github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

cosmetic: Organization on the Action class

Browse Source
This commit is contained in:
Felipe Zimmerle 2019-05-02 20:31:15 -03:00
parent 1002058705
commit 156202d10c
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
191 changed files with 4518 additions and 3637 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

144
headers/modsecurity/actions/action.h
View File

@ -16,14 +16,9 @@
#ifdef __cplusplus
#include <string>
#include <iostream>
#include <memory>
#endif
#include "modsecurity/intervention.h"
#include "modsecurity/rule.h"
#ifndef HEADERS_MODSECURITY_ACTIONS_ACTION_H_
#define HEADERS_MODSECURITY_ACTIONS_ACTION_H_
@ -32,99 +27,68 @@
namespace modsecurity {
class Transaction;
class RuleWithActions;
class RunTimeString;
namespace actions {
class Action {
public:
explicit Action(const std::string& _action)
: m_actionKind(2),
m_name(nullptr),
m_parser_payload("") {
set_name_and_payload(_action);
}
Action()
: m_name(""),
m_parserPayload("")
{ }
explicit Action(const std::string& action)
: m_name(sort_name(action)),
m_parserPayload(sort_payload(action))
{ }
Action(const std::string& _action, int kind)
: m_actionKind(kind),
m_name(nullptr),
m_parser_payload("") {
set_name_and_payload(_action);
}
Action(const Action &a)
: m_actionKind(a.m_actionKind),
m_name(a.m_name),
m_parser_payload(a.m_parser_payload) { }
: m_name(a.m_name),
m_parserPayload(a.m_parserPayload)
{ }
Action &operator=(const Action& a) {
m_actionKind = a.m_actionKind;
m_name = a.m_name;
m_parser_payload = a.m_parser_payload;
m_parserPayload = a.m_parserPayload;
return *this;
}
virtual ~Action() { }
virtual bool init(std::string *error) { return true; }
virtual ~Action()
{ }
virtual std::string execute(const std::string &exp,
Transaction *transaction);
virtual bool execute(Transaction *transaction = nullptr);
/**
* This method is meant to be used by transformations a particular
* type of action.
*
*/
virtual void execute(Transaction *t,
ModSecString &in,
ModSecString &out) {
};
virtual bool init(std::string *error) {
return true;
}
virtual bool isDisruptive() { return false; }
/**
*
* Define the action kind regarding to the execution time.
*
*
*/
enum Kind {
/**
*
* Action that are executed while loading the configuration. For instance
* the rule ID or the rule phase.
*
*/
ConfigurationKind,
/**
*
* Those are actions that demands to be executed before call the operator.
* For instance the tranformations.
*
*
*/
RunTimeBeforeMatchAttemptKind,
/**
*
* Actions that are executed after the execution of the operator, only if
* the operator returned Match (or True). For instance the disruptive
* actions.
*
*/
RunTimeOnlyIfMatchKind,
};
virtual bool execute(Transaction *transaction = nullptr) noexcept {
return true;
}
virtual bool isDisruptive() {
return false;
}
const std::string *getName() {
return &m_name;
}
protected:
std::string m_parserPayload;
int m_actionKind;
std::shared_ptr<std::string> m_name;
std::string m_parser_payload;
private:
std::string m_name;
void set_name_and_payload(const std::string& data) {
static size_t get_payload_pos(const std::string& data) {
size_t pos = data.find(":");
std::string t = "t:";
@ -132,18 +96,34 @@ class Action {
pos = data.find(":", 2);
}
return pos;
}
static std::string sort_name(const std::string& data) {
size_t pos = get_payload_pos(data);
if (pos == std::string::npos) {
m_name = std::shared_ptr<std::string>(new std::string(data));
return;
return data;
}
m_name = std::shared_ptr<std::string>(new std::string(data, 0, pos));
m_parser_payload = std::string(data, pos + 1, data.length());
std::string ret(data, 0, pos);
return ret;
}
if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) {
m_parser_payload.erase(0, 1);
m_parser_payload.pop_back();
static std::string sort_payload(const std::string& data) {
size_t pos = get_payload_pos(data);
std::string ret("");
if (pos != std::string::npos) {
ret = std::string(data, pos + 1, data.length());
if (ret.at(0) == '\'' && ret.size() > 2) {
ret.erase(0, 1);
ret.pop_back();
}
}
return ret;
}
};

2
headers/modsecurity/audit_log.h
View File

@ -61,7 +61,7 @@ class AuditLog {
NativeAuditLogFormat
};
enum AuditLogParts {
enum AuditLogPartsEnum {
/**
* Audit log header (mandatory).
*

5
headers/modsecurity/rules_exceptions.h
View File

@ -37,6 +37,9 @@
namespace modsecurity {
namespace actions {
class Action;
namespace transformations {
class Transformation;
}
}
namespace variables {
class Variable;
@ -79,7 +82,7 @@ class RulesExceptions {
std::unordered_multimap<double,
std::shared_ptr<variables::Variable>> m_variable_update_target_by_id;
std::unordered_multimap<double,
std::shared_ptr<actions::Action>> m_action_pre_update_target_by_id;
std::shared_ptr<actions::transformations::Transformation>> m_action_transformation_update_target_by_id;
std::unordered_multimap<double,
std::shared_ptr<actions::Action>> m_action_pos_update_target_by_id;
std::list<std::string> m_remove_rule_by_msg;

10
headers/modsecurity/transaction.h
View File

@ -48,6 +48,8 @@ typedef struct Rules_t RulesSet;
#include "modsecurity/variable_value.h"
#include "modsecurity/collection/collection.h"
#include "modsecurity/variable_origin.h"
#include "modsecurity/actions/action.h"
#ifndef NO_LOGS
#define ms_dbg(b, c) \
@ -567,12 +569,12 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
int m_requestBodyAccess;
/**
* The list m_auditLogModifier contains modifications to the `auditlogs'
* for this specific request, those modifications can happens via the
* utilization of the action: `ctl:auditLogParts='
* m_auditLogParts contains auditlog parts for this specific request,
* it also holds the modifications can happens via the utilization of
* the action: `ctl:auditLogParts='
*
*/
std::list< std::pair<int, std::string> > m_auditLogModifier;
int m_auditLogParts;
/**
* Holds the request body, in case of any.

11
src/actions/accuracy.cc
View File

@ -13,16 +13,11 @@
*
*/
#include "src/actions/accuracy.h"
#include <iostream>
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/rule_with_actions.h"
namespace modsecurity {
namespace actions {
@ -30,9 +25,9 @@ namespace actions {
bool Accuracy::init(std::string *error) {
try {
m_accuracy = std::stoi(m_parser_payload);
m_accuracy = std::stoi(m_parserPayload);
} catch (...) {
error->assign("Accuracy: The input \"" + m_parser_payload + "\" is " \
error->assign("Accuracy: The input \"" + m_parserPayload + "\" is " \
"not a number.");
return false;
}

13
src/actions/accuracy.h
View File

@ -13,30 +13,29 @@
*
*/
#include <string>
#include "src/actions/action_type_configure.h"
#include "src/actions/action_type_rule_metadata.h"
#ifndef SRC_ACTIONS_ACCURACY_H_
#define SRC_ACTIONS_ACCURACY_H_
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class Accuracy : public ActionTypeConfigure {
class Accuracy : public ActionTypeRuleMetaData {
public:
explicit Accuracy(const std::string &action)
: ActionTypeConfigure(action),
explicit Accuracy(const std::string &action)
: Action(action),
m_accuracy(0) { }
bool init(std::string *error) override;
virtual void configure(RuleWithActions *rule) override {
void configure(RuleWithActions *rule) override {
rule->setAccuracy(m_accuracy);
}

36
src/actions/action.cc
View File

@ -15,46 +15,10 @@
#include "modsecurity/actions/action.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/utils/string.h"
#include "src/actions/block.h"
#include "src/actions/chain.h"
#include "src/actions/disruptive/deny.h"
#include "src/actions/disruptive/redirect.h"
#include "src/actions/data/status.h"
#include "src/actions/rule_id.h"
#include "src/actions/phase.h"
#include "src/actions/severity.h"
#include "src/actions/capture.h"
#include "src/actions/disruptive/pass.h"
#include "src/actions/log.h"
#include "src/actions/no_log.h"
#include "src/actions/no_audit_log.h"
#include "src/actions/multi_match.h"
#define IF_MATCH(a) \
if (op.compare(1, std::strlen(#a), #a) == 0)
namespace modsecurity {
namespace actions {
std::string Action::execute(const std::string &value,
Transaction *transaction) {
return value;
}
bool Action::execute(Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

34
src/actions/action_allowed_in_sec_default_action.h Normal file
View File

@ -0,0 +1,34 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "modsecurity/actions/action.h"
#ifndef SRC_ACTIONS_ACTION_ALLOWED_IN_SEC_DEFAULT_ACTION_H_
#define SRC_ACTIONS_ACTION_ALLOWED_IN_SEC_DEFAULT_ACTION_H_
namespace modsecurity {
namespace actions {
class ActionAllowedAsSecDefaultAction : public virtual Action {
public:
};
} // namespace actions
} // namespace modsecurity
#endif // SRC_ACTIONS_ACTION_ALLOWED_IN_SEC_DEFAULT_ACTION_H_

