github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support to capture this fingerprint of the detectSQLi operator

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-10-27 10:40:35 -03:00
parent 93031d93d0
commit 11a1045f47
3 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/operators/detect_sqli.cc
View File

@@ -27,13 +27,11 @@ namespace operators {
bool DetectSQLi::evaluate(Assay *assay, const std::string &input) {
char fingerprint[8];
int issqli;
// int capture;
issqli = libinjection_sqli(input.c_str(), input.length(), fingerprint);
// capture = apr_table_get(rule->actionset->actions, "capture") ? 1 : 0;
if (issqli) {
// set_match_to_tx(msr, capture, fingerprint, 0);
matched.push_back(fingerprint);
if (assay) {
#ifndef NO_LOGS
assay->debug(4, "detected SQLi using libinjection with " \

2
src/operators/detect_sqli.h
View File

@@ -30,6 +30,8 @@ class DetectSQLi : public Operator {
: Operator(op, param, negation) { }
bool evaluate(Assay *assay, const std::string &input);
std::list<std::string> matched;
};
} // namespace operators