Adds first version of `processContentOffset'

This commit also includes an example application on how to use the `processContentOffset' method.
2025-09-30 03:34:29 +03:00 · 2017-02-15 18:18:10 -03:00
parent 7aae5dc183
commit 027d50b76b
11 changed files with 325 additions and 95 deletions
--- a/src/actions/transformations/lower_case.cc
+++ b/src/actions/transformations/lower_case.cc
@@ -35,18 +35,10 @@ std::string LowerCase::evaluate(std::string value,
    Transaction *transaction) {
    std::locale loc;

-    if (LowerCaseInstantCache::getInstance().count(value) > 0) {
-        return LowerCaseInstantCache::getInstance().at(value);
-    }
-
-    std::string orig_value = value;
-
    for (std::string::size_type i=0; i < value.length(); ++i) {
        value[i] = std::tolower(value[i], loc);
    }

-    LowerCaseInstantCache::getInstance().cache(orig_value, value);
-
    return value;
 }

--- a/src/actions/transformations/transformation.cc
+++ b/src/actions/transformations/transformation.cc
@@ -58,6 +58,11 @@
 #include "src/actions/transformations/url_encode.h"
 #include "src/actions/transformations/utf8_to_unicode.h"

+
+#define IF_MATCH(b) \
+    if (a.compare(2, std::strlen(#b), #b) == 0)
+
+
 namespace modsecurity {
 namespace actions {
 namespace transformations {
@@ -68,6 +73,49 @@ std::string Transformation::evaluate(std::string value,
    return value;
 }

+Transformation* Transformation::instantiate(std::string a) {
+    IF_MATCH(base64DecodeExt) { return new Base64DecodeExt(a); }
+    IF_MATCH(base64Decode) { return new Base64Decode(a); }
+    IF_MATCH(base64Encode) { return new Base64Encode(a); }
+    IF_MATCH(cmd_line) { return new CmdLine(a); }
+    IF_MATCH(compress_whitespace) { return new CompressWhitespace(a); }
+    IF_MATCH(cssDecode) { return new CssDecode(a); }
+    IF_MATCH(escapeSeqDecode) { return new EscapeSeqDecode(a); }
+    IF_MATCH(hexDecode) { return new HexDecode(a); }
+    IF_MATCH(hexEncode) { return new HexEncode(a); }
+    IF_MATCH(htmlEntityDecode) { return new HtmlEntityDecode(a); }
+    IF_MATCH(jsDecode) { return new JsDecode(a); }
+    IF_MATCH(length) { return new Length(a); }
+    IF_MATCH(lowercase) { return new LowerCase(a); }
+    IF_MATCH(md5) { return new Md5(a); }
+    IF_MATCH(none) { return new None(a); }
+    IF_MATCH(normalizePathWin) { return new NormalisePathWin(a); }
+    IF_MATCH(normalisePathWin) { return new NormalisePathWin(a); }
+    IF_MATCH(normalizePath) { return new NormalisePath(a); }
+    IF_MATCH(normalisePath) { return new NormalisePath(a); }
+    IF_MATCH(parityEven7bit) { return new ParityEven7bit(a); }
+    IF_MATCH(parityOdd7bit) { return new ParityOdd7bit(a); }
+    IF_MATCH(parityZero7bit) { return new ParityZero7bit(a); }
+    IF_MATCH(removeCommentsChar) { return new RemoveCommentsChar(a); }
+    IF_MATCH(removeComments) { return new RemoveComments(a); }
+    IF_MATCH(removeNulls) { return new RemoveNulls(a); }
+    IF_MATCH(removeWhitespace) { return new RemoveWhitespace(a); }
+    IF_MATCH(compressWhitespace) { return new CompressWhitespace(a); }
+    IF_MATCH(replaceComments) { return new ReplaceComments(a); }
+    IF_MATCH(replaceNulls) { return new ReplaceNulls(a); }
+    IF_MATCH(sha1) { return new Sha1(a); }
+    IF_MATCH(sqlHexDecode) { return new SqlHexDecode(a); }
+    IF_MATCH(transformation) { return new Transformation(a); }
+    IF_MATCH(trimLeft) { return new TrimLeft(a); }
+    IF_MATCH(trimRight) { return new TrimRight(a); }
+    IF_MATCH(trim) { return new Trim(a); }
+    IF_MATCH(urlDecodeUni) { return new UrlDecodeUni(a); }
+    IF_MATCH(urlDecode) { return new UrlDecode(a); }
+    IF_MATCH(urlEncode) { return new UrlEncode(a); }
+    IF_MATCH(utf8ToUnicode) { return new Utf8ToUnicode(a); }
+
+    return new Transformation(a);
+}