51
src/actions/action_type_rule_metadata.h Normal file
View File

@ -0,0 +1,51 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "modsecurity/actions/action.h"
#include "src/rule_with_actions.h"
#ifndef SRC_ACTIONS_ACTION_TYPE_CONFIGURE_H_
#define SRC_ACTIONS_ACTION_TYPE_CONFIGURE_H_
namespace modsecurity {
namespace actions {
class ActionTypeRuleMetaData : public virtual Action {
public:
/**
*
* Action that are executed while loading the configuration. For instance
* the rule ID or the rule phase.
*
*/
ActionTypeRuleMetaData()
: Action()
{ };
bool execute(Transaction *t) noexcept override {
return true;
}
virtual void configure(RuleWithActions *rule) = 0;
};
} // namespace actions
} // namespace modsecurity
#endif // SRC_ACTIONS_ACTION_TYPE_CONFIGURE_H_

43
src/actions/action_with_run_time_string.h
View File

@ -13,49 +13,32 @@
*
*/
#include <utility>
#include <memory>
#include <string>
#include "modsecurity/actions/action.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_ACTION_WITH_RUN_TIME_STRING_H_
#define SRC_ACTIONS_ACTION_WITH_RUN_TIME_STRING_H_
namespace modsecurity {
namespace actions {
class ActionWithRunTimeString : public Action {
class ActionWithRunTimeString : public virtual Action {
public:
ActionWithRunTimeString(
const std::string &name,
int king,
std::unique_ptr<RunTimeString> string)
: Action(name, king),
m_string(std::move(string))
{ };
ActionWithRunTimeString(const std::string &name,
std::unique_ptr<RunTimeString> string)
: Action(name),
m_string(std::move(string))
{ };
ActionWithRunTimeString(const std::string &name,
int king)
: Action(name, king),
m_string(nullptr)
{ };
ActionWithRunTimeString(const std::string &name)
: Action(name),
m_string(nullptr)
{ };
explicit ActionWithRunTimeString(std::unique_ptr<RunTimeString> string = nullptr)
: m_string(std::move(string))
{ }
ActionWithRunTimeString(const ActionWithRunTimeString &a)
: Action(a),
m_string(a.m_string?std::unique_ptr<RunTimeString>(new RunTimeString(*a.m_string.get())):nullptr)
{ };
: m_string(a.m_string?std::unique_ptr<RunTimeString>(new RunTimeString(*a.m_string.get())):nullptr)
{ }
ActionWithRunTimeString& operator=(const ActionWithRunTimeString& a)
{
ActionWithRunTimeString& operator=(const ActionWithRunTimeString& a) {
m_string = std::unique_ptr<RunTimeString>(new RunTimeString(*a.m_string.get()));
return *this;
}

7
src/actions/audit_log.cc
View File

@ -15,19 +15,16 @@
#include "src/actions/audit_log.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/transaction.h"
#include "modsecurity/rule_message.h"
#include "modsecurity/rules_set.h"
namespace modsecurity {
namespace actions {
bool AuditLog::execute(Transaction *transaction) {
bool AuditLog::execute(Transaction *transaction) noexcept {
transaction->messageSetNoAuditLog(false);
return true;
}

19
src/actions/audit_log.h
View File

@ -13,34 +13,29 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "src/actions/action_allowed_in_sec_default_action.h"
#ifndef SRC_ACTIONS_AUDIT_LOG_H_
#define SRC_ACTIONS_AUDIT_LOG_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class AuditLog : public Action {
class AuditLog : public ActionAllowedAsSecDefaultAction {
public:
explicit AuditLog(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
AuditLog()
: Action("auditLog")
{ }
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_AUDIT_LOG_H_

18
src/actions/block.cc
View File

@ -13,29 +13,13 @@
*
*/
#include "src/actions/block.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/rules_set.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/intervention.h"
#include "src/actions/data/status.h"
#include "src/rule_with_actions.h"
namespace modsecurity {
namespace actions {
bool Block::execute(Transaction *transaction) {
ms_dbg_a(transaction, 8, "Marking request as disruptive.");
return true;
}
} // namespace actions
} // namespace modsecurity

29
src/actions/block.h
View File

@ -13,34 +13,37 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/rule_message.h"
#include "src/actions/action_type_rule_metadata.h"
#include "src/actions/action_allowed_in_sec_default_action.h"
#ifndef SRC_ACTIONS_DISRUPTIVE_BLOCK_H_
#define SRC_ACTIONS_DISRUPTIVE_BLOCK_H_
#ifdef __cplusplus
class Transaction;
#ifndef SRC_ACTIONS_BLOCK_H_
#define SRC_ACTIONS_BLOCK_H_
namespace modsecurity {
class Transaction;
namespace actions {
class Block : public Action {
class Block : public ActionTypeRuleMetaData,
public ActionAllowedAsSecDefaultAction {
public:
explicit Block(const std::string &action) : Action(action) { }
Block()
: Action("block")
{ }
bool execute(Transaction *transaction) override;
void configure(RuleWithActions *rule) override {
rule->setHasBlockAction(true);
}
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_DISRUPTIVE_BLOCK_H_
#endif // SRC_ACTIONS_BLOCK_H_

18
src/actions/capture.cc
View File

@ -13,29 +13,13 @@
*
*/
#include "src/actions/capture.h"
#include <iostream>
#include <string>
#include <list>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/operators/operator.h"
#include "src/operators/pm.h"
#include "src/operators/rx.h"
#include "src/operators/contains.h"
#include "src/operators/detect_sqli.h"
namespace modsecurity {
namespace actions {
bool Capture::execute(Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

15
src/actions/capture.h
View File

@ -13,25 +13,28 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/action_type_rule_metadata.h"
#ifndef SRC_ACTIONS_CAPTURE_H_
#define SRC_ACTIONS_CAPTURE_H_
namespace modsecurity {
class RuleWithOperator;
namespace actions {
class Capture : public Action {
class Capture : public ActionTypeRuleMetaData {
public:
explicit Capture(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
Capture()
: Action("capture") { }
bool execute(Transaction *transaction) override;
void configure(RuleWithActions *rule) override {
rule->setHasCaptureAction(true);
}
};

8
src/actions/chain.cc
View File

@ -13,15 +13,9 @@
*
*/
#include "src/actions/chain.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/rule_with_actions.h"
namespace modsecurity {
namespace actions {

21
src/actions/chain.h
View File

@ -13,37 +13,34 @@
*
*/
#include <string>
#include "src/actions/action_type_configure.h"
#include "src/actions/action_type_rule_metadata.h"
#ifndef SRC_ACTIONS_CHAIN_H_
#define SRC_ACTIONS_CHAIN_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
class RuleWithOperator;
namespace actions {
class Chain : public ActionTypeConfigure {
class Chain : public ActionTypeRuleMetaData {
public:
explicit Chain(const std::string &action)
: ActionTypeConfigure(action)
{ };
Chain()
: Action("chain")
{ }
virtual void configure(RuleWithActions *rule) override {
void configure(RuleWithActions *rule) override {
rule->setHasChainAction(true);
}
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_CHAIN_H_

42
src/actions/ctl/audit_log_parts.cc
View File

@ -13,13 +13,20 @@
*
*/
#include "src/actions/ctl/audit_log_parts.h"
#include <iostream>
#include <string>
#include <utility>
#include "modsecurity/transaction.h"
#include "modsecurity/audit_log.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
namespace modsecurity {
namespace actions {
@ -27,20 +34,39 @@ namespace ctl {
bool AuditLogParts::init(std::string *error) {
std::string what(m_parser_payload, 14, 1);
mParts = std::string(m_parser_payload, 15, m_parser_payload.length()-15);
std::string what(m_parserPayload, 14, 1);
std::string parts_str(m_parserPayload, 15, m_parserPayload.length()-15);
if ((what != "-") && (what != "+")) {
error->assign("ctl:auditLogParts modificators expects add or " \
"remove (+/-) in front of the modificator. Got: " + what);
return false;
}
int flags = AuditLog::addParts(0, parts_str);
if (what == "+") {
mPartsAction = 0;
m_partsToModify = flags;
} else {
mPartsAction = 1;
m_partsToModify = -1 * flags;
}
return true;
}
bool AuditLogParts::execute(Transaction *transaction) {
transaction->m_auditLogModifier.push_back(
std::make_pair(mPartsAction, mParts));
bool AuditLogParts::execute(Transaction *transaction) noexcept {
ms_dbg_a(transaction, 7, "AuditLog parts before modification: " +
std::to_string(transaction->m_auditLogParts) + ".");
if (m_partsToModify < 0) {
transaction->m_auditLogParts = \
transaction->m_auditLogParts & ~(m_partsToModify * -1);
} else {
transaction->m_auditLogParts = \
transaction->m_auditLogParts | m_partsToModify;
}
return true;
}

18
src/actions/ctl/audit_log_parts.h
View File

@ -13,14 +13,17 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#ifndef SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_
#define SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -28,17 +31,17 @@ namespace ctl {
class AuditLogParts : public Action {
public:
explicit AuditLogParts(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind),
mPartsAction(0),
mParts("") { }
explicit AuditLogParts(const std::string &action)
: Action(action),
m_partsToModify(0)
{ }
bool execute(Transaction *transaction) override;
bool init(std::string *error) override;
bool execute(Transaction *transaction) noexcept override;
protected:
int mPartsAction;
std::string mParts;
int m_partsToModify;
};
@ -46,4 +49,5 @@ class AuditLogParts : public Action {
} // namespace actions
} // namespace modsecurity
#endif // SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_

