Adds new method for rule merge

IMPORTANT: SecDefaultAction specified on a child configuration will overwrite the ones specified on the parent; Previously it was concatenating.
2025-11-19 18:54:23 +03:00 · 2020-04-14 11:33:17 -03:00
parent 73c3731c9d
commit 1518015687
114 changed files with 2130 additions and 1511 deletions
--- a/src/operators/begins_with.cc
+++ b/src/operators/begins_with.cc
@@ -25,7 +25,7 @@ namespace operators {


 bool BeginsWith::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
    std::string p(m_string->evaluate(transaction));

    if (str.size() < p.size()) {
--- a/src/operators/begins_with.h
+++ b/src/operators/begins_with.h
@@ -33,7 +33,7 @@ class BeginsWith : public Operator {
        : Operator("BeginsWith", std::move(param)) { }

    bool evaluate(Transaction *transaction, RuleWithActions *rule, const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };

 }  // namespace operators
--- a/src/operators/contains.cc
+++ b/src/operators/contains.cc
@@ -22,7 +22,7 @@ namespace modsecurity {
 namespace operators {

 bool Contains::evaluate(Transaction *transaction, RuleWithActions *rule,
-        const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+        const std::string &input, RuleMessage *ruleMessage) {
    std::string p(m_string->evaluate(transaction));
    size_t offset = input.find(p);

--- a/src/operators/contains.h
+++ b/src/operators/contains.h
@@ -36,7 +36,7 @@ class Contains : public Operator {
        : Operator("Contains", std::move(param)) { }
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };

 }  // namespace operators
--- a/src/operators/contains_word.cc
+++ b/src/operators/contains_word.cc
@@ -37,7 +37,7 @@ bool ContainsWord::acceptableChar(const std::string& a, size_t pos) {
 }

 bool ContainsWord::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
    std::string paramTarget(m_string->evaluate(transaction));

    if (paramTarget.empty()) {
--- a/src/operators/contains_word.h
+++ b/src/operators/contains_word.h
@@ -34,7 +34,7 @@ class ContainsWord : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;

 private:
    static bool acceptableChar(const std::string& a, size_t pos);
--- a/src/operators/detect_sqli.cc
+++ b/src/operators/detect_sqli.cc
@@ -26,7 +26,7 @@ namespace operators {


 bool DetectSQLi::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
    char fingerprint[8];
    int issqli;

--- a/src/operators/detect_sqli.h
+++ b/src/operators/detect_sqli.h
@@ -34,7 +34,7 @@ class DetectSQLi : public Operator {

    bool evaluate(Transaction *t, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };

 }  // namespace operators
--- a/src/operators/detect_xss.cc
+++ b/src/operators/detect_xss.cc
@@ -26,7 +26,7 @@ namespace operators {


 bool DetectXSS::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
    int is_xss;

    is_xss = libinjection_xss(input.c_str(), input.length());
--- a/src/operators/detect_xss.h
+++ b/src/operators/detect_xss.h
@@ -33,7 +33,7 @@ class DetectXSS : public Operator {

    bool evaluate(Transaction *t, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };

 }  // namespace operators
--- a/src/operators/ends_with.cc
+++ b/src/operators/ends_with.cc
@@ -24,7 +24,7 @@ namespace operators {


 bool EndsWith::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
    bool ret = false;
    std::string p(m_string->evaluate(transaction));

--- a/src/operators/ends_with.h
+++ b/src/operators/ends_with.h
@@ -35,7 +35,7 @@ class EndsWith : public Operator {
        }
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };


