From 156202d10c584b0ef355ca92fbf1eda5479582a4 Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Thu, 2 May 2019 20:31:15 -0300 Subject: [PATCH] cosmetic: Organization on the Action class --- headers/modsecurity/actions/action.h | 144 +- headers/modsecurity/audit_log.h | 2 +- headers/modsecurity/rules_exceptions.h | 5 +- headers/modsecurity/transaction.h | 10 +- src/actions/accuracy.cc | 11 +- src/actions/accuracy.h | 13 +- src/actions/action.cc | 36 - .../action_allowed_in_sec_default_action.h | 34 + src/actions/action_type_rule_metadata.h | 51 + src/actions/action_with_run_time_string.h | 43 +- src/actions/audit_log.cc | 7 +- src/actions/audit_log.h | 19 +- src/actions/block.cc | 18 +- src/actions/block.h | 29 +- src/actions/capture.cc | 18 +- src/actions/capture.h | 15 +- src/actions/chain.cc | 8 +- src/actions/chain.h | 21 +- src/actions/ctl/audit_log_parts.cc | 42 +- src/actions/ctl/audit_log_parts.h | 18 +- src/actions/ctl/request_body_access.cc | 22 +- src/actions/ctl/request_body_access.h | 16 +- .../ctl/request_body_processor_json.cc | 5 +- src/actions/ctl/request_body_processor_json.h | 10 +- .../ctl/request_body_processor_urlencoded.cc | 6 +- .../ctl/request_body_processor_urlencoded.h | 10 +- src/actions/ctl/request_body_processor_xml.cc | 5 +- src/actions/ctl/request_body_processor_xml.h | 10 +- src/actions/ctl/rule_engine.cc | 10 +- src/actions/ctl/rule_engine.h | 14 +- src/actions/ctl/rule_remove_by_id.cc | 11 +- src/actions/ctl/rule_remove_by_id.h | 13 +- src/actions/ctl/rule_remove_by_tag.cc | 8 +- src/actions/ctl/rule_remove_by_tag.h | 13 +- src/actions/ctl/rule_remove_target_by_id.cc | 8 +- src/actions/ctl/rule_remove_target_by_id.h | 13 +- src/actions/ctl/rule_remove_target_by_tag.cc | 8 +- src/actions/ctl/rule_remove_target_by_tag.h | 12 +- src/actions/data/status.cc | 10 +- src/actions/data/status.h | 24 +- src/actions/disruptive/allow.cc | 15 +- src/actions/disruptive/allow.h | 27 +- src/actions/disruptive/deny.cc | 19 +- src/actions/disruptive/deny.h | 20 +- src/actions/disruptive/disruptive_action.h | 45 + src/actions/disruptive/drop.cc | 24 +- src/actions/disruptive/drop.h | 16 +- src/actions/disruptive/pass.cc | 14 +- src/actions/disruptive/pass.h | 15 +- src/actions/disruptive/redirect.cc | 27 +- src/actions/disruptive/redirect.h | 36 +- src/actions/exec.cc | 15 +- src/actions/exec.h | 10 +- src/actions/init_col.cc | 17 +- src/actions/init_col.h | 18 +- src/actions/log.cc | 14 +- src/actions/log.h | 23 +- src/actions/log_data.cc | 12 +- src/actions/log_data.h | 27 +- src/actions/maturity.cc | 11 +- src/actions/maturity.h | 11 +- src/actions/msg.cc | 15 +- src/actions/msg.h | 15 +- src/actions/multi_match.cc | 11 +- src/actions/multi_match.h | 25 +- src/actions/no_audit_log.cc | 9 +- src/actions/no_audit_log.h | 21 +- src/actions/no_log.cc | 15 +- src/actions/no_log.h | 21 +- src/actions/phase.cc | 11 +- src/actions/phase.h | 24 +- src/actions/rev.cc | 9 +- src/actions/rev.h | 17 +- src/actions/rule_id.cc | 8 +- src/actions/rule_id.h | 23 +- src/actions/set_env.cc | 14 +- src/actions/set_env.h | 15 +- src/actions/set_rsc.cc | 10 +- src/actions/set_rsc.h | 15 +- src/actions/set_sid.cc | 10 +- src/actions/set_sid.h | 15 +- src/actions/set_uid.cc | 10 +- src/actions/set_uid.h | 16 +- src/actions/set_var.cc | 16 +- src/actions/set_var.h | 47 +- src/actions/severity.cc | 19 +- src/actions/severity.h | 22 +- src/actions/skip.cc | 16 +- src/actions/skip.h | 9 +- src/actions/skip_after.cc | 11 +- src/actions/skip_after.h | 18 +- src/actions/tag.cc | 19 +- src/actions/tag.h | 26 +- src/actions/transformations/base64_decode.cc | 14 +- src/actions/transformations/base64_decode.h | 22 +- .../transformations/base64_decode_ext.cc | 14 +- .../transformations/base64_decode_ext.h | 22 +- src/actions/transformations/base64_encode.cc | 14 +- src/actions/transformations/base64_encode.h | 22 +- src/actions/transformations/cmd_line.cc | 13 +- src/actions/transformations/cmd_line.h | 22 +- .../transformations/compress_whitespace.cc | 14 +- .../transformations/compress_whitespace.h | 22 +- src/actions/transformations/css_decode.cc | 20 +- src/actions/transformations/css_decode.h | 24 +- .../transformations/escape_seq_decode.cc | 17 +- .../transformations/escape_seq_decode.h | 26 +- src/actions/transformations/hex_decode.cc | 19 +- src/actions/transformations/hex_decode.h | 23 +- src/actions/transformations/hex_encode.cc | 15 +- src/actions/transformations/hex_encode.h | 23 +- .../transformations/html_entity_decode.cc | 18 +- .../transformations/html_entity_decode.h | 25 +- src/actions/transformations/js_decode.cc | 17 +- src/actions/transformations/js_decode.h | 23 +- src/actions/transformations/length.cc | 14 +- src/actions/transformations/length.h | 22 +- src/actions/transformations/lower_case.cc | 11 +- src/actions/transformations/lower_case.h | 22 +- src/actions/transformations/md5.cc | 15 +- src/actions/transformations/md5.h | 22 +- src/actions/transformations/none.cc | 14 +- src/actions/transformations/none.h | 28 +- src/actions/transformations/normalise_path.cc | 16 +- src/actions/transformations/normalise_path.h | 22 +- .../transformations/normalise_path_win.cc | 17 +- .../transformations/normalise_path_win.h | 19 +- .../transformations/parity_even_7bit.cc | 15 +- .../transformations/parity_even_7bit.h | 23 +- .../transformations/parity_odd_7bit.cc | 15 +- src/actions/transformations/parity_odd_7bit.h | 24 +- .../transformations/parity_zero_7bit.cc | 15 +- .../transformations/parity_zero_7bit.h | 23 +- .../transformations/remove_comments.cc | 15 +- src/actions/transformations/remove_comments.h | 19 +- .../transformations/remove_comments_char.cc | 14 +- .../transformations/remove_comments_char.h | 22 +- src/actions/transformations/remove_nulls.cc | 16 +- src/actions/transformations/remove_nulls.h | 22 +- .../transformations/remove_whitespace.cc | 17 +- .../transformations/remove_whitespace.h | 22 +- .../transformations/replace_comments.cc | 15 +- .../transformations/replace_comments.h | 22 +- src/actions/transformations/replace_nulls.cc | 14 +- src/actions/transformations/replace_nulls.h | 22 +- src/actions/transformations/sha1.cc | 19 +- src/actions/transformations/sha1.h | 22 +- src/actions/transformations/sql_hex_decode.cc | 24 +- src/actions/transformations/sql_hex_decode.h | 22 +- src/actions/transformations/transformation.cc | 133 +- src/actions/transformations/transformation.h | 31 +- src/actions/transformations/trim.cc | 17 +- src/actions/transformations/trim.h | 27 +- src/actions/transformations/trim_left.cc | 16 +- src/actions/transformations/trim_left.h | 23 +- src/actions/transformations/trim_right.cc | 16 +- src/actions/transformations/trim_right.h | 23 +- src/actions/transformations/upper_case.cc | 12 +- src/actions/transformations/upper_case.h | 22 +- src/actions/transformations/url_decode.cc | 17 +- src/actions/transformations/url_decode.h | 24 +- src/actions/transformations/url_decode_uni.cc | 24 +- src/actions/transformations/url_decode_uni.h | 24 +- src/actions/transformations/url_encode.cc | 17 +- src/actions/transformations/url_encode.h | 23 +- .../transformations/utf8_to_unicode.cc | 21 +- src/actions/transformations/utf8_to_unicode.h | 32 +- src/actions/ver.cc | 9 +- src/actions/ver.h | 11 +- src/actions/xmlns.cc | 10 +- src/actions/xmlns.h | 13 +- src/parser/location.hh | 2 +- src/parser/position.hh | 2 +- src/parser/seclang-parser.cc | 2190 +++++++++-------- src/parser/seclang-parser.hh | 1878 ++++++++------ src/parser/seclang-parser.yy | 115 +- src/parser/stack.hh | 2 +- src/rule_message.cc | 2 +- src/rule_with_actions.cc | 202 +- src/rule_with_actions.h | 17 +- src/rules_exceptions.cc | 37 +- src/transaction.cc | 44 +- test/test-cases/regression/action-block.json | 4 +- .../regression/action-tnf-base64.json | 4 +- test/test-cases/regression/auditlog-ctl.json | 240 ++ ...llection-regular_expression_selection.json | 4 +- .../regression/config-secdefaultaction.json | 8 +- .../misc-variable-under-quotes.json | 8 +- .../regression/offset-variable.json | 16 +- .../regression/tempCodeRunnerFile.json | 38 + .../regression/transformations.json | 4 +- 191 files changed, 4518 insertions(+), 3637 deletions(-) create mode 100644 src/actions/action_allowed_in_sec_default_action.h create mode 100644 src/actions/action_type_rule_metadata.h create mode 100644 src/actions/disruptive/disruptive_action.h create mode 100644 test/test-cases/regression/auditlog-ctl.json create mode 100644 test/test-cases/regression/tempCodeRunnerFile.json diff --git a/headers/modsecurity/actions/action.h b/headers/modsecurity/actions/action.h index c12f42d6..5ccd9bdb 100644 --- a/headers/modsecurity/actions/action.h +++ b/headers/modsecurity/actions/action.h @@ -16,14 +16,9 @@ #ifdef __cplusplus #include -#include -#include #endif -#include "modsecurity/intervention.h" -#include "modsecurity/rule.h" - #ifndef HEADERS_MODSECURITY_ACTIONS_ACTION_H_ #define HEADERS_MODSECURITY_ACTIONS_ACTION_H_ @@ -32,99 +27,68 @@ namespace modsecurity { class Transaction; -class RuleWithActions; -class RunTimeString; - namespace actions { class Action { public: - explicit Action(const std::string& _action) - : m_actionKind(2), - m_name(nullptr), - m_parser_payload("") { - set_name_and_payload(_action); - } + Action() + : m_name(""), + m_parserPayload("") + { } + + + explicit Action(const std::string& action) + : m_name(sort_name(action)), + m_parserPayload(sort_payload(action)) + { } - Action(const std::string& _action, int kind) - : m_actionKind(kind), - m_name(nullptr), - m_parser_payload("") { - set_name_and_payload(_action); - } Action(const Action &a) - : m_actionKind(a.m_actionKind), - m_name(a.m_name), - m_parser_payload(a.m_parser_payload) { } + : m_name(a.m_name), + m_parserPayload(a.m_parserPayload) + { } + Action &operator=(const Action& a) { - m_actionKind = a.m_actionKind; m_name = a.m_name; - m_parser_payload = a.m_parser_payload; + m_parserPayload = a.m_parserPayload; return *this; } - virtual ~Action() { } - virtual bool init(std::string *error) { return true; } + virtual ~Action() + { } - virtual std::string execute(const std::string &exp, - Transaction *transaction); - virtual bool execute(Transaction *transaction = nullptr); - /** - * This method is meant to be used by transformations — a particular - * type of action. - * - */ - virtual void execute(Transaction *t, - ModSecString &in, - ModSecString &out) { - }; + virtual bool init(std::string *error) { + return true; + } - virtual bool isDisruptive() { return false; } - /** - * - * Define the action kind regarding to the execution time. - * - * - */ - enum Kind { - /** - * - * Action that are executed while loading the configuration. For instance - * the rule ID or the rule phase. - * - */ - ConfigurationKind, - /** - * - * Those are actions that demands to be executed before call the operator. - * For instance the tranformations. - * - * - */ - RunTimeBeforeMatchAttemptKind, - /** - * - * Actions that are executed after the execution of the operator, only if - * the operator returned Match (or True). For instance the disruptive - * actions. - * - */ - RunTimeOnlyIfMatchKind, - }; + virtual bool execute(Transaction *transaction = nullptr) noexcept { + return true; + } + + + virtual bool isDisruptive() { + return false; + } + + + const std::string *getName() { + return &m_name; + } + + + protected: + std::string m_parserPayload; - int m_actionKind; - std::shared_ptr m_name; - std::string m_parser_payload; private: + std::string m_name; - void set_name_and_payload(const std::string& data) { + static size_t get_payload_pos(const std::string& data) { size_t pos = data.find(":"); std::string t = "t:"; @@ -132,18 +96,34 @@ class Action { pos = data.find(":", 2); } + return pos; + } + + + static std::string sort_name(const std::string& data) { + size_t pos = get_payload_pos(data); if (pos == std::string::npos) { - m_name = std::shared_ptr(new std::string(data)); - return; + return data; } - m_name = std::shared_ptr(new std::string(data, 0, pos)); - m_parser_payload = std::string(data, pos + 1, data.length()); + std::string ret(data, 0, pos); + return ret; + } - if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) { - m_parser_payload.erase(0, 1); - m_parser_payload.pop_back(); + + static std::string sort_payload(const std::string& data) { + size_t pos = get_payload_pos(data); + std::string ret(""); + if (pos != std::string::npos) { + ret = std::string(data, pos + 1, data.length()); + + if (ret.at(0) == '\'' && ret.size() > 2) { + ret.erase(0, 1); + ret.pop_back(); + } } + + return ret; } }; diff --git a/headers/modsecurity/audit_log.h b/headers/modsecurity/audit_log.h index 08ffdbfe..18862772 100644 --- a/headers/modsecurity/audit_log.h +++ b/headers/modsecurity/audit_log.h @@ -61,7 +61,7 @@ class AuditLog { NativeAuditLogFormat }; - enum AuditLogParts { + enum AuditLogPartsEnum { /** * Audit log header (mandatory). * diff --git a/headers/modsecurity/rules_exceptions.h b/headers/modsecurity/rules_exceptions.h index a8bcf173..ec3a552d 100644 --- a/headers/modsecurity/rules_exceptions.h +++ b/headers/modsecurity/rules_exceptions.h @@ -37,6 +37,9 @@ namespace modsecurity { namespace actions { class Action; +namespace transformations { +class Transformation; +} } namespace variables { class Variable; @@ -79,7 +82,7 @@ class RulesExceptions { std::unordered_multimap> m_variable_update_target_by_id; std::unordered_multimap> m_action_pre_update_target_by_id; + std::shared_ptr> m_action_transformation_update_target_by_id; std::unordered_multimap> m_action_pos_update_target_by_id; std::list m_remove_rule_by_msg; diff --git a/headers/modsecurity/transaction.h b/headers/modsecurity/transaction.h index 0752780c..9a1d2806 100644 --- a/headers/modsecurity/transaction.h +++ b/headers/modsecurity/transaction.h @@ -48,6 +48,8 @@ typedef struct Rules_t RulesSet; #include "modsecurity/variable_value.h" #include "modsecurity/collection/collection.h" #include "modsecurity/variable_origin.h" +#include "modsecurity/actions/action.h" + #ifndef NO_LOGS #define ms_dbg(b, c) \ @@ -567,12 +569,12 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa int m_requestBodyAccess; /** - * The list m_auditLogModifier contains modifications to the `auditlogs' - * for this specific request, those modifications can happens via the - * utilization of the action: `ctl:auditLogParts=' + * m_auditLogParts contains auditlog parts for this specific request, + * it also holds the modifications can happens via the utilization of + * the action: `ctl:auditLogParts=' * */ - std::list< std::pair > m_auditLogModifier; + int m_auditLogParts; /** * Holds the request body, in case of any. diff --git a/src/actions/accuracy.cc b/src/actions/accuracy.cc index 6ec7b988..da59bbb4 100644 --- a/src/actions/accuracy.cc +++ b/src/actions/accuracy.cc @@ -13,16 +13,11 @@ * */ + #include "src/actions/accuracy.h" -#include #include -#include "modsecurity/actions/action.h" -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/rule_with_actions.h" - namespace modsecurity { namespace actions { @@ -30,9 +25,9 @@ namespace actions { bool Accuracy::init(std::string *error) { try { - m_accuracy = std::stoi(m_parser_payload); + m_accuracy = std::stoi(m_parserPayload); } catch (...) { - error->assign("Accuracy: The input \"" + m_parser_payload + "\" is " \ + error->assign("Accuracy: The input \"" + m_parserPayload + "\" is " \ "not a number."); return false; } diff --git a/src/actions/accuracy.h b/src/actions/accuracy.h index 5b40ff5b..99b802ee 100644 --- a/src/actions/accuracy.h +++ b/src/actions/accuracy.h @@ -13,30 +13,29 @@ * */ + #include -#include "src/actions/action_type_configure.h" +#include "src/actions/action_type_rule_metadata.h" #ifndef SRC_ACTIONS_ACCURACY_H_ #define SRC_ACTIONS_ACCURACY_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { -class Accuracy : public ActionTypeConfigure { +class Accuracy : public ActionTypeRuleMetaData { public: - explicit Accuracy(const std::string &action) - : ActionTypeConfigure(action), + explicit Accuracy(const std::string &action) + : Action(action), m_accuracy(0) { } bool init(std::string *error) override; - virtual void configure(RuleWithActions *rule) override { + void configure(RuleWithActions *rule) override { rule->setAccuracy(m_accuracy); } diff --git a/src/actions/action.cc b/src/actions/action.cc index 70922d77..cf11ade8 100644 --- a/src/actions/action.cc +++ b/src/actions/action.cc @@ -15,46 +15,10 @@ #include "modsecurity/actions/action.h" -#include -#include - -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/utils/string.h" - -#include "src/actions/block.h" -#include "src/actions/chain.h" -#include "src/actions/disruptive/deny.h" -#include "src/actions/disruptive/redirect.h" -#include "src/actions/data/status.h" -#include "src/actions/rule_id.h" -#include "src/actions/phase.h" -#include "src/actions/severity.h" -#include "src/actions/capture.h" -#include "src/actions/disruptive/pass.h" -#include "src/actions/log.h" -#include "src/actions/no_log.h" -#include "src/actions/no_audit_log.h" -#include "src/actions/multi_match.h" - - -#define IF_MATCH(a) \ - if (op.compare(1, std::strlen(#a), #a) == 0) namespace modsecurity { namespace actions { -std::string Action::execute(const std::string &value, - Transaction *transaction) { - return value; -} - - -bool Action::execute(Transaction *transaction) { - return true; -} - - } // namespace actions } // namespace modsecurity diff --git a/src/actions/action_allowed_in_sec_default_action.h b/src/actions/action_allowed_in_sec_default_action.h new file mode 100644 index 00000000..1d23f08e --- /dev/null +++ b/src/actions/action_allowed_in_sec_default_action.h @@ -0,0 +1,34 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + +#include "modsecurity/actions/action.h" + +#ifndef SRC_ACTIONS_ACTION_ALLOWED_IN_SEC_DEFAULT_ACTION_H_ +#define SRC_ACTIONS_ACTION_ALLOWED_IN_SEC_DEFAULT_ACTION_H_ + + +namespace modsecurity { +namespace actions { + + +class ActionAllowedAsSecDefaultAction : public virtual Action { + public: +}; + + +} // namespace actions +} // namespace modsecurity + +#endif // SRC_ACTIONS_ACTION_ALLOWED_IN_SEC_DEFAULT_ACTION_H_ diff --git a/src/actions/action_type_rule_metadata.h b/src/actions/action_type_rule_metadata.h new file mode 100644 index 00000000..a3ba810c --- /dev/null +++ b/src/actions/action_type_rule_metadata.h @@ -0,0 +1,51 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + + +#include "modsecurity/actions/action.h" +#include "src/rule_with_actions.h" + +#ifndef SRC_ACTIONS_ACTION_TYPE_CONFIGURE_H_ +#define SRC_ACTIONS_ACTION_TYPE_CONFIGURE_H_ + + +namespace modsecurity { +namespace actions { + + +class ActionTypeRuleMetaData : public virtual Action { + public: + /** + * + * Action that are executed while loading the configuration. For instance + * the rule ID or the rule phase. + * + */ + ActionTypeRuleMetaData() + : Action() + { }; + + bool execute(Transaction *t) noexcept override { + return true; + } + + virtual void configure(RuleWithActions *rule) = 0; +}; + + +} // namespace actions +} // namespace modsecurity + +#endif // SRC_ACTIONS_ACTION_TYPE_CONFIGURE_H_ diff --git a/src/actions/action_with_run_time_string.h b/src/actions/action_with_run_time_string.h index 0c38a27a..7b87bb85 100644 --- a/src/actions/action_with_run_time_string.h +++ b/src/actions/action_with_run_time_string.h @@ -13,49 +13,32 @@ * */ +#include +#include +#include + #include "modsecurity/actions/action.h" #include "src/run_time_string.h" #ifndef SRC_ACTIONS_ACTION_WITH_RUN_TIME_STRING_H_ #define SRC_ACTIONS_ACTION_WITH_RUN_TIME_STRING_H_ + namespace modsecurity { namespace actions { -class ActionWithRunTimeString : public Action { + +class ActionWithRunTimeString : public virtual Action { public: - ActionWithRunTimeString( - const std::string &name, - int king, - std::unique_ptr string) - : Action(name, king), - m_string(std::move(string)) - { }; - - ActionWithRunTimeString(const std::string &name, - std::unique_ptr string) - : Action(name), - m_string(std::move(string)) - { }; - - ActionWithRunTimeString(const std::string &name, - int king) - : Action(name, king), - m_string(nullptr) - { }; - - ActionWithRunTimeString(const std::string &name) - : Action(name), - m_string(nullptr) - { }; + explicit ActionWithRunTimeString(std::unique_ptr string = nullptr) + : m_string(std::move(string)) + { } ActionWithRunTimeString(const ActionWithRunTimeString &a) - : Action(a), - m_string(a.m_string?std::unique_ptr(new RunTimeString(*a.m_string.get())):nullptr) - { }; + : m_string(a.m_string?std::unique_ptr(new RunTimeString(*a.m_string.get())):nullptr) + { } - ActionWithRunTimeString& operator=(const ActionWithRunTimeString& a) - { + ActionWithRunTimeString& operator=(const ActionWithRunTimeString& a) { m_string = std::unique_ptr(new RunTimeString(*a.m_string.get())); return *this; } diff --git a/src/actions/audit_log.cc b/src/actions/audit_log.cc index d7d51972..153442e9 100644 --- a/src/actions/audit_log.cc +++ b/src/actions/audit_log.cc @@ -15,19 +15,16 @@ #include "src/actions/audit_log.h" -#include #include -#include #include "modsecurity/transaction.h" -#include "modsecurity/rule_message.h" -#include "modsecurity/rules_set.h" + namespace modsecurity { namespace actions { -bool AuditLog::execute(Transaction *transaction) { +bool AuditLog::execute(Transaction *transaction) noexcept { transaction->messageSetNoAuditLog(false); return true; } diff --git a/src/actions/audit_log.h b/src/actions/audit_log.h index 11823fee..7f48354d 100644 --- a/src/actions/audit_log.h +++ b/src/actions/audit_log.h @@ -13,34 +13,29 @@ * */ -#include -#include -#include "modsecurity/actions/action.h" +#include "src/actions/action_allowed_in_sec_default_action.h" #ifndef SRC_ACTIONS_AUDIT_LOG_H_ #define SRC_ACTIONS_AUDIT_LOG_H_ -#ifdef __cplusplus -class Transaction; namespace modsecurity { -class Transaction; - namespace actions { -class AuditLog : public Action { +class AuditLog : public ActionAllowedAsSecDefaultAction { public: - explicit AuditLog(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + AuditLog() + : Action("auditLog") + { } - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; }; } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_AUDIT_LOG_H_ diff --git a/src/actions/block.cc b/src/actions/block.cc index 2bf89486..31b1a8b6 100644 --- a/src/actions/block.cc +++ b/src/actions/block.cc @@ -13,29 +13,13 @@ * */ + #include "src/actions/block.h" -#include -#include -#include - -#include "modsecurity/rules_set.h" -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "modsecurity/intervention.h" -#include "src/actions/data/status.h" -#include "src/rule_with_actions.h" - namespace modsecurity { namespace actions { -bool Block::execute(Transaction *transaction) { - ms_dbg_a(transaction, 8, "Marking request as disruptive."); - return true; -} - - } // namespace actions } // namespace modsecurity diff --git a/src/actions/block.h b/src/actions/block.h index 10f5fb67..8800ea05 100644 --- a/src/actions/block.h +++ b/src/actions/block.h @@ -13,34 +13,37 @@ * */ + #include #include -#include "modsecurity/actions/action.h" -#include "modsecurity/rule_message.h" +#include "src/actions/action_type_rule_metadata.h" +#include "src/actions/action_allowed_in_sec_default_action.h" -#ifndef SRC_ACTIONS_DISRUPTIVE_BLOCK_H_ -#define SRC_ACTIONS_DISRUPTIVE_BLOCK_H_ -#ifdef __cplusplus -class Transaction; +#ifndef SRC_ACTIONS_BLOCK_H_ +#define SRC_ACTIONS_BLOCK_H_ + namespace modsecurity { -class Transaction; - namespace actions { -class Block : public Action { +class Block : public ActionTypeRuleMetaData, + public ActionAllowedAsSecDefaultAction { public: - explicit Block(const std::string &action) : Action(action) { } + Block() + : Action("block") + { } - bool execute(Transaction *transaction) override; + void configure(RuleWithActions *rule) override { + rule->setHasBlockAction(true); + } }; } // namespace actions } // namespace modsecurity -#endif -#endif // SRC_ACTIONS_DISRUPTIVE_BLOCK_H_ + +#endif // SRC_ACTIONS_BLOCK_H_ diff --git a/src/actions/capture.cc b/src/actions/capture.cc index c633c14d..83abc16c 100644 --- a/src/actions/capture.cc +++ b/src/actions/capture.cc @@ -13,29 +13,13 @@ * */ + #include "src/actions/capture.h" -#include -#include -#include - -#include "modsecurity/transaction.h" - -#include "modsecurity/rule.h" -#include "src/operators/operator.h" -#include "src/operators/pm.h" -#include "src/operators/rx.h" -#include "src/operators/contains.h" -#include "src/operators/detect_sqli.h" namespace modsecurity { namespace actions { -bool Capture::execute(Transaction *transaction) { - return true; -} - - } // namespace actions } // namespace modsecurity diff --git a/src/actions/capture.h b/src/actions/capture.h index 169a7c6b..041635a5 100644 --- a/src/actions/capture.h +++ b/src/actions/capture.h @@ -13,25 +13,28 @@ * */ + #include -#include "modsecurity/actions/action.h" +#include "src/actions/action_type_rule_metadata.h" + #ifndef SRC_ACTIONS_CAPTURE_H_ #define SRC_ACTIONS_CAPTURE_H_ namespace modsecurity { -class RuleWithOperator; namespace actions { -class Capture : public Action { +class Capture : public ActionTypeRuleMetaData { public: - explicit Capture(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + Capture() + : Action("capture") { } - bool execute(Transaction *transaction) override; + void configure(RuleWithActions *rule) override { + rule->setHasCaptureAction(true); + } }; diff --git a/src/actions/chain.cc b/src/actions/chain.cc index a40bff8c..8fe94919 100644 --- a/src/actions/chain.cc +++ b/src/actions/chain.cc @@ -13,15 +13,9 @@ * */ + #include "src/actions/chain.h" -#include -#include - -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/rule_with_actions.h" - namespace modsecurity { namespace actions { diff --git a/src/actions/chain.h b/src/actions/chain.h index 62bdec12..f1b55f89 100644 --- a/src/actions/chain.h +++ b/src/actions/chain.h @@ -13,37 +13,34 @@ * */ + #include -#include "src/actions/action_type_configure.h" +#include "src/actions/action_type_rule_metadata.h" #ifndef SRC_ACTIONS_CHAIN_H_ #define SRC_ACTIONS_CHAIN_H_ -#ifdef __cplusplus -class Transaction; namespace modsecurity { -class Transaction; -class RuleWithOperator; - namespace actions { -class Chain : public ActionTypeConfigure { +class Chain : public ActionTypeRuleMetaData { public: - explicit Chain(const std::string &action) - : ActionTypeConfigure(action) - { }; + Chain() + : Action("chain") + { } - virtual void configure(RuleWithActions *rule) override { + void configure(RuleWithActions *rule) override { rule->setHasChainAction(true); } }; + } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_CHAIN_H_ diff --git a/src/actions/ctl/audit_log_parts.cc b/src/actions/ctl/audit_log_parts.cc index 00aadcb3..3ee05bb4 100644 --- a/src/actions/ctl/audit_log_parts.cc +++ b/src/actions/ctl/audit_log_parts.cc @@ -13,13 +13,20 @@ * */ + #include "src/actions/ctl/audit_log_parts.h" -#include #include #include #include "modsecurity/transaction.h" +#include "modsecurity/audit_log.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" + namespace modsecurity { namespace actions { @@ -27,20 +34,39 @@ namespace ctl { bool AuditLogParts::init(std::string *error) { - std::string what(m_parser_payload, 14, 1); - mParts = std::string(m_parser_payload, 15, m_parser_payload.length()-15); + std::string what(m_parserPayload, 14, 1); + std::string parts_str(m_parserPayload, 15, m_parserPayload.length()-15); + + if ((what != "-") && (what != "+")) { + error->assign("ctl:auditLogParts modificators expects add or " \ + "remove (+/-) in front of the modificator. Got: " + what); + return false; + } + + int flags = AuditLog::addParts(0, parts_str); + if (what == "+") { - mPartsAction = 0; + m_partsToModify = flags; } else { - mPartsAction = 1; + m_partsToModify = -1 * flags; } return true; } -bool AuditLogParts::execute(Transaction *transaction) { - transaction->m_auditLogModifier.push_back( - std::make_pair(mPartsAction, mParts)); + +bool AuditLogParts::execute(Transaction *transaction) noexcept { + ms_dbg_a(transaction, 7, "AuditLog parts before modification: " + + std::to_string(transaction->m_auditLogParts) + "."); + + if (m_partsToModify < 0) { + transaction->m_auditLogParts = \ + transaction->m_auditLogParts & ~(m_partsToModify * -1); + } else { + transaction->m_auditLogParts = \ + transaction->m_auditLogParts | m_partsToModify; + } + return true; } diff --git a/src/actions/ctl/audit_log_parts.h b/src/actions/ctl/audit_log_parts.h index 9dc088e7..7d1a8d6d 100644 --- a/src/actions/ctl/audit_log_parts.h +++ b/src/actions/ctl/audit_log_parts.h @@ -13,14 +13,17 @@ * */ + #include #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" + #ifndef SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_ #define SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -28,17 +31,17 @@ namespace ctl { class AuditLogParts : public Action { public: - explicit AuditLogParts(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind), - mPartsAction(0), - mParts("") { } + explicit AuditLogParts(const std::string &action) + : Action(action), + m_partsToModify(0) + { } - bool execute(Transaction *transaction) override; bool init(std::string *error) override; + bool execute(Transaction *transaction) noexcept override; + protected: - int mPartsAction; - std::string mParts; + int m_partsToModify; }; @@ -46,4 +49,5 @@ class AuditLogParts : public Action { } // namespace actions } // namespace modsecurity + #endif // SRC_ACTIONS_CTL_AUDIT_LOG_PARTS_H_ diff --git a/src/actions/ctl/request_body_access.cc b/src/actions/ctl/request_body_access.cc index 6b0130ce..24fe6115 100644 --- a/src/actions/ctl/request_body_access.cc +++ b/src/actions/ctl/request_body_access.cc @@ -13,40 +13,44 @@ * */ + #include "src/actions/ctl/request_body_access.h" -#include #include #include "modsecurity/rules_set_properties.h" #include "modsecurity/transaction.h" + namespace modsecurity { namespace actions { namespace ctl { bool RequestBodyAccess::init(std::string *error) { - std::string what(m_parser_payload, 18, m_parser_payload.size() - 18); + std::string what(m_parserPayload, 18, m_parserPayload.size() - 18); if (what == "true") { - m_request_body_access = true; + m_requestBodyAccess = true; } else if (what == "false") { - m_request_body_access = false; + m_requestBodyAccess = false; } else { error->assign("Internal error. Expected: true or false, got: " \ - + m_parser_payload); + + m_parserPayload); return false; } return true; } -bool RequestBodyAccess::execute(Transaction *transaction) { - if (m_request_body_access) { - transaction->m_requestBodyAccess = RulesSetProperties::TrueConfigBoolean; + +bool RequestBodyAccess::execute(Transaction *transaction) noexcept { + if (m_requestBodyAccess) { + transaction->m_requestBodyAccess = + RulesSetProperties::TrueConfigBoolean; } else { - transaction->m_requestBodyAccess = RulesSetProperties::FalseConfigBoolean; + transaction->m_requestBodyAccess = + RulesSetProperties::FalseConfigBoolean; } return true; diff --git a/src/actions/ctl/request_body_access.h b/src/actions/ctl/request_body_access.h index 0a508ad7..403b4770 100644 --- a/src/actions/ctl/request_body_access.h +++ b/src/actions/ctl/request_body_access.h @@ -13,6 +13,7 @@ * */ + #include #include "modsecurity/actions/action.h" @@ -22,6 +23,7 @@ #ifndef SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_ #define SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -29,14 +31,17 @@ namespace ctl { class RequestBodyAccess : public Action { public: - explicit RequestBodyAccess(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind), - m_request_body_access(false) { } + explicit RequestBodyAccess(const std::string &action) + : Action(action), + m_requestBodyAccess(false) + { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; - bool m_request_body_access; + bool execute(Transaction *transaction) noexcept override; + + private: + bool m_requestBodyAccess; }; @@ -44,4 +49,5 @@ class RequestBodyAccess : public Action { } // namespace actions } // namespace modsecurity + #endif // SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_ diff --git a/src/actions/ctl/request_body_processor_json.cc b/src/actions/ctl/request_body_processor_json.cc index b9833fdb..a68d41e6 100644 --- a/src/actions/ctl/request_body_processor_json.cc +++ b/src/actions/ctl/request_body_processor_json.cc @@ -13,19 +13,20 @@ * */ + #include "src/actions/ctl/request_body_processor_json.h" -#include #include #include "modsecurity/transaction.h" + namespace modsecurity { namespace actions { namespace ctl { -bool RequestBodyProcessorJSON::execute(Transaction *transaction) { +bool RequestBodyProcessorJSON::execute(Transaction *transaction) noexcept { transaction->m_requestBodyProcessor = Transaction::JSONRequestBody; transaction->m_variableReqbodyProcessor.set("JSON", transaction->m_variableOffset); diff --git a/src/actions/ctl/request_body_processor_json.h b/src/actions/ctl/request_body_processor_json.h index 61049568..0cec2a8c 100644 --- a/src/actions/ctl/request_body_processor_json.h +++ b/src/actions/ctl/request_body_processor_json.h @@ -13,14 +13,17 @@ * */ + #include #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" + #ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_JSON_H_ #define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_JSON_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -28,10 +31,11 @@ namespace ctl { class RequestBodyProcessorJSON : public Action { public: - explicit RequestBodyProcessorJSON(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + explicit RequestBodyProcessorJSON(const std::string &action) + : Action(action) + { } - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; }; diff --git a/src/actions/ctl/request_body_processor_urlencoded.cc b/src/actions/ctl/request_body_processor_urlencoded.cc index d53915a3..12c0f7e9 100644 --- a/src/actions/ctl/request_body_processor_urlencoded.cc +++ b/src/actions/ctl/request_body_processor_urlencoded.cc @@ -13,19 +13,21 @@ * */ + #include "src/actions/ctl/request_body_processor_urlencoded.h" -#include #include #include "modsecurity/transaction.h" + namespace modsecurity { namespace actions { namespace ctl { -bool RequestBodyProcessorURLENCODED::execute(Transaction *transaction) { +bool RequestBodyProcessorURLENCODED::execute( + Transaction *transaction) noexcept { transaction->m_requestBodyType = Transaction::WWWFormUrlEncoded; transaction->m_variableReqbodyProcessor.set("URLENCODED", transaction->m_variableOffset); diff --git a/src/actions/ctl/request_body_processor_urlencoded.h b/src/actions/ctl/request_body_processor_urlencoded.h index 90a999b4..a4c94e97 100644 --- a/src/actions/ctl/request_body_processor_urlencoded.h +++ b/src/actions/ctl/request_body_processor_urlencoded.h @@ -13,14 +13,17 @@ * */ + #include #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" + #ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_URLENCODED_H_ #define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_URLENCODED_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -28,10 +31,11 @@ namespace ctl { class RequestBodyProcessorURLENCODED : public Action { public: - explicit RequestBodyProcessorURLENCODED(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + explicit RequestBodyProcessorURLENCODED(const std::string &action) + : Action(action) + { } - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; }; diff --git a/src/actions/ctl/request_body_processor_xml.cc b/src/actions/ctl/request_body_processor_xml.cc index b4d9c94b..5331dc55 100644 --- a/src/actions/ctl/request_body_processor_xml.cc +++ b/src/actions/ctl/request_body_processor_xml.cc @@ -13,19 +13,20 @@ * */ + #include "src/actions/ctl/request_body_processor_xml.h" -#include #include #include "modsecurity/transaction.h" + namespace modsecurity { namespace actions { namespace ctl { -bool RequestBodyProcessorXML::execute(Transaction *transaction) { +bool RequestBodyProcessorXML::execute(Transaction *transaction) noexcept { transaction->m_requestBodyProcessor = Transaction::XMLRequestBody; transaction->m_variableReqbodyProcessor.set("XML", transaction->m_variableOffset); diff --git a/src/actions/ctl/request_body_processor_xml.h b/src/actions/ctl/request_body_processor_xml.h index 0c06f0d0..fab8d358 100644 --- a/src/actions/ctl/request_body_processor_xml.h +++ b/src/actions/ctl/request_body_processor_xml.h @@ -13,14 +13,17 @@ * */ + #include #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" + #ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_XML_H_ #define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_XML_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -28,10 +31,11 @@ namespace ctl { class RequestBodyProcessorXML : public Action { public: - explicit RequestBodyProcessorXML(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + explicit RequestBodyProcessorXML(const std::string &action) + : Action(action) + { } - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; }; diff --git a/src/actions/ctl/rule_engine.cc b/src/actions/ctl/rule_engine.cc index dca9b213..cbd4d073 100644 --- a/src/actions/ctl/rule_engine.cc +++ b/src/actions/ctl/rule_engine.cc @@ -13,22 +13,23 @@ * */ + #include "src/actions/ctl/rule_engine.h" -#include #include #include "modsecurity/rules_set_properties.h" #include "modsecurity/rules_set.h" #include "modsecurity/transaction.h" + namespace modsecurity { namespace actions { namespace ctl { bool RuleEngine::init(std::string *error) { - std::string what(m_parser_payload, 11, m_parser_payload.size() - 11); + std::string what(m_parserPayload, 11, m_parserPayload.size() - 11); if (what == "on") { m_ruleEngine = RulesSetProperties::EnabledRuleEngine; @@ -38,14 +39,15 @@ bool RuleEngine::init(std::string *error) { m_ruleEngine = RulesSetProperties::DetectionOnlyRuleEngine; } else { error->assign("Internal error. Expected: On, Off or DetectionOnly; " \ - "got: " + m_parser_payload); + "got: " + m_parserPayload); return false; } return true; } -bool RuleEngine::execute(Transaction *transaction) { + +bool RuleEngine::execute(Transaction *transaction) noexcept { std::stringstream a; a << "Setting SecRuleEngine to "; a << modsecurity::RulesSetProperties::ruleEngineStateString(m_ruleEngine); diff --git a/src/actions/ctl/rule_engine.h b/src/actions/ctl/rule_engine.h index 356cf02c..ee66d55b 100644 --- a/src/actions/ctl/rule_engine.h +++ b/src/actions/ctl/rule_engine.h @@ -13,16 +13,17 @@ * */ + #include #include "modsecurity/rules_set_properties.h" #include "modsecurity/actions/action.h" -#include "modsecurity/transaction.h" #ifndef SRC_ACTIONS_CTL_RULE_ENGINE_H_ #define SRC_ACTIONS_CTL_RULE_ENGINE_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -30,13 +31,16 @@ namespace ctl { class RuleEngine : public Action { public: - explicit RuleEngine(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind), - m_ruleEngine(RulesSetProperties::PropertyNotSetRuleEngine) { } + explicit RuleEngine(const std::string &action) + : Action(action), + m_ruleEngine(RulesSetProperties::PropertyNotSetRuleEngine) + { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; + + private: RulesSetProperties::RuleEngine m_ruleEngine; }; diff --git a/src/actions/ctl/rule_remove_by_id.cc b/src/actions/ctl/rule_remove_by_id.cc index 76e97111..846fee82 100644 --- a/src/actions/ctl/rule_remove_by_id.cc +++ b/src/actions/ctl/rule_remove_by_id.cc @@ -13,21 +13,25 @@ * */ + #include "src/actions/ctl/rule_remove_by_id.h" -#include #include +#include +#include #include "modsecurity/transaction.h" + #include "src/utils/string.h" + namespace modsecurity { namespace actions { namespace ctl { bool RuleRemoveById::init(std::string *error) { - std::string what(m_parser_payload, 15, m_parser_payload.size() - 15); + std::string what(m_parserPayload, 15, m_parserPayload.size() - 15); bool added = false; std::vector toRemove = utils::string::ssplit(what, ' '); for (std::string &a : toRemove) { @@ -83,7 +87,8 @@ bool RuleRemoveById::init(std::string *error) { return false; } -bool RuleRemoveById::execute(Transaction *transaction) { + +bool RuleRemoveById::execute(Transaction *transaction) noexcept { for (auto &i : m_ids) { transaction->m_ruleRemoveById.push_back(i); } diff --git a/src/actions/ctl/rule_remove_by_id.h b/src/actions/ctl/rule_remove_by_id.h index 30815408..debd6a66 100644 --- a/src/actions/ctl/rule_remove_by_id.h +++ b/src/actions/ctl/rule_remove_by_id.h @@ -13,7 +13,10 @@ * */ + #include +#include +#include #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" @@ -22,6 +25,7 @@ #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -29,12 +33,15 @@ namespace ctl { class RuleRemoveById : public Action { public: - explicit RuleRemoveById(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + explicit RuleRemoveById(const std::string &action) + : Action(action) + { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; + + private: std::list > m_ranges; std::list m_ids; }; diff --git a/src/actions/ctl/rule_remove_by_tag.cc b/src/actions/ctl/rule_remove_by_tag.cc index 673d37ed..6ebdc31c 100644 --- a/src/actions/ctl/rule_remove_by_tag.cc +++ b/src/actions/ctl/rule_remove_by_tag.cc @@ -13,26 +13,28 @@ * */ + #include "src/actions/ctl/rule_remove_by_tag.h" -#include #include #include "modsecurity/transaction.h" + namespace modsecurity { namespace actions { namespace ctl { bool RuleRemoveByTag::init(std::string *error) { - std::string what(m_parser_payload, 16, m_parser_payload.size() - 16); + std::string what(m_parserPayload, 16, m_parserPayload.size() - 16); m_tag = what; return true; } -bool RuleRemoveByTag::execute(Transaction *transaction) { + +bool RuleRemoveByTag::execute(Transaction *transaction) noexcept { transaction->m_ruleRemoveByTag.push_back(m_tag); return true; } diff --git a/src/actions/ctl/rule_remove_by_tag.h b/src/actions/ctl/rule_remove_by_tag.h index eb0571e0..fa5fd53c 100644 --- a/src/actions/ctl/rule_remove_by_tag.h +++ b/src/actions/ctl/rule_remove_by_tag.h @@ -13,6 +13,7 @@ * */ + #include #include "modsecurity/actions/action.h" @@ -22,6 +23,7 @@ #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_BY_TAG_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_BY_TAG_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -29,13 +31,16 @@ namespace ctl { class RuleRemoveByTag : public Action { public: - explicit RuleRemoveByTag(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind), - m_tag("") { } + explicit RuleRemoveByTag(const std::string &action) + : Action(action), + m_tag("") + { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; + + private: std::string m_tag; }; diff --git a/src/actions/ctl/rule_remove_target_by_id.cc b/src/actions/ctl/rule_remove_target_by_id.cc index 994bc92c..236dfa64 100644 --- a/src/actions/ctl/rule_remove_target_by_id.cc +++ b/src/actions/ctl/rule_remove_target_by_id.cc @@ -13,14 +13,15 @@ * */ + #include "src/actions/ctl/rule_remove_target_by_id.h" -#include #include #include #include #include "modsecurity/transaction.h" + #include "src/utils/string.h" @@ -30,7 +31,7 @@ namespace ctl { bool RuleRemoveTargetById::init(std::string *error) { - std::string what(m_parser_payload, 21, m_parser_payload.size() - 21); + std::string what(m_parserPayload, 21, m_parserPayload.size() - 21); std::vector param = utils::string::split(what, ';'); if (param.size() < 2) { @@ -51,7 +52,8 @@ bool RuleRemoveTargetById::init(std::string *error) { return true; } -bool RuleRemoveTargetById::execute(Transaction *transaction) { + +bool RuleRemoveTargetById::execute(Transaction *transaction) noexcept { transaction->m_ruleRemoveTargetById.push_back( std::make_pair(m_id, m_target)); return true; diff --git a/src/actions/ctl/rule_remove_target_by_id.h b/src/actions/ctl/rule_remove_target_by_id.h index b8feaac8..62ac870e 100644 --- a/src/actions/ctl/rule_remove_target_by_id.h +++ b/src/actions/ctl/rule_remove_target_by_id.h @@ -13,6 +13,7 @@ * */ + #include #include "modsecurity/actions/action.h" @@ -22,6 +23,7 @@ #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -29,14 +31,17 @@ namespace ctl { class RuleRemoveTargetById : public Action { public: - explicit RuleRemoveTargetById(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind), + explicit RuleRemoveTargetById(const std::string &action) + : Action(action), m_id(0), - m_target("") { } + m_target("") + { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; + + private: int m_id; std::string m_target; }; diff --git a/src/actions/ctl/rule_remove_target_by_tag.cc b/src/actions/ctl/rule_remove_target_by_tag.cc index 5e96569c..8d676a14 100644 --- a/src/actions/ctl/rule_remove_target_by_tag.cc +++ b/src/actions/ctl/rule_remove_target_by_tag.cc @@ -13,14 +13,15 @@ * */ + #include "src/actions/ctl/rule_remove_target_by_tag.h" -#include #include #include #include #include "modsecurity/transaction.h" + #include "src/utils/string.h" @@ -30,7 +31,7 @@ namespace ctl { bool RuleRemoveTargetByTag::init(std::string *error) { - std::string what(m_parser_payload, 22, m_parser_payload.size() - 22); + std::string what(m_parserPayload, 22, m_parserPayload.size() - 22); std::vector param = utils::string::split(what, ';'); if (param.size() < 2) { @@ -44,7 +45,8 @@ bool RuleRemoveTargetByTag::init(std::string *error) { return true; } -bool RuleRemoveTargetByTag::execute(Transaction *transaction) { + +bool RuleRemoveTargetByTag::execute(Transaction *transaction) noexcept { transaction->m_ruleRemoveTargetByTag.push_back( std::make_pair(m_tag, m_target)); return true; diff --git a/src/actions/ctl/rule_remove_target_by_tag.h b/src/actions/ctl/rule_remove_target_by_tag.h index 0fbe4e50..90ab530d 100644 --- a/src/actions/ctl/rule_remove_target_by_tag.h +++ b/src/actions/ctl/rule_remove_target_by_tag.h @@ -13,6 +13,7 @@ * */ + #include #include "modsecurity/actions/action.h" @@ -22,6 +23,7 @@ #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_ + namespace modsecurity { namespace actions { namespace ctl { @@ -29,12 +31,15 @@ namespace ctl { class RuleRemoveTargetByTag : public Action { public: - explicit RuleRemoveTargetByTag(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + explicit RuleRemoveTargetByTag(const std::string &action) + : Action(action) + { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; + + private: std::string m_tag; std::string m_target; }; @@ -44,4 +49,5 @@ class RuleRemoveTargetByTag : public Action { } // namespace actions } // namespace modsecurity + #endif // SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_ diff --git a/src/actions/data/status.cc b/src/actions/data/status.cc index c6c7a5e0..a6702e89 100644 --- a/src/actions/data/status.cc +++ b/src/actions/data/status.cc @@ -13,11 +13,10 @@ * */ + #include "src/actions/data/status.h" -#include #include -#include #include "modsecurity/transaction.h" @@ -26,11 +25,12 @@ namespace modsecurity { namespace actions { namespace data { + bool Status::init(std::string *error) { try { - m_status = std::stoi(m_parser_payload); + m_status = std::stoi(m_parserPayload); } catch (...) { - error->assign("Not a valid number: " + m_parser_payload); + error->assign("Not a valid number: " + m_parserPayload); return false; } @@ -38,7 +38,7 @@ bool Status::init(std::string *error) { } -bool Status::execute(Transaction *transaction) { +bool Status::execute(Transaction *transaction) noexcept { transaction->m_it.status = m_status; return true; } diff --git a/src/actions/data/status.h b/src/actions/data/status.h index d13b9c9c..b96a3d4a 100644 --- a/src/actions/data/status.h +++ b/src/actions/data/status.h @@ -13,32 +13,36 @@ * */ + #include -#include #include "modsecurity/actions/action.h" -#include "modsecurity/rule_message.h" +#include "modsecurity/transaction.h" + +#include "src/actions/action_allowed_in_sec_default_action.h" + #ifndef SRC_ACTIONS_DATA_STATUS_H_ #define SRC_ACTIONS_DATA_STATUS_H_ -#ifdef __cplusplus -class Transaction; namespace modsecurity { -class Transaction; namespace actions { namespace data { -class Status : public Action { +class Status : public ActionAllowedAsSecDefaultAction { public: - explicit Status(const std::string &action) : Action(action, 2), - m_status(0) { } + explicit Status(const std::string &action) + : Action(action), + m_status(0) + { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; + + private: int m_status; }; @@ -46,6 +50,6 @@ class Status : public Action { } // namespace data } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_DATA_STATUS_H_ diff --git a/src/actions/disruptive/allow.cc b/src/actions/disruptive/allow.cc index f483d0f9..9d1b0575 100644 --- a/src/actions/disruptive/allow.cc +++ b/src/actions/disruptive/allow.cc @@ -13,16 +13,19 @@ * */ + #include "src/actions/disruptive/allow.h" -#include #include -#include "modsecurity/rules_set.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" + #include "src/utils/string.h" -#include "modsecurity/modsecurity.h" namespace modsecurity { @@ -31,7 +34,7 @@ namespace disruptive { bool Allow::init(std::string *error) { - std::string a = utils::string::tolower(m_parser_payload); + std::string a = utils::string::tolower(m_parserPayload); if (a == "phase") { m_allowType = PhaseAllowType; @@ -49,7 +52,7 @@ bool Allow::init(std::string *error) { } -bool Allow::execute(Transaction *transaction) { +bool Allow::execute(Transaction *transaction) noexcept { ms_dbg_a(transaction, 4, "Dropping the evaluation of upcoming rules " \ "in favor of an `allow' action of type: " \ + allowTypeToName(m_allowType)); diff --git a/src/actions/disruptive/allow.h b/src/actions/disruptive/allow.h index 6b1028d0..2f94f961 100644 --- a/src/actions/disruptive/allow.h +++ b/src/actions/disruptive/allow.h @@ -13,20 +13,20 @@ * */ + #include #include "modsecurity/actions/action.h" +#include "modsecurity/transaction.h" + +#include "src/actions/disruptive/disruptive_action.h" + #ifndef SRC_ACTIONS_DISRUPTIVE_ALLOW_H_ #define SRC_ACTIONS_DISRUPTIVE_ALLOW_H_ -#ifdef __cplusplus -class Transaction; namespace modsecurity { -class Transaction; -class RuleWithOperator; - namespace actions { namespace disruptive { @@ -51,17 +51,18 @@ enum AllowType : int { }; -class Allow : public Action { +class Allow : public ActionDisruptive { public: - explicit Allow(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind), - m_allowType(NoneAllowType) { } - + explicit Allow(const std::string &action) + : Action(action), + m_allowType(NoneAllowType) + { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; - bool isDisruptive() override { return true; } + bool execute(Transaction *transaction) noexcept override; + + private: AllowType m_allowType; static std::string allowTypeToName(AllowType a) { @@ -83,6 +84,6 @@ class Allow : public Action { } // namespace disruptive } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_DISRUPTIVE_ALLOW_H_ diff --git a/src/actions/disruptive/deny.cc b/src/actions/disruptive/deny.cc index e19f403a..89d2b871 100644 --- a/src/actions/disruptive/deny.cc +++ b/src/actions/disruptive/deny.cc @@ -13,22 +13,26 @@ * */ + #include "src/actions/disruptive/deny.h" -#include -#include #include -#include -#include #include "modsecurity/transaction.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" +#include "modsecurity/rule_message.h" + namespace modsecurity { namespace actions { namespace disruptive { -bool Deny::execute(Transaction *transaction) { +bool Deny::execute(Transaction *transaction) noexcept { ms_dbg_a(transaction, 8, "Running action deny"); if (transaction->m_it.status == 200) { @@ -37,9 +41,10 @@ bool Deny::execute(Transaction *transaction) { transaction->m_it.disruptive = true; intervention::freeLog(&transaction->m_it); - //transaction->messageGetLast()->setRule(rule); transaction->m_it.log = strdup( - transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str()); + transaction->messageGetLast()->log( + RuleMessage::LogMessageInfo::ClientLogMessageInfo) + .c_str()); return true; } diff --git a/src/actions/disruptive/deny.h b/src/actions/disruptive/deny.h index 510a534b..703f3742 100644 --- a/src/actions/disruptive/deny.h +++ b/src/actions/disruptive/deny.h @@ -13,28 +13,31 @@ * */ -#include -#include -#include "modsecurity/rules_set.h" +#include + #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule_message.h" + +#include "src/actions/disruptive/disruptive_action.h" + #ifndef SRC_ACTIONS_DISRUPTIVE_DENY_H_ #define SRC_ACTIONS_DISRUPTIVE_DENY_H_ + namespace modsecurity { namespace actions { namespace disruptive { -class Deny : public Action { +class Deny : public ActionDisruptive { public: - explicit Deny(const std::string &action) : Action(action) { } + Deny() + : Action("deny") + { } - bool execute(Transaction *transaction) override; - bool isDisruptive() override { return true; } + bool execute(Transaction *transaction) noexcept override; }; @@ -42,4 +45,5 @@ class Deny : public Action { } // namespace actions } // namespace modsecurity + #endif // SRC_ACTIONS_DISRUPTIVE_DENY_H_ diff --git a/src/actions/disruptive/disruptive_action.h b/src/actions/disruptive/disruptive_action.h new file mode 100644 index 00000000..5e139d5b --- /dev/null +++ b/src/actions/disruptive/disruptive_action.h @@ -0,0 +1,45 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + + +#include + +#include "modsecurity/actions/action.h" +#include "src/actions/action_allowed_in_sec_default_action.h" + + +#ifndef SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_ +#define SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_ + + +namespace modsecurity { +namespace actions { +namespace disruptive { + + +class ActionDisruptive : public ActionAllowedAsSecDefaultAction { + public: + bool isDisruptive() override { + return true; + } +}; + + +} // namespace disruptive +} // namespace actions +} // namespace modsecurity + + +#endif // SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_ diff --git a/src/actions/disruptive/drop.cc b/src/actions/disruptive/drop.cc index 692a583c..3243e471 100644 --- a/src/actions/disruptive/drop.cc +++ b/src/actions/disruptive/drop.cc @@ -13,26 +13,26 @@ * */ + #include "src/actions/disruptive/drop.h" -#include -#include #include -#include -#include -#include "modsecurity/rules_set.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/utils/string.h" -#include "modsecurity/modsecurity.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" +#include "modsecurity/rule_message.h" + namespace modsecurity { namespace actions { namespace disruptive { -bool Drop::execute(Transaction *transaction) { +bool Drop::execute(Transaction *transaction) noexcept { ms_dbg_a(transaction, 8, "Running action drop " \ "[executing deny instead of drop.]"); @@ -42,9 +42,11 @@ bool Drop::execute(Transaction *transaction) { transaction->m_it.disruptive = true; intervention::freeLog(&transaction->m_it); - //transaction->messageGetLast()->setRule(rule); + transaction->m_it.log = strdup( - transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str()); + transaction->messageGetLast()->log( + RuleMessage::LogMessageInfo::ClientLogMessageInfo) + .c_str()); return true; } diff --git a/src/actions/disruptive/drop.h b/src/actions/disruptive/drop.h index ea20ca72..d9ac8be4 100644 --- a/src/actions/disruptive/drop.h +++ b/src/actions/disruptive/drop.h @@ -13,27 +13,31 @@ * */ + #include -#include #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule_message.h" + +#include "src/actions/disruptive/disruptive_action.h" + #ifndef SRC_ACTIONS_DISRUPTIVE_DROP_H_ #define SRC_ACTIONS_DISRUPTIVE_DROP_H_ + namespace modsecurity { namespace actions { namespace disruptive { -class Drop : public Action { +class Drop : public ActionDisruptive { public: - explicit Drop(const std::string &action) : Action(action) { } + Drop() + : Action("drop") + { } - bool execute(Transaction *transaction) override; - bool isDisruptive() override { return true; } + bool execute(Transaction *transaction) noexcept override; }; diff --git a/src/actions/disruptive/pass.cc b/src/actions/disruptive/pass.cc index 549b6ce7..ee20ed14 100644 --- a/src/actions/disruptive/pass.cc +++ b/src/actions/disruptive/pass.cc @@ -13,23 +13,25 @@ * */ + #include "src/actions/disruptive/pass.h" -#include #include -#include -#include "modsecurity/rules_set.