mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-11-16 17:41:52 +03:00
Adds new method for rule merge
IMPORTANT: SecDefaultAction specified on a child configuration will overwrite the ones specified on the parent; Previously it was concatenating.
This commit is contained in:
Felipe Zimmerle
@@ -58,24 +58,13 @@ RuleWithOperator::RuleWithOperator(Operator *op,
|
||||
std::unique_ptr<std::string> fileName,
|
||||
int lineNumber)
|
||||
: RuleWithActions(actions, transformations, std::move(fileName), lineNumber),
|
||||
m_variables(_variables),
|
||||
m_operator(op) { /* */ }
|
||||
m_variables(std::unique_ptr<variables::Variables>(_variables)),
|
||||
m_operator(std::unique_ptr<Operator>(op)) { /* */ }
|
||||
|
||||
|
||||
|
||||
|
||||
RuleWithOperator::~RuleWithOperator() {
|
||||
if (m_operator != NULL) {
|
||||
delete m_operator;
|
||||
}
|
||||
|
||||
while (m_variables != NULL && m_variables->empty() == false) {
|
||||
auto *a = m_variables->back();
|
||||
m_variables->pop_back();
|
||||
delete a;
|
||||
}
|
||||
|
||||
if (m_variables != NULL) {
|
||||
delete m_variables;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -101,7 +90,7 @@ void RuleWithOperator::cleanMatchedVars(Transaction *trans) {
|
||||
|
||||
|
||||
bool RuleWithOperator::executeOperatorAt(Transaction *trans, const std::string &key,
|
||||
std::string value, std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
std::string value) {
|
||||
#if MSC_EXEC_CLOCK_ENABLED
|
||||
clock_t begin = clock();
|
||||
clock_t end;
|
||||
@@ -113,7 +102,7 @@ bool RuleWithOperator::executeOperatorAt(Transaction *trans, const std::string &
|
||||
utils::string::toHexIfNeeded(value)) \
|
||||
+ "\" (Variable: " + key + ")");
|
||||
|
||||
ret = this->m_operator->evaluateInternal(trans, this, value, ruleMessage);
|
||||
ret = m_operator->evaluateInternal(trans, this, value, trans->messageGetLast());
|
||||
|
||||
if (ret == false) {
|
||||
return false;
|
||||
@@ -213,10 +202,9 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars,
|
||||
}
|
||||
|
||||
|
||||
bool RuleWithOperator::evaluate(Transaction *trans,
|
||||
std::shared_ptr<RuleMessage> ruleMessage) {
|
||||
bool RuleWithOperator::evaluate(Transaction *trans) {
|
||||
bool globalRet = false;
|
||||
variables::Variables *variables = this->m_variables;
|
||||
variables::Variables *variables = m_variables.get();
|
||||
bool recursiveGlobalRet;
|
||||
bool containsBlock = hasBlockAction();
|
||||
std::string eparam;
|
||||
@@ -224,8 +212,7 @@ bool RuleWithOperator::evaluate(Transaction *trans,
|
||||
vars.reserve(4);
|
||||
variables::Variables exclusion;
|
||||
|
||||
RuleWithActions::evaluate(trans, ruleMessage);
|
||||
|
||||
RuleWithActions::evaluate(trans);
|
||||
|
||||
// FIXME: Make a class runTimeException to handle this cases.
|
||||
for (auto &i : trans->m_ruleRemoveById) {
|
||||
@@ -311,21 +298,21 @@ bool RuleWithOperator::evaluate(Transaction *trans,
|
||||
bool ret;
|
||||
std::string valueAfterTrans = std::move(*valueTemp.first);
|
||||
|
||||
ret = executeOperatorAt(trans, key, valueAfterTrans, ruleMessage);
|
||||
ret = executeOperatorAt(trans, key, valueAfterTrans);
|
||||
|
||||
if (ret == true) {
|
||||
ruleMessage->m_match = m_operator->resolveMatchMessage(trans,
|
||||
trans->messageGetLast()->m_match = m_operator->resolveMatchMessage(trans,
|
||||
key, value);
|
||||
|
||||
for (auto &i : v->getOrigin()) {
|
||||
ruleMessage->m_reference.append(i->toText());
|
||||
trans->messageGetLast()->m_reference.append(i->toText());
|
||||
}
|
||||
|
||||
ruleMessage->m_reference.append(*valueTemp.second);
|
||||
trans->messageGetLast()->m_reference.append(*valueTemp.second);
|
||||
|
||||
updateMatchedVars(trans, key, valueAfterTrans);
|
||||
executeActionsIndependentOfChainedRuleResult(trans,
|
||||
&containsBlock, ruleMessage);
|
||||
|
||||
performLogging(trans, ruleMessage, false);
|
||||
&containsBlock);
|
||||
|
||||
globalRet = true;
|
||||
}
|
||||
@@ -344,7 +331,7 @@ bool RuleWithOperator::evaluate(Transaction *trans,
|
||||
}
|
||||
ms_dbg_a(trans, 4, "Rule returned 1.");
|
||||
|
||||
if (this->isChained() == false) {
|
||||
if (this->hasChainAction() == false) {
|
||||
goto end_exec;
|
||||
}
|
||||
|
||||
@@ -356,7 +343,7 @@ bool RuleWithOperator::evaluate(Transaction *trans,
|
||||
}
|
||||
|
||||
ms_dbg_a(trans, 4, "Executing chained rule.");
|
||||
recursiveGlobalRet = m_chainedRuleChild->evaluate(trans, ruleMessage);
|
||||
recursiveGlobalRet = m_chainedRuleChild->evaluate(trans);
|
||||
|
||||
if (recursiveGlobalRet == true) {
|
||||
goto end_exec;
|
||||
@@ -366,10 +353,21 @@ end_clean:
|
||||
return false;
|
||||
|
||||
end_exec:
|
||||
executeActionsAfterFullMatch(trans, containsBlock, ruleMessage);
|
||||
executeActionsAfterFullMatch(trans, containsBlock);
|
||||
|
||||
/* last rule in the chain. */
|
||||
performLogging(trans, ruleMessage, true, true);
|
||||
trans->logMatchLastRuleOnTheChain(this);
|
||||
|
||||
if (hasSeverityAction()) {
|
||||
ms_dbg_a(trans, 9, "This rule severity is: " + \
|
||||
std::to_string(getSeverity()) + " current transaction is: " + \
|
||||
std::to_string(trans->m_highestSeverityAction));
|
||||
|
||||
if (trans->m_highestSeverityAction > getSeverity()) {
|
||||
trans->m_highestSeverityAction = getSeverity();
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user