--- a/src/operators/operator.cc
+++ b/src/operators/operator.cc
@@ -71,7 +71,7 @@ namespace operators {


 bool Operator::evaluateInternal(Transaction *transaction,
-    RuleWithActions *rule, const std::string& a, std::shared_ptr<RuleMessage> rm) {
+    RuleWithActions *rule, const std::string& a, RuleMessage *rm) {
    bool res = evaluate(transaction, rule, a, rm);

    if (m_negation) {
--- a/src/operators/operator.h
+++ b/src/operators/operator.h
@@ -114,7 +114,7 @@ class Operator {
    bool evaluateInternal(Transaction *t, RuleWithActions *rule,
        const std::string& a);
    bool evaluateInternal(Transaction *t, RuleWithActions *rule,
-        const std::string& a, std::shared_ptr<RuleMessage> ruleMessage);
+        const std::string& a, RuleMessage *ruleMessage);


    virtual bool evaluate(Transaction *transaction, const std::string &str);
@@ -123,11 +123,11 @@ class Operator {
        return evaluate(transaction, str);
    }
    virtual bool evaluate(Transaction *transaction, RuleWithActions *rule,
-        const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+        const std::string &str, RuleMessage *ruleMessage) {
        return evaluate(transaction, str);
    }

-    static void logOffset(std::shared_ptr<RuleMessage> ruleMessage, int offset, int len) {
+    static void logOffset(RuleMessage *ruleMessage, int offset, int len) {
        if (ruleMessage) {
            ruleMessage->m_reference.append("o"
                + std::to_string(offset) + ","
--- a/src/operators/pm.cc
+++ b/src/operators/pm.cc
@@ -82,8 +82,8 @@ void Pm::postOrderTraversal(acmp_btree_node_t *node) {


 bool Pm::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
-    int rc;
+    const std::string &input, RuleMessage *ruleMessage) {
+    int rc = -1;
    ACMPT pt;
    pt.parser = m_p;
    pt.ptr = NULL;
--- a/src/operators/pm.h
+++ b/src/operators/pm.h
@@ -43,7 +43,7 @@ class Pm : public Operator {
    ~Pm();
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;


    bool init(const std::string &file, std::string *error) override;
--- a/src/operators/rbl.cc
+++ b/src/operators/rbl.cc
@@ -202,7 +202,7 @@ void Rbl::furtherInfo(struct sockaddr_in *sin, const std::string &ipStr,

 bool Rbl::evaluate(Transaction *t, RuleWithActions *rule,
        const std::string& ipStr,
-        std::shared_ptr<RuleMessage> ruleMessage) {
+        RuleMessage *ruleMessage) {
    struct addrinfo *info = NULL;
    std::string host = Rbl::mapIpToAddress(ipStr, t);
    int rc = 0;
--- a/src/operators/rbl.h
+++ b/src/operators/rbl.h
@@ -78,7 +78,7 @@ class Rbl : public Operator {
        }
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;

    std::string mapIpToAddress(const std::string &ipStr, Transaction *trans) const;

--- a/src/operators/rx.cc
+++ b/src/operators/rx.cc
@@ -37,7 +37,7 @@ bool Rx::init(const std::string &arg, std::string *error) {


 bool Rx::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
    Regex *re;

    if (m_param.empty() && !m_string->m_containsMacro) {
--- a/src/operators/rx.h
+++ b/src/operators/rx.h
@@ -51,7 +51,7 @@ class Rx : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;

    bool init(const std::string &arg, std::string *error) override;

--- a/src/operators/rx_global.cc
+++ b/src/operators/rx_global.cc
@@ -37,7 +37,7 @@ bool RxGlobal::init(const std::string &arg, std::string *error) {


 bool RxGlobal::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
    Regex *re;

    if (m_param.empty() && !m_string->m_containsMacro) {
--- a/src/operators/rx_global.h
+++ b/src/operators/rx_global.h
@@ -51,7 +51,7 @@ class RxGlobal : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;

    bool init(const std::string &arg, std::string *error) override;

--- a/src/operators/validate_byte_range.cc
+++ b/src/operators/validate_byte_range.cc
@@ -111,7 +111,7 @@ bool ValidateByteRange::init(const std::string &file,


 bool ValidateByteRange::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &input, RuleMessage *ruleMessage) {
    bool ret = true;

    size_t count = 0;
--- a/src/operators/validate_byte_range.h
+++ b/src/operators/validate_byte_range.h
@@ -39,7 +39,7 @@ class ValidateByteRange : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
    bool getRange(const std::string &rangeRepresentation, std::string *error);
    bool init(const std::string& file, std::string *error) override;
 private:
--- a/src/operators/validate_url_encoding.cc
+++ b/src/operators/validate_url_encoding.cc
@@ -69,7 +69,7 @@ int ValidateUrlEncoding::validate_url_encoding(const char *input,


 bool ValidateUrlEncoding::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &input, RuleMessage *ruleMessage) {
    size_t offset = 0;
    bool res = false;