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "modsecurity/rule_message.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" + namespace modsecurity { namespace actions { namespace disruptive { -bool Pass::execute(Transaction *transaction) { +bool Pass::execute(Transaction *transaction) noexcept { intervention::free(&transaction->m_it); intervention::reset(&transaction->m_it); diff --git a/src/actions/disruptive/pass.h b/src/actions/disruptive/pass.h index 0b512500..a09e3fa5 100644 --- a/src/actions/disruptive/pass.h +++ b/src/actions/disruptive/pass.h @@ -13,26 +13,31 @@ * */ + #include -#include #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" +#include "src/actions/disruptive/disruptive_action.h" + + #ifndef SRC_ACTIONS_DISRUPTIVE_PASS_H_ #define SRC_ACTIONS_DISRUPTIVE_PASS_H_ + namespace modsecurity { namespace actions { namespace disruptive { -class Pass : public Action { +class Pass : public ActionDisruptive { public: - explicit Pass(const std::string &action) : Action(action) { } + Pass() + : Action("pass") + { } - bool execute(Transaction *transaction) override; - bool isDisruptive() override { return true; } + bool execute(Transaction *transaction) noexcept override; }; diff --git a/src/actions/disruptive/redirect.cc b/src/actions/disruptive/redirect.cc index ee495e92..13a64643 100644 --- a/src/actions/disruptive/redirect.cc +++ b/src/actions/disruptive/redirect.cc @@ -13,32 +13,31 @@ * */ + #include "src/actions/disruptive/redirect.h" -#include -#include #include -#include #include "modsecurity/transaction.h" -#include "src/utils/string.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" +#include "modsecurity/rule_message.h" + namespace modsecurity { namespace actions { namespace disruptive { -bool Redirect::init(std::string *error) { - m_status = 302; - return true; -} - - -bool Redirect::execute(Transaction *transaction) { +bool Redirect::execute(Transaction *transaction) noexcept { std::string m_urlExpanded(getEvaluatedRunTimeString(transaction)); /* if it was changed before, lets keep it. */ if (transaction->m_it.status == 200 - || (!(transaction->m_it.status <= 307 && transaction->m_it.status >= 301))) { + || (!(transaction->m_it.status <= 307 + && transaction->m_it.status >= 301))) { transaction->m_it.status = m_status; } @@ -48,7 +47,9 @@ bool Redirect::execute(Transaction *transaction) { intervention::freeLog(&transaction->m_it); transaction->m_it.log = strdup( - transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str()); + transaction->messageGetLast()->log( + RuleMessage::LogMessageInfo::ClientLogMessageInfo) + .c_str()); return true; } diff --git a/src/actions/disruptive/redirect.h b/src/actions/disruptive/redirect.h index 9688047a..6f00af7f 100644 --- a/src/actions/disruptive/redirect.h +++ b/src/actions/disruptive/redirect.h @@ -13,49 +13,49 @@ * */ + #include #include #include #include "modsecurity/actions/action.h" -#include "modsecurity/rule_message.h" +#include "modsecurity/transaction.h" + #include "src/actions/action_with_run_time_string.h" +#include "src/actions/disruptive/disruptive_action.h" +#include "src/run_time_string.h" + #ifndef SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_ #define SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_ -#ifdef __cplusplus -class Transaction; namespace modsecurity { -class Transaction; - namespace actions { namespace disruptive { -class Redirect : public ActionWithRunTimeString { +class Redirect : public ActionWithRunTimeString, public ActionDisruptive { public: explicit Redirect(std::unique_ptr runTimeString) - : ActionWithRunTimeString( - "redirert", - RunTimeOnlyIfMatchKind, - std::move(runTimeString)), - m_status(0) - { }; + : ActionWithRunTimeString(std::move(runTimeString)), + Action("redirect"), + m_status(302) + { } + explicit Redirect(const Redirect &action) : ActionWithRunTimeString(action), + ActionDisruptive(action), + Action(action), m_status(action.m_status) - { }; + { } - bool init(std::string *error) override; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; - bool isDisruptive() override { return true; } - virtual ActionWithRunTimeString *clone() override { + ActionWithRunTimeString *clone() override { return new Redirect(*this); } @@ -67,6 +67,6 @@ class Redirect : public ActionWithRunTimeString { } // namespace disruptive } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_ diff --git a/src/actions/exec.cc b/src/actions/exec.cc index 0500fbe6..3d8b6601 100644 --- a/src/actions/exec.cc +++ b/src/actions/exec.cc @@ -13,15 +13,18 @@ * */ + #include "src/actions/exec.h" -#include #include -#include "modsecurity/rules_set.h" -#include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" + #include "src/utils/system.h" #include "src/engine/lua.h" @@ -33,7 +36,7 @@ namespace actions { bool Exec::init(std::string *error) { std::string err; - m_script = utils::find_resource(m_parser_payload, "", &err); + m_script = utils::find_resource(m_parserPayload, "", &err); if (m_script.size() == 0) { error->assign("exec: Script not found: " + err); @@ -49,7 +52,7 @@ bool Exec::init(std::string *error) { } -bool Exec::execute(Transaction *t) { +bool Exec::execute(Transaction *t) noexcept { ms_dbg_a(t, 8, "Running script... " + m_script); m_lua.run(t); return true; diff --git a/src/actions/exec.h b/src/actions/exec.h index 9bfaf54e..7fca049f 100644 --- a/src/actions/exec.h +++ b/src/actions/exec.h @@ -13,6 +13,7 @@ * */ + #include #include "modsecurity/actions/action.h" @@ -21,22 +22,21 @@ #ifndef SRC_ACTIONS_EXEC_H_ #define SRC_ACTIONS_EXEC_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { class Exec : public Action { public: - explicit Exec(const std::string &action) + explicit Exec(const std::string &action) : Action(action), - m_script("") { } + m_script("") + { } ~Exec() { } - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; bool init(std::string *error) override; private: diff --git a/src/actions/init_col.cc b/src/actions/init_col.cc index 64472028..2de14054 100644 --- a/src/actions/init_col.cc +++ b/src/actions/init_col.cc @@ -13,14 +13,17 @@ * */ + #include "src/actions/init_col.h" -#include #include -#include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" namespace modsecurity { @@ -28,9 +31,9 @@ namespace actions { bool InitCol::init(std::string *error) { - int posEquals = m_parser_payload.find("="); + int posEquals = m_parserPayload.find("="); - if (m_parser_payload.size() < 2) { + if (m_parserPayload.size() < 2) { error->assign("Something wrong with initcol format: too small"); return false; } @@ -40,7 +43,7 @@ bool InitCol::init(std::string *error) { return false; } - m_collection_key = std::string(m_parser_payload, 0, posEquals); + m_collection_key = std::string(m_parserPayload, 0, posEquals); if (m_collection_key != "ip" && m_collection_key != "global" && @@ -54,7 +57,7 @@ bool InitCol::init(std::string *error) { } -bool InitCol::execute(Transaction *t) { +bool InitCol::execute(Transaction *t) noexcept { std::string collectionName(getEvaluatedRunTimeString(t)); if (m_collection_key == "ip") { diff --git a/src/actions/init_col.h b/src/actions/init_col.h index c4b5f0e4..3554a17d 100644 --- a/src/actions/init_col.h +++ b/src/actions/init_col.h @@ -13,6 +13,7 @@ * */ + #include #include #include @@ -33,23 +34,22 @@ class InitCol : public ActionWithRunTimeString { public: InitCol( const std::string &action, - std::unique_ptr runTimeString - ) : ActionWithRunTimeString( - action, - std::move(runTimeString) - ) - { }; + std::unique_ptr runTimeString) + : ActionWithRunTimeString(std::move(runTimeString)), + Action(action) + { } InitCol(const InitCol &action) : ActionWithRunTimeString(action), + Action(action), m_collection_key(action.m_collection_key) - { }; + { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; - virtual ActionWithRunTimeString *clone() override { + ActionWithRunTimeString *clone() override { return new InitCol(*this); } diff --git a/src/actions/log.cc b/src/actions/log.cc index e66c3c3f..3d0b5ae7 100644 --- a/src/actions/log.cc +++ b/src/actions/log.cc @@ -13,25 +13,13 @@ * */ + #include "src/actions/log.h" -#include -#include -#include - -#include "modsecurity/actions/action.h" -#include "modsecurity/transaction.h" -#include "src/operators/operator.h" -#include "modsecurity/rule_message.h" namespace modsecurity { namespace actions { -bool Log::execute(Transaction *transaction) { - return true; -} - - } // namespace actions } // namespace modsecurity diff --git a/src/actions/log.h b/src/actions/log.h index 4835dcbb..caa968da 100644 --- a/src/actions/log.h +++ b/src/actions/log.h @@ -13,29 +13,36 @@ * */ -#include -#include #include "modsecurity/actions/action.h" +#include "src/actions/action_allowed_in_sec_default_action.h" +#include "src/actions/action_type_rule_metadata.h" +#include "src/rule_with_actions.h" + + #ifndef SRC_ACTIONS_LOG_H_ #define SRC_ACTIONS_LOG_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { -class Log : public Action { +class Log : public ActionTypeRuleMetaData, + public ActionAllowedAsSecDefaultAction { public: - explicit Log(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + Log() + : Action("log") + { } + + void configure(RuleWithActions *rule) override { + rule->setHasLogAction(true); + } - bool execute(Transaction *transaction) override; }; + } // namespace actions } // namespace modsecurity diff --git a/src/actions/log_data.cc b/src/actions/log_data.cc index 66fe42b1..f9a73b7d 100644 --- a/src/actions/log_data.cc +++ b/src/actions/log_data.cc @@ -13,25 +13,21 @@ * */ + #include "src/actions/log_data.h" -#include #include -#include -#include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" #include "modsecurity/rule_message.h" namespace modsecurity { namespace actions { - -bool LogData::execute(Transaction *transaction) { - transaction->messageGetLast()->m_data = getEvaluatedRunTimeString(transaction); - +bool LogData::execute(Transaction *transaction) noexcept { + transaction->messageGetLast()->m_data = + getEvaluatedRunTimeString(transaction); return true; } diff --git a/src/actions/log_data.h b/src/actions/log_data.h index 19540503..a4f8fabf 100644 --- a/src/actions/log_data.h +++ b/src/actions/log_data.h @@ -13,42 +13,39 @@ * */ -#include -#include -#include #include "modsecurity/actions/action.h" + #include "src/actions/action_with_run_time_string.h" +#include "src/run_time_string.h" + #ifndef SRC_ACTIONS_LOG_DATA_H_ #define SRC_ACTIONS_LOG_DATA_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { class LogData : public ActionWithRunTimeString { public: explicit LogData(std::unique_ptr runTimeString) - : ActionWithRunTimeString( - "logdata", - RunTimeOnlyIfMatchKind, - std::move(runTimeString) - ) - { }; + : ActionWithRunTimeString(std::move(runTimeString)), + Action("logdata") + { } explicit LogData(const LogData &data) - : ActionWithRunTimeString(data) - { }; + : ActionWithRunTimeString(data), + Action(data) + { } - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; - virtual ActionWithRunTimeString *clone() override { + ActionWithRunTimeString *clone() override { return new LogData(*this); } + }; diff --git a/src/actions/maturity.cc b/src/actions/maturity.cc index 1017a412..ee12200f 100644 --- a/src/actions/maturity.cc +++ b/src/actions/maturity.cc @@ -13,16 +13,11 @@ * */ + #include "src/actions/maturity.h" -#include #include -#include "modsecurity/actions/action.h" -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/rule_with_actions.h" - namespace modsecurity { namespace actions { @@ -30,9 +25,9 @@ namespace actions { bool Maturity::init(std::string *error) { try { - m_maturity = std::stoi(m_parser_payload); + m_maturity = std::stoi(m_parserPayload); } catch (...) { - error->assign("Maturity: The input \"" + m_parser_payload + "\" is " \ + error->assign("Maturity: The input \"" + m_parserPayload + "\" is " \ "not a number."); return false; } diff --git a/src/actions/maturity.h b/src/actions/maturity.h index f7b68720..729476eb 100644 --- a/src/actions/maturity.h +++ b/src/actions/maturity.h @@ -13,9 +13,10 @@ * */ + #include -#include "src/actions/action_type_configure.h" +#include "src/actions/action_type_rule_metadata.h" #ifndef SRC_ACTIONS_MATURITY_H_ @@ -28,15 +29,15 @@ class Transaction; namespace actions { -class Maturity : public ActionTypeConfigure { +class Maturity : public ActionTypeRuleMetaData { public: - explicit Maturity(const std::string &action) - : ActionTypeConfigure(action), + explicit Maturity(const std::string &action) + : Action(action), m_maturity(0) { } bool init(std::string *error) override; - virtual void configure(RuleWithActions *rule) override { + void configure(RuleWithActions *rule) override { rule->setMaturity(m_maturity); } diff --git a/src/actions/msg.cc b/src/actions/msg.cc index f5921c15..e882fab3 100644 --- a/src/actions/msg.cc +++ b/src/actions/msg.cc @@ -13,16 +13,19 @@ * */ + #include "src/actions/msg.h" -#include #include -#include -#include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "modsecurity/rule_message.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" + +#include "src/run_time_string.h" /* * Description: Assigns a custom message to the rule or chain in which it @@ -46,7 +49,7 @@ namespace modsecurity { namespace actions { -bool Msg::execute(Transaction *transaction) { +bool Msg::execute(Transaction *transaction) noexcept { std::string msg = getEvaluatedRunTimeString(transaction); transaction->messageGetLast()->m_message = msg; ms_dbg_a(transaction, 9, "Saving msg: " + msg); diff --git a/src/actions/msg.h b/src/actions/msg.h index 3f18beaa..eea2ce67 100644 --- a/src/actions/msg.h +++ b/src/actions/msg.h @@ -13,6 +13,7 @@ * */ + #include #include #include @@ -34,20 +35,18 @@ namespace actions { class Msg : public ActionWithRunTimeString { public: explicit Msg(std::unique_ptr runTimeString) - : ActionWithRunTimeString( - "msg", - RunTimeOnlyIfMatchKind, - std::move(runTimeString) - ) + : ActionWithRunTimeString(std::move(runTimeString)), + Action("msg") { }; explicit Msg(const Msg &action) - : ActionWithRunTimeString(action) + : ActionWithRunTimeString(action), + Action(action) { }; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; - virtual ActionWithRunTimeString *clone() override { + ActionWithRunTimeString *clone() override { return new Msg(*this); } }; diff --git a/src/actions/multi_match.cc b/src/actions/multi_match.cc index c7b9f839..cf39e150 100644 --- a/src/actions/multi_match.cc +++ b/src/actions/multi_match.cc @@ -13,22 +13,13 @@ * */ + #include "src/actions/multi_match.h" -#include -#include - -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" namespace modsecurity { namespace actions { -bool MultiMatch::execute(Transaction *transaction) { - return true; -} - - } // namespace actions } // namespace modsecurity diff --git a/src/actions/multi_match.h b/src/actions/multi_match.h index 54563130..f8a72694 100644 --- a/src/actions/multi_match.h +++ b/src/actions/multi_match.h @@ -13,33 +13,34 @@ * */ + #include -#include "modsecurity/actions/action.h" +#include "src/actions/action_type_rule_metadata.h" + #ifndef SRC_ACTIONS_MULTI_MATCH_H_ #define SRC_ACTIONS_MULTI_MATCH_H_ -#ifdef __cplusplus -class Transaction; - namespace modsecurity { -class Transaction; -class RuleWithOperator; - namespace actions { -class MultiMatch : public Action { +class MultiMatch : public ActionTypeRuleMetaData { public: - explicit MultiMatch(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + MultiMatch() + : Action("multiMatch") + { } - bool execute(Transaction *transaction) override; + + void configure(RuleWithActions *rule) override { + rule->setHasMultimatchAction(true); + } }; + } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_MULTI_MATCH_H_ diff --git a/src/actions/no_audit_log.cc b/src/actions/no_audit_log.cc index 92b7e2f9..71a1d244 100644 --- a/src/actions/no_audit_log.cc +++ b/src/actions/no_audit_log.cc @@ -13,20 +13,17 @@ * */ + #include "src/actions/no_audit_log.h" -#include -#include - #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "modsecurity/rule_message.h" + namespace modsecurity { namespace actions { -bool NoAuditLog::execute(Transaction *transaction) { +bool NoAuditLog::execute(Transaction *transaction) noexcept { transaction->messageSetNoAuditLog(true); return true; } diff --git a/src/actions/no_audit_log.h b/src/actions/no_audit_log.h index 66dc72cd..cd1818d4 100644 --- a/src/actions/no_audit_log.h +++ b/src/actions/no_audit_log.h @@ -13,33 +13,32 @@ * */ -#include -#include #include "modsecurity/actions/action.h" +#include "modsecurity/transaction.h" +#include "src/actions/action_allowed_in_sec_default_action.h" + #ifndef SRC_ACTIONS_NO_AUDIT_LOG_H_ #define SRC_ACTIONS_NO_AUDIT_LOG_H_ -#ifdef __cplusplus -class Transaction; namespace modsecurity { -class Transaction; - namespace actions { -class NoAuditLog : public Action { +class NoAuditLog : public ActionAllowedAsSecDefaultAction { public: - explicit NoAuditLog(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + NoAuditLog() + : Action("noAuditLog") + { } - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; }; + } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_NO_AUDIT_LOG_H_ diff --git a/src/actions/no_log.cc b/src/actions/no_log.cc index d87e396c..5375201e 100644 --- a/src/actions/no_log.cc +++ b/src/actions/no_log.cc @@ -13,26 +13,13 @@ * */ + #include "src/actions/no_log.h" -#include -#include -#include - -#include "modsecurity/actions/action.h" -#include "modsecurity/transaction.h" -#include "src/operators/operator.h" -#include "modsecurity/rule_message.h" - namespace modsecurity { namespace actions { -bool NoLog::execute(Transaction *transaction) { - return true; -} - - } // namespace actions } // namespace modsecurity diff --git a/src/actions/no_log.h b/src/actions/no_log.h index 645290a7..126458d9 100644 --- a/src/actions/no_log.h +++ b/src/actions/no_log.h @@ -13,29 +13,34 @@ * */ -#include -#include #include "modsecurity/actions/action.h" +#include "src/actions/action_type_rule_metadata.h" +#include "src/actions/action_allowed_in_sec_default_action.h" + + #ifndef SRC_ACTIONS_NO_LOG_H_ #define SRC_ACTIONS_NO_LOG_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { -class NoLog : public Action { +class NoLog : public ActionTypeRuleMetaData, + public ActionAllowedAsSecDefaultAction { public: - explicit NoLog(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind) { } + NoLog() + : Action("noLog") + { } - bool execute(Transaction *transaction) override; + void configure(RuleWithActions *rule) override { + rule->setHasNoLogAction(true); + } }; + } // namespace actions } // namespace modsecurity diff --git a/src/actions/phase.cc b/src/actions/phase.cc index d999e201..fe772bf3 100644 --- a/src/actions/phase.cc +++ b/src/actions/phase.cc @@ -15,25 +15,22 @@ #include "src/actions/phase.h" -#include #include #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "modsecurity/modsecurity.h" + #include "src/utils/string.h" -#include "src/rule_with_actions.h" namespace modsecurity { namespace actions { bool Phase::init(std::string *error) { - std::string a = utils::string::tolower(m_parser_payload); + std::string a = utils::string::tolower(m_parserPayload); m_phase = -1; try { - m_phase = std::stoi(m_parser_payload); + m_phase = std::stoi(m_parserPayload); if (m_phase == 0) { m_phase = modsecurity::Phases::ConnectionPhase; m_secRulesPhase = 0; @@ -53,7 +50,7 @@ bool Phase::init(std::string *error) { m_phase = modsecurity::Phases::LoggingPhase; m_secRulesPhase = 5; } else { - error->assign("Unknown phase: " + m_parser_payload); + error->assign("Unknown phase: " + m_parserPayload); return false; } } catch (...) { diff --git a/src/actions/phase.h b/src/actions/phase.h index b9e57acd..7b122c98 100644 --- a/src/actions/phase.h +++ b/src/actions/phase.h @@ -13,44 +13,48 @@ * */ + #include -#include "src/actions/action_type_configure.h" +#include "src/actions/action_type_rule_metadata.h" #ifndef SRC_ACTIONS_PHASE_H_ #define SRC_ACTIONS_PHASE_H_ -#ifdef __cplusplus -class Transaction; namespace modsecurity { -class Transaction; -class RuleWithOperator; - namespace actions { -class Phase : public ActionTypeConfigure { +class Phase : public ActionTypeRuleMetaData { public: explicit Phase(const std::string &action) - : ActionTypeConfigure(action), + : Action(action), m_phase(0), m_secRulesPhase(0) { } bool init(std::string *error) override; - virtual void configure(RuleWithActions *rule) override { + void configure(RuleWithActions *rule) override { rule->setPhase(m_phase); } + int getSecRulePhase() { + return m_secRulesPhase; + } + int getPhase() { + return m_phase; + } + + private: int m_phase; int m_secRulesPhase; }; + } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_PHASE_H_ diff --git a/src/actions/rev.cc b/src/actions/rev.cc index 52e4fd6f..49e1c1b5 100644 --- a/src/actions/rev.cc +++ b/src/actions/rev.cc @@ -13,23 +13,18 @@ * */ + #include "src/actions/rev.h" -#include #include -#include "modsecurity/actions/action.h" -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/rule_with_actions.h" - namespace modsecurity { namespace actions { bool Rev::init(std::string *error) { - m_revision = m_parser_payload; + m_revision = m_parserPayload; return true; } diff --git a/src/actions/rev.h b/src/actions/rev.h index 6e0ffd33..b577bd21 100644 --- a/src/actions/rev.h +++ b/src/actions/rev.h @@ -13,34 +13,35 @@ * */ + #include -#include "src/actions/action_type_configure.h" +#include "src/actions/action_type_rule_metadata.h" #ifndef SRC_ACTIONS_REV_H_ #define SRC_ACTIONS_REV_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { -class Rev : public ActionTypeConfigure { +class Rev : public ActionTypeRuleMetaData { public: explicit Rev(const std::string &action) - : ActionTypeConfigure(action), + : Action(action), m_revision("") - { }; + { } bool init(std::string *error) override; - virtual void configure(RuleWithActions *rule) override { + + void configure(RuleWithActions *rule) override { rule->setRevision(m_revision); } + private: - std::string m_revision; + std::string m_revision; }; diff --git a/src/actions/rule_id.cc b/src/actions/rule_id.cc index d4a7cf3b..7cce70e4 100644 --- a/src/actions/rule_id.cc +++ b/src/actions/rule_id.cc @@ -13,22 +13,18 @@ * */ + #include "src/actions/rule_id.h" -#include #include -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/rule_with_actions.h" - namespace modsecurity { namespace actions { bool RuleId::init(std::string *error) { - std::string a = m_parser_payload; + std::string a = m_parserPayload; try { m_ruleId = std::stod(a); diff --git a/src/actions/rule_id.h b/src/actions/rule_id.h index 6d37586a..8813c7c5 100644 --- a/src/actions/rule_id.h +++ b/src/actions/rule_id.h @@ -13,41 +13,40 @@ * */ + #include -#include "src/actions/action_type_configure.h" +#include "src/actions/action_type_rule_metadata.h" #ifndef SRC_ACTIONS_RULE_ID_H_ #define SRC_ACTIONS_RULE_ID_H_ -#ifdef __cplusplus -class Transaction; namespace modsecurity { -class Transaction; -class RuleWithOperator; - namespace actions { -class RuleId : public ActionTypeConfigure { +class RuleId : public ActionTypeRuleMetaData { public: - explicit RuleId(const std::string &action) - : ActionTypeConfigure(action), - m_ruleId(0) { } + explicit RuleId(const std::string &action) + : Action(action), + m_ruleId(0) + { } bool init(std::string *error) override; - virtual void configure(RuleWithActions *rule) override { + void configure(RuleWithActions *rule) override { rule->setId(m_ruleId); } + private: double m_ruleId; }; + } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_RULE_ID_H_ diff --git a/src/actions/set_env.cc b/src/actions/set_env.cc index cfba6c94..38131973 100644 --- a/src/actions/set_env.cc +++ b/src/actions/set_env.cc @@ -13,22 +13,26 @@ * */ + #include "src/actions/set_env.h" -#include #include #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/utils/string.h" -#include "src/rule_with_actions.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" + +#include "src/run_time_string.h" namespace modsecurity { namespace actions { -bool SetENV::execute(Transaction *t) { +bool SetENV::execute(Transaction *t) noexcept { std::string colNameExpanded(getEvaluatedRunTimeString(t)); ms_dbg_a(t, 8, "Setting envoriment variable: " diff --git a/src/actions/set_env.h b/src/actions/set_env.h index f8435cc9..d150b6aa 100644 --- a/src/actions/set_env.h +++ b/src/actions/set_env.h @@ -13,6 +13,7 @@ * */ + #include #include #include @@ -33,20 +34,18 @@ namespace actions { class SetENV : public ActionWithRunTimeString { public: explicit SetENV(std::unique_ptr runTimeString) - : ActionWithRunTimeString( - "setenv", - RunTimeOnlyIfMatchKind, - std::move(runTimeString) - ) + : ActionWithRunTimeString(std::move(runTimeString)), + Action("setenv") { }; explicit SetENV(const SetENV &action) - : ActionWithRunTimeString(action) + : ActionWithRunTimeString(action), + Action(action) { }; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; - virtual ActionWithRunTimeString *clone() override { + ActionWithRunTimeString *clone() override { return new SetENV(*this); } }; diff --git a/src/actions/set_rsc.cc b/src/actions/set_rsc.cc index 5db01b05..dc3ddbea 100644 --- a/src/actions/set_rsc.cc +++ b/src/actions/set_rsc.cc @@ -13,20 +13,24 @@ * */ + #include "src/actions/set_rsc.h" -#include #include #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" namespace modsecurity { namespace actions { -bool SetRSC::execute(Transaction *t) { +bool SetRSC::execute(Transaction *t) noexcept { std::string colNameExpanded(getEvaluatedRunTimeString(t)); ms_dbg_a(t, 8, "RESOURCE initiated with value: \'" + colNameExpanded + "\'."); diff --git a/src/actions/set_rsc.h b/src/actions/set_rsc.h index ed031354..f83bd479 100644 --- a/src/actions/set_rsc.h +++ b/src/actions/set_rsc.h @@ -13,6 +13,7 @@ * */ + #include #include #include @@ -33,20 +34,18 @@ namespace actions { class SetRSC : public ActionWithRunTimeString { public: explicit SetRSC(std::unique_ptr runTimeString) - : ActionWithRunTimeString( - "setsrc", - RunTimeOnlyIfMatchKind, - std::move(runTimeString) - ) + : ActionWithRunTimeString(std::move(runTimeString)), + Action("setsrc") { }; explicit SetRSC(const SetRSC &action) - : ActionWithRunTimeString(action) + : ActionWithRunTimeString(action), + Action(action) { }; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; - virtual ActionWithRunTimeString *clone() override { + ActionWithRunTimeString *clone() override { return new SetRSC(*this); } }; diff --git a/src/actions/set_sid.cc b/src/actions/set_sid.cc index 4ce75d83..5983745e 100644 --- a/src/actions/set_sid.cc +++ b/src/actions/set_sid.cc @@ -13,20 +13,24 @@ * */ + #include "src/actions/set_sid.h" -#include #include #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" namespace modsecurity { namespace actions { -bool SetSID::execute(Transaction *t) { +bool SetSID::execute(Transaction *t) noexcept { std::string colNameExpanded(getEvaluatedRunTimeString(t)); ms_dbg_a(t, 8, "Session ID initiated with value: \'" + colNameExpanded + "\'."); diff --git a/src/actions/set_sid.h b/src/actions/set_sid.h index 998aec76..d7b8c1a4 100644 --- a/src/actions/set_sid.h +++ b/src/actions/set_sid.h @@ -13,6 +13,7 @@ * */ + #include #include #include @@ -33,20 +34,18 @@ namespace actions { class SetSID : public ActionWithRunTimeString { public: explicit SetSID(std::unique_ptr runTimeString) - : ActionWithRunTimeString( - "setsid", - RunTimeOnlyIfMatchKind, - std::move(runTimeString) - ) + : ActionWithRunTimeString(std::move(runTimeString)), + Action("setsid") { }; SetSID(const SetSID &action) - : ActionWithRunTimeString(action) + : ActionWithRunTimeString(action), + Action(action) { }; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; - virtual ActionWithRunTimeString *clone() override { + ActionWithRunTimeString *clone() override { return new SetSID(*this); } }; diff --git a/src/actions/set_uid.cc b/src/actions/set_uid.cc index 643bab48..958d634b 100644 --- a/src/actions/set_uid.cc +++ b/src/actions/set_uid.cc @@ -13,20 +13,24 @@ * */ + #include "src/actions/set_uid.h" -#include #include #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" namespace modsecurity { namespace actions { -bool SetUID::execute(Transaction *t) { +bool SetUID::execute(Transaction *t) noexcept { std::string colNameExpanded(getEvaluatedRunTimeString(t)); ms_dbg_a(t, 8, "User collection initiated with value: \'" + colNameExpanded + "\'."); diff --git a/src/actions/set_uid.h b/src/actions/set_uid.h index b7642ba0..5eaa2a0c 100644 --- a/src/actions/set_uid.h +++ b/src/actions/set_uid.h @@ -13,6 +13,7 @@ * */ + #include #include #include @@ -33,23 +34,20 @@ namespace actions { class SetUID : public ActionWithRunTimeString { public: explicit SetUID(std::unique_ptr runTimeString) - : ActionWithRunTimeString( - "setuid", - RunTimeOnlyIfMatchKind, - std::move(runTimeString) - ) + : ActionWithRunTimeString(std::move(runTimeString)), + Action("setuid") { }; explicit SetUID(const SetUID &action) - : ActionWithRunTimeString(action) + : ActionWithRunTimeString(action), + Action(action) { }; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; - virtual ActionWithRunTimeString *clone() override { + ActionWithRunTimeString *clone() override { return new SetUID(*this); } - }; diff --git a/src/actions/set_var.cc b/src/actions/set_var.cc index e0712558..2b07940c 100644 --- a/src/actions/set_var.cc +++ b/src/actions/set_var.cc @@ -13,24 +13,24 @@ * */ + #include "src/actions/set_var.h" -#include #include -#include -#include "modsecurity/rules_set.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/utils/string.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" + #include "src/variables/global.h" #include "src/variables/ip.h" #include "src/variables/resource.h" #include "src/variables/session.h" #include "src/variables/tx.h" #include "src/variables/user.h" -#include "src/variables/variable.h" -#include "src/rule_with_operator.h" namespace modsecurity { @@ -42,7 +42,7 @@ bool SetVar::init(std::string *error) { } -bool SetVar::execute(Transaction *t) { +bool SetVar::execute(Transaction *t) noexcept { std::string targetValue; std::string resolvedPre; diff --git a/src/actions/set_var.h b/src/actions/set_var.h index 3870ee33..e200447c 100644 --- a/src/actions/set_var.h +++ b/src/actions/set_var.h @@ -13,23 +13,26 @@ * */ + #include #include #include #include "modsecurity/actions/action.h" +#include "modsecurity/transaction.h" #include "src/actions/action_with_run_time_string.h" #include "src/variables/variable_with_runtime_string.h" +#include "src/rule_with_operator.h" + #ifndef SRC_ACTIONS_SET_VAR_H_ #define SRC_ACTIONS_SET_VAR_H_ -namespace modsecurity { -class Transaction; -class RuleWithOperator; +namespace modsecurity { namespace actions { + enum SetVarOperation { /* Set variable to something */ setOperation, @@ -43,57 +46,66 @@ enum SetVarOperation { unsetOperation, }; + class SetVar : public ActionWithRunTimeString { public: SetVar(SetVarOperation operation, std::unique_ptr variable, std::unique_ptr predicate) - : ActionWithRunTimeString("setvar", std::move(predicate)), + : ActionWithRunTimeString(std::move(predicate)), m_operation(operation), - m_variable(std::move(variable)) - { }; + m_variable(std::move(variable)), + Action("setvar") + { } SetVar(SetVarOperation operation, std::unique_ptr variable) - : ActionWithRunTimeString("setvar"), + : ActionWithRunTimeString(), + Action("setvar"), m_operation(operation), m_variable(std::move(variable)) - { }; + { } SetVar(const SetVar &var) : ActionWithRunTimeString(var), + Action(var), m_operation(var.m_operation), - m_variable(var.m_variable) - { - variables::RuleVariable *rv = dynamic_cast(m_variable.get()); + m_variable(var.m_variable) { + variables::RuleVariable *rv = dynamic_cast( + m_variable.get()); if (rv != nullptr) { auto nrv = rv->clone(); rv = dynamic_cast(nrv); rv->populate(nullptr); m_variable = std::unique_ptr(nrv); } - }; + } - - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; bool init(std::string *error) override; void populate(RuleWithActions *rule) override { ActionWithRunTimeString::populate(rule); - variables::RuleVariable *rulev = dynamic_cast(m_variable.get()); + variables::RuleVariable *rulev = + dynamic_cast( + m_variable.get()); + if (rulev != nullptr) { rulev->populate(rule); } - variables::VariableWithRunTimeString *rulev2 = dynamic_cast(m_variable.get()); + variables::VariableWithRunTimeString *rulev2 = + dynamic_cast( + m_variable.get()); + if (rulev2 != nullptr) { rulev2->populate(rule); } } - virtual ActionWithRunTimeString *clone() override { + ActionWithRunTimeString *clone() override { return new SetVar(*this); } @@ -102,6 +114,7 @@ class SetVar : public ActionWithRunTimeString { std::shared_ptr m_variable; }; + } // namespace actions } // namespace modsecurity diff --git a/src/actions/severity.cc b/src/actions/severity.cc index 4d368b28..99f574be 100644 --- a/src/actions/severity.cc +++ b/src/actions/severity.cc @@ -13,18 +13,18 @@ * */ + #include "src/actions/severity.h" -#include #include -#include +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ #include "modsecurity/rules_set.h" -#include "modsecurity/actions/action.h" -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" + #include "src/utils/string.h" -#include "modsecurity/rule_message.h" namespace modsecurity { @@ -32,7 +32,7 @@ namespace actions { bool Severity::init(std::string *error) { - std::string a = utils::string::tolower(m_parser_payload); + std::string a = utils::string::tolower(m_parserPayload); if (a == "emergency") { m_severity = 0; return true; @@ -71,10 +71,5 @@ bool Severity::init(std::string *error) { } -bool Severity::execute(Transaction *transaction) { - return true; -} - - } // namespace actions } // namespace modsecurity diff --git a/src/actions/severity.h b/src/actions/severity.h index 99cd5ac5..d40d102f 100644 --- a/src/actions/severity.h +++ b/src/actions/severity.h @@ -13,37 +13,41 @@ * */ + #include #include -#include "modsecurity/actions/action.h" +#include "src/actions/action_type_rule_metadata.h" + #ifndef SRC_ACTIONS_SEVERITY_H_ #define SRC_ACTIONS_SEVERITY_H_ -#ifdef __cplusplus namespace modsecurity { -class Transaction; - namespace actions { -class Severity : public Action { +class Severity : public ActionTypeRuleMetaData { public: - explicit Severity(const std::string &action) + explicit Severity(const std::string &action) : Action(action), - m_severity(0) { } + m_severity(0) + { } - bool execute(Transaction *transaction) override; bool init(std::string *error) override; + void configure(RuleWithActions *rule) override { + rule->setSeverity(m_severity); + } + + private: int m_severity; }; } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_SEVERITY_H_ diff --git a/src/actions/skip.cc b/src/actions/skip.cc index b0d9f272..07e69693 100644 --- a/src/actions/skip.cc +++ b/src/actions/skip.cc @@ -13,14 +13,18 @@ * */ + #include "src/actions/skip.h" -#include #include -#include "modsecurity/rules_set.h" -#include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" + namespace modsecurity { namespace actions { @@ -28,9 +32,9 @@ namespace actions { bool Skip::init(std::string *error) { try { - m_skip_next = std::stoi(m_parser_payload); + m_skip_next = std::stoi(m_parserPayload); } catch (...) { - error->assign("Skip: The input \"" + m_parser_payload + "\" is " \ + error->assign("Skip: The input \"" + m_parserPayload + "\" is " \ "not a number."); return false; } @@ -38,7 +42,7 @@ bool Skip::init(std::string *error) { } -bool Skip::execute(Transaction *transaction) { +bool Skip::execute(Transaction *transaction) noexcept { ms_dbg_a(transaction, 5, "Skipping the next " + \ std::to_string(m_skip_next) + " rules."); diff --git a/src/actions/skip.h b/src/actions/skip.h index a270ab8c..35898e2b 100644 --- a/src/actions/skip.h +++ b/src/actions/skip.h @@ -13,10 +13,12 @@ * */ + #include #include "modsecurity/actions/action.h" + #ifndef SRC_ACTIONS_SKIP_H_ #define SRC_ACTIONS_SKIP_H_ @@ -29,13 +31,14 @@ namespace actions { class Skip : public Action { public: - explicit Skip(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind), + explicit Skip(const std::string &action) + : Action(action), m_skip_next(0) { } bool init(std::string *error) override; - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; + private: int m_skip_next; }; diff --git a/src/actions/skip_after.cc b/src/actions/skip_after.cc index 8f486d68..5033df95 100644 --- a/src/actions/skip_after.cc +++ b/src/actions/skip_after.cc @@ -13,21 +13,24 @@ * */ + #include "src/actions/skip_after.h" -#include #include -#include "modsecurity/rules_set.h" -#include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" namespace modsecurity { namespace actions { -bool SkipAfter::execute(Transaction *transaction) { +bool SkipAfter::execute(Transaction *transaction) noexcept { ms_dbg_a(transaction, 5, "Setting skipAfter for: " + *m_skipName); transaction->addMarker(m_skipName); return true; diff --git a/src/actions/skip_after.h b/src/actions/skip_after.h index 0ae7f9a5..6c812b89 100644 --- a/src/actions/skip_after.h +++ b/src/actions/skip_after.h @@ -13,34 +13,38 @@ * */ + #include #include #include "modsecurity/actions/action.h" + #ifndef SRC_ACTIONS_SKIP_AFTER_H_ #define SRC_ACTIONS_SKIP_AFTER_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { class SkipAfter : public Action { public: - explicit SkipAfter(const std::string &action) - : Action(action, RunTimeOnlyIfMatchKind), - m_skipName(std::make_shared(m_parser_payload)) { } + explicit SkipAfter(const std::string &action) + : Action(action), + m_skipName(std::make_shared(m_parserPayload)) + { } + + bool execute(Transaction *transaction) noexcept override; - bool execute(Transaction *transaction) override; private: - std::shared_ptr m_skipName; + // FIXME: This should be a regular pointer instead of a shared pointer. + std::shared_ptr m_skipName; }; } // namespace actions } // namespace modsecurity + #endif // SRC_ACTIONS_SKIP_AFTER_H_ diff --git a/src/actions/tag.cc b/src/actions/tag.cc index c5a22928..0ec22abb 100644 --- a/src/actions/tag.cc +++ b/src/actions/tag.cc @@ -13,16 +13,18 @@ * */ + #include "src/actions/tag.h" -#include #include -#include -#include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "modsecurity/rule_message.h" +/** + * FIXME: rules_set.h inclusion is here due to ms_dbg_a. + * It should be removed. + */ +#include "modsecurity/rules_set.h" + /** * Description: Assigns a tag (category) to a rule or a chain. @@ -50,11 +52,8 @@ namespace modsecurity { namespace actions { -bool Tag::execute(Transaction *transaction) { - std::string tag = getTagName(transaction); - ms_dbg_a(transaction, 9, "Rule tag: " + tag); - - transaction->messageGetLast()->m_tags.push_back(tag); +bool Tag::execute(Transaction *transaction) noexcept { + ms_dbg_a(transaction, 9, "Rule tag: " + getTagName(transaction)); return true; } diff --git a/src/actions/tag.h b/src/actions/tag.h index 741624bd..8ff9ebbc 100644 --- a/src/actions/tag.h +++ b/src/actions/tag.h @@ -13,44 +13,44 @@ * */ + #include #include #include #include "modsecurity/actions/action.h" #include "src/actions/action_with_run_time_string.h" +#include "src/actions/action_allowed_in_sec_default_action.h" #ifndef SRC_ACTIONS_TAG_H_ #define SRC_ACTIONS_TAG_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { -class Tag : public ActionWithRunTimeString { +class Tag : public ActionWithRunTimeString, + public ActionAllowedAsSecDefaultAction { public: explicit Tag(std::unique_ptr runTimeString) - : ActionWithRunTimeString( - "tag", - RunTimeOnlyIfMatchKind, - std::move(runTimeString) - ) - { }; + : ActionWithRunTimeString(std::move(runTimeString)), + Action("tag") + { } explicit Tag(const Tag &action) - : ActionWithRunTimeString(action) - { }; + : ActionWithRunTimeString(action), + Action(action) + { } - bool execute(Transaction *transaction) override; + bool execute(Transaction *transaction) noexcept override; inline std::string getTagName(Transaction *transaction) const { return getEvaluatedRunTimeString(transaction); } - virtual ActionWithRunTimeString *clone() override { + + ActionWithRunTimeString *clone() override { return new Tag(*this); } }; diff --git a/src/actions/transformations/base64_decode.cc b/src/actions/transformations/base64_decode.cc index 40a7a442..eda000c1 100644 --- a/src/actions/transformations/base64_decode.cc +++ b/src/actions/transformations/base64_decode.cc @@ -13,17 +13,13 @@ * */ + #include "src/actions/transformations/base64_decode.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" #include "src/utils/base64.h" @@ -32,9 +28,9 @@ namespace actions { namespace transformations { -void Base64Decode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void Base64Decode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { std::string value(in.c_str(), in.size()); std::string ret = Utils::Base64::decode(value); out.assign(ret.c_str(), ret.size()); diff --git a/src/actions/transformations/base64_decode.h b/src/actions/transformations/base64_decode.h index e96c1e15..bfaa5275 100644 --- a/src/actions/transformations/base64_decode.h +++ b/src/actions/transformations/base64_decode.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class Base64Decode : public Transformation { public: - explicit Base64Decode(const std::string &action) - : Transformation(action) { } + Base64Decode() + : Action("t:base64Decode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_ diff --git a/src/actions/transformations/base64_decode_ext.cc b/src/actions/transformations/base64_decode_ext.cc index f582d7e4..a267ccac 100644 --- a/src/actions/transformations/base64_decode_ext.cc +++ b/src/actions/transformations/base64_decode_ext.cc @@ -13,17 +13,13 @@ * */ + #include "src/actions/transformations/base64_decode_ext.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" #include "src/utils/base64.h" @@ -32,9 +28,9 @@ namespace actions { namespace transformations { -void Base64DecodeExt::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void Base64DecodeExt::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { std::string ret = Utils::Base64::decode_forgiven(in.c_str()); out.assign(ret.c_str(), ret.size()); } diff --git a/src/actions/transformations/base64_decode_ext.h b/src/actions/transformations/base64_decode_ext.h index 3f36fc9f..c08c2c7f 100644 --- a/src/actions/transformations/base64_decode_ext.h +++ b/src/actions/transformations/base64_decode_ext.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_ #define SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class Base64DecodeExt : public Transformation { public: - explicit Base64DecodeExt(const std::string &action) - : Transformation(action) { } + Base64DecodeExt() + : Action("t:base64DecodeExt") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_ diff --git a/src/actions/transformations/base64_encode.cc b/src/actions/transformations/base64_encode.cc index 3560d6eb..6a3d740a 100644 --- a/src/actions/transformations/base64_encode.cc +++ b/src/actions/transformations/base64_encode.cc @@ -13,17 +13,13 @@ * */ + #include "src/actions/transformations/base64_encode.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" #include "src/utils/base64.h" @@ -32,9 +28,9 @@ namespace actions { namespace transformations { -void Base64Encode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void Base64Encode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { std::string ret = Utils::Base64::encode( std::string(in.c_str(), in.size())); out.assign(ret.c_str(), ret.size()); diff --git a/src/actions/transformations/base64_encode.h b/src/actions/transformations/base64_encode.h index 1158a5c5..c9531878 100644 --- a/src/actions/transformations/base64_encode.h +++ b/src/actions/transformations/base64_encode.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class Base64Encode : public Transformation { public: - explicit Base64Encode(const std::string &action) - : Transformation(action) { } + Base64Encode() + : Action("t:base64Encode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_ diff --git a/src/actions/transformations/cmd_line.cc b/src/actions/transformations/cmd_line.cc index 4082bed6..edf0befc 100644 --- a/src/actions/transformations/cmd_line.cc +++ b/src/actions/transformations/cmd_line.cc @@ -15,15 +15,10 @@ #include "src/actions/transformations/cmd_line.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -31,9 +26,9 @@ namespace actions { namespace transformations { -void CmdLine::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void CmdLine::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { int space = 0; for (auto& a : in) { diff --git a/src/actions/transformations/cmd_line.h b/src/actions/transformations/cmd_line.h index 3724b515..0c92edd0 100644 --- a/src/actions/transformations/cmd_line.h +++ b/src/actions/transformations/cmd_line.h @@ -13,36 +13,40 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_CMD_LINE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_CMD_LINE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class CmdLine : public Transformation { public: - explicit CmdLine(const std::string &action) - : Transformation(action) { } + CmdLine() + : Action("t:cmdLine") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_CMD_LINE_H_ diff --git a/src/actions/transformations/compress_whitespace.cc b/src/actions/transformations/compress_whitespace.cc index 7d1af976..319367bf 100644 --- a/src/actions/transformations/compress_whitespace.cc +++ b/src/actions/transformations/compress_whitespace.cc @@ -13,17 +13,13 @@ * */ + #include "src/actions/transformations/compress_whitespace.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -31,9 +27,9 @@ namespace actions { namespace transformations { -void CompressWhitespace::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void CompressWhitespace::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { int inWhiteSpace = 0; size_t i = 0; out.reserve(in.size()); diff --git a/src/actions/transformations/compress_whitespace.h b/src/actions/transformations/compress_whitespace.h index de14f33a..ba4c56f2 100644 --- a/src/actions/transformations/compress_whitespace.h +++ b/src/actions/transformations/compress_whitespace.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_COMPRESS_WHITESPACE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_COMPRESS_WHITESPACE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class CompressWhitespace : public Transformation { public: - explicit CompressWhitespace(const std::string &action) - : Transformation(action) { } + CompressWhitespace() + : Action("t:compressWhitespace") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_COMPRESS_WHITESPACE_H_ diff --git a/src/actions/transformations/css_decode.cc b/src/actions/transformations/css_decode.cc index 1ca7a824..afaaa2d0 100644 --- a/src/actions/transformations/css_decode.cc +++ b/src/actions/transformations/css_decode.cc @@ -13,19 +13,14 @@ * */ + #include "src/actions/transformations/css_decode.h" -#include - -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/utils/string.h" @@ -34,9 +29,9 @@ namespace actions { namespace transformations { -void CssDecode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void CssDecode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { size_t s = in.size(); char *tmp = reinterpret_cast( @@ -44,7 +39,8 @@ void CssDecode::execute(Transaction *t, memcpy(tmp, in.c_str(), s + 1); tmp[s] = '\0'; - size_t r = CssDecode::css_decode_inplace(reinterpret_cast(tmp), + size_t r = CssDecode::css_decode_inplace( + reinterpret_cast(tmp), s); out.assign(tmp, r); diff --git a/src/actions/transformations/css_decode.h b/src/actions/transformations/css_decode.h index 1be00f48..c584ee5b 100644 --- a/src/actions/transformations/css_decode.h +++ b/src/actions/transformations/css_decode.h @@ -13,32 +13,37 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_CSS_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_CSS_DECODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { class CssDecode : public Transformation { public: - explicit CssDecode(const std::string &action) - : Transformation(action) { } + CssDecode() + : Action("t:cssDecode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; - static int css_decode_inplace(unsigned char *input, int64_t input_len); + private: + static int css_decode_inplace(unsigned char *input, + int64_t input_len); }; @@ -46,6 +51,5 @@ class CssDecode : public Transformation { } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_CSS_DECODE_H_ diff --git a/src/actions/transformations/escape_seq_decode.cc b/src/actions/transformations/escape_seq_decode.cc index 073d314f..3bbcf9d2 100644 --- a/src/actions/transformations/escape_seq_decode.cc +++ b/src/actions/transformations/escape_seq_decode.cc @@ -13,20 +13,17 @@ * */ + #include "src/actions/transformations/escape_seq_decode.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/utils/string.h" + namespace modsecurity { namespace actions { namespace transformations { @@ -135,9 +132,9 @@ int EscapeSeqDecode::ansi_c_sequences_decode_inplace(unsigned char *input, } -void EscapeSeqDecode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void EscapeSeqDecode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *tmp = (unsigned char *) malloc(sizeof(char) * in.size() + 1); memcpy(tmp, in.c_str(), in.size() + 1); diff --git a/src/actions/transformations/escape_seq_decode.h b/src/actions/transformations/escape_seq_decode.h index 7b690687..9dd4f296 100644 --- a/src/actions/transformations/escape_seq_decode.h +++ b/src/actions/transformations/escape_seq_decode.h @@ -13,37 +13,43 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_ESCAPE_SEQ_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_ESCAPE_SEQ_DECODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class EscapeSeqDecode : public Transformation { public: - explicit EscapeSeqDecode(const std::string &action) - : Transformation(action) { } + EscapeSeqDecode() + : Action("t:escapeSeqDecode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; - static int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len); + private: + static int ansi_c_sequences_decode_inplace(unsigned char *input, + int input_len); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_ESCAPE_SEQ_DECODE_H_ diff --git a/src/actions/transformations/hex_decode.cc b/src/actions/transformations/hex_decode.cc index 212bcbee..b90bf1a0 100644 --- a/src/actions/transformations/hex_decode.cc +++ b/src/actions/transformations/hex_decode.cc @@ -13,28 +13,27 @@ * */ + #include "src/actions/transformations/hex_decode.h" -#include #include -#include -#include -#include -#include -#include #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + +#include "modsecurity/modsecurity.h" +#include "modsecurity/transaction.h" + #include "src/utils/string.h" + namespace modsecurity { namespace actions { namespace transformations { -void HexDecode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void HexDecode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; int size = 0; diff --git a/src/actions/transformations/hex_decode.h b/src/actions/transformations/hex_decode.h index 58645cea..4af8bfc9 100644 --- a/src/actions/transformations/hex_decode.h +++ b/src/actions/transformations/hex_decode.h @@ -13,37 +13,42 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_HEX_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_HEX_DECODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class HexDecode : public Transformation { public: - explicit HexDecode(const std::string &action) - : Transformation(action) { } + HexDecode() + : Action("t:hexDecode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + private: static int inplace(unsigned char *data, int len); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_HEX_DECODE_H_ diff --git a/src/actions/transformations/hex_encode.cc b/src/actions/transformations/hex_encode.cc index 4a70e896..b1676f22 100644 --- a/src/actions/transformations/hex_encode.cc +++ b/src/actions/transformations/hex_encode.cc @@ -13,18 +13,13 @@ * */ + #include "src/actions/transformations/hex_encode.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -32,9 +27,9 @@ namespace actions { namespace transformations { -void HexEncode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void HexEncode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { std::stringstream result; for (std::size_t i=0; i < in.length(); i++) { int ii = reinterpret_cast(in[i]); diff --git a/src/actions/transformations/hex_encode.h b/src/actions/transformations/hex_encode.h index 1e6ae842..545bf046 100644 --- a/src/actions/transformations/hex_encode.h +++ b/src/actions/transformations/hex_encode.h @@ -13,36 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_HEX_ENCODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_HEX_ENCODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class HexEncode : public Transformation { public: - explicit HexEncode(const std::string &action) - : Transformation(action) { } - - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + HexEncode() + : Action("t:hexEncode") + { } + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_HEX_ENCODE_H_ diff --git a/src/actions/transformations/html_entity_decode.cc b/src/actions/transformations/html_entity_decode.cc index c2909e09..6e922ff0 100644 --- a/src/actions/transformations/html_entity_decode.cc +++ b/src/actions/transformations/html_entity_decode.cc @@ -13,19 +13,15 @@ * */ + #include "src/actions/transformations/html_entity_decode.h" -#include - -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + +#include "src/utils/string.h" namespace modsecurity { @@ -33,9 +29,9 @@ namespace actions { namespace transformations { -void HtmlEntityDecode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void HtmlEntityDecode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/html_entity_decode.h b/src/actions/transformations/html_entity_decode.h index f315fb91..5413dd07 100644 --- a/src/actions/transformations/html_entity_decode.h +++ b/src/actions/transformations/html_entity_decode.h @@ -13,33 +13,35 @@ * */ -#include -#include +#include + +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" -#include "src/utils/string.