 }  // namespace transformations
 }  // namespace actions
--- a/src/actions/transformations/transformation.h
+++ b/src/actions/transformations/transformation.h
@@ -20,6 +20,7 @@
 #ifndef SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_
 #define SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_

+
 namespace modsecurity {
 class Transaction;

@@ -36,6 +37,9 @@ class Transformation : public Action {

    std::string evaluate(std::string exp,
        Transaction *transaction) override;
+
+    static Transformation* instantiate(std::string a);
+
 };

 }  // namespace transformations
--- a/src/modsecurity.cc
+++ b/src/modsecurity.cc
@@ -22,11 +22,17 @@
 #include "src/collection/backend/lmdb.h"
 #include "src/config.h"
 #include "src/unique_id.h"
+#include "src/utils/regex.h"
 #ifdef MSC_WITH_CURL
 #include <curl/curl.h>
 #endif
+#ifdef WITH_YAJL
+#include <yajl/yajl_tree.h>
+#include <yajl/yajl_gen.h>
+#endif

 #include "src/utils/geo_lookup.h"
+#include "src/actions/transformations/transformation.h"

 namespace modsecurity {

@@ -170,6 +176,185 @@ void ModSecurity::serverLog(void *data, const std::string& msg) {
 }


+int ModSecurity::processContentOffset(const char *content, size_t len,
+    const char *matchString, std::string *json, const char **err) {
+#ifdef WITH_YAJL
+    Utils::Regex variables("v([0-9]+),([0-9]+)");
+    Utils::Regex operators("o([0-9]+),([0-9]+)");
+    Utils::Regex transformations("t:(?:(?!t:).)+");
+    int i;
+    yajl_gen g;
+    std::string varValue;
+    std::string opValue;
+    const unsigned char *buf;
+    size_t jsonSize;
+
+    std::list<Utils::SMatch> vars = variables.searchAll(matchString);
+    std::list<Utils::SMatch> ops = operators.searchAll(matchString);
+    std::list<Utils::SMatch> trans = transformations.searchAll(matchString);
+
+    g = yajl_gen_alloc(NULL);
+    if (g == NULL) {
+        *err = "Failed to allocate memory for the JSON creation.";
+        return -1;
+    }
+
+    yajl_gen_config(g, yajl_gen_beautify, 1);
+
+    yajl_gen_map_open(g);
+    yajl_gen_string(g, reinterpret_cast<const unsigned char*>("match"),
+        strlen("match"));
+
+    yajl_gen_array_open(g);
+    yajl_gen_map_open(g);
+
+    yajl_gen_string(g, reinterpret_cast<const unsigned char*>("variable"),
+            strlen("variable"));
+
+    yajl_gen_map_open(g);
+        yajl_gen_string(g, reinterpret_cast<const unsigned char*>("highlight"),
+            strlen("highlight"));
+
+        yajl_gen_array_open(g);
+    while (vars.size() > 0) {
+        std::string value;
+        yajl_gen_map_open(g);
+        vars.pop_back();
+        std::string startingAt = vars.back().match;
+        vars.pop_back();
+        std::string size = vars.back().match;
+        vars.pop_back();
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>("startingAt"),
+            strlen("startingAt"));
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>(startingAt.c_str()),
+            startingAt.size());
+        yajl_gen_string(g, reinterpret_cast<const unsigned char*>("size"),
+            strlen("size"));
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>(size.c_str()),
+            size.size());
+        yajl_gen_map_close(g);
+
+        if (stoi(startingAt) >= len) {
+            *err = "Offset is out of the content limits.";
+            return -1;
+        }
+
+        value = std::string(content, stoi(startingAt), stoi(size));
+        if (varValue.size() > 0) {