22
src/actions/ctl/request_body_access.cc
View File

@ -13,40 +13,44 @@
*
*/
#include "src/actions/ctl/request_body_access.h"
#include <iostream>
#include <string>
#include "modsecurity/rules_set_properties.h"
#include "modsecurity/transaction.h"
namespace modsecurity {
namespace actions {
namespace ctl {
bool RequestBodyAccess::init(std::string *error) {
std::string what(m_parser_payload, 18, m_parser_payload.size() - 18);
std::string what(m_parserPayload, 18, m_parserPayload.size() - 18);
if (what == "true") {
m_request_body_access = true;
m_requestBodyAccess = true;
} else if (what == "false") {
m_request_body_access = false;
m_requestBodyAccess = false;
} else {
error->assign("Internal error. Expected: true or false, got: " \
+ m_parser_payload);
+ m_parserPayload);
return false;
}
return true;
}
bool RequestBodyAccess::execute(Transaction *transaction) {
if (m_request_body_access) {
transaction->m_requestBodyAccess = RulesSetProperties::TrueConfigBoolean;
bool RequestBodyAccess::execute(Transaction *transaction) noexcept {
if (m_requestBodyAccess) {
transaction->m_requestBodyAccess =
RulesSetProperties::TrueConfigBoolean;
} else {
transaction->m_requestBodyAccess = RulesSetProperties::FalseConfigBoolean;
transaction->m_requestBodyAccess =
RulesSetProperties::FalseConfigBoolean;
}
return true;

16
src/actions/ctl/request_body_access.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
@ -22,6 +23,7 @@
#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_
#define SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -29,14 +31,17 @@ namespace ctl {
class RequestBodyAccess : public Action {
public:
explicit RequestBodyAccess(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind),
m_request_body_access(false) { }
explicit RequestBodyAccess(const std::string &action)
: Action(action),
m_requestBodyAccess(false)
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool m_request_body_access;
bool execute(Transaction *transaction) noexcept override;
private:
bool m_requestBodyAccess;
};
@ -44,4 +49,5 @@ class RequestBodyAccess : public Action {
} // namespace actions
} // namespace modsecurity
#endif // SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_

5
src/actions/ctl/request_body_processor_json.cc
View File

@ -13,19 +13,20 @@
*
*/
#include "src/actions/ctl/request_body_processor_json.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
namespace modsecurity {
namespace actions {
namespace ctl {
bool RequestBodyProcessorJSON::execute(Transaction *transaction) {
bool RequestBodyProcessorJSON::execute(Transaction *transaction) noexcept {
transaction->m_requestBodyProcessor = Transaction::JSONRequestBody;
transaction->m_variableReqbodyProcessor.set("JSON",
transaction->m_variableOffset);

10
src/actions/ctl/request_body_processor_json.h
View File

@ -13,14 +13,17 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_JSON_H_
#define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_JSON_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -28,10 +31,11 @@ namespace ctl {
class RequestBodyProcessorJSON : public Action {
public:
explicit RequestBodyProcessorJSON(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
explicit RequestBodyProcessorJSON(const std::string &action)
: Action(action)
{ }
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
};

6
src/actions/ctl/request_body_processor_urlencoded.cc
View File

@ -13,19 +13,21 @@
*
*/
#include "src/actions/ctl/request_body_processor_urlencoded.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
namespace modsecurity {
namespace actions {
namespace ctl {
bool RequestBodyProcessorURLENCODED::execute(Transaction *transaction) {
bool RequestBodyProcessorURLENCODED::execute(
Transaction *transaction) noexcept {
transaction->m_requestBodyType = Transaction::WWWFormUrlEncoded;
transaction->m_variableReqbodyProcessor.set("URLENCODED",
transaction->m_variableOffset);

10
src/actions/ctl/request_body_processor_urlencoded.h
View File

@ -13,14 +13,17 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_URLENCODED_H_
#define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_URLENCODED_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -28,10 +31,11 @@ namespace ctl {
class RequestBodyProcessorURLENCODED : public Action {
public:
explicit RequestBodyProcessorURLENCODED(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
explicit RequestBodyProcessorURLENCODED(const std::string &action)
: Action(action)
{ }
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
};

5
src/actions/ctl/request_body_processor_xml.cc
View File

@ -13,19 +13,20 @@
*
*/
#include "src/actions/ctl/request_body_processor_xml.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
namespace modsecurity {
namespace actions {
namespace ctl {
bool RequestBodyProcessorXML::execute(Transaction *transaction) {
bool RequestBodyProcessorXML::execute(Transaction *transaction) noexcept {
transaction->m_requestBodyProcessor = Transaction::XMLRequestBody;
transaction->m_variableReqbodyProcessor.set("XML",
transaction->m_variableOffset);

10
src/actions/ctl/request_body_processor_xml.h
View File

@ -13,14 +13,17 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_XML_H_
#define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_XML_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -28,10 +31,11 @@ namespace ctl {
class RequestBodyProcessorXML : public Action {
public:
explicit RequestBodyProcessorXML(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
explicit RequestBodyProcessorXML(const std::string &action)
: Action(action)
{ }
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
};

10
src/actions/ctl/rule_engine.cc
View File

@ -13,22 +13,23 @@
*
*/
#include "src/actions/ctl/rule_engine.h"
#include <iostream>
#include <string>
#include "modsecurity/rules_set_properties.h"
#include "modsecurity/rules_set.h"
#include "modsecurity/transaction.h"
namespace modsecurity {
namespace actions {
namespace ctl {
bool RuleEngine::init(std::string *error) {
std::string what(m_parser_payload, 11, m_parser_payload.size() - 11);
std::string what(m_parserPayload, 11, m_parserPayload.size() - 11);
if (what == "on") {
m_ruleEngine = RulesSetProperties::EnabledRuleEngine;
@ -38,14 +39,15 @@ bool RuleEngine::init(std::string *error) {
m_ruleEngine = RulesSetProperties::DetectionOnlyRuleEngine;
} else {
error->assign("Internal error. Expected: On, Off or DetectionOnly; " \
"got: " + m_parser_payload);
"got: " + m_parserPayload);
return false;
}
return true;
}
bool RuleEngine::execute(Transaction *transaction) {
bool RuleEngine::execute(Transaction *transaction) noexcept {
std::stringstream a;
a << "Setting SecRuleEngine to ";
a << modsecurity::RulesSetProperties::ruleEngineStateString(m_ruleEngine);

14
src/actions/ctl/rule_engine.h
View File

@ -13,16 +13,17 @@
*
*/
#include <string>
#include "modsecurity/rules_set_properties.h"
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#ifndef SRC_ACTIONS_CTL_RULE_ENGINE_H_
#define SRC_ACTIONS_CTL_RULE_ENGINE_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -30,13 +31,16 @@ namespace ctl {
class RuleEngine : public Action {
public:
explicit RuleEngine(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind),
m_ruleEngine(RulesSetProperties::PropertyNotSetRuleEngine) { }
explicit RuleEngine(const std::string &action)
: Action(action),
m_ruleEngine(RulesSetProperties::PropertyNotSetRuleEngine)
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
private:
RulesSetProperties::RuleEngine m_ruleEngine;
};

11
src/actions/ctl/rule_remove_by_id.cc
View File

@ -13,21 +13,25 @@
*
*/
#include "src/actions/ctl/rule_remove_by_id.h"
#include <iostream>
#include <string>
#include <utility>
#include <vector>
#include "modsecurity/transaction.h"
#include "src/utils/string.h"
namespace modsecurity {
namespace actions {
namespace ctl {
bool RuleRemoveById::init(std::string *error) {
std::string what(m_parser_payload, 15, m_parser_payload.size() - 15);
std::string what(m_parserPayload, 15, m_parserPayload.size() - 15);
bool added = false;
std::vector<std::string> toRemove = utils::string::ssplit(what, ' ');
for (std::string &a : toRemove) {
@ -83,7 +87,8 @@ bool RuleRemoveById::init(std::string *error) {
return false;
}
bool RuleRemoveById::execute(Transaction *transaction) {
bool RuleRemoveById::execute(Transaction *transaction) noexcept {
for (auto &i : m_ids) {
transaction->m_ruleRemoveById.push_back(i);
}

13
src/actions/ctl/rule_remove_by_id.h
View File

@ -13,7 +13,10 @@
*
*/
#include <string>
#include <utility>
#include <list>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
@ -22,6 +25,7 @@
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_
#define SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -29,12 +33,15 @@ namespace ctl {
class RuleRemoveById : public Action {
public:
explicit RuleRemoveById(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
explicit RuleRemoveById(const std::string &action)
: Action(action)
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
private:
std::list<std::pair<int, int> > m_ranges;
std::list<int> m_ids;
};

8
src/actions/ctl/rule_remove_by_tag.cc
View File

@ -13,26 +13,28 @@
*
*/
#include "src/actions/ctl/rule_remove_by_tag.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
namespace modsecurity {
namespace actions {
namespace ctl {
bool RuleRemoveByTag::init(std::string *error) {
std::string what(m_parser_payload, 16, m_parser_payload.size() - 16);
std::string what(m_parserPayload, 16, m_parserPayload.size() - 16);
m_tag = what;
return true;
}
bool RuleRemoveByTag::execute(Transaction *transaction) {
bool RuleRemoveByTag::execute(Transaction *transaction) noexcept {
transaction->m_ruleRemoveByTag.push_back(m_tag);
return true;
}

13
src/actions/ctl/rule_remove_by_tag.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
@ -22,6 +23,7 @@
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_BY_TAG_H_
#define SRC_ACTIONS_CTL_RULE_REMOVE_BY_TAG_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -29,13 +31,16 @@ namespace ctl {
class RuleRemoveByTag : public Action {
public:
explicit RuleRemoveByTag(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind),
m_tag("") { }
explicit RuleRemoveByTag(const std::string &action)
: Action(action),
m_tag("")
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
private:
std::string m_tag;
};

