github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-17 03:36:08 +03:00
Code Issues Packages Projects Releases Wiki Activity

parser: arbitraty text can be used instead of operator

Browse Source 
The usage of an arbitrary text instead operator was expecting that the
arbitrary text start by something different from "@" or "!", now it can
start with anything, including "@", and/or "!". Notice however that
there aren't such thing as a bad  operator. Bad operator will be used as
input of @rx. Issue #1136.
This commit is contained in:
Felipe Zimmerle 2016-06-22 16:59:50 -03:00
parent 0d53dda1a1
commit 02909f7cd8
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
2 changed files with 2 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/parser/seclang-scanner.ll
View File

@ -190,7 +190,7 @@ VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
VAR_FREE_TEXT_SPACE [^ \t\"]+ VAR_FREE_TEXT_SPACE [^ \t\"]+
SOMETHING ["]{1}[^@|!]{1}([^"]|([^\\"]\\\"))*["]{1} SOMETHING ["]{1}([^"]|([^\\"]\\\"))*["]{1}
CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile) CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
@ -338,10 +338,10 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
{CONFIG_DIR_SEC_MARKER}[ ]{NEW_LINE_FREE_TEXT} { return yy::seclang_parser::make_CONFIG_DIR_SEC_MARKER(strchr(yytext, ' ') + 1, *driver.loc.back()); } {CONFIG_DIR_SEC_MARKER}[ ]{NEW_LINE_FREE_TEXT} { return yy::seclang_parser::make_CONFIG_DIR_SEC_MARKER(strchr(yytext, ' ') + 1, *driver.loc.back()); }
<EXPECTING_OPERATOR>{ <EXPECTING_OPERATOR>{
{SOMETHING} { BEGIN(INITIAL); return yy::seclang_parser::make_FREE_TEXT(yytext, *driver.loc.back()); }
["]{OPERATOR}[ ]{FREE_TEXT}["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR(yytext, *driver.loc.back()); } ["]{OPERATOR}[ ]{FREE_TEXT}["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATORNOARG}[\t ]*["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR(yytext, *driver.loc.back()); } ["]{OPERATORNOARG}[\t ]*["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATOR_GEOIP}[\t ]*["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR_GEOIP(yytext, *driver.loc.back()); } ["]{OPERATOR_GEOIP}[\t ]*["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR_GEOIP(yytext, *driver.loc.back()); }
{SOMETHING} { BEGIN(INITIAL); return yy::seclang_parser::make_FREE_TEXT(yytext, *driver.loc.back()); }
} }
{ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); } {ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); }

15
test/test-cases/regression/config-include-bad.json
View File

@ -44,21 +44,6 @@
"SecRule ARGS \"@contains test\" \"id:19,pass,t:trim\"" "SecRule ARGS \"@contains test\" \"id:19,pass,t:trim\""
] ]
}, },
{
"enabled":1,
"version_min":300000,
"title":"Include - bad operator inside include",
"expected":{
"parser_error": "Rules error. File: test-cases/data/config_example-bad-op-include.txt. Line: 2. Column: 67. .*"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"Include test-cases/data/config_example-bad-op-include.txt",
"SecRule ARGS \"@contains test\" \"id:19,pass,t:trim\""
]
},
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,