+            varValue.append(" " + value);
+        } else {
+            varValue.append(value);
+        }
+    }
+    yajl_gen_array_close(g);
+
+    yajl_gen_string(g, reinterpret_cast<const unsigned char*>("value"),
+            strlen("value"));
+
+    yajl_gen_array_open(g);
+
+    yajl_gen_map_open(g);
+    yajl_gen_string(g, reinterpret_cast<const unsigned char*>("value"),
+            strlen("value"));
+    yajl_gen_string(g, reinterpret_cast<const unsigned char*>(varValue.c_str()),
+            varValue.size());
+    yajl_gen_map_close(g);
+
+    while (trans.size() > 0) {
+        modsecurity::actions::transformations::Transformation *t;
+        std::string varValueRes;
+        yajl_gen_map_open(g);
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>("transformation"),
+            strlen("transformation"));
+
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>(trans.back().match.c_str()),
+            trans.back().match.size());
+
+        t = modsecurity::actions::transformations::Transformation::instantiate(trans.back().match.c_str());
+        varValueRes = t->evaluate(varValue, NULL);
+        varValue.assign(varValueRes);
+        trans.pop_back();
+
+        yajl_gen_string(g, reinterpret_cast<const unsigned char*>("value"),
+            strlen("value"));
+        yajl_gen_string(g, reinterpret_cast<const unsigned char*>(varValue.c_str()),
+            varValue.size());
+        yajl_gen_map_close(g);
+    }
+
+    yajl_gen_array_close(g);
+
+    yajl_gen_string(g, reinterpret_cast<const unsigned char*>("operator"),
+            strlen("operator"));
+
+    yajl_gen_map_open(g);
+
+    while (ops.size() > 0) {
+        std::string value;
+        yajl_gen_string(g, reinterpret_cast<const unsigned char*>("highlight"),
+            strlen("highlight"));
+        yajl_gen_map_open(g);
+        ops.pop_back();
+        std::string startingAt = ops.back().match;
+        ops.pop_back();
+        std::string size = ops.back().match;
+        ops.pop_back();
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>("startingAt"),
+            strlen("startingAt"));
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>(startingAt.c_str()),
+            startingAt.size());
+        yajl_gen_string(g, reinterpret_cast<const unsigned char*>("size"),
+            strlen("size"));
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>(size.c_str()),
+            size.size());
+        yajl_gen_map_close(g);
+
+        if (stoi(startingAt) >= varValue.size()) {
+            *err = "Offset is out of the variable limits.";
+            return -1;
+        }
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>("value"),
+            strlen("value"));
+
+        value = std::string(varValue, stoi(startingAt), stoi(size));
+
+        yajl_gen_string(g,
+            reinterpret_cast<const unsigned char*>(value.c_str()),
+            value.size());
+    }
+
+    yajl_gen_map_close(g);
+
+
+    yajl_gen_map_close(g);
+    yajl_gen_array_close(g);
+
+    yajl_gen_map_close(g);
+    yajl_gen_array_close(g);
+    yajl_gen_map_close(g);
+
+    yajl_gen_get_buf(g, &buf, &jsonSize);
+
+    json->assign(reinterpret_cast<const char*>(buf), jsonSize);
+
+    yajl_gen_free(g);
+#else
+    *err = "Without YAJL support, we cannot generate JSON.";
+    return -1;
+#endif
+    return 0;
+}
+
+
 void ModSecurity::setServerLogCb(LogCb cb) {
    m_logCb = (LogCb) cb;
 }