github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring on the transformation classes

Browse Source
This commit is contained in:
Felipe Zimmerle 2016-12-20 14:56:28 -03:00
parent bbb61d560c
commit 15b81d09e7
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
5 changed files with 406 additions and 144 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/actions/transformations/transformation.cc
View File

@ -58,10 +58,6 @@
#include "src/actions/transformations/url_encode.h" #include "src/actions/transformations/url_encode.h"
#include "src/actions/transformations/utf8_to_unicode.h" #include "src/actions/transformations/utf8_to_unicode.h"
#define IF_MATCH(b) \
if (a.compare(2, std::strlen(#b), #b) == 0)
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
namespace transformations { namespace transformations {
@ -73,50 +69,6 @@ std::string Transformation::evaluate(std::string value,
} }
Transformation* Transformation::instantiate(std::string a) {
IF_MATCH(base64DecodeExt) { return new Base64DecodeExt(a); }
IF_MATCH(base64Decode) { return new Base64Decode(a); }
IF_MATCH(base64Encode) { return new Base64Encode(a); }
IF_MATCH(cmd_line) { return new CmdLine(a); }
IF_MATCH(compress_whitespace) { return new CompressWhitespace(a); }
IF_MATCH(cssDecode) { return new CssDecode(a); }
IF_MATCH(escapeSeqDecode) { return new EscapeSeqDecode(a); }
IF_MATCH(hexDecode) { return new HexDecode(a); }
IF_MATCH(hexEncode) { return new HexEncode(a); }
IF_MATCH(htmlEntityDecode) { return new HtmlEntityDecode(a); }
IF_MATCH(jsDecode) { return new JsDecode(a); }
IF_MATCH(length) { return new Length(a); }
IF_MATCH(lowercase) { return new LowerCase(a); }
IF_MATCH(md5) { return new Md5(a); }
IF_MATCH(none) { return new None(a); }
IF_MATCH(normalizePathWin) { return new NormalisePathWin(a); }
IF_MATCH(normalisePathWin) { return new NormalisePathWin(a); }
IF_MATCH(normalizePath) { return new NormalisePath(a); }
IF_MATCH(normalisePath) { return new NormalisePath(a); }
IF_MATCH(parityEven7bit) { return new ParityEven7bit(a); }
IF_MATCH(parityOdd7bit) { return new ParityOdd7bit(a); }
IF_MATCH(parityZero7bit) { return new ParityZero7bit(a); }
IF_MATCH(removeCommentsChar) { return new RemoveCommentsChar(a); }
IF_MATCH(removeComments) { return new RemoveComments(a); }
IF_MATCH(removeNulls) { return new RemoveNulls(a); }
IF_MATCH(removeWhitespace) { return new RemoveWhitespace(a); }
IF_MATCH(compressWhitespace) { return new CompressWhitespace(a); }
IF_MATCH(replaceComments) { return new ReplaceComments(a); }
IF_MATCH(replaceNulls) { return new ReplaceNulls(a); }
IF_MATCH(sha1) { return new Sha1(a); }
IF_MATCH(sqlHexDecode) { return new SqlHexDecode(a); }
IF_MATCH(transformation) { return new Transformation(a); }
IF_MATCH(trimLeft) { return new TrimLeft(a); }
IF_MATCH(trimRight) { return new TrimRight(a); }
IF_MATCH(trim) { return new Trim(a); }
IF_MATCH(urlDecodeUni) { return new UrlDecodeUni(a); }
IF_MATCH(urlDecode) { return new UrlDecode(a); }
IF_MATCH(urlEncode) { return new UrlEncode(a); }
IF_MATCH(utf8ToUnicode) { return new Utf8ToUnicode(a); }
return new Transformation(a);
}
} // namespace transformations } // namespace transformations
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