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { class HtmlEntityDecode : public Transformation { public: - explicit HtmlEntityDecode(const std::string &action) - : Transformation(action) { } + HtmlEntityDecode() + : Action("t:htmlEntityDecode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + private: static int inplace(unsigned char *input, uint64_t input_len); }; @@ -48,6 +50,5 @@ class HtmlEntityDecode : public Transformation { } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_ diff --git a/src/actions/transformations/js_decode.cc b/src/actions/transformations/js_decode.cc index 32640cad..e659457c 100644 --- a/src/actions/transformations/js_decode.cc +++ b/src/actions/transformations/js_decode.cc @@ -13,19 +13,14 @@ * */ + #include "src/actions/transformations/js_decode.h" -#include - -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/utils/string.h" @@ -34,9 +29,9 @@ namespace actions { namespace transformations { -void JsDecode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void JsDecode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/js_decode.h b/src/actions/transformations/js_decode.h index c029e611..b0c15cda 100644 --- a/src/actions/transformations/js_decode.h +++ b/src/actions/transformations/js_decode.h @@ -13,37 +13,42 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_JS_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_JS_DECODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class JsDecode : public Transformation { public: - explicit JsDecode(const std::string &action) - : Transformation(action) { } + JsDecode() + : Action("t:jsDecode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + private: static int inplace(unsigned char *input, uint64_t input_len); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_JS_DECODE_H_ diff --git a/src/actions/transformations/length.cc b/src/actions/transformations/length.cc index 57f6ae2f..7aaeadcf 100644 --- a/src/actions/transformations/length.cc +++ b/src/actions/transformations/length.cc @@ -13,17 +13,13 @@ * */ + #include "src/actions/transformations/length.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -31,9 +27,9 @@ namespace actions { namespace transformations { -void Length::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void Length::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { out.assign(std::to_string(in.size()).c_str()); } diff --git a/src/actions/transformations/length.h b/src/actions/transformations/length.h index 39828159..38227be7 100644 --- a/src/actions/transformations/length.h +++ b/src/actions/transformations/length.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_LENGTH_H_ #define SRC_ACTIONS_TRANSFORMATIONS_LENGTH_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class Length : public Transformation { public: - explicit Length(const std::string &action) - : Transformation(action) { }; + Length() + : Action("t:length") + { }; - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_LENGTH_H_ diff --git a/src/actions/transformations/lower_case.cc b/src/actions/transformations/lower_case.cc index 60d3df98..1fb39c29 100644 --- a/src/actions/transformations/lower_case.cc +++ b/src/actions/transformations/lower_case.cc @@ -13,23 +13,24 @@ * */ + #include "src/actions/transformations/lower_case.h" #include #include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" -#include "modsecurity/actions/action.h" + namespace modsecurity { namespace actions { namespace transformations { -void LowerCase::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void LowerCase::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { out.resize(in.size()); std::transform(in.begin(), in.end(), out.begin(), ::tolower); } diff --git a/src/actions/transformations/lower_case.h b/src/actions/transformations/lower_case.h index 79852094..b072a037 100644 --- a/src/actions/transformations/lower_case.h +++ b/src/actions/transformations/lower_case.h @@ -13,37 +13,39 @@ * */ -#include -#include +#include + +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_LOWER_CASE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_LOWER_CASE_H_ -#ifdef __cplusplus namespace modsecurity { -class Transaction; namespace actions { namespace transformations { class LowerCase : public Transformation { public: - explicit LowerCase(const std::string &action) - : Transformation(action) { }; + LowerCase() + : Action("t:lowerCase") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_LOWER_CASE_H_ diff --git a/src/actions/transformations/md5.cc b/src/actions/transformations/md5.cc index a179e174..4e833fa5 100644 --- a/src/actions/transformations/md5.cc +++ b/src/actions/transformations/md5.cc @@ -13,17 +13,14 @@ * */ + #include "src/actions/transformations/md5.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/utils/md5.h" namespace modsecurity { @@ -31,9 +28,9 @@ namespace actions { namespace transformations { -void Md5::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void Md5::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { std::string ret = Utils::Md5::digest(std::string(in.c_str(), in.size())); out.assign(ret.c_str(), ret.size()); diff --git a/src/actions/transformations/md5.h b/src/actions/transformations/md5.h index 5b86b0ca..7cae8fe1 100644 --- a/src/actions/transformations/md5.h +++ b/src/actions/transformations/md5.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_MD5_H_ #define SRC_ACTIONS_TRANSFORMATIONS_MD5_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class Md5 : public Transformation { public: - explicit Md5(const std::string &action) - : Transformation(action) { } + Md5() + : Action("t:md5") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_MD5_H_ diff --git a/src/actions/transformations/none.cc b/src/actions/transformations/none.cc index 00b5aadc..425c371d 100644 --- a/src/actions/transformations/none.cc +++ b/src/actions/transformations/none.cc @@ -13,17 +13,13 @@ * */ + #include "src/actions/transformations/none.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -31,9 +27,9 @@ namespace actions { namespace transformations { -void None::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { } +void None::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { } } // namespace transformations diff --git a/src/actions/transformations/none.h b/src/actions/transformations/none.h index 130cbb74..30a22d90 100644 --- a/src/actions/transformations/none.h +++ b/src/actions/transformations/none.h @@ -13,40 +13,40 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_NONE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_NONE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class None : public Transformation { public: - explicit None(const std::string &action) - : Transformation(action) - { } + None() + : + Action("t:none") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; - - bool isNone() override { - return true; - } + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_NONE_H_ diff --git a/src/actions/transformations/normalise_path.cc b/src/actions/transformations/normalise_path.cc index c7ff95a9..fee87f3b 100644 --- a/src/actions/transformations/normalise_path.cc +++ b/src/actions/transformations/normalise_path.cc @@ -13,19 +13,13 @@ * */ + #include "src/actions/transformations/normalise_path.h" -#include - -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -33,9 +27,9 @@ namespace actions { namespace transformations { -void NormalisePath::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void NormalisePath::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { int changed = 0; char *tmp = reinterpret_cast( diff --git a/src/actions/transformations/normalise_path.h b/src/actions/transformations/normalise_path.h index 7fd91fc1..3015637e 100644 --- a/src/actions/transformations/normalise_path.h +++ b/src/actions/transformations/normalise_path.h @@ -13,38 +13,42 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_H_ #define SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class NormalisePath : public Transformation { public: - explicit NormalisePath(const std::string &action) - : Transformation(action) { }; + NormalisePath() + : Action("t:normalisePath") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; static int normalize_path_inplace(unsigned char *input, int input_len, int win, int *changed); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_H_ diff --git a/src/actions/transformations/normalise_path_win.cc b/src/actions/transformations/normalise_path_win.cc index a3746618..5f8b0c76 100644 --- a/src/actions/transformations/normalise_path_win.cc +++ b/src/actions/transformations/normalise_path_win.cc @@ -13,19 +13,16 @@ * */ + #include "src/actions/transformations/normalise_path_win.h" #include - -#include #include -#include -#include -#include -#include + +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/actions/transformations/normalise_path.h" @@ -34,9 +31,9 @@ namespace actions { namespace transformations { -void NormalisePathWin::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void NormalisePathWin::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { int changed; char *tmp = reinterpret_cast( diff --git a/src/actions/transformations/normalise_path_win.h b/src/actions/transformations/normalise_path_win.h index 3d7c8d75..e919a87e 100644 --- a/src/actions/transformations/normalise_path_win.h +++ b/src/actions/transformations/normalise_path_win.h @@ -13,31 +13,36 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_WIN_H_ #define SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_WIN_H_ namespace modsecurity { -class Transaction; - namespace actions { namespace transformations { + class NormalisePathWin : public Transformation { public: - explicit NormalisePathWin(const std::string &action) - : Transformation(action) { } + NormalisePathWin() + : Action("t:normalisePathWin") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity diff --git a/src/actions/transformations/parity_even_7bit.cc b/src/actions/transformations/parity_even_7bit.cc index 29d547da..ce7a313c 100644 --- a/src/actions/transformations/parity_even_7bit.cc +++ b/src/actions/transformations/parity_even_7bit.cc @@ -13,18 +13,13 @@ * */ + #include "src/actions/transformations/parity_even_7bit.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -32,9 +27,9 @@ namespace actions { namespace transformations { -void ParityEven7bit::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void ParityEven7bit::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/parity_even_7bit.h b/src/actions/transformations/parity_even_7bit.h index de250260..d73b6d7a 100644 --- a/src/actions/transformations/parity_even_7bit.h +++ b/src/actions/transformations/parity_even_7bit.h @@ -13,37 +13,42 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_PARITY_EVEN_7BIT_H_ #define SRC_ACTIONS_TRANSFORMATIONS_PARITY_EVEN_7BIT_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class ParityEven7bit : public Transformation { public: - explicit ParityEven7bit(const std::string &action) - : Transformation(action) { } + ParityEven7bit() + : Action("t:parityEven7bit") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + private: static bool inplace(unsigned char *input, uint64_t input_len); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_PARITY_EVEN_7BIT_H_ diff --git a/src/actions/transformations/parity_odd_7bit.cc b/src/actions/transformations/parity_odd_7bit.cc index d2695826..735f3e93 100644 --- a/src/actions/transformations/parity_odd_7bit.cc +++ b/src/actions/transformations/parity_odd_7bit.cc @@ -13,18 +13,13 @@ * */ + #include "src/actions/transformations/parity_odd_7bit.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -32,9 +27,9 @@ namespace actions { namespace transformations { -void ParityOdd7bit::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void ParityOdd7bit::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/parity_odd_7bit.h b/src/actions/transformations/parity_odd_7bit.h index 823b7fc7..3442e1ad 100644 --- a/src/actions/transformations/parity_odd_7bit.h +++ b/src/actions/transformations/parity_odd_7bit.h @@ -13,37 +13,43 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_PARITY_ODD_7BIT_H_ #define SRC_ACTIONS_TRANSFORMATIONS_PARITY_ODD_7BIT_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class ParityOdd7bit : public Transformation { public: - explicit ParityOdd7bit(const std::string &action) - : Transformation(action) { } + ParityOdd7bit() + : Action("t:parityOdd7bit") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + private: static bool inplace(unsigned char *input, uint64_t input_len); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif + #endif // SRC_ACTIONS_TRANSFORMATIONS_PARITY_ODD_7BIT_H_ diff --git a/src/actions/transformations/parity_zero_7bit.cc b/src/actions/transformations/parity_zero_7bit.cc index 25e24f42..6ddd8ef3 100644 --- a/src/actions/transformations/parity_zero_7bit.cc +++ b/src/actions/transformations/parity_zero_7bit.cc @@ -13,18 +13,13 @@ * */ + #include "src/actions/transformations/parity_zero_7bit.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -32,9 +27,9 @@ namespace actions { namespace transformations { -void ParityZero7bit::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void ParityZero7bit::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/parity_zero_7bit.h b/src/actions/transformations/parity_zero_7bit.h index 3dff4d33..e0bd4b76 100644 --- a/src/actions/transformations/parity_zero_7bit.h +++ b/src/actions/transformations/parity_zero_7bit.h @@ -13,37 +13,42 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_PARITY_ZERO_7BIT_H_ #define SRC_ACTIONS_TRANSFORMATIONS_PARITY_ZERO_7BIT_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class ParityZero7bit : public Transformation { public: - explicit ParityZero7bit(const std::string &action) - : Transformation(action) { } + ParityZero7bit() + : Action("t:parityZero7bit") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + private: static bool inplace(unsigned char *input, uint64_t input_len); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_PARITY_ZERO_7BIT_H_ diff --git a/src/actions/transformations/remove_comments.cc b/src/actions/transformations/remove_comments.cc index 86b29320..4fcdcac5 100644 --- a/src/actions/transformations/remove_comments.cc +++ b/src/actions/transformations/remove_comments.cc @@ -13,18 +13,13 @@ * */ + #include "src/actions/transformations/remove_comments.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -32,9 +27,9 @@ namespace actions { namespace transformations { -void RemoveComments::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void RemoveComments::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/remove_comments.h b/src/actions/transformations/remove_comments.h index 804a468f..fca978e4 100644 --- a/src/actions/transformations/remove_comments.h +++ b/src/actions/transformations/remove_comments.h @@ -13,30 +13,32 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_H_ #define SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { class RemoveComments : public Transformation { public: - explicit RemoveComments(const std::string &action) - : Transformation(action) { } + RemoveComments() + : Action("t:removeComments") { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override;; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override;; }; @@ -44,6 +46,5 @@ class RemoveComments : public Transformation { } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_H_ diff --git a/src/actions/transformations/remove_comments_char.cc b/src/actions/transformations/remove_comments_char.cc index db9c50b2..132a2f17 100644 --- a/src/actions/transformations/remove_comments_char.cc +++ b/src/actions/transformations/remove_comments_char.cc @@ -13,17 +13,13 @@ * */ + #include "src/actions/transformations/remove_comments_char.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -31,9 +27,9 @@ namespace actions { namespace transformations { -void RemoveCommentsChar::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void RemoveCommentsChar::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { int64_t i; out = in; diff --git a/src/actions/transformations/remove_comments_char.h b/src/actions/transformations/remove_comments_char.h index 53ac44ac..97d1099c 100644 --- a/src/actions/transformations/remove_comments_char.h +++ b/src/actions/transformations/remove_comments_char.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_CHAR_H_ #define SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_CHAR_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class RemoveCommentsChar : public Transformation { public: - explicit RemoveCommentsChar(const std::string &action) - : Transformation(action) { }; + RemoveCommentsChar() + : Action("t:removeCommentsChar") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_CHAR_H_ diff --git a/src/actions/transformations/remove_nulls.cc b/src/actions/transformations/remove_nulls.cc index 5ee5fdf4..1f6c4f73 100644 --- a/src/actions/transformations/remove_nulls.cc +++ b/src/actions/transformations/remove_nulls.cc @@ -13,19 +13,13 @@ * */ + #include "src/actions/transformations/remove_nulls.h" -#include - -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -33,9 +27,9 @@ namespace actions { namespace transformations { -void RemoveNulls::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void RemoveNulls::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { int64_t i; out = in; diff --git a/src/actions/transformations/remove_nulls.h b/src/actions/transformations/remove_nulls.h index 00adf316..664fdb14 100644 --- a/src/actions/transformations/remove_nulls.h +++ b/src/actions/transformations/remove_nulls.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_REMOVE_NULLS_H_ #define SRC_ACTIONS_TRANSFORMATIONS_REMOVE_NULLS_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class RemoveNulls : public Transformation { public: - explicit RemoveNulls(const std::string &action) - : Transformation(action) { } + RemoveNulls() + : Action("t:removeNulls") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_REMOVE_NULLS_H_ diff --git a/src/actions/transformations/remove_whitespace.cc b/src/actions/transformations/remove_whitespace.cc index 7d758fad..3e665057 100644 --- a/src/actions/transformations/remove_whitespace.cc +++ b/src/actions/transformations/remove_whitespace.cc @@ -13,28 +13,25 @@ * */ + #include "src/actions/transformations/remove_whitespace.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" -#define NBSP 160 // non breaking space char +#include "src/utils/string.h" + namespace modsecurity { namespace actions { namespace transformations { -void RemoveWhitespace::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void RemoveWhitespace::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { out = in; int64_t i = 0; diff --git a/src/actions/transformations/remove_whitespace.h b/src/actions/transformations/remove_whitespace.h index 71119be1..e4a388f6 100644 --- a/src/actions/transformations/remove_whitespace.h +++ b/src/actions/transformations/remove_whitespace.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_REMOVE_WHITESPACE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_REMOVE_WHITESPACE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class RemoveWhitespace : public Transformation { public: - explicit RemoveWhitespace(const std::string &action) - : Transformation(action) { }; + RemoveWhitespace() + : Action("t:removeWhitespace") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_REMOVE_WHITESPACE_H_ diff --git a/src/actions/transformations/replace_comments.cc b/src/actions/transformations/replace_comments.cc index 25fdac9f..220a551f 100644 --- a/src/actions/transformations/replace_comments.cc +++ b/src/actions/transformations/replace_comments.cc @@ -13,18 +13,13 @@ * */ + #include "src/actions/transformations/replace_comments.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -32,9 +27,9 @@ namespace actions { namespace transformations { -void ReplaceComments::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void ReplaceComments::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { uint64_t i, j, incomment; char *input = reinterpret_cast( diff --git a/src/actions/transformations/replace_comments.h b/src/actions/transformations/replace_comments.h index c09c65a4..024f6a20 100644 --- a/src/actions/transformations/replace_comments.h +++ b/src/actions/transformations/replace_comments.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_REPLACE_COMMENTS_H_ #define SRC_ACTIONS_TRANSFORMATIONS_REPLACE_COMMENTS_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class ReplaceComments : public Transformation { public: - explicit ReplaceComments(const std::string &action) - : Transformation(action) { }; + ReplaceComments() + : Action("t:removeComments") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_REPLACE_COMMENTS_H_ diff --git a/src/actions/transformations/replace_nulls.cc b/src/actions/transformations/replace_nulls.cc index bcd28497..97b0ae24 100644 --- a/src/actions/transformations/replace_nulls.cc +++ b/src/actions/transformations/replace_nulls.cc @@ -13,17 +13,13 @@ * */ + #include "src/actions/transformations/replace_nulls.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -31,9 +27,9 @@ namespace actions { namespace transformations { -void ReplaceNulls::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void ReplaceNulls::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { int64_t i; out = in; diff --git a/src/actions/transformations/replace_nulls.h b/src/actions/transformations/replace_nulls.h index 544f256d..d1625004 100644 --- a/src/actions/transformations/replace_nulls.h +++ b/src/actions/transformations/replace_nulls.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_REPLACE_NULLS_H_ #define SRC_ACTIONS_TRANSFORMATIONS_REPLACE_NULLS_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class ReplaceNulls : public Transformation { public: - explicit ReplaceNulls(const std::string &action) - : Transformation(action) { }; + ReplaceNulls() + : Action("t:replaceNulls") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_REPLACE_NULLS_H_ diff --git a/src/actions/transformations/sha1.cc b/src/actions/transformations/sha1.cc index 995922b9..24601032 100644 --- a/src/actions/transformations/sha1.cc +++ b/src/actions/transformations/sha1.cc @@ -13,17 +13,14 @@ * */ + #include "src/actions/transformations/sha1.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/utils/sha1.h" @@ -32,13 +29,11 @@ namespace actions { namespace transformations { -void Sha1::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { - +void Sha1::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { auto a = Utils::Sha1::digest( - std::string(in.c_str(), in.size()) - ); + std::string(in.c_str(), in.size())); out.assign(a.c_str(), a.size()); } diff --git a/src/actions/transformations/sha1.h b/src/actions/transformations/sha1.h index fce9aa75..1437e6c9 100644 --- a/src/actions/transformations/sha1.h +++ b/src/actions/transformations/sha1.h @@ -13,35 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_SHA1_H_ #define SRC_ACTIONS_TRANSFORMATIONS_SHA1_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class Sha1 : public Transformation { public: - explicit Sha1(const std::string &action) - : Transformation(action) { }; + Sha1() + : Action("t:sha1") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_SHA1_H_ diff --git a/src/actions/transformations/sql_hex_decode.cc b/src/actions/transformations/sql_hex_decode.cc index da7fc301..20676c34 100644 --- a/src/actions/transformations/sql_hex_decode.cc +++ b/src/actions/transformations/sql_hex_decode.cc @@ -13,18 +13,14 @@ * */ + #include "src/actions/transformations/sql_hex_decode.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/utils/string.h" @@ -32,18 +28,10 @@ namespace modsecurity { namespace actions { namespace transformations { -#ifndef VALID_HEX -#define VALID_HEX(X) (((X >= '0') && (X <= '9')) \ - || ((X >= 'a') && (X <= 'f')) \ - || ((X >= 'A') && (X <= 'F'))) -#endif -#ifndef ISODIGIT -#define ISODIGIT(X) ((X >= '0') && (X <= '7')) -#endif -void SqlHexDecode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void SqlHexDecode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; int size = 0; diff --git a/src/actions/transformations/sql_hex_decode.h b/src/actions/transformations/sql_hex_decode.h index 7e0d4dd4..fc6e979a 100644 --- a/src/actions/transformations/sql_hex_decode.h +++ b/src/actions/transformations/sql_hex_decode.h @@ -13,30 +13,34 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_SQL_HEX_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_SQL_HEX_DECODE_H_ -#ifdef __cplusplus namespace modsecurity { -class Transaction; - namespace actions { namespace transformations { + class SqlHexDecode : public Transformation { public: - explicit SqlHexDecode(const std::string &action) - : Transformation(action) { } + SqlHexDecode() + : Action("t:sqlHexDecode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + private: static int inplace(unsigned char *data, int len); static int mytolower(int ch) { @@ -47,10 +51,10 @@ class SqlHexDecode : public Transformation { } }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_SQL_HEX_DECODE_H_ diff --git a/src/actions/transformations/transformation.cc b/src/actions/transformations/transformation.cc index f039c5ab..5ae32c38 100644 --- a/src/actions/transformations/transformation.cc +++ b/src/actions/transformations/transformation.cc @@ -13,15 +13,14 @@ * */ + #include "src/actions/transformations/transformation.h" -#include - -#include #include #include "modsecurity/transaction.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/base64_decode_ext.h" #include "src/actions/transformations/base64_decode.h" #include "src/actions/transformations/base64_encode.h" @@ -60,58 +59,94 @@ #include "src/actions/transformations/utf8_to_unicode.h" -#define IF_MATCH(b) \ - if (a.compare(2, std::strlen(#b), #b) == 0) - - namespace modsecurity { namespace actions { namespace transformations { -Transformation* Transformation::instantiate(std::string a) { - IF_MATCH(base64DecodeExt) { return new Base64DecodeExt(a); } - IF_MATCH(base64Decode) { return new Base64Decode(a); } - IF_MATCH(base64Encode) { return new Base64Encode(a); } - IF_MATCH(cmd_line) { return new CmdLine(a); } - IF_MATCH(compress_whitespace) { return new CompressWhitespace(a); } - IF_MATCH(cssDecode) { return new CssDecode(a); } - IF_MATCH(escapeSeqDecode) { return new EscapeSeqDecode(a); } - IF_MATCH(hexDecode) { return new HexDecode(a); } - IF_MATCH(hexEncode) { return new HexEncode(a); } - IF_MATCH(htmlEntityDecode) { return new HtmlEntityDecode(a); } - IF_MATCH(jsDecode) { return new JsDecode(a); } - IF_MATCH(length) { return new Length(a); } - IF_MATCH(lowercase) { return new LowerCase(a); } - IF_MATCH(md5) { return new Md5(a); } - IF_MATCH(none) { return new None(a); } - IF_MATCH(normalizePathWin) { return new NormalisePathWin(a); } - IF_MATCH(normalisePathWin) { return new NormalisePathWin(a); } - IF_MATCH(normalizePath) { return new NormalisePath(a); } - IF_MATCH(normalisePath) { return new NormalisePath(a); } - IF_MATCH(parityEven7bit) { return new ParityEven7bit(a); } - IF_MATCH(parityOdd7bit) { return new ParityOdd7bit(a); } - IF_MATCH(parityZero7bit) { return new ParityZero7bit(a); } - IF_MATCH(removeCommentsChar) { return new RemoveCommentsChar(a); } - IF_MATCH(removeComments) { return new RemoveComments(a); } - IF_MATCH(removeNulls) { return new RemoveNulls(a); } - IF_MATCH(removeWhitespace) { return new RemoveWhitespace(a); } - IF_MATCH(compressWhitespace) { return new CompressWhitespace(a); } - IF_MATCH(replaceComments) { return new ReplaceComments(a); } - IF_MATCH(replaceNulls) { return new ReplaceNulls(a); } - IF_MATCH(sha1) { return new Sha1(a); } - IF_MATCH(sqlHexDecode) { return new SqlHexDecode(a); } - IF_MATCH(transformation) { return new Transformation(a); } - IF_MATCH(trimLeft) { return new TrimLeft(a); } - IF_MATCH(trimRight) { return new TrimRight(a); } - IF_MATCH(trim) { return new Trim(a); } - IF_MATCH(uppercase) { return new UpperCase(a); } - IF_MATCH(urlDecodeUni) { return new UrlDecodeUni(a); } - IF_MATCH(urlDecode) { return new UrlDecode(a); } - IF_MATCH(urlEncode) { return new UrlEncode(a); } - IF_MATCH(utf8toUnicode) { return new Utf8ToUnicode(a); } +class TransformationDoesNotExist: public std::exception { + public: + explicit TransformationDoesNotExist(const std::string& name) + : m_transformation(name) + { } - return new Transformation(a); + virtual const char* what() const throw() { + return std::string("Transformation not found: " + m_transformation + \ + ". Make sure that the new transformation is registered at: " + \ + "transformation.cc").c_str(); + } + + private: + std::string m_transformation; +}; + + +Transformation* Transformation::instantiate( + const std::string &transformationName) { + /** + * + * FIXME: Once part of ModSecurity, the transformation needs to register + * here. That is necessary to load transformations from external + * resources such as Python and Lua, not to mention the + * unit/regression framework. + * + * Today this registration is manual; as seen below, the idea is to + * have those automatically generated. To avoid transformations not + * to be listed. + */ + + std::string name(transformationName); + name.erase(std::remove(name.begin(), name.end(), '_'), name.end()); + + if (match(name, "t:base64DecodeExt")) { return new Base64DecodeExt(); } + if (match(name, "t:base64Decode")) { return new Base64Decode(); } + if (match(name, "t:base64Encode")) { return new Base64Encode(); } + if (match(name, "t:cmdLine")) { return new CmdLine(); } + if (match(name, "t:compressWhitespace")) { + return new CompressWhitespace(); + } + if (match(name, "t:cssDecode")) { return new CssDecode(); } + if (match(name, "t:escapeSeqDecode")) { return new EscapeSeqDecode(); } + if (match(name, "t:hexDecode")) { return new HexDecode(); } + if (match(name, "t:hexEncode")) { return new HexEncode(); } + if (match(name, "t:htmlEntityDecode")) { return new HtmlEntityDecode(); } + if (match(name, "t:jsDecode")) { return new JsDecode(); } + if (match(name, "t:length")) { return new Length(); } + if (match(name, "t:lowercase")) { return new LowerCase(); } + if (match(name, "t:md5")) { return new Md5(); } + if (match(name, "t:none")) { return new None(); } + if (match(name, "t:normalizePathWin")) { return new NormalisePathWin(); } + if (match(name, "t:normalisePathWin")) { return new NormalisePathWin(); } + if (match(name, "t:normalizePath")) { return new NormalisePath(); } + if (match(name, "t:normalisePath")) { return new NormalisePath(); } + if (match(name, "t:parityEven7bit")) { return new ParityEven7bit(); } + if (match(name, "t:parityOdd7bit")) { return new ParityOdd7bit(); } + if (match(name, "t:parityZero7bit")) { return new ParityZero7bit(); } + if (match(name, "t:removeCommentsChar")) { + return new RemoveCommentsChar(); + } + if (match(name, "t:removeComments")) { return new RemoveComments(); } + if (match(name, "t:removeNulls")) { return new RemoveNulls(); } + if (match(name, "t:removeWhitespace")) { return new RemoveWhitespace(); } + if (match(name, "t:compressWhitespace")) { + return new CompressWhitespace(); + } + if (match(name, "t:replaceComments")) { return new ReplaceComments(); } + if (match(name, "t:replaceNulls")) { return new ReplaceNulls(); } + if (match(name, "t:sha1")) { return new Sha1(); } + if (match(name, "t:sqlHexDecode")) { return new SqlHexDecode(); } + if (match(name, "t:trimLeft")) { return new TrimLeft(); } + if (match(name, "t:trimRight")) { return new TrimRight(); } + if (match(name, "t:trim")) { return new Trim(); } + if (match(name, "t:uppercase")) { return new UpperCase(); } + if (match(name, "t:urlDecodeUni")) { return new UrlDecodeUni(); } + if (match(name, "t:urlDecode")) { return new UrlDecode(); } + if (match(name, "t:urlEncode")) { return new UrlEncode(); } + if (match(name, "t:utf8toUnicode")) { return new Utf8ToUnicode(); } + + throw TransformationDoesNotExist(name); + + return nullptr; } diff --git a/src/actions/transformations/transformation.h b/src/actions/transformations/transformation.h index 9bedeb3f..e614d3b4 100644 --- a/src/actions/transformations/transformation.h +++ b/src/actions/transformations/transformation.h @@ -13,30 +13,47 @@ * */ + +#include #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" +#include "src/actions/action_allowed_in_sec_default_action.h" + + #ifndef SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_ #define SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_ namespace modsecurity { -class Transaction; - namespace actions { namespace transformations { -class Transformation : public Action { + +class Transformation : public ActionAllowedAsSecDefaultAction { public: - explicit Transformation(const std::string& _action) - : Action(_action, RunTimeBeforeMatchAttemptKind) { } + virtual void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept = 0; - virtual bool isNone() { return false; } + virtual ~Transformation() + { } - static Transformation* instantiate(std::string a); + static Transformation* instantiate(const std::string &name); + + private: + static bool match(const std::string &a, const std::string &b) noexcept { + return ((a.size() == b.size()) + && std::equal(a.begin(), a.end(), b.begin(), + [](const char & c1, const char & c2) { + return (c1 == c2 || std::toupper(c1) == std::toupper(c2)); + })); + } }; + } // namespace transformations } // namespace actions } // namespace modsecurity diff --git a/src/actions/transformations/trim.cc b/src/actions/transformations/trim.cc index 251d75df..983c74a8 100644 --- a/src/actions/transformations/trim.cc +++ b/src/actions/transformations/trim.cc @@ -13,18 +13,15 @@ * */ + #include "src/actions/transformations/trim.h" -#include -#include -#include #include -#include -#include +#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" -#include "modsecurity/actions/action.h" + namespace modsecurity { namespace actions { @@ -49,9 +46,9 @@ void Trim::trim(ModSecString *s) { } -void Trim::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void Trim::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { out = in; trim(&out); }; diff --git a/src/actions/transformations/trim.h b/src/actions/transformations/trim.h index 6a390fd6..ff909182 100644 --- a/src/actions/transformations/trim.h +++ b/src/actions/transformations/trim.h @@ -13,39 +13,48 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_TRIM_H_ #define SRC_ACTIONS_TRANSFORMATIONS_TRIM_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class Trim : public Transformation { public: - explicit Trim(const std::string &action) - : Transformation(action) { }; + Trim() + : Action("t:trim") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + explicit Trim(const std::string &trim) + : Action(trim) + { } + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + + protected: void ltrim(ModSecString *s); void rtrim(ModSecString *s); void trim(ModSecString *s); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_TRIM_H_ diff --git a/src/actions/transformations/trim_left.cc b/src/actions/transformations/trim_left.cc index bdf099e2..9ad9487e 100644 --- a/src/actions/transformations/trim_left.cc +++ b/src/actions/transformations/trim_left.cc @@ -13,28 +13,24 @@ * */ + #include "src/actions/transformations/trim_left.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/actions/transformations/trim.h" -#include "modsecurity/actions/action.h" namespace modsecurity { namespace actions { namespace transformations { -void TrimLeft::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void TrimLeft::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { out = in; ltrim(&out); }; diff --git a/src/actions/transformations/trim_left.h b/src/actions/transformations/trim_left.h index 02b40685..d9d7cef3 100644 --- a/src/actions/transformations/trim_left.h +++ b/src/actions/transformations/trim_left.h @@ -13,36 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" -#include "src/actions/transformations/transformation.h" + #include "src/actions/transformations/trim.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_TRIM_LEFT_H_ #define SRC_ACTIONS_TRANSFORMATIONS_TRIM_LEFT_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class TrimLeft : public Trim { public: - explicit TrimLeft(const std::string &action) - : Trim(action) { }; + TrimLeft() + : Trim("t:trimLeft") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_TRIM_LEFT_H_ diff --git a/src/actions/transformations/trim_right.cc b/src/actions/transformations/trim_right.cc index 91898e18..21bd85dc 100644 --- a/src/actions/transformations/trim_right.cc +++ b/src/actions/transformations/trim_right.cc @@ -13,27 +13,23 @@ * */ + #include "src/actions/transformations/trim_right.h" -#include #include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" -#include "modsecurity/actions/action.h" + namespace modsecurity { namespace actions { namespace transformations { -void TrimRight::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void TrimRight::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { out = in; rtrim(&out); }; diff --git a/src/actions/transformations/trim_right.h b/src/actions/transformations/trim_right.h index 5300559d..9241e241 100644 --- a/src/actions/transformations/trim_right.h +++ b/src/actions/transformations/trim_right.h @@ -13,36 +13,39 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" -#include "src/actions/transformations/transformation.h" + #include "src/actions/transformations/trim.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_TRIM_RIGHT_H_ #define SRC_ACTIONS_TRANSFORMATIONS_TRIM_RIGHT_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class TrimRight : public Trim { public: - explicit TrimRight(const std::string &action) - : Trim(action) { }; + TrimRight() + : Trim("t:trimRight") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_TRIM_RIGHT_H_ diff --git a/src/actions/transformations/upper_case.cc b/src/actions/transformations/upper_case.cc index 2e6eaf24..431d4b59 100644 --- a/src/actions/transformations/upper_case.cc +++ b/src/actions/transformations/upper_case.cc @@ -13,23 +13,23 @@ * */ + #include "src/actions/transformations/upper_case.h" -#include #include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" -#include "modsecurity/actions/action.h" + namespace modsecurity { namespace actions { namespace transformations { -void UpperCase::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void UpperCase::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { std::locale loc; out.reserve(in.size()); for (std::string::size_type i=0; i < in.size(); ++i) { diff --git a/src/actions/transformations/upper_case.h b/src/actions/transformations/upper_case.h index 37c10444..9082cb77 100644 --- a/src/actions/transformations/upper_case.h +++ b/src/actions/transformations/upper_case.h @@ -13,37 +13,39 @@ * */ -#include -#include +#include + +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_UPPER_CASE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_UPPER_CASE_H_ -#ifdef __cplusplus namespace modsecurity { -class Transaction; namespace actions { namespace transformations { class UpperCase : public Transformation { public: - explicit UpperCase(const std::string &action) - : Transformation(action) { }; + UpperCase() + : Action("t:upperCase") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_UPPER_CASE_H_ diff --git a/src/actions/transformations/url_decode.cc b/src/actions/transformations/url_decode.cc index e5f32afd..4ec251fd 100644 --- a/src/actions/transformations/url_decode.cc +++ b/src/actions/transformations/url_decode.cc @@ -13,28 +13,25 @@ * */ + #include "src/actions/transformations/url_decode.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/utils/decode.h" + namespace modsecurity { namespace actions { namespace transformations { -void UrlDecode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void UrlDecode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *val(NULL); int invalid_count = 0; int changed; diff --git a/src/actions/transformations/url_decode.h b/src/actions/transformations/url_decode.h index 03535f2f..938bb005 100644 --- a/src/actions/transformations/url_decode.h +++ b/src/actions/transformations/url_decode.h @@ -13,37 +13,39 @@ * */ -#include -#include +#include + +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { class UrlDecode : public Transformation { public: - explicit UrlDecode(const std::string &action) - : Transformation(action) { }; + UrlDecode() + : Action("t:urlDecode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_H_ diff --git a/src/actions/transformations/url_decode_uni.cc b/src/actions/transformations/url_decode_uni.cc index 18326d24..377c1329 100644 --- a/src/actions/transformations/url_decode_uni.cc +++ b/src/actions/transformations/url_decode_uni.cc @@ -13,24 +13,16 @@ * */ + #include "src/actions/transformations/url_decode_uni.h" -#include - -#include #include -#include -#include -#include -#include -#include -#include "modsecurity/rules_set_properties.h" -#include "modsecurity/rules_set.h" +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" +#include "modsecurity/rules_set.h" + #include "src/utils/string.h" -#include "src/utils/system.h" namespace modsecurity { @@ -38,9 +30,9 @@ namespace actions { namespace transformations { -void UrlDecodeUni::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void UrlDecodeUni::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; input = reinterpret_cast @@ -64,7 +56,7 @@ void UrlDecodeUni::execute(Transaction *t, * IMP1 Assumes NUL-terminated */ int UrlDecodeUni::inplace(unsigned char *input, uint64_t input_len, - Transaction *t) { + const Transaction *t) { unsigned char *d = input; int64_t i, count, fact, j, xv; int Code, hmap = -1; diff --git a/src/actions/transformations/url_decode_uni.h b/src/actions/transformations/url_decode_uni.h index 4b739919..5f053fef 100644 --- a/src/actions/transformations/url_decode_uni.h +++ b/src/actions/transformations/url_decode_uni.h @@ -13,39 +13,43 @@ * */ + #include -#include "modsecurity/rules_set_properties.h" +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_UNI_H_ #define SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_UNI_H_ -#ifdef __cplusplus namespace modsecurity { -class Transaction; namespace actions { namespace transformations { + class UrlDecodeUni : public Transformation { public: - explicit UrlDecodeUni(const std::string &action) - : Transformation(action) { } + UrlDecodeUni() + : Action("t:urlDecodeUni") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + private: static int inplace(unsigned char *input, uint64_t input_len, - Transaction *transaction); + const Transaction *transaction); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_UNI_H_ diff --git a/src/actions/transformations/url_encode.cc b/src/actions/transformations/url_encode.cc index aa722883..139e2aa3 100644 --- a/src/actions/transformations/url_encode.cc +++ b/src/actions/transformations/url_encode.cc @@ -13,19 +13,18 @@ * */ + #include "src/actions/transformations/url_encode.h" -#include #include -#include -#include -#include -#include + +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/utils/string.h" + namespace modsecurity { namespace actions { namespace transformations { @@ -81,9 +80,9 @@ std::string UrlEncode::url_enc(const char *input, } -void UrlEncode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { +void UrlEncode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { int changed; std::string ret = url_enc(in.c_str(), in.size(), &changed); diff --git a/src/actions/transformations/url_encode.h b/src/actions/transformations/url_encode.h index d4d23e63..d6e342b1 100644 --- a/src/actions/transformations/url_encode.h +++ b/src/actions/transformations/url_encode.h @@ -13,38 +13,43 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_URL_ENCODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_URL_ENCODE_H_ -#ifdef __cplusplus -namespace modsecurity { -class Transaction; +namespace modsecurity { namespace actions { namespace transformations { + class UrlEncode : public Transformation { public: - explicit UrlEncode(const std::string &action) - : Transformation(action) { }; + UrlEncode() + : Action("t:urlEncode") + { } - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; + private: static std::string url_enc(const char *input, unsigned int input_len, int *changed); }; + } // namespace transformations } // namespace actions } // namespace modsecurity -#endif #endif // SRC_ACTIONS_TRANSFORMATIONS_URL_ENCODE_H_ diff --git a/src/actions/transformations/utf8_to_unicode.cc b/src/actions/transformations/utf8_to_unicode.cc index ab848f4e..ad5f314e 100644 --- a/src/actions/transformations/utf8_to_unicode.cc +++ b/src/actions/transformations/utf8_to_unicode.cc @@ -13,18 +13,14 @@ * */ + #include "src/actions/transformations/utf8_to_unicode.h" -#include #include -#include -#include -#include -#include -#include +#include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/actions/transformations/transformation.h" + #include "src/utils/string.h" @@ -33,10 +29,9 @@ namespace actions { namespace transformations { -void Utf8ToUnicode::execute(Transaction *t, - ModSecString &in, - ModSecString &out) { - +void Utf8ToUnicode::execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept { unsigned char *input; int changed = 0; char *out2; @@ -71,8 +66,8 @@ char *Utf8ToUnicode::inplace(unsigned char *input, unsigned char unicode[8]; *changed = 0; - /* RFC3629 states that UTF-8 are encoded using sequences of 1 to 4 octets. */ - /* Max size per character should fit in 4 bytes */ + /* RFC3629 states that UTF-8 are encoded using sequences of 1 to 4 */ + /* octets. Max size per character should fit in 4 bytes */ len = input_len * 4 + 1; data = reinterpret_cast(malloc(sizeof(char) * len)); if (data == NULL) { diff --git a/src/actions/transformations/utf8_to_unicode.h b/src/actions/transformations/utf8_to_unicode.h index ffc863bc..468d6dbf 100644 --- a/src/actions/transformations/utf8_to_unicode.h +++ b/src/actions/transformations/utf8_to_unicode.h @@ -13,40 +13,48 @@ * */ + #include +#include "modsecurity/modsecurity.h" #include "modsecurity/actions/action.h" + #include "src/actions/transformations/transformation.h" + #ifndef SRC_ACTIONS_TRANSFORMATIONS_UTF8_TO_UNICODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_UTF8_TO_UNICODE_H_ -#define UNICODE_ERROR_CHARACTERS_MISSING -1 -#define UNICODE_ERROR_INVALID_ENCODING -2 -#define UNICODE_ERROR_OVERLONG_CHARACTER -3 -#define UNICODE_ERROR_RESTRICTED_CHARACTER -4 -#define UNICODE_ERROR_DECODING_ERROR -5 namespace modsecurity { -class Transaction; - namespace actions { namespace transformations { + class Utf8ToUnicode : public Transformation { public: - explicit Utf8ToUnicode(const std::string &action) - : Transformation(action) { } + Utf8ToUnicode() + : Action("t:utf8toUnicode") + { } + void execute(const Transaction *t, + const ModSecString &in, + ModSecString &out) noexcept override; - void execute(Transaction *t, - ModSecString &in, - ModSecString &out) override; + private: + enum UnicodeError { + UNICODE_ERROR_CHARACTERS_MISSING = -1, + UNICODE_ERROR_INVALID_ENCODING = -2, + UNICODE_ERROR_OVERLONG_CHARACTER = -3, + UNICODE_ERROR_RESTRICTED_CHARACTER = -4, + UNICODE_ERROR_DECODING_ERROR = -5 + }; static char *inplace(unsigned char *input, uint64_t input_len, int *changed); }; + } // namespace transformations } // namespace actions } // namespace modsecurity diff --git a/src/actions/ver.cc b/src/actions/ver.cc index daad4e8d..5fa44344 100644 --- a/src/actions/ver.cc +++ b/src/actions/ver.cc @@ -13,16 +13,9 @@ * */ + #include "src/actions/ver.h" -#include -#include - -#include "modsecurity/actions/action.h" -#include "modsecurity/transaction.h" -#include "modsecurity/rule.h" -#include "src/rule_with_actions.h" - namespace modsecurity { namespace actions { diff --git a/src/actions/ver.h b/src/actions/ver.h index fc849ee4..d4420800 100644 --- a/src/actions/ver.h +++ b/src/actions/ver.h @@ -13,29 +13,28 @@ * */ + #include -#include "src/actions/action_type_configure.h" +#include "src/actions/action_type_rule_metadata.h" #ifndef SRC_ACTIONS_VER_H_ #define SRC_ACTIONS_VER_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { -class Ver : public ActionTypeConfigure { +class Ver : public ActionTypeRuleMetaData { public: explicit Ver(const std::string &action) - : ActionTypeConfigure(action), + : Action(action), m_version("") { }; - virtual void configure(RuleWithActions *rule) override { + void configure(RuleWithActions *rule) override { rule->setVersion(m_version); } diff --git a/src/actions/xmlns.cc b/src/actions/xmlns.cc index 7b90361b..512bc621 100644 --- a/src/actions/xmlns.cc +++ b/src/actions/xmlns.cc @@ -13,13 +13,13 @@ * */ + #include "src/actions/xmlns.h" -#include #include #include "modsecurity/actions/action.h" -#include "modsecurity/transaction.h" + namespace modsecurity { namespace actions { @@ -29,13 +29,13 @@ bool XmlNS::init(std::string *error) { size_t pos; std::string http = "http://"; - pos = m_parser_payload.find("="); + pos = m_parserPayload.find("="); if (pos == std::string::npos) { error->assign("XMLS: Bad format, missing equals sign."); return false; } - m_scope = std::string(m_parser_payload, 0, pos); - m_href = std::string(m_parser_payload, pos+1, m_parser_payload.size()); + m_scope = std::string(m_parserPayload, 0, pos); + m_href = std::string(m_parserPayload, pos+1, m_parserPayload.size()); if (m_href.empty() || m_scope.empty()) { error->assign("XMLS: XMLNS is invalid. Expecting a " \ diff --git a/src/actions/xmlns.h b/src/actions/xmlns.h index b4bfbeeb..d86872bf 100644 --- a/src/actions/xmlns.h +++ b/src/actions/xmlns.h @@ -13,6 +13,7 @@ * */ + #include #include "modsecurity/actions/action.h" @@ -20,23 +21,20 @@ #ifndef SRC_ACTIONS_XMLNS_H_ #define SRC_ACTIONS_XMLNS_H_ -class Transaction; namespace modsecurity { -class Transaction; namespace actions { class XmlNS : public Action { public: - explicit XmlNS(const std::string &action) : Action(action) { } - - bool execute(Transaction *transaction) override { - return true; - } + explicit XmlNS(const std::string &action) + : Action(action) + { } bool init(std::string *error) override; + private: std::string m_scope; std::string m_href; }; @@ -45,4 +43,5 @@ class XmlNS : public Action { } // namespace actions } // namespace modsecurity + #endif // SRC_ACTIONS_XMLNS_H_ diff --git a/src/parser/location.hh b/src/parser/location.hh index 24328f42..5757718f 100644 --- a/src/parser/location.hh +++ b/src/parser/location.hh @@ -1,4 +1,4 @@ -// A Bison parser, made by GNU Bison 3.5.4. +// A Bison parser, made by GNU Bison 3.6.2. // Locations for Bison parsers in C++ diff --git a/src/parser/position.hh b/src/parser/position.hh index 37441520..4f090056 100644 --- a/src/parser/position.hh +++ b/src/parser/position.hh @@ -1,4 +1,4 @@ -// A Bison parser, made by GNU Bison 3.5.4. +// A Bison parser, made by GNU Bison 3.6.2. // Starting with Bison 3.2, this file is useless: the structure it // used to define is now defined in "location.hh". diff --git a/src/parser/seclang-parser.cc b/src/parser/seclang-parser.cc index 248893df..4ea0dc9e 100644 --- a/src/parser/seclang-parser.cc +++ b/src/parser/seclang-parser.cc @@ -1,4 +1,4 @@ -// A Bison parser, made by GNU Bison 3.5.4. +// A Bison parser, made by GNU Bison 3.6.2. // Skeleton implementation for Bison LALR(1) parsers in C++ @@ -30,8 +30,9 @@ // This special exception was added by the Free Software Foundation in // version 2.2 of Bison. -// Undocumented macros, especially those whose name start with YY_, -// are private implementation details. Do not rely on them. +// DO NOT RELY ON FEATURES THAT ARE NOT DOCUMENTED in the manual, +// especially those whose name start with YY_ or yy_. They are +// private implementation details that can be changed or removed. @@ -45,7 +46,7 @@ #include "src/parser/driver.h" -#line 49 "seclang-parser.cc" +#line 50 "seclang-parser.cc" #ifndef YY_ @@ -60,6 +61,7 @@ # endif #endif + // Whether we are compiled with exception support. #ifndef YY_EXCEPTIONS # if defined __GNUC__ && !defined __EXCEPTIONS @@ -115,7 +117,7 @@ # define YY_STACK_PRINT() \ do { \ if (yydebug_) \ - yystack_print_ (); \ + yy_stack_print_ (); \ } while (false) #else // !YYDEBUG @@ -136,49 +138,7 @@ #define YYRECOVERING() (!!yyerrstatus_) namespace yy { -#line 140 "seclang-parser.cc" - - - /* Return YYSTR after stripping away unnecessary quotes and - backslashes, so that it's suitable for yyerror. The heuristic is - that double-quoting is unnecessary unless the string contains an - apostrophe, a comma, or backslash (other than backslash-backslash). - YYSTR is taken from yytname. */ - std::string - seclang_parser::yytnamerr_ (const char *yystr) - { - if (*yystr == '"') - { - std::string yyr; - char const *yyp = yystr; - - for (;;) - switch (*++yyp) - { - case '\'': - case ',': - goto do_not_strip_quotes; - - case '\\': - if (*++yyp != '\\') - goto do_not_strip_quotes; - else - goto append; - - append: - default: - yyr += *yyp; - break; - - case '"': - return yyr; - } - do_not_strip_quotes: ; - } - - return yystr; - } - +#line 142 "seclang-parser.cc" /// Build a parser object. seclang_parser::seclang_parser (modsecurity::Parser::Driver& driver_yyarg) @@ -198,7 +158,7 @@ namespace yy { {} /*---------------. - | Symbol types. | + | symbol kinds. | `---------------*/ @@ -229,13 +189,13 @@ namespace yy { : state (s) {} - seclang_parser::symbol_number_type - seclang_parser::by_state::type_get () const YY_NOEXCEPT + seclang_parser::symbol_kind_type + seclang_parser::by_state::kind () const YY_NOEXCEPT { if (state == empty_state) - return empty_symbol; + return symbol_kind::S_YYEMPTY; else - return yystos_[+state]; + return YY_CAST (symbol_kind_type, yystos_[+state]); } seclang_parser::stack_symbol_type::stack_symbol_type () @@ -244,7 +204,7 @@ namespace yy { seclang_parser::stack_symbol_type::stack_symbol_type (YY_RVREF (stack_symbol_type) that) : super_type (YY_MOVE (that.state), YY_MOVE (that.location)) { - switch (that.type_get ()) + switch (that.kind ()) { case 145: // "Accuracy" case 146: // "Allow" @@ -488,7 +448,7 @@ namespace yy { seclang_parser::stack_symbol_type::stack_symbol_type (state_type s, YY_MOVE_REF (symbol_type) that) : super_type (s, YY_MOVE (that.location)) { - switch (that.type_get ()) + switch (that.kind ()) { case 145: // "Accuracy" case 146: // "Allow" @@ -724,7 +684,7 @@ namespace yy { } // that is emptied. - that.type = empty_symbol; + that.kind_ = symbol_kind::S_YYEMPTY; } #if YY_CPLUSPLUS < 201103L @@ -732,7 +692,7 @@ namespace yy { seclang_parser::stack_symbol_type::operator= (const stack_symbol_type& that) { state = that.state; - switch (that.type_get ()) + switch (that.kind ()) { case 145: // "Accuracy" case 146: // "Allow" @@ -975,7 +935,7 @@ namespace yy { seclang_parser::stack_symbol_type::operator= (stack_symbol_type& that) { state = that.state; - switch (that.type_get ()) + switch (that.kind ()) { case 145: // "Accuracy" case 146: // "Allow" @@ -1228,23 +1188,21 @@ namespace yy { #if YYDEBUG template void - seclang_parser::yy_print_ (std::ostream& yyo, - const basic_symbol& yysym) const + seclang_parser::yy_print_ (std::ostream& yyo, const basic_symbol& yysym) const { std::ostream& yyoutput = yyo; YYUSE (yyoutput); - symbol_number_type yytype = yysym.type_get (); -#if defined __GNUC__ && ! defined __clang__ && ! defined __ICC && __GNUC__ * 100 + __GNUC_MINOR__ <= 408 - // Avoid a (spurious) G++ 4.8 warning about "array subscript is - // below array bounds". if (yysym.empty ()) - std::abort (); -#endif - yyo << (yytype < yyntokens_ ? "token" : "nterm") - << ' ' << yytname_[yytype] << " (" - << yysym.location << ": "; - YYUSE (yytype); - yyo << ')'; + yyo << "empty symbol"; + else + { + symbol_kind_type yykind = yysym.kind (); + yyo << (yykind < YYNTOKENS ? "token" : "nterm") + << ' ' << yysym.name () << " (" + << yysym.location << ": "; + YYUSE (yykind); + yyo << ')'; + } } #endif @@ -1303,11 +1261,11 @@ namespace yy { seclang_parser::state_type seclang_parser::yy_lr_goto_state_ (state_type yystate, int yysym) { - int yyr = yypgoto_[yysym - yyntokens_] + yystate; + int yyr = yypgoto_[yysym - YYNTOKENS] + yystate; if (0 <= yyr && yyr <= yylast_ && yycheck_[yyr] == yystate) return yytable_[yyr]; else - return yydefgoto_[yysym - yyntokens_]; + return yydefgoto_[yysym - YYNTOKENS]; } bool @@ -1362,7 +1320,7 @@ namespace yy { yyla.location.begin.filename = yyla.location.end.filename = new std::string(driver.file); } -#line 1366 "seclang-parser.cc" +#line 1324 "seclang-parser.cc" /* Initialize the stack. The initial state will be set in @@ -1377,6 +1335,7 @@ namespace yy { `-----------------------------------------------*/ yynewstate: YYCDEBUG << "Entering state " << int (yystack_[0].state) << '\n'; + YY_STACK_PRINT (); // Accept? if (yystack_[0].state == yyfinal_) @@ -1397,7 +1356,7 @@ namespace yy { // Read a lookahead token. if (yyla.empty ()) { - YYCDEBUG << "Reading a token: "; + YYCDEBUG << "Reading a token\n"; #if YY_EXCEPTIONS try #endif // YY_EXCEPTIONS @@ -1416,10 +1375,20 @@ namespace yy { } YY_SYMBOL_PRINT ("Next token is", yyla); + if (yyla.kind () == symbol_kind::S_YYerror) + { + // The scanner already issued an error message, process directly + // to error recovery. But do not keep the error token as + // lookahead, it is too special and may lead us to an endless + // loop in error recovery. */ + yyla.kind_ = symbol_kind::S_YYUNDEF; + goto yyerrlab1; + } + /* If the proper action on seeing token YYLA.TYPE is to reduce or to detect an error, take that action. */ - yyn += yyla.type_get (); - if (yyn < 0 || yylast_ < yyn || yycheck_[yyn] != yyla.type_get ()) + yyn += yyla.kind (); + if (yyn < 0 || yylast_ < yyn || yycheck_[yyn] != yyla.kind ()) { goto yydefault; } @@ -1720,7 +1689,7 @@ namespace yy { { return 0; } -#line 1724 "seclang-parser.cc" +#line 1693 "seclang-parser.cc" break; case 6: @@ -1728,7 +1697,7 @@ namespace yy { { driver.m_auditLog->setStorageDirMode(strtol(yystack_[0].value.as < std::string > ().c_str(), NULL, 8)); } -#line 1732 "seclang-parser.cc" +#line 1701 "seclang-parser.cc" break; case 7: @@ -1736,7 +1705,7 @@ namespace yy { { driver.m_auditLog->setStorageDir(yystack_[0].value.as < std::string > ()); } -#line 1740 "seclang-parser.cc" +#line 1709 "seclang-parser.cc" break; case 8: @@ -1744,7 +1713,7 @@ namespace yy { { driver.m_auditLog->setStatus(modsecurity::audit_log::AuditLog::RelevantOnlyAuditLogStatus); } -#line 1748 "seclang-parser.cc" +#line 1717 "seclang-parser.cc" break; case 9: @@ -1752,7 +1721,7 @@ namespace yy { { driver.m_auditLog->setStatus(modsecurity::audit_log::AuditLog::OffAuditLogStatus); } -#line 1756 "seclang-parser.cc" +#line 1725 "seclang-parser.cc" break; case 10: @@ -1760,7 +1729,7 @@ namespace yy { { driver.m_auditLog->setStatus(modsecurity::audit_log::AuditLog::OnAuditLogStatus); } -#line 1764 "seclang-parser.cc" +#line 1733 "seclang-parser.cc" break; case 11: @@ -1768,7 +1737,7 @@ namespace yy { { driver.m_auditLog->setFileMode(strtol(yystack_[0].value.as < std::string > ().c_str(), NULL, 8)); } -#line 1772 "seclang-parser.cc" +#line 1741 "seclang-parser.cc" break; case 12: @@ -1776,7 +1745,7 @@ namespace yy { { driver.m_auditLog->setFilePath2(yystack_[0].value.as < std::string > ()); } -#line 1780 "seclang-parser.cc" +#line 1749 "seclang-parser.cc" break; case 13: @@ -1784,7 +1753,7 @@ namespace yy { { driver.m_auditLog->setParts(yystack_[0].value.as < std::string > ()); } -#line 1788 "seclang-parser.cc" +#line 1757 "seclang-parser.cc" break; case 14: @@ -1792,7 +1761,7 @@ namespace yy { { driver.m_auditLog->setFilePath1(yystack_[0].value.as < std::string > ()); } -#line 1796 "seclang-parser.cc" +#line 1765 "seclang-parser.cc" break; case 15: @@ -1800,7 +1769,7 @@ namespace yy { { driver.m_auditLog->setFormat(modsecurity::audit_log::AuditLog::JSONAuditLogFormat); } -#line 1804 "seclang-parser.cc" +#line 1773 "seclang-parser.cc" break; case 16: @@ -1808,7 +1777,7 @@ namespace yy { { driver.m_auditLog->setFormat(modsecurity::audit_log::AuditLog::NativeAuditLogFormat); } -#line 1812 "seclang-parser.cc" +#line 1781 "seclang-parser.cc" break; case 17: @@ -1817,7 +1786,7 @@ namespace yy { std::string relevant_status(yystack_[0].value.as < std::string > ()); driver.m_auditLog->setRelevantStatus(relevant_status); } -#line 1821 "seclang-parser.cc" +#line 1790 "seclang-parser.cc" break; case 18: @@ -1825,7 +1794,7 @@ namespace yy { { driver.m_auditLog->setType(modsecurity::audit_log::AuditLog::SerialAuditLogType); } -#line 1829 "seclang-parser.cc" +#line 1798 "seclang-parser.cc" break; case 19: @@ -1833,7 +1802,7 @@ namespace yy { { driver.m_auditLog->setType(modsecurity::audit_log::AuditLog::ParallelAuditLogType); } -#line 1837 "seclang-parser.cc" +#line 1806 "seclang-parser.cc" break; case 20: @@ -1841,7 +1810,7 @@ namespace yy { { driver.m_auditLog->setType(modsecurity::audit_log::AuditLog::HttpsAuditLogType); } -#line 1845 "seclang-parser.cc" +#line 1814 "seclang-parser.cc" break; case 21: @@ -1849,7 +1818,7 @@ namespace yy { { driver.m_uploadKeepFiles = modsecurity::RulesSetProperties::TrueConfigBoolean; } -#line 1853 "seclang-parser.cc" +#line 1822 "seclang-parser.cc" break; case 22: @@ -1857,7 +1826,7 @@ namespace yy { { driver.m_uploadKeepFiles = modsecurity::RulesSetProperties::FalseConfigBoolean; } -#line 1861 "seclang-parser.cc" +#line 1830 "seclang-parser.cc" break; case 23: @@ -1866,7 +1835,7 @@ namespace yy { driver.error(yystack_[2].location, "SecUploadKeepFiles RelevantOnly is not currently supported. Accepted values are On or Off"); YYERROR; } -#line 1870 "seclang-parser.cc" +#line 1839 "seclang-parser.cc" break; case 24: @@ -1875,7 +1844,7 @@ namespace yy { driver.m_uploadFileLimit.m_set = true; driver.m_uploadFileLimit.m_value = strtol(yystack_[0].value.as < std::string > ().c_str(), NULL, 10); } -#line 1879 "seclang-parser.cc" +#line 1848 "seclang-parser.cc" break; case 25: @@ -1884,7 +1853,7 @@ namespace yy { driver.m_uploadFileMode.m_set = true; driver.m_uploadFileMode.m_value = strtol(yystack_[0].value.as < std::string > ().c_str(), NULL, 8); } -#line 1888 "seclang-parser.cc" +#line 1857 "seclang-parser.cc" break; case 26: @@ -1893,7 +1862,7 @@ namespace yy { driver.m_uploadDirectory.m_set = true; driver.m_uploadDirectory.m_value = yystack_[0].value.as < std::string > (); } -#line 1897 "seclang-parser.cc" +#line 1866 "seclang-parser.cc" break; case 27: @@ -1901,7 +1870,7 @@ namespace yy { { driver.m_tmpSaveUploadedFiles = modsecurity::RulesSetProperties::TrueConfigBoolean; } -#line 1905 "seclang-parser.cc" +#line 1874 "seclang-parser.cc" break; case 28: @@ -1909,7 +1878,7 @@ namespace yy { { driver.m_tmpSaveUploadedFiles = modsecurity::RulesSetProperties::FalseConfigBoolean; } -#line 1913 "seclang-parser.cc" +#line 1882 "seclang-parser.cc" break; case 29: @@ -1917,7 +1886,7 @@ namespace yy { { yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[1].value.as < std::unique_ptr > > > ()); } -#line 1921 "seclang-parser.cc" +#line 1890 "seclang-parser.cc" break; case 30: @@ -1925,7 +1894,7 @@ namespace yy { { yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[0].value.as < std::unique_ptr > > > ()); } -#line 1929 "seclang-parser.cc" +#line 1898 "seclang-parser.cc" break; case 31: @@ -1935,7 +1904,7 @@ namespace yy { yystack_[2].value.as < std::unique_ptr > > > ()->push_back(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[2].value.as < std::unique_ptr > > > ()); } -#line 1939 "seclang-parser.cc" +#line 1908 "seclang-parser.cc" break; case 32: @@ -1946,7 +1915,7 @@ namespace yy { b->push_back(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > > > () = std::move(b); } -#line 1950 "seclang-parser.cc" +#line 1919 "seclang-parser.cc" break; case 33: @@ -1959,7 +1928,7 @@ namespace yy { YYERROR; } } -#line 1963 "seclang-parser.cc" +#line 1932 "seclang-parser.cc" break; case 34: @@ -1973,7 +1942,7 @@ namespace yy { YYERROR; } } -#line 1977 "seclang-parser.cc" +#line 1946 "seclang-parser.cc" break; case 35: @@ -1986,7 +1955,7 @@ namespace yy { YYERROR; } } -#line 1990 "seclang-parser.cc" +#line 1959 "seclang-parser.cc" break; case 36: @@ -2000,7 +1969,7 @@ namespace yy { YYERROR; } } -#line 2004 "seclang-parser.cc" +#line 1973 "seclang-parser.cc" break; case 37: @@ -2008,7 +1977,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::UnconditionalMatch()); } -#line 2012 "seclang-parser.cc" +#line 1981 "seclang-parser.cc" break; case 38: @@ -2016,7 +1985,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::DetectSQLi()); } -#line 2020 "seclang-parser.cc" +#line 1989 "seclang-parser.cc" break; case 39: @@ -2024,7 +1993,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::DetectXSS()); } -#line 2028 "seclang-parser.cc" +#line 1997 "seclang-parser.cc" break; case 40: @@ -2032,7 +2001,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::ValidateUrlEncoding()); } -#line 2036 "seclang-parser.cc" +#line 2005 "seclang-parser.cc" break; case 41: @@ -2040,7 +2009,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::ValidateUtf8Encoding()); } -#line 2044 "seclang-parser.cc" +#line 2013 "seclang-parser.cc" break; case 42: @@ -2048,7 +2017,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::InspectFile(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2052 "seclang-parser.cc" +#line 2021 "seclang-parser.cc" break; case 43: @@ -2056,7 +2025,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::FuzzyHash(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2060 "seclang-parser.cc" +#line 2029 "seclang-parser.cc" break; case 44: @@ -2064,7 +2033,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::ValidateByteRange(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2068 "seclang-parser.cc" +#line 2037 "seclang-parser.cc" break; case 45: @@ -2072,7 +2041,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::ValidateDTD(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2076 "seclang-parser.cc" +#line 2045 "seclang-parser.cc" break; case 46: @@ -2081,7 +2050,7 @@ namespace yy { /* $$ = new operators::ValidateHash($1); */ OPERATOR_NOT_SUPPORTED("ValidateHash", yystack_[2].location); } -#line 2085 "seclang-parser.cc" +#line 2054 "seclang-parser.cc" break; case 47: @@ -2089,7 +2058,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::ValidateSchema(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2093 "seclang-parser.cc" +#line 2062 "seclang-parser.cc" break; case 48: @@ -2097,7 +2066,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::VerifyCC(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2101 "seclang-parser.cc" +#line 2070 "seclang-parser.cc" break; case 49: @@ -2105,7 +2074,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::VerifyCPF(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2109 "seclang-parser.cc" +#line 2078 "seclang-parser.cc" break; case 50: @@ -2113,7 +2082,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::VerifySSN(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2117 "seclang-parser.cc" +#line 2086 "seclang-parser.cc" break; case 51: @@ -2121,7 +2090,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::VerifySVNR(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2125 "seclang-parser.cc" +#line 2094 "seclang-parser.cc" break; case 52: @@ -2130,7 +2099,7 @@ namespace yy { /* $$ = new operators::GsbLookup($1); */ OPERATOR_NOT_SUPPORTED("GsbLookup", yystack_[2].location); } -#line 2134 "seclang-parser.cc" +#line 2103 "seclang-parser.cc" break; case 53: @@ -2139,7 +2108,7 @@ namespace yy { /* $$ = new operators::Rsub($1); */ OPERATOR_NOT_SUPPORTED("Rsub", yystack_[2].location); } -#line 2143 "seclang-parser.cc" +#line 2112 "seclang-parser.cc" break; case 54: @@ -2147,7 +2116,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Within(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2151 "seclang-parser.cc" +#line 2120 "seclang-parser.cc" break; case 55: @@ -2155,7 +2124,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::ContainsWord(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2159 "seclang-parser.cc" +#line 2128 "seclang-parser.cc" break; case 56: @@ -2163,7 +2132,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Contains(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2167 "seclang-parser.cc" +#line 2136 "seclang-parser.cc" break; case 57: @@ -2171,7 +2140,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::EndsWith(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2175 "seclang-parser.cc" +#line 2144 "seclang-parser.cc" break; case 58: @@ -2179,7 +2148,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Eq(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2183 "seclang-parser.cc" +#line 2152 "seclang-parser.cc" break; case 59: @@ -2187,7 +2156,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Ge(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2191 "seclang-parser.cc" +#line 2160 "seclang-parser.cc" break; case 60: @@ -2195,7 +2164,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Gt(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2199 "seclang-parser.cc" +#line 2168 "seclang-parser.cc" break; case 61: @@ -2203,7 +2172,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::IpMatchF(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2207 "seclang-parser.cc" +#line 2176 "seclang-parser.cc" break; case 62: @@ -2211,7 +2180,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::IpMatch(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2215 "seclang-parser.cc" +#line 2184 "seclang-parser.cc" break; case 63: @@ -2219,7 +2188,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Le(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2223 "seclang-parser.cc" +#line 2192 "seclang-parser.cc" break; case 64: @@ -2227,7 +2196,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Lt(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2231 "seclang-parser.cc" +#line 2200 "seclang-parser.cc" break; case 65: @@ -2235,7 +2204,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::PmFromFile(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2239 "seclang-parser.cc" +#line 2208 "seclang-parser.cc" break; case 66: @@ -2243,7 +2212,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Pm(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2247 "seclang-parser.cc" +#line 2216 "seclang-parser.cc" break; case 67: @@ -2251,7 +2220,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Rbl(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2255 "seclang-parser.cc" +#line 2224 "seclang-parser.cc" break; case 68: @@ -2259,7 +2228,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::Rx(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2263 "seclang-parser.cc" +#line 2232 "seclang-parser.cc" break; case 69: @@ -2267,7 +2236,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::StrEq(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2271 "seclang-parser.cc" +#line 2240 "seclang-parser.cc" break; case 70: @@ -2275,7 +2244,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::StrMatch(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2279 "seclang-parser.cc" +#line 2248 "seclang-parser.cc" break; case 71: @@ -2283,7 +2252,7 @@ namespace yy { { OPERATOR_CONTAINER(yylhs.value.as < std::unique_ptr > (), new operators::BeginsWith(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 2287 "seclang-parser.cc" +#line 2256 "seclang-parser.cc" break; case 72: @@ -2298,7 +2267,7 @@ namespace yy { YYERROR; #endif // WITH_GEOIP } -#line 2302 "seclang-parser.cc" +#line 2271 "seclang-parser.cc" break; case 74: @@ -2309,7 +2278,7 @@ namespace yy { for (auto &i : *yystack_[0].value.as < std::unique_ptr > > > ().get()) { if (dynamic_cast(i.get())) { std::shared_ptr at = std::move(i); - std::shared_ptr t2 = std::static_pointer_cast(std::move(at)); + std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { a->push_back(i.release()); @@ -2334,7 +2303,7 @@ namespace yy { YYERROR; } } -#line 2338 "seclang-parser.cc" +#line 2307 "seclang-parser.cc" break; case 75: @@ -2357,7 +2326,7 @@ namespace yy { YYERROR; } } -#line 2361 "seclang-parser.cc" +#line 2330 "seclang-parser.cc" break; case 76: @@ -2368,7 +2337,7 @@ namespace yy { for (auto &i : *yystack_[0].value.as < std::unique_ptr > > > ().get()) { if (dynamic_cast(i.get())) { std::shared_ptr at = std::move(i); - std::shared_ptr t2 = std::static_pointer_cast(std::move(at)); + std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { a->push_back(i.release()); @@ -2382,7 +2351,7 @@ namespace yy { )); driver.addSecAction(std::move(rule)); } -#line 2386 "seclang-parser.cc" +#line 2355 "seclang-parser.cc" break; case 77: @@ -2394,7 +2363,7 @@ namespace yy { for (auto &i : *yystack_[0].value.as < std::unique_ptr > > > ().get()) { if (dynamic_cast(i.get())) { std::shared_ptr at = std::move(i); - std::shared_ptr t2 = std::static_pointer_cast(std::move(at)); + std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { a->push_back(i.release()); @@ -2416,7 +2385,7 @@ namespace yy { YYERROR; } } -#line 2420 "seclang-parser.cc" +#line 2389 "seclang-parser.cc" break; case 78: @@ -2436,19 +2405,14 @@ namespace yy { hasDisruptive = true; } if (phase != NULL) { - definedPhase = phase->m_phase; - secRuleDefinedPhase = phase->m_secRulesPhase; + definedPhase = phase->getPhase(); + secRuleDefinedPhase = phase->getSecRulePhase(); delete phase; - } else if (a->m_actionKind == actions::Action::RunTimeOnlyIfMatchKind || - a->m_actionKind == actions::Action::RunTimeBeforeMatchAttemptKind) { - actions::transformations::None *none = dynamic_cast(a); - if (none != NULL) { - driver.error(yystack_[2].location, "The transformation none is not suitable to be part of the SecDefaultActions"); - YYERROR; - } + } else if (dynamic_cast(a) + && !dynamic_cast(a)) { checkedActions.push_back(a); } else { - driver.error(yystack_[2].location, "The action '" + *a->m_name.get() + "' is not suitable to be part of the SecDefaultActions"); + driver.error(yystack_[2].location, "The action '" + *a->getName() + "' is not suitable to be part of the SecDefaultActions"); YYERROR; } } @@ -2482,78 +2446,78 @@ namespace yy { delete actions; } -#line 2486 "seclang-parser.cc" +#line 2450 "seclang-parser.cc" break; case 79: -#line 1234 "seclang-parser.yy" +#line 1229 "seclang-parser.yy" { driver.addSecMarker(modsecurity::utils::string::removeBracketsIfNeeded(yystack_[0].value.as < std::string > ()), /* file name */ std::unique_ptr(new std::string(*yystack_[0].location.end.filename)), /* line number */ yystack_[0].location.end.line ); } -#line 2497 "seclang-parser.cc" +#line 2461 "seclang-parser.cc" break; case 80: -#line 1241 "seclang-parser.yy" +#line 1236 "seclang-parser.yy" { driver.m_secRuleEngine = modsecurity::RulesSet::DisabledRuleEngine; } -#line 2505 "seclang-parser.cc" +#line 2469 "seclang-parser.cc" break; case 81: -#line 1245 "seclang-parser.yy" +#line 1240 "seclang-parser.yy" { driver.m_secRuleEngine = modsecurity::RulesSet::EnabledRuleEngine; } -#line 2513 "seclang-parser.cc" +#line 2477 "seclang-parser.cc" break; case 82: -#line 1249 "seclang-parser.yy" +#line 1244 "seclang-parser.yy" { driver.m_secRuleEngine = modsecurity::RulesSet::DetectionOnlyRuleEngine; } -#line 2521 "seclang-parser.cc" +#line 2485 "seclang-parser.cc" break; case 83: -#line 1253 "seclang-parser.yy" +#line 1248 "seclang-parser.yy" { driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean; } -#line 2529 "seclang-parser.cc" +#line 2493 "seclang-parser.cc" break; case 84: -#line 1257 "seclang-parser.yy" +#line 1252 "seclang-parser.yy" { driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::FalseConfigBoolean; } -#line 2537 "seclang-parser.cc" +#line 2501 "seclang-parser.cc" break; case 85: -#line 1261 "seclang-parser.yy" +#line 1256 "seclang-parser.yy" { driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean; } -#line 2545 "seclang-parser.cc" +#line 2509 "seclang-parser.cc" break; case 86: -#line 1265 "seclang-parser.yy" +#line 1260 "seclang-parser.yy" { driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::FalseConfigBoolean; } -#line 2553 "seclang-parser.cc" +#line 2517 "seclang-parser.cc" break; case 87: -#line 1269 "seclang-parser.yy" +#line 1264 "seclang-parser.yy" { if (yystack_[0].value.as < std::string > ().length() != 1) { driver.error(yystack_[1].location, "Argument separator should be set to a single character."); @@ -2562,259 +2526,259 @@ namespace yy { driver.m_secArgumentSeparator.m_value = yystack_[0].value.as < std::string > (); driver.m_secArgumentSeparator.m_set = true; } -#line 2566 "seclang-parser.cc" +#line 2530 "seclang-parser.cc" break; case 88: -#line 1278 "seclang-parser.yy" +#line 1273 "seclang-parser.yy" { driver.m_components.push_back(yystack_[0].value.as < std::string > ()); } -#line 2574 "seclang-parser.cc" +#line 2538 "seclang-parser.cc" break; case 89: -#line 1282 "seclang-parser.yy" +#line 1277 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecConnEngine is not yet supported."); YYERROR; } -#line 2583 "seclang-parser.cc" +#line 2547 "seclang-parser.cc" break; case 90: -#line 1287 "seclang-parser.yy" +#line 1282 "seclang-parser.yy" { } -#line 2590 "seclang-parser.cc" +#line 2554 "seclang-parser.cc" break; case 91: -#line 1290 "seclang-parser.yy" +#line 1285 "seclang-parser.yy" { driver.m_secWebAppId.m_value = yystack_[0].value.as < std::string > (); driver.m_secWebAppId.m_set = true; } -#line 2599 "seclang-parser.cc" +#line 2563 "seclang-parser.cc" break; case 92: -#line 1295 "seclang-parser.yy" +#line 1290 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecServerSignature is not supported."); YYERROR; } -#line 2608 "seclang-parser.cc" +#line 2572 "seclang-parser.cc" break; case 93: -#line 1300 "seclang-parser.yy" +#line 1295 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecCacheTransformations is not supported."); YYERROR; } -#line 2617 "seclang-parser.cc" +#line 2581 "seclang-parser.cc" break; case 94: -#line 1305 "seclang-parser.yy" +#line 1300 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecDisableBackendCompression is not supported."); YYERROR; } -#line 2626 "seclang-parser.cc" +#line 2590 "seclang-parser.cc" break; case 95: -#line 1310 "seclang-parser.yy" +#line 1305 "seclang-parser.yy" { } -#line 2633 "seclang-parser.cc" +#line 2597 "seclang-parser.cc" break; case 96: -#line 1313 "seclang-parser.yy" +#line 1308 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecContentInjection is not yet supported."); YYERROR; } -#line 2642 "seclang-parser.cc" +#line 2606 "seclang-parser.cc" break; case 97: -#line 1318 "seclang-parser.yy" +#line 1313 "seclang-parser.yy" { } -#line 2649 "seclang-parser.cc" +#line 2613 "seclang-parser.cc" break; case 98: -#line 1321 "seclang-parser.yy" +#line 1316 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecChrootDir is not supported."); YYERROR; } -#line 2658 "seclang-parser.cc" +#line 2622 "seclang-parser.cc" break; case 99: -#line 1326 "seclang-parser.yy" +#line 1321 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecHashEngine is not yet supported."); YYERROR; } -#line 2667 "seclang-parser.cc" +#line 2631 "seclang-parser.cc" break; case 100: -#line 1331 "seclang-parser.yy" +#line 1326 "seclang-parser.yy" { } +#line 2638 "seclang-parser.cc" + break; + + case 101: +#line 1329 "seclang-parser.yy" + { + driver.error(yystack_[1].location, "SecHashKey is not yet supported."); + YYERROR; + } +#line 2647 "seclang-parser.cc" + break; + + case 102: +#line 1334 "seclang-parser.yy" + { + driver.error(yystack_[1].location, "SecHashParam is not yet supported."); + YYERROR; + } +#line 2656 "seclang-parser.cc" + break; + + case 103: +#line 1339 "seclang-parser.yy" + { + driver.error(yystack_[1].location, "SecHashMethodRx is not yet supported."); + YYERROR; + } +#line 2665 "seclang-parser.cc" + break; + + case 104: +#line 1344 "seclang-parser.yy" + { + driver.error(yystack_[1].location, "SecHashMethodPm is not yet supported."); + YYERROR; + } #line 2674 "seclang-parser.cc" break; - case 101: -#line 1334 "seclang-parser.yy" + case 105: +#line 1349 "seclang-parser.yy" { - driver.error(yystack_[1].location, "SecHashKey is not yet supported."); + driver.error(yystack_[1].location, "SecGsbLookupDb is not supported."); YYERROR; } #line 2683 "seclang-parser.cc" break; - case 102: -#line 1339 "seclang-parser.yy" + case 106: +#line 1354 "seclang-parser.yy" { - driver.error(yystack_[1].location, "SecHashParam is not yet supported."); + driver.error(yystack_[1].location, "SecGuardianLog is not supported."); YYERROR; } #line 2692 "seclang-parser.cc" break; - case 103: -#line 1344 "seclang-parser.yy" + case 107: +#line 1359 "seclang-parser.yy" { - driver.error(yystack_[1].location, "SecHashMethodRx is not yet supported."); + driver.error(yystack_[2].location, "SecInterceptOnError is not yet supported."); YYERROR; } #line 2701 "seclang-parser.cc" break; - case 104: -#line 1349 "seclang-parser.yy" - { - driver.error(yystack_[1].location, "SecHashMethodPm is not yet supported."); - YYERROR; - } -#line 2710 "seclang-parser.cc" - break; - - case 105: -#line 1354 "seclang-parser.yy" - { - driver.error(yystack_[1].location, "SecGsbLookupDb is not supported."); - YYERROR; - } -#line 2719 "seclang-parser.cc" - break; - - case 106: -#line 1359 "seclang-parser.yy" - { - driver.error(yystack_[1].location, "SecGuardianLog is not supported."); - YYERROR; - } -#line 2728 "seclang-parser.cc" - break; - - case 107: + case 108: #line 1364 "seclang-parser.yy" { - driver.error(yystack_[2].location, "SecInterceptOnError is not yet supported."); - YYERROR; } -#line 2737 "seclang-parser.cc" - break; - - case 108: -#line 1369 "seclang-parser.yy" - { - } -#line 2744 "seclang-parser.cc" +#line 2708 "seclang-parser.cc" break; case 109: -#line 1372 "seclang-parser.yy" +#line 1367 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecConnReadStateLimit is not yet supported."); YYERROR; } -#line 2753 "seclang-parser.cc" +#line 2717 "seclang-parser.cc" break; case 110: -#line 1377 "seclang-parser.yy" +#line 1372 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecConnWriteStateLimit is not yet supported."); YYERROR; } -#line 2762 "seclang-parser.cc" +#line 2726 "seclang-parser.cc" break; case 111: -#line 1382 "seclang-parser.yy" +#line 1377 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecSensorId is not yet supported."); YYERROR; } -#line 2771 "seclang-parser.cc" +#line 2735 "seclang-parser.cc" break; case 112: -#line 1387 "seclang-parser.yy" +#line 1382 "seclang-parser.yy" { driver.error(yystack_[2].location, "SecRuleInheritance is not yet supported."); YYERROR; } -#line 2780 "seclang-parser.cc" +#line 2744 "seclang-parser.cc" break; case 113: -#line 1392 "seclang-parser.yy" +#line 1387 "seclang-parser.yy" { } -#line 2787 "seclang-parser.cc" +#line 2751 "seclang-parser.cc" break; case 114: -#line 1395 "seclang-parser.yy" +#line 1390 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecRulePerfTime is not yet supported."); YYERROR; } -#line 2796 "seclang-parser.cc" +#line 2760 "seclang-parser.cc" break; case 115: -#line 1400 "seclang-parser.yy" +#line 1395 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecStreamInBodyInspection is not supported."); YYERROR; } -#line 2805 "seclang-parser.cc" +#line 2769 "seclang-parser.cc" break; case 116: -#line 1405 "seclang-parser.yy" +#line 1400 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecStreamOutBodyInspection is not supported."); YYERROR; } -#line 2814 "seclang-parser.cc" +#line 2778 "seclang-parser.cc" break; case 117: -#line 1410 "seclang-parser.yy" +#line 1405 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.load(yystack_[0].value.as < std::string > (), &error) == false) { @@ -2827,11 +2791,11 @@ namespace yy { YYERROR; } } -#line 2831 "seclang-parser.cc" +#line 2795 "seclang-parser.cc" break; case 118: -#line 1423 "seclang-parser.yy" +#line 1418 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.loadRemoveRuleByTag(yystack_[0].value.as < std::string > (), &error) == false) { @@ -2844,11 +2808,11 @@ namespace yy { YYERROR; } } -#line 2848 "seclang-parser.cc" +#line 2812 "seclang-parser.cc" break; case 119: -#line 1436 "seclang-parser.yy" +#line 1431 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.loadRemoveRuleByMsg(yystack_[0].value.as < std::string > (), &error) == false) { @@ -2861,11 +2825,11 @@ namespace yy { YYERROR; } } -#line 2865 "seclang-parser.cc" +#line 2829 "seclang-parser.cc" break; case 120: -#line 1449 "seclang-parser.yy" +#line 1444 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.loadUpdateTargetByTag(yystack_[1].value.as < std::string > (), std::move(yystack_[0].value.as < std::unique_ptr > > > ()), &error) == false) { @@ -2878,11 +2842,11 @@ namespace yy { YYERROR; } } -#line 2882 "seclang-parser.cc" +#line 2846 "seclang-parser.cc" break; case 121: -#line 1462 "seclang-parser.yy" +#line 1457 "seclang-parser.yy" { std::string error; if (driver.m_exceptions.loadUpdateTargetByMsg(yystack_[1].value.as < std::string > (), std::move(yystack_[0].value.as < std::unique_ptr > > > ()), &error) == false) { @@ -2895,11 +2859,11 @@ namespace yy { YYERROR; } } -#line 2899 "seclang-parser.cc" +#line 2863 "seclang-parser.cc" break; case 122: -#line 1475 "seclang-parser.yy" +#line 1470 "seclang-parser.yy" { std::string error; double ruleId; @@ -2925,11 +2889,11 @@ namespace yy { YYERROR; } } -#line 2929 "seclang-parser.cc" +#line 2893 "seclang-parser.cc" break; case 123: -#line 1501 "seclang-parser.yy" +#line 1496 "seclang-parser.yy" { std::string error; double ruleId; @@ -2956,11 +2920,11 @@ namespace yy { YYERROR; } } -#line 2960 "seclang-parser.cc" +#line 2924 "seclang-parser.cc" break; case 124: -#line 1529 "seclang-parser.yy" +#line 1524 "seclang-parser.yy" { if (driver.m_debugLog != NULL) { driver.m_debugLog->setDebugLogLevel(atoi(yystack_[0].value.as < std::string > ().c_str())); @@ -2972,11 +2936,11 @@ namespace yy { YYERROR; } } -#line 2976 "seclang-parser.cc" +#line 2940 "seclang-parser.cc" break; case 125: -#line 1541 "seclang-parser.yy" +#line 1536 "seclang-parser.yy" { if (driver.m_debugLog != NULL) { std::string error; @@ -2995,11 +2959,11 @@ namespace yy { YYERROR; } } -#line 2999 "seclang-parser.cc" +#line 2963 "seclang-parser.cc" break; case 126: -#line 1561 "seclang-parser.yy" +#line 1556 "seclang-parser.yy" { #if defined(WITH_GEOIP) or defined(WITH_MAXMIND) std::string err; @@ -3026,38 +2990,38 @@ namespace yy { YYERROR; #endif // WITH_GEOIP } -#line 3030 "seclang-parser.cc" +#line 2994 "seclang-parser.cc" break; case 127: -#line 1588 "seclang-parser.yy" +#line 1583 "seclang-parser.yy" { driver.m_argumentsLimit.m_set = true; driver.m_argumentsLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str()); } -#line 3039 "seclang-parser.cc" +#line 3003 "seclang-parser.cc" break; case 128: -#line 1594 "seclang-parser.yy" +#line 1589 "seclang-parser.yy" { driver.m_requestBodyLimit.m_set = true; driver.m_requestBodyLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str()); } -#line 3048 "seclang-parser.cc" +#line 3012 "seclang-parser.cc" break; case 129: -#line 1599 "seclang-parser.yy" +#line 1594 "seclang-parser.yy" { driver.m_requestBodyNoFilesLimit.m_set = true; driver.m_requestBodyNoFilesLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str()); } -#line 3057 "seclang-parser.cc" +#line 3021 "seclang-parser.cc" break; case 130: -#line 1604 "seclang-parser.yy" +#line 1599 "seclang-parser.yy" { std::stringstream ss; ss << "As of ModSecurity version 3.0, SecRequestBodyInMemoryLimit is no longer "; @@ -3066,68 +3030,68 @@ namespace yy { driver.error(yystack_[1].location, ss.str()); YYERROR; } -#line 3070 "seclang-parser.cc" +#line 3034 "seclang-parser.cc" break; case 131: -#line 1613 "seclang-parser.yy" +#line 1608 "seclang-parser.yy" { driver.m_responseBodyLimit.m_set = true; driver.m_responseBodyLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str()); } -#line 3079 "seclang-parser.cc" +#line 3043 "seclang-parser.cc" break; case 132: -#line 1618 "seclang-parser.yy" +#line 1613 "seclang-parser.yy" { driver.m_requestBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::ProcessPartialBodyLimitAction; } -#line 3087 "seclang-parser.cc" +#line 3051 "seclang-parser.cc" break; case 133: -#line 1622 "seclang-parser.yy" +#line 1617 "seclang-parser.yy" { driver.m_requestBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::RejectBodyLimitAction; } -#line 3095 "seclang-parser.cc" +#line 3059 "seclang-parser.cc" break; case 134: -#line 1626 "seclang-parser.yy" +#line 1621 "seclang-parser.yy" { driver.m_responseBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::ProcessPartialBodyLimitAction; } -#line 3103 "seclang-parser.cc" +#line 3067 "seclang-parser.cc" break; case 135: -#line 1630 "seclang-parser.yy" +#line 1625 "seclang-parser.yy" { driver.m_responseBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::RejectBodyLimitAction; } -#line 3111 "seclang-parser.cc" +#line 3075 "seclang-parser.cc" break; case 136: -#line 1634 "seclang-parser.yy" +#line 1629 "seclang-parser.yy" { driver.m_remoteRulesActionOnFailed = RulesSet::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction; } -#line 3119 "seclang-parser.cc" +#line 3083 "seclang-parser.cc" break; case 137: -#line 1638 "seclang-parser.yy" +#line 1633 "seclang-parser.yy" { driver.m_remoteRulesActionOnFailed = RulesSet::OnFailedRemoteRulesAction::WarnOnFailedRemoteRulesAction; } -#line 3127 "seclang-parser.cc" +#line 3091 "seclang-parser.cc" break; case 140: -#line 1652 "seclang-parser.yy" +#line 1647 "seclang-parser.yy" { std::istringstream buf(yystack_[0].value.as < std::string > ()); std::istream_iterator beg(buf), end; @@ -3139,37 +3103,37 @@ namespace yy { driver.m_responseBodyTypeToBeInspected.m_value.insert(*it); } } -#line 3143 "seclang-parser.cc" +#line 3107 "seclang-parser.cc" break; case 141: -#line 1664 "seclang-parser.yy" +#line 1659 "seclang-parser.yy" { driver.m_responseBodyTypeToBeInspected.m_set = true; driver.m_responseBodyTypeToBeInspected.m_clear = true; driver.m_responseBodyTypeToBeInspected.m_value.clear(); } -#line 3153 "seclang-parser.cc" +#line 3117 "seclang-parser.cc" break; case 142: -#line 1670 "seclang-parser.yy" +#line 1665 "seclang-parser.yy" { driver.m_secXMLExternalEntity = modsecurity::RulesSetProperties::FalseConfigBoolean; } -#line 3161 "seclang-parser.cc" +#line 3125 "seclang-parser.cc" break; case 143: -#line 1674 "seclang-parser.yy" +#line 1669 "seclang-parser.yy" { driver.m_secXMLExternalEntity = modsecurity::RulesSetProperties::TrueConfigBoolean; } -#line 3169 "seclang-parser.cc" +#line 3133 "seclang-parser.cc" break; case 144: -#line 1678 "seclang-parser.yy" +#line 1673 "seclang-parser.yy" { /* Parser error disabled to avoid breaking default installations with modsecurity.conf-recommended std::stringstream ss; @@ -3180,31 +3144,31 @@ namespace yy { YYERROR; */ } -#line 3184 "seclang-parser.cc" +#line 3148 "seclang-parser.cc" break; case 147: -#line 1699 "seclang-parser.yy" +#line 1694 "seclang-parser.yy" { if (atoi(yystack_[0].value.as < std::string > ().c_str()) == 1) { driver.error(yystack_[1].location, "SecCookieFormat 1 is not yet supported."); YYERROR; } } -#line 3195 "seclang-parser.cc" +#line 3159 "seclang-parser.cc" break; case 148: -#line 1706 "seclang-parser.yy" +#line 1701 "seclang-parser.yy" { driver.error(yystack_[1].location, "SecCookieV0Separator is not yet supported."); YYERROR; } -#line 3204 "seclang-parser.cc" +#line 3168 "seclang-parser.cc" break; case 150: -#line 1716 "seclang-parser.yy" +#line 1711 "seclang-parser.yy" { std::string error; std::vector param; @@ -3258,31 +3222,31 @@ namespace yy { } } -#line 3262 "seclang-parser.cc" +#line 3226 "seclang-parser.cc" break; case 151: -#line 1770 "seclang-parser.yy" +#line 1765 "seclang-parser.yy" { /* Parser error disabled to avoid breaking default CRS installations with crs-setup.conf-recommended driver.error(@0, "SecCollectionTimeout is not yet supported."); YYERROR; */ } -#line 3273 "seclang-parser.cc" +#line 3237 "seclang-parser.cc" break; case 152: -#line 1777 "seclang-parser.yy" +#line 1772 "seclang-parser.yy" { driver.m_httpblKey.m_set = true; driver.m_httpblKey.m_value = yystack_[0].value.as < std::string > (); } -#line 3282 "seclang-parser.cc" +#line 3246 "seclang-parser.cc" break; case 153: -#line 1785 "seclang-parser.yy" +#line 1780 "seclang-parser.yy" { std::unique_ptr > > originalList = std::move(yystack_[0].value.as < std::unique_ptr > > > ()); std::unique_ptr>> newList(new std::vector>()); @@ -3316,2363 +3280,2363 @@ namespace yy { } yylhs.value.as < std::unique_ptr > > > () = std::move(newNewList); } -#line 3320 "seclang-parser.cc" +#line 3284 "seclang-parser.cc" break; case 154: -#line 1822 "seclang-parser.yy" +#line 1817 "seclang-parser.yy" { yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[0].value.as < std::unique_ptr > > > ()); } -#line 3328 "seclang-parser.cc" +#line 3292 "seclang-parser.cc" break; case 155: -#line 1826 "seclang-parser.yy" +#line 1821 "seclang-parser.yy" { yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[1].value.as < std::unique_ptr > > > ()); } -#line 3336 "seclang-parser.cc" +#line 3300 "seclang-parser.cc" break; case 156: -#line 1833 "seclang-parser.yy" +#line 1828 "seclang-parser.yy" { yystack_[2].value.as < std::unique_ptr > > > ()->push_back(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[2].value.as < std::unique_ptr > > > ()); } -#line 3345 "seclang-parser.cc" +#line 3309 "seclang-parser.cc" break; case 157: -#line 1838 "seclang-parser.yy" +#line 1833 "seclang-parser.yy" { std::unique_ptr c(new VariableModificatorExclusion(std::move(yystack_[0].value.as < std::unique_ptr > ()))); yystack_[3].value.as < std::unique_ptr > > > ()->push_back(std::move(c)); yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[3].value.as < std::unique_ptr > > > ()); } -#line 3355 "seclang-parser.cc" +#line 3319 "seclang-parser.cc" break; case 158: -#line 1844 "seclang-parser.yy" +#line 1839 "seclang-parser.yy" { std::unique_ptr c(new VariableModificatorCount(std::move(yystack_[0].value.as < std::unique_ptr > ()))); yystack_[3].value.as < std::unique_ptr > > > ()->push_back(std::move(c)); yylhs.value.as < std::unique_ptr > > > () = std::move(yystack_[3].value.as < std::unique_ptr > > > ()); } -#line 3365 "seclang-parser.cc" +#line 3329 "seclang-parser.cc" break; case 159: -#line 1850 "seclang-parser.yy" +#line 1845 "seclang-parser.yy" { std::unique_ptr>> b(new std::vector>()); b->push_back(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > > > () = std::move(b); } -#line 3375 "seclang-parser.cc" +#line 3339 "seclang-parser.cc" break; case 160: -#line 1856 "seclang-parser.yy" +#line 1851 "seclang-parser.yy" { std::unique_ptr>> b(new std::vector>()); std::unique_ptr c(new VariableModificatorExclusion(std::move(yystack_[0].value.as < std::unique_ptr > ()))); b->push_back(std::move(c)); yylhs.value.as < std::unique_ptr > > > () = std::move(b); } -#line 3386 "seclang-parser.cc" +#line 3350 "seclang-parser.cc" break; case 161: -#line 1863 "seclang-parser.yy" +#line 1858 "seclang-parser.yy" { std::unique_ptr>> b(new std::vector>()); std::unique_ptr c(new VariableModificatorCount(std::move(yystack_[0].value.as < std::unique_ptr > ()))); b->push_back(std::move(c)); yylhs.value.as < std::unique_ptr > > > () = std::move(b); } -#line 3397 "seclang-parser.cc" +#line 3361 "seclang-parser.cc" break; case 162: -#line 1873 "seclang-parser.yy" +#line 1868 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Args_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3405 "seclang-parser.cc" +#line 3369 "seclang-parser.cc" break; case 163: -#line 1877 "seclang-parser.yy" +#line 1872 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Args_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3413 "seclang-parser.cc" +#line 3377 "seclang-parser.cc" break; case 164: -#line 1881 "seclang-parser.yy" +#line 1876 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Args_NoDictElement()); } -#line 3421 "seclang-parser.cc" +#line 3385 "seclang-parser.cc" break; case 165: -#line 1885 "seclang-parser.yy" +#line 1880 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPost_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3429 "seclang-parser.cc" +#line 3393 "seclang-parser.cc" break; case 166: -#line 1889 "seclang-parser.yy" +#line 1884 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPost_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3437 "seclang-parser.cc" +#line 3401 "seclang-parser.cc" break; case 167: -#line 1893 "seclang-parser.yy" +#line 1888 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPost_NoDictElement()); } -#line 3445 "seclang-parser.cc" +#line 3409 "seclang-parser.cc" break; case 168: -#line 1897 "seclang-parser.yy" +#line 1892 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGet_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3453 "seclang-parser.cc" +#line 3417 "seclang-parser.cc" break; case 169: -#line 1901 "seclang-parser.yy" +#line 1896 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGet_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3461 "seclang-parser.cc" +#line 3425 "seclang-parser.cc" break; case 170: -#line 1905 "seclang-parser.yy" +#line 1900 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGet_NoDictElement()); } -#line 3469 "seclang-parser.cc" +#line 3433 "seclang-parser.cc" break; case 171: -#line 1909 "seclang-parser.yy" +#line 1904 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesSizes_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3477 "seclang-parser.cc" +#line 3441 "seclang-parser.cc" break; case 172: -#line 1913 "seclang-parser.yy" +#line 1908 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesSizes_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3485 "seclang-parser.cc" +#line 3449 "seclang-parser.cc" break; case 173: -#line 1917 "seclang-parser.yy" +#line 1912 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesSizes_NoDictElement()); } -#line 3493 "seclang-parser.cc" +#line 3457 "seclang-parser.cc" break; case 174: -#line 1921 "seclang-parser.yy" +#line 1916 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3501 "seclang-parser.cc" +#line 3465 "seclang-parser.cc" break; case 175: -#line 1925 "seclang-parser.yy" +#line 1920 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3509 "seclang-parser.cc" +#line 3473 "seclang-parser.cc" break; case 176: -#line 1929 "seclang-parser.yy" +#line 1924 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesNames_NoDictElement()); } -#line 3517 "seclang-parser.cc" +#line 3481 "seclang-parser.cc" break; case 177: -#line 1933 "seclang-parser.yy" +#line 1928 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpContent_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3525 "seclang-parser.cc" +#line 3489 "seclang-parser.cc" break; case 178: -#line 1937 "seclang-parser.yy" +#line 1932 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpContent_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3533 "seclang-parser.cc" +#line 3497 "seclang-parser.cc" break; case 179: -#line 1941 "seclang-parser.yy" +#line 1936 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpContent_NoDictElement()); } -#line 3541 "seclang-parser.cc" +#line 3505 "seclang-parser.cc" break; case 180: -#line 1945 "seclang-parser.yy" +#line 1940 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartFileName_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3549 "seclang-parser.cc" +#line 3513 "seclang-parser.cc" break; case 181: -#line 1949 "seclang-parser.yy" +#line 1944 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartFileName_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3557 "seclang-parser.cc" +#line 3521 "seclang-parser.cc" break; case 182: -#line 1953 "seclang-parser.yy" +#line 1948 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartFileName_NoDictElement()); } -#line 3565 "seclang-parser.cc" +#line 3529 "seclang-parser.cc" break; case 183: -#line 1957 "seclang-parser.yy" +#line 1952 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartName_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3573 "seclang-parser.cc" +#line 3537 "seclang-parser.cc" break; case 184: -#line 1961 "seclang-parser.yy" +#line 1956 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartName_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3581 "seclang-parser.cc" +#line 3545 "seclang-parser.cc" break; case 185: -#line 1965 "seclang-parser.yy" +#line 1960 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultiPartName_NoDictElement()); } -#line 3589 "seclang-parser.cc" +#line 3553 "seclang-parser.cc" break; case 186: -#line 1969 "seclang-parser.yy" +#line 1964 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVarsNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3597 "seclang-parser.cc" +#line 3561 "seclang-parser.cc" break; case 187: -#line 1973 "seclang-parser.yy" +#line 1968 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVarsNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3605 "seclang-parser.cc" +#line 3569 "seclang-parser.cc" break; case 188: -#line 1977 "seclang-parser.yy" +#line 1972 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVarsNames_NoDictElement()); } -#line 3613 "seclang-parser.cc" +#line 3577 "seclang-parser.cc" break; case 189: -#line 1981 "seclang-parser.yy" +#line 1976 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVars_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3621 "seclang-parser.cc" +#line 3585 "seclang-parser.cc" break; case 190: -#line 1985 "seclang-parser.yy" +#line 1980 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVars_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3629 "seclang-parser.cc" +#line 3593 "seclang-parser.cc" break; case 191: -#line 1989 "seclang-parser.yy" +#line 1984 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVars_NoDictElement()); } -#line 3637 "seclang-parser.cc" +#line 3601 "seclang-parser.cc" break; case 192: -#line 1993 "seclang-parser.yy" +#line 1988 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Files_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3645 "seclang-parser.cc" +#line 3609 "seclang-parser.cc" break; case 193: -#line 1997 "seclang-parser.yy" +#line 1992 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Files_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3653 "seclang-parser.cc" +#line 3617 "seclang-parser.cc" break; case 194: -#line 2001 "seclang-parser.yy" +#line 1996 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Files_NoDictElement()); } -#line 3661 "seclang-parser.cc" +#line 3625 "seclang-parser.cc" break; case 195: -#line 2005 "seclang-parser.yy" +#line 2000 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookies_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3669 "seclang-parser.cc" +#line 3633 "seclang-parser.cc" break; case 196: -#line 2009 "seclang-parser.yy" +#line 2004 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookies_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3677 "seclang-parser.cc" +#line 3641 "seclang-parser.cc" break; case 197: -#line 2013 "seclang-parser.yy" +#line 2008 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookies_NoDictElement()); } -#line 3685 "seclang-parser.cc" +#line 3649 "seclang-parser.cc" break; case 198: -#line 2017 "seclang-parser.yy" +#line 2012 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeaders_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3693 "seclang-parser.cc" +#line 3657 "seclang-parser.cc" break; case 199: -#line 2021 "seclang-parser.yy" +#line 2016 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeaders_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3701 "seclang-parser.cc" +#line 3665 "seclang-parser.cc" break; case 200: -#line 2025 "seclang-parser.yy" +#line 2020 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeaders_NoDictElement()); } -#line 3709 "seclang-parser.cc" +#line 3673 "seclang-parser.cc" break; case 201: -#line 2029 "seclang-parser.yy" +#line 2024 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeaders_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3717 "seclang-parser.cc" +#line 3681 "seclang-parser.cc" break; case 202: -#line 2033 "seclang-parser.yy" +#line 2028 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeaders_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3725 "seclang-parser.cc" +#line 3689 "seclang-parser.cc" break; case 203: -#line 2037 "seclang-parser.yy" +#line 2032 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeaders_NoDictElement()); } -#line 3733 "seclang-parser.cc" +#line 3697 "seclang-parser.cc" break; case 204: -#line 2041 "seclang-parser.yy" +#line 2036 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Geo_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3741 "seclang-parser.cc" +#line 3705 "seclang-parser.cc" break; case 205: -#line 2045 "seclang-parser.yy" +#line 2040 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Geo_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3749 "seclang-parser.cc" +#line 3713 "seclang-parser.cc" break; case 206: -#line 2049 "seclang-parser.yy" +#line 2044 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Geo_NoDictElement()); } -#line 3757 "seclang-parser.cc" +#line 3721 "seclang-parser.cc" break; case 207: -#line 2053 "seclang-parser.yy" +#line 2048 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookiesNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3765 "seclang-parser.cc" +#line 3729 "seclang-parser.cc" break; case 208: -#line 2057 "seclang-parser.yy" +#line 2052 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookiesNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3773 "seclang-parser.cc" +#line 3737 "seclang-parser.cc" break; case 209: -#line 2061 "seclang-parser.yy" +#line 2056 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestCookiesNames_NoDictElement()); } -#line 3781 "seclang-parser.cc" +#line 3745 "seclang-parser.cc" break; case 210: -#line 2065 "seclang-parser.yy" +#line 2060 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Rule_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3789 "seclang-parser.cc" +#line 3753 "seclang-parser.cc" break; case 211: -#line 2069 "seclang-parser.yy" +#line 2064 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Rule_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3797 "seclang-parser.cc" +#line 3761 "seclang-parser.cc" break; case 212: -#line 2073 "seclang-parser.yy" +#line 2068 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Rule_NoDictElement()); } -#line 3805 "seclang-parser.cc" +#line 3769 "seclang-parser.cc" break; case 213: -#line 2077 "seclang-parser.yy" +#line 2072 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Env("ENV:" + yystack_[0].value.as < std::string > ())); } -#line 3813 "seclang-parser.cc" +#line 3777 "seclang-parser.cc" break; case 214: -#line 2081 "seclang-parser.yy" +#line 2076 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Env("ENV:" + yystack_[0].value.as < std::string > ())); } -#line 3821 "seclang-parser.cc" +#line 3785 "seclang-parser.cc" break; case 215: -#line 2085 "seclang-parser.yy" +#line 2080 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Env("ENV")); } -#line 3829 "seclang-parser.cc" +#line 3793 "seclang-parser.cc" break; case 216: -#line 2089 "seclang-parser.yy" +#line 2084 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::XML("XML:" + yystack_[0].value.as < std::string > ())); } -#line 3837 "seclang-parser.cc" +#line 3801 "seclang-parser.cc" break; case 217: -#line 2093 "seclang-parser.yy" +#line 2088 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::XML("XML:" + yystack_[0].value.as < std::string > ())); } -#line 3845 "seclang-parser.cc" +#line 3809 "seclang-parser.cc" break; case 218: -#line 2097 "seclang-parser.yy" +#line 2092 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::XML_NoDictElement()); } -#line 3853 "seclang-parser.cc" +#line 3817 "seclang-parser.cc" break; case 219: -#line 2101 "seclang-parser.yy" +#line 2096 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3861 "seclang-parser.cc" +#line 3825 "seclang-parser.cc" break; case 220: -#line 2105 "seclang-parser.yy" +#line 2100 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3869 "seclang-parser.cc" +#line 3833 "seclang-parser.cc" break; case 221: -#line 2109 "seclang-parser.yy" +#line 2104 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesTmpNames_NoDictElement()); } -#line 3877 "seclang-parser.cc" +#line 3841 "seclang-parser.cc" break; case 222: -#line 2113 "seclang-parser.yy" +#line 2108 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Resource_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 3885 "seclang-parser.cc" +#line 3849 "seclang-parser.cc" break; case 223: -#line 2117 "seclang-parser.yy" +#line 2112 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Resource_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3893 "seclang-parser.cc" +#line 3857 "seclang-parser.cc" break; case 224: -#line 2121 "seclang-parser.yy" +#line 2116 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Resource_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3901 "seclang-parser.cc" +#line 3865 "seclang-parser.cc" break; case 225: -#line 2125 "seclang-parser.yy" +#line 2120 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Resource_NoDictElement()); } -#line 3909 "seclang-parser.cc" +#line 3873 "seclang-parser.cc" break; case 226: -#line 2129 "seclang-parser.yy" +#line 2124 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Ip_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 3917 "seclang-parser.cc" +#line 3881 "seclang-parser.cc" break; case 227: -#line 2133 "seclang-parser.yy" +#line 2128 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Ip_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3925 "seclang-parser.cc" +#line 3889 "seclang-parser.cc" break; case 228: -#line 2137 "seclang-parser.yy" +#line 2132 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Ip_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3933 "seclang-parser.cc" +#line 3897 "seclang-parser.cc" break; case 229: -#line 2141 "seclang-parser.yy" +#line 2136 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Ip_NoDictElement()); } -#line 3941 "seclang-parser.cc" +#line 3905 "seclang-parser.cc" break; case 230: -#line 2145 "seclang-parser.yy" +#line 2140 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Global_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 3949 "seclang-parser.cc" +#line 3913 "seclang-parser.cc" break; case 231: -#line 2149 "seclang-parser.yy" +#line 2144 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Global_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3957 "seclang-parser.cc" +#line 