--- a/src/operators/validate_url_encoding.h
+++ b/src/operators/validate_url_encoding.h
@@ -33,7 +33,7 @@ class ValidateUrlEncoding : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;

    static int validate_url_encoding(const char *input, uint64_t input_length,
        size_t *offset);
--- a/src/operators/validate_utf8_encoding.cc
+++ b/src/operators/validate_utf8_encoding.cc
@@ -114,7 +114,7 @@ int ValidateUtf8Encoding::detect_utf8_character(
 }

 bool ValidateUtf8Encoding::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
    unsigned int i, bytes_left;

    const char *str_c = str.c_str();
--- a/src/operators/validate_utf8_encoding.h
+++ b/src/operators/validate_utf8_encoding.h
@@ -40,7 +40,7 @@ class ValidateUtf8Encoding : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;

    static int detect_utf8_character(const unsigned char *p_read,
        unsigned int length);
--- a/src/operators/verify_cc.cc
+++ b/src/operators/verify_cc.cc
@@ -118,7 +118,7 @@ bool VerifyCC::init(const std::string &param2, std::string *error) {


 bool VerifyCC::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& i, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& i, RuleMessage *ruleMessage) {
    int offset = 0;
    int target_length = i.length();

--- a/src/operators/verify_cc.h
+++ b/src/operators/verify_cc.h
@@ -37,7 +37,7 @@ class VerifyCC : public Operator {

    bool evaluate(Transaction *t, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage)  override;
+        RuleMessage *ruleMessage)  override;
    bool init(const std::string &param, std::string *error) override;
 private:
    pcre *m_pc;
--- a/src/operators/verify_cpf.cc
+++ b/src/operators/verify_cpf.cc
@@ -109,7 +109,7 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {


 bool VerifyCPF::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
    std::list<SMatch> matches;
    bool is_cpf = false;
    int i;
--- a/src/operators/verify_cpf.h
+++ b/src/operators/verify_cpf.h
@@ -48,7 +48,7 @@ class VerifyCPF : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;

    bool verify(const char *ssnumber, int len);

--- a/src/operators/verify_ssn.cc
+++ b/src/operators/verify_ssn.cc
@@ -111,7 +111,7 @@ invalid:


 bool VerifySSN::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
    std::list<SMatch> matches;
    bool is_ssn = false;
    int i;
--- a/src/operators/verify_ssn.h
+++ b/src/operators/verify_ssn.h
@@ -48,7 +48,7 @@ class VerifySSN : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;



--- a/src/operators/verify_svnr.cc
+++ b/src/operators/verify_svnr.cc
@@ -78,7 +78,7 @@ bool VerifySVNR::verify(const char *svnrnumber, int len) {


 bool VerifySVNR::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage* ruleMessage) {
    std::list<SMatch> matches;
    bool is_svnr = false;
    int i;
--- a/src/operators/verify_svnr.h
+++ b/src/operators/verify_svnr.h
@@ -34,7 +34,7 @@ class VerifySVNR : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;

    bool verify(const char *ssnumber, int len);

--- a/src/operators/within.cc
+++ b/src/operators/within.cc
@@ -25,7 +25,7 @@ namespace operators {


 bool Within::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
    bool res = false;
    size_t pos = 0;
    std::string paramTarget(m_string->evaluate(transaction));
--- a/src/operators/within.h
+++ b/src/operators/within.h
@@ -34,7 +34,7 @@ class Within : public Operator {
            m_couldContainsMacro = true;
        }
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
-        const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) override;
+        const std::string &str, RuleMessage *ruleMessage) override;
 };

 }  // namespace operators