5
src/actions/transformations/transformation.h
View File

@ -20,8 +20,6 @@
#ifndef SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_ #ifndef SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_
#define SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_ #define SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_
#ifdef __cplusplus
namespace modsecurity { namespace modsecurity {
class Transaction; class Transaction;
@ -36,8 +34,6 @@ class Transformation : public Action {
explicit Transformation(const std::string& _action, int kind) explicit Transformation(const std::string& _action, int kind)
: Action(_action, kind) { } : Action(_action, kind) { }
static Transformation* instantiate(std::string);
std::string evaluate(std::string exp, std::string evaluate(std::string exp,
Transaction *transaction) override; Transaction *transaction) override;
}; };
@ -46,6 +42,5 @@ class Transformation : public Action {
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity
#endif
#endif // SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_ #endif // SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_

224
src/parser/seclang-parser.yy
View File

@ -58,6 +58,43 @@ class Driver;
#include "src/actions/ver.h" #include "src/actions/ver.h"
#include "src/actions/xmlns.h" #include "src/actions/xmlns.h"
#include "src/actions/transformations/hex_encode.h"
#include "src/actions/transformations/parity_even_7bit.h"
#include "src/actions/transformations/utf8_to_unicode.h"
#include "src/actions/transformations/parity_zero_7bit.h"
#include "src/actions/transformations/sql_hex_decode.h"
#include "src/actions/transformations/replace_comments.h"
#include "src/actions/transformations/none.h"
#include "src/actions/transformations/url_decode.h"
#include "src/actions/transformations/lower_case.h"
#include "src/actions/transformations/hex_decode.h"
#include "src/actions/transformations/url_encode.h"
#include "src/actions/transformations/js_decode.h"
#include "src/actions/transformations/url_decode_uni.h"
#include "src/actions/transformations/parity_odd_7bit.h"
#include "src/actions/transformations/transformation.h"
#include "src/actions/transformations/trim_right.h"
#include "src/actions/transformations/escape_seq_decode.h"
#include "src/actions/transformations/base64_decode_ext.h"
#include "src/actions/transformations/base64_decode.h"
#include "src/actions/transformations/trim.h"
#include "src/actions/transformations/cmd_line.h"
#include "src/actions/transformations/replace_nulls.h"
#include "src/actions/transformations/md5.h"
#include "src/actions/transformations/length.h"
#include "src/actions/transformations/sha1.h"
#include "src/actions/transformations/compress_whitespace.h"
#include "src/actions/transformations/normalise_path_win.h"
#include "src/actions/transformations/remove_nulls.h"
#include "src/actions/transformations/remove_comments.h"
#include "src/actions/transformations/normalise_path.h"
#include "src/actions/transformations/html_entity_decode.h"
#include "src/actions/transformations/trim_left.h"
#include "src/actions/transformations/remove_comments_char.h"
#include "src/actions/transformations/base64_encode.h"
#include "src/actions/transformations/remove_whitespace.h"
#include "src/actions/transformations/css_decode.h"
#include "modsecurity/audit_log.h" #include "modsecurity/audit_log.h"
@ -238,6 +275,36 @@ using modsecurity::operators::Operator;
%token <std::string> ACTION_VER %token <std::string> ACTION_VER
%token <std::string> ACTION_XMLNS %token <std::string> ACTION_XMLNS