3921 "seclang-parser.cc" break; case 232: -#line 2153 "seclang-parser.yy" +#line 2148 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Global_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3965 "seclang-parser.cc" +#line 3929 "seclang-parser.cc" break; case 233: -#line 2157 "seclang-parser.yy" +#line 2152 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Global_NoDictElement()); } -#line 3973 "seclang-parser.cc" +#line 3937 "seclang-parser.cc" break; case 234: -#line 2161 "seclang-parser.yy" +#line 2156 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::User_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 3981 "seclang-parser.cc" +#line 3945 "seclang-parser.cc" break; case 235: -#line 2165 "seclang-parser.yy" +#line 2160 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::User_DictElement(yystack_[0].value.as < std::string > ())); } -#line 3989 "seclang-parser.cc" +#line 3953 "seclang-parser.cc" break; case 236: -#line 2169 "seclang-parser.yy" +#line 2164 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::User_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 3997 "seclang-parser.cc" +#line 3961 "seclang-parser.cc" break; case 237: -#line 2173 "seclang-parser.yy" +#line 2168 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::User_NoDictElement()); } -#line 4005 "seclang-parser.cc" +#line 3969 "seclang-parser.cc" break; case 238: -#line 2177 "seclang-parser.yy" +#line 2172 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Tx_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 4013 "seclang-parser.cc" +#line 3977 "seclang-parser.cc" break; case 239: -#line 2181 "seclang-parser.yy" +#line 2176 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Tx_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4021 "seclang-parser.cc" +#line 3985 "seclang-parser.cc" break; case 240: -#line 2185 "seclang-parser.yy" +#line 2180 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Tx_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4029 "seclang-parser.cc" +#line 3993 "seclang-parser.cc" break; case 241: -#line 2189 "seclang-parser.yy" +#line 2184 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Tx_NoDictElement()); } -#line 4037 "seclang-parser.cc" +#line 4001 "seclang-parser.cc" break; case 242: -#line 2193 "seclang-parser.yy" +#line 2188 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Session_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 4045 "seclang-parser.cc" +#line 4009 "seclang-parser.cc" break; case 243: -#line 2197 "seclang-parser.yy" +#line 2192 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Session_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4053 "seclang-parser.cc" +#line 4017 "seclang-parser.cc" break; case 244: -#line 2201 "seclang-parser.yy" +#line 2196 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Session_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4061 "seclang-parser.cc" +#line 4025 "seclang-parser.cc" break; case 245: -#line 2205 "seclang-parser.yy" +#line 2200 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Session_NoDictElement()); } -#line 4069 "seclang-parser.cc" +#line 4033 "seclang-parser.cc" break; case 246: -#line 2209 "seclang-parser.yy" +#line 2204 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4077 "seclang-parser.cc" +#line 4041 "seclang-parser.cc" break; case 247: -#line 2213 "seclang-parser.yy" +#line 2208 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4085 "seclang-parser.cc" +#line 4049 "seclang-parser.cc" break; case 248: -#line 2217 "seclang-parser.yy" +#line 2212 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsNames_NoDictElement()); } -#line 4093 "seclang-parser.cc" +#line 4057 "seclang-parser.cc" break; case 249: -#line 2221 "seclang-parser.yy" +#line 2216 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGetNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4101 "seclang-parser.cc" +#line 4065 "seclang-parser.cc" break; case 250: -#line 2225 "seclang-parser.yy" +#line 2220 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGetNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4109 "seclang-parser.cc" +#line 4073 "seclang-parser.cc" break; case 251: -#line 2229 "seclang-parser.yy" +#line 2224 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsGetNames_NoDictElement()); } -#line 4117 "seclang-parser.cc" +#line 4081 "seclang-parser.cc" break; case 252: -#line 2234 "seclang-parser.yy" +#line 2229 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPostNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4125 "seclang-parser.cc" +#line 4089 "seclang-parser.cc" break; case 253: -#line 2238 "seclang-parser.yy" +#line 2233 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPostNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4133 "seclang-parser.cc" +#line 4097 "seclang-parser.cc" break; case 254: -#line 2242 "seclang-parser.yy" +#line 2237 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsPostNames_NoDictElement()); } -#line 4141 "seclang-parser.cc" +#line 4105 "seclang-parser.cc" break; case 255: -#line 2247 "seclang-parser.yy" +#line 2242 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeadersNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4149 "seclang-parser.cc" +#line 4113 "seclang-parser.cc" break; case 256: -#line 2251 "seclang-parser.yy" +#line 2246 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeadersNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4157 "seclang-parser.cc" +#line 4121 "seclang-parser.cc" break; case 257: -#line 2255 "seclang-parser.yy" +#line 2250 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestHeadersNames_NoDictElement()); } -#line 4165 "seclang-parser.cc" +#line 4129 "seclang-parser.cc" break; case 258: -#line 2260 "seclang-parser.yy" +#line 2255 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseContentType()); } -#line 4173 "seclang-parser.cc" +#line 4137 "seclang-parser.cc" break; case 259: -#line 2265 "seclang-parser.yy" +#line 2260 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeadersNames_DictElement(yystack_[0].value.as < std::string > ())); } -#line 4181 "seclang-parser.cc" +#line 4145 "seclang-parser.cc" break; case 260: -#line 2269 "seclang-parser.yy" +#line 2264 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeadersNames_DictElementRegexp(yystack_[0].value.as < std::string > ())); } -#line 4189 "seclang-parser.cc" +#line 4153 "seclang-parser.cc" break; case 261: -#line 2273 "seclang-parser.yy" +#line 2268 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseHeadersNames_NoDictElement()); } -#line 4197 "seclang-parser.cc" +#line 4161 "seclang-parser.cc" break; case 262: -#line 2277 "seclang-parser.yy" +#line 2272 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ArgsCombinedSize()); } -#line 4205 "seclang-parser.cc" +#line 4169 "seclang-parser.cc" break; case 263: -#line 2281 "seclang-parser.yy" +#line 2276 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::AuthType()); } -#line 4213 "seclang-parser.cc" +#line 4177 "seclang-parser.cc" break; case 264: -#line 2285 "seclang-parser.yy" +#line 2280 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FilesCombinedSize()); } -#line 4221 "seclang-parser.cc" +#line 4185 "seclang-parser.cc" break; case 265: -#line 2289 "seclang-parser.yy" +#line 2284 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FullRequest()); } -#line 4229 "seclang-parser.cc" +#line 4193 "seclang-parser.cc" break; case 266: -#line 2293 "seclang-parser.yy" +#line 2288 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::FullRequestLength()); } -#line 4237 "seclang-parser.cc" +#line 4201 "seclang-parser.cc" break; case 267: -#line 2297 "seclang-parser.yy" +#line 2292 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::InboundDataError()); } -#line 4245 "seclang-parser.cc" +#line 4209 "seclang-parser.cc" break; case 268: -#line 2301 "seclang-parser.yy" +#line 2296 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVar()); } -#line 4253 "seclang-parser.cc" +#line 4217 "seclang-parser.cc" break; case 269: -#line 2305 "seclang-parser.yy" +#line 2300 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MatchedVarName()); } -#line 4261 "seclang-parser.cc" +#line 4225 "seclang-parser.cc" break; case 270: -#line 2309 "seclang-parser.yy" +#line 2304 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartBoundaryQuoted()); } -#line 4269 "seclang-parser.cc" +#line 4233 "seclang-parser.cc" break; case 271: -#line 2313 "seclang-parser.yy" +#line 2308 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartBoundaryWhiteSpace()); } -#line 4277 "seclang-parser.cc" +#line 4241 "seclang-parser.cc" break; case 272: -#line 2317 "seclang-parser.yy" +#line 2312 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartCrlfLFLines()); } -#line 4285 "seclang-parser.cc" +#line 4249 "seclang-parser.cc" break; case 273: -#line 2321 "seclang-parser.yy" +#line 2316 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartDateAfter()); } -#line 4293 "seclang-parser.cc" +#line 4257 "seclang-parser.cc" break; case 274: -#line 2325 "seclang-parser.yy" +#line 2320 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartDateBefore()); } -#line 4301 "seclang-parser.cc" +#line 4265 "seclang-parser.cc" break; case 275: -#line 2329 "seclang-parser.yy" +#line 2324 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartFileLimitExceeded()); } -#line 4309 "seclang-parser.cc" +#line 4273 "seclang-parser.cc" break; case 276: -#line 2333 "seclang-parser.yy" +#line 2328 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartHeaderFolding()); } -#line 4317 "seclang-parser.cc" +#line 4281 "seclang-parser.cc" break; case 277: -#line 2337 "seclang-parser.yy" +#line 2332 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartInvalidHeaderFolding()); } -#line 4325 "seclang-parser.cc" +#line 4289 "seclang-parser.cc" break; case 278: -#line 2341 "seclang-parser.yy" +#line 2336 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartInvalidPart()); } -#line 4333 "seclang-parser.cc" +#line 4297 "seclang-parser.cc" break; case 279: -#line 2345 "seclang-parser.yy" +#line 2340 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartInvalidQuoting()); } -#line 4341 "seclang-parser.cc" +#line 4305 "seclang-parser.cc" break; case 280: -#line 2349 "seclang-parser.yy" +#line 2344 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartLFLine()); } -#line 4349 "seclang-parser.cc" +#line 4313 "seclang-parser.cc" break; case 281: -#line 2353 "seclang-parser.yy" +#line 2348 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartMissingSemicolon()); } -#line 4357 "seclang-parser.cc" +#line 4321 "seclang-parser.cc" break; case 282: -#line 2357 "seclang-parser.yy" +#line 2352 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartMissingSemicolon()); } -#line 4365 "seclang-parser.cc" +#line 4329 "seclang-parser.cc" break; case 283: -#line 2361 "seclang-parser.yy" +#line 2356 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartStrictError()); } -#line 4373 "seclang-parser.cc" +#line 4337 "seclang-parser.cc" break; case 284: -#line 2365 "seclang-parser.yy" +#line 2360 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::MultipartUnmatchedBoundary()); } -#line 4381 "seclang-parser.cc" +#line 4345 "seclang-parser.cc" break; case 285: -#line 2369 "seclang-parser.yy" +#line 2364 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::OutboundDataError()); } -#line 4389 "seclang-parser.cc" +#line 4353 "seclang-parser.cc" break; case 286: -#line 2373 "seclang-parser.yy" +#line 2368 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::PathInfo()); } -#line 4397 "seclang-parser.cc" +#line 4361 "seclang-parser.cc" break; case 287: -#line 2377 "seclang-parser.yy" +#line 2372 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::QueryString()); } -#line 4405 "seclang-parser.cc" +#line 4369 "seclang-parser.cc" break; case 288: -#line 2381 "seclang-parser.yy" +#line 2376 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RemoteAddr()); } -#line 4413 "seclang-parser.cc" +#line 4377 "seclang-parser.cc" break; case 289: -#line 2385 "seclang-parser.yy" +#line 2380 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RemoteHost()); } -#line 4421 "seclang-parser.cc" +#line 4385 "seclang-parser.cc" break; case 290: -#line 2389 "seclang-parser.yy" +#line 2384 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RemotePort()); } -#line 4429 "seclang-parser.cc" +#line 4393 "seclang-parser.cc" break; case 291: -#line 2393 "seclang-parser.yy" +#line 2388 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyError()); } -#line 4437 "seclang-parser.cc" +#line 4401 "seclang-parser.cc" break; case 292: -#line 2397 "seclang-parser.yy" +#line 2392 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyErrorMsg()); } -#line 4445 "seclang-parser.cc" +#line 4409 "seclang-parser.cc" break; case 293: -#line 2401 "seclang-parser.yy" +#line 2396 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyProcessor()); } -#line 4453 "seclang-parser.cc" +#line 4417 "seclang-parser.cc" break; case 294: -#line 2405 "seclang-parser.yy" +#line 2400 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyProcessorError()); } -#line 4461 "seclang-parser.cc" +#line 4425 "seclang-parser.cc" break; case 295: -#line 2409 "seclang-parser.yy" +#line 2404 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ReqbodyProcessorErrorMsg()); } -#line 4469 "seclang-parser.cc" +#line 4433 "seclang-parser.cc" break; case 296: -#line 2413 "seclang-parser.yy" +#line 2408 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestBasename()); } -#line 4477 "seclang-parser.cc" +#line 4441 "seclang-parser.cc" break; case 297: -#line 2417 "seclang-parser.yy" +#line 2412 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestBody()); } -#line 4485 "seclang-parser.cc" +#line 4449 "seclang-parser.cc" break; case 298: -#line 2421 "seclang-parser.yy" +#line 2416 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestBodyLength()); } -#line 4493 "seclang-parser.cc" +#line 4457 "seclang-parser.cc" break; case 299: -#line 2425 "seclang-parser.yy" +#line 2420 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestFilename()); } -#line 4501 "seclang-parser.cc" +#line 4465 "seclang-parser.cc" break; case 300: -#line 2429 "seclang-parser.yy" +#line 2424 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestLine()); } -#line 4509 "seclang-parser.cc" +#line 4473 "seclang-parser.cc" break; case 301: -#line 2433 "seclang-parser.yy" +#line 2428 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestMethod()); } -#line 4517 "seclang-parser.cc" +#line 4481 "seclang-parser.cc" break; case 302: -#line 2437 "seclang-parser.yy" +#line 2432 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestProtocol()); } -#line 4525 "seclang-parser.cc" +#line 4489 "seclang-parser.cc" break; case 303: -#line 2441 "seclang-parser.yy" +#line 2436 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestURI()); } -#line 4533 "seclang-parser.cc" +#line 4497 "seclang-parser.cc" break; case 304: -#line 2445 "seclang-parser.yy" +#line 2440 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::RequestURIRaw()); } -#line 4541 "seclang-parser.cc" +#line 4505 "seclang-parser.cc" break; case 305: -#line 2449 "seclang-parser.yy" +#line 2444 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseBody()); } -#line 4549 "seclang-parser.cc" +#line 4513 "seclang-parser.cc" break; case 306: -#line 2453 "seclang-parser.yy" +#line 2448 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseContentLength()); } -#line 4557 "seclang-parser.cc" +#line 4521 "seclang-parser.cc" break; case 307: -#line 2457 "seclang-parser.yy" +#line 2452 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseProtocol()); } -#line 4565 "seclang-parser.cc" +#line 4529 "seclang-parser.cc" break; case 308: -#line 2461 "seclang-parser.yy" +#line 2456 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ResponseStatus()); } -#line 4573 "seclang-parser.cc" +#line 4537 "seclang-parser.cc" break; case 309: -#line 2465 "seclang-parser.yy" +#line 2460 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ServerAddr()); } -#line 4581 "seclang-parser.cc" +#line 4545 "seclang-parser.cc" break; case 310: -#line 2469 "seclang-parser.yy" +#line 2464 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ServerName()); } -#line 4589 "seclang-parser.cc" +#line 4553 "seclang-parser.cc" break; case 311: -#line 2473 "seclang-parser.yy" +#line 2468 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::ServerPort()); } -#line 4597 "seclang-parser.cc" +#line 4561 "seclang-parser.cc" break; case 312: -#line 2477 "seclang-parser.yy" +#line 2472 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::SessionID()); } -#line 4605 "seclang-parser.cc" +#line 4569 "seclang-parser.cc" break; case 313: -#line 2481 "seclang-parser.yy" +#line 2476 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::UniqueID()); } -#line 4613 "seclang-parser.cc" +#line 4577 "seclang-parser.cc" break; case 314: -#line 2485 "seclang-parser.yy" +#line 2480 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::UrlEncodedError()); } -#line 4621 "seclang-parser.cc" +#line 4585 "seclang-parser.cc" break; case 315: -#line 2489 "seclang-parser.yy" +#line 2484 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::UserID()); } -#line 4629 "seclang-parser.cc" +#line 4593 "seclang-parser.cc" break; case 316: -#line 2493 "seclang-parser.yy" +#line 2488 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Status()); } -#line 4637 "seclang-parser.cc" +#line 4601 "seclang-parser.cc" break; case 317: -#line 2497 "seclang-parser.yy" +#line 2492 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::Status()); } -#line 4645 "seclang-parser.cc" +#line 4609 "seclang-parser.cc" break; case 318: -#line 2501 "seclang-parser.yy" +#line 2496 "seclang-parser.yy" { VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr > (), new variables::WebAppId()); } -#line 4653 "seclang-parser.cc" +#line 4617 "seclang-parser.cc" break; case 319: -#line 2505 "seclang-parser.yy" +#line 2500 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new Duration(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4664 "seclang-parser.cc" +#line 4628 "seclang-parser.cc" break; case 320: -#line 2513 "seclang-parser.yy" +#line 2508 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new ModsecBuild(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4675 "seclang-parser.cc" +#line 4639 "seclang-parser.cc" break; case 321: -#line 2520 "seclang-parser.yy" +#line 2515 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new HighestSeverity(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4686 "seclang-parser.cc" +#line 4650 "seclang-parser.cc" break; case 322: -#line 2527 "seclang-parser.yy" +#line 2522 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new RemoteUser(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4697 "seclang-parser.cc" +#line 4661 "seclang-parser.cc" break; case 323: -#line 2534 "seclang-parser.yy" +#line 2529 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new Time(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4708 "seclang-parser.cc" +#line 4672 "seclang-parser.cc" break; case 324: -#line 2541 "seclang-parser.yy" +#line 2536 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeDay(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4719 "seclang-parser.cc" +#line 4683 "seclang-parser.cc" break; case 325: -#line 2548 "seclang-parser.yy" +#line 2543 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeEpoch(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4730 "seclang-parser.cc" +#line 4694 "seclang-parser.cc" break; case 326: -#line 2555 "seclang-parser.yy" +#line 2550 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeHour(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4741 "seclang-parser.cc" +#line 4705 "seclang-parser.cc" break; case 327: -#line 2562 "seclang-parser.yy" +#line 2557 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeMin(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4752 "seclang-parser.cc" +#line 4716 "seclang-parser.cc" break; case 328: -#line 2569 "seclang-parser.yy" +#line 2564 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeMon(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4763 "seclang-parser.cc" +#line 4727 "seclang-parser.cc" break; case 329: -#line 2576 "seclang-parser.yy" +#line 2571 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeSec(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4774 "seclang-parser.cc" +#line 4738 "seclang-parser.cc" break; case 330: -#line 2583 "seclang-parser.yy" +#line 2578 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeWDay(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4785 "seclang-parser.cc" +#line 4749 "seclang-parser.cc" break; case 331: -#line 2590 "seclang-parser.yy" +#line 2585 "seclang-parser.yy" { std::string name(yystack_[0].value.as < std::string > ()); char z = name.at(0); std::unique_ptr c(new TimeYear(name)); yylhs.value.as < std::unique_ptr > () = std::move(c); } -#line 4796 "seclang-parser.cc" +#line 4760 "seclang-parser.cc" break; case 332: -#line 2600 "seclang-parser.yy" +#line 2595 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Accuracy(yystack_[0].value.as < std::string > ())); } -#line 4804 "seclang-parser.cc" +#line 4768 "seclang-parser.cc" break; case 333: -#line 2604 "seclang-parser.yy" +#line 2599 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Allow(yystack_[0].value.as < std::string > ())); } -#line 4812 "seclang-parser.cc" +#line 4776 "seclang-parser.cc" break; case 334: -#line 2608 "seclang-parser.yy" +#line 2603 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("Append", yystack_[1].location); } -#line 4820 "seclang-parser.cc" +#line 4784 "seclang-parser.cc" break; case 335: -#line 2612 "seclang-parser.yy" +#line 2607 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::AuditLog(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::AuditLog()); } -#line 4828 "seclang-parser.cc" +#line 4792 "seclang-parser.cc" break; case 336: -#line 2616 "seclang-parser.yy" +#line 2611 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Block(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Block()); } -#line 4836 "seclang-parser.cc" +#line 4800 "seclang-parser.cc" break; case 337: -#line 2620 "seclang-parser.yy" +#line 2615 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Capture(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Capture()); } -#line 4844 "seclang-parser.cc" +#line 4808 "seclang-parser.cc" break; case 338: -#line 2624 "seclang-parser.yy" +#line 2619 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Chain(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Chain()); } -#line 4852 "seclang-parser.cc" +#line 4816 "seclang-parser.cc" break; case 339: +#line 2623 "seclang-parser.yy" + { + //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); + } +#line 4825 "seclang-parser.cc" + break; + + case 340: #line 2628 "seclang-parser.yy" { //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0); ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); } -#line 4861 "seclang-parser.cc" +#line 4834 "seclang-parser.cc" break; - case 340: + case 341: #line 2633 "seclang-parser.yy" { //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0); ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); } -#line 4870 "seclang-parser.cc" - break; - - case 341: -#line 2638 "seclang-parser.yy" - { - //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0); - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); - } -#line 4879 "seclang-parser.cc" +#line 4843 "seclang-parser.cc" break; case 342: -#line 2643 "seclang-parser.yy" +#line 2638 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::AuditLogParts(yystack_[0].value.as < std::string > ())); } -#line 4887 "seclang-parser.cc" +#line 4851 "seclang-parser.cc" break; case 343: -#line 2647 "seclang-parser.yy" +#line 2642 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyProcessorJSON(yystack_[0].value.as < std::string > ())); } -#line 4895 "seclang-parser.cc" +#line 4859 "seclang-parser.cc" break; case 344: -#line 2651 "seclang-parser.yy" +#line 2646 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyProcessorXML(yystack_[0].value.as < std::string > ())); } -#line 4903 "seclang-parser.cc" +#line 4867 "seclang-parser.cc" break; case 345: -#line 2655 "seclang-parser.yy" +#line 2650 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyProcessorURLENCODED(yystack_[0].value.as < std::string > ())); } -#line 4911 "seclang-parser.cc" +#line 4875 "seclang-parser.cc" break; case 346: +#line 2654 "seclang-parser.yy" + { + //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); + } +#line 4884 "seclang-parser.cc" + break; + + case 347: #line 2659 "seclang-parser.yy" { //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0); ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); } -#line 4920 "seclang-parser.cc" - break; - - case 347: -#line 2664 "seclang-parser.yy" - { - //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0); - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[1].value.as < std::string > ())); - } -#line 4929 "seclang-parser.cc" +#line 4893 "seclang-parser.cc" break; case 348: -#line 2669 "seclang-parser.yy" +#line 2664 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as < std::string > () + "true")); } -#line 4937 "seclang-parser.cc" +#line 4901 "seclang-parser.cc" break; case 349: -#line 2673 "seclang-parser.yy" +#line 2668 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as < std::string > () + "false")); } -#line 4945 "seclang-parser.cc" +#line 4909 "seclang-parser.cc" break; case 350: -#line 2677 "seclang-parser.yy" +#line 2672 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleEngine("ctl:RuleEngine=on")); } -#line 4953 "seclang-parser.cc" +#line 4917 "seclang-parser.cc" break; case 351: -#line 2681 "seclang-parser.yy" +#line 2676 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleEngine("ctl:RuleEngine=off")); } -#line 4961 "seclang-parser.cc" +#line 4925 "seclang-parser.cc" break; case 352: -#line 2685 "seclang-parser.yy" +#line 2680 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleEngine("ctl:RuleEngine=detectiononly")); } -#line 4969 "seclang-parser.cc" +#line 4933 "seclang-parser.cc" break; case 353: -#line 2689 "seclang-parser.yy" +#line 2684 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleRemoveById(yystack_[0].value.as < std::string > ())); } -#line 4977 "seclang-parser.cc" +#line 4941 "seclang-parser.cc" break; case 354: -#line 2693 "seclang-parser.yy" +#line 2688 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleRemoveByTag(yystack_[0].value.as < std::string > ())); } -#line 4985 "seclang-parser.cc" +#line 4949 "seclang-parser.cc" break; case 355: -#line 2697 "seclang-parser.yy" +#line 2692 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleRemoveTargetById(yystack_[0].value.as < std::string > ())); } -#line 4993 "seclang-parser.cc" +#line 4957 "seclang-parser.cc" break; case 356: -#line 2701 "seclang-parser.yy" +#line 2696 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::ctl::RuleRemoveTargetByTag(yystack_[0].value.as < std::string > ())); } -#line 5001 "seclang-parser.cc" +#line 4965 "seclang-parser.cc" break; case 357: -#line 2705 "seclang-parser.yy" +#line 2700 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Deny(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Deny()); } -#line 5009 "seclang-parser.cc" +#line 4973 "seclang-parser.cc" break; case 358: -#line 2709 "seclang-parser.yy" +#line 2704 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("DeprecateVar", yystack_[1].location); } -#line 5017 "seclang-parser.cc" +#line 4981 "seclang-parser.cc" break; case 359: -#line 2713 "seclang-parser.yy" +#line 2708 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Drop(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Drop()); } -#line 5025 "seclang-parser.cc" +#line 4989 "seclang-parser.cc" break; case 360: -#line 2717 "seclang-parser.yy" +#line 2712 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Exec(yystack_[0].value.as < std::string > ())); } -#line 5033 "seclang-parser.cc" +#line 4997 "seclang-parser.cc" break; case 361: -#line 2721 "seclang-parser.yy" +#line 2716 "seclang-parser.yy" { //ACTION_NOT_SUPPORTED("ExpireVar", @0); ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Action(yystack_[0].value.as < std::string > ())); } -#line 5042 "seclang-parser.cc" +#line 5006 "seclang-parser.cc" break; case 362: -#line 2726 "seclang-parser.yy" +#line 2721 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::RuleId(yystack_[0].value.as < std::string > ())); } -#line 5050 "seclang-parser.cc" +#line 5014 "seclang-parser.cc" break; case 363: -#line 2730 "seclang-parser.yy" +#line 2725 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::InitCol(yystack_[1].value.as < std::string > (), std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5058 "seclang-parser.cc" +#line 5022 "seclang-parser.cc" break; case 364: -#line 2734 "seclang-parser.yy" +#line 2729 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::LogData(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5066 "seclang-parser.cc" +#line 5030 "seclang-parser.cc" break; case 365: -#line 2738 "seclang-parser.yy" +#line 2733 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Log(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Log()); } -#line 5074 "seclang-parser.cc" +#line 5038 "seclang-parser.cc" break; case 366: -#line 2742 "seclang-parser.yy" +#line 2737 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Maturity(yystack_[0].value.as < std::string > ())); } -#line 5082 "seclang-parser.cc" +#line 5046 "seclang-parser.cc" break; case 367: -#line 2746 "seclang-parser.yy" +#line 2741 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Msg(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5090 "seclang-parser.cc" +#line 5054 "seclang-parser.cc" break; case 368: -#line 2750 "seclang-parser.yy" +#line 2745 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::MultiMatch(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::MultiMatch()); } -#line 5098 "seclang-parser.cc" +#line 5062 "seclang-parser.cc" break; case 369: -#line 2754 "seclang-parser.yy" +#line 2749 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::NoAuditLog(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::NoAuditLog()); } -#line 5106 "seclang-parser.cc" +#line 5070 "seclang-parser.cc" break; case 370: -#line 2758 "seclang-parser.yy" +#line 2753 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::NoLog(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::NoLog()); } -#line 5114 "seclang-parser.cc" +#line 5078 "seclang-parser.cc" break; case 371: -#line 2762 "seclang-parser.yy" +#line 2757 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Pass(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Pass()); } -#line 5122 "seclang-parser.cc" +#line 5086 "seclang-parser.cc" break; case 372: -#line 2766 "seclang-parser.yy" +#line 2761 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("Pause", yystack_[1].location); } -#line 5130 "seclang-parser.cc" +#line 5094 "seclang-parser.cc" break; case 373: -#line 2770 "seclang-parser.yy" +#line 2765 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Phase(yystack_[0].value.as < std::string > ())); } -#line 5138 "seclang-parser.cc" +#line 5102 "seclang-parser.cc" break; case 374: -#line 2774 "seclang-parser.yy" +#line 2769 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("Prepend", yystack_[1].location); } -#line 5146 "seclang-parser.cc" +#line 5110 "seclang-parser.cc" break; case 375: -#line 2778 "seclang-parser.yy" +#line 2773 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("Proxy", yystack_[1].location); } -#line 5154 "seclang-parser.cc" +#line 5118 "seclang-parser.cc" break; case 376: -#line 2782 "seclang-parser.yy" +#line 2777 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::disruptive::Redirect(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5162 "seclang-parser.cc" +#line 5126 "seclang-parser.cc" break; case 377: -#line 2786 "seclang-parser.yy" +#line 2781 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Rev(yystack_[0].value.as < std::string > ())); } -#line 5170 "seclang-parser.cc" +#line 5134 "seclang-parser.cc" break; case 378: -#line 2790 "seclang-parser.yy" +#line 2785 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseArg", yystack_[1].location); } -#line 5178 "seclang-parser.cc" +#line 5142 "seclang-parser.cc" break; case 379: -#line 2794 "seclang-parser.yy" +#line 2789 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseMatched", yystack_[1].location); } -#line 5186 "seclang-parser.cc" +#line 5150 "seclang-parser.cc" break; case 380: -#line 2798 "seclang-parser.yy" +#line 2793 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseMatchedBytes", yystack_[1].location); } -#line 5194 "seclang-parser.cc" +#line 5158 "seclang-parser.cc" break; case 381: -#line 2802 "seclang-parser.yy" +#line 2797 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseRequestHeader", yystack_[1].location); } -#line 5202 "seclang-parser.cc" +#line 5166 "seclang-parser.cc" break; case 382: -#line 2806 "seclang-parser.yy" +#line 2801 "seclang-parser.yy" { ACTION_NOT_SUPPORTED("SanitiseResponseHeader", yystack_[1].location); } -#line 5210 "seclang-parser.cc" +#line 5174 "seclang-parser.cc" break; case 383: -#line 2810 "seclang-parser.yy" +#line 2805 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetENV(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5218 "seclang-parser.cc" +#line 5182 "seclang-parser.cc" break; case 384: -#line 2814 "seclang-parser.yy" +#line 2809 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetRSC(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5226 "seclang-parser.cc" +#line 5190 "seclang-parser.cc" break; case 385: -#line 2818 "seclang-parser.yy" +#line 2813 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetSID(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5234 "seclang-parser.cc" +#line 5198 "seclang-parser.cc" break; case 386: -#line 2822 "seclang-parser.yy" +#line 2817 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetUID(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5242 "seclang-parser.cc" +#line 5206 "seclang-parser.cc" break; case 387: -#line 2826 "seclang-parser.yy" +#line 2821 "seclang-parser.yy" { yylhs.value.as < std::unique_ptr > () = std::move(yystack_[0].value.as < std::unique_ptr > ()); } -#line 5250 "seclang-parser.cc" +#line 5214 "seclang-parser.cc" break; case 388: -#line 2830 "seclang-parser.yy" +#line 2825 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Severity(yystack_[0].value.as < std::string > ())); } -#line 5258 "seclang-parser.cc" +#line 5222 "seclang-parser.cc" break; case 389: -#line 2834 "seclang-parser.yy" +#line 2829 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Skip(yystack_[0].value.as < std::string > ())); } -#line 5266 "seclang-parser.cc" +#line 5230 "seclang-parser.cc" break; case 390: -#line 2838 "seclang-parser.yy" +#line 2833 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SkipAfter(yystack_[0].value.as < std::string > ())); } -#line 5274 "seclang-parser.cc" +#line 5238 "seclang-parser.cc" break; case 391: -#line 2842 "seclang-parser.yy" +#line 2837 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::data::Status(yystack_[0].value.as < std::string > ())); } -#line 5282 "seclang-parser.cc" +#line 5246 "seclang-parser.cc" break; case 392: -#line 2846 "seclang-parser.yy" +#line 2841 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Tag(std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5290 "seclang-parser.cc" +#line 5254 "seclang-parser.cc" break; case 393: -#line 2850 "seclang-parser.yy" +#line 2845 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::Ver(yystack_[0].value.as < std::string > ())); } -#line 5298 "seclang-parser.cc" +#line 5262 "seclang-parser.cc" break; case 394: -#line 2854 "seclang-parser.yy" +#line 2849 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::XmlNS(yystack_[0].value.as < std::string > ())); } -#line 5306 "seclang-parser.cc" +#line 5270 "seclang-parser.cc" break; case 395: -#line 2858 "seclang-parser.yy" +#line 2853 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ParityZero7bit(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ParityZero7bit()); } -#line 5314 "seclang-parser.cc" +#line 5278 "seclang-parser.cc" break; case 396: -#line 2862 "seclang-parser.yy" +#line 2857 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ParityOdd7bit(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ParityOdd7bit()); } -#line 5322 "seclang-parser.cc" +#line 5286 "seclang-parser.cc" break; case 397: -#line 2866 "seclang-parser.yy" +#line 2861 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ParityEven7bit(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ParityEven7bit()); } -#line 5330 "seclang-parser.cc" +#line 5294 "seclang-parser.cc" break; case 398: -#line 2870 "seclang-parser.yy" +#line 2865 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::SqlHexDecode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::SqlHexDecode()); } -#line 5338 "seclang-parser.cc" +#line 5302 "seclang-parser.cc" break; case 399: -#line 2874 "seclang-parser.yy" +#line 2869 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Base64Encode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Base64Encode()); } -#line 5346 "seclang-parser.cc" +#line 5310 "seclang-parser.cc" break; case 400: -#line 2878 "seclang-parser.yy" +#line 2873 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Base64Decode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Base64Decode()); } -#line 5354 "seclang-parser.cc" +#line 5318 "seclang-parser.cc" break; case 401: -#line 2882 "seclang-parser.yy" +#line 2877 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Base64DecodeExt(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Base64DecodeExt()); } -#line 5362 "seclang-parser.cc" +#line 5326 "seclang-parser.cc" break; case 402: -#line 2886 "seclang-parser.yy" +#line 2881 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::CmdLine(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::CmdLine()); } -#line 5370 "seclang-parser.cc" +#line 5334 "seclang-parser.cc" break; case 403: -#line 2890 "seclang-parser.yy" +#line 2885 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Sha1(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Sha1()); } -#line 5378 "seclang-parser.cc" +#line 5342 "seclang-parser.cc" break; case 404: -#line 2894 "seclang-parser.yy" +#line 2889 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Md5(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Md5()); } -#line 5386 "seclang-parser.cc" +#line 5350 "seclang-parser.cc" break; case 405: -#line 2898 "seclang-parser.yy" +#line 2893 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::EscapeSeqDecode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::EscapeSeqDecode()); } -#line 5394 "seclang-parser.cc" +#line 5358 "seclang-parser.cc" break; case 406: -#line 2902 "seclang-parser.yy" +#line 2897 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::HexEncode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::HexEncode()); } -#line 5402 "seclang-parser.cc" +#line 5366 "seclang-parser.cc" break; case 407: -#line 2906 "seclang-parser.yy" +#line 2901 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::HexDecode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::HexDecode()); } -#line 5410 "seclang-parser.cc" +#line 5374 "seclang-parser.cc" break; case 408: -#line 2910 "seclang-parser.yy" +#line 2905 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::LowerCase(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::LowerCase()); } -#line 5418 "seclang-parser.cc" +#line 5382 "seclang-parser.cc" break; case 409: -#line 2914 "seclang-parser.yy" +#line 2909 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UpperCase(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UpperCase()); } -#line 5426 "seclang-parser.cc" +#line 5390 "seclang-parser.cc" break; case 410: -#line 2918 "seclang-parser.yy" +#line 2913 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UrlDecodeUni(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UrlDecodeUni()); } -#line 5434 "seclang-parser.cc" +#line 5398 "seclang-parser.cc" break; case 411: -#line 2922 "seclang-parser.yy" +#line 2917 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UrlDecode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UrlDecode()); } -#line 5442 "seclang-parser.cc" +#line 5406 "seclang-parser.cc" break; case 412: -#line 2926 "seclang-parser.yy" +#line 2921 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UrlEncode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::UrlEncode()); } -#line 5450 "seclang-parser.cc" +#line 5414 "seclang-parser.cc" break; case 413: -#line 2930 "seclang-parser.yy" +#line 2925 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::None(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::None()); } -#line 5458 "seclang-parser.cc" +#line 5422 "seclang-parser.cc" break; case 414: -#line 2934 "seclang-parser.yy" +#line 2929 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::CompressWhitespace(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::CompressWhitespace()); } -#line 5466 "seclang-parser.cc" +#line 5430 "seclang-parser.cc" break; case 415: -#line 2938 "seclang-parser.yy" +#line 2933 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveWhitespace(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveWhitespace()); } -#line 5474 "seclang-parser.cc" +#line 5438 "seclang-parser.cc" break; case 416: -#line 2942 "seclang-parser.yy" +#line 2937 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ReplaceNulls(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ReplaceNulls()); } -#line 5482 "seclang-parser.cc" +#line 5446 "seclang-parser.cc" break; case 417: -#line 2946 "seclang-parser.yy" +#line 2941 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveNulls(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveNulls()); } -#line 5490 "seclang-parser.cc" +#line 5454 "seclang-parser.cc" break; case 418: -#line 2950 "seclang-parser.yy" +#line 2945 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::HtmlEntityDecode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::HtmlEntityDecode()); } -#line 5498 "seclang-parser.cc" +#line 5462 "seclang-parser.cc" break; case 419: -#line 2954 "seclang-parser.yy" +#line 2949 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::JsDecode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::JsDecode()); } -#line 5506 "seclang-parser.cc" +#line 5470 "seclang-parser.cc" break; case 420: -#line 2958 "seclang-parser.yy" +#line 2953 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::CssDecode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::CssDecode()); } -#line 5514 "seclang-parser.cc" +#line 5478 "seclang-parser.cc" break; case 421: -#line 2962 "seclang-parser.yy" +#line 2957 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Trim(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Trim()); } -#line 5522 "seclang-parser.cc" +#line 5486 "seclang-parser.cc" break; case 422: -#line 2966 "seclang-parser.yy" +#line 2961 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::TrimLeft(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::TrimLeft()); } -#line 5530 "seclang-parser.cc" +#line 5494 "seclang-parser.cc" break; case 423: -#line 2970 "seclang-parser.yy" +#line 2965 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::TrimRight(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::TrimRight()); } -#line 5538 "seclang-parser.cc" +#line 5502 "seclang-parser.cc" break; case 424: -#line 2974 "seclang-parser.yy" +#line 2969 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::NormalisePathWin(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::NormalisePathWin()); } -#line 5546 "seclang-parser.cc" +#line 5510 "seclang-parser.cc" break; case 425: -#line 2978 "seclang-parser.yy" +#line 2973 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::NormalisePath(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::NormalisePath()); } -#line 5554 "seclang-parser.cc" +#line 5518 "seclang-parser.cc" break; case 426: -#line 2982 "seclang-parser.yy" +#line 2977 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Length(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Length()); } -#line 5562 "seclang-parser.cc" +#line 5526 "seclang-parser.cc" break; case 427: -#line 2986 "seclang-parser.yy" +#line 2981 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Utf8ToUnicode(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::Utf8ToUnicode()); } -#line 5570 "seclang-parser.cc" +#line 5534 "seclang-parser.cc" break; case 428: -#line 2990 "seclang-parser.yy" +#line 2985 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveCommentsChar(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveCommentsChar()); } -#line 5578 "seclang-parser.cc" +#line 5542 "seclang-parser.cc" break; case 429: -#line 2994 "seclang-parser.yy" +#line 2989 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveComments(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::RemoveComments()); } -#line 5586 "seclang-parser.cc" +#line 5550 "seclang-parser.cc" break; case 430: -#line 2998 "seclang-parser.yy" +#line 2993 "seclang-parser.yy" { - ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ReplaceComments(yystack_[0].value.as < std::string > ())); + ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::transformations::ReplaceComments()); } -#line 5594 "seclang-parser.cc" +#line 5558 "seclang-parser.cc" break; case 431: -#line 3005 "seclang-parser.yy" +#line 3000 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::unsetOperation, std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5602 "seclang-parser.cc" +#line 5566 "seclang-parser.cc" break; case 432: -#line 3009 "seclang-parser.yy" +#line 3004 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::setToOneOperation, std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5610 "seclang-parser.cc" +#line 5574 "seclang-parser.cc" break; case 433: -#line 3013 "seclang-parser.yy" +#line 3008 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::setOperation, std::move(yystack_[2].value.as < std::unique_ptr > ()), std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5618 "seclang-parser.cc" +#line 5582 "seclang-parser.cc" break; case 434: -#line 3017 "seclang-parser.yy" +#line 3012 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::sumAndSetOperation, std::move(yystack_[2].value.as < std::unique_ptr > ()), std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5626 "seclang-parser.cc" +#line 5590 "seclang-parser.cc" break; case 435: -#line 3021 "seclang-parser.yy" +#line 3016 "seclang-parser.yy" { ACTION_CONTAINER(yylhs.value.as < std::unique_ptr > (), new actions::SetVar(actions::SetVarOperation::substractAndSetOperation, std::move(yystack_[2].value.as < std::unique_ptr > ()), std::move(yystack_[0].value.as < std::unique_ptr > ()))); } -#line 5634 "seclang-parser.cc" +#line 5598 "seclang-parser.cc" break; case 436: -#line 3028 "seclang-parser.yy" +#line 3023 "seclang-parser.yy" { yystack_[1].value.as < std::unique_ptr > ()->appendText(yystack_[0].value.as < std::string > ()); yylhs.value.as < std::unique_ptr > () = std::move(yystack_[1].value.as < std::unique_ptr > ()); } -#line 5643 "seclang-parser.cc" +#line 5607 "seclang-parser.cc" break; case 437: -#line 3033 "seclang-parser.yy" +#line 3028 "seclang-parser.yy" { yystack_[1].value.as < std::unique_ptr > ()->appendVar(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > () = std::move(yystack_[1].value.as < std::unique_ptr > ()); } -#line 5652 "seclang-parser.cc" +#line 5616 "seclang-parser.cc" break; case 438: -#line 3038 "seclang-parser.yy" +#line 3033 "seclang-parser.yy" { std::unique_ptr r(new RunTimeString()); r->appendText(yystack_[0].value.as < std::string > ()); yylhs.value.as < std::unique_ptr > () = std::move(r); } -#line 5662 "seclang-parser.cc" +#line 5626 "seclang-parser.cc" break; case 439: -#line 3044 "seclang-parser.yy" +#line 3039 "seclang-parser.yy" { std::unique_ptr r(new RunTimeString()); r->appendVar(std::move(yystack_[0].value.as < std::unique_ptr > ())); yylhs.value.as < std::unique_ptr > () = std::move(r); } -#line 5672 "seclang-parser.cc" +#line 5636 "seclang-parser.cc" break; -#line 5676 "seclang-parser.cc" +#line 5640 "seclang-parser.cc" default: break; @@ -5689,7 +5653,6 @@ namespace yy { YY_SYMBOL_PRINT ("-> $$ =", yylhs); yypop_ (yylen); yylen = 0; - YY_STACK_PRINT (); // Shift the result of the reduction. yypush_ (YY_NULLPTR, YY_MOVE (yylhs)); @@ -5705,7 +5668,9 @@ namespace yy { if (!yyerrstatus_) { ++yynerrs_; - error (yyla.location, yysyntax_error_ (yystack_[0].state, yyla)); + context yyctx (*this, yyla); + std::string msg = yysyntax_error_ (yyctx); + error (yyla.location, YY_MOVE (msg)); } @@ -5716,7 +5681,7 @@ namespace yy { error, discard it. */ // Return failure if at end of input. - if (yyla.type_get () == yyeof_) + if (yyla.kind () == symbol_kind::S_YYEOF) YYABORT; else if (!yyla.empty ()) { @@ -5742,6 +5707,7 @@ namespace yy { this YYERROR. */ yypop_ (yylen); yylen = 0; + YY_STACK_PRINT (); goto yyerrlab1; @@ -5750,31 +5716,33 @@ namespace yy { `-------------------------------------------------------------*/ yyerrlab1: yyerrstatus_ = 3; // Each real token shifted decrements this. + // Pop stack until we find a state that shifts the error token. + for (;;) + { + yyn = yypact_[+yystack_[0].state]; + if (!yy_pact_value_is_default_ (yyn)) + { + yyn += symbol_kind::S_YYerror; + if (0 <= yyn && yyn <= yylast_ + && yycheck_[yyn] == symbol_kind::S_YYerror) + { + yyn = yytable_[yyn]; + if (0 < yyn) + break; + } + } + + // Pop the current state because it cannot handle the error token. + if (yystack_.size () == 1) + YYABORT; + + yyerror_range[1].location = yystack_[0].location; + yy_destroy_ ("Error: popping", yystack_[0]); + yypop_ (); + YY_STACK_PRINT (); + } { stack_symbol_type error_token; - for (;;) - { - yyn = yypact_[+yystack_[0].state]; - if (!yy_pact_value_is_default_ (yyn)) - { - yyn += yy_error_token_; - if (0 <= yyn && yyn <= yylast_ && yycheck_[yyn] == yy_error_token_) - { - yyn = yytable_[yyn]; - if (0 < yyn) - break; - } - } - - // Pop the current state because it cannot handle the error token. - if (yystack_.size () == 1) - YYABORT; - - yyerror_range[1].location = yystack_[0].location; - yy_destroy_ ("Error: popping", yystack_[0]); - yypop_ (); - YY_STACK_PRINT (); - } yyerror_range[2].location = yyla.location; YYLLOC_DEFAULT (error_token.location, yyerror_range, 2); @@ -5812,6 +5780,7 @@ namespace yy { /* Do not reclaim the symbols of the rule whose action triggered this YYABORT or YYACCEPT. */ yypop_ (yylen); + YY_STACK_PRINT (); while (1 < yystack_.size ()) { yy_destroy_ ("Cleanup: popping", yystack_[0]); @@ -5845,18 +5814,100 @@ namespace yy { error (yyexc.location, yyexc.what ()); } - // Generate an error message. + /* Return YYSTR after stripping away unnecessary quotes and + backslashes, so that it's suitable for yyerror. The heuristic is + that double-quoting is unnecessary unless the string contains an + apostrophe, a comma, or backslash (other than backslash-backslash). + YYSTR is taken from yytname. */ std::string - seclang_parser::yysyntax_error_ (state_type yystate, const symbol_type& yyla) const + seclang_parser::yytnamerr_ (const char *yystr) { - // Number of reported tokens (one for the "unexpected", one per - // "expected"). - std::ptrdiff_t yycount = 0; - // Its maximum. - enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; - // Arguments of yyformat. - char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; + if (*yystr == '"') + { + std::string yyr; + char const *yyp = yystr; + for (;;) + switch (*++yyp) + { + case '\'': + case ',': + goto do_not_strip_quotes; + + case '\\': + if (*++yyp != '\\') + goto do_not_strip_quotes; + else + goto append; + + append: + default: + yyr += *yyp; + break; + + case '"': + return yyr; + } + do_not_strip_quotes: ; + } + + return yystr; + } + + std::string + seclang_parser::symbol_name (symbol_kind_type yysymbol) + { + return yytnamerr_ (yytname_[yysymbol]); + } + + + + // seclang_parser::context. + seclang_parser::context::context (const seclang_parser& yyparser, const symbol_type& yyla) + : yyparser_ (yyparser) + , yyla_ (yyla) + {} + + int + seclang_parser::context::expected_tokens (symbol_kind_type yyarg[], int yyargn) const + { + // Actual number of expected tokens + int yycount = 0; + + int yyn = yypact_[+yyparser_.yystack_[0].state]; + if (!yy_pact_value_is_default_ (yyn)) + { + /* Start YYX at -YYN if negative to avoid negative indexes in + YYCHECK. In other words, skip the first -YYN actions for + this state because they are default actions. */ + int yyxbegin = yyn < 0 ? -yyn : 0; + // Stay within bounds of both yycheck and yytname. + int yychecklim = yylast_ - yyn + 1; + int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; + for (int yyx = yyxbegin; yyx < yyxend; ++yyx) + if (yycheck_[yyx + yyn] == yyx && yyx != symbol_kind::S_YYerror + && !yy_table_value_is_error_ (yytable_[yyx + yyn])) + { + if (!yyarg) + ++yycount; + else if (yycount == yyargn) + return 0; + else + yyarg[yycount++] = YY_CAST (symbol_kind_type, yyx); + } + } + + if (yyarg && yycount == 0 && 0 < yyargn) + yyarg[0] = symbol_kind::S_YYEMPTY; + return yycount; + } + + + + int + seclang_parser::yy_syntax_error_arguments_ (const context& yyctx, + symbol_kind_type yyarg[], int yyargn) const + { /* There are many possibilities here to consider: - If this state is a consistent state with a default action, then the only way this function was invoked is if the default action @@ -5881,35 +5932,26 @@ namespace yy { one exception: it will still contain any token that will not be accepted due to an error action in a later state. */ - if (!yyla.empty ()) - { - symbol_number_type yytoken = yyla.type_get (); - yyarg[yycount++] = yytname_[yytoken]; - int yyn = yypact_[+yystate]; - if (!yy_pact_value_is_default_ (yyn)) - { - /* Start YYX at -YYN if negative to avoid negative indexes in - YYCHECK. In other words, skip the first -YYN actions for - this state because they are default actions. */ - int yyxbegin = yyn < 0 ? -yyn : 0; - // Stay within bounds of both yycheck and yytname. - int yychecklim = yylast_ - yyn + 1; - int yyxend = yychecklim < yyntokens_ ? yychecklim : yyntokens_; - for (int yyx = yyxbegin; yyx < yyxend; ++yyx) - if (yycheck_[yyx + yyn] == yyx && yyx != yy_error_token_ - && !yy_table_value_is_error_ (yytable_[yyx + yyn])) - { - if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) - { - yycount = 1; - break; - } - else - yyarg[yycount++] = yytname_[yyx]; - } - } + if (!yyctx.lookahead ().empty ()) + { + if (yyarg) + yyarg[0] = yyctx.token (); + int yyn = yyctx.expected_tokens (yyarg ? yyarg + 1 : yyarg, yyargn - 1); + return yyn + 1; } + return 0; + } + + // Generate an error message. + std::string + seclang_parser::yysyntax_error_ (const context& yyctx) const + { + // Its maximum. + enum { YYARGS_MAX = 5 }; + // Arguments of yyformat. + symbol_kind_type yyarg[YYARGS_MAX]; + int yycount = yy_syntax_error_arguments_ (yyctx, yyarg, YYARGS_MAX); char const* yyformat = YY_NULLPTR; switch (yycount) @@ -5934,7 +5976,7 @@ namespace yy { for (char const* yyp = yyformat; *yyp; ++yyp) if (yyp[0] == '%' && yyp[1] == 's' && yyi < yycount) { - yyres += yytnamerr_ (yyarg[yyi++]); + yyres += symbol_name (yyarg[yyi++]); ++yyp; } else @@ -6898,13 +6940,13 @@ namespace yy { }; - +#if YYDEBUG || 1 // YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. - // First, the terminals, then, starting at \a yyntokens_, nonterminals. + // First, the terminals, then, starting at \a YYNTOKENS, nonterminals. const char* const seclang_parser::yytname_[] = { - "\"end of file\"", "error", "$undefined", "\",\"", + "\"end of file\"", "error", "\"invalid token\"", "\",\"", "\"CONFIG_CONTENT_INJECTION\"", "\"CONGIG_DIR_RESPONSE_BODY_MP_CLEAR\"", "PIPE", "NEW_LINE", "VAR_COUNT", "VAR_EXCLUSION", "VARIABLE_ARGS", "VARIABLE_ARGS_POST", "VARIABLE_ARGS_GET", "VARIABLE_FILES_SIZES", @@ -7077,6 +7119,8 @@ namespace yy { "variables_may_be_quoted", "var", "act", "setvar_action", "run_time_string", YY_NULLPTR }; +#endif + #if YYDEBUG const short @@ -7089,48 +7133,47 @@ namespace yy { 923, 927, 931, 935, 939, 943, 947, 952, 956, 960, 964, 968, 972, 977, 982, 986, 990, 994, 998, 1002, 1006, 1010, 1014, 1018, 1022, 1026, 1030, 1034, 1038, 1042, - 1046, 1050, 1054, 1068, 1069, 1101, 1120, 1141, 1171, 1233, - 1240, 1244, 1248, 1252, 1256, 1260, 1264, 1268, 1277, 1281, - 1286, 1289, 1294, 1299, 1304, 1309, 1312, 1317, 1320, 1325, - 1330, 1333, 1338, 1343, 1348, 1353, 1358, 1363, 1368, 1371, - 1376, 1381, 1386, 1391, 1394, 1399, 1404, 1409, 1422, 1435, - 1448, 1461, 1474, 1500, 1528, 1540, 1560, 1587, 1593, 1598, - 1603, 1612, 1617, 1621, 1625, 1629, 1633, 1637, 1641, 1646, - 1651, 1663, 1669, 1673, 1677, 1688, 1697, 1698, 1705, 1710, - 1715, 1769, 1776, 1784, 1821, 1825, 1832, 1837, 1843, 1849, - 1855, 1862, 1872, 1876, 1880, 1884, 1888, 1892, 1896, 1900, - 1904, 1908, 1912, 1916, 1920, 1924, 1928, 1932, 1936, 1940, - 1944, 1948, 1952, 1956, 1960, 1964, 1968, 1972, 1976, 1980, - 1984, 1988, 1992, 1996, 2000, 2004, 2008, 2012, 2016, 2020, - 2024, 2028, 2032, 2036, 2040, 2044, 2048, 2052, 2056, 2060, - 2064, 2068, 2072, 2076, 2080, 2084, 2088, 2092, 2096, 2100, - 2104, 2108, 2112, 2116, 2120, 2124, 2128, 2132, 2136, 2140, - 2144, 2148, 2152, 2156, 2160, 2164, 2168, 2172, 2176, 2180, - 2184, 2188, 2192, 2196, 2200, 2204, 2208, 2212, 2216, 2220, - 2224, 2228, 2233, 2237, 2241, 2246, 2250, 2254, 2259, 2264, - 2268, 2272, 2276, 2280, 2284, 2288, 2292, 2296, 2300, 2304, - 2308, 2312, 2316, 2320, 2324, 2328, 2332, 2336, 2340, 2344, - 2348, 2352, 2356, 2360, 2364, 2368, 2372, 2376, 2380, 2384, - 2388, 2392, 2396, 2400, 2404, 2408, 2412, 2416, 2420, 2424, - 2428, 2432, 2436, 2440, 2444, 2448, 2452, 2456, 2460, 2464, - 2468, 2472, 2476, 2480, 2484, 2488, 2492, 2496, 2500, 2504, - 2512, 2519, 2526, 2533, 2540, 2547, 2554, 2561, 2568, 2575, - 2582, 2589, 2599, 2603, 2607, 2611, 2615, 2619, 2623, 2627, - 2632, 2637, 2642, 2646, 2650, 2654, 2658, 2663, 2668, 2672, - 2676, 2680, 2684, 2688, 2692, 2696, 2700, 2704, 2708, 2712, - 2716, 2720, 2725, 2729, 2733, 2737, 2741, 2745, 2749, 2753, - 2757, 2761, 2765, 2769, 2773, 2777, 2781, 2785, 2789, 2793, - 2797, 2801, 2805, 2809, 2813, 2817, 2821, 2825, 2829, 2833, - 2837, 2841, 2845, 2849, 2853, 2857, 2861, 2865, 2869, 2873, - 2877, 2881, 2885, 2889, 2893, 2897, 2901, 2905, 2909, 2913, - 2917, 2921, 2925, 2929, 2933, 2937, 2941, 2945, 2949, 2953, - 2957, 2961, 2965, 2969, 2973, 2977, 2981, 2985, 2989, 2993, - 2997, 3004, 3008, 3012, 3016, 3020, 3027, 3032, 3037, 3043 + 1046, 1050, 1054, 1068, 1069, 1101, 1120, 1141, 1171, 1228, + 1235, 1239, 1243, 1247, 1251, 1255, 1259, 1263, 1272, 1276, + 1281, 1284, 1289, 1294, 1299, 1304, 1307, 1312, 1315, 1320, + 1325, 1328, 1333, 1338, 1343, 1348, 1353, 1358, 1363, 1366, + 1371, 1376, 1381, 1386, 1389, 1394, 1399, 1404, 1417, 1430, + 1443, 1456, 1469, 1495, 1523, 1535, 1555, 1582, 1588, 1593, + 1598, 1607, 1612, 1616, 1620, 1624, 1628, 1632, 1636, 1641, + 1646, 1658, 1664, 1668, 1672, 1683, 1692, 1693, 1700, 1705, + 1710, 1764, 1771, 1779, 1816, 1820, 1827, 1832, 1838, 1844, + 1850, 1857, 1867, 1871, 1875, 1879, 1883, 1887, 1891, 1895, + 1899, 1903, 1907, 1911, 1915, 1919, 1923, 1927, 1931, 1935, + 1939, 1943, 1947, 1951, 1955, 1959, 1963, 1967, 1971, 1975, + 1979, 1983, 1987, 1991, 1995, 1999, 2003, 2007, 2011, 2015, + 2019, 2023, 2027, 2031, 2035, 2039, 2043, 2047, 2051, 2055, + 2059, 2063, 2067, 2071, 2075, 2079, 2083, 2087, 2091, 2095, + 2099, 2103, 2107, 2111, 2115, 2119, 2123, 2127, 2131, 2135, + 2139, 2143, 2147, 2151, 2155, 2159, 2163, 2167, 2171, 2175, + 2179, 2183, 2187, 2191, 2195, 2199, 2203, 2207, 2211, 2215, + 2219, 2223, 2228, 2232, 2236, 2241, 2245, 2249, 2254, 2259, + 2263, 2267, 2271, 2275, 2279, 2283, 2287, 2291, 2295, 2299, + 2303, 2307, 2311, 2315, 2319, 2323, 2327, 2331, 2335, 2339, + 2343, 2347, 2351, 2355, 2359, 2363, 2367, 2371, 2375, 2379, + 2383, 2387, 2391, 2395, 2399, 2403, 2407, 2411, 2415, 2419, + 2423, 2427, 2431, 2435, 2439, 2443, 2447, 2451, 2455, 2459, + 2463, 2467, 2471, 2475, 2479, 2483, 2487, 2491, 2495, 2499, + 2507, 2514, 2521, 2528, 2535, 2542, 2549, 2556, 2563, 2570, + 2577, 2584, 2594, 2598, 2602, 2606, 2610, 2614, 2618, 2622, + 2627, 2632, 2637, 2641, 2645, 2649, 2653, 2658, 2663, 2667, + 2671, 2675, 2679, 2683, 2687, 2691, 2695, 2699, 2703, 2707, + 2711, 2715, 2720, 2724, 2728, 2732, 2736, 2740, 2744, 2748, + 2752, 2756, 2760, 2764, 2768, 2772, 2776, 2780, 2784, 2788, + 2792, 2796, 2800, 2804, 2808, 2812, 2816, 2820, 2824, 2828, + 2832, 2836, 2840, 2844, 2848, 2852, 2856, 2860, 2864, 2868, + 2872, 2876, 2880, 2884, 2888, 2892, 2896, 2900, 2904, 2908, + 2912, 2916, 2920, 2924, 2928, 2932, 2936, 2940, 2944, 2948, + 2952, 2956, 2960, 2964, 2968, 2972, 2976, 2980, 2984, 2988, + 2992, 2999, 3003, 3007, 3011, 3015, 3022, 3027, 3032, 3038 }; - // Print the state stack on the debug stream. void - seclang_parser::yystack_print_ () + seclang_parser::yy_stack_print_ () const { *yycdebug_ << "Stack now"; for (stack_type::const_iterator @@ -7141,9 +7184,8 @@ namespace yy { *yycdebug_ << '\n'; } - // Report on the debug stream that the rule \a yyrule is going to be reduced. void - seclang_parser::yy_reduce_print_ (int yyrule) + seclang_parser::yy_reduce_print_ (int yyrule) const { int yylno = yyrline_[yyrule]; int yynrhs = yyr2_[yyrule]; @@ -7159,9 +7201,9 @@ namespace yy { } // yy -#line 7163 "seclang-parser.cc" +#line 7205 "seclang-parser.cc" -#line 3050 "seclang-parser.yy" +#line 3045 "seclang-parser.yy" void yy::seclang_parser::error (const location_type& l, const std::string& m) { diff --git a/src/parser/seclang-parser.hh b/src/parser/seclang-parser.hh index 87e16f9e..86468e58 100644 --- a/src/parser/seclang-parser.hh +++ b/src/parser/seclang-parser.hh @@ -1,4 +1,4 @@ -// A Bison parser, made by GNU Bison 3.5.4. +// A Bison parser, made by GNU Bison 3.6.2. // Skeleton interface for Bison LALR(1) parsers in C++ @@ -38,8 +38,9 @@ // C++ LALR(1) parser skeleton written by Akim Demaille. -// Undocumented macros, especially those whose name start with YY_, -// are private implementation details. Do not rely on them. +// DO NOT RELY ON FEATURES THAT ARE NOT DOCUMENTED in the manual, +// especially those whose name start with YY_ or yy_. They are +// private implementation details that can be changed or removed. #ifndef YY_YY_SECLANG_PARSER_HH_INCLUDED # define YY_YY_SECLANG_PARSER_HH_INCLUDED @@ -350,7 +351,7 @@ using namespace modsecurity::operators; a = std::move(c); -#line 354 "seclang-parser.hh" +#line 355 "seclang-parser.hh" # include # include // std::abort @@ -484,7 +485,7 @@ using namespace modsecurity::operators; #endif namespace yy { -#line 488 "seclang-parser.hh" +#line 489 "seclang-parser.hh" @@ -520,6 +521,13 @@ namespace yy { new (yyas_ ()) T (YY_MOVE (t)); } +#if 201103L <= YY_CPLUSPLUS + /// Non copyable. + semantic_type (const self_type&) = delete; + /// Non copyable. + self_type& operator= (const self_type&) = delete; +#endif + /// Destruction, allowed only if empty. ~semantic_type () YY_NOEXCEPT { @@ -663,9 +671,12 @@ namespace yy { } private: - /// Prohibit blind copies. - self_type& operator= (const self_type&); +#if YY_CPLUSPLUS < 201103L + /// Non copyable. semantic_type (const self_type&); + /// Non copyable. + self_type& operator= (const self_type&); +#endif /// Accessor to raw memory as \a T. template @@ -951,370 +962,743 @@ namespace yy { location_type location; }; - /// Tokens. + /// Token kinds. struct token { - enum yytokentype + enum token_kind_type { - TOK_END = 0, - TOK_COMMA = 258, - TOK_CONFIG_CONTENT_INJECTION = 259, - TOK_CONGIG_DIR_RESPONSE_BODY_MP_CLEAR = 260, - TOK_PIPE = 261, - TOK_NEW_LINE = 262, - TOK_VAR_COUNT = 263, - TOK_VAR_EXCLUSION = 264, - TOK_VARIABLE_ARGS = 265, - TOK_VARIABLE_ARGS_POST = 266, - TOK_VARIABLE_ARGS_GET = 267, - TOK_VARIABLE_FILES_SIZES = 268, - TOK_VARIABLE_FILES_NAMES = 269, - TOK_VARIABLE_FILES_TMP_CONTENT = 270, - TOK_VARIABLE_MULTIPART_FILENAME = 271, - TOK_VARIABLE_MULTIPART_NAME = 272, - TOK_VARIABLE_MATCHED_VARS_NAMES = 273, - TOK_VARIABLE_MATCHED_VARS = 274, - TOK_VARIABLE_FILES = 275, - TOK_VARIABLE_REQUEST_COOKIES = 276, - TOK_VARIABLE_REQUEST_HEADERS = 277, - TOK_VARIABLE_RESPONSE_HEADERS = 278, - TOK_VARIABLE_GEO = 279, - TOK_VARIABLE_REQUEST_COOKIES_NAMES = 280, - TOK_VARIABLE_ARGS_COMBINED_SIZE = 281, - TOK_VARIABLE_ARGS_GET_NAMES = 282, - TOK_VARIABLE_RULE = 283, - TOK_VARIABLE_ARGS_NAMES = 284, - TOK_VARIABLE_ARGS_POST_NAMES = 285, - TOK_VARIABLE_AUTH_TYPE = 286, - TOK_VARIABLE_FILES_COMBINED_SIZE = 287, - TOK_VARIABLE_FILES_TMP_NAMES = 288, - TOK_VARIABLE_FULL_REQUEST = 289, - TOK_VARIABLE_FULL_REQUEST_LENGTH = 290, - TOK_VARIABLE_INBOUND_DATA_ERROR = 291, - TOK_VARIABLE_MATCHED_VAR = 292, - TOK_VARIABLE_MATCHED_VAR_NAME = 293, - TOK_VARIABLE_MULTIPART_BOUNDARY_QUOTED = 294, - TOK_VARIABLE_MULTIPART_BOUNDARY_WHITESPACE = 295, - TOK_VARIABLE_MULTIPART_CRLF_LF_LINES = 296, - TOK_VARIABLE_MULTIPART_DATA_AFTER = 297, - TOK_VARIABLE_MULTIPART_DATA_BEFORE = 298, - TOK_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED = 299, - TOK_VARIABLE_MULTIPART_HEADER_FOLDING = 300, - TOK_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING = 301, - TOK_VARIABLE_MULTIPART_INVALID_PART = 302, - TOK_VARIABLE_MULTIPART_INVALID_QUOTING = 303, - TOK_VARIABLE_MULTIPART_LF_LINE = 304, - TOK_VARIABLE_MULTIPART_MISSING_SEMICOLON = 305, - TOK_VARIABLE_MULTIPART_SEMICOLON_MISSING = 306, - TOK_VARIABLE_MULTIPART_STRICT_ERROR = 307, - TOK_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY = 308, - TOK_VARIABLE_OUTBOUND_DATA_ERROR = 309, - TOK_VARIABLE_PATH_INFO = 310, - TOK_VARIABLE_QUERY_STRING = 311, - TOK_VARIABLE_REMOTE_ADDR = 312, - TOK_VARIABLE_REMOTE_HOST = 313, - TOK_VARIABLE_REMOTE_PORT = 314, - TOK_VARIABLE_REQBODY_ERROR_MSG = 315, - TOK_VARIABLE_REQBODY_ERROR = 316, - TOK_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG = 317, - TOK_VARIABLE_REQBODY_PROCESSOR_ERROR = 318, - TOK_VARIABLE_REQBODY_PROCESSOR = 319, - TOK_VARIABLE_REQUEST_BASENAME = 320, - TOK_VARIABLE_REQUEST_BODY_LENGTH = 321, - TOK_VARIABLE_REQUEST_BODY = 322, - TOK_VARIABLE_REQUEST_FILE_NAME = 323, - TOK_VARIABLE_REQUEST_HEADERS_NAMES = 324, - TOK_VARIABLE_REQUEST_LINE = 325, - TOK_VARIABLE_REQUEST_METHOD = 326, - TOK_VARIABLE_REQUEST_PROTOCOL = 327, - TOK_VARIABLE_REQUEST_URI_RAW = 328, - TOK_VARIABLE_REQUEST_URI = 329, - TOK_VARIABLE_RESOURCE = 330, - TOK_VARIABLE_RESPONSE_BODY = 331, - TOK_VARIABLE_RESPONSE_CONTENT_LENGTH = 332, - TOK_VARIABLE_RESPONSE_CONTENT_TYPE = 333, - TOK_VARIABLE_RESPONSE_HEADERS_NAMES = 334, - TOK_VARIABLE_RESPONSE_PROTOCOL = 335, - TOK_VARIABLE_RESPONSE_STATUS = 336, - TOK_VARIABLE_SERVER_ADDR = 337, - TOK_VARIABLE_SERVER_NAME = 338, - TOK_VARIABLE_SERVER_PORT = 339, - TOK_VARIABLE_SESSION_ID = 340, - TOK_VARIABLE_UNIQUE_ID = 341, - TOK_VARIABLE_URL_ENCODED_ERROR = 342, - TOK_VARIABLE_USER_ID = 343, - TOK_VARIABLE_WEB_APP_ID = 344, - TOK_VARIABLE_STATUS = 345, - TOK_VARIABLE_STATUS_LINE = 346, - TOK_VARIABLE_IP = 347, - TOK_VARIABLE_GLOBAL = 348, - TOK_VARIABLE_TX = 349, - TOK_VARIABLE_SESSION = 350, - TOK_VARIABLE_USER = 351, - TOK_RUN_TIME_VAR_ENV = 352, - TOK_RUN_TIME_VAR_XML = 353, - TOK_ACTION_SETVAR = 354, - TOK_SETVAR_OPERATION_EQUALS = 355, - TOK_SETVAR_OPERATION_EQUALS_PLUS = 356, - TOK_SETVAR_OPERATION_EQUALS_MINUS = 357, - TOK_NOT = 358, - TOK_OPERATOR_BEGINS_WITH = 359, - TOK_OPERATOR_CONTAINS = 360, - TOK_OPERATOR_CONTAINS_WORD = 361, - TOK_OPERATOR_DETECT_SQLI = 362, - TOK_OPERATOR_DETECT_XSS = 363, - TOK_OPERATOR_ENDS_WITH = 364, - TOK_OPERATOR_EQ = 365, - TOK_OPERATOR_FUZZY_HASH = 366, - TOK_OPERATOR_GEOLOOKUP = 367, - TOK_OPERATOR_GE = 368, - TOK_OPERATOR_GSB_LOOKUP = 369, - TOK_OPERATOR_GT = 370, - TOK_OPERATOR_INSPECT_FILE = 371, - TOK_OPERATOR_IP_MATCH_FROM_FILE = 372, - TOK_OPERATOR_IP_MATCH = 373, - TOK_OPERATOR_LE = 374, - TOK_OPERATOR_LT = 375, - TOK_OPERATOR_PM_FROM_FILE = 376, - TOK_OPERATOR_PM = 377, - TOK_OPERATOR_RBL = 378, - TOK_OPERATOR_RSUB = 379, - TOK_OPERATOR_RX_CONTENT_ONLY = 380, - TOK_OPERATOR_RX = 381, - TOK_OPERATOR_STR_EQ = 382, - TOK_OPERATOR_STR_MATCH = 383, - TOK_OPERATOR_UNCONDITIONAL_MATCH = 384, - TOK_OPERATOR_VALIDATE_BYTE_RANGE = 385, - TOK_OPERATOR_VALIDATE_DTD = 386, - TOK_OPERATOR_VALIDATE_HASH = 387, - TOK_OPERATOR_VALIDATE_SCHEMA = 388, - TOK_OPERATOR_VALIDATE_URL_ENCODING = 389, - TOK_OPERATOR_VALIDATE_UTF8_ENCODING = 390, - TOK_OPERATOR_VERIFY_CC = 391, - TOK_OPERATOR_VERIFY_CPF = 392, - TOK_OPERATOR_VERIFY_SSN = 393, - TOK_OPERATOR_VERIFY_SVNR = 394, - TOK_OPERATOR_WITHIN = 395, - TOK_CONFIG_DIR_AUDIT_LOG_FMT = 396, - TOK_JSON = 397, - TOK_NATIVE = 398, - TOK_ACTION_CTL_RULE_ENGINE = 399, - TOK_ACTION_ACCURACY = 400, - TOK_ACTION_ALLOW = 401, - TOK_ACTION_APPEND = 402, - TOK_ACTION_AUDIT_LOG = 403, - TOK_ACTION_BLOCK = 404, - TOK_ACTION_CAPTURE = 405, - TOK_ACTION_CHAIN = 406, - TOK_ACTION_CTL_AUDIT_ENGINE = 407, - TOK_ACTION_CTL_AUDIT_LOG_PARTS = 408, - TOK_ACTION_CTL_BDY_JSON = 409, - TOK_ACTION_CTL_BDY_XML = 410, - TOK_ACTION_CTL_BDY_URLENCODED = 411, - TOK_ACTION_CTL_FORCE_REQ_BODY_VAR = 412, - TOK_ACTION_CTL_REQUEST_BODY_ACCESS = 413, - TOK_ACTION_CTL_RULE_REMOVE_BY_ID = 414, - TOK_ACTION_CTL_RULE_REMOVE_BY_TAG = 415, - TOK_ACTION_CTL_RULE_REMOVE_TARGET_BY_ID = 416, - TOK_ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG = 417, - TOK_ACTION_DENY = 418, - TOK_ACTION_DEPRECATE_VAR = 419, - TOK_ACTION_DROP = 420, - TOK_ACTION_EXEC = 421, - TOK_ACTION_EXPIRE_VAR = 422, - TOK_ACTION_ID = 423, - TOK_ACTION_INITCOL = 424, - TOK_ACTION_LOG = 425, - TOK_ACTION_LOG_DATA = 426, - TOK_ACTION_MATURITY = 427, - TOK_ACTION_MSG = 428, - TOK_ACTION_MULTI_MATCH = 429, - TOK_ACTION_NO_AUDIT_LOG = 430, - TOK_ACTION_NO_LOG = 431, - TOK_ACTION_PASS = 432, - TOK_ACTION_PAUSE = 433, - TOK_ACTION_PHASE = 434, - TOK_ACTION_PREPEND = 435, - TOK_ACTION_PROXY = 436, - TOK_ACTION_REDIRECT = 437, - TOK_ACTION_REV = 438, - TOK_ACTION_SANITISE_ARG = 439, - TOK_ACTION_SANITISE_MATCHED = 440, - TOK_ACTION_SANITISE_MATCHED_BYTES = 441, - TOK_ACTION_SANITISE_REQUEST_HEADER = 442, - TOK_ACTION_SANITISE_RESPONSE_HEADER = 443, - TOK_ACTION_SETENV = 444, - TOK_ACTION_SETRSC = 445, - TOK_ACTION_SETSID = 446, - TOK_ACTION_SETUID = 447, - TOK_ACTION_SEVERITY = 448, - TOK_ACTION_SKIP = 449, - TOK_ACTION_SKIP_AFTER = 450, - TOK_ACTION_STATUS = 451, - TOK_ACTION_TAG = 452, - TOK_ACTION_TRANSFORMATION_BASE_64_ENCODE = 453, - TOK_ACTION_TRANSFORMATION_BASE_64_DECODE = 454, - TOK_ACTION_TRANSFORMATION_BASE_64_DECODE_EXT = 455, - TOK_ACTION_TRANSFORMATION_CMD_LINE = 456, - TOK_ACTION_TRANSFORMATION_COMPRESS_WHITESPACE = 457, - TOK_ACTION_TRANSFORMATION_CSS_DECODE = 458, - TOK_ACTION_TRANSFORMATION_ESCAPE_SEQ_DECODE = 459, - TOK_ACTION_TRANSFORMATION_HEX_ENCODE = 460, - TOK_ACTION_TRANSFORMATION_HEX_DECODE = 461, - TOK_ACTION_TRANSFORMATION_HTML_ENTITY_DECODE = 462, - TOK_ACTION_TRANSFORMATION_JS_DECODE = 463, - TOK_ACTION_TRANSFORMATION_LENGTH = 464, - TOK_ACTION_TRANSFORMATION_LOWERCASE = 465, - TOK_ACTION_TRANSFORMATION_MD5 = 466, - TOK_ACTION_TRANSFORMATION_NONE = 467, - TOK_ACTION_TRANSFORMATION_NORMALISE_PATH = 468, - TOK_ACTION_TRANSFORMATION_NORMALISE_PATH_WIN = 469, - TOK_ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT = 470, - TOK_ACTION_TRANSFORMATION_PARITY_ODD_7_BIT = 471, - TOK_ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT = 472, - TOK_ACTION_TRANSFORMATION_REMOVE_COMMENTS = 473, - TOK_ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR = 474, - TOK_ACTION_TRANSFORMATION_REMOVE_NULLS = 475, - TOK_ACTION_TRANSFORMATION_REMOVE_WHITESPACE = 476, - TOK_ACTION_TRANSFORMATION_REPLACE_COMMENTS = 477, - TOK_ACTION_TRANSFORMATION_REPLACE_NULLS = 478, - TOK_ACTION_TRANSFORMATION_SHA1 = 479, - TOK_ACTION_TRANSFORMATION_SQL_HEX_DECODE = 480, - TOK_ACTION_TRANSFORMATION_TRIM = 481, - TOK_ACTION_TRANSFORMATION_TRIM_LEFT = 482, - TOK_ACTION_TRANSFORMATION_TRIM_RIGHT = 483, - TOK_ACTION_TRANSFORMATION_UPPERCASE = 484, - TOK_ACTION_TRANSFORMATION_URL_ENCODE = 485, - TOK_ACTION_TRANSFORMATION_URL_DECODE = 486, - TOK_ACTION_TRANSFORMATION_URL_DECODE_UNI = 487, - TOK_ACTION_TRANSFORMATION_UTF8_TO_UNICODE = 488, - TOK_ACTION_VER = 489, - TOK_ACTION_XMLNS = 490, - TOK_CONFIG_COMPONENT_SIG = 491, - TOK_CONFIG_CONN_ENGINE = 492, - TOK_CONFIG_SEC_ARGUMENT_SEPARATOR = 493, - TOK_CONFIG_SEC_WEB_APP_ID = 494, - TOK_CONFIG_SEC_SERVER_SIG = 495, - TOK_CONFIG_DIR_AUDIT_DIR = 496, - TOK_CONFIG_DIR_AUDIT_DIR_MOD = 497, - TOK_CONFIG_DIR_AUDIT_ENG = 498, - TOK_CONFIG_DIR_AUDIT_FLE_MOD = 499, - TOK_CONFIG_DIR_AUDIT_LOG = 500, - TOK_CONFIG_DIR_AUDIT_LOG2 = 501, - TOK_CONFIG_DIR_AUDIT_LOG_P = 502, - TOK_CONFIG_DIR_AUDIT_STS = 503, - TOK_CONFIG_DIR_AUDIT_TPE = 504, - TOK_CONFIG_DIR_DEBUG_LOG = 505, - TOK_CONFIG_DIR_DEBUG_LVL = 506, - TOK_CONFIG_SEC_CACHE_TRANSFORMATIONS = 507, - TOK_CONFIG_SEC_DISABLE_BACKEND_COMPRESS = 508, - TOK_CONFIG_SEC_HASH_ENGINE = 509, - TOK_CONFIG_SEC_HASH_KEY = 510, - TOK_CONFIG_SEC_HASH_PARAM = 511, - TOK_CONFIG_SEC_HASH_METHOD_RX = 512, - TOK_CONFIG_SEC_HASH_METHOD_PM = 513, - TOK_CONFIG_SEC_CHROOT_DIR = 514, - TOK_CONFIG_DIR_GEO_DB = 515, - TOK_CONFIG_DIR_GSB_DB = 516, - TOK_CONFIG_SEC_GUARDIAN_LOG = 517, - TOK_CONFIG_DIR_PCRE_MATCH_LIMIT = 518, - TOK_CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION = 519, - TOK_CONFIG_SEC_CONN_R_STATE_LIMIT = 520, - TOK_CONFIG_SEC_CONN_W_STATE_LIMIT = 521, - TOK_CONFIG_SEC_SENSOR_ID = 522, - TOK_CONFIG_DIR_ARGS_LIMIT = 523, - TOK_CONFIG_DIR_REQ_BODY = 524, - TOK_CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT = 525, - TOK_CONFIG_DIR_REQ_BODY_LIMIT = 526, - TOK_CONFIG_DIR_REQ_BODY_LIMIT_ACTION = 527, - TOK_CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT = 528, - TOK_CONFIG_DIR_RES_BODY = 529, - TOK_CONFIG_DIR_RES_BODY_LIMIT = 530, - TOK_CONFIG_DIR_RES_BODY_LIMIT_ACTION = 531, - TOK_CONFIG_SEC_RULE_INHERITANCE = 532, - TOK_CONFIG_SEC_RULE_PERF_TIME = 533, - TOK_CONFIG_DIR_RULE_ENG = 534, - TOK_CONFIG_DIR_SEC_ACTION = 535, - TOK_CONFIG_DIR_SEC_DEFAULT_ACTION = 536, - TOK_CONFIG_DIR_SEC_MARKER = 537, - TOK_CONFIG_DIR_UNICODE_MAP_FILE = 538, - TOK_CONFIG_DIR_UNICODE_CODE_PAGE = 539, - TOK_CONFIG_SEC_COLLECTION_TIMEOUT = 540, - TOK_CONFIG_SEC_HTTP_BLKEY = 541, - TOK_CONFIG_SEC_INTERCEPT_ON_ERROR = 542, - TOK_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION = 543, - TOK_CONFIG_SEC_RULE_REMOVE_BY_ID = 544, - TOK_CONFIG_SEC_RULE_REMOVE_BY_MSG = 545, - TOK_CONFIG_SEC_RULE_REMOVE_BY_TAG = 546, - TOK_CONFIG_SEC_RULE_UPDATE_TARGET_BY_TAG = 547, - TOK_CONFIG_SEC_RULE_UPDATE_TARGET_BY_MSG = 548, - TOK_CONFIG_SEC_RULE_UPDATE_TARGET_BY_ID = 549, - TOK_CONFIG_SEC_RULE_UPDATE_ACTION_BY_ID = 550, - TOK_CONFIG_UPDLOAD_KEEP_FILES = 551, - TOK_CONFIG_UPDLOAD_SAVE_TMP_FILES = 552, - TOK_CONFIG_UPLOAD_DIR = 553, - TOK_CONFIG_UPLOAD_FILE_LIMIT = 554, - TOK_CONFIG_UPLOAD_FILE_MODE = 555, - TOK_CONFIG_VALUE_ABORT = 556, - TOK_CONFIG_VALUE_DETC = 557, - TOK_CONFIG_VALUE_HTTPS = 558, - TOK_CONFIG_VALUE_OFF = 559, - TOK_CONFIG_VALUE_ON = 560, - TOK_CONFIG_VALUE_PARALLEL = 561, - TOK_CONFIG_VALUE_PROCESS_PARTIAL = 562, - TOK_CONFIG_VALUE_REJECT = 563, - TOK_CONFIG_VALUE_RELEVANT_ONLY = 564, - TOK_CONFIG_VALUE_SERIAL = 565, - TOK_CONFIG_VALUE_WARN = 566, - TOK_CONFIG_XML_EXTERNAL_ENTITY = 567, - TOK_CONGIG_DIR_RESPONSE_BODY_MP = 568, - TOK_CONGIG_DIR_SEC_ARG_SEP = 569, - TOK_CONGIG_DIR_SEC_COOKIE_FORMAT = 570, - TOK_CONFIG_SEC_COOKIEV0_SEPARATOR = 571, - TOK_CONGIG_DIR_SEC_DATA_DIR = 572, - TOK_CONGIG_DIR_SEC_STATUS_ENGINE = 573, - TOK_CONFIG_SEC_STREAM_IN_BODY_INSPECTION = 574, - TOK_CONFIG_SEC_STREAM_OUT_BODY_INSPECTION = 575, - TOK_CONGIG_DIR_SEC_TMP_DIR = 576, - TOK_DIRECTIVE = 577, - TOK_DIRECTIVE_SECRULESCRIPT = 578, - TOK_FREE_TEXT_QUOTE_MACRO_EXPANSION = 579, - TOK_QUOTATION_MARK = 580, - TOK_RUN_TIME_VAR_BLD = 581, - TOK_RUN_TIME_VAR_DUR = 582, - TOK_RUN_TIME_VAR_HSV = 583, - TOK_RUN_TIME_VAR_REMOTE_USER = 584, - TOK_RUN_TIME_VAR_TIME = 585, - TOK_RUN_TIME_VAR_TIME_DAY = 586, - TOK_RUN_TIME_VAR_TIME_EPOCH = 587, - TOK_RUN_TIME_VAR_TIME_HOUR = 588, - TOK_RUN_TIME_VAR_TIME_MIN = 589, - TOK_RUN_TIME_VAR_TIME_MON = 590, - TOK_RUN_TIME_VAR_TIME_SEC = 591, - TOK_RUN_TIME_VAR_TIME_WDAY = 592, - TOK_RUN_TIME_VAR_TIME_YEAR = 593, - TOK_VARIABLE = 594, - TOK_DICT_ELEMENT = 595, - TOK_DICT_ELEMENT_REGEXP = 596 + TOK_YYEMPTY = -2, + TOK_END = 0, // "end of file" + TOK_YYerror = 256, // error + TOK_YYUNDEF = 257, // "invalid token" + TOK_COMMA = 258, // "," + TOK_CONFIG_CONTENT_INJECTION = 259, // "CONFIG_CONTENT_INJECTION" + TOK_CONGIG_DIR_RESPONSE_BODY_MP_CLEAR = 260, // "CONGIG_DIR_RESPONSE_BODY_MP_CLEAR" + TOK_PIPE = 261, // PIPE + TOK_NEW_LINE = 262, // NEW_LINE + TOK_VAR_COUNT = 263, // VAR_COUNT + TOK_VAR_EXCLUSION = 264, // VAR_EXCLUSION + TOK_VARIABLE_ARGS = 265, // VARIABLE_ARGS + TOK_VARIABLE_ARGS_POST = 266, // VARIABLE_ARGS_POST + TOK_VARIABLE_ARGS_GET = 267, // VARIABLE_ARGS_GET + TOK_VARIABLE_FILES_SIZES = 268, // VARIABLE_FILES_SIZES + TOK_VARIABLE_FILES_NAMES = 269, // VARIABLE_FILES_NAMES + TOK_VARIABLE_FILES_TMP_CONTENT = 270, // VARIABLE_FILES_TMP_CONTENT + TOK_VARIABLE_MULTIPART_FILENAME = 271, // VARIABLE_MULTIPART_FILENAME + TOK_VARIABLE_MULTIPART_NAME = 272, // VARIABLE_MULTIPART_NAME + TOK_VARIABLE_MATCHED_VARS_NAMES = 273, // VARIABLE_MATCHED_VARS_NAMES + TOK_VARIABLE_MATCHED_VARS = 274, // VARIABLE_MATCHED_VARS + TOK_VARIABLE_FILES = 275, // VARIABLE_FILES + TOK_VARIABLE_REQUEST_COOKIES = 276, // VARIABLE_REQUEST_COOKIES + TOK_VARIABLE_REQUEST_HEADERS = 277, // VARIABLE_REQUEST_HEADERS + TOK_VARIABLE_RESPONSE_HEADERS = 278, // VARIABLE_RESPONSE_HEADERS + TOK_VARIABLE_GEO = 279, // VARIABLE_GEO + TOK_VARIABLE_REQUEST_COOKIES_NAMES = 280, // VARIABLE_REQUEST_COOKIES_NAMES + TOK_VARIABLE_ARGS_COMBINED_SIZE = 281, // VARIABLE_ARGS_COMBINED_SIZE + TOK_VARIABLE_ARGS_GET_NAMES = 282, // VARIABLE_ARGS_GET_NAMES + TOK_VARIABLE_RULE = 283, // VARIABLE_RULE + TOK_VARIABLE_ARGS_NAMES = 284, // "Variable ARGS_NAMES" + TOK_VARIABLE_ARGS_POST_NAMES = 285, // VARIABLE_ARGS_POST_NAMES + TOK_VARIABLE_AUTH_TYPE = 286, // "AUTH_TYPE" + TOK_VARIABLE_FILES_COMBINED_SIZE = 287, // "FILES_COMBINED_SIZE" + TOK_VARIABLE_FILES_TMP_NAMES = 288, // "FILES_TMPNAMES" + TOK_VARIABLE_FULL_REQUEST = 289, // "FULL_REQUEST" + TOK_VARIABLE_FULL_REQUEST_LENGTH = 290, // "FULL_REQUEST_LENGTH" + TOK_VARIABLE_INBOUND_DATA_ERROR = 291, // "INBOUND_DATA_ERROR" + TOK_VARIABLE_MATCHED_VAR = 292, // "MATCHED_VAR" + TOK_VARIABLE_MATCHED_VAR_NAME = 293, // "MATCHED_VAR_NAME" + TOK_VARIABLE_MULTIPART_BOUNDARY_QUOTED = 294, // VARIABLE_MULTIPART_BOUNDARY_QUOTED + TOK_VARIABLE_MULTIPART_BOUNDARY_WHITESPACE = 295, // VARIABLE_MULTIPART_BOUNDARY_WHITESPACE + TOK_VARIABLE_MULTIPART_CRLF_LF_LINES = 296, // "MULTIPART_CRLF_LF_LINES" + TOK_VARIABLE_MULTIPART_DATA_AFTER = 297, // "MULTIPART_DATA_AFTER" + TOK_VARIABLE_MULTIPART_DATA_BEFORE = 298, // VARIABLE_MULTIPART_DATA_BEFORE + TOK_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED = 299, // "MULTIPART_FILE_LIMIT_EXCEEDED" + TOK_VARIABLE_MULTIPART_HEADER_FOLDING = 300, // "MULTIPART_HEADER_FOLDING" + TOK_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING = 301, // "MULTIPART_INVALID_HEADER_FOLDING" + TOK_VARIABLE_MULTIPART_INVALID_PART = 302, // VARIABLE_MULTIPART_INVALID_PART + TOK_VARIABLE_MULTIPART_INVALID_QUOTING = 303, // "MULTIPART_INVALID_QUOTING" + TOK_VARIABLE_MULTIPART_LF_LINE = 304, // VARIABLE_MULTIPART_LF_LINE + TOK_VARIABLE_MULTIPART_MISSING_SEMICOLON = 305, // VARIABLE_MULTIPART_MISSING_SEMICOLON + TOK_VARIABLE_MULTIPART_SEMICOLON_MISSING = 306, // VARIABLE_MULTIPART_SEMICOLON_MISSING + TOK_VARIABLE_MULTIPART_STRICT_ERROR = 307, // "MULTIPART_STRICT_ERROR" + TOK_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY = 308, // "MULTIPART_UNMATCHED_BOUNDARY" + TOK_VARIABLE_OUTBOUND_DATA_ERROR = 309, // "OUTBOUND_DATA_ERROR" + TOK_VARIABLE_PATH_INFO = 310, // "PATH_INFO" + TOK_VARIABLE_QUERY_STRING = 311, // "QUERY_STRING" + TOK_VARIABLE_REMOTE_ADDR = 312, // "REMOTE_ADDR" + TOK_VARIABLE_REMOTE_HOST = 313, // "REMOTE_HOST" + TOK_VARIABLE_REMOTE_PORT = 314, // "REMOTE_PORT" + TOK_VARIABLE_REQBODY_ERROR_MSG = 315, // "REQBODY_ERROR_MSG" + TOK_VARIABLE_REQBODY_ERROR = 316, // "REQBODY_ERROR" + TOK_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG = 317, // "REQBODY_PROCESSOR_ERROR_MSG" + TOK_VARIABLE_REQBODY_PROCESSOR_ERROR = 318, // "REQBODY_PROCESSOR_ERROR" + TOK_VARIABLE_REQBODY_PROCESSOR = 319, // "REQBODY_PROCESSOR" + TOK_VARIABLE_REQUEST_BASENAME = 320, // "REQUEST_BASENAME" + TOK_VARIABLE_REQUEST_BODY_LENGTH = 321, // "REQUEST_BODY_LENGTH" + TOK_VARIABLE_REQUEST_BODY = 322, // "REQUEST_BODY" + TOK_VARIABLE_REQUEST_FILE_NAME = 323, // "REQUEST_FILENAME" + TOK_VARIABLE_REQUEST_HEADERS_NAMES = 324, // VARIABLE_REQUEST_HEADERS_NAMES + TOK_VARIABLE_REQUEST_LINE = 325, // "REQUEST_LINE" + TOK_VARIABLE_REQUEST_METHOD = 326, // "REQUEST_METHOD" + TOK_VARIABLE_REQUEST_PROTOCOL = 327, // "REQUEST_PROTOCOL" + TOK_VARIABLE_REQUEST_URI_RAW = 328, // "REQUEST_URI_RAW" + TOK_VARIABLE_REQUEST_URI = 329, // "REQUEST_URI" + TOK_VARIABLE_RESOURCE = 330, // "RESOURCE" + TOK_VARIABLE_RESPONSE_BODY = 331, // "RESPONSE_BODY" + TOK_VARIABLE_RESPONSE_CONTENT_LENGTH = 332, // "RESPONSE_CONTENT_LENGTH" + TOK_VARIABLE_RESPONSE_CONTENT_TYPE = 333, // VARIABLE_RESPONSE_CONTENT_TYPE + TOK_VARIABLE_RESPONSE_HEADERS_NAMES = 334, // VARIABLE_RESPONSE_HEADERS_NAMES + TOK_VARIABLE_RESPONSE_PROTOCOL = 335, // "RESPONSE_PROTOCOL" + TOK_VARIABLE_RESPONSE_STATUS = 336, // "RESPONSE_STATUS" + TOK_VARIABLE_SERVER_ADDR = 337, // "SERVER_ADDR" + TOK_VARIABLE_SERVER_NAME = 338, // "SERVER_NAME" + TOK_VARIABLE_SERVER_PORT = 339, // "SERVER_PORT" + TOK_VARIABLE_SESSION_ID = 340, // "SESSIONID" + TOK_VARIABLE_UNIQUE_ID = 341, // "UNIQUE_ID" + TOK_VARIABLE_URL_ENCODED_ERROR = 342, // "URLENCODED_ERROR" + TOK_VARIABLE_USER_ID = 343, // "USERID" + TOK_VARIABLE_WEB_APP_ID = 344, // "WEBAPPID" + TOK_VARIABLE_STATUS = 345, // "VARIABLE_STATUS" + TOK_VARIABLE_STATUS_LINE = 346, // "VARIABLE_STATUS_LINE" + TOK_VARIABLE_IP = 347, // "VARIABLE_IP" + TOK_VARIABLE_GLOBAL = 348, // "VARIABLE_GLOBAL" + TOK_VARIABLE_TX = 349, // "VARIABLE_TX" + TOK_VARIABLE_SESSION = 350, // "VARIABLE_SESSION" + TOK_VARIABLE_USER = 351, // "VARIABLE_USER" + TOK_RUN_TIME_VAR_ENV = 352, // "RUN_TIME_VAR_ENV" + TOK_RUN_TIME_VAR_XML = 353, // "RUN_TIME_VAR_XML" + TOK_ACTION_SETVAR = 354, // "SetVar" + TOK_SETVAR_OPERATION_EQUALS = 355, // SETVAR_OPERATION_EQUALS + TOK_SETVAR_OPERATION_EQUALS_PLUS = 356, // SETVAR_OPERATION_EQUALS_PLUS + TOK_SETVAR_OPERATION_EQUALS_MINUS = 357, // SETVAR_OPERATION_EQUALS_MINUS + TOK_NOT = 358, // "NOT" + TOK_OPERATOR_BEGINS_WITH = 359, // "OPERATOR_BEGINS_WITH" + TOK_OPERATOR_CONTAINS = 360, // "OPERATOR_CONTAINS" + TOK_OPERATOR_CONTAINS_WORD = 361, // "OPERATOR_CONTAINS_WORD" + TOK_OPERATOR_DETECT_SQLI = 362, // "OPERATOR_DETECT_SQLI" + TOK_OPERATOR_DETECT_XSS = 363, // "OPERATOR_DETECT_XSS" + TOK_OPERATOR_ENDS_WITH = 364, // "OPERATOR_ENDS_WITH" + TOK_OPERATOR_EQ = 365, // "OPERATOR_EQ" + TOK_OPERATOR_FUZZY_HASH = 366, // "OPERATOR_FUZZY_HASH" + TOK_OPERATOR_GEOLOOKUP = 367, // "OPERATOR_GEOLOOKUP" + TOK_OPERATOR_GE = 368, // "OPERATOR_GE" + TOK_OPERATOR_GSB_LOOKUP = 369, // "OPERATOR_GSB_LOOKUP" + TOK_OPERATOR_GT = 370, // "OPERATOR_GT" + TOK_OPERATOR_INSPECT_FILE = 371, // "OPERATOR_INSPECT_FILE" + TOK_OPERATOR_IP_MATCH_FROM_FILE = 372, // "OPERATOR_IP_MATCH_FROM_FILE" + TOK_OPERATOR_IP_MATCH = 373, // "OPERATOR_IP_MATCH" + TOK_OPERATOR_LE = 374, // "OPERATOR_LE" + TOK_OPERATOR_LT = 375, // "OPERATOR_LT" + TOK_OPERATOR_PM_FROM_FILE = 376, // "OPERATOR_PM_FROM_FILE" + TOK_OPERATOR_PM = 377, // "OPERATOR_PM" + TOK_OPERATOR_RBL = 378, // "OPERATOR_RBL" + TOK_OPERATOR_RSUB = 379, // "OPERATOR_RSUB" + TOK_OPERATOR_RX_CONTENT_ONLY = 380, // "Operator RX (content only)" + TOK_OPERATOR_RX = 381, // "OPERATOR_RX" + TOK_OPERATOR_STR_EQ = 382, // "OPERATOR_STR_EQ" + TOK_OPERATOR_STR_MATCH = 383, // "OPERATOR_STR_MATCH" + TOK_OPERATOR_UNCONDITIONAL_MATCH = 384, // "OPERATOR_UNCONDITIONAL_MATCH" + TOK_OPERATOR_VALIDATE_BYTE_RANGE = 385, // "OPERATOR_VALIDATE_BYTE_RANGE" + TOK_OPERATOR_VALIDATE_DTD = 386, // "OPERATOR_VALIDATE_DTD" + TOK_OPERATOR_VALIDATE_HASH = 387, // "OPERATOR_VALIDATE_HASH" + TOK_OPERATOR_VALIDATE_SCHEMA = 388, // "OPERATOR_VALIDATE_SCHEMA" + TOK_OPERATOR_VALIDATE_URL_ENCODING = 389, // "OPERATOR_VALIDATE_URL_ENCODING" + TOK_OPERATOR_VALIDATE_UTF8_ENCODING = 390, // "OPERATOR_VALIDATE_UTF8_ENCODING" + TOK_OPERATOR_VERIFY_CC = 391, // "OPERATOR_VERIFY_CC" + TOK_OPERATOR_VERIFY_CPF = 392, // "OPERATOR_VERIFY_CPF" + TOK_OPERATOR_VERIFY_SSN = 393, // "OPERATOR_VERIFY_SSN" + TOK_OPERATOR_VERIFY_SVNR = 394, // "OPERATOR_VERIFY_SVNR" + TOK_OPERATOR_WITHIN = 395, // "OPERATOR_WITHIN" + TOK_CONFIG_DIR_AUDIT_LOG_FMT = 396, // CONFIG_DIR_AUDIT_LOG_FMT + TOK_JSON = 397, // JSON + TOK_NATIVE = 398, // NATIVE + TOK_ACTION_CTL_RULE_ENGINE = 399, // "ACTION_CTL_RULE_ENGINE" + TOK_ACTION_ACCURACY = 400, // "Accuracy" + TOK_ACTION_ALLOW = 401, // "Allow" + TOK_ACTION_APPEND = 402, // "Append" + TOK_ACTION_AUDIT_LOG = 403, // "AuditLog" + TOK_ACTION_BLOCK = 404, // "Block" + TOK_ACTION_CAPTURE = 405, // "Capture" + TOK_ACTION_CHAIN = 406, // "Chain" + TOK_ACTION_CTL_AUDIT_ENGINE = 407, // "ACTION_CTL_AUDIT_ENGINE" + TOK_ACTION_CTL_AUDIT_LOG_PARTS = 408, // "ACTION_CTL_AUDIT_LOG_PARTS" + TOK_ACTION_CTL_BDY_JSON = 409, // "ACTION_CTL_BDY_JSON" + TOK_ACTION_CTL_BDY_XML = 410, // "ACTION_CTL_BDY_XML" + TOK_ACTION_CTL_BDY_URLENCODED = 411, // "ACTION_CTL_BDY_URLENCODED" + TOK_ACTION_CTL_FORCE_REQ_BODY_VAR = 412, // "ACTION_CTL_FORCE_REQ_BODY_VAR" + TOK_ACTION_CTL_REQUEST_BODY_ACCESS = 413, // "ACTION_CTL_REQUEST_BODY_ACCESS" + TOK_ACTION_CTL_RULE_REMOVE_BY_ID = 414, // "ACTION_CTL_RULE_REMOVE_BY_ID" + TOK_ACTION_CTL_RULE_REMOVE_BY_TAG = 415, // "ACTION_CTL_RULE_REMOVE_BY_TAG" + TOK_ACTION_CTL_RULE_REMOVE_TARGET_BY_ID = 416, // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID" + TOK_ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG = 417, // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG" + TOK_ACTION_DENY = 418, // "Deny" + TOK_ACTION_DEPRECATE_VAR = 419, // "DeprecateVar" + TOK_ACTION_DROP = 420, // "Drop" + TOK_ACTION_EXEC = 421, // "Exec" + TOK_ACTION_EXPIRE_VAR = 422, // "ExpireVar" + TOK_ACTION_ID = 423, // "Id" + TOK_ACTION_INITCOL = 424, // "InitCol" + TOK_ACTION_LOG = 425, // "Log" + TOK_ACTION_LOG_DATA = 426, // "LogData" + TOK_ACTION_MATURITY = 427, // "Maturity" + TOK_ACTION_MSG = 428, // "Msg" + TOK_ACTION_MULTI_MATCH = 429, // "MultiMatch" + TOK_ACTION_NO_AUDIT_LOG = 430, // "NoAuditLog" + TOK_ACTION_NO_LOG = 431, // "NoLog" + TOK_ACTION_PASS = 432, // "Pass" + TOK_ACTION_PAUSE = 433, // "Pause" + TOK_ACTION_PHASE = 434, // "Phase" + TOK_ACTION_PREPEND = 435, // "Prepend" + TOK_ACTION_PROXY = 436, // "Proxy" + TOK_ACTION_REDIRECT = 437, // "Redirect" + TOK_ACTION_REV = 438, // "Rev" + TOK_ACTION_SANITISE_ARG = 439, // "SanitiseArg" + TOK_ACTION_SANITISE_MATCHED = 440, // "SanitiseMatched" + TOK_ACTION_SANITISE_MATCHED_BYTES = 441, // "SanitiseMatchedBytes" + TOK_ACTION_SANITISE_REQUEST_HEADER = 442, // "SanitiseRequestHeader" + TOK_ACTION_SANITISE_RESPONSE_HEADER = 443, // "SanitiseResponseHeader" + TOK_ACTION_SETENV = 444, // "SetEnv" + TOK_ACTION_SETRSC = 445, // "SetRsc" + TOK_ACTION_SETSID = 446, // "SetSid" + TOK_ACTION_SETUID = 447, // "SetUID" + TOK_ACTION_SEVERITY = 448, // "Severity" + TOK_ACTION_SKIP = 449, // "Skip" + TOK_ACTION_SKIP_AFTER = 450, // "SkipAfter" + TOK_ACTION_STATUS = 451, // "Status" + TOK_ACTION_TAG = 452, // "Tag" + TOK_ACTION_TRANSFORMATION_BASE_64_ENCODE = 453, // "ACTION_TRANSFORMATION_BASE_64_ENCODE" + TOK_ACTION_TRANSFORMATION_BASE_64_DECODE = 454, // "ACTION_TRANSFORMATION_BASE_64_DECODE" + TOK_ACTION_TRANSFORMATION_BASE_64_DECODE_EXT = 455, // "ACTION_TRANSFORMATION_BASE_64_DECODE_EXT" + TOK_ACTION_TRANSFORMATION_CMD_LINE = 456, // "ACTION_TRANSFORMATION_CMD_LINE" + TOK_ACTION_TRANSFORMATION_COMPRESS_WHITESPACE = 457, // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE" + TOK_ACTION_TRANSFORMATION_CSS_DECODE = 458, // "ACTION_TRANSFORMATION_CSS_DECODE" + TOK_ACTION_TRANSFORMATION_ESCAPE_SEQ_DECODE = 459, // "ACTION_TRANSFORMATION_ESCAPE_SEQ_DECODE" + TOK_ACTION_TRANSFORMATION_HEX_ENCODE = 460, // "ACTION_TRANSFORMATION_HEX_ENCODE" + TOK_ACTION_TRANSFORMATION_HEX_DECODE = 461, // "ACTION_TRANSFORMATION_HEX_DECODE" + TOK_ACTION_TRANSFORMATION_HTML_ENTITY_DECODE = 462, // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE" + TOK_ACTION_TRANSFORMATION_JS_DECODE = 463, // "ACTION_TRANSFORMATION_JS_DECODE" + TOK_ACTION_TRANSFORMATION_LENGTH = 464, // "ACTION_TRANSFORMATION_LENGTH" + TOK_ACTION_TRANSFORMATION_LOWERCASE = 465, // "ACTION_TRANSFORMATION_LOWERCASE" + TOK_ACTION_TRANSFORMATION_MD5 = 466, // "ACTION_TRANSFORMATION_MD5" + TOK_ACTION_TRANSFORMATION_NONE = 467, // "ACTION_TRANSFORMATION_NONE" + TOK_ACTION_TRANSFORMATION_NORMALISE_PATH = 468, // "ACTION_TRANSFORMATION_NORMALISE_PATH" + TOK_ACTION_TRANSFORMATION_NORMALISE_PATH_WIN = 469, // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN" + TOK_ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT = 470, // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT" + TOK_ACTION_TRANSFORMATION_PARITY_ODD_7_BIT = 471, // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT" + TOK_ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT = 472, // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT" + TOK_ACTION_TRANSFORMATION_REMOVE_COMMENTS = 473, // "ACTION_TRANSFORMATION_REMOVE_COMMENTS" + TOK_ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR = 474, // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR" + TOK_ACTION_TRANSFORMATION_REMOVE_NULLS = 475, // "ACTION_TRANSFORMATION_REMOVE_NULLS" + TOK_ACTION_TRANSFORMATION_REMOVE_WHITESPACE = 476, // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE" + TOK_ACTION_TRANSFORMATION_REPLACE_COMMENTS = 477, // "ACTION_TRANSFORMATION_REPLACE_COMMENTS" + TOK_ACTION_TRANSFORMATION_REPLACE_NULLS = 478, // "ACTION_TRANSFORMATION_REPLACE_NULLS" + TOK_ACTION_TRANSFORMATION_SHA1 = 479, // "ACTION_TRANSFORMATION_SHA1" + TOK_ACTION_TRANSFORMATION_SQL_HEX_DECODE = 480, // "ACTION_TRANSFORMATION_SQL_HEX_DECODE" + TOK_ACTION_TRANSFORMATION_TRIM = 481, // "ACTION_TRANSFORMATION_TRIM" + TOK_ACTION_TRANSFORMATION_TRIM_LEFT = 482, // "ACTION_TRANSFORMATION_TRIM_LEFT" + TOK_ACTION_TRANSFORMATION_TRIM_RIGHT = 483, // "ACTION_TRANSFORMATION_TRIM_RIGHT" + TOK_ACTION_TRANSFORMATION_UPPERCASE = 484, // "ACTION_TRANSFORMATION_UPPERCASE" + TOK_ACTION_TRANSFORMATION_URL_ENCODE = 485, // "ACTION_TRANSFORMATION_URL_ENCODE" + TOK_ACTION_TRANSFORMATION_URL_DECODE = 486, // "ACTION_TRANSFORMATION_URL_DECODE" + TOK_ACTION_TRANSFORMATION_URL_DECODE_UNI = 487, // "ACTION_TRANSFORMATION_URL_DECODE_UNI" + TOK_ACTION_TRANSFORMATION_UTF8_TO_UNICODE = 488, // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE" + TOK_ACTION_VER = 489, // "Ver" + TOK_ACTION_XMLNS = 490, // "xmlns" + TOK_CONFIG_COMPONENT_SIG = 491, // "CONFIG_COMPONENT_SIG" + TOK_CONFIG_CONN_ENGINE = 492, // "CONFIG_CONN_ENGINE" + TOK_CONFIG_SEC_ARGUMENT_SEPARATOR = 493, // "CONFIG_SEC_ARGUMENT_SEPARATOR" + TOK_CONFIG_SEC_WEB_APP_ID = 494, // "CONFIG_SEC_WEB_APP_ID" + TOK_CONFIG_SEC_SERVER_SIG = 495, // "CONFIG_SEC_SERVER_SIG" + TOK_CONFIG_DIR_AUDIT_DIR = 496, // "CONFIG_DIR_AUDIT_DIR" + TOK_CONFIG_DIR_AUDIT_DIR_MOD = 497, // "CONFIG_DIR_AUDIT_DIR_MOD" + TOK_CONFIG_DIR_AUDIT_ENG = 498, // "CONFIG_DIR_AUDIT_ENG" + TOK_CONFIG_DIR_AUDIT_FLE_MOD = 499, // "CONFIG_DIR_AUDIT_FLE_MOD" + TOK_CONFIG_DIR_AUDIT_LOG = 500, // "CONFIG_DIR_AUDIT_LOG" + TOK_CONFIG_DIR_AUDIT_LOG2 = 501, // "CONFIG_DIR_AUDIT_LOG2" + TOK_CONFIG_DIR_AUDIT_LOG_P = 502, // "CONFIG_DIR_AUDIT_LOG_P" + TOK_CONFIG_DIR_AUDIT_STS = 503, // "CONFIG_DIR_AUDIT_STS" + TOK_CONFIG_DIR_AUDIT_TPE = 504, // "CONFIG_DIR_AUDIT_TPE" + TOK_CONFIG_DIR_DEBUG_LOG = 505, // "CONFIG_DIR_DEBUG_LOG" + TOK_CONFIG_DIR_DEBUG_LVL = 506, // "CONFIG_DIR_DEBUG_LVL" + TOK_CONFIG_SEC_CACHE_TRANSFORMATIONS = 507, // "CONFIG_SEC_CACHE_TRANSFORMATIONS" + TOK_CONFIG_SEC_DISABLE_BACKEND_COMPRESS = 508, // "CONFIG_SEC_DISABLE_BACKEND_COMPRESS" + TOK_CONFIG_SEC_HASH_ENGINE = 509, // "CONFIG_SEC_HASH_ENGINE" + TOK_CONFIG_SEC_HASH_KEY = 510, // "CONFIG_SEC_HASH_KEY" + TOK_CONFIG_SEC_HASH_PARAM = 511, // "CONFIG_SEC_HASH_PARAM" + TOK_CONFIG_SEC_HASH_METHOD_RX = 512, // "CONFIG_SEC_HASH_METHOD_RX" + TOK_CONFIG_SEC_HASH_METHOD_PM = 513, // "CONFIG_SEC_HASH_METHOD_PM" + TOK_CONFIG_SEC_CHROOT_DIR = 514, // "CONFIG_SEC_CHROOT_DIR" + TOK_CONFIG_DIR_GEO_DB = 515, // "CONFIG_DIR_GEO_DB" + TOK_CONFIG_DIR_GSB_DB = 516, // "CONFIG_DIR_GSB_DB" + TOK_CONFIG_SEC_GUARDIAN_LOG = 517, // "CONFIG_SEC_GUARDIAN_LOG" + TOK_CONFIG_DIR_PCRE_MATCH_LIMIT = 518, // "CONFIG_DIR_PCRE_MATCH_LIMIT" + TOK_CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION = 519, // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION" + TOK_CONFIG_SEC_CONN_R_STATE_LIMIT = 520, // "CONFIG_SEC_CONN_R_STATE_LIMIT" + TOK_CONFIG_SEC_CONN_W_STATE_LIMIT = 521, // "CONFIG_SEC_CONN_W_STATE_LIMIT" + TOK_CONFIG_SEC_SENSOR_ID = 522, // "CONFIG_SEC_SENSOR_ID" + TOK_CONFIG_DIR_ARGS_LIMIT = 523, // "CONFIG_DIR_ARGS_LIMIT" + TOK_CONFIG_DIR_REQ_BODY = 524, // "CONFIG_DIR_REQ_BODY" + TOK_CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT = 525, // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT" + TOK_CONFIG_DIR_REQ_BODY_LIMIT = 526, // "CONFIG_DIR_REQ_BODY_LIMIT" + TOK_CONFIG_DIR_REQ_BODY_LIMIT_ACTION = 527, // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION" + TOK_CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT = 528, // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT" + TOK_CONFIG_DIR_RES_BODY = 529, // "CONFIG_DIR_RES_BODY" + TOK_CONFIG_DIR_RES_BODY_LIMIT = 530, // "CONFIG_DIR_RES_BODY_LIMIT" + TOK_CONFIG_DIR_RES_BODY_LIMIT_ACTION = 531, // "CONFIG_DIR_RES_BODY_LIMIT_ACTION" + TOK_CONFIG_SEC_RULE_INHERITANCE = 532, // "CONFIG_SEC_RULE_INHERITANCE" + TOK_CONFIG_SEC_RULE_PERF_TIME = 533, // "CONFIG_SEC_RULE_PERF_TIME" + TOK_CONFIG_DIR_RULE_ENG = 534, // "CONFIG_DIR_RULE_ENG" + TOK_CONFIG_DIR_SEC_ACTION = 535, // "CONFIG_DIR_SEC_ACTION" + TOK_CONFIG_DIR_SEC_DEFAULT_ACTION = 536, // "CONFIG_DIR_SEC_DEFAULT_ACTION" + TOK_CONFIG_DIR_SEC_MARKER = 537, // "CONFIG_DIR_SEC_MARKER" + TOK_CONFIG_DIR_UNICODE_MAP_FILE = 538, // "CONFIG_DIR_UNICODE_MAP_FILE" + TOK_CONFIG_DIR_UNICODE_CODE_PAGE = 539, // "CONFIG_DIR_UNICODE_CODE_PAGE" + TOK_CONFIG_SEC_COLLECTION_TIMEOUT = 540, // "CONFIG_SEC_COLLECTION_TIMEOUT" + TOK_CONFIG_SEC_HTTP_BLKEY = 541, // "CONFIG_SEC_HTTP_BLKEY" + TOK_CONFIG_SEC_INTERCEPT_ON_ERROR = 542, // "CONFIG_SEC_INTERCEPT_ON_ERROR" + TOK_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION = 543, // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION" + TOK_CONFIG_SEC_RULE_REMOVE_BY_ID = 544, // "CONFIG_SEC_RULE_REMOVE_BY_ID" + TOK_CONFIG_SEC_RULE_REMOVE_BY_MSG = 545, // "CONFIG_SEC_RULE_REMOVE_BY_MSG" + TOK_CONFIG_SEC_RULE_REMOVE_BY_TAG = 546, // "CONFIG_SEC_RULE_REMOVE_BY_TAG" + TOK_CONFIG_SEC_RULE_UPDATE_TARGET_BY_TAG = 547, // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_TAG" + TOK_CONFIG_SEC_RULE_UPDATE_TARGET_BY_MSG = 548, // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_MSG" + TOK_CONFIG_SEC_RULE_UPDATE_TARGET_BY_ID = 549, // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_ID" + TOK_CONFIG_SEC_RULE_UPDATE_ACTION_BY_ID = 550, // "CONFIG_SEC_RULE_UPDATE_ACTION_BY_ID" + TOK_CONFIG_UPDLOAD_KEEP_FILES = 551, // "CONFIG_UPDLOAD_KEEP_FILES" + TOK_CONFIG_UPDLOAD_SAVE_TMP_FILES = 552, // "CONFIG_UPDLOAD_SAVE_TMP_FILES" + TOK_CONFIG_UPLOAD_DIR = 553, // "CONFIG_UPLOAD_DIR" + TOK_CONFIG_UPLOAD_FILE_LIMIT = 554, // "CONFIG_UPLOAD_FILE_LIMIT" + TOK_CONFIG_UPLOAD_FILE_MODE = 555, // "CONFIG_UPLOAD_FILE_MODE" + TOK_CONFIG_VALUE_ABORT = 556, // "CONFIG_VALUE_ABORT" + TOK_CONFIG_VALUE_DETC = 557, // "CONFIG_VALUE_DETC" + TOK_CONFIG_VALUE_HTTPS = 558, // "CONFIG_VALUE_HTTPS" + TOK_CONFIG_VALUE_OFF = 559, // "CONFIG_VALUE_OFF" + TOK_CONFIG_VALUE_ON = 560, // "CONFIG_VALUE_ON" + TOK_CONFIG_VALUE_PARALLEL = 561, // "CONFIG_VALUE_PARALLEL" + TOK_CONFIG_VALUE_PROCESS_PARTIAL = 562, // "CONFIG_VALUE_PROCESS_PARTIAL" + TOK_CONFIG_VALUE_REJECT = 563, // "CONFIG_VALUE_REJECT" + TOK_CONFIG_VALUE_RELEVANT_ONLY = 564, // "CONFIG_VALUE_RELEVANT_ONLY" + TOK_CONFIG_VALUE_SERIAL = 565, // "CONFIG_VALUE_SERIAL" + TOK_CONFIG_VALUE_WARN = 566, // "CONFIG_VALUE_WARN" + TOK_CONFIG_XML_EXTERNAL_ENTITY = 567, // "CONFIG_XML_EXTERNAL_ENTITY" + TOK_CONGIG_DIR_RESPONSE_BODY_MP = 568, // "CONGIG_DIR_RESPONSE_BODY_MP" + TOK_CONGIG_DIR_SEC_ARG_SEP = 569, // "CONGIG_DIR_SEC_ARG_SEP" + TOK_CONGIG_DIR_SEC_COOKIE_FORMAT = 570, // "CONGIG_DIR_SEC_COOKIE_FORMAT" + TOK_CONFIG_SEC_COOKIEV0_SEPARATOR = 571, // "CONFIG_SEC_COOKIEV0_SEPARATOR" + TOK_CONGIG_DIR_SEC_DATA_DIR = 572, // "CONGIG_DIR_SEC_DATA_DIR" + TOK_CONGIG_DIR_SEC_STATUS_ENGINE = 573, // "CONGIG_DIR_SEC_STATUS_ENGINE" + TOK_CONFIG_SEC_STREAM_IN_BODY_INSPECTION = 574, // "CONFIG_SEC_STREAM_IN_BODY_INSPECTION" + TOK_CONFIG_SEC_STREAM_OUT_BODY_INSPECTION = 575, // "CONFIG_SEC_STREAM_OUT_BODY_INSPECTION" + TOK_CONGIG_DIR_SEC_TMP_DIR = 576, // "CONGIG_DIR_SEC_TMP_DIR" + TOK_DIRECTIVE = 577, // "DIRECTIVE" + TOK_DIRECTIVE_SECRULESCRIPT = 578, // "DIRECTIVE_SECRULESCRIPT" + TOK_FREE_TEXT_QUOTE_MACRO_EXPANSION = 579, // "FREE_TEXT_QUOTE_MACRO_EXPANSION" + TOK_QUOTATION_MARK = 580, // "QUOTATION_MARK" + TOK_RUN_TIME_VAR_BLD = 581, // "RUN_TIME_VAR_BLD" + TOK_RUN_TIME_VAR_DUR = 582, // "RUN_TIME_VAR_DUR" + TOK_RUN_TIME_VAR_HSV = 583, // "RUN_TIME_VAR_HSV" + TOK_RUN_TIME_VAR_REMOTE_USER = 584, // "RUN_TIME_VAR_REMOTE_USER" + TOK_RUN_TIME_VAR_TIME = 585, // "RUN_TIME_VAR_TIME" + TOK_RUN_TIME_VAR_TIME_DAY = 586, // "RUN_TIME_VAR_TIME_DAY" + TOK_RUN_TIME_VAR_TIME_EPOCH = 587, // "RUN_TIME_VAR_TIME_EPOCH" + TOK_RUN_TIME_VAR_TIME_HOUR = 588, // "RUN_TIME_VAR_TIME_HOUR" + TOK_RUN_TIME_VAR_TIME_MIN = 589, // "RUN_TIME_VAR_TIME_MIN" + TOK_RUN_TIME_VAR_TIME_MON = 590, // "RUN_TIME_VAR_TIME_MON" + TOK_RUN_TIME_VAR_TIME_SEC = 591, // "RUN_TIME_VAR_TIME_SEC" + TOK_RUN_TIME_VAR_TIME_WDAY = 592, // "RUN_TIME_VAR_TIME_WDAY" + TOK_RUN_TIME_VAR_TIME_YEAR = 593, // "RUN_TIME_VAR_TIME_YEAR" + TOK_VARIABLE = 594, // "VARIABLE" + TOK_DICT_ELEMENT = 595, // "Dictionary element" + TOK_DICT_ELEMENT_REGEXP = 596 // "Dictionary element, selected by regexp" + }; + /// Backward compatibility alias (Bison 3.6). + typedef token_kind_type yytokentype; + }; + + /// Token kind, as returned by yylex. + typedef token::yytokentype token_kind_type; + + /// Backward compatibility alias (Bison 3.6). + typedef token_kind_type token_type; + + /// Symbol kinds. + struct symbol_kind + { + enum symbol_kind_type + { + YYNTOKENS = 342, ///< Number of tokens. + S_YYEMPTY = -2, + S_YYEOF = 0, // "end of file" + S_YYerror = 1, // error + S_YYUNDEF = 2, // "invalid token" + S_COMMA = 3, // "," + S_CONFIG_CONTENT_INJECTION = 4, // "CONFIG_CONTENT_INJECTION" + S_CONGIG_DIR_RESPONSE_BODY_MP_CLEAR = 5, // "CONGIG_DIR_RESPONSE_BODY_MP_CLEAR" + S_PIPE = 6, // PIPE + S_NEW_LINE = 7, // NEW_LINE + S_VAR_COUNT = 8, // VAR_COUNT + S_VAR_EXCLUSION = 9, // VAR_EXCLUSION + S_VARIABLE_ARGS = 10, // VARIABLE_ARGS + S_VARIABLE_ARGS_POST = 11, // VARIABLE_ARGS_POST + S_VARIABLE_ARGS_GET = 12, // VARIABLE_ARGS_GET + S_VARIABLE_FILES_SIZES = 13, // VARIABLE_FILES_SIZES + S_VARIABLE_FILES_NAMES = 14, // VARIABLE_FILES_NAMES + S_VARIABLE_FILES_TMP_CONTENT = 15, // VARIABLE_FILES_TMP_CONTENT + S_VARIABLE_MULTIPART_FILENAME = 16, // VARIABLE_MULTIPART_FILENAME + S_VARIABLE_MULTIPART_NAME = 17, // VARIABLE_MULTIPART_NAME + S_VARIABLE_MATCHED_VARS_NAMES = 18, // VARIABLE_MATCHED_VARS_NAMES + S_VARIABLE_MATCHED_VARS = 19, // VARIABLE_MATCHED_VARS + S_VARIABLE_FILES = 20, // VARIABLE_FILES + S_VARIABLE_REQUEST_COOKIES = 21, // VARIABLE_REQUEST_COOKIES + S_VARIABLE_REQUEST_HEADERS = 22, // VARIABLE_REQUEST_HEADERS + S_VARIABLE_RESPONSE_HEADERS = 23, // VARIABLE_RESPONSE_HEADERS + S_VARIABLE_GEO = 24, // VARIABLE_GEO + S_VARIABLE_REQUEST_COOKIES_NAMES = 25, // VARIABLE_REQUEST_COOKIES_NAMES + S_VARIABLE_ARGS_COMBINED_SIZE = 26, // VARIABLE_ARGS_COMBINED_SIZE + S_VARIABLE_ARGS_GET_NAMES = 27, // VARIABLE_ARGS_GET_NAMES + S_VARIABLE_RULE = 28, // VARIABLE_RULE + S_VARIABLE_ARGS_NAMES = 29, // "Variable ARGS_NAMES" + S_VARIABLE_ARGS_POST_NAMES = 30, // VARIABLE_ARGS_POST_NAMES + S_VARIABLE_AUTH_TYPE = 31, // "AUTH_TYPE" + S_VARIABLE_FILES_COMBINED_SIZE = 32, // "FILES_COMBINED_SIZE" + S_VARIABLE_FILES_TMP_NAMES = 33, // "FILES_TMPNAMES" + S_VARIABLE_FULL_REQUEST = 34, // "FULL_REQUEST" + S_VARIABLE_FULL_REQUEST_LENGTH = 35, // "FULL_REQUEST_LENGTH" + S_VARIABLE_INBOUND_DATA_ERROR = 36, // "INBOUND_DATA_ERROR" + S_VARIABLE_MATCHED_VAR = 37, // "MATCHED_VAR" + S_VARIABLE_MATCHED_VAR_NAME = 38, // "MATCHED_VAR_NAME" + S_VARIABLE_MULTIPART_BOUNDARY_QUOTED = 39, // VARIABLE_MULTIPART_BOUNDARY_QUOTED + S_VARIABLE_MULTIPART_BOUNDARY_WHITESPACE = 40, // VARIABLE_MULTIPART_BOUNDARY_WHITESPACE + S_VARIABLE_MULTIPART_CRLF_LF_LINES = 41, // "MULTIPART_CRLF_LF_LINES" + S_VARIABLE_MULTIPART_DATA_AFTER = 42, // "MULTIPART_DATA_AFTER" + S_VARIABLE_MULTIPART_DATA_BEFORE = 43, // VARIABLE_MULTIPART_DATA_BEFORE + S_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED = 44, // "MULTIPART_FILE_LIMIT_EXCEEDED" + S_VARIABLE_MULTIPART_HEADER_FOLDING = 45, // "MULTIPART_HEADER_FOLDING" + S_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING = 46, // "MULTIPART_INVALID_HEADER_FOLDING" + S_VARIABLE_MULTIPART_INVALID_PART = 47, // VARIABLE_MULTIPART_INVALID_PART + S_VARIABLE_MULTIPART_INVALID_QUOTING = 48, // "MULTIPART_INVALID_QUOTING" + S_VARIABLE_MULTIPART_LF_LINE = 49, // VARIABLE_MULTIPART_LF_LINE + S_VARIABLE_MULTIPART_MISSING_SEMICOLON = 50, // VARIABLE_MULTIPART_MISSING_SEMICOLON + S_VARIABLE_MULTIPART_SEMICOLON_MISSING = 51, // VARIABLE_MULTIPART_SEMICOLON_MISSING + S_VARIABLE_MULTIPART_STRICT_ERROR = 52, // "MULTIPART_STRICT_ERROR" + S_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY = 53, // "MULTIPART_UNMATCHED_BOUNDARY" + S_VARIABLE_OUTBOUND_DATA_ERROR = 54, // "OUTBOUND_DATA_ERROR" + S_VARIABLE_PATH_INFO = 55, // "PATH_INFO" + S_VARIABLE_QUERY_STRING = 56, // "QUERY_STRING" + S_VARIABLE_REMOTE_ADDR = 57, // "REMOTE_ADDR" + S_VARIABLE_REMOTE_HOST = 58, // "REMOTE_HOST" + S_VARIABLE_REMOTE_PORT = 59, // "REMOTE_PORT" + S_VARIABLE_REQBODY_ERROR_MSG = 60, // "REQBODY_ERROR_MSG" + S_VARIABLE_REQBODY_ERROR = 61, // "REQBODY_ERROR" + S_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG = 62, // "REQBODY_PROCESSOR_ERROR_MSG" + S_VARIABLE_REQBODY_PROCESSOR_ERROR = 63, // "REQBODY_PROCESSOR_ERROR" + S_VARIABLE_REQBODY_PROCESSOR = 64, // "REQBODY_PROCESSOR" + S_VARIABLE_REQUEST_BASENAME = 65, // "REQUEST_BASENAME" + S_VARIABLE_REQUEST_BODY_LENGTH = 66, // "REQUEST_BODY_LENGTH" + S_VARIABLE_REQUEST_BODY = 67, // "REQUEST_BODY" + S_VARIABLE_REQUEST_FILE_NAME = 68, // "REQUEST_FILENAME" + S_VARIABLE_REQUEST_HEADERS_NAMES = 69, // VARIABLE_REQUEST_HEADERS_NAMES + S_VARIABLE_REQUEST_LINE = 70, // "REQUEST_LINE" + S_VARIABLE_REQUEST_METHOD = 71, // "REQUEST_METHOD" + S_VARIABLE_REQUEST_PROTOCOL = 72, // "REQUEST_PROTOCOL" + S_VARIABLE_REQUEST_URI_RAW = 73, // "REQUEST_URI_RAW" + S_VARIABLE_REQUEST_URI = 74, // "REQUEST_URI" + S_VARIABLE_RESOURCE = 75, // "RESOURCE" + S_VARIABLE_RESPONSE_BODY = 76, // "RESPONSE_BODY" + S_VARIABLE_RESPONSE_CONTENT_LENGTH = 77, // "RESPONSE_CONTENT_LENGTH" + S_VARIABLE_RESPONSE_CONTENT_TYPE = 78, // VARIABLE_RESPONSE_CONTENT_TYPE + S_VARIABLE_RESPONSE_HEADERS_NAMES = 79, // VARIABLE_RESPONSE_HEADERS_NAMES + S_VARIABLE_RESPONSE_PROTOCOL = 80, // "RESPONSE_PROTOCOL" + S_VARIABLE_RESPONSE_STATUS = 81, // "RESPONSE_STATUS" + S_VARIABLE_SERVER_ADDR = 82, // "SERVER_ADDR" + S_VARIABLE_SERVER_NAME = 83, // "SERVER_NAME" + S_VARIABLE_SERVER_PORT = 84, // "SERVER_PORT" + S_VARIABLE_SESSION_ID = 85, // "SESSIONID" + S_VARIABLE_UNIQUE_ID = 86, // "UNIQUE_ID" + S_VARIABLE_URL_ENCODED_ERROR = 87, // "URLENCODED_ERROR" + S_VARIABLE_USER_ID = 88, // "USERID" + S_VARIABLE_WEB_APP_ID = 89, // "WEBAPPID" + S_VARIABLE_STATUS = 90, // "VARIABLE_STATUS" + S_VARIABLE_STATUS_LINE = 91, // "VARIABLE_STATUS_LINE" + S_VARIABLE_IP = 92, // "VARIABLE_IP" + S_VARIABLE_GLOBAL = 93, // "VARIABLE_GLOBAL" + S_VARIABLE_TX = 94, // "VARIABLE_TX" + S_VARIABLE_SESSION = 95, // "VARIABLE_SESSION" + S_VARIABLE_USER = 96, // "VARIABLE_USER" + S_RUN_TIME_VAR_ENV = 97, // "RUN_TIME_VAR_ENV" + S_RUN_TIME_VAR_XML = 98, // "RUN_TIME_VAR_XML" + S_ACTION_SETVAR = 99, // "SetVar" + S_SETVAR_OPERATION_EQUALS = 100, // SETVAR_OPERATION_EQUALS + S_SETVAR_OPERATION_EQUALS_PLUS = 101, // SETVAR_OPERATION_EQUALS_PLUS + S_SETVAR_OPERATION_EQUALS_MINUS = 102, // SETVAR_OPERATION_EQUALS_MINUS + S_NOT = 103, // "NOT" + S_OPERATOR_BEGINS_WITH = 104, // "OPERATOR_BEGINS_WITH" + S_OPERATOR_CONTAINS = 105, // "OPERATOR_CONTAINS" + S_OPERATOR_CONTAINS_WORD = 106, // "OPERATOR_CONTAINS_WORD" + S_OPERATOR_DETECT_SQLI = 107, // "OPERATOR_DETECT_SQLI" + S_OPERATOR_DETECT_XSS = 108, // "OPERATOR_DETECT_XSS" + S_OPERATOR_ENDS_WITH = 109, // "OPERATOR_ENDS_WITH" + S_OPERATOR_EQ = 110, // "OPERATOR_EQ" + S_OPERATOR_FUZZY_HASH = 111, // "OPERATOR_FUZZY_HASH" + S_OPERATOR_GEOLOOKUP = 112, // "OPERATOR_GEOLOOKUP" + S_OPERATOR_GE = 113, // "OPERATOR_GE" + S_OPERATOR_GSB_LOOKUP = 114, // "OPERATOR_GSB_LOOKUP" + S_OPERATOR_GT = 115, // "OPERATOR_GT" + S_OPERATOR_INSPECT_FILE = 116, // "OPERATOR_INSPECT_FILE" + S_OPERATOR_IP_MATCH_FROM_FILE = 117, // "OPERATOR_IP_MATCH_FROM_FILE" + S_OPERATOR_IP_MATCH = 118, // "OPERATOR_IP_MATCH" + S_OPERATOR_LE = 119, // "OPERATOR_LE" + S_OPERATOR_LT = 120, // "OPERATOR_LT" + S_OPERATOR_PM_FROM_FILE = 121, // "OPERATOR_PM_FROM_FILE" + S_OPERATOR_PM = 122, // "OPERATOR_PM" + S_OPERATOR_RBL = 123, // "OPERATOR_RBL" + S_OPERATOR_RSUB = 124, // "OPERATOR_RSUB" + S_OPERATOR_RX_CONTENT_ONLY = 125, // "Operator RX (content only)" + S_OPERATOR_RX = 126, // "OPERATOR_RX" + S_OPERATOR_STR_EQ = 127, // "OPERATOR_STR_EQ" + S_OPERATOR_STR_MATCH = 128, // "OPERATOR_STR_MATCH" + S_OPERATOR_UNCONDITIONAL_MATCH = 129, // "OPERATOR_UNCONDITIONAL_MATCH" + S_OPERATOR_VALIDATE_BYTE_RANGE = 130, // "OPERATOR_VALIDATE_BYTE_RANGE" + S_OPERATOR_VALIDATE_DTD = 131, // "OPERATOR_VALIDATE_DTD" + S_OPERATOR_VALIDATE_HASH = 132, // "OPERATOR_VALIDATE_HASH" + S_OPERATOR_VALIDATE_SCHEMA = 133, // "OPERATOR_VALIDATE_SCHEMA" + S_OPERATOR_VALIDATE_URL_ENCODING = 134, // "OPERATOR_VALIDATE_URL_ENCODING" + S_OPERATOR_VALIDATE_UTF8_ENCODING = 135, // "OPERATOR_VALIDATE_UTF8_ENCODING" + S_OPERATOR_VERIFY_CC = 136, // "OPERATOR_VERIFY_CC" + S_OPERATOR_VERIFY_CPF = 137, // "OPERATOR_VERIFY_CPF" + S_OPERATOR_VERIFY_SSN = 138, // "OPERATOR_VERIFY_SSN" + S_OPERATOR_VERIFY_SVNR = 139, // "OPERATOR_VERIFY_SVNR" + S_OPERATOR_WITHIN = 140, // "OPERATOR_WITHIN" + S_CONFIG_DIR_AUDIT_LOG_FMT = 141, // CONFIG_DIR_AUDIT_LOG_FMT + S_JSON = 142, // JSON + S_NATIVE = 143, // NATIVE + S_ACTION_CTL_RULE_ENGINE = 144, // "ACTION_CTL_RULE_ENGINE" + S_ACTION_ACCURACY = 145, // "Accuracy" + S_ACTION_ALLOW = 146, // "Allow" + S_ACTION_APPEND = 147, // "Append" + S_ACTION_AUDIT_LOG = 148, // "AuditLog" + S_ACTION_BLOCK = 149, // "Block" + S_ACTION_CAPTURE = 150, // "Capture" + S_ACTION_CHAIN = 151, // "Chain" + S_ACTION_CTL_AUDIT_ENGINE = 152, // "ACTION_CTL_AUDIT_ENGINE" + S_ACTION_CTL_AUDIT_LOG_PARTS = 153, // "ACTION_CTL_AUDIT_LOG_PARTS" + S_ACTION_CTL_BDY_JSON = 154, // "ACTION_CTL_BDY_JSON" + S_ACTION_CTL_BDY_XML = 155, // "ACTION_CTL_BDY_XML" + S_ACTION_CTL_BDY_URLENCODED = 156, // "ACTION_CTL_BDY_URLENCODED" + S_ACTION_CTL_FORCE_REQ_BODY_VAR = 157, // "ACTION_CTL_FORCE_REQ_BODY_VAR" + S_ACTION_CTL_REQUEST_BODY_ACCESS = 158, // "ACTION_CTL_REQUEST_BODY_ACCESS" + S_ACTION_CTL_RULE_REMOVE_BY_ID = 159, // "ACTION_CTL_RULE_REMOVE_BY_ID" + S_ACTION_CTL_RULE_REMOVE_BY_TAG = 160, // "ACTION_CTL_RULE_REMOVE_BY_TAG" + S_ACTION_CTL_RULE_REMOVE_TARGET_BY_ID = 161, // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID" + S_ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG = 162, // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG" + S_ACTION_DENY = 163, // "Deny" + S_ACTION_DEPRECATE_VAR = 164, // "DeprecateVar" + S_ACTION_DROP = 165, // "Drop" + S_ACTION_EXEC = 166, // "Exec" + S_ACTION_EXPIRE_VAR = 167, // "ExpireVar" + S_ACTION_ID = 168, // "Id" + S_ACTION_INITCOL = 169, // "InitCol" + S_ACTION_LOG = 170, // "Log" + S_ACTION_LOG_DATA = 171, // "LogData" + S_ACTION_MATURITY = 172, // "Maturity" + S_ACTION_MSG = 173, // "Msg" + S_ACTION_MULTI_MATCH = 174, // "MultiMatch" + S_ACTION_NO_AUDIT_LOG = 175, // "NoAuditLog" + S_ACTION_NO_LOG = 176, // "NoLog" + S_ACTION_PASS = 177, // "Pass" + S_ACTION_PAUSE = 178, // "Pause" + S_ACTION_PHASE = 179, // "Phase" + S_ACTION_PREPEND = 180, // "Prepend" + S_ACTION_PROXY = 181, // "Proxy" + S_ACTION_REDIRECT = 182, // "Redirect" + S_ACTION_REV = 183, // "Rev" + S_ACTION_SANITISE_ARG = 184, // "SanitiseArg" + S_ACTION_SANITISE_MATCHED = 185, // "SanitiseMatched" + S_ACTION_SANITISE_MATCHED_BYTES = 186, // "SanitiseMatchedBytes" + S_ACTION_SANITISE_REQUEST_HEADER = 187, // "SanitiseRequestHeader" + S_ACTION_SANITISE_RESPONSE_HEADER = 188, // "SanitiseResponseHeader" + S_ACTION_SETENV = 189, // "SetEnv" + S_ACTION_SETRSC = 190, // "SetRsc" + S_ACTION_SETSID = 191, // "SetSid" + S_ACTION_SETUID = 192, // "SetUID" + S_ACTION_SEVERITY = 193, // "Severity" + S_ACTION_SKIP = 194, // "Skip" + S_ACTION_SKIP_AFTER = 195, // "SkipAfter" + S_ACTION_STATUS = 196, // "Status" + S_ACTION_TAG = 197, // "Tag" + S_ACTION_TRANSFORMATION_BASE_64_ENCODE = 198, // "ACTION_TRANSFORMATION_BASE_64_ENCODE" + S_ACTION_TRANSFORMATION_BASE_64_DECODE = 199, // "ACTION_TRANSFORMATION_BASE_64_DECODE" + S_ACTION_TRANSFORMATION_BASE_64_DECODE_EXT = 200, // "ACTION_TRANSFORMATION_BASE_64_DECODE_EXT" + S_ACTION_TRANSFORMATION_CMD_LINE = 201, // "ACTION_TRANSFORMATION_CMD_LINE" + S_ACTION_TRANSFORMATION_COMPRESS_WHITESPACE = 202, // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE" + S_ACTION_TRANSFORMATION_CSS_DECODE = 203, // "ACTION_TRANSFORMATION_CSS_DECODE" + S_ACTION_TRANSFORMATION_ESCAPE_SEQ_DECODE = 204, // "ACTION_TRANSFORMATION_ESCAPE_SEQ_DECODE" + S_ACTION_TRANSFORMATION_HEX_ENCODE = 205, // "ACTION_TRANSFORMATION_HEX_ENCODE" + S_ACTION_TRANSFORMATION_HEX_DECODE = 206, // "ACTION_TRANSFORMATION_HEX_DECODE" + S_ACTION_TRANSFORMATION_HTML_ENTITY_DECODE = 207, // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE" + S_ACTION_TRANSFORMATION_JS_DECODE = 208, // "ACTION_TRANSFORMATION_JS_DECODE" + S_ACTION_TRANSFORMATION_LENGTH = 209, // "ACTION_TRANSFORMATION_LENGTH" + S_ACTION_TRANSFORMATION_LOWERCASE = 210, // "ACTION_TRANSFORMATION_LOWERCASE" + S_ACTION_TRANSFORMATION_MD5 = 211, // "ACTION_TRANSFORMATION_MD5" + S_ACTION_TRANSFORMATION_NONE = 212, // "ACTION_TRANSFORMATION_NONE" + S_ACTION_TRANSFORMATION_NORMALISE_PATH = 213, // "ACTION_TRANSFORMATION_NORMALISE_PATH" + S_ACTION_TRANSFORMATION_NORMALISE_PATH_WIN = 214, // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN" + S_ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT = 215, // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT" + S_ACTION_TRANSFORMATION_PARITY_ODD_7_BIT = 216, // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT" + S_ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT = 217, // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT" + S_ACTION_TRANSFORMATION_REMOVE_COMMENTS = 218, // "ACTION_TRANSFORMATION_REMOVE_COMMENTS" + S_ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR = 219, // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR" + S_ACTION_TRANSFORMATION_REMOVE_NULLS = 220, // "ACTION_TRANSFORMATION_REMOVE_NULLS" + S_ACTION_TRANSFORMATION_REMOVE_WHITESPACE = 221, // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE" + S_ACTION_TRANSFORMATION_REPLACE_COMMENTS = 222, // "ACTION_TRANSFORMATION_REPLACE_COMMENTS" + S_ACTION_TRANSFORMATION_REPLACE_NULLS = 223, // "ACTION_TRANSFORMATION_REPLACE_NULLS" + S_ACTION_TRANSFORMATION_SHA1 = 224, // "ACTION_TRANSFORMATION_SHA1" + S_ACTION_TRANSFORMATION_SQL_HEX_DECODE = 225, // "ACTION_TRANSFORMATION_SQL_HEX_DECODE" + S_ACTION_TRANSFORMATION_TRIM = 226, // "ACTION_TRANSFORMATION_TRIM" + S_ACTION_TRANSFORMATION_TRIM_LEFT = 227, // "ACTION_TRANSFORMATION_TRIM_LEFT" + S_ACTION_TRANSFORMATION_TRIM_RIGHT = 228, // "ACTION_TRANSFORMATION_TRIM_RIGHT" + S_ACTION_TRANSFORMATION_UPPERCASE = 229, // "ACTION_TRANSFORMATION_UPPERCASE" + S_ACTION_TRANSFORMATION_URL_ENCODE = 230, // "ACTION_TRANSFORMATION_URL_ENCODE" + S_ACTION_TRANSFORMATION_URL_DECODE = 231, // "ACTION_TRANSFORMATION_URL_DECODE" + S_ACTION_TRANSFORMATION_URL_DECODE_UNI = 232, // "ACTION_TRANSFORMATION_URL_DECODE_UNI" + S_ACTION_TRANSFORMATION_UTF8_TO_UNICODE = 233, // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE" + S_ACTION_VER = 234, // "Ver" + S_ACTION_XMLNS = 235, // "xmlns" + S_CONFIG_COMPONENT_SIG = 236, // "CONFIG_COMPONENT_SIG" + S_CONFIG_CONN_ENGINE = 237, // "CONFIG_CONN_ENGINE" + S_CONFIG_SEC_ARGUMENT_SEPARATOR = 238, // "CONFIG_SEC_ARGUMENT_SEPARATOR" + S_CONFIG_SEC_WEB_APP_ID = 239, // "CONFIG_SEC_WEB_APP_ID" + S_CONFIG_SEC_SERVER_SIG = 240, // "CONFIG_SEC_SERVER_SIG" + S_CONFIG_DIR_AUDIT_DIR = 241, // "CONFIG_DIR_AUDIT_DIR" + S_CONFIG_DIR_AUDIT_DIR_MOD = 242, // "CONFIG_DIR_AUDIT_DIR_MOD" + S_CONFIG_DIR_AUDIT_ENG = 243, // "CONFIG_DIR_AUDIT_ENG" + S_CONFIG_DIR_AUDIT_FLE_MOD = 244, // "CONFIG_DIR_AUDIT_FLE_MOD" + S_CONFIG_DIR_AUDIT_LOG = 245, // "CONFIG_DIR_AUDIT_LOG" + S_CONFIG_DIR_AUDIT_LOG2 = 246, // "CONFIG_DIR_AUDIT_LOG2" + S_CONFIG_DIR_AUDIT_LOG_P = 247, // "CONFIG_DIR_AUDIT_LOG_P" + S_CONFIG_DIR_AUDIT_STS = 248, // "CONFIG_DIR_AUDIT_STS" + S_CONFIG_DIR_AUDIT_TPE = 249, // "CONFIG_DIR_AUDIT_TPE" + S_CONFIG_DIR_DEBUG_LOG = 250, // "CONFIG_DIR_DEBUG_LOG" + S_CONFIG_DIR_DEBUG_LVL = 251, // "CONFIG_DIR_DEBUG_LVL" + S_CONFIG_SEC_CACHE_TRANSFORMATIONS = 252, // "CONFIG_SEC_CACHE_TRANSFORMATIONS" + S_CONFIG_SEC_DISABLE_BACKEND_COMPRESS = 253, // "CONFIG_SEC_DISABLE_BACKEND_COMPRESS" + S_CONFIG_SEC_HASH_ENGINE = 254, // "CONFIG_SEC_HASH_ENGINE" + S_CONFIG_SEC_HASH_KEY = 255, // "CONFIG_SEC_HASH_KEY" + S_CONFIG_SEC_HASH_PARAM = 256, // "CONFIG_SEC_HASH_PARAM" + S_CONFIG_SEC_HASH_METHOD_RX = 257, // "CONFIG_SEC_HASH_METHOD_RX" + S_CONFIG_SEC_HASH_METHOD_PM = 258, // "CONFIG_SEC_HASH_METHOD_PM" + S_CONFIG_SEC_CHROOT_DIR = 259, // "CONFIG_SEC_CHROOT_DIR" + S_CONFIG_DIR_GEO_DB = 260, // "CONFIG_DIR_GEO_DB" + S_CONFIG_DIR_GSB_DB = 261, // "CONFIG_DIR_GSB_DB" + S_CONFIG_SEC_GUARDIAN_LOG = 262, // "CONFIG_SEC_GUARDIAN_LOG" + S_CONFIG_DIR_PCRE_MATCH_LIMIT = 263, // "CONFIG_DIR_PCRE_MATCH_LIMIT" + S_CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION = 264, // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION" + S_CONFIG_SEC_CONN_R_STATE_LIMIT = 265, // "CONFIG_SEC_CONN_R_STATE_LIMIT" + S_CONFIG_SEC_CONN_W_STATE_LIMIT = 266, // "CONFIG_SEC_CONN_W_STATE_LIMIT" + S_CONFIG_SEC_SENSOR_ID = 267, // "CONFIG_SEC_SENSOR_ID" + S_CONFIG_DIR_ARGS_LIMIT = 268, // "CONFIG_DIR_ARGS_LIMIT" + S_CONFIG_DIR_REQ_BODY = 269, // "CONFIG_DIR_REQ_BODY" + S_CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT = 270, // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT" + S_CONFIG_DIR_REQ_BODY_LIMIT = 271, // "CONFIG_DIR_REQ_BODY_LIMIT" + S_CONFIG_DIR_REQ_BODY_LIMIT_ACTION = 272, // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION" + S_CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT = 273, // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT" + S_CONFIG_DIR_RES_BODY = 274, // "CONFIG_DIR_RES_BODY" + S_CONFIG_DIR_RES_BODY_LIMIT = 275, // "CONFIG_DIR_RES_BODY_LIMIT" + S_CONFIG_DIR_RES_BODY_LIMIT_ACTION = 276, // "CONFIG_DIR_RES_BODY_LIMIT_ACTION" + S_CONFIG_SEC_RULE_INHERITANCE = 277, // "CONFIG_SEC_RULE_INHERITANCE" + S_CONFIG_SEC_RULE_PERF_TIME = 278, // "CONFIG_SEC_RULE_PERF_TIME" + S_CONFIG_DIR_RULE_ENG = 279, // "CONFIG_DIR_RULE_ENG" + S_CONFIG_DIR_SEC_ACTION = 280, // "CONFIG_DIR_SEC_ACTION" + S_CONFIG_DIR_SEC_DEFAULT_ACTION = 281, // "CONFIG_DIR_SEC_DEFAULT_ACTION" + S_CONFIG_DIR_SEC_MARKER = 282, // "CONFIG_DIR_SEC_MARKER" + S_CONFIG_DIR_UNICODE_MAP_FILE = 283, // "CONFIG_DIR_UNICODE_MAP_FILE" + S_CONFIG_DIR_UNICODE_CODE_PAGE = 284, // "CONFIG_DIR_UNICODE_CODE_PAGE" + S_CONFIG_SEC_COLLECTION_TIMEOUT = 285, // "CONFIG_SEC_COLLECTION_TIMEOUT" + S_CONFIG_SEC_HTTP_BLKEY = 286, // "CONFIG_SEC_HTTP_BLKEY" + S_CONFIG_SEC_INTERCEPT_ON_ERROR = 287, // "CONFIG_SEC_INTERCEPT_ON_ERROR" + S_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION = 288, // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION" + S_CONFIG_SEC_RULE_REMOVE_BY_ID = 289, // "CONFIG_SEC_RULE_REMOVE_BY_ID" + S_CONFIG_SEC_RULE_REMOVE_BY_MSG = 290, // "CONFIG_SEC_RULE_REMOVE_BY_MSG" + S_CONFIG_SEC_RULE_REMOVE_BY_TAG = 291, // "CONFIG_SEC_RULE_REMOVE_BY_TAG" + S_CONFIG_SEC_RULE_UPDATE_TARGET_BY_TAG = 292, // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_TAG" + S_CONFIG_SEC_RULE_UPDATE_TARGET_BY_MSG = 293, // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_MSG" + S_CONFIG_SEC_RULE_UPDATE_TARGET_BY_ID = 294, // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_ID" + S_CONFIG_SEC_RULE_UPDATE_ACTION_BY_ID = 295, // "CONFIG_SEC_RULE_UPDATE_ACTION_BY_ID" + S_CONFIG_UPDLOAD_KEEP_FILES = 296, // "CONFIG_UPDLOAD_KEEP_FILES" + S_CONFIG_UPDLOAD_SAVE_TMP_FILES = 297, // "CONFIG_UPDLOAD_SAVE_TMP_FILES" + S_CONFIG_UPLOAD_DIR = 298, // "CONFIG_UPLOAD_DIR" + S_CONFIG_UPLOAD_FILE_LIMIT = 299, // "CONFIG_UPLOAD_FILE_LIMIT" + S_CONFIG_UPLOAD_FILE_MODE = 300, // "CONFIG_UPLOAD_FILE_MODE" + S_CONFIG_VALUE_ABORT = 301, // "CONFIG_VALUE_ABORT" + S_CONFIG_VALUE_DETC = 302, // "CONFIG_VALUE_DETC" + S_CONFIG_VALUE_HTTPS = 303, // "CONFIG_VALUE_HTTPS" + S_CONFIG_VALUE_OFF = 304, // "CONFIG_VALUE_OFF" + S_CONFIG_VALUE_ON = 305, // "CONFIG_VALUE_ON" + S_CONFIG_VALUE_PARALLEL = 306, // "CONFIG_VALUE_PARALLEL" + S_CONFIG_VALUE_PROCESS_PARTIAL = 307, // "CONFIG_VALUE_PROCESS_PARTIAL" + S_CONFIG_VALUE_REJECT = 308, // "CONFIG_VALUE_REJECT" + S_CONFIG_VALUE_RELEVANT_ONLY = 309, // "CONFIG_VALUE_RELEVANT_ONLY" + S_CONFIG_VALUE_SERIAL = 310, // "CONFIG_VALUE_SERIAL" + S_CONFIG_VALUE_WARN = 311, // "CONFIG_VALUE_WARN" + S_CONFIG_XML_EXTERNAL_ENTITY = 312, // "CONFIG_XML_EXTERNAL_ENTITY" + S_CONGIG_DIR_RESPONSE_BODY_MP = 313, // "CONGIG_DIR_RESPONSE_BODY_MP" + S_CONGIG_DIR_SEC_ARG_SEP = 314, // "CONGIG_DIR_SEC_ARG_SEP" + S_CONGIG_DIR_SEC_COOKIE_FORMAT = 315, // "CONGIG_DIR_SEC_COOKIE_FORMAT" + S_CONFIG_SEC_COOKIEV0_SEPARATOR = 316, // "CONFIG_SEC_COOKIEV0_SEPARATOR" + S_CONGIG_DIR_SEC_DATA_DIR = 317, // "CONGIG_DIR_SEC_DATA_DIR" + S_CONGIG_DIR_SEC_STATUS_ENGINE = 318, // "CONGIG_DIR_SEC_STATUS_ENGINE" + S_CONFIG_SEC_STREAM_IN_BODY_INSPECTION = 319, // "CONFIG_SEC_STREAM_IN_BODY_INSPECTION" + S_CONFIG_SEC_STREAM_OUT_BODY_INSPECTION = 320, // "CONFIG_SEC_STREAM_OUT_BODY_INSPECTION" + S_CONGIG_DIR_SEC_TMP_DIR = 321, // "CONGIG_DIR_SEC_TMP_DIR" + S_DIRECTIVE = 322, // "DIRECTIVE" + S_DIRECTIVE_SECRULESCRIPT = 323, // "DIRECTIVE_SECRULESCRIPT" + S_FREE_TEXT_QUOTE_MACRO_EXPANSION = 324, // "FREE_TEXT_QUOTE_MACRO_EXPANSION" + S_QUOTATION_MARK = 325, // "QUOTATION_MARK" + S_RUN_TIME_VAR_BLD = 326, // "RUN_TIME_VAR_BLD" + S_RUN_TIME_VAR_DUR = 327, // "RUN_TIME_VAR_DUR" + S_RUN_TIME_VAR_HSV = 328, // "RUN_TIME_VAR_HSV" + S_RUN_TIME_VAR_REMOTE_USER = 329, // "RUN_TIME_VAR_REMOTE_USER" + S_RUN_TIME_VAR_TIME = 330, // "RUN_TIME_VAR_TIME" + S_RUN_TIME_VAR_TIME_DAY = 331, // "RUN_TIME_VAR_TIME_DAY" + S_RUN_TIME_VAR_TIME_EPOCH = 332, // "RUN_TIME_VAR_TIME_EPOCH" + S_RUN_TIME_VAR_TIME_HOUR = 333, // "RUN_TIME_VAR_TIME_HOUR" + S_RUN_TIME_VAR_TIME_MIN = 334, // "RUN_TIME_VAR_TIME_MIN" + S_RUN_TIME_VAR_TIME_MON = 335, // "RUN_TIME_VAR_TIME_MON" + S_RUN_TIME_VAR_TIME_SEC = 336, // "RUN_TIME_VAR_TIME_SEC" + S_RUN_TIME_VAR_TIME_WDAY = 337, // "RUN_TIME_VAR_TIME_WDAY" + S_RUN_TIME_VAR_TIME_YEAR = 338, // "RUN_TIME_VAR_TIME_YEAR" + S_VARIABLE = 339, // "VARIABLE" + S_DICT_ELEMENT = 340, // "Dictionary element" + S_DICT_ELEMENT_REGEXP = 341, // "Dictionary element, selected by regexp" + S_YYACCEPT = 342, // $accept + S_input = 343, // input + S_line = 344, // line + S_audit_log = 345, // audit_log + S_actions = 346, // actions + S_actions_may_quoted = 347, // actions_may_quoted + S_op = 348, // op + S_op_before_init = 349, // op_before_init + S_expression = 350, // expression + S_variables = 351, // variables + S_variables_pre_process = 352, // variables_pre_process + S_variables_may_be_quoted = 353, // variables_may_be_quoted + S_var = 354, // var + S_act = 355, // act + S_setvar_action = 356, // setvar_action + S_run_time_string = 357 // run_time_string }; }; - /// (External) token type, as returned by yylex. - typedef token::yytokentype token_type; + /// (Internal) symbol kind. + typedef symbol_kind::symbol_kind_type symbol_kind_type; - /// Symbol type: an internal symbol number. - typedef int symbol_number_type; - - /// The symbol type number to denote an empty symbol. - enum { empty_symbol = -2 }; - - /// Internal symbol number for tokens (subsumed by symbol_number_type). - typedef short token_number_type; + /// The number of tokens. + static const symbol_kind_type YYNTOKENS = symbol_kind::YYNTOKENS; /// A complete symbol. /// - /// Expects its Base type to provide access to the symbol type - /// via type_get (). + /// Expects its Base type to provide access to the symbol kind + /// via kind (). /// /// Provide access to semantic value and location. template @@ -1331,7 +1715,247 @@ namespace yy { #if 201103L <= YY_CPLUSPLUS /// Move constructor. - basic_symbol (basic_symbol&& that); + basic_symbol (basic_symbol&& that) + : Base (std::move (that)) + , value () + , location (std::move (that.location)) + { + switch (this->kind ()) + { + case 145: // "Accuracy" + case 146: // "Allow" + case 147: // "Append" + case 148: // "AuditLog" + case 149: // "Block" + case 150: // "Capture" + case 151: // "Chain" + case 152: // "ACTION_CTL_AUDIT_ENGINE" + case 153: // "ACTION_CTL_AUDIT_LOG_PARTS" + case 154: // "ACTION_CTL_BDY_JSON" + case 155: // "ACTION_CTL_BDY_XML" + case 156: // "ACTION_CTL_BDY_URLENCODED" + case 157: // "ACTION_CTL_FORCE_REQ_BODY_VAR" + case 158: // "ACTION_CTL_REQUEST_BODY_ACCESS" + case 159: // "ACTION_CTL_RULE_REMOVE_BY_ID" + case 160: // "ACTION_CTL_RULE_REMOVE_BY_TAG" + case 161: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID" + case 162: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG" + case 163: // "Deny" + case 164: // "DeprecateVar" + case 165: // "Drop" + case 166: // "Exec" + case 167: // "ExpireVar" + case 168: // "Id" + case 169: // "InitCol" + case 170: // "Log" + case 171: // "LogData" + case 172: // "Maturity" + case 173: // "Msg" + case 174: // "MultiMatch" + case 175: // "NoAuditLog" + case 176: // "NoLog" + case 177: // "Pass" + case 178: // "Pause" + case 179: // "Phase" + case 180: // "Prepend" + case 181: // "Proxy" + case 182: // "Redirect" + case 183: // "Rev" + case 184: // "SanitiseArg" + case 185: // "SanitiseMatched" + case 186: // "SanitiseMatchedBytes" + case 187: // "SanitiseRequestHeader" + case 188: // "SanitiseResponseHeader" + case 189: // "SetEnv" + case 190: // "SetRsc" + case 191: // "SetSid" + case 192: // "SetUID" + case 193: // "Severity" + case 194: // "Skip" + case 195: // "SkipAfter" + case 196: // "Status" + case 197: // "Tag" + case 198: // "ACTION_TRANSFORMATION_BASE_64_ENCODE" + case 199: // "ACTION_TRANSFORMATION_BASE_64_DECODE" + case 200: // "ACTION_TRANSFORMATION_BASE_64_DECODE_EXT" + case 201: // "ACTION_TRANSFORMATION_CMD_LINE" + case 202: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE" + case 203: // "ACTION_TRANSFORMATION_CSS_DECODE" + case 204: // "ACTION_TRANSFORMATION_ESCAPE_SEQ_DECODE" + case 205: // "ACTION_TRANSFORMATION_HEX_ENCODE" + case 206: // "ACTION_TRANSFORMATION_HEX_DECODE" + case 207: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE" + case 208: // "ACTION_TRANSFORMATION_JS_DECODE" + case 209: // "ACTION_TRANSFORMATION_LENGTH" + case 210: // "ACTION_TRANSFORMATION_LOWERCASE" + case 211: // "ACTION_TRANSFORMATION_MD5" + case 212: // "ACTION_TRANSFORMATION_NONE" + case 213: // "ACTION_TRANSFORMATION_NORMALISE_PATH" + case 214: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN" + case 215: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT" + case 216: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT" + case 217: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT" + case 218: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS" + case 219: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR" + case 220: // "ACTION_TRANSFORMATION_REMOVE_NULLS" + case 221: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE" + case 222: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS" + case 223: // "ACTION_TRANSFORMATION_REPLACE_NULLS" + case 224: // "ACTION_TRANSFORMATION_SHA1" + case 225: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE" + case 226: // "ACTION_TRANSFORMATION_TRIM" + case 227: // "ACTION_TRANSFORMATION_TRIM_LEFT" + case 228: // "ACTION_TRANSFORMATION_TRIM_RIGHT" + case 229: // "ACTION_TRANSFORMATION_UPPERCASE" + case 230: // "ACTION_TRANSFORMATION_URL_ENCODE" + case 231: // "ACTION_TRANSFORMATION_URL_DECODE" + case 232: // "ACTION_TRANSFORMATION_URL_DECODE_UNI" + case 233: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE" + case 234: // "Ver" + case 235: // "xmlns" + case 236: // "CONFIG_COMPONENT_SIG" + case 237: // "CONFIG_CONN_ENGINE" + case 238: // "CONFIG_SEC_ARGUMENT_SEPARATOR" + case 239: // "CONFIG_SEC_WEB_APP_ID" + case 240: // "CONFIG_SEC_SERVER_SIG" + case 241: // "CONFIG_DIR_AUDIT_DIR" + case 242: // "CONFIG_DIR_AUDIT_DIR_MOD" + case 243: // "CONFIG_DIR_AUDIT_ENG" + case 244: // "CONFIG_DIR_AUDIT_FLE_MOD" + case 245: // "CONFIG_DIR_AUDIT_LOG" + case 246: // "CONFIG_DIR_AUDIT_LOG2" + case 247: // "CONFIG_DIR_AUDIT_LOG_P" + case 248: // "CONFIG_DIR_AUDIT_STS" + case 249: // "CONFIG_DIR_AUDIT_TPE" + case 250: // "CONFIG_DIR_DEBUG_LOG" + case 251: // "CONFIG_DIR_DEBUG_LVL" + case 252: // "CONFIG_SEC_CACHE_TRANSFORMATIONS" + case 253: // "CONFIG_SEC_DISABLE_BACKEND_COMPRESS" + case 254: // "CONFIG_SEC_HASH_ENGINE" + case 255: // "CONFIG_SEC_HASH_KEY" + case 256: // "CONFIG_SEC_HASH_PARAM" + case 257: // "CONFIG_SEC_HASH_METHOD_RX" + case 258: // "CONFIG_SEC_HASH_METHOD_PM" + case 259: // "CONFIG_SEC_CHROOT_DIR" + case 260: // "CONFIG_DIR_GEO_DB" + case 261: // "CONFIG_DIR_GSB_DB" + case 262: // "CONFIG_SEC_GUARDIAN_LOG" + case 263: // "CONFIG_DIR_PCRE_MATCH_LIMIT" + case 264: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION" + case 265: // "CONFIG_SEC_CONN_R_STATE_LIMIT" + case 266: // "CONFIG_SEC_CONN_W_STATE_LIMIT" + case 267: // "CONFIG_SEC_SENSOR_ID" + case 268: // "CONFIG_DIR_ARGS_LIMIT" + case 269: // "CONFIG_DIR_REQ_BODY" + case 270: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT" + case 271: // "CONFIG_DIR_REQ_BODY_LIMIT" + case 272: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION" + case 273: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT" + case 274: // "CONFIG_DIR_RES_BODY" + case 275: // "CONFIG_DIR_RES_BODY_LIMIT" + case 276: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION" + case 277: // "CONFIG_SEC_RULE_INHERITANCE" + case 278: // "CONFIG_SEC_RULE_PERF_TIME" + case 279: // "CONFIG_DIR_RULE_ENG" + case 280: // "CONFIG_DIR_SEC_ACTION" + case 281: // "CONFIG_DIR_SEC_DEFAULT_ACTION" + case 282: // "CONFIG_DIR_SEC_MARKER" + case 283: // "CONFIG_DIR_UNICODE_MAP_FILE" + case 284: // "CONFIG_DIR_UNICODE_CODE_PAGE" + case 285: // "CONFIG_SEC_COLLECTION_TIMEOUT" + case 286: // "CONFIG_SEC_HTTP_BLKEY" + case 287: // "CONFIG_SEC_INTERCEPT_ON_ERROR" + case 288: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION" + case 289: // "CONFIG_SEC_RULE_REMOVE_BY_ID" + case 290: // "CONFIG_SEC_RULE_REMOVE_BY_MSG" + case 291: // "CONFIG_SEC_RULE_REMOVE_BY_TAG" + case 292: // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_TAG" + case 293: // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_MSG" + case 294: // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_ID" + case 295: // "CONFIG_SEC_RULE_UPDATE_ACTION_BY_ID" + case 296: // "CONFIG_UPDLOAD_KEEP_FILES" + case 297: // "CONFIG_UPDLOAD_SAVE_TMP_FILES" + case 298: // "CONFIG_UPLOAD_DIR" + case 299: // "CONFIG_UPLOAD_FILE_LIMIT" + case 300: // "CONFIG_UPLOAD_FILE_MODE" + case 301: // "CONFIG_VALUE_ABORT" + case 302: // "CONFIG_VALUE_DETC" + case 303: // "CONFIG_VALUE_HTTPS" + case 304: // "CONFIG_VALUE_OFF" + case 305: // "CONFIG_VALUE_ON" + case 306: // "CONFIG_VALUE_PARALLEL" + case 307: // "CONFIG_VALUE_PROCESS_PARTIAL" + case 308: // "CONFIG_VALUE_REJECT" + case 309: // "CONFIG_VALUE_RELEVANT_ONLY" + case 310: // "CONFIG_VALUE_SERIAL" + case 311: // "CONFIG_VALUE_WARN" + case 312: // "CONFIG_XML_EXTERNAL_ENTITY" + case 313: // "CONGIG_DIR_RESPONSE_BODY_MP" + case 314: // "CONGIG_DIR_SEC_ARG_SEP" + case 315: // "CONGIG_DIR_SEC_COOKIE_FORMAT" + case 316: // "CONFIG_SEC_COOKIEV0_SEPARATOR" + case 317: // "CONGIG_DIR_SEC_DATA_DIR" + case 318: // "CONGIG_DIR_SEC_STATUS_ENGINE" + case 319: // "CONFIG_SEC_STREAM_IN_BODY_INSPECTION" + case 320: // "CONFIG_SEC_STREAM_OUT_BODY_INSPECTION" + case 321: // "CONGIG_DIR_SEC_TMP_DIR" + case 322: // "DIRECTIVE" + case 323: // "DIRECTIVE_SECRULESCRIPT" + case 324: // "FREE_TEXT_QUOTE_MACRO_EXPANSION" + case 325: // "QUOTATION_MARK" + case 326: // "RUN_TIME_VAR_BLD" + case 327: // "RUN_TIME_VAR_DUR" + case 328: // "RUN_TIME_VAR_HSV" + case 329: // "RUN_TIME_VAR_REMOTE_USER" + case 330: // "RUN_TIME_VAR_TIME" + case 331: // "RUN_TIME_VAR_TIME_DAY" + case 332: // "RUN_TIME_VAR_TIME_EPOCH" + case 333: // "RUN_TIME_VAR_TIME_HOUR" + case 334: // "RUN_TIME_VAR_TIME_MIN" + case 335: // "RUN_TIME_VAR_TIME_MON" + case 336: // "RUN_TIME_VAR_TIME_SEC" + case 337: // "RUN_TIME_VAR_TIME_WDAY" + case 338: // "RUN_TIME_VAR_TIME_YEAR" + case 339: // "VARIABLE" + case 340: // "Dictionary element" + case 341: // "Dictionary element, selected by regexp" + value.move< std::string > (std::move (that.value)); + break; + + case 348: // op + case 349: // op_before_init + value.move< std::unique_ptr > (std::move (that.value)); + break; + + case 357: // run_time_string + value.move< std::unique_ptr > (std::move (that.value)); + break; + + case 354: // var + value.move< std::unique_ptr > (std::move (that.value)); + break; + + case 355: // act + case 356: // setvar_action + value.move< std::unique_ptr > (std::move (that.value)); + break; + + case 351: // variables + case 352: // variables_pre_process + case 353: // variables_may_be_quoted + value.move< std::unique_ptr > > > (std::move (that.value)); + break; + + case 346: // actions + case 347: // actions_may_quoted + value.move< std::unique_ptr > > > (std::move (that.value)); + break; + + default: + break; + } + + } #endif /// Copy constructor. @@ -1451,17 +2075,17 @@ namespace yy { void clear () { // User destructor. - symbol_number_type yytype = this->type_get (); + symbol_kind_type yykind = this->kind (); basic_symbol& yysym = *this; (void) yysym; - switch (yytype) + switch (yykind) { default: break; } - // Type destructor. -switch (yytype) + // Value type destructor. +switch (yykind) { case 145: // "Accuracy" case 146: // "Allow" @@ -1699,6 +2323,15 @@ switch (yytype) Base::clear (); } + /// The user-facing name of this symbol. + std::string name () const YY_NOEXCEPT + { + return seclang_parser::symbol_name (this->kind ()); + } + + /// Backward compatibility (Bison 3.6). + symbol_kind_type type_get () const YY_NOEXCEPT; + /// Whether empty. bool empty () const YY_NOEXCEPT; @@ -1719,46 +2352,51 @@ switch (yytype) }; /// Type access provider for token (enum) based symbols. - struct by_type + struct by_kind { /// Default constructor. - by_type (); + by_kind (); #if 201103L <= YY_CPLUSPLUS /// Move constructor. - by_type (by_type&& that); + by_kind (by_kind&& that); #endif /// Copy constructor. - by_type (const by_type& that); + by_kind (const by_kind& that); - /// The symbol type as needed by the constructor. - typedef token_type kind_type; + /// The symbol kind as needed by the constructor. + typedef token_kind_type kind_type; /// Constructor from (external) token numbers. - by_type (kind_type t); + by_kind (kind_type t); /// Record that this symbol is empty. void clear (); - /// Steal the symbol type from \a that. - void move (by_type& that); + /// Steal the symbol kind from \a that. + void move (by_kind& that); /// The (internal) type number (corresponding to \a type). /// \a empty when empty. - symbol_number_type type_get () const YY_NOEXCEPT; + symbol_kind_type kind () const YY_NOEXCEPT; - /// The symbol type. - /// \a empty_symbol when empty. - /// An int, not token_number_type, to be able to store empty_symbol. - int type; + /// Backward compatibility (Bison 3.6). + symbol_kind_type type_get () const YY_NOEXCEPT; + + /// The symbol kind. + /// \a S_YYEMPTY when empty. + symbol_kind_type kind_; }; + /// Backward compatibility for a private implementation detail (Bison 3.6). + typedef by_kind by_type; + /// "External" symbols: returned by the scanner. - struct symbol_type : basic_symbol + struct symbol_type : basic_symbol { /// Superclass. - typedef basic_symbol super_type; + typedef basic_symbol super_type; /// Empty symbol. symbol_type () {} @@ -1768,13 +2406,13 @@ switch (yytype) symbol_type (int tok, location_type l) : super_type(token_type (tok), std::move (l)) { - YY_ASSERT (tok == token::TOK_END || tok == token::TOK_COMMA || tok == token::TOK_CONFIG_CONTENT_INJECTION || tok == token::TOK_CONGIG_DIR_RESPONSE_BODY_MP_CLEAR || tok == token::TOK_PIPE || tok == token::TOK_NEW_LINE || tok == token::TOK_VAR_COUNT || tok == token::TOK_VAR_EXCLUSION || tok == token::TOK_VARIABLE_ARGS || tok == token::TOK_VARIABLE_ARGS_POST || tok == token::TOK_VARIABLE_ARGS_GET || tok == token::TOK_VARIABLE_FILES_SIZES || tok == token::TOK_VARIABLE_FILES_NAMES || tok == token::TOK_VARIABLE_FILES_TMP_CONTENT || tok == token::TOK_VARIABLE_MULTIPART_FILENAME || tok == token::TOK_VARIABLE_MULTIPART_NAME || tok == token::TOK_VARIABLE_MATCHED_VARS_NAMES || tok == token::TOK_VARIABLE_MATCHED_VARS || tok == token::TOK_VARIABLE_FILES || tok == token::TOK_VARIABLE_REQUEST_COOKIES || tok == token::TOK_VARIABLE_REQUEST_HEADERS || tok == token::TOK_VARIABLE_RESPONSE_HEADERS || tok == token::TOK_VARIABLE_GEO || tok == token::TOK_VARIABLE_REQUEST_COOKIES_NAMES || tok == token::TOK_VARIABLE_ARGS_COMBINED_SIZE || tok == token::TOK_VARIABLE_ARGS_GET_NAMES || tok == token::TOK_VARIABLE_RULE || tok == token::TOK_VARIABLE_ARGS_NAMES || tok == token::TOK_VARIABLE_ARGS_POST_NAMES || tok == token::TOK_VARIABLE_AUTH_TYPE || tok == token::TOK_VARIABLE_FILES_COMBINED_SIZE || tok == token::TOK_VARIABLE_FILES_TMP_NAMES || tok == token::TOK_VARIABLE_FULL_REQUEST || tok == token::TOK_VARIABLE_FULL_REQUEST_LENGTH || tok == token::TOK_VARIABLE_INBOUND_DATA_ERROR || tok == token::TOK_VARIABLE_MATCHED_VAR || tok == token::TOK_VARIABLE_MATCHED_VAR_NAME || tok == token::TOK_VARIABLE_MULTIPART_BOUNDARY_QUOTED || tok == token::TOK_VARIABLE_MULTIPART_BOUNDARY_WHITESPACE || tok == token::TOK_VARIABLE_MULTIPART_CRLF_LF_LINES || tok == token::TOK_VARIABLE_MULTIPART_DATA_AFTER || tok == token::TOK_VARIABLE_MULTIPART_DATA_BEFORE || tok == token::TOK_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED || tok == token::TOK_VARIABLE_MULTIPART_HEADER_FOLDING || tok == token::TOK_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING || tok == token::TOK_VARIABLE_MULTIPART_INVALID_PART || tok == token::TOK_VARIABLE_MULTIPART_INVALID_QUOTING || tok == token::TOK_VARIABLE_MULTIPART_LF_LINE || tok == token::TOK_VARIABLE_MULTIPART_MISSING_SEMICOLON || tok == token::TOK_VARIABLE_MULTIPART_SEMICOLON_MISSING || tok == token::TOK_VARIABLE_MULTIPART_STRICT_ERROR || tok == token::TOK_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY || tok == token::TOK_VARIABLE_OUTBOUND_DATA_ERROR || tok == token::TOK_VARIABLE_PATH_INFO || tok == token::TOK_VARIABLE_QUERY_STRING || tok == token::TOK_VARIABLE_REMOTE_ADDR || tok == token::TOK_VARIABLE_REMOTE_HOST || tok == token::TOK_VARIABLE_REMOTE_PORT || tok == token::TOK_VARIABLE_REQBODY_ERROR_MSG || tok == token::TOK_VARIABLE_REQBODY_ERROR || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR_ERROR || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR || tok == token::TOK_VARIABLE_REQUEST_BASENAME || tok == token::TOK_VARIABLE_REQUEST_BODY_LENGTH || tok == token::TOK_VARIABLE_REQUEST_BODY || tok == token::TOK_VARIABLE_REQUEST_FILE_NAME || tok == token::TOK_VARIABLE_REQUEST_HEADERS_NAMES || tok == token::TOK_VARIABLE_REQUEST_LINE || tok == token::TOK_VARIABLE_REQUEST_METHOD || tok == token::TOK_VARIABLE_REQUEST_PROTOCOL || tok == token::TOK_VARIABLE_REQUEST_URI_RAW || tok == token::TOK_VARIABLE_REQUEST_URI || tok == token::TOK_VARIABLE_RESOURCE || tok == token::TOK_VARIABLE_RESPONSE_BODY || tok == token::TOK_VARIABLE_RESPONSE_CONTENT_LENGTH || tok == token::TOK_VARIABLE_RESPONSE_CONTENT_TYPE || tok == token::TOK_VARIABLE_RESPONSE_HEADERS_NAMES || tok == token::TOK_VARIABLE_RESPONSE_PROTOCOL || tok == token::TOK_VARIABLE_RESPONSE_STATUS || tok == token::TOK_VARIABLE_SERVER_ADDR || tok == token::TOK_VARIABLE_SERVER_NAME || tok == token::TOK_VARIABLE_SERVER_PORT || tok == token::TOK_VARIABLE_SESSION_ID || tok == token::TOK_VARIABLE_UNIQUE_ID || tok == token::TOK_VARIABLE_URL_ENCODED_ERROR || tok == token::TOK_VARIABLE_USER_ID || tok == token::TOK_VARIABLE_WEB_APP_ID || tok == token::TOK_VARIABLE_STATUS || tok == token::TOK_VARIABLE_STATUS_LINE || tok == token::TOK_VARIABLE_IP || tok == token::TOK_VARIABLE_GLOBAL || tok == token::TOK_VARIABLE_TX || tok == token::TOK_VARIABLE_SESSION || tok == token::TOK_VARIABLE_USER || tok == token::TOK_RUN_TIME_VAR_ENV || tok == token::TOK_RUN_TIME_VAR_XML || tok == token::TOK_ACTION_SETVAR || tok == token::TOK_SETVAR_OPERATION_EQUALS || tok == token::TOK_SETVAR_OPERATION_EQUALS_PLUS || tok == token::TOK_SETVAR_OPERATION_EQUALS_MINUS || tok == token::TOK_NOT || tok == token::TOK_OPERATOR_BEGINS_WITH || tok == token::TOK_OPERATOR_CONTAINS || tok == token::TOK_OPERATOR_CONTAINS_WORD || tok == token::TOK_OPERATOR_DETECT_SQLI || tok == token::TOK_OPERATOR_DETECT_XSS || tok == token::TOK_OPERATOR_ENDS_WITH || tok == token::TOK_OPERATOR_EQ || tok == token::TOK_OPERATOR_FUZZY_HASH || tok == token::TOK_OPERATOR_GEOLOOKUP || tok == token::TOK_OPERATOR_GE || tok == token::TOK_OPERATOR_GSB_LOOKUP || tok == token::TOK_OPERATOR_GT || tok == token::TOK_OPERATOR_INSPECT_FILE || tok == token::TOK_OPERATOR_IP_MATCH_FROM_FILE || tok == token::TOK_OPERATOR_IP_MATCH || tok == token::TOK_OPERATOR_LE || tok == token::TOK_OPERATOR_LT || tok == token::TOK_OPERATOR_PM_FROM_FILE || tok == token::TOK_OPERATOR_PM || tok == token::TOK_OPERATOR_RBL || tok == token::TOK_OPERATOR_RSUB || tok == token::TOK_OPERATOR_RX_CONTENT_ONLY || tok == token::TOK_OPERATOR_RX || tok == token::TOK_OPERATOR_STR_EQ || tok == token::TOK_OPERATOR_STR_MATCH || tok == token::TOK_OPERATOR_UNCONDITIONAL_MATCH || tok == token::TOK_OPERATOR_VALIDATE_BYTE_RANGE || tok == token::TOK_OPERATOR_VALIDATE_DTD || tok == token::TOK_OPERATOR_VALIDATE_HASH || tok == token::TOK_OPERATOR_VALIDATE_SCHEMA || tok == token::TOK_OPERATOR_VALIDATE_URL_ENCODING || tok == token::TOK_OPERATOR_VALIDATE_UTF8_ENCODING || tok == token::TOK_OPERATOR_VERIFY_CC || tok == token::TOK_OPERATOR_VERIFY_CPF || tok == token::TOK_OPERATOR_VERIFY_SSN || tok == token::TOK_OPERATOR_VERIFY_SVNR || tok == token::TOK_OPERATOR_WITHIN || tok == token::TOK_CONFIG_DIR_AUDIT_LOG_FMT || tok == token::TOK_JSON || tok == token::TOK_NATIVE || tok == token::TOK_ACTION_CTL_RULE_ENGINE); + YY_ASSERT (tok == token::TOK_END || tok == token::TOK_YYerror || tok == token::TOK_YYUNDEF || tok == token::TOK_COMMA || tok == token::TOK_CONFIG_CONTENT_INJECTION || tok == token::TOK_CONGIG_DIR_RESPONSE_BODY_MP_CLEAR || tok == token::TOK_PIPE || tok == token::TOK_NEW_LINE || tok == token::TOK_VAR_COUNT || tok == token::TOK_VAR_EXCLUSION || tok == token::TOK_VARIABLE_ARGS || tok == token::TOK_VARIABLE_ARGS_POST || tok == token::TOK_VARIABLE_ARGS_GET || tok == token::TOK_VARIABLE_FILES_SIZES || tok == token::TOK_VARIABLE_FILES_NAMES || tok == token::TOK_VARIABLE_FILES_TMP_CONTENT || tok == token::TOK_VARIABLE_MULTIPART_FILENAME || tok == token::TOK_VARIABLE_MULTIPART_NAME || tok == token::TOK_VARIABLE_MATCHED_VARS_NAMES || tok == token::TOK_VARIABLE_MATCHED_VARS || tok == token::TOK_VARIABLE_FILES || tok == token::TOK_VARIABLE_REQUEST_COOKIES || tok == token::TOK_VARIABLE_REQUEST_HEADERS || tok == token::TOK_VARIABLE_RESPONSE_HEADERS || tok == token::TOK_VARIABLE_GEO || tok == token::TOK_VARIABLE_REQUEST_COOKIES_NAMES || tok == token::TOK_VARIABLE_ARGS_COMBINED_SIZE || tok == token::TOK_VARIABLE_ARGS_GET_NAMES || tok == token::TOK_VARIABLE_RULE || tok == token::TOK_VARIABLE_ARGS_NAMES || tok == token::TOK_VARIABLE_ARGS_POST_NAMES || tok == token::TOK_VARIABLE_AUTH_TYPE || tok == token::TOK_VARIABLE_FILES_COMBINED_SIZE || tok == token::TOK_VARIABLE_FILES_TMP_NAMES || tok == token::TOK_VARIABLE_FULL_REQUEST || tok == token::TOK_VARIABLE_FULL_REQUEST_LENGTH || tok == token::TOK_VARIABLE_INBOUND_DATA_ERROR || tok == token::TOK_VARIABLE_MATCHED_VAR || tok == token::TOK_VARIABLE_MATCHED_VAR_NAME || tok == token::TOK_VARIABLE_MULTIPART_BOUNDARY_QUOTED || tok == token::TOK_VARIABLE_MULTIPART_BOUNDARY_WHITESPACE || tok == token::TOK_VARIABLE_MULTIPART_CRLF_LF_LINES || tok == token::TOK_VARIABLE_MULTIPART_DATA_AFTER || tok == token::TOK_VARIABLE_MULTIPART_DATA_BEFORE || tok == token::TOK_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED || tok == token::TOK_VARIABLE_MULTIPART_HEADER_FOLDING || tok == token::TOK_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING || tok == token::TOK_VARIABLE_MULTIPART_INVALID_PART || tok == token::TOK_VARIABLE_MULTIPART_INVALID_QUOTING || tok == token::TOK_VARIABLE_MULTIPART_LF_LINE || tok == token::TOK_VARIABLE_MULTIPART_MISSING_SEMICOLON || tok == token::TOK_VARIABLE_MULTIPART_SEMICOLON_MISSING || tok == token::TOK_VARIABLE_MULTIPART_STRICT_ERROR || tok == token::TOK_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY || tok == token::TOK_VARIABLE_OUTBOUND_DATA_ERROR || tok == token::TOK_VARIABLE_PATH_INFO || tok == token::TOK_VARIABLE_QUERY_STRING || tok == token::TOK_VARIABLE_REMOTE_ADDR || tok == token::TOK_VARIABLE_REMOTE_HOST || tok == token::TOK_VARIABLE_REMOTE_PORT || tok == token::TOK_VARIABLE_REQBODY_ERROR_MSG || tok == token::TOK_VARIABLE_REQBODY_ERROR || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR_ERROR || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR || tok == token::TOK_VARIABLE_REQUEST_BASENAME || tok == token::TOK_VARIABLE_REQUEST_BODY_LENGTH || tok == token::TOK_VARIABLE_REQUEST_BODY || tok == token::TOK_VARIABLE_REQUEST_FILE_NAME || tok == token::TOK_VARIABLE_REQUEST_HEADERS_NAMES || tok == token::TOK_VARIABLE_REQUEST_LINE || tok == token::TOK_VARIABLE_REQUEST_METHOD || tok == token::TOK_VARIABLE_REQUEST_PROTOCOL || tok == token::TOK_VARIABLE_REQUEST_URI_RAW || tok == token::TOK_VARIABLE_REQUEST_URI || tok == token::TOK_VARIABLE_RESOURCE || tok == token::TOK_VARIABLE_RESPONSE_BODY || tok == token::TOK_VARIABLE_RESPONSE_CONTENT_LENGTH || tok == token::TOK_VARIABLE_RESPONSE_CONTENT_TYPE || tok == token::TOK_VARIABLE_RESPONSE_HEADERS_NAMES || tok == token::TOK_VARIABLE_RESPONSE_PROTOCOL || tok == token::TOK_VARIABLE_RESPONSE_STATUS || tok == token::TOK_VARIABLE_SERVER_ADDR || tok == token::TOK_VARIABLE_SERVER_NAME || tok == token::TOK_VARIABLE_SERVER_PORT || tok == token::TOK_VARIABLE_SESSION_ID || tok == token::TOK_VARIABLE_UNIQUE_ID || tok == token::TOK_VARIABLE_URL_ENCODED_ERROR || tok == token::TOK_VARIABLE_USER_ID || tok == token::TOK_VARIABLE_WEB_APP_ID || tok == token::TOK_VARIABLE_STATUS || tok == token::TOK_VARIABLE_STATUS_LINE || tok == token::TOK_VARIABLE_IP || tok == token::TOK_VARIABLE_GLOBAL || tok == token::TOK_VARIABLE_TX || tok == token::TOK_VARIABLE_SESSION || tok == token::TOK_VARIABLE_USER || tok == token::TOK_RUN_TIME_VAR_ENV || tok == token::TOK_RUN_TIME_VAR_XML || tok == token::TOK_ACTION_SETVAR || tok == token::TOK_SETVAR_OPERATION_EQUALS || tok == token::TOK_SETVAR_OPERATION_EQUALS_PLUS || tok == token::TOK_SETVAR_OPERATION_EQUALS_MINUS || tok == token::TOK_NOT || tok == token::TOK_OPERATOR_BEGINS_WITH || tok == token::TOK_OPERATOR_CONTAINS || tok == token::TOK_OPERATOR_CONTAINS_WORD || tok == token::TOK_OPERATOR_DETECT_SQLI || tok == token::TOK_OPERATOR_DETECT_XSS || tok == token::TOK_OPERATOR_ENDS_WITH || tok == token::TOK_OPERATOR_EQ || tok == token::TOK_OPERATOR_FUZZY_HASH || tok == token::TOK_OPERATOR_GEOLOOKUP || tok == token::TOK_OPERATOR_GE || tok == token::TOK_OPERATOR_GSB_LOOKUP || tok == token::TOK_OPERATOR_GT || tok == token::TOK_OPERATOR_INSPECT_FILE || tok == token::TOK_OPERATOR_IP_MATCH_FROM_FILE || tok == token::TOK_OPERATOR_IP_MATCH || tok == token::TOK_OPERATOR_LE || tok == token::TOK_OPERATOR_LT || tok == token::TOK_OPERATOR_PM_FROM_FILE || tok == token::TOK_OPERATOR_PM || tok == token::TOK_OPERATOR_RBL || tok == token::TOK_OPERATOR_RSUB || tok == token::TOK_OPERATOR_RX_CONTENT_ONLY || tok == token::TOK_OPERATOR_RX || tok == token::TOK_OPERATOR_STR_EQ || tok == token::TOK_OPERATOR_STR_MATCH || tok == token::TOK_OPERATOR_UNCONDITIONAL_MATCH || tok == token::TOK_OPERATOR_VALIDATE_BYTE_RANGE || tok == token::TOK_OPERATOR_VALIDATE_DTD || tok == token::TOK_OPERATOR_VALIDATE_HASH || tok == token::TOK_OPERATOR_VALIDATE_SCHEMA || tok == token::TOK_OPERATOR_VALIDATE_URL_ENCODING || tok == token::TOK_OPERATOR_VALIDATE_UTF8_ENCODING || tok == token::TOK_OPERATOR_VERIFY_CC || tok == token::TOK_OPERATOR_VERIFY_CPF || tok == token::TOK_OPERATOR_VERIFY_SSN || tok == token::TOK_OPERATOR_VERIFY_SVNR || tok == token::TOK_OPERATOR_WITHIN || tok == token::TOK_CONFIG_DIR_AUDIT_LOG_FMT || tok == token::TOK_JSON || tok == token::TOK_NATIVE || tok == token::TOK_ACTION_CTL_RULE_ENGINE); } #else symbol_type (int tok, const location_type& l) : super_type(token_type (tok), l) { - YY_ASSERT (tok == token::TOK_END || tok == token::TOK_COMMA || tok == token::TOK_CONFIG_CONTENT_INJECTION || tok == token::TOK_CONGIG_DIR_RESPONSE_BODY_MP_CLEAR || tok == token::TOK_PIPE || tok == token::TOK_NEW_LINE || tok == token::TOK_VAR_COUNT || tok == token::TOK_VAR_EXCLUSION || tok == token::TOK_VARIABLE_ARGS || tok == token::TOK_VARIABLE_ARGS_POST || tok == token::TOK_VARIABLE_ARGS_GET || tok == token::TOK_VARIABLE_FILES_SIZES || tok == token::TOK_VARIABLE_FILES_NAMES || tok == token::TOK_VARIABLE_FILES_TMP_CONTENT || tok == token::TOK_VARIABLE_MULTIPART_FILENAME || tok == token::TOK_VARIABLE_MULTIPART_NAME || tok == token::TOK_VARIABLE_MATCHED_VARS_NAMES || tok == token::TOK_VARIABLE_MATCHED_VARS || tok == token::TOK_VARIABLE_FILES || tok == token::TOK_VARIABLE_REQUEST_COOKIES || tok == token::TOK_VARIABLE_REQUEST_HEADERS || tok == token::TOK_VARIABLE_RESPONSE_HEADERS || tok == token::TOK_VARIABLE_GEO || tok == token::TOK_VARIABLE_REQUEST_COOKIES_NAMES || tok == token::TOK_VARIABLE_ARGS_COMBINED_SIZE || tok == token::TOK_VARIABLE_ARGS_GET_NAMES || tok == token::TOK_VARIABLE_RULE || tok == token::TOK_VARIABLE_ARGS_NAMES || tok == token::TOK_VARIABLE_ARGS_POST_NAMES || tok == token::TOK_VARIABLE_AUTH_TYPE || tok == token::TOK_VARIABLE_FILES_COMBINED_SIZE || tok == token::TOK_VARIABLE_FILES_TMP_NAMES || tok == token::TOK_VARIABLE_FULL_REQUEST || tok == token::TOK_VARIABLE_FULL_REQUEST_LENGTH || tok == token::TOK_VARIABLE_INBOUND_DATA_ERROR || tok == token::TOK_VARIABLE_MATCHED_VAR || tok == token::TOK_VARIABLE_MATCHED_VAR_NAME || tok == token::TOK_VARIABLE_MULTIPART_BOUNDARY_QUOTED || tok == token::TOK_VARIABLE_MULTIPART_BOUNDARY_WHITESPACE || tok == token::TOK_VARIABLE_MULTIPART_CRLF_LF_LINES || tok == token::TOK_VARIABLE_MULTIPART_DATA_AFTER || tok == token::TOK_VARIABLE_MULTIPART_DATA_BEFORE || tok == token::TOK_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED || tok == token::TOK_VARIABLE_MULTIPART_HEADER_FOLDING || tok == token::TOK_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING || tok == token::TOK_VARIABLE_MULTIPART_INVALID_PART || tok == token::TOK_VARIABLE_MULTIPART_INVALID_QUOTING || tok == token::TOK_VARIABLE_MULTIPART_LF_LINE || tok == token::TOK_VARIABLE_MULTIPART_MISSING_SEMICOLON || tok == token::TOK_VARIABLE_MULTIPART_SEMICOLON_MISSING || tok == token::TOK_VARIABLE_MULTIPART_STRICT_ERROR || tok == token::TOK_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY || tok == token::TOK_VARIABLE_OUTBOUND_DATA_ERROR || tok == token::TOK_VARIABLE_PATH_INFO || tok == token::TOK_VARIABLE_QUERY_STRING || tok == token::TOK_VARIABLE_REMOTE_ADDR || tok == token::TOK_VARIABLE_REMOTE_HOST || tok == token::TOK_VARIABLE_REMOTE_PORT || tok == token::TOK_VARIABLE_REQBODY_ERROR_MSG || tok == token::TOK_VARIABLE_REQBODY_ERROR || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR_ERROR || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR || tok == token::TOK_VARIABLE_REQUEST_BASENAME || tok == token::TOK_VARIABLE_REQUEST_BODY_LENGTH || tok == token::TOK_VARIABLE_REQUEST_BODY || tok == token::TOK_VARIABLE_REQUEST_FILE_NAME || tok == token::TOK_VARIABLE_REQUEST_HEADERS_NAMES || tok == token::TOK_VARIABLE_REQUEST_LINE || tok == token::TOK_VARIABLE_REQUEST_METHOD || tok == token::TOK_VARIABLE_REQUEST_PROTOCOL || tok == token::TOK_VARIABLE_REQUEST_URI_RAW || tok == token::TOK_VARIABLE_REQUEST_URI || tok == token::TOK_VARIABLE_RESOURCE || tok == token::TOK_VARIABLE_RESPONSE_BODY || tok == token::TOK_VARIABLE_RESPONSE_CONTENT_LENGTH || tok == token::TOK_VARIABLE_RESPONSE_CONTENT_TYPE || tok == token::TOK_VARIABLE_RESPONSE_HEADERS_NAMES || tok == token::TOK_VARIABLE_RESPONSE_PROTOCOL || tok == token::TOK_VARIABLE_RESPONSE_STATUS || tok == token::TOK_VARIABLE_SERVER_ADDR || tok == token::TOK_VARIABLE_SERVER_NAME || tok == token::TOK_VARIABLE_SERVER_PORT || tok == token::TOK_VARIABLE_SESSION_ID || tok == token::TOK_VARIABLE_UNIQUE_ID || tok == token::TOK_VARIABLE_URL_ENCODED_ERROR || tok == token::TOK_VARIABLE_USER_ID || tok == token::TOK_VARIABLE_WEB_APP_ID || tok == token::TOK_VARIABLE_STATUS || tok == token::TOK_VARIABLE_STATUS_LINE || tok == token::TOK_VARIABLE_IP || tok == token::TOK_VARIABLE_GLOBAL || tok == token::TOK_VARIABLE_TX || tok == token::TOK_VARIABLE_SESSION || tok == token::TOK_VARIABLE_USER || tok == token::TOK_RUN_TIME_VAR_ENV || tok == token::TOK_RUN_TIME_VAR_XML || tok == token::TOK_ACTION_SETVAR || tok == token::TOK_SETVAR_OPERATION_EQUALS || tok == token::TOK_SETVAR_OPERATION_EQUALS_PLUS || tok == token::TOK_SETVAR_OPERATION_EQUALS_MINUS || tok == token::TOK_NOT || tok == token::TOK_OPERATOR_BEGINS_WITH || tok == token::TOK_OPERATOR_CONTAINS || tok == token::TOK_OPERATOR_CONTAINS_WORD || tok == token::TOK_OPERATOR_DETECT_SQLI || tok == token::TOK_OPERATOR_DETECT_XSS || tok == token::TOK_OPERATOR_ENDS_WITH || tok == token::TOK_OPERATOR_EQ || tok == token::TOK_OPERATOR_FUZZY_HASH || tok == token::TOK_OPERATOR_GEOLOOKUP || tok == token::TOK_OPERATOR_GE || tok == token::TOK_OPERATOR_GSB_LOOKUP || tok == token::TOK_OPERATOR_GT || tok == token::TOK_OPERATOR_INSPECT_FILE || tok == token::TOK_OPERATOR_IP_MATCH_FROM_FILE || tok == token::TOK_OPERATOR_IP_MATCH || tok == token::TOK_OPERATOR_LE || tok == token::TOK_OPERATOR_LT || tok == token::TOK_OPERATOR_PM_FROM_FILE || tok == token::TOK_OPERATOR_PM || tok == token::TOK_OPERATOR_RBL || tok == token::TOK_OPERATOR_RSUB || tok == token::TOK_OPERATOR_RX_CONTENT_ONLY || tok == token::TOK_OPERATOR_RX || tok == token::TOK_OPERATOR_STR_EQ || tok == token::TOK_OPERATOR_STR_MATCH || tok == token::TOK_OPERATOR_UNCONDITIONAL_MATCH || tok == token::TOK_OPERATOR_VALIDATE_BYTE_RANGE || tok == token::TOK_OPERATOR_VALIDATE_DTD || tok == token::TOK_OPERATOR_VALIDATE_HASH || tok == token::TOK_OPERATOR_VALIDATE_SCHEMA || tok == token::TOK_OPERATOR_VALIDATE_URL_ENCODING || tok == token::TOK_OPERATOR_VALIDATE_UTF8_ENCODING || tok == token::TOK_OPERATOR_VERIFY_CC || tok == token::TOK_OPERATOR_VERIFY_CPF || tok == token::TOK_OPERATOR_VERIFY_SSN || tok == token::TOK_OPERATOR_VERIFY_SVNR || tok == token::TOK_OPERATOR_WITHIN || tok == token::TOK_CONFIG_DIR_AUDIT_LOG_FMT || tok == token::TOK_JSON || tok == token::TOK_NATIVE || tok == token::TOK_ACTION_CTL_RULE_ENGINE); + YY_ASSERT (tok == token::TOK_END || tok == token::TOK_YYerror || tok == token::TOK_YYUNDEF || tok == token::TOK_COMMA || tok == token::TOK_CONFIG_CONTENT_INJECTION || tok == token::TOK_CONGIG_DIR_RESPONSE_BODY_MP_CLEAR || tok == token::TOK_PIPE || tok == token::TOK_NEW_LINE || tok == token::TOK_VAR_COUNT || tok == token::TOK_VAR_EXCLUSION || tok == token::TOK_VARIABLE_ARGS || tok == token::TOK_VARIABLE_ARGS_POST || tok == token::TOK_VARIABLE_ARGS_GET || tok == token::TOK_VARIABLE_FILES_SIZES || tok == token::TOK_VARIABLE_FILES_NAMES || tok == token::TOK_VARIABLE_FILES_TMP_CONTENT || tok == token::TOK_VARIABLE_MULTIPART_FILENAME || tok == token::TOK_VARIABLE_MULTIPART_NAME || tok == token::TOK_VARIABLE_MATCHED_VARS_NAMES || tok == token::TOK_VARIABLE_MATCHED_VARS || tok == token::TOK_VARIABLE_FILES || tok == token::TOK_VARIABLE_REQUEST_COOKIES || tok == token::TOK_VARIABLE_REQUEST_HEADERS || tok == token::TOK_VARIABLE_RESPONSE_HEADERS || tok == token::TOK_VARIABLE_GEO || tok == token::TOK_VARIABLE_REQUEST_COOKIES_NAMES || tok == token::TOK_VARIABLE_ARGS_COMBINED_SIZE || tok == token::TOK_VARIABLE_ARGS_GET_NAMES || tok == token::TOK_VARIABLE_RULE || tok == token::TOK_VARIABLE_ARGS_NAMES || tok == token::TOK_VARIABLE_ARGS_POST_NAMES || tok == token::TOK_VARIABLE_AUTH_TYPE || tok == token::TOK_VARIABLE_FILES_COMBINED_SIZE || tok == token::TOK_VARIABLE_FILES_TMP_NAMES || tok == token::TOK_VARIABLE_FULL_REQUEST || tok == token::TOK_VARIABLE_FULL_REQUEST_LENGTH || tok == token::TOK_VARIABLE_INBOUND_DATA_ERROR || tok == token::TOK_VARIABLE_MATCHED_VAR || tok == token::TOK_VARIABLE_MATCHED_VAR_NAME || tok == token::TOK_VARIABLE_MULTIPART_BOUNDARY_QUOTED || tok == token::TOK_VARIABLE_MULTIPART_BOUNDARY_WHITESPACE || tok == token::TOK_VARIABLE_MULTIPART_CRLF_LF_LINES || tok == token::TOK_VARIABLE_MULTIPART_DATA_AFTER || tok == token::TOK_VARIABLE_MULTIPART_DATA_BEFORE || tok == token::TOK_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED || tok == token::TOK_VARIABLE_MULTIPART_HEADER_FOLDING || tok == token::TOK_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING || tok == token::TOK_VARIABLE_MULTIPART_INVALID_PART || tok == token::TOK_VARIABLE_MULTIPART_INVALID_QUOTING || tok == token::TOK_VARIABLE_MULTIPART_LF_LINE || tok == token::TOK_VARIABLE_MULTIPART_MISSING_SEMICOLON || tok == token::TOK_VARIABLE_MULTIPART_SEMICOLON_MISSING || tok == token::TOK_VARIABLE_MULTIPART_STRICT_ERROR || tok == token::TOK_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY || tok == token::TOK_VARIABLE_OUTBOUND_DATA_ERROR || tok == token::TOK_VARIABLE_PATH_INFO || tok == token::TOK_VARIABLE_QUERY_STRING || tok == token::TOK_VARIABLE_REMOTE_ADDR || tok == token::TOK_VARIABLE_REMOTE_HOST || tok == token::TOK_VARIABLE_REMOTE_PORT || tok == token::TOK_VARIABLE_REQBODY_ERROR_MSG || tok == token::TOK_VARIABLE_REQBODY_ERROR || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR_ERROR || tok == token::TOK_VARIABLE_REQBODY_PROCESSOR || tok == token::TOK_VARIABLE_REQUEST_BASENAME || tok == token::TOK_VARIABLE_REQUEST_BODY_LENGTH || tok == token::TOK_VARIABLE_REQUEST_BODY || tok == token::TOK_VARIABLE_REQUEST_FILE_NAME || tok == token::TOK_VARIABLE_REQUEST_HEADERS_NAMES || tok == token::TOK_VARIABLE_REQUEST_LINE || tok == token::TOK_VARIABLE_REQUEST_METHOD || tok == token::TOK_VARIABLE_REQUEST_PROTOCOL || tok == token::TOK_VARIABLE_REQUEST_URI_RAW || tok == token::TOK_VARIABLE_REQUEST_URI || tok == token::TOK_VARIABLE_RESOURCE || tok == token::TOK_VARIABLE_RESPONSE_BODY || tok == token::TOK_VARIABLE_RESPONSE_CONTENT_LENGTH || tok == token::TOK_VARIABLE_RESPONSE_CONTENT_TYPE || tok == token::TOK_VARIABLE_RESPONSE_HEADERS_NAMES || tok == token::TOK_VARIABLE_RESPONSE_PROTOCOL || tok == token::TOK_VARIABLE_RESPONSE_STATUS || tok == token::TOK_VARIABLE_SERVER_ADDR || tok == token::TOK_VARIABLE_SERVER_NAME || tok == token::TOK_VARIABLE_SERVER_PORT || tok == token::TOK_VARIABLE_SESSION_ID || tok == token::TOK_VARIABLE_UNIQUE_ID || tok == token::TOK_VARIABLE_URL_ENCODED_ERROR || tok == token::TOK_VARIABLE_USER_ID || tok == token::TOK_VARIABLE_WEB_APP_ID || tok == token::TOK_VARIABLE_STATUS || tok == token::TOK_VARIABLE_STATUS_LINE || tok == token::TOK_VARIABLE_IP || tok == token::TOK_VARIABLE_GLOBAL || tok == token::TOK_VARIABLE_TX || tok == token::TOK_VARIABLE_SESSION || tok == token::TOK_VARIABLE_USER || tok == token::TOK_RUN_TIME_VAR_ENV || tok == token::TOK_RUN_TIME_VAR_XML || tok == token::TOK_ACTION_SETVAR || tok == token::TOK_SETVAR_OPERATION_EQUALS || tok == token::TOK_SETVAR_OPERATION_EQUALS_PLUS || tok == token::TOK_SETVAR_OPERATION_EQUALS_MINUS || tok == token::TOK_NOT || tok == token::TOK_OPERATOR_BEGINS_WITH || tok == token::TOK_OPERATOR_CONTAINS || tok == token::TOK_OPERATOR_CONTAINS_WORD || tok == token::TOK_OPERATOR_DETECT_SQLI || tok == token::TOK_OPERATOR_DETECT_XSS || tok == token::TOK_OPERATOR_ENDS_WITH || tok == token::TOK_OPERATOR_EQ || tok == token::TOK_OPERATOR_FUZZY_HASH || tok == token::TOK_OPERATOR_GEOLOOKUP || tok == token::TOK_OPERATOR_GE || tok == token::TOK_OPERATOR_GSB_LOOKUP || tok == token::TOK_OPERATOR_GT || tok == token::TOK_OPERATOR_INSPECT_FILE || tok == token::TOK_OPERATOR_IP_MATCH_FROM_FILE || tok == token::TOK_OPERATOR_IP_MATCH || tok == token::TOK_OPERATOR_LE || tok == token::TOK_OPERATOR_LT || tok == token::TOK_OPERATOR_PM_FROM_FILE || tok == token::TOK_OPERATOR_PM || tok == token::TOK_OPERATOR_RBL || tok == token::TOK_OPERATOR_RSUB || tok == token::TOK_OPERATOR_RX_CONTENT_ONLY || tok == token::TOK_OPERATOR_RX || tok == token::TOK_OPERATOR_STR_EQ || tok == token::TOK_OPERATOR_STR_MATCH || tok == token::TOK_OPERATOR_UNCONDITIONAL_MATCH || tok == token::TOK_OPERATOR_VALIDATE_BYTE_RANGE || tok == token::TOK_OPERATOR_VALIDATE_DTD || tok == token::TOK_OPERATOR_VALIDATE_HASH || tok == token::TOK_OPERATOR_VALIDATE_SCHEMA || tok == token::TOK_OPERATOR_VALIDATE_URL_ENCODING || tok == token::TOK_OPERATOR_VALIDATE_UTF8_ENCODING || tok == token::TOK_OPERATOR_VERIFY_CC || tok == token::TOK_OPERATOR_VERIFY_CPF || tok == token::TOK_OPERATOR_VERIFY_SSN || tok == token::TOK_OPERATOR_VERIFY_SVNR || tok == token::TOK_OPERATOR_WITHIN || tok == token::TOK_CONFIG_DIR_AUDIT_LOG_FMT || tok == token::TOK_JSON || tok == token::TOK_NATIVE || tok == token::TOK_ACTION_CTL_RULE_ENGINE); } #endif #if 201103L <= YY_CPLUSPLUS @@ -1796,6 +2434,13 @@ switch (yytype) seclang_parser (modsecurity::Parser::Driver& driver_yyarg); virtual ~seclang_parser (); +#if 201103L <= YY_CPLUSPLUS + /// Non copyable. + seclang_parser (const seclang_parser&) = delete; + /// Non copyable. + seclang_parser& operator= (const seclang_parser&) = delete; +#endif + /// Parse. An alias for parse (). /// \returns 0 iff parsing succeeded. int operator() (); @@ -1826,6 +2471,10 @@ switch (yytype) /// Report a syntax error. void error (const syntax_error& err); + /// The user-facing name of the symbol whose (internal) number is + /// YYSYMBOL. No bounds checking. + static std::string symbol_name (symbol_kind_type yysymbol); + // Implementation of make_symbol for each symbol type. #if 201103L <= YY_CPLUSPLUS static @@ -1842,6 +2491,36 @@ switch (yytype) return symbol_type (token::TOK_END, l); } #endif +#if 201103L <= YY_CPLUSPLUS + static + symbol_type + make_YYerror (location_type l) + { + return symbol_type (token::TOK_YYerror, std::move (l)); + } +#else + static + symbol_type + make_YYerror (const location_type& l) + { + return symbol_type (token::TOK_YYerror, l); + } +#endif +#if 201103L <= YY_CPLUSPLUS + static + symbol_type + make_YYUNDEF (location_type l) + { + return symbol_type (token::TOK_YYUNDEF, std::move (l)); + } +#else + static + symbol_type + make_YYUNDEF (const location_type& l) + { + return symbol_type (token::TOK_YYUNDEF, l); + } +#endif #if 201103L <= YY_CPLUSPLUS static symbol_type @@ -6929,20 +7608,43 @@ switch (yytype) #endif + class context + { + public: + context (const seclang_parser& yyparser, const symbol_type& yyla); + const symbol_type& lookahead () const { return yyla_; } + symbol_kind_type token () const { return yyla_.kind (); } + const location_type& location () const { return yyla_.location; } + + /// Put in YYARG at most YYARGN of the expected tokens, and return the + /// number of tokens stored in YYARG. If YYARG is null, return the + /// number of expected tokens (guaranteed to be less than YYNTOKENS). + int expected_tokens (symbol_kind_type yyarg[], int yyargn) const; + + private: + const seclang_parser& yyparser_; + const symbol_type& yyla_; + }; + private: - /// This class is not copyable. +#if YY_CPLUSPLUS < 201103L + /// Non copyable. seclang_parser (const seclang_parser&); + /// Non copyable. seclang_parser& operator= (const seclang_parser&); +#endif + /// Stored state numbers (used for stacks). typedef short state_type; - /// Generate an error message. - /// \param yystate the state where the error occurred. - /// \param yyla the lookahead token. - virtual std::string yysyntax_error_ (state_type yystate, - const symbol_type& yyla) const; + /// The arguments of the error message. + int yy_syntax_error_arguments_ (const context& yyctx, + symbol_kind_type yyarg[], int yyargn) const; + /// Generate an error message. + /// \param yyctx the context in which the error occurred. + virtual std::string yysyntax_error_ (const context& yyctx) const; /// Compute post-reduction state. /// \param yystate the current state /// \param yysym the nonterminal to push on the stack @@ -6959,65 +7661,66 @@ switch (yytype) static const short yypact_ninf_; static const signed char yytable_ninf_; - /// Convert a scanner token number \a t to a symbol number. - /// In theory \a t should be a token_type, but character literals + /// Convert a scanner token kind \a t to a symbol kind. + /// In theory \a t should be a token_kind_type, but character literals /// are valid, yet not members of the token_type enum. - static token_number_type yytranslate_ (int t); + static symbol_kind_type yytranslate_ (int t); + + /// Convert the symbol name \a n to a form suitable for a diagnostic. + static std::string yytnamerr_ (const char *yystr); + + /// For a symbol, its name in clear. + static const char* const yytname_[]; + // Tables. - // YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing + // YYPACTSTATE-NUM -- Index in YYTABLE of the portion describing // STATE-NUM. static const short yypact_[]; - // YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM. + // YYDEFACTSTATE-NUM -- Default reduction number in state STATE-NUM. // Performed when YYTABLE does not specify something else to do. Zero // means the default is an error. static const short yydefact_[]; - // YYPGOTO[NTERM-NUM]. + // YYPGOTONTERM-NUM. static const short yypgoto_[]; - // YYDEFGOTO[NTERM-NUM]. + // YYDEFGOTONTERM-NUM. static const short yydefgoto_[]; - // YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If + // YYTABLEYYPACT[STATE-NUM] -- What to do in state STATE-NUM. If // positive, shift that token. If negative, reduce the rule whose // number is the opposite. If YYTABLE_NINF, syntax error. static const short yytable_[]; static const short yycheck_[]; - // YYSTOS[STATE-NUM] -- The (internal number of the) accessing + // YYSTOSSTATE-NUM -- The (internal number of the) accessing // symbol of state STATE-NUM. static const short yystos_[]; - // YYR1[YYN] -- Symbol number of symbol that rule YYN derives. + // YYR1YYN -- Symbol number of symbol that rule YYN derives. static const short yyr1_[]; - // YYR2[YYN] -- Number of symbols on the right hand side of rule YYN. + // YYR2YYN -- Number of symbols on the right hand side of rule YYN. static const signed char yyr2_[]; - /// Convert the symbol name \a n to a form suitable for a diagnostic. - static std::string yytnamerr_ (const char *n); - - - /// For a symbol, its name in clear. - static const char* const yytname_[]; #if YYDEBUG - // YYRLINE[YYN] -- Source line where rule number YYN was defined. + // YYRLINEYYN -- Source line where rule number YYN was defined. static const short yyrline_[]; /// Report on the debug stream that the rule \a r is going to be reduced. - virtual void yy_reduce_print_ (int r); + virtual void yy_reduce_print_ (int r) const; /// Print the state stack on the debug stream. - virtual void yystack_print_ (); + virtual void yy_stack_print_ () const; /// Debugging level. int yydebug_; /// Debug stream. std::ostream* yycdebug_; - /// \brief Display a symbol type, value and location. + /// \brief Display a symbol kind, value and location. /// \param yyo The output stream. /// \param yysym The symbol. template @@ -7038,7 +7741,7 @@ switch (yytype) /// Default constructor. by_state () YY_NOEXCEPT; - /// The symbol type as needed by the constructor. + /// The symbol kind as needed by the constructor. typedef state_type kind_type; /// Constructor. @@ -7050,12 +7753,12 @@ switch (yytype) /// Record that this symbol is empty. void clear () YY_NOEXCEPT; - /// Steal the symbol type from \a that. + /// Steal the symbol kind from \a that. void move (by_state& that); - /// The (internal) type number (corresponding to \a state). - /// \a empty_symbol when empty. - symbol_number_type type_get () const YY_NOEXCEPT; + /// The symbol kind (corresponding to \a state). + /// \a S_YYEMPTY when empty. + symbol_kind_type kind () const YY_NOEXCEPT; /// The state number used to denote an empty