> <summary>Mergify commands and options</summary> <br /> More conditions and actions can be found in the [documentation](https://docs.mergify.com/). You can also trigger Mergify actions by commenting on this pull request: - `@Mergifyio refresh` will re-evaluate the rules - `@Mergifyio rebase` will rebase this PR on its base branch - `@Mergifyio update` will merge the base branch into this PR - `@Mergifyio backport <destination>` will backport this PR on `<destination>` branch Additionally, on Mergify [dashboard](https://dashboard.mergify.com/) you can: - look at your merge queues - generate the Mergify configuration with the config editor. Finally, you can contact us on https://mergify.com </details>
diff --git a/ddtrace/appsec/_ddwaf.pyx b/ddtrace/appsec/_ddwaf.pyx
@@ -56,6 +56,7 @@ def version():
 
 
 cdef inline object _string_to_bytes(object string, const char **ptr, ssize_t *length):
+    ptr[0] = NULL
     if isinstance(string, six.binary_type):
         ptr[0] = PyBytes_AsString(string)
         length[0] = PyBytes_Size(string)
diff --git a/releasenotes/notes/asm-fix-python-2-error-reading-ddwaf-rules-d3653031f2ba84ba.yaml b/releasenotes/notes/asm-fix-python-2-error-reading-ddwaf-rules-d3653031f2ba84ba.yaml
@@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    ASM: fix Python 2 error reading WAF rules.
diff --git a/tests/appsec/test_processor.py b/tests/appsec/test_processor.py
@@ -3,7 +3,9 @@
 
 import pytest
 
+from ddtrace.appsec._ddwaf import DDWaf
 from ddtrace.appsec.processor import AppSecSpanProcessor
+from ddtrace.appsec.processor import DEFAULT_RULES
 from ddtrace.appsec.processor import _transform_headers
 from ddtrace.constants import USER_KEEP
 from ddtrace.contrib.trace_utils import set_http_meta
@@ -159,3 +161,9 @@ def test_appsec_span_rate_limit(tracer):
         assert span1.get_tag("_dd.appsec.json") is not None
         assert span2.get_tag("_dd.appsec.json") is not None
         assert span3.get_tag("_dd.appsec.json") is None
+
+
+def test_ddwaf_not_raises_exception():
+    with open(DEFAULT_RULES) as rules:
+        rules_json = json.loads(rules.read())
+        DDWaf(rules_json)

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +fixes:
 +  - |
 +    ASM: fix Python 2 error reading WAF rules.