8
src/actions/ctl/rule_remove_target_by_id.cc
View File

@ -13,14 +13,15 @@
*
*/
#include "src/actions/ctl/rule_remove_target_by_id.h"
#include <iostream>
#include <string>
#include <vector>
#include <utility>
#include "modsecurity/transaction.h"
#include "src/utils/string.h"
@ -30,7 +31,7 @@ namespace ctl {
bool RuleRemoveTargetById::init(std::string *error) {
std::string what(m_parser_payload, 21, m_parser_payload.size() - 21);
std::string what(m_parserPayload, 21, m_parserPayload.size() - 21);
std::vector<std::string> param = utils::string::split(what, ';');
if (param.size() < 2) {
@ -51,7 +52,8 @@ bool RuleRemoveTargetById::init(std::string *error) {
return true;
}
bool RuleRemoveTargetById::execute(Transaction *transaction) {
bool RuleRemoveTargetById::execute(Transaction *transaction) noexcept {
transaction->m_ruleRemoveTargetById.push_back(
std::make_pair(m_id, m_target));
return true;

13
src/actions/ctl/rule_remove_target_by_id.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
@ -22,6 +23,7 @@
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_
#define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -29,14 +31,17 @@ namespace ctl {
class RuleRemoveTargetById : public Action {
public:
explicit RuleRemoveTargetById(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind),
explicit RuleRemoveTargetById(const std::string &action)
: Action(action),
m_id(0),
m_target("") { }
m_target("")
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
private:
int m_id;
std::string m_target;
};

8
src/actions/ctl/rule_remove_target_by_tag.cc
View File

@ -13,14 +13,15 @@
*
*/
#include "src/actions/ctl/rule_remove_target_by_tag.h"
#include <iostream>
#include <string>
#include <vector>
#include <utility>
#include "modsecurity/transaction.h"
#include "src/utils/string.h"
@ -30,7 +31,7 @@ namespace ctl {
bool RuleRemoveTargetByTag::init(std::string *error) {
std::string what(m_parser_payload, 22, m_parser_payload.size() - 22);
std::string what(m_parserPayload, 22, m_parserPayload.size() - 22);
std::vector<std::string> param = utils::string::split(what, ';');
if (param.size() < 2) {
@ -44,7 +45,8 @@ bool RuleRemoveTargetByTag::init(std::string *error) {
return true;
}
bool RuleRemoveTargetByTag::execute(Transaction *transaction) {
bool RuleRemoveTargetByTag::execute(Transaction *transaction) noexcept {
transaction->m_ruleRemoveTargetByTag.push_back(
std::make_pair(m_tag, m_target));
return true;

12
src/actions/ctl/rule_remove_target_by_tag.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
@ -22,6 +23,7 @@
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_
#define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_
namespace modsecurity {
namespace actions {
namespace ctl {
@ -29,12 +31,15 @@ namespace ctl {
class RuleRemoveTargetByTag : public Action {
public:
explicit RuleRemoveTargetByTag(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
explicit RuleRemoveTargetByTag(const std::string &action)
: Action(action)
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
private:
std::string m_tag;
std::string m_target;
};
@ -44,4 +49,5 @@ class RuleRemoveTargetByTag : public Action {
} // namespace actions
} // namespace modsecurity
#endif // SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_

10
src/actions/data/status.cc
View File

@ -13,11 +13,10 @@
*
*/
#include "src/actions/data/status.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/transaction.h"
@ -26,11 +25,12 @@ namespace modsecurity {
namespace actions {
namespace data {
bool Status::init(std::string *error) {
try {
m_status = std::stoi(m_parser_payload);
m_status = std::stoi(m_parserPayload);
} catch (...) {
error->assign("Not a valid number: " + m_parser_payload);
error->assign("Not a valid number: " + m_parserPayload);
return false;
}
@ -38,7 +38,7 @@ bool Status::init(std::string *error) {
}
bool Status::execute(Transaction *transaction) {
bool Status::execute(Transaction *transaction) noexcept {
transaction->m_it.status = m_status;
return true;
}

24
src/actions/data/status.h
View File

@ -13,32 +13,36 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/rule_message.h"
#include "modsecurity/transaction.h"
#include "src/actions/action_allowed_in_sec_default_action.h"
#ifndef SRC_ACTIONS_DATA_STATUS_H_
#define SRC_ACTIONS_DATA_STATUS_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
namespace data {
class Status : public Action {
class Status : public ActionAllowedAsSecDefaultAction {
public:
explicit Status(const std::string &action) : Action(action, 2),
m_status(0) { }
explicit Status(const std::string &action)
: Action(action),
m_status(0)
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
private:
int m_status;
};
@ -46,6 +50,6 @@ class Status : public Action {
} // namespace data
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_DATA_STATUS_H_

15
src/actions/disruptive/allow.cc
View File

@ -13,16 +13,19 @@
*
*/
#include "src/actions/disruptive/allow.h"
#include <iostream>
#include <string>
#include "modsecurity/rules_set.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
#include "src/utils/string.h"
#include "modsecurity/modsecurity.h"
namespace modsecurity {
@ -31,7 +34,7 @@ namespace disruptive {
bool Allow::init(std::string *error) {
std::string a = utils::string::tolower(m_parser_payload);
std::string a = utils::string::tolower(m_parserPayload);
if (a == "phase") {
m_allowType = PhaseAllowType;
@ -49,7 +52,7 @@ bool Allow::init(std::string *error) {
}
bool Allow::execute(Transaction *transaction) {
bool Allow::execute(Transaction *transaction) noexcept {
ms_dbg_a(transaction, 4, "Dropping the evaluation of upcoming rules " \
"in favor of an `allow' action of type: " \
+ allowTypeToName(m_allowType));

27
src/actions/disruptive/allow.h
View File

@ -13,20 +13,20 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "src/actions/disruptive/disruptive_action.h"
#ifndef SRC_ACTIONS_DISRUPTIVE_ALLOW_H_
#define SRC_ACTIONS_DISRUPTIVE_ALLOW_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
class RuleWithOperator;
namespace actions {
namespace disruptive {
@ -51,17 +51,18 @@ enum AllowType : int {
};
class Allow : public Action {
class Allow : public ActionDisruptive {
public:
explicit Allow(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind),
m_allowType(NoneAllowType) { }
explicit Allow(const std::string &action)
: Action(action),
m_allowType(NoneAllowType)
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool isDisruptive() override { return true; }
bool execute(Transaction *transaction) noexcept override;
private:
AllowType m_allowType;
static std::string allowTypeToName(AllowType a) {
@ -83,6 +84,6 @@ class Allow : public Action {
} // namespace disruptive
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_DISRUPTIVE_ALLOW_H_

19
src/actions/disruptive/deny.cc
View File

@ -13,22 +13,26 @@
*
*/
#include "src/actions/disruptive/deny.h"
#include <string.h>
#include <iostream>
#include <string>
#include <cstring>
#include <memory>
#include "modsecurity/transaction.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
#include "modsecurity/rule_message.h"
namespace modsecurity {
namespace actions {
namespace disruptive {
bool Deny::execute(Transaction *transaction) {
bool Deny::execute(Transaction *transaction) noexcept {
ms_dbg_a(transaction, 8, "Running action deny");
if (transaction->m_it.status == 200) {
@ -37,9 +41,10 @@ bool Deny::execute(Transaction *transaction) {
transaction->m_it.disruptive = true;
intervention::freeLog(&transaction->m_it);
//transaction->messageGetLast()->setRule(rule);
transaction->m_it.log = strdup(
transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
transaction->messageGetLast()->log(
RuleMessage::LogMessageInfo::ClientLogMessageInfo)
.c_str());
return true;
}

20
src/actions/disruptive/deny.h
View File

@ -13,28 +13,31 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/rules_set.h"
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule_message.h"
#include "src/actions/disruptive/disruptive_action.h"
#ifndef SRC_ACTIONS_DISRUPTIVE_DENY_H_
#define SRC_ACTIONS_DISRUPTIVE_DENY_H_
namespace modsecurity {
namespace actions {
namespace disruptive {
class Deny : public Action {
class Deny : public ActionDisruptive {
public:
explicit Deny(const std::string &action) : Action(action) { }
Deny()
: Action("deny")
{ }
bool execute(Transaction *transaction) override;
bool isDisruptive() override { return true; }
bool execute(Transaction *transaction) noexcept override;
};
@ -42,4 +45,5 @@ class Deny : public Action {
} // namespace actions
} // namespace modsecurity
#endif // SRC_ACTIONS_DISRUPTIVE_DENY_H_

45
src/actions/disruptive/disruptive_action.h Normal file
View File

@ -0,0 +1,45 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/action_allowed_in_sec_default_action.h"
#ifndef SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_
#define SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_
namespace modsecurity {
namespace actions {
namespace disruptive {
class ActionDisruptive : public ActionAllowedAsSecDefaultAction {
public:
bool isDisruptive() override {
return true;
}
};
} // namespace disruptive
} // namespace actions
} // namespace modsecurity
#endif // SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_

24
src/actions/disruptive/drop.cc
View File

@ -13,26 +13,26 @@
*
*/
#include "src/actions/disruptive/drop.h"
#include <string.h>
#include <iostream>
#include <string>
#include <cstring>
#include <memory>
#include "modsecurity/rules_set.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/utils/string.h"
#include "modsecurity/modsecurity.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
#include "modsecurity/rule_message.h"
namespace modsecurity {
namespace actions {
namespace disruptive {
bool Drop::execute(Transaction *transaction) {
bool Drop::execute(Transaction *transaction) noexcept {
ms_dbg_a(transaction, 8, "Running action drop " \
"[executing deny instead of drop.]");
@ -42,9 +42,11 @@ bool Drop::execute(Transaction *transaction) {
transaction->m_it.disruptive = true;
intervention::freeLog(&transaction->m_it);
//transaction->messageGetLast()->setRule(rule);
transaction->m_it.log = strdup(
transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
transaction->messageGetLast()->log(
RuleMessage::LogMessageInfo::ClientLogMessageInfo)
.c_str());
return true;
}