symbol. /// We use the initial state, as it does not have a value. @@ -7094,8 +7797,8 @@ switch (yytype) { public: // Hide our reversed order. - typedef typename S::reverse_iterator iterator; - typedef typename S::const_reverse_iterator const_iterator; + typedef typename S::iterator iterator; + typedef typename S::const_iterator const_iterator; typedef typename S::size_type size_type; typedef typename std::ptrdiff_t index_type; @@ -7103,6 +7806,13 @@ switch (yytype) : seq_ (n) {} +#if 201103L <= YY_CPLUSPLUS + /// Non copyable. + stack (const stack&) = delete; + /// Non copyable. + stack& operator= (const stack&) = delete; +#endif + /// Random access. /// /// Index 0 returns the topmost element. @@ -7153,24 +7863,18 @@ switch (yytype) return index_type (seq_.size ()); } - std::ptrdiff_t - ssize () const YY_NOEXCEPT - { - return std::ptrdiff_t (size ()); - } - /// Iterator on top of the stack (going downwards). const_iterator begin () const YY_NOEXCEPT { - return seq_.rbegin (); + return seq_.begin (); } /// Bottom of the stack. const_iterator end () const YY_NOEXCEPT { - return seq_.rend (); + return seq_.end (); } /// Present a slice of the top of a stack. @@ -7194,8 +7898,12 @@ switch (yytype) }; private: +#if YY_CPLUSPLUS < 201103L + /// Non copyable. stack (const stack&); + /// Non copyable. stack& operator= (const stack&); +#endif /// The wrapped container. S seq_; }; @@ -7225,33 +7933,28 @@ switch (yytype) /// Pop \a n symbols from the stack. void yypop_ (int n = 1); - /// Some specific tokens. - static const token_number_type yy_error_token_ = 1; - static const token_number_type yy_undef_token_ = 2; - /// Constants. enum { - yyeof_ = 0, yylast_ = 3260, ///< Last index in yytable_. yynnts_ = 16, ///< Number of nonterminal symbols. - yyfinal_ = 337, ///< Termination state number. - yyntokens_ = 342 ///< Number of tokens. + yyfinal_ = 337 ///< Termination state number. }; // User arguments. modsecurity::Parser::Driver& driver; + }; inline - seclang_parser::token_number_type + seclang_parser::symbol_kind_type seclang_parser::yytranslate_ (int t) { // YYTRANSLATE[TOKEN-NUM] -- Symbol number corresponding to // TOKEN-NUM as returned by yylex. static - const token_number_type + const short translate_table[] = { 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, @@ -7318,266 +8021,21 @@ switch (yytype) const int user_token_number_max_ = 596; if (t <= 0) - return yyeof_; + return symbol_kind::S_YYEOF; else if (t <= user_token_number_max_) - return translate_table[t]; + return YY_CAST (symbol_kind_type, translate_table[t]); else - return yy_undef_token_; + return symbol_kind::S_YYUNDEF; } // basic_symbol. -#if 201103L <= YY_CPLUSPLUS - template - seclang_parser::basic_symbol::basic_symbol (basic_symbol&& that) - : Base (std::move (that)) - , value () - , location (std::move (that.location)) - { - switch (this->type_get ()) - { - case 145: // "Accuracy" - case 146: // "Allow" - case 147: // "Append" - case 148: // "AuditLog" - case 149: // "Block" - case 150: // "Capture" - case 151: // "Chain" - case 152: // "ACTION_CTL_AUDIT_ENGINE" - case 153: // "ACTION_CTL_AUDIT_LOG_PARTS" - case 154: // "ACTION_CTL_BDY_JSON" - case 155: // "ACTION_CTL_BDY_XML" - case 156: // "ACTION_CTL_BDY_URLENCODED" - case 157: // "ACTION_CTL_FORCE_REQ_BODY_VAR" - case 158: // "ACTION_CTL_REQUEST_BODY_ACCESS" - case 159: // "ACTION_CTL_RULE_REMOVE_BY_ID" - case 160: // "ACTION_CTL_RULE_REMOVE_BY_TAG" - case 161: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID" - case 162: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG" - case 163: // "Deny" - case 164: // "DeprecateVar" - case 165: // "Drop" - case 166: // "Exec" - case 167: // "ExpireVar" - case 168: // "Id" - case 169: // "InitCol" - case 170: // "Log" - case 171: // "LogData" - case 172: // "Maturity" - case 173: // "Msg" - case 174: // "MultiMatch" - case 175: // "NoAuditLog" - case 176: // "NoLog" - case 177: // "Pass" - case 178: // "Pause" - case 179: // "Phase" - case 180: // "Prepend" - case 181: // "Proxy" - case 182: // "Redirect" - case 183: // "Rev" - case 184: // "SanitiseArg" - case 185: // "SanitiseMatched" - case 186: // "SanitiseMatchedBytes" - case 187: // "SanitiseRequestHeader" - case 188: // "SanitiseResponseHeader" - case 189: // "SetEnv" - case 190: // "SetRsc" - case 191: // "SetSid" - case 192: // "SetUID" - case 193: // "Severity" - case 194: // "Skip" - case 195: // "SkipAfter" - case 196: // "Status" - case 197: // "Tag" - case 198: // "ACTION_TRANSFORMATION_BASE_64_ENCODE" - case 199: // "ACTION_TRANSFORMATION_BASE_64_DECODE" - case 200: // "ACTION_TRANSFORMATION_BASE_64_DECODE_EXT" - case 201: // "ACTION_TRANSFORMATION_CMD_LINE" - case 202: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE" - case 203: // "ACTION_TRANSFORMATION_CSS_DECODE" - case 204: // "ACTION_TRANSFORMATION_ESCAPE_SEQ_DECODE" - case 205: // "ACTION_TRANSFORMATION_HEX_ENCODE" - case 206: // "ACTION_TRANSFORMATION_HEX_DECODE" - case 207: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE" - case 208: // "ACTION_TRANSFORMATION_JS_DECODE" - case 209: // "ACTION_TRANSFORMATION_LENGTH" - case 210: // "ACTION_TRANSFORMATION_LOWERCASE" - case 211: // "ACTION_TRANSFORMATION_MD5" - case 212: // "ACTION_TRANSFORMATION_NONE" - case 213: // "ACTION_TRANSFORMATION_NORMALISE_PATH" - case 214: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN" - case 215: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT" - case 216: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT" - case 217: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT" - case 218: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS" - case 219: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR" - case 220: // "ACTION_TRANSFORMATION_REMOVE_NULLS" - case 221: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE" - case 222: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS" - case 223: // "ACTION_TRANSFORMATION_REPLACE_NULLS" - case 224: // "ACTION_TRANSFORMATION_SHA1" - case 225: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE" - case 226: // "ACTION_TRANSFORMATION_TRIM" - case 227: // "ACTION_TRANSFORMATION_TRIM_LEFT" - case 228: // "ACTION_TRANSFORMATION_TRIM_RIGHT" - case 229: // "ACTION_TRANSFORMATION_UPPERCASE" - case 230: // "ACTION_TRANSFORMATION_URL_ENCODE" - case 231: // "ACTION_TRANSFORMATION_URL_DECODE" - case 232: // "ACTION_TRANSFORMATION_URL_DECODE_UNI" - case 233: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE" - case 234: // "Ver" - case 235: // "xmlns" - case 236: // "CONFIG_COMPONENT_SIG" - case 237: // "CONFIG_CONN_ENGINE" - case 238: // "CONFIG_SEC_ARGUMENT_SEPARATOR" - case 239: // "CONFIG_SEC_WEB_APP_ID" - case 240: // "CONFIG_SEC_SERVER_SIG" - case 241: // "CONFIG_DIR_AUDIT_DIR" - case 242: // "CONFIG_DIR_AUDIT_DIR_MOD" - case 243: // "CONFIG_DIR_AUDIT_ENG" - case 244: // "CONFIG_DIR_AUDIT_FLE_MOD" - case 245: // "CONFIG_DIR_AUDIT_LOG" - case 246: // "CONFIG_DIR_AUDIT_LOG2" - case 247: // "CONFIG_DIR_AUDIT_LOG_P" - case 248: // "CONFIG_DIR_AUDIT_STS" - case 249: // "CONFIG_DIR_AUDIT_TPE" - case 250: // "CONFIG_DIR_DEBUG_LOG" - case 251: // "CONFIG_DIR_DEBUG_LVL" - case 252: // "CONFIG_SEC_CACHE_TRANSFORMATIONS" - case 253: // "CONFIG_SEC_DISABLE_BACKEND_COMPRESS" - case 254: // "CONFIG_SEC_HASH_ENGINE" - case 255: // "CONFIG_SEC_HASH_KEY" - case 256: // "CONFIG_SEC_HASH_PARAM" - case 257: // "CONFIG_SEC_HASH_METHOD_RX" - case 258: // "CONFIG_SEC_HASH_METHOD_PM" - case 259: // "CONFIG_SEC_CHROOT_DIR" - case 260: // "CONFIG_DIR_GEO_DB" - case 261: // "CONFIG_DIR_GSB_DB" - case 262: // "CONFIG_SEC_GUARDIAN_LOG" - case 263: // "CONFIG_DIR_PCRE_MATCH_LIMIT" - case 264: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION" - case 265: // "CONFIG_SEC_CONN_R_STATE_LIMIT" - case 266: // "CONFIG_SEC_CONN_W_STATE_LIMIT" - case 267: // "CONFIG_SEC_SENSOR_ID" - case 268: // "CONFIG_DIR_ARGS_LIMIT" - case 269: // "CONFIG_DIR_REQ_BODY" - case 270: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT" - case 271: // "CONFIG_DIR_REQ_BODY_LIMIT" - case 272: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION" - case 273: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT" - case 274: // "CONFIG_DIR_RES_BODY" - case 275: // "CONFIG_DIR_RES_BODY_LIMIT" - case 276: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION" - case 277: // "CONFIG_SEC_RULE_INHERITANCE" - case 278: // "CONFIG_SEC_RULE_PERF_TIME" - case 279: // "CONFIG_DIR_RULE_ENG" - case 280: // "CONFIG_DIR_SEC_ACTION" - case 281: // "CONFIG_DIR_SEC_DEFAULT_ACTION" - case 282: // "CONFIG_DIR_SEC_MARKER" - case 283: // "CONFIG_DIR_UNICODE_MAP_FILE" - case 284: // "CONFIG_DIR_UNICODE_CODE_PAGE" - case 285: // "CONFIG_SEC_COLLECTION_TIMEOUT" - case 286: // "CONFIG_SEC_HTTP_BLKEY" - case 287: // "CONFIG_SEC_INTERCEPT_ON_ERROR" - case 288: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION" - case 289: // "CONFIG_SEC_RULE_REMOVE_BY_ID" - case 290: // "CONFIG_SEC_RULE_REMOVE_BY_MSG" - case 291: // "CONFIG_SEC_RULE_REMOVE_BY_TAG" - case 292: // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_TAG" - case 293: // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_MSG" - case 294: // "CONFIG_SEC_RULE_UPDATE_TARGET_BY_ID" - case 295: // "CONFIG_SEC_RULE_UPDATE_ACTION_BY_ID" - case 296: // "CONFIG_UPDLOAD_KEEP_FILES" - case 297: // "CONFIG_UPDLOAD_SAVE_TMP_FILES" - case 298: // "CONFIG_UPLOAD_DIR" - case 299: // "CONFIG_UPLOAD_FILE_LIMIT" - case 300: // "CONFIG_UPLOAD_FILE_MODE" - case 301: // "CONFIG_VALUE_ABORT" - case 302: // "CONFIG_VALUE_DETC" - case 303: // "CONFIG_VALUE_HTTPS" - case 304: // "CONFIG_VALUE_OFF" - case 305: // "CONFIG_VALUE_ON" - case 306: // "CONFIG_VALUE_PARALLEL" - case 307: // "CONFIG_VALUE_PROCESS_PARTIAL" - case 308: // "CONFIG_VALUE_REJECT" - case 309: // "CONFIG_VALUE_RELEVANT_ONLY" - case 310: // "CONFIG_VALUE_SERIAL" - case 311: // "CONFIG_VALUE_WARN" - case 312: // "CONFIG_XML_EXTERNAL_ENTITY" - case 313: // "CONGIG_DIR_RESPONSE_BODY_MP" - case 314: // "CONGIG_DIR_SEC_ARG_SEP" - case 315: // "CONGIG_DIR_SEC_COOKIE_FORMAT" - case 316: // "CONFIG_SEC_COOKIEV0_SEPARATOR" - case 317: // "CONGIG_DIR_SEC_DATA_DIR" - case 318: // "CONGIG_DIR_SEC_STATUS_ENGINE" - case 319: // "CONFIG_SEC_STREAM_IN_BODY_INSPECTION" - case 320: // "CONFIG_SEC_STREAM_OUT_BODY_INSPECTION" - case 321: // "CONGIG_DIR_SEC_TMP_DIR" - case 322: // "DIRECTIVE" - case 323: // "DIRECTIVE_SECRULESCRIPT" - case 324: // "FREE_TEXT_QUOTE_MACRO_EXPANSION" - case 325: // "QUOTATION_MARK" - case 326: // "RUN_TIME_VAR_BLD" - case 327: // "RUN_TIME_VAR_DUR" - case 328: // "RUN_TIME_VAR_HSV" - case 329: // "RUN_TIME_VAR_REMOTE_USER" - case 330: // "RUN_TIME_VAR_TIME" - case 331: // "RUN_TIME_VAR_TIME_DAY" - case 332: // "RUN_TIME_VAR_TIME_EPOCH" - case 333: // "RUN_TIME_VAR_TIME_HOUR" - case 334: // "RUN_TIME_VAR_TIME_MIN" - case 335: // "RUN_TIME_VAR_TIME_MON" - case 336: // "RUN_TIME_VAR_TIME_SEC" - case 337: // "RUN_TIME_VAR_TIME_WDAY" - case 338: // "RUN_TIME_VAR_TIME_YEAR" - case 339: // "VARIABLE" - case 340: // "Dictionary element" - case 341: // "Dictionary element, selected by regexp" - value.move< std::string > (std::move (that.value)); - break; - - case 348: // op - case 349: // op_before_init - value.move< std::unique_ptr > (std::move (that.value)); - break; - - case 357: // run_time_string - value.move< std::unique_ptr > (std::move (that.value)); - break; - - case 354: // var - value.move< std::unique_ptr > (std::move (that.value)); - break; - - case 355: // act - case 356: // setvar_action - value.move< std::unique_ptr > (std::move (that.value)); - break; - - case 351: // variables - case 352: // variables_pre_process - case 353: // variables_may_be_quoted - value.move< std::unique_ptr > > > (std::move (that.value)); - break; - - case 346: // actions - case 347: // actions_may_quoted - value.move< std::unique_ptr > > > (std::move (that.value)); - break; - - default: - break; - } - - } -#endif - template seclang_parser::basic_symbol::basic_symbol (const basic_symbol& that) : Base (that) , value () , location (that.location) { - switch (this->type_get ()) + switch (this->kind ()) { case 145: // "Accuracy" case 146: // "Allow" @@ -7816,11 +8274,18 @@ switch (yytype) + template + seclang_parser::symbol_kind_type + seclang_parser::basic_symbol::type_get () const YY_NOEXCEPT + { + return this->kind (); + } + template bool seclang_parser::basic_symbol::empty () const YY_NOEXCEPT { - return Base::type_get () == empty_symbol; + return this->kind () == symbol_kind::S_YYEMPTY; } template @@ -7828,7 +8293,7 @@ switch (yytype) seclang_parser::basic_symbol::move (basic_symbol& s) { super_type::move (s); - switch (this->type_get ()) + switch (this->kind ()) { case 145: // "Accuracy" case 146: // "Allow" @@ -8066,55 +8531,62 @@ switch (yytype) location = YY_MOVE (s.location); } - // by_type. + // by_kind. inline - seclang_parser::by_type::by_type () - : type (empty_symbol) + seclang_parser::by_kind::by_kind () + : kind_ (symbol_kind::S_YYEMPTY) {} #if 201103L <= YY_CPLUSPLUS inline - seclang_parser::by_type::by_type (by_type&& that) - : type (that.type) + seclang_parser::by_kind::by_kind (by_kind&& that) + : kind_ (that.kind_) { that.clear (); } #endif inline - seclang_parser::by_type::by_type (const by_type& that) - : type (that.type) + seclang_parser::by_kind::by_kind (const by_kind& that) + : kind_ (that.kind_) {} inline - seclang_parser::by_type::by_type (token_type t) - : type (yytranslate_ (t)) + seclang_parser::by_kind::by_kind (token_kind_type t) + : kind_ (yytranslate_ (t)) {} inline void - seclang_parser::by_type::clear () + seclang_parser::by_kind::clear () { - type = empty_symbol; + kind_ = symbol_kind::S_YYEMPTY; } inline void - seclang_parser::by_type::move (by_type& that) + seclang_parser::by_kind::move (by_kind& that) { - type = that.type; + kind_ = that.kind_; that.clear (); } inline - int - seclang_parser::by_type::type_get () const YY_NOEXCEPT + seclang_parser::symbol_kind_type + seclang_parser::by_kind::kind () const YY_NOEXCEPT { - return type; + return kind_; + } + + inline + seclang_parser::symbol_kind_type + seclang_parser::by_kind::type_get () const YY_NOEXCEPT + { + return this->kind (); } } // yy -#line 8118 "seclang-parser.hh" +#line 8590 "seclang-parser.hh" diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy index 805c7ea1..acd4f3c7 100644 --- a/src/parser/seclang-parser.yy +++ b/src/parser/seclang-parser.yy @@ -1073,7 +1073,7 @@ expression: for (auto &i : *$4.get()) { if (dynamic_cast(i.get())) { std::shared_ptr at = std::move(i); - std::shared_ptr t2 = std::static_pointer_cast(std::move(at)); + std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { a->push_back(i.release()); @@ -1124,7 +1124,7 @@ expression: for (auto &i : *$2.get()) { if (dynamic_cast(i.get())) { std::shared_ptr at = std::move(i); - std::shared_ptr t2 = std::static_pointer_cast(std::move(at)); + std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { a->push_back(i.release()); @@ -1146,7 +1146,7 @@ expression: for (auto &i : *$2.get()) { if (dynamic_cast(i.get())) { std::shared_ptr at = std::move(i); - std::shared_ptr t2 = std::static_pointer_cast(std::move(at)); + std::shared_ptr t2 = std::dynamic_pointer_cast(std::move(at)); t->push_back(std::move(t2)); } else { a->push_back(i.release()); @@ -1184,19 +1184,14 @@ expression: hasDisruptive = true; } if (phase != NULL) { - definedPhase = phase->m_phase; - secRuleDefinedPhase = phase->m_secRulesPhase; + definedPhase = phase->getPhase(); + secRuleDefinedPhase = phase->getSecRulePhase(); delete phase; - } else if (a->m_actionKind == actions::Action::RunTimeOnlyIfMatchKind || - a->m_actionKind == actions::Action::RunTimeBeforeMatchAttemptKind) { - actions::transformations::None *none = dynamic_cast(a); - if (none != NULL) { - driver.error(@0, "The transformation none is not suitable to be part of the SecDefaultActions"); - YYERROR; - } + } else if (dynamic_cast(a) + && !dynamic_cast(a)) { checkedActions.push_back(a); } else { - driver.error(@0, "The action '" + *a->m_name.get() + "' is not suitable to be part of the SecDefaultActions"); + driver.error(@0, "The action '" + *a->getName() + "' is not suitable to be part of the SecDefaultActions"); YYERROR; } } @@ -2610,19 +2605,19 @@ act: } | ACTION_AUDIT_LOG { - ACTION_CONTAINER($$, new actions::AuditLog($1)); + ACTION_CONTAINER($$, new actions::AuditLog()); } | ACTION_BLOCK { - ACTION_CONTAINER($$, new actions::Block($1)); + ACTION_CONTAINER($$, new actions::Block()); } | ACTION_CAPTURE { - ACTION_CONTAINER($$, new actions::Capture($1)); + ACTION_CONTAINER($$, new actions::Capture()); } | ACTION_CHAIN { - ACTION_CONTAINER($$, new actions::Chain($1)); + ACTION_CONTAINER($$, new actions::Chain()); } | ACTION_CTL_AUDIT_ENGINE CONFIG_VALUE_ON { @@ -2703,7 +2698,7 @@ act: } | ACTION_DENY { - ACTION_CONTAINER($$, new actions::disruptive::Deny($1)); + ACTION_CONTAINER($$, new actions::disruptive::Deny()); } | ACTION_DEPRECATE_VAR { @@ -2711,7 +2706,7 @@ act: } | ACTION_DROP { - ACTION_CONTAINER($$, new actions::disruptive::Drop($1)); + ACTION_CONTAINER($$, new actions::disruptive::Drop()); } | ACTION_EXEC { @@ -2736,7 +2731,7 @@ act: } | ACTION_LOG { - ACTION_CONTAINER($$, new actions::Log($1)); + ACTION_CONTAINER($$, new actions::Log()); } | ACTION_MATURITY { @@ -2748,19 +2743,19 @@ act: } | ACTION_MULTI_MATCH { - ACTION_CONTAINER($$, new actions::MultiMatch($1)); + ACTION_CONTAINER($$, new actions::MultiMatch()); } | ACTION_NO_AUDIT_LOG { - ACTION_CONTAINER($$, new actions::NoAuditLog($1)); + ACTION_CONTAINER($$, new actions::NoAuditLog()); } | ACTION_NO_LOG { - ACTION_CONTAINER($$, new actions::NoLog($1)); + ACTION_CONTAINER($$, new actions::NoLog()); } | ACTION_PASS { - ACTION_CONTAINER($$, new actions::disruptive::Pass($1)); + ACTION_CONTAINER($$, new actions::disruptive::Pass()); } | ACTION_PAUSE { @@ -2856,147 +2851,147 @@ act: } | ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT { - ACTION_CONTAINER($$, new actions::transformations::ParityZero7bit($1)); + ACTION_CONTAINER($$, new actions::transformations::ParityZero7bit()); } | ACTION_TRANSFORMATION_PARITY_ODD_7_BIT { - ACTION_CONTAINER($$, new actions::transformations::ParityOdd7bit($1)); + ACTION_CONTAINER($$, new actions::transformations::ParityOdd7bit()); } | ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT { - ACTION_CONTAINER($$, new actions::transformations::ParityEven7bit($1)); + ACTION_CONTAINER($$, new actions::transformations::ParityEven7bit()); } | ACTION_TRANSFORMATION_SQL_HEX_DECODE { - ACTION_CONTAINER($$, new actions::transformations::SqlHexDecode($1)); + ACTION_CONTAINER($$, new actions::transformations::SqlHexDecode()); } | ACTION_TRANSFORMATION_BASE_64_ENCODE { - ACTION_CONTAINER($$, new actions::transformations::Base64Encode($1)); + ACTION_CONTAINER($$, new actions::transformations::Base64Encode()); } | ACTION_TRANSFORMATION_BASE_64_DECODE { - ACTION_CONTAINER($$, new actions::transformations::Base64Decode($1)); + ACTION_CONTAINER($$, new actions::transformations::Base64Decode()); } | ACTION_TRANSFORMATION_BASE_64_DECODE_EXT { - ACTION_CONTAINER($$, new actions::transformations::Base64DecodeExt($1)); + ACTION_CONTAINER($$, new actions::transformations::Base64DecodeExt()); } | ACTION_TRANSFORMATION_CMD_LINE { - ACTION_CONTAINER($$, new actions::transformations::CmdLine($1)); + ACTION_CONTAINER($$, new actions::transformations::CmdLine()); } | ACTION_TRANSFORMATION_SHA1 { - ACTION_CONTAINER($$, new actions::transformations::Sha1($1)); + ACTION_CONTAINER($$, new actions::transformations::Sha1()); } | ACTION_TRANSFORMATION_MD5 { - ACTION_CONTAINER($$, new actions::transformations::Md5($1)); + ACTION_CONTAINER($$, new actions::transformations::Md5()); } | ACTION_TRANSFORMATION_ESCAPE_SEQ_DECODE { - ACTION_CONTAINER($$, new actions::transformations::EscapeSeqDecode($1)); + ACTION_CONTAINER($$, new actions::transformations::EscapeSeqDecode()); } | ACTION_TRANSFORMATION_HEX_ENCODE { - ACTION_CONTAINER($$, new actions::transformations::HexEncode($1)); + ACTION_CONTAINER($$, new actions::transformations::HexEncode()); } | ACTION_TRANSFORMATION_HEX_DECODE { - ACTION_CONTAINER($$, new actions::transformations::HexDecode($1)); + ACTION_CONTAINER($$, new actions::transformations::HexDecode()); } | ACTION_TRANSFORMATION_LOWERCASE { - ACTION_CONTAINER($$, new actions::transformations::LowerCase($1)); + ACTION_CONTAINER($$, new actions::transformations::LowerCase()); } | ACTION_TRANSFORMATION_UPPERCASE { - ACTION_CONTAINER($$, new actions::transformations::UpperCase($1)); + ACTION_CONTAINER($$, new actions::transformations::UpperCase()); } | ACTION_TRANSFORMATION_URL_DECODE_UNI { - ACTION_CONTAINER($$, new actions::transformations::UrlDecodeUni($1)); + ACTION_CONTAINER($$, new actions::transformations::UrlDecodeUni()); } | ACTION_TRANSFORMATION_URL_DECODE { - ACTION_CONTAINER($$, new actions::transformations::UrlDecode($1)); + ACTION_CONTAINER($$, new actions::transformations::UrlDecode()); } | ACTION_TRANSFORMATION_URL_ENCODE { - ACTION_CONTAINER($$, new actions::transformations::UrlEncode($1)); + ACTION_CONTAINER($$, new actions::transformations::UrlEncode()); } | ACTION_TRANSFORMATION_NONE { - ACTION_CONTAINER($$, new actions::transformations::None($1)); + ACTION_CONTAINER($$, new actions::transformations::None()); } | ACTION_TRANSFORMATION_COMPRESS_WHITESPACE { - ACTION_CONTAINER($$, new actions::transformations::CompressWhitespace($1)); + ACTION_CONTAINER($$, new actions::transformations::CompressWhitespace()); } | ACTION_TRANSFORMATION_REMOVE_WHITESPACE { - ACTION_CONTAINER($$, new actions::transformations::RemoveWhitespace($1)); + ACTION_CONTAINER($$, new actions::transformations::RemoveWhitespace()); } | ACTION_TRANSFORMATION_REPLACE_NULLS { - ACTION_CONTAINER($$, new actions::transformations::ReplaceNulls($1)); + ACTION_CONTAINER($$, new actions::transformations::ReplaceNulls()); } | ACTION_TRANSFORMATION_REMOVE_NULLS { - ACTION_CONTAINER($$, new actions::transformations::RemoveNulls($1)); + ACTION_CONTAINER($$, new actions::transformations::RemoveNulls()); } | ACTION_TRANSFORMATION_HTML_ENTITY_DECODE { - ACTION_CONTAINER($$, new actions::transformations::HtmlEntityDecode($1)); + ACTION_CONTAINER($$, new actions::transformations::HtmlEntityDecode()); } | ACTION_TRANSFORMATION_JS_DECODE { - ACTION_CONTAINER($$, new actions::transformations::JsDecode($1)); + ACTION_CONTAINER($$, new actions::transformations::JsDecode()); } | ACTION_TRANSFORMATION_CSS_DECODE { - ACTION_CONTAINER($$, new actions::transformations::CssDecode($1)); + ACTION_CONTAINER($$, new actions::transformations::CssDecode()); } | ACTION_TRANSFORMATION_TRIM { - ACTION_CONTAINER($$, new actions::transformations::Trim($1)); + ACTION_CONTAINER($$, new actions::transformations::Trim()); } | ACTION_TRANSFORMATION_TRIM_LEFT { - ACTION_CONTAINER($$, new actions::transformations::TrimLeft($1)); + ACTION_CONTAINER($$, new actions::transformations::TrimLeft()); } | ACTION_TRANSFORMATION_TRIM_RIGHT { - ACTION_CONTAINER($$, new actions::transformations::TrimRight($1)); + ACTION_CONTAINER($$, new actions::transformations::TrimRight()); } | ACTION_TRANSFORMATION_NORMALISE_PATH_WIN { - ACTION_CONTAINER($$, new actions::transformations::NormalisePathWin($1)); + ACTION_CONTAINER($$, new actions::transformations::NormalisePathWin()); } | ACTION_TRANSFORMATION_NORMALISE_PATH { - ACTION_CONTAINER($$, new actions::transformations::NormalisePath($1)); + ACTION_CONTAINER($$, new actions::transformations::NormalisePath()); } | ACTION_TRANSFORMATION_LENGTH { - ACTION_CONTAINER($$, new actions::transformations::Length($1)); + ACTION_CONTAINER($$, new actions::transformations::Length()); } | ACTION_TRANSFORMATION_UTF8_TO_UNICODE { - ACTION_CONTAINER($$, new actions::transformations::Utf8ToUnicode($1)); + ACTION_CONTAINER($$, new actions::transformations::Utf8ToUnicode()); } | ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR { - ACTION_CONTAINER($$, new actions::transformations::RemoveCommentsChar($1)); + ACTION_CONTAINER($$, new actions::transformations::RemoveCommentsChar()); } | ACTION_TRANSFORMATION_REMOVE_COMMENTS { - ACTION_CONTAINER($$, new actions::transformations::RemoveComments($1)); + ACTION_CONTAINER($$, new actions::transformations::RemoveComments()); } | ACTION_TRANSFORMATION_REPLACE_COMMENTS { - ACTION_CONTAINER($$, new actions::transformations::ReplaceComments($1)); + ACTION_CONTAINER($$, new actions::transformations::ReplaceComments()); } ; diff --git a/src/parser/stack.hh b/src/parser/stack.hh index d2d9eb91..d37a04b6 100644 --- a/src/parser/stack.hh +++ b/src/parser/stack.hh @@ -1,4 +1,4 @@ -// A Bison parser, made by GNU Bison 3.5.4. +// A Bison parser, made by GNU Bison 3.6.2. // Starting with Bison 3.2, this file is useless: the structure it // used to define is now defined with the parser itself. diff --git a/src/rule_message.cc b/src/rule_message.cc index 31bf1903..3c29789c 100644 --- a/src/rule_message.cc +++ b/src/rule_message.cc @@ -41,7 +41,7 @@ std::string RuleMessage::_details(const RuleMessage *rm) { msg.append(" [ver \"" + rm->getVer() + "\"]"); msg.append(" [maturity \"" + std::to_string(rm->getMaturity()) + "\"]"); msg.append(" [accuracy \"" + std::to_string(rm->getAccuracy()) + "\"]"); - for (auto &a : rm->m_tags) { + for (auto a : rm->m_tags) { msg.append(" [tag \"" + a + "\"]"); } msg.append(" [hostname \"" + rm->getServerIpAddress() + "\"]"); diff --git a/src/rule_with_actions.cc b/src/rule_with_actions.cc index f29fd139..b6ef4075 100644 --- a/src/rule_with_actions.cc +++ b/src/rule_with_actions.cc @@ -44,6 +44,7 @@ #include "src/actions/severity.h" #include "src/actions/tag.h" #include "src/actions/transformations/transformation.h" +#include "src/actions/transformations/none.h" #include "src/actions/xmlns.h" #include "src/utils/string.h" #include "src/actions/action_with_run_time_string.h" @@ -51,7 +52,8 @@ #include "src/actions/chain.h" #include "src/actions/rule_id.h" #include "src/actions/ver.h" -#include "src/actions/action_type_configure.h" +#include "src/actions/action_type_rule_metadata.h" + namespace modsecurity { @@ -118,48 +120,29 @@ void RuleWithActions::addDefaultAction(std::shared_ptr a) { arts->populate(this); } - if (dynamic_cast(a.get())) { - ActionTypeConfigure *conf = dynamic_cast(a.get()); + if (dynamic_cast(a.get())) { + ActionTypeRuleMetaData *conf = dynamic_cast(a.get()); conf->configure(this); return; } - if (a->m_actionKind == Action::RunTimeOnlyIfMatchKind) { - if (dynamic_cast(a.get())) { - m_defaultContainsCaptureAction = true; - } else if (dynamic_cast(a.get())) { - m_defaultContainsMultiMatchAction = true; - } else if (dynamic_cast(a.get())) { - actions::Severity *severity = dynamic_cast(a.get()); - setDefaultActionSeverity(severity->m_severity); - } else if (dynamic_cast(a.get())) { - m_defaultActionLogData = std::static_pointer_cast(a); - } else if (dynamic_cast(a.get())) { - m_defaultActionMsg = std::static_pointer_cast(a); - } else if (dynamic_cast(a.get())) { - actions::SetVar *var = dynamic_cast(a.get()); - m_actionsSetVar.push_back(std::unique_ptr(var)); - } else if (dynamic_cast(a.get())) { - m_defaultActionActionsTag.push_back(std::static_pointer_cast(a)); - } else if (dynamic_cast(a.get())) { - m_defaultContainsLogAction = true; - } else if (dynamic_cast(a.get())) { - m_defaultContainsNoLogAction = true; - } else if (dynamic_cast(a.get())) { - m_defaultActionActionsRuntimePos.push_back(a); - m_defaultContainsStaticBlockAction = true; - } else if (a->isDisruptive() == true) { - m_defaultActionDisruptiveAction = a; - } else { - m_defaultActionActionsRuntimePos.push_back(a); - } - return; + if (dynamic_cast(a.get())) { + m_defaultActionLogData.reset(dynamic_cast(a.get())); + } else if (dynamic_cast(a.get())) { + m_defaultActionMsg.reset(dynamic_cast(a.get())); + } else if (dynamic_cast(a.get())) { + actions::SetVar *var = dynamic_cast(a.get()); + m_actionsSetVar.push_back(std::unique_ptr(var)); + } else if (dynamic_cast(a.get())) { + m_defaultActionActionsTag.push_back(std::dynamic_pointer_cast(a)); + } else if (dynamic_cast(a.get())) { + m_defaultActionActionsRuntimePos.push_back(a); + m_defaultContainsStaticBlockAction = true; + } else if (a->isDisruptive() == true) { + m_defaultActionDisruptiveAction = a; + } else { + m_defaultActionActionsRuntimePos.push_back(a); } - - std::cout << "General failure, action: " << *a->m_name; - std::cout << " has an unknown type." << std::endl; - throw; - } void RuleWithActions::addAction(actions::Action *a) { @@ -170,57 +153,33 @@ void RuleWithActions::addAction(actions::Action *a) { arts->populate(this); } - if (dynamic_cast(a)) { - ActionTypeConfigure *conf = dynamic_cast(a); + if (dynamic_cast(a)) { + ActionTypeRuleMetaData *conf = dynamic_cast(a); conf->configure(this); delete a; return; } - if (a->m_actionKind == Action::RunTimeOnlyIfMatchKind) { - if (dynamic_cast(a)) { - m_containsCaptureAction = true; - delete a; - } else if (dynamic_cast(a)) { - m_containsMultiMatchAction = true; - delete a; - } else if (dynamic_cast(a)) { - actions::Severity *severity = dynamic_cast(a); - setSeverity(severity->m_severity); - delete a; - } else if (dynamic_cast(a)) { - m_logData = std::unique_ptr(dynamic_cast(a)); - } else if (dynamic_cast(a)) { - m_msg = std::unique_ptr(dynamic_cast(a)); - } else if (dynamic_cast(a)) { - actions::SetVar *var = dynamic_cast(a); - m_actionsSetVar.push_back(std::unique_ptr(var)); - } else if (dynamic_cast(a)) { - m_containsLogAction = true; - delete a; - } else if (dynamic_cast(a)) { - m_containsNoLogAction = true; - delete a; - } else if (dynamic_cast(a)) { - m_actionsTag.push_back(std::unique_ptr(dynamic_cast(a))); - } else if (dynamic_cast(a)) { - m_actionsRuntimePos.push_back(std::unique_ptr(dynamic_cast(a))); - m_containsStaticBlockAction = true; - } else if (dynamic_cast(a)) { - m_XmlNSs.push_back(std::unique_ptr(dynamic_cast(a))); - } else if (a->isDisruptive() == true) { - m_disruptiveAction = std::unique_ptr(a); - } else { - m_actionsRuntimePos.push_back(std::unique_ptr(a)); - } - return; + + if (dynamic_cast(a)) { + m_logData = std::unique_ptr(dynamic_cast(a)); + } else if (dynamic_cast(a)) { + m_msg = std::unique_ptr(dynamic_cast(a)); + } else if (dynamic_cast(a)) { + actions::SetVar *var = dynamic_cast(a); + m_actionsSetVar.push_back(std::unique_ptr(var)); + } else if (dynamic_cast(a)) { + m_actionsTag.push_back(std::unique_ptr(dynamic_cast(a))); + } else if (dynamic_cast(a)) { + m_actionsRuntimePos.push_back(std::unique_ptr(dynamic_cast(a))); + m_containsStaticBlockAction = true; + } else if (dynamic_cast(a)) { + m_XmlNSs.push_back(std::unique_ptr(dynamic_cast(a))); + } else if (a->isDisruptive() == true) { + m_disruptiveAction = std::unique_ptr(a); + } else { + m_actionsRuntimePos.push_back(std::unique_ptr(a)); } - - std::cout << "General failure, action: " << *a->m_name; - std::cout << " has an unknown type." << std::endl; - delete a; - throw; - } @@ -239,26 +198,11 @@ void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction * for (actions::SetVar *a : getSetVarsActionsPtr()) { ms_dbg_a(trans, 4, "Running [independent] (non-disruptive) " \ - "action: " + *a->m_name.get()); + "action: " + *a->getName()); a->execute(trans); } - for (auto &b : - trans->m_rules->m_exceptions.m_action_pre_update_target_by_id) { - if (m_ruleId != b.first) { - continue; - } - actions::Action *a = dynamic_cast(b.second.get()); - if (a->isDisruptive() == true && *a->m_name.get() == "block") { - ms_dbg_a(trans, 9, "Rule contains a `block' action"); - } else if (*a->m_name.get() == "setvar") { - ms_dbg_a(trans, 4, "Running [independent] (non-disruptive) " \ - "action: " + *a->m_name.get()); - a->execute(trans); - } - } - if (m_logData) { m_logData->execute(trans); } else if (m_defaultActionLogData) { @@ -276,21 +220,9 @@ void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction * void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans) { bool disruptiveAlreadyExecuted = false; -#if 0 - for (auto &a : trans->m_rules->m_defaultActions[getPhase()]) { - if (a.get()->m_actionKind != actions::Action::RunTimeOnlyIfMatchKind) { - continue; - } - if (!a.get()->isDisruptive()) { - executeAction(trans, a.get(), true); - - } - } -#endif - for (actions::Tag *a : getTagsActionPtr()) { ms_dbg_a(trans, 4, "Running (non-disruptive) action: " \ - + *a->m_name.get()); + + a->getTagName(trans)); a->execute(trans); } @@ -334,28 +266,27 @@ void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans) { void RuleWithActions::executeAction(Transaction *trans, Action *a, bool defaultContext) { - if (a->isDisruptive() == false && *a->m_name.get() != "block") { - ms_dbg_a(trans, 9, "Running " \ - "action: " + *a->m_name.get()); + if (a->isDisruptive() == false) { + ms_dbg_a(trans, 9, "Running action: " + *a->getName()); a->execute(trans); return; } if (defaultContext && !hasBlockAction()) { - ms_dbg_a(trans, 4, "Ignoring action: " + *a->m_name.get() + \ + ms_dbg_a(trans, 4, "Ignoring action: " + *a->getName() + \ " (rule does not cotains block)"); return; } if (trans->getRuleEngineState() == RulesSet::EnabledRuleEngine) { ms_dbg_a(trans, 4, "Running (disruptive) action: " + - *a->m_name.get() + "."); + *a->getName() + "."); a->execute(trans); return; } - ms_dbg_a(trans, 4, "Not running any disruptive action (or block): " \ - + *a->m_name.get() + ". SecRuleEngine is not On."); + ms_dbg_a(trans, 4, "Not running disruptive action: " \ + + *a->getName() + ". SecRuleEngine is not On."); } @@ -375,7 +306,7 @@ void RuleWithActions::executeTransformations( std::shared_ptr(new std::string(in)); for (Transformation *action : getTransformationPtr()) { - if (action->isNone()) { + if (dynamic_cast(action)) { none++; } } @@ -384,7 +315,7 @@ void RuleWithActions::executeTransformations( if (none == 0) { executeTransformation(trans, &results, t); } - if (t->isNone()) { + if (dynamic_cast(t)) { none--; } } @@ -392,40 +323,29 @@ void RuleWithActions::executeTransformations( // FIXME: It can't be something different from transformation. Sort this // on rules compile time. for (auto &b : - trans->m_rules->m_exceptions.m_action_pre_update_target_by_id) { + trans->m_rules->m_exceptions.m_action_transformation_update_target_by_id) { if (m_ruleId != b.first) { continue; } - Transformation *t = dynamic_cast(b.second.get()); - if (t->isNone()) { + Transformation *t = b.second.get(); + if (dynamic_cast(t)) { none++; } } for (auto &b : - trans->m_rules->m_exceptions.m_action_pre_update_target_by_id) { + trans->m_rules->m_exceptions.m_action_transformation_update_target_by_id) { if (m_ruleId != b.first) { continue; } - Transformation *t = dynamic_cast(b.second.get()); + Transformation *t = b.second.get(); if (none == 0) { executeTransformation(trans, &results, t); } - if (t->isNone()) { + if (dynamic_cast(t)) { none--; } } - -/* - if (hasMultimatchAction() == true) { - ms_dbg_a(trans, 9, "multiMatch is enabled. " \ - + std::to_string(results.size()) + \ - " values to be tested."); - } else { - //results.push_back(TransformationResult(nullptr, ssin)); - //results.pop_front(); - } -*/ } @@ -453,13 +373,13 @@ void RuleWithActions::executeTransformation( transformation->execute(transaction, in, out); ms_dbg_a(transaction, 9, " T (" + std::to_string(ret->size() - 1) + ") " + \ - *transformation->m_name.get() + ": \"" + \ + *transformation->getName() + ": \"" + \ utils::string::limitTo(80, out.c_str()) + "\""); ret->push_back( TransformationResult( - &out, - transformation->m_name.get() + out, + transformation->getName() ) ); } diff --git a/src/rule_with_actions.h b/src/rule_with_actions.h index eca268b6..faac9bf7 100644 --- a/src/rule_with_actions.h +++ b/src/rule_with_actions.h @@ -30,7 +30,7 @@ #include "modsecurity/variable_value.h" #include "modsecurity/rule.h" #include "modsecurity/actions/action.h" -#include "src/actions/action_type_configure.h" +#include "src/actions/action_type_rule_metadata.h" #ifdef __cplusplus @@ -55,7 +55,7 @@ using Transformation = actions::transformations::Transformation; using Transformations = std::vector >; using TransformationsPtr = std::vector; using Action = actions::Action; -using ActionTypeConfigure = actions::ActionTypeConfigure; +using ActionTypeRuleMetaData = actions::ActionTypeRuleMetaData; using Actions = std::vector; using Tags = std::vector >; using TagsPtr = std::vector; @@ -71,9 +71,9 @@ using XmlNSsPtr = std::vector; class TransformationResult { public: TransformationResult( - ModSecString *after, - std::string *transformation) - : m_after(*after), + ModSecString &after, + const std::string *transformation = nullptr) + : m_after(after), m_transformation(transformation) { }; explicit TransformationResult( @@ -91,14 +91,14 @@ class TransformationResult { } - std::string *getTransformationName() { + const std::string *getTransformationName() const { return m_transformation; } private: ModSecString m_after; - std::string *m_transformation; + const std::string *m_transformation; }; using TransformationsResults = std::list; @@ -221,7 +221,6 @@ class RuleWithActions : public Rule { Action *a, bool context); - static void executeTransformation( Transaction *transaction, TransformationsResults *ret, @@ -346,6 +345,7 @@ class RuleWithActions : public Rule { inline bool hasChainedParent() const { return m_chainedRuleParent != nullptr; } inline bool hasChainedChild() const { return m_chainedRuleChild.get() != nullptr; } + inline void setHasCaptureAction(bool b) { m_containsCaptureAction = b; } inline bool hasCaptureAction() const { return m_containsCaptureAction || m_defaultContainsCaptureAction; } inline bool hasDisruptiveAction() const { return m_disruptiveAction != nullptr || m_defaultActionDisruptiveAction != nullptr; } @@ -355,6 +355,7 @@ class RuleWithActions : public Rule { inline bool hasBlockAction() const { return m_containsStaticBlockAction || m_defaultContainsStaticBlockAction; } inline void setHasBlockAction(bool b) { m_containsStaticBlockAction = b; } + inline void setHasMultimatchAction(bool b) { m_containsMultiMatchAction = b; } inline bool hasMultimatchAction() const { return m_containsMultiMatchAction || m_defaultContainsMultiMatchAction; } inline bool hasLogAction() const { return m_containsLogAction == true; } diff --git a/src/rules_exceptions.cc b/src/rules_exceptions.cc index 4259ac09..aee9e8c0 100644 --- a/src/rules_exceptions.cc +++ b/src/rules_exceptions.cc @@ -19,6 +19,8 @@ #include "src/utils/string.h" #include "src/variables/variable.h" +#include "src/actions/action_type_rule_metadata.h" +#include "src/actions/transformations/transformation.h" namespace modsecurity { @@ -36,21 +38,26 @@ bool RulesExceptions::loadUpdateActionById(double id, std::string *error) { for (auto &a : *actions) { - if (a->m_actionKind == actions::Action::ConfigurationKind) { - std::cout << "General failure, action: " << a->m_name; + if (dynamic_cast(a.get())) { + std::cout << "General failure, action: " << *a->getName(); std::cout << " has not expected to be used with UpdateActionByID."; std::cout << std::endl; - } else if (a->m_actionKind - == actions::Action::RunTimeBeforeMatchAttemptKind) { - m_action_pre_update_target_by_id.emplace(std::pair>(id , std::move(a))); - } else if (a->m_actionKind == actions::Action::RunTimeOnlyIfMatchKind) { - m_action_pos_update_target_by_id.emplace(std::pair>(id , std::move(a))); - } else { - std::cout << "General failure, action: " << a->m_name; - std::cout << " has an unknown type." << std::endl; + continue; } + + if (dynamic_cast(a.get())) { + actions::transformations::Transformation *t = dynamic_cast(a.get()); + m_action_transformation_update_target_by_id.emplace( + std::pair>(id, std::unique_ptr(t)) + ); + continue; + } + + m_action_pos_update_target_by_id.emplace( + std::pair>(id , std::move(a)) + ); } return true; @@ -247,10 +254,10 @@ bool RulesExceptions::merge(RulesExceptions *from) { p.second)); } - for (auto &p : from->m_action_pre_update_target_by_id) { - m_action_pre_update_target_by_id.emplace( + for (auto &p : from->m_action_transformation_update_target_by_id) { + m_action_transformation_update_target_by_id.emplace( std::pair>(p.first, + std::shared_ptr>(p.first, p.second)); } diff --git a/src/transaction.cc b/src/transaction.cc index eea5ff00..0d92e443 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -53,7 +53,7 @@ #include "src/actions/disruptive/allow.h" #include "src/variables/remote_user.h" #include "src/rule_with_actions.h" - +#include "src/actions/ctl/audit_log_parts.h" using modsecurity::actions::Action; @@ -150,7 +150,7 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData) m_ruleRemoveTargetByTag(), m_ruleRemoveTargetById(), m_requestBodyAccess(RulesSet::PropertyNotSetConfigBoolean), - m_auditLogModifier(), + m_auditLogParts(0), m_requestBody(), m_responseBody(), /* m_id(), */ @@ -198,6 +198,10 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData) ms_dbg(4, "Initializing transaction"); + if (m_rules != NULL && m_rules->m_auditLog != NULL) { + m_auditLogParts = this->m_rules->m_auditLog->getParts(); + } + intervention::clean(&m_it); } @@ -223,7 +227,7 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCb m_ruleRemoveTargetByTag(), m_ruleRemoveTargetById(), m_requestBodyAccess(RulesSet::PropertyNotSetConfigBoolean), - m_auditLogModifier(), + m_auditLogParts(0), m_requestBody(), m_responseBody(), m_id(std::unique_ptr(new std::string(id))), @@ -268,6 +272,10 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCb ms_dbg(4, "Initializing transaction"); + if (m_rules != NULL && m_rules->m_auditLog != NULL) { + m_auditLogParts = this->m_rules->m_auditLog->getParts(); + } + intervention::clean(&m_it); } @@ -1407,35 +1415,15 @@ int Transaction::processLogging() { this->m_rules->evaluate(modsecurity::LoggingPhase, this); - /* If relevant, save this transaction information at the audit_logs */ - if (m_rules != NULL && m_rules->m_auditLog != NULL) { - int parts = this->m_rules->m_auditLog->getParts(); + if (m_auditLogParts != 0) { ms_dbg(8, "Checking if this request is suitable to be " \ "saved as an audit log."); - if (!this->m_auditLogModifier.empty()) { - ms_dbg(4, "There was an audit log modifier for this transaction."); - std::list>::iterator it; - ms_dbg(7, "AuditLog parts before modification(s): " + - std::to_string(parts) + "."); - for (it = m_auditLogModifier.begin(); - it != m_auditLogModifier.end(); ++it) { - std::pair p = *it; - if (p.first == 0) { // Add - parts = this->m_rules->m_auditLog->addParts(parts, - p.second); - } else { // Remove - parts = this->m_rules->m_auditLog->removeParts(parts, - p.second); - } - } - } - ms_dbg(8, "Checking if this request is relevant to be " \ - "part of the audit logs."); - bool saved = this->m_rules->m_auditLog->saveIfRelevant(this, parts); + // FIXME: m_auditLogParts can be accessed via Transaction. + bool saved = this->m_rules->m_auditLog->saveIfRelevant(this, m_auditLogParts); if (saved) { ms_dbg(8, "Request was relevant to be saved. Parts: " + - std::to_string(parts)); + std::to_string(m_auditLogParts)); } } @@ -1801,7 +1789,7 @@ std::string Transaction::toJSON(int parts) { reinterpret_cast("tags"), strlen("tags")); yajl_gen_array_open(g); - for (auto b : a->m_tags) { + for (auto &b : a->m_tags) { yajl_gen_string(g, reinterpret_cast(b.c_str()), strlen(b.c_str())); diff --git a/test/test-cases/regression/action-block.json b/test/test-cases/regression/action-block.json index 239df027..8bed1092 100644 --- a/test/test-cases/regression/action-block.json +++ b/test/test-cases/regression/action-block.json @@ -27,7 +27,7 @@ }, "rules":[ "SecRuleEngine On", - "SecDefaultAction \"phase:1,log,block,status:404\"", + "SecDefaultAction \"phase:1,log,status:404\"", "SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5\"" ] }, @@ -59,7 +59,7 @@ }, "rules":[ "SecRuleEngine On", - "SecDefaultAction \"phase:1,log,block,deny,status:400\"", + "SecDefaultAction \"phase:1,log,deny,status:400\"", "SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5\"" ] } diff --git a/test/test-cases/regression/action-tnf-base64.json b/test/test-cases/regression/action-tnf-base64.json index 7cb047ce..08875aaa 100644 --- a/test/test-cases/regression/action-tnf-base64.json +++ b/test/test-cases/regression/action-tnf-base64.json @@ -36,7 +36,7 @@ ] }, "expected":{ - "debug_log": "t:base64encode: \"dmFsdWUyCg==\"" + "debug_log": "t:base64Encode: \"dmFsdWUyCg==\"" }, "rules":[ "SecRuleEngine On", @@ -80,7 +80,7 @@ ] }, "expected":{ - "debug_log": "t:base64decode: \"value2\"" + "debug_log": "t:base64Decode: \"value2\"" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/auditlog-ctl.json b/test/test-cases/regression/auditlog-ctl.json new file mode 100644 index 00000000..40a220b9 --- /dev/null +++ b/test/test-cases/regression/auditlog-ctl.json @@ -0,0 +1,240 @@ +[ + { + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "ctl:auditlogparts : +E", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "www.modsecurity.org", + "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Pragma": "no-cache", + "Cache-Control": "no-cache" + }, + "uri": "\/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": "" + }, + "response": { + "headers": { + "Content-Type": "plain\/text\n\r" + }, + "body": [ + "test" + ] + }, + "expected": { + "audit_log": "", + "debug_log": "Request was relevant to be saved. Parts: 34", + "error_log": "", + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecAuditEngine RelevantOnly", + "SecAuditLogParts A", + "SecAuditLogStorageDir /tmp/test", + "SecAuditLogDirMode 0766", + "SecAuditLogFileMode 0600", + "SecAuditLogType Parallel", + "SecAuditLogRelevantStatus \"^(?:5|4(?!04))\"", + "SecRule ARGS \"@contains test\" \"id:1,t:trim,ctl:auditlogparts=+E\"", + "SecRule ARGS \"@contains test\" \"id:2,t:trim,deny,auditlog\"" + ] + }, + { + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "ctl:auditlogparts : +E-E", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "www.modsecurity.org", + "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Pragma": "no-cache", + "Cache-Control": "no-cache" + }, + "uri": "\/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": "" + }, + "response": { + "headers": { + "Content-Type": "plain\/text\n\r" + }, + "body": [ + "test" + ] + }, + "expected": { + "audit_log": "", + "debug_log": "Request was relevant to be saved. Parts: 2", + "error_log": "", + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecAuditEngine RelevantOnly", + "SecAuditLogParts A", + "SecAuditLogStorageDir /tmp/test", + "SecAuditLogDirMode 0766", + "SecAuditLogFileMode 0600", + "SecAuditLogType Parallel", + "SecAuditLogRelevantStatus \"^(?:5|4(?!04))\"", + "SecRule ARGS \"@contains test\" \"id:1,t:trim,ctl:auditlogparts=+E\"", + "SecRule ARGS \"@contains test\" \"id:2,t:trim,ctl:auditlogparts=-E\"", + "SecRule ARGS \"@contains test\" \"id:3,t:trim,deny,auditlog\"" + ] + }, + { + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "ctl:auditlogparts : +E-E+E", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "www.modsecurity.org", + "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Pragma": "no-cache", + "Cache-Control": "no-cache" + }, + "uri": "\/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": "" + }, + "response": { + "headers": { + "Content-Type": "plain\/text\n\r" + }, + "body": [ + "test" + ] + }, + "expected": { + "audit_log": "", + "debug_log": "Request was relevant to be saved. Parts: 34", + "error_log": "", + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecAuditEngine RelevantOnly", + "SecAuditLogParts A", + "SecAuditLogStorageDir /tmp/test", + "SecAuditLogDirMode 0766", + "SecAuditLogFileMode 0600", + "SecAuditLogType Parallel", + "SecAuditLogRelevantStatus \"^(?:5|4(?!04))\"", + "SecRule ARGS \"@contains test\" \"id:1,t:trim,ctl:auditlogparts=+E\"", + "SecRule ARGS \"@contains test\" \"id:2,t:trim,ctl:auditlogparts=-E\"", + "SecRule ARGS \"@contains test\" \"id:3,t:trim,ctl:auditlogparts=+E\"", + "SecRule ARGS \"@contains test\" \"id:4,t:trim,deny,auditlog\"" + ] + }, + { + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "ctl:auditlogparts : +E-E+E+H", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "www.modsecurity.org", + "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Pragma": "no-cache", + "Cache-Control": "no-cache" + }, + "uri": "\/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": "" + }, + "response": { + "headers": { + "Content-Type": "plain\/text\n\r" + }, + "body": [ + "test" + ] + }, + "expected": { + "audit_log": "", + "debug_log": "Request was relevant to be saved. Parts: 290", + "error_log": "", + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecAuditEngine RelevantOnly", + "SecAuditLogParts A", + "SecAuditLogStorageDir /tmp/test", + "SecAuditLogDirMode 0766", + "SecAuditLogFileMode 0600", + "SecAuditLogType Parallel", + "SecAuditLogRelevantStatus \"^(?:5|4(?!04))\"", + "SecRule ARGS \"@contains test\" \"id:1,t:trim,ctl:auditlogparts=+E\"", + "SecRule ARGS \"@contains test\" \"id:2,t:trim,ctl:auditlogparts=-E\"", + "SecRule ARGS \"@contains test\" \"id:3,t:trim,ctl:auditlogparts=+E\"", + "SecRule ARGS \"@contains test\" \"id:4,t:trim,ctl:auditlogparts=+H\"", + "SecRule ARGS \"@contains test\" \"id:5,t:trim,deny,auditlog\"" + ] + } +] diff --git a/test/test-cases/regression/collection-regular_expression_selection.json b/test/test-cases/regression/collection-regular_expression_selection.json index cde06ac7..ec53d0c9 100644 --- a/test/test-cases/regression/collection-regular_expression_selection.json +++ b/test/test-cases/regression/collection-regular_expression_selection.json @@ -48,12 +48,12 @@ }, "expected":{ "audit_log":"", - "debug_log":"T \\(0\\) t:lowercase: \"test2\"", + "debug_log":"T \\(0\\) t:lowerCase: \"test2\"", "error_log":"" }, "rules":[ "SecRuleEngine On", - "SecRule ARGS:/^id_/ \"@contains nops\" \"id:1,t:lowercase,block,status:404\"" + "SecRule ARGS:/^id_/ \"@contains nops\" \"id:1,t:lowerCase,block,status:404\"" ] }, { diff --git a/test/test-cases/regression/config-secdefaultaction.json b/test/test-cases/regression/config-secdefaultaction.json index bb3d7d81..d4f71fed 100644 --- a/test/test-cases/regression/config-secdefaultaction.json +++ b/test/test-cases/regression/config-secdefaultaction.json @@ -48,14 +48,14 @@ }, "expected":{ "audit_log":"", - "debug_log":"lowercase: \"300\"", + "debug_log":"lowerCase: \"300\"", "error_log":"" }, "rules":[ "SecRuleEngine On", - "SecDefaultAction \"phase:2,t:lowercase,pass\"", + "SecDefaultAction \"phase:2,t:lowerCase,pass\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"phase:2,id:1,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", - "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" + "SecRule TX \"@contains to_test\" \"id:2,t:lowerCase,t:none\"" ] }, { @@ -123,7 +123,7 @@ "version_max":0, "title":"Testing action :: SecDefaultAction: t:none", "expected":{ - "parser_error":"The transformation none is not suitable to be part of the SecDefaultActions" + "parser_error":"The action 't:none' is not suitable to be part of the SecDefaultActions" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/misc-variable-under-quotes.json b/test/test-cases/regression/misc-variable-under-quotes.json index 5310f61e..c82c96e1 100644 --- a/test/test-cases/regression/misc-variable-under-quotes.json +++ b/test/test-cases/regression/misc-variable-under-quotes.json @@ -31,10 +31,10 @@ ] }, "expected":{ - "debug_log":"t:lowercase:" + "debug_log":"t:lowerCase:" }, "rules":[ - "SecRule \"REQUEST_LINE\" \"@contains index.php/admin/cms/wysiwyg/directive/\" \"id:1,t:lowercase,ctl:auditLogParts=+E\"" + "SecRule \"REQUEST_LINE\" \"@contains index.php/admin/cms/wysiwyg/directive/\" \"id:1,t:lowerCase,ctl:auditLogParts=+E\"" ] }, { @@ -69,10 +69,10 @@ ] }, "expected":{ - "debug_log":"t:lowercase:" + "debug_log":"t:lowerCase:" }, "rules":[ - "SecRule \"REQUEST_LINE\" \"index.php/admin/cms/wysiwyg/directive/\" \"id:1,t:lowercase,ctl:auditLogParts=+E\"" + "SecRule \"REQUEST_LINE\" \"index.php/admin/cms/wysiwyg/directive/\" \"id:1,t:lowerCase,ctl:auditLogParts=+E\"" ] } ] diff --git a/test/test-cases/regression/offset-variable.json b/test/test-cases/regression/offset-variable.json index 6f6b1233..20d87aa2 100644 --- a/test/test-cases/regression/offset-variable.json +++ b/test/test-cases/regression/offset-variable.json @@ -831,13 +831,13 @@ ] }, "expected":{ - "error_log":"o0,4v64,13t:lowercase", + "error_log":"o0,4v64,13t:lowerCase", "http_code": 403 }, "rules":[ "SecRequestBodyAccess On", "SecRuleEngine On", - "SecRule REQUEST_HEADERS_NAMES \"auth\" \"id:1,phase:2,pass,t:lowercase,msg:'ops',deny\"" + "SecRule REQUEST_HEADERS_NAMES \"auth\" \"id:1,phase:2,pass,t:lowerCase,msg:'ops',deny\"" ] }, { @@ -865,13 +865,13 @@ ] }, "expected":{ - "error_log":"o1,2v216,3t:lowercase", + "error_log":"o1,2v216,3t:lowerCase", "http_code":403 }, "rules":[ "SecRequestBodyAccess On", "SecRuleEngine On", - "SecRule REQUEST_COOKIES \"es\" \"id:1,phase:2,pass,t:lowercase,msg:'ops',deny\"" + "SecRule REQUEST_COOKIES \"es\" \"id:1,phase:2,pass,t:lowerCase,msg:'ops',deny\"" ] }, { @@ -899,13 +899,13 @@ ] }, "expected":{ - "error_log":"o0,1v223,1t:lowercase", + "error_log":"o0,1v223,1t:lowerCase", "http_code":403 }, "rules":[ "SecRequestBodyAccess On", "SecRuleEngine On", - "SecRule REQUEST_COOKIES \"z\" \"id:1,phase:2,pass,t:lowercase,msg:'ops',deny\"" + "SecRule REQUEST_COOKIES \"z\" \"id:1,phase:2,pass,t:lowerCase,msg:'ops',deny\"" ] }, { @@ -933,13 +933,13 @@ ] }, "expected":{ - "error_log":"o0,1v228,1t:lowercase", + "error_log":"o0,1v228,1t:lowerCase", "http_code": 403 }, "rules":[ "SecRequestBodyAccess On", "SecRuleEngine On", - "SecRule REQUEST_COOKIES \"b\" \"id:1,phase:2,pass,t:lowercase,msg:'ops',deny\"" + "SecRule REQUEST_COOKIES \"b\" \"id:1,phase:2,pass,t:lowerCase,msg:'ops',deny\"" ] }, { diff --git a/test/test-cases/regression/tempCodeRunnerFile.json b/test/test-cases/regression/tempCodeRunnerFile.json new file mode 100644 index 00000000..7437a22f --- /dev/null +++ b/test/test-cases/regression/tempCodeRunnerFile.json @@ -0,0 +1,38 @@ + + "enabled":1, + "version_min":300000, + "title":"Testing allow action (1/3)", + "expected":{ + "debug_log": "Skipped rule id 'action-allow.json:3' as request trough the utilization of an `allow' action", + "http_code": 200 + }, + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "User-Agent":"My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + }, + "uri":"/?key=value&key=other_value", + "method":"GET" + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "rules":[ + "SecRuleEngine On", + "SecAction \"phase:1,allow,msg:'ALLOWED',id:500065\"", + "SecAction \"phase:1,deny,msg:'DENIED',id:500066\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"Testing allow action (2/3)", + "expected":{ \ No newline at end of file diff --git a/test/test-cases/regression/transformations.json b/test/test-cases/regression/transformations.json index dcb328f1..d49ae434 100644 --- a/test/test-cases/regression/transformations.json +++ b/test/test-cases/regression/transformations.json @@ -107,12 +107,12 @@ }, "expected": { "audit_log": "", - "debug_log": "lowercase: \"test", + "debug_log": "lowerCase: \"test", "error_log": "" }, "rules": [ "SecRuleEngine On", - "SecRule ARGS \"@contains test \" \"id:1,pass,t:trim,t:lowercase\"" + "SecRule ARGS \"@contains test \" \"id:1,pass,t:trim,t:lowerCase\"" ] } ]