Adds new method for rule merge

IMPORTANT: SecDefaultAction specified on a child configuration will overwrite the ones specified on the parent; Previously it was concatenating.
2025-11-18 10:20:35 +03:00 · 2020-04-14 11:33:17 -03:00
parent 73c3731c9d
commit 1518015687
114 changed files with 2130 additions and 1511 deletions
--- a/src/parser/driver.cc
+++ b/src/parser/driver.cc
@@ -81,7 +81,7 @@ int Driver::addSecRule(std::unique_ptr<RuleWithActions> r) {
    }

    /* is it a chained rule? */
-    if (m_lastRule != nullptr && m_lastRule->isChained()) {
+    if (m_lastRule != nullptr && m_lastRule->hasChainAction()) {
        r->setPhase(m_lastRule->getPhase());
        if (r->hasDisruptiveAction()) {
            m_parserError << "Disruptive actions can only be specified by";
@@ -91,6 +91,74 @@ int Driver::addSecRule(std::unique_ptr<RuleWithActions> r) {
        m_lastRule->m_chainedRuleChild = std::move(r);
        m_lastRule->m_chainedRuleChild->m_chainedRuleParent = m_lastRule;
        m_lastRule = m_lastRule->m_chainedRuleChild.get();
+
+        /* Lets set all meta-data to the first rule */
+        RuleWithActions *firstRule = m_lastRule;
+        if (!firstRule->hasChainAction()) {
+            while (firstRule->m_chainedRuleParent != nullptr) {
+                if (firstRule->hasMessageAction()) {
+                    firstRule->m_chainedRuleParent->setMessageAction(
+                        firstRule->getMessageAction()
+                    );
+                    firstRule->setMessageAction(nullptr);
+                }
+                if (firstRule->hasLogDataAction()) {
+                    firstRule->m_chainedRuleParent->setLogDataAction(
+                        firstRule->getLogDataAction()
+                    );
+                    firstRule->setLogDataAction(nullptr);
+                }
+                if (firstRule->hasSeverityAction()) {
+                    firstRule->m_chainedRuleParent->setSeverity(
+                        firstRule->getSeverity()
+                    );
+                }
+                if (firstRule->hasRevisionAction()) {
+                    firstRule->m_chainedRuleParent->setRevision(
+                        firstRule->getRevision()
+                    );
+                }
+                if (firstRule->hasVersionAction()) {
+                    firstRule->m_chainedRuleParent->setVersion(
+                        firstRule->getVersion()
+                    );
+                }
+                if (firstRule->hasAccuracyAction()) {
+                    firstRule->m_chainedRuleParent->setAccuracy(
+                        firstRule->getAccuracy()
+                    );
+                }
+                if (firstRule->hasMaturityAction()) {
+                    firstRule->m_chainedRuleParent->setMaturity(
+                        firstRule->getMaturity()
+                    );
+                }
+
+                if (firstRule->hasTagAction()) {
+                    firstRule->m_chainedRuleParent->setTags(
+                        firstRule->getTagsAction()
+                    );
+                    firstRule->cleanTags();
+                }
+
+                if (firstRule->hasDisruptiveAction()) {
+                    firstRule->m_chainedRuleParent->setDisruptiveAction(
+                        firstRule->getDisruptiveAction()
+                    );
+                    firstRule->setDisruptiveAction(nullptr);
+                }
+                firstRule->m_chainedRuleParent->setHasBlockAction(
+                    firstRule->hasBlockAction()
+                );
+                firstRule->m_chainedRuleParent->setHasLogAction(
+                    firstRule->hasLogAction()
+                );
+                firstRule->m_chainedRuleParent->setHasLogAction(
+                    firstRule->hasNoLogAction()
+                );
+                firstRule = firstRule->m_chainedRuleParent;
+            }
+        }
        return true;
    }

@@ -119,6 +187,7 @@ int Driver::addSecRule(std::unique_ptr<RuleWithActions> r) {
    }

    m_lastRule = rule.get();
+
    m_rulesSetPhases.insert(rule);

    return true;
--- a/src/parser/seclang-parser.cc
+++ b/src/parser/seclang-parser.cc
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -1075,10 +1075,12 @@ expression:
    | DIRECTIVE variables op actions
      {
        std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
-        std::vector<actions::transformations::Transformation *> *t = new std::vector<actions::transformations::Transformation *>();
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *t = new std::vector<std::shared_ptr<actions::transformations::Transformation> >();
        for (auto &i : *$4.get()) {
            if (dynamic_cast<actions::transformations::Transformation *>(i.get())) {
-              t->push_back(dynamic_cast<actions::transformations::Transformation *>(i.release()));
+              std::shared_ptr<actions::Action> at = std::move(i);
+              std::shared_ptr<actions::transformations::Transformation> t2 = std::static_pointer_cast<actions::transformations::Transformation>(std::move(at));
+              t->push_back(std::move(t2));
            } else {
              a->push_back(i.release());
            }
@@ -1124,10 +1126,12 @@ expression:
    | CONFIG_DIR_SEC_ACTION actions
      {
        std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
-        std::vector<actions::transformations::Transformation *> *t = new std::vector<actions::transformations::Transformation *>();
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *t = new std::vector<std::shared_ptr<actions::transformations::Transformation> >();
        for (auto &i : *$2.get()) {
            if (dynamic_cast<actions::transformations::Transformation *>(i.get())) {
-              t->push_back(dynamic_cast<actions::transformations::Transformation *>(i.release()));
+              std::shared_ptr<actions::Action> at = std::move(i);
+              std::shared_ptr<actions::transformations::Transformation> t2 = std::static_pointer_cast<actions::transformations::Transformation>(std::move(at));
+              t->push_back(std::move(t2));
            } else {
              a->push_back(i.release());
            }
@@ -1144,10 +1148,12 @@ expression:
      {
        std::string err;
        std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
-        std::vector<actions::transformations::Transformation *> *t = new std::vector<actions::transformations::Transformation *>();
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *t = new std::vector<std::shared_ptr<actions::transformations::Transformation> >();
        for (auto &i : *$2.get()) {
            if (dynamic_cast<actions::transformations::Transformation *>(i.get())) {
-              t->push_back(dynamic_cast<actions::transformations::Transformation *>(i.release()));
+              std::shared_ptr<actions::Action> at = std::move(i);
+              std::shared_ptr<actions::transformations::Transformation> t2 = std::static_pointer_cast<actions::transformations::Transformation>(std::move(at));
+              t->push_back(std::move(t2));
            } else {
              a->push_back(i.release());
            }
@@ -1219,8 +1225,13 @@ expression:
        }

        for (actions::Action *a : checkedActions) {
-            driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(
-                std::unique_ptr<actions::Action>(a));
+            if (dynamic_cast<actions::transformations::Transformation *>(a)) {
+              driver.m_rulesSetPhases[definedPhase]->m_defaultTransformations.push_back(
+                std::shared_ptr<actions::transformations::Transformation>(
+                dynamic_cast<actions::transformations::Transformation *>(a)));
+            } else {
+              driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(std::unique_ptr<Action>(a));
+            }
        }

        delete actions;