%token <std::string> ACTION_TRANSFORMATION_CMD_LINE
%token <std::string> ACTION_TRANSFORMATION_COMPRESS_WHITESPACE
%token <std::string> ACTION_TRANSFORMATION_CSS_DECODE
%token <std::string> ACTION_TRANSFORMATION_HEX_ENCODE
%token <std::string> ACTION_TRANSFORMATION_HTML_ENTITY_DECODE
%token <std::string> ACTION_TRANSFORMATION_JS_DECODE
%token <std::string> ACTION_TRANSFORMATION_LENGTH
%token <std::string> ACTION_TRANSFORMATION_LOWERCASE
%token <std::string> ACTION_TRANSFORMATION_MD5
%token <std::string> ACTION_TRANSFORMATION_NONE
%token <std::string> ACTION_TRANSFORMATION_NORMALISE_PATH
%token <std::string> ACTION_TRANSFORMATION_NORMALISE_PATH_WIN
%token <std::string> ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT
%token <std::string> ACTION_TRANSFORMATION_PARITY_ODD_7_BIT
%token <std::string> ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT
%token <std::string> ACTION_TRANSFORMATION_REMOVE_COMMENTS
%token <std::string> ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR
%token <std::string> ACTION_TRANSFORMATION_REMOVE_NULLS
%token <std::string> ACTION_TRANSFORMATION_REMOVE_WHITESPACE
%token <std::string> ACTION_TRANSFORMATION_REPLACE_COMMENTS
%token <std::string> ACTION_TRANSFORMATION_REPLACE_NULLS
%token <std::string> ACTION_TRANSFORMATION_SHA1
%token <std::string> ACTION_TRANSFORMATION_SQL_HEX_DECODE
%token <std::string> ACTION_TRANSFORMATION_TRIM
%token <std::string> ACTION_TRANSFORMATION_URL_DECODE
%token <std::string> ACTION_TRANSFORMATION_URL_DECODE_UNI
%token <std::string> ACTION_TRANSFORMATION_UTF8_TO_UNICODE
%token <std::string> CONFIG_COMPONENT_SIG %token <std::string> CONFIG_COMPONENT_SIG
%token <std::string> CONFIG_DIR_AUDIT_DIR %token <std::string> CONFIG_DIR_AUDIT_DIR
%token <std::string> CONFIG_DIR_AUDIT_DIR_MOD %token <std::string> CONFIG_DIR_AUDIT_DIR_MOD
@ -315,19 +382,18 @@ using modsecurity::operators::Operator;
%token <std::string> RUN_TIME_VAR_TIME_WDAY %token <std::string> RUN_TIME_VAR_TIME_WDAY
%token <std::string> RUN_TIME_VAR_TIME_YEAR %token <std::string> RUN_TIME_VAR_TIME_YEAR
%token <std::string> RUN_TIME_VAR_XML %token <std::string> RUN_TIME_VAR_XML
%token <std::string> TRANSFORMATION
%token <std::string> VARIABLE %token <std::string> VARIABLE
%token <std::string> VARIABLE_COL %token <std::string> VARIABLE_COL
%token <std::string> VARIABLE_STATUS %token <std::string> VARIABLE_STATUS
%token <std::string> VARIABLE_TX %token <std::string> VARIABLE_TX
%type <actions::Action *> act %type <actions::Action *> act
%type <Operator *> op
%type <Variable *> var
%type <std::vector<actions::Action *> *> actings %type <std::vector<actions::Action *> *> actings
%type <std::vector<actions::Action *> *> actions %type <std::vector<actions::Action *> *> actions
%type <std::vector<Variable *> *> variables %type <std::vector<Variable *> *> variables
%type <Operator *> op
%type <Variable *> var
%printer { yyoutput << $$; } <*>; %printer { yyoutput << $$; } <*>;
@ -467,6 +533,24 @@ actings:
} }
; ;
actions:
actions COMMA act
{
std::vector<actions::Action *> *a = $1;
ACTION_INIT($3, @0)
a->push_back($3);
$$ = $1;
}
| act
{
std::vector<actions::Action *> *a = new std::vector<actions::Action *>;
ACTION_INIT($1, @0)
a->push_back($1);
$$ = a;
}
;
op: op:
OPERATOR OPERATOR
{ {
@ -1207,19 +1291,19 @@ act:
} }
| ACTION_SETSID | ACTION_SETSID
{ {
$$ = new actions::SetSID($1); $$ = new modsecurity::actions::SetSID($1);
} }
| ACTION_SETUID | ACTION_SETUID
{ {
$$ = new actions::SetUID($1); $$ = new modsecurity::actions::SetUID($1);
} }
| ACTION_SETVAR | ACTION_SETVAR