github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-17 01:51:52 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds new method for rule merge

Browse Source 
IMPORTANT: SecDefaultAction specified on a child configuration will
overwrite the ones specified on the parent; Previously it was
concatenating.
This commit is contained in:
Felipe Zimmerle
2020-04-14 11:33:17 -03:00
parent 3a189a131f
commit 0daeb09b0a
114 changed files with 2128 additions and 1509 deletions
Download Patch File Download Diff File Expand all files Collapse all files

208
headers/modsecurity/rule_message.h
View File

@@ -42,67 +42,36 @@ class RuleMessage {
ClientLogMessageInfo = 4
};
/**
*
* FIXME: RuleMessage is currently too big, doing a lot of
* unnecessary data duplication. Needs to be shrink down.
*
*/
RuleMessage(RuleWithActions *rule, Transaction *trans) :
m_accuracy(rule->m_accuracy),
m_clientIpAddress(trans->m_clientIpAddress),
m_data(""),
m_id(trans->m_id),
m_isDisruptive(false),
m_match(""),
m_maturity(rule->m_maturity),
m_message(""),
m_noAuditLog(false),
m_phase(rule->getPhase() - 1),
m_reference(""),
m_rev(rule->m_rev),
m_rule(rule),
m_ruleFile(rule->getFileName()),
m_ruleId(rule->m_ruleId),
m_ruleLine(rule->getLineNumber()),
m_saveMessage(true),
m_serverIpAddress(trans->m_serverIpAddress),
m_severity(0),
m_uriNoQueryStringDecoded(trans->m_uri_no_query_string_decoded),
m_ver(rule->m_ver)
explicit RuleMessage(const RuleMessage &ruleMessage) :
m_severity(ruleMessage.m_severity),
m_tags(),
m_data(ruleMessage.m_data),
m_match(ruleMessage.m_match),
m_message(ruleMessage.m_message),
m_reference(ruleMessage.m_reference),
m_transaction(ruleMessage.m_transaction),
m_rule(ruleMessage.m_rule)
{ }
explicit RuleMessage(RuleMessage *rule) :
m_accuracy(rule->m_accuracy),
m_clientIpAddress(rule->m_clientIpAddress),
m_data(rule->m_data),
m_id(rule->m_id),
m_isDisruptive(rule->m_isDisruptive),
m_match(rule->m_match),
m_maturity(rule->m_maturity),
m_message(rule->m_message),
m_noAuditLog(rule->m_noAuditLog),
m_phase(rule->m_phase),
m_reference(rule->m_reference),
m_rev(rule->m_rev),
m_rule(rule->m_rule),
m_ruleFile(rule->m_ruleFile),
m_ruleId(rule->m_ruleId),
m_ruleLine(rule->m_ruleLine),
m_saveMessage(rule->m_saveMessage),
m_serverIpAddress(rule->m_serverIpAddress),
m_severity(rule->m_severity),
m_uriNoQueryStringDecoded(rule->m_uriNoQueryStringDecoded),
m_ver(rule->m_ver)
explicit RuleMessage(Transaction *transaction) :
m_severity(0),
m_tags(),
m_data(""),
m_match(""),
m_message(""),
m_reference(""),
m_transaction(transaction),
m_rule(nullptr)
{ }
void clean() {
m_data = "";
m_match = "";
m_isDisruptive = false;
m_reference = "";
m_severity = 0;
m_ver = "";
}
std::string log() {
@@ -130,29 +99,122 @@ class RuleMessage {
static std::string _details(const RuleMessage *rm);
static std::string _errorLogTail(const RuleMessage *rm);
int m_accuracy;
std::shared_ptr<std::string> m_clientIpAddress;
std::string m_data;
std::shared_ptr<std::string> m_id;
bool m_isDisruptive;
std::string m_match;
int m_maturity;
std::string m_message;
bool m_noAuditLog;
int m_phase;
std::string m_reference;
std::string m_rev;
RuleWithActions *m_rule;
std::shared_ptr<std::string> m_ruleFile;
int m_ruleId;
int m_ruleLine;
bool m_saveMessage;
std::shared_ptr<std::string> m_serverIpAddress;
int m_severity;
std::shared_ptr<std::string> m_uriNoQueryStringDecoded;
std::string m_ver;
RuleWithActions *getRule() const {
return m_rule;
}
void setRule(RuleWithActions *rule) {
m_rule = rule;
}
bool isSettle() const {
return m_rule != nullptr;
}
int getRuleId() const {
if (m_rule) {
return m_rule->m_ruleId;
}
return -1;
}
int getPhase() const {
if (m_rule) {
return m_rule->getPhase();
}
return 0;
}
std::string getFileName() const {
if (m_rule) {
return *m_rule->getFileName().get();
}
return "";
}
int getLineNumber() const {
if (m_rule) {
return m_rule->getLineNumber();
}
return 0;
}
std::string getRev() const {
if (m_rule) {
return m_rule->getRevision();
}
return "";
}
std::string getVer() const {
if (m_rule) {
return m_rule->getRevision();
}
return "";
}
int getMaturity() const {
if (m_rule) {
return m_rule->getMaturity();
}
return 0;
}
int getAccuracy() const {
if (m_rule) {
return m_rule->getAccuracy();
}
return 0;
}
std::string getClientIpAddress() const {
if (m_transaction) {
return *m_transaction->m_clientIpAddress.get();
}
return "";
}
std::string getServerIpAddress() const {
if (m_transaction) {
return *m_transaction->m_serverIpAddress.get();
}
return "";
}
std::string getRequestId() const {
if (m_transaction) {
return *m_transaction->m_id.get();
}
return "";
}
std::string getUri() const {
if (m_transaction) {
return *m_transaction->m_uri_no_query_string_decoded.get();
}
return "";
}
bool isDisruptive() const {
if (m_rule) {
return m_rule->hasDisruptiveAction();
}
return 0;
}
int m_severity;
std::list<std::string> m_tags;
// Transaction
std::string m_data;
std::string m_match;
std::string m_message;
std::string m_reference;
private:
Transaction *m_transaction;
RuleWithActions *m_rule;
};