16
src/actions/disruptive/drop.h
View File

@ -13,27 +13,31 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule_message.h"
#include "src/actions/disruptive/disruptive_action.h"
#ifndef SRC_ACTIONS_DISRUPTIVE_DROP_H_
#define SRC_ACTIONS_DISRUPTIVE_DROP_H_
namespace modsecurity {
namespace actions {
namespace disruptive {
class Drop : public Action {
class Drop : public ActionDisruptive {
public:
explicit Drop(const std::string &action) : Action(action) { }
Drop()
: Action("drop")
{ }
bool execute(Transaction *transaction) override;
bool isDisruptive() override { return true; }
bool execute(Transaction *transaction) noexcept override;
};

14
src/actions/disruptive/pass.cc
View File

@ -13,23 +13,25 @@
*
*/
#include "src/actions/disruptive/pass.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/rules_set.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
namespace modsecurity {
namespace actions {
namespace disruptive {
bool Pass::execute(Transaction *transaction) {
bool Pass::execute(Transaction *transaction) noexcept {
intervention::free(&transaction->m_it);
intervention::reset(&transaction->m_it);

15
src/actions/disruptive/pass.h
View File

@ -13,26 +13,31 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "src/actions/disruptive/disruptive_action.h"
#ifndef SRC_ACTIONS_DISRUPTIVE_PASS_H_
#define SRC_ACTIONS_DISRUPTIVE_PASS_H_
namespace modsecurity {
namespace actions {
namespace disruptive {
class Pass : public Action {
class Pass : public ActionDisruptive {
public:
explicit Pass(const std::string &action) : Action(action) { }
Pass()
: Action("pass")
{ }
bool execute(Transaction *transaction) override;
bool isDisruptive() override { return true; }
bool execute(Transaction *transaction) noexcept override;
};

27
src/actions/disruptive/redirect.cc
View File

@ -13,32 +13,31 @@
*
*/
#include "src/actions/disruptive/redirect.h"
#include <string.h>
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/transaction.h"
#include "src/utils/string.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
#include "modsecurity/rule_message.h"
namespace modsecurity {
namespace actions {
namespace disruptive {
bool Redirect::init(std::string *error) {
m_status = 302;
return true;
}
bool Redirect::execute(Transaction *transaction) {
bool Redirect::execute(Transaction *transaction) noexcept {
std::string m_urlExpanded(getEvaluatedRunTimeString(transaction));
/* if it was changed before, lets keep it. */
if (transaction->m_it.status == 200
|| (!(transaction->m_it.status <= 307 && transaction->m_it.status >= 301))) {
|| (!(transaction->m_it.status <= 307
&& transaction->m_it.status >= 301))) {
transaction->m_it.status = m_status;
}
@ -48,7 +47,9 @@ bool Redirect::execute(Transaction *transaction) {
intervention::freeLog(&transaction->m_it);
transaction->m_it.log = strdup(
transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
transaction->messageGetLast()->log(
RuleMessage::LogMessageInfo::ClientLogMessageInfo)
.c_str());
return true;
}

36
src/actions/disruptive/redirect.h
View File

@ -13,49 +13,49 @@
*
*/
#include <string>
#include <memory>
#include <utility>
#include "modsecurity/actions/action.h"
#include "modsecurity/rule_message.h"
#include "modsecurity/transaction.h"
#include "src/actions/action_with_run_time_string.h"
#include "src/actions/disruptive/disruptive_action.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_
#define SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
namespace disruptive {
class Redirect : public ActionWithRunTimeString {
class Redirect : public ActionWithRunTimeString, public ActionDisruptive {
public:
explicit Redirect(std::unique_ptr<RunTimeString> runTimeString)
: ActionWithRunTimeString(
"redirert",
RunTimeOnlyIfMatchKind,
std::move(runTimeString)),
m_status(0)
{ };
: ActionWithRunTimeString(std::move(runTimeString)),
Action("redirect"),
m_status(302)
{ }
explicit Redirect(const Redirect &action)
: ActionWithRunTimeString(action),
ActionDisruptive(action),
Action(action),
m_status(action.m_status)
{ };
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
bool isDisruptive() override { return true; }
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new Redirect(*this);
}
@ -67,6 +67,6 @@ class Redirect : public ActionWithRunTimeString {
} // namespace disruptive
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_

15
src/actions/exec.cc
View File

@ -13,15 +13,18 @@
*
*/
#include "src/actions/exec.h"
#include <iostream>
#include <string>
#include "modsecurity/rules_set.h"
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
#include "src/utils/system.h"
#include "src/engine/lua.h"
@ -33,7 +36,7 @@ namespace actions {
bool Exec::init(std::string *error) {
std::string err;
m_script = utils::find_resource(m_parser_payload, "", &err);
m_script = utils::find_resource(m_parserPayload, "", &err);
if (m_script.size() == 0) {
error->assign("exec: Script not found: " + err);
@ -49,7 +52,7 @@ bool Exec::init(std::string *error) {
}
bool Exec::execute(Transaction *t) {
bool Exec::execute(Transaction *t) noexcept {
ms_dbg_a(t, 8, "Running script... " + m_script);
m_lua.run(t);
return true;

10
src/actions/exec.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
@ -21,22 +22,21 @@
#ifndef SRC_ACTIONS_EXEC_H_
#define SRC_ACTIONS_EXEC_H_
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class Exec : public Action {
public:
explicit Exec(const std::string &action)
explicit Exec(const std::string &action)
: Action(action),
m_script("") { }
m_script("")
{ }
~Exec() { }
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
bool init(std::string *error) override;
private:

17
src/actions/init_col.cc
View File

@ -13,14 +13,17 @@
*
*/
#include "src/actions/init_col.h"
#include <iostream>
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
namespace modsecurity {
@ -28,9 +31,9 @@ namespace actions {
bool InitCol::init(std::string *error) {
int posEquals = m_parser_payload.find("=");
int posEquals = m_parserPayload.find("=");
if (m_parser_payload.size() < 2) {
if (m_parserPayload.size() < 2) {
error->assign("Something wrong with initcol format: too small");
return false;
}
@ -40,7 +43,7 @@ bool InitCol::init(std::string *error) {
return false;
}
m_collection_key = std::string(m_parser_payload, 0, posEquals);
m_collection_key = std::string(m_parserPayload, 0, posEquals);
if (m_collection_key != "ip" &&
m_collection_key != "global" &&
@ -54,7 +57,7 @@ bool InitCol::init(std::string *error) {
}
bool InitCol::execute(Transaction *t) {
bool InitCol::execute(Transaction *t) noexcept {
std::string collectionName(getEvaluatedRunTimeString(t));
if (m_collection_key == "ip") {

18
src/actions/init_col.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include <utility>
#include <memory>
@ -33,23 +34,22 @@ class InitCol : public ActionWithRunTimeString {
public:
InitCol(
const std::string &action,
std::unique_ptr<RunTimeString> runTimeString
) : ActionWithRunTimeString(
action,
std::move(runTimeString)
)
{ };
std::unique_ptr<RunTimeString> runTimeString)
: ActionWithRunTimeString(std::move(runTimeString)),
Action(action)
{ }
InitCol(const InitCol &action)
: ActionWithRunTimeString(action),
Action(action),
m_collection_key(action.m_collection_key)
{ };
{ }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new InitCol(*this);
}

14
src/actions/log.cc
View File

@ -13,25 +13,13 @@
*
*/
#include "src/actions/log.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "src/operators/operator.h"
#include "modsecurity/rule_message.h"
namespace modsecurity {
namespace actions {
bool Log::execute(Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

23
src/actions/log.h
View File

@ -13,29 +13,36 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "src/actions/action_allowed_in_sec_default_action.h"
#include "src/actions/action_type_rule_metadata.h"
#include "src/rule_with_actions.h"
#ifndef SRC_ACTIONS_LOG_H_
#define SRC_ACTIONS_LOG_H_
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class Log : public Action {
class Log : public ActionTypeRuleMetaData,
public ActionAllowedAsSecDefaultAction {
public:
explicit Log(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
Log()
: Action("log")
{ }
void configure(RuleWithActions *rule) override {
rule->setHasLogAction(true);
}
bool execute(Transaction *transaction) override;
};
} // namespace actions
} // namespace modsecurity

12
src/actions/log_data.cc
View File

@ -13,25 +13,21 @@
*
*/
#include "src/actions/log_data.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
namespace modsecurity {
namespace actions {
bool LogData::execute(Transaction *transaction) {
transaction->messageGetLast()->m_data = getEvaluatedRunTimeString(transaction);
bool LogData::execute(Transaction *transaction) noexcept {
transaction->messageGetLast()->m_data =
getEvaluatedRunTimeString(transaction);
return true;
}

27
src/actions/log_data.h
View File

@ -13,42 +13,39 @@
*
*/
#include <string>
#include <memory>
#include <utility>
#include "modsecurity/actions/action.h"
#include "src/actions/action_with_run_time_string.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_LOG_DATA_H_
#define SRC_ACTIONS_LOG_DATA_H_
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class LogData : public ActionWithRunTimeString {
public:
explicit LogData(std::unique_ptr<RunTimeString> runTimeString)
: ActionWithRunTimeString(
"logdata",
RunTimeOnlyIfMatchKind,
std::move(runTimeString)
)
{ };
: ActionWithRunTimeString(std::move(runTimeString)),
Action("logdata")
{ }
explicit LogData(const LogData &data)
: ActionWithRunTimeString(data)
{ };
: ActionWithRunTimeString(data),
Action(data)
{ }
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new LogData(*this);
}
};

11
src/actions/maturity.cc
View File

@ -13,16 +13,11 @@
*
*/
#include "src/actions/maturity.h"
#include <iostream>
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/rule_with_actions.h"
namespace modsecurity {
namespace actions {
@ -30,9 +25,9 @@ namespace actions {
bool Maturity::init(std::string *error) {
try {
m_maturity = std::stoi(m_parser_payload);
m_maturity = std::stoi(m_parserPayload);
} catch (...) {
error->assign("Maturity: The input \"" + m_parser_payload + "\" is " \
error->assign("Maturity: The input \"" + m_parserPayload + "\" is " \
"not a number.");
return false;
}

11
src/actions/maturity.h
View File

@ -13,9 +13,10 @@
*
*/
#include <string>
#include "src/actions/action_type_configure.h"
#include "src/actions/action_type_rule_metadata.h"
#ifndef SRC_ACTIONS_MATURITY_H_
@ -28,15 +29,15 @@ class Transaction;
namespace actions {
class Maturity : public ActionTypeConfigure {
class Maturity : public ActionTypeRuleMetaData {
public:
explicit Maturity(const std::string &action)
: ActionTypeConfigure(action),
explicit Maturity(const std::string &action)
: Action(action),
m_maturity(0) { }
bool init(std::string *error) override;
virtual void configure(RuleWithActions *rule) override {
void configure(RuleWithActions *rule) override {
rule->setMaturity(m_maturity);
}

15
src/actions/msg.cc
View File

@ -13,16 +13,19 @@
*
*/
#include "src/actions/msg.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
#include "src/run_time_string.h"
/*
* Description: Assigns a custom message to the rule or chain in which it
@ -46,7 +49,7 @@ namespace modsecurity {
namespace actions {
bool Msg::execute(Transaction *transaction) {
bool Msg::execute(Transaction *transaction) noexcept {
std::string msg = getEvaluatedRunTimeString(transaction);
transaction->messageGetLast()->m_message = msg;
ms_dbg_a(transaction, 9, "Saving msg: " + msg);

15
src/actions/msg.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include <memory>
#include <utility>
@ -34,20 +35,18 @@ namespace actions {
class Msg : public ActionWithRunTimeString {
public:
explicit Msg(std::unique_ptr<RunTimeString> runTimeString)
: ActionWithRunTimeString(
"msg",
RunTimeOnlyIfMatchKind,
std::move(runTimeString)
)
: ActionWithRunTimeString(std::move(runTimeString)),
Action("msg")
{ };
explicit Msg(const Msg &action)
: ActionWithRunTimeString(action)
: ActionWithRunTimeString(action),
Action(action)
{ };
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new Msg(*this);
}
};

11
src/actions/multi_match.cc
View File

@ -13,22 +13,13 @@
*
*/
#include "src/actions/multi_match.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
namespace modsecurity {
namespace actions {
bool MultiMatch::execute(Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

25
src/actions/multi_match.h
View File

@ -13,33 +13,34 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/action_type_rule_metadata.h"
#ifndef SRC_ACTIONS_MULTI_MATCH_H_
#define SRC_ACTIONS_MULTI_MATCH_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
class RuleWithOperator;
namespace actions {
class MultiMatch : public Action {
class MultiMatch : public ActionTypeRuleMetaData {
public:
explicit MultiMatch(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
MultiMatch()
: Action("multiMatch")
{ }
bool execute(Transaction *transaction) override;
void configure(RuleWithActions *rule) override {
rule->setHasMultimatchAction(true);
}
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_MULTI_MATCH_H_

9
src/actions/no_audit_log.cc
View File

@ -13,20 +13,17 @@
*
*/
#include "src/actions/no_audit_log.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
namespace modsecurity {
namespace actions {
bool NoAuditLog::execute(Transaction *transaction) {
bool NoAuditLog::execute(Transaction *transaction) noexcept {
transaction->messageSetNoAuditLog(true);
return true;
}

21
src/actions/no_audit_log.h
View File

@ -13,33 +13,32 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "src/actions/action_allowed_in_sec_default_action.h"
#ifndef SRC_ACTIONS_NO_AUDIT_LOG_H_
#define SRC_ACTIONS_NO_AUDIT_LOG_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class NoAuditLog : public Action {
class NoAuditLog : public ActionAllowedAsSecDefaultAction {
public:
explicit NoAuditLog(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
NoAuditLog()
: Action("noAuditLog")
{ }
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_NO_AUDIT_LOG_H_

15
src/actions/no_log.cc
View File

@ -13,26 +13,13 @@
*
*/
#include "src/actions/no_log.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "src/operators/operator.h"
#include "modsecurity/rule_message.h"
namespace modsecurity {
namespace actions {
bool NoLog::execute(Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

21
src/actions/no_log.h
View File

@ -13,29 +13,34 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "src/actions/action_type_rule_metadata.h"
#include "src/actions/action_allowed_in_sec_default_action.h"
#ifndef SRC_ACTIONS_NO_LOG_H_
#define SRC_ACTIONS_NO_LOG_H_
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class NoLog : public Action {
class NoLog : public ActionTypeRuleMetaData,
public ActionAllowedAsSecDefaultAction {
public:
explicit NoLog(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
NoLog()
: Action("noLog")
{ }
bool execute(Transaction *transaction) override;
void configure(RuleWithActions *rule) override {
rule->setHasNoLogAction(true);
}
};
} // namespace actions
} // namespace modsecurity

11
src/actions/phase.cc
View File

@ -15,25 +15,22 @@
#include "src/actions/phase.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/modsecurity.h"
#include "src/utils/string.h"
#include "src/rule_with_actions.h"
namespace modsecurity {
namespace actions {
bool Phase::init(std::string *error) {
std::string a = utils::string::tolower(m_parser_payload);
std::string a = utils::string::tolower(m_parserPayload);
m_phase = -1;
try {
m_phase = std::stoi(m_parser_payload);
m_phase = std::stoi(m_parserPayload);
if (m_phase == 0) {
m_phase = modsecurity::Phases::ConnectionPhase;
m_secRulesPhase = 0;
@ -53,7 +50,7 @@ bool Phase::init(std::string *error) {
m_phase = modsecurity::Phases::LoggingPhase;
m_secRulesPhase = 5;
} else {
error->assign("Unknown phase: " + m_parser_payload);
error->assign("Unknown phase: " + m_parserPayload);
return false;
}
} catch (...) {

24
src/actions/phase.h
View File

@ -13,44 +13,48 @@
*
*/
#include <string>
#include "src/actions/action_type_configure.h"
#include "src/actions/action_type_rule_metadata.h"
#ifndef SRC_ACTIONS_PHASE_H_
#define SRC_ACTIONS_PHASE_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
class RuleWithOperator;
namespace actions {
class Phase : public ActionTypeConfigure {
class Phase : public ActionTypeRuleMetaData {
public:
explicit Phase(const std::string &action)
: ActionTypeConfigure(action),
: Action(action),
m_phase(0),
m_secRulesPhase(0) { }
bool init(std::string *error) override;
virtual void configure(RuleWithActions *rule) override {
void configure(RuleWithActions *rule) override {
rule->setPhase(m_phase);
}
int getSecRulePhase() {
return m_secRulesPhase;
}
int getPhase() {
return m_phase;
}
private:
int m_phase;
int m_secRulesPhase;
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_PHASE_H_

9
src/actions/rev.cc
View File

@ -13,23 +13,18 @@
*
*/
#include "src/actions/rev.h"
#include <iostream>
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/rule_with_actions.h"
namespace modsecurity {
namespace actions {
bool Rev::init(std::string *error) {
m_revision = m_parser_payload;
m_revision = m_parserPayload;
return true;
}

17
src/actions/rev.h
View File

@ -13,34 +13,35 @@
*
*/
#include <string>
#include "src/actions/action_type_configure.h"
#include "src/actions/action_type_rule_metadata.h"
#ifndef SRC_ACTIONS_REV_H_
#define SRC_ACTIONS_REV_H_
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class Rev : public ActionTypeConfigure {
class Rev : public ActionTypeRuleMetaData {
public:
explicit Rev(const std::string &action)
: ActionTypeConfigure(action),
: Action(action),
m_revision("")
{ };
{ }
bool init(std::string *error) override;
virtual void configure(RuleWithActions *rule) override {
void configure(RuleWithActions *rule) override {
rule->setRevision(m_revision);
}
private:
std::string m_revision;
std::string m_revision;
};

8
src/actions/rule_id.cc
View File

@ -13,22 +13,18 @@
*
*/
#include "src/actions/rule_id.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/rule_with_actions.h"
namespace modsecurity {
namespace actions {
bool RuleId::init(std::string *error) {
std::string a = m_parser_payload;
std::string a = m_parserPayload;
try {
m_ruleId = std::stod(a);

23
src/actions/rule_id.h
View File

@ -13,41 +13,40 @@
*
*/
#include <string>
#include "src/actions/action_type_configure.h"
#include "src/actions/action_type_rule_metadata.h"
#ifndef SRC_ACTIONS_RULE_ID_H_
#define SRC_ACTIONS_RULE_ID_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
class RuleWithOperator;
namespace actions {
class RuleId : public ActionTypeConfigure {
class RuleId : public ActionTypeRuleMetaData {
public:
explicit RuleId(const std::string &action)
: ActionTypeConfigure(action),
m_ruleId(0) { }
explicit RuleId(const std::string &action)
: Action(action),
m_ruleId(0)
{ }
bool init(std::string *error) override;
virtual void configure(RuleWithActions *rule) override {
void configure(RuleWithActions *rule) override {
rule->setId(m_ruleId);
}
private:
double m_ruleId;
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_RULE_ID_H_

14
src/actions/set_env.cc
View File

@ -13,22 +13,26 @@
*
*/
#include "src/actions/set_env.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/utils/string.h"
#include "src/rule_with_actions.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
#include "src/run_time_string.h"
namespace modsecurity {
namespace actions {
bool SetENV::execute(Transaction *t) {
bool SetENV::execute(Transaction *t) noexcept {
std::string colNameExpanded(getEvaluatedRunTimeString(t));
ms_dbg_a(t, 8, "Setting envoriment variable: "

15
src/actions/set_env.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include <utility>
#include <memory>
@ -33,20 +34,18 @@ namespace actions {
class SetENV : public ActionWithRunTimeString {
public:
explicit SetENV(std::unique_ptr<RunTimeString> runTimeString)
: ActionWithRunTimeString(
"setenv",
RunTimeOnlyIfMatchKind,
std::move(runTimeString)
)
: ActionWithRunTimeString(std::move(runTimeString)),
Action("setenv")
{ };
explicit SetENV(const SetENV &action)
: ActionWithRunTimeString(action)
: ActionWithRunTimeString(action),
Action(action)
{ };
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new SetENV(*this);
}
};

10
src/actions/set_rsc.cc
View File

@ -13,20 +13,24 @@
*
*/
#include "src/actions/set_rsc.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
namespace modsecurity {
namespace actions {
bool SetRSC::execute(Transaction *t) {
bool SetRSC::execute(Transaction *t) noexcept {
std::string colNameExpanded(getEvaluatedRunTimeString(t));
ms_dbg_a(t, 8, "RESOURCE initiated with value: \'"
+ colNameExpanded + "\'.");

15
src/actions/set_rsc.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include <utility>
#include <memory>
@ -33,20 +34,18 @@ namespace actions {
class SetRSC : public ActionWithRunTimeString {
public:
explicit SetRSC(std::unique_ptr<RunTimeString> runTimeString)
: ActionWithRunTimeString(
"setsrc",
RunTimeOnlyIfMatchKind,
std::move(runTimeString)
)
: ActionWithRunTimeString(std::move(runTimeString)),
Action("setsrc")
{ };
explicit SetRSC(const SetRSC &action)
: ActionWithRunTimeString(action)
: ActionWithRunTimeString(action),
Action(action)
{ };
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new SetRSC(*this);
}
};

10
src/actions/set_sid.cc
View File

@ -13,20 +13,24 @@
*
*/
#include "src/actions/set_sid.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
namespace modsecurity {
namespace actions {
bool SetSID::execute(Transaction *t) {
bool SetSID::execute(Transaction *t) noexcept {
std::string colNameExpanded(getEvaluatedRunTimeString(t));
ms_dbg_a(t, 8, "Session ID initiated with value: \'"
+ colNameExpanded + "\'.");

15
src/actions/set_sid.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include <utility>
#include <memory>
@ -33,20 +34,18 @@ namespace actions {
class SetSID : public ActionWithRunTimeString {
public:
explicit SetSID(std::unique_ptr<RunTimeString> runTimeString)
: ActionWithRunTimeString(
"setsid",
RunTimeOnlyIfMatchKind,
std::move(runTimeString)
)
: ActionWithRunTimeString(std::move(runTimeString)),
Action("setsid")
{ };
SetSID(const SetSID &action)
: ActionWithRunTimeString(action)
: ActionWithRunTimeString(action),
Action(action)
{ };
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new SetSID(*this);
}
};

10
src/actions/set_uid.cc
View File

@ -13,20 +13,24 @@
*
*/
#include "src/actions/set_uid.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
namespace modsecurity {
namespace actions {
bool SetUID::execute(Transaction *t) {
bool SetUID::execute(Transaction *t) noexcept {
std::string colNameExpanded(getEvaluatedRunTimeString(t));
ms_dbg_a(t, 8, "User collection initiated with value: \'"
+ colNameExpanded + "\'.");

16
src/actions/set_uid.h
View File

@ -13,6 +13,7 @@
*
*/
#include <string>
#include <memory>
#include <utility>
@ -33,23 +34,20 @@ namespace actions {
class SetUID : public ActionWithRunTimeString {
public:
explicit SetUID(std::unique_ptr<RunTimeString> runTimeString)
: ActionWithRunTimeString(
"setuid",
RunTimeOnlyIfMatchKind,
std::move(runTimeString)
)
: ActionWithRunTimeString(std::move(runTimeString)),
Action("setuid")
{ };
explicit SetUID(const SetUID &action)
: ActionWithRunTimeString(action)
: ActionWithRunTimeString(action),
Action(action)
{ };
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new SetUID(*this);
}
};

16
src/actions/set_var.cc
View File

@ -13,24 +13,24 @@
*
*/
#include "src/actions/set_var.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/rules_set.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/utils/string.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
#include "src/variables/global.h"
#include "src/variables/ip.h"
#include "src/variables/resource.h"
#include "src/variables/session.h"
#include "src/variables/tx.h"
#include "src/variables/user.h"
#include "src/variables/variable.h"
#include "src/rule_with_operator.h"
namespace modsecurity {
@ -42,7 +42,7 @@ bool SetVar::init(std::string *error) {
}
bool SetVar::execute(Transaction *t) {
bool SetVar::execute(Transaction *t) noexcept {
std::string targetValue;
std::string resolvedPre;

47
src/actions/set_var.h
View File

@ -13,23 +13,26 @@
*
*/
#include <memory>
#include <string>
#include <utility>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "src/actions/action_with_run_time_string.h"
#include "src/variables/variable_with_runtime_string.h"
#include "src/rule_with_operator.h"
#ifndef SRC_ACTIONS_SET_VAR_H_
#define SRC_ACTIONS_SET_VAR_H_
namespace modsecurity {
class Transaction;
class RuleWithOperator;
namespace modsecurity {
namespace actions {
enum SetVarOperation {
/* Set variable to something */
setOperation,
@ -43,57 +46,66 @@ enum SetVarOperation {
unsetOperation,
};
class SetVar : public ActionWithRunTimeString {
public:
SetVar(SetVarOperation operation,
std::unique_ptr<modsecurity::variables::Variable> variable,
std::unique_ptr<RunTimeString> predicate)
: ActionWithRunTimeString("setvar", std::move(predicate)),
: ActionWithRunTimeString(std::move(predicate)),
m_operation(operation),
m_variable(std::move(variable))
{ };
m_variable(std::move(variable)),
Action("setvar")
{ }
SetVar(SetVarOperation operation,
std::unique_ptr<modsecurity::variables::Variable> variable)
: ActionWithRunTimeString("setvar"),
: ActionWithRunTimeString(),
Action("setvar"),
m_operation(operation),
m_variable(std::move(variable))
{ };
{ }
SetVar(const SetVar &var)
: ActionWithRunTimeString(var),
Action(var),
m_operation(var.m_operation),
m_variable(var.m_variable)
{
variables::RuleVariable *rv = dynamic_cast<variables::RuleVariable *>(m_variable.get());
m_variable(var.m_variable) {
variables::RuleVariable *rv = dynamic_cast<variables::RuleVariable *>(
m_variable.get());
if (rv != nullptr) {
auto nrv = rv->clone();
rv = dynamic_cast<variables::RuleVariable *>(nrv);
rv->populate(nullptr);
m_variable = std::unique_ptr<variables::Variable>(nrv);
}
};
}
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
bool init(std::string *error) override;
void populate(RuleWithActions *rule) override {
ActionWithRunTimeString::populate(rule);
variables::RuleVariable *rulev = dynamic_cast<variables::RuleVariable *>(m_variable.get());
variables::RuleVariable *rulev =
dynamic_cast<variables::RuleVariable *>(
m_variable.get());
if (rulev != nullptr) {
rulev->populate(rule);
}
variables::VariableWithRunTimeString *rulev2 = dynamic_cast<variables::VariableWithRunTimeString *>(m_variable.get());
variables::VariableWithRunTimeString *rulev2 =
dynamic_cast<variables::VariableWithRunTimeString *>(
m_variable.get());
if (rulev2 != nullptr) {
rulev2->populate(rule);
}
}
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new SetVar(*this);
}
@ -102,6 +114,7 @@ class SetVar : public ActionWithRunTimeString {
std::shared_ptr<modsecurity::variables::Variable> m_variable;
};
} // namespace actions
} // namespace modsecurity

19
src/actions/severity.cc
View File

@ -13,18 +13,18 @@
*
*/
#include "src/actions/severity.h"
#include <iostream>
#include <string>
#include <memory>
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/utils/string.h"
#include "modsecurity/rule_message.h"
namespace modsecurity {
@ -32,7 +32,7 @@ namespace actions {
bool Severity::init(std::string *error) {
std::string a = utils::string::tolower(m_parser_payload);
std::string a = utils::string::tolower(m_parserPayload);
if (a == "emergency") {
m_severity = 0;
return true;
@ -71,10 +71,5 @@ bool Severity::init(std::string *error) {
}
bool Severity::execute(Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

22
src/actions/severity.h
View File

@ -13,37 +13,41 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "src/actions/action_type_rule_metadata.h"
#ifndef SRC_ACTIONS_SEVERITY_H_
#define SRC_ACTIONS_SEVERITY_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace actions {
class Severity : public Action {
class Severity : public ActionTypeRuleMetaData {
public:
explicit Severity(const std::string &action)
explicit Severity(const std::string &action)
: Action(action),
m_severity(0) { }
m_severity(0)
{ }
bool execute(Transaction *transaction) override;
bool init(std::string *error) override;
void configure(RuleWithActions *rule) override {
rule->setSeverity(m_severity);
}
private:
int m_severity;
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_SEVERITY_H_

16
src/actions/skip.cc
View File

@ -13,14 +13,18 @@
*
*/
#include "src/actions/skip.h"
#include <iostream>
#include <string>
#include "modsecurity/rules_set.h"
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
namespace modsecurity {
namespace actions {
@ -28,9 +32,9 @@ namespace actions {
bool Skip::init(std::string *error) {
try {
m_skip_next = std::stoi(m_parser_payload);
m_skip_next = std::stoi(m_parserPayload);
} catch (...) {
error->assign("Skip: The input \"" + m_parser_payload + "\" is " \
error->assign("Skip: The input \"" + m_parserPayload + "\" is " \
"not a number.");
return false;
}
@ -38,7 +42,7 @@ bool Skip::init(std::string *error) {
}
bool Skip::execute(Transaction *transaction) {
bool Skip::execute(Transaction *transaction) noexcept {
ms_dbg_a(transaction, 5, "Skipping the next " + \
std::to_string(m_skip_next) + " rules.");

9
src/actions/skip.h
View File

@ -13,10 +13,12 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#ifndef SRC_ACTIONS_SKIP_H_
#define SRC_ACTIONS_SKIP_H_
@ -29,13 +31,14 @@ namespace actions {
class Skip : public Action {
public:
explicit Skip(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind),
explicit Skip(const std::string &action)
: Action(action),
m_skip_next(0) { }
bool init(std::string *error) override;
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
private:
int m_skip_next;
};

11
src/actions/skip_after.cc
View File

@ -13,21 +13,24 @@
*
*/
#include "src/actions/skip_after.h"
#include <iostream>
#include <string>
#include "modsecurity/rules_set.h"
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
namespace modsecurity {
namespace actions {
bool SkipAfter::execute(Transaction *transaction) {
bool SkipAfter::execute(Transaction *transaction) noexcept {
ms_dbg_a(transaction, 5, "Setting skipAfter for: " + *m_skipName);
transaction->addMarker(m_skipName);
return true;

18
src/actions/skip_after.h
View File

@ -13,34 +13,38 @@
*
*/
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#ifndef SRC_ACTIONS_SKIP_AFTER_H_
#define SRC_ACTIONS_SKIP_AFTER_H_
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class SkipAfter : public Action {
public:
explicit SkipAfter(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind),
m_skipName(std::make_shared<std::string>(m_parser_payload)) { }
explicit SkipAfter(const std::string &action)
: Action(action),
m_skipName(std::make_shared<std::string>(m_parserPayload))
{ }
bool execute(Transaction *transaction) noexcept override;
bool execute(Transaction *transaction) override;
private:
std::shared_ptr<std::string> m_skipName;
// FIXME: This should be a regular pointer instead of a shared pointer.
std::shared_ptr<std::string> m_skipName;
};
} // namespace actions
} // namespace modsecurity
#endif // SRC_ACTIONS_SKIP_AFTER_H_

19
src/actions/tag.cc
View File

@ -13,16 +13,18 @@
*
*/
#include "src/actions/tag.h"
#include <iostream>
#include <string>
#include <memory>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
/**
* FIXME: rules_set.h inclusion is here due to ms_dbg_a.
* It should be removed.
*/
#include "modsecurity/rules_set.h"
/**
* Description: Assigns a tag (category) to a rule or a chain.
@ -50,11 +52,8 @@ namespace modsecurity {
namespace actions {
bool Tag::execute(Transaction *transaction) {
std::string tag = getTagName(transaction);
ms_dbg_a(transaction, 9, "Rule tag: " + tag);
transaction->messageGetLast()->m_tags.push_back(tag);
bool Tag::execute(Transaction *transaction) noexcept {
ms_dbg_a(transaction, 9, "Rule tag: " + getTagName(transaction));
return true;
}

26
src/actions/tag.h
View File

@ -13,44 +13,44 @@
*
*/
#include <string>
#include <memory>
#include <utility>
#include "modsecurity/actions/action.h"
#include "src/actions/action_with_run_time_string.h"
#include "src/actions/action_allowed_in_sec_default_action.h"
#ifndef SRC_ACTIONS_TAG_H_
#define SRC_ACTIONS_TAG_H_
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class Tag : public ActionWithRunTimeString {
class Tag : public ActionWithRunTimeString,
public ActionAllowedAsSecDefaultAction {
public:
explicit Tag(std::unique_ptr<RunTimeString> runTimeString)
: ActionWithRunTimeString(
"tag",
RunTimeOnlyIfMatchKind,
std::move(runTimeString)
)
{ };
: ActionWithRunTimeString(std::move(runTimeString)),
Action("tag")
{ }
explicit Tag(const Tag &action)
: ActionWithRunTimeString(action)
{ };
: ActionWithRunTimeString(action),
Action(action)
{ }
bool execute(Transaction *transaction) override;
bool execute(Transaction *transaction) noexcept override;
inline std::string getTagName(Transaction *transaction) const {
return getEvaluatedRunTimeString(transaction);
}
virtual ActionWithRunTimeString *clone() override {
ActionWithRunTimeString *clone() override {
return new Tag(*this);
}
};

14
src/actions/transformations/base64_decode.cc
View File

@ -13,17 +13,13 @@
*
*/
#include "src/actions/transformations/base64_decode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/modsecurity.h"
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/base64.h"
@ -32,9 +28,9 @@ namespace actions {
namespace transformations {
void Base64Decode::execute(Transaction *t,
ModSecString &in,
ModSecString &out) {
void Base64Decode::execute(const Transaction *t,
const ModSecString &in,
ModSecString &out) noexcept {
std::string value(in.c_str(), in.size());
std::string ret = Utils::Base64::decode(value);
out.assign(ret.c_str(), ret.size());

22
src/actions/transformations/base64_decode.h
View File

@ -13,35 +13,39 @@
*
*/
#include <string>
#include "modsecurity/modsecurity.h"
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace modsecurity {
namespace actions {
namespace transformations {
class Base64Decode : public Transformation {
public:
explicit Base64Decode(const std::string &action)
: Transformation(action) { }
Base64Decode()
: Action("t:base64Decode")
{ }
void execute(Transaction *t,
ModSecString &in,
ModSecString &out) override;
void execute(const Transaction *t,
const ModSecString &in,
ModSecString &out) noexcept override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_

14
src/actions/transformations/base64_decode_ext.cc
View File

@ -13,17 +13,13 @@
*
*/
#include "src/actions/transformations/base64_decode_ext.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/modsecurity.h"
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/base64.h"
@ -32,9 +28,9 @@ namespace actions {
namespace transformations {
void Base64DecodeExt::execute(Transaction *t,
ModSecString &in,
ModSecString &out) {
void Base64DecodeExt::execute(const Transaction *t,
const ModSecString &in,
ModSecString &out) noexcept {
std::string ret = Utils::Base64::decode_forgiven(in.c_str());
out.assign(ret.c_str(), ret.size());
}

22
src/actions/transformations/base64_decode_ext.h
View File

@ -13,35 +13,39 @@
*
*/
#include <string>
#include "modsecurity/modsecurity.h"
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_
#define SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace modsecurity {
namespace actions {
namespace transformations {
class Base64DecodeExt : public Transformation {
public:
explicit Base64DecodeExt(const std::string &action)
: Transformation(action) { }
Base64DecodeExt()
: Action("t:base64DecodeExt")
{ }
void execute(Transaction *t,
ModSecString &in,
ModSecString &out) override;
void execute(const Transaction *t,
const ModSecString &in,
ModSecString &out) noexcept override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_

14
src/actions/transformations/base64_encode.cc
View File

@ -13,17 +13,13 @@
*
*/
#include "src/actions/transformations/base64_encode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/modsecurity.h"
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/base64.h"
@ -32,9 +28,9 @@ namespace actions {
namespace transformations {
void Base64Encode::execute(Transaction *t,
ModSecString &in,
ModSecString &out) {
void Base64Encode::execute(const Transaction *t,
const ModSecString &in,
ModSecString &out) noexcept {
std::string ret = Utils::Base64::encode(
std::string(in.c_str(), in.size()));
out.assign(ret.c_str(), ret.size());

22
src/actions/transformations/base64_encode.h
View File

@ -13,35 +13,39 @@
*
*/
#include <string>
#include "modsecurity/modsecurity.h"
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace modsecurity {
namespace actions {
namespace transformations {
class Base64Encode : public Transformation {
public:
explicit Base64Encode(const std::string &action)
: Transformation(action) { }
Base64Encode()
: Action("t:base64Encode")
{ }
void execute(Transaction *t,
ModSecString &in,
ModSecString &out) override;
void execute(const Transaction *t,
const ModSecString &in,
ModSecString &out) noexcept override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
#endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_

13
src/actions/transformations/cmd_line.cc
View File

@ -15,15 +15,10 @@
#include "src/actions/transformations/cmd_line.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/modsecurity.h"
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
namespace modsecurity {
@ -31,9 +26,9 @@ namespace actions {
namespace transformations {
void CmdLine::execute(Transaction *t,
ModSecString &in,
ModSecString &out) {
void CmdLine::execute(const Transaction *t,
const ModSecString &in,
ModSecString &out) noexcept {
int space = 0;
for (auto& a : in) {

Some files were not shown because too many files have changed in this diff Show More