github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-01 12:07:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix rules chain and action execution

Browse Source 
- Rules chains are respecting the phase of the first rule in chain.
- The actions are only executed if all chain match.
This commit is contained in:
Felipe Zimmerle
2015-08-25 13:44:20 -03:00
parent f2da6bb81d
commit 004ef066ed
2 changed files with 14 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/rule.cc
View File

@@ -179,13 +179,9 @@ bool Rule::evaluate(Assay *assay) {
std::to_string(elapsed_secs) + " seconds");
if (ret) {
bool chainResult = false;
assay->debug(4, "Rule returned 1.");
for (Action *a :
this->actions_runtime_pos) {
assay->debug(4, "Running action: " + a->action);
a->evaluate(this, assay);
}
if (this->chained && this->chainedRule == NULL) {
assay->debug(4, "Rule is marked as chained but there " \
"isn't a subsequent rule.");
@@ -203,12 +199,20 @@ bool Rule::evaluate(Assay *assay) {
assay->store_variable("MATCHED_VARS:" + v.first, value);
assay->store_variable("MATCHED_VARS_NAMES:" + v.first,
v.first);
this->chainedRule->evaluate(assay);
chainResult = this->chainedRule->evaluate(assay);
assay->update_variable_first("MATCHED_VAR", "");
assay->delete_variable("MATCHED_VARS:" + v.first);
assay->delete_variable("MATCHED_VARS_NAMES:" + v.first);
assay->delete_variable("MATCHED_VARS_NAMES:" + v.first);
}
if (this->chained && chainResult == true || !this->chained) {
for (Action *a :
this->actions_runtime_pos) {
assay->debug(4, "Running action: " + a->action);
a->evaluate(this, assay);
}
}
} else {
assay->debug(4, "Rule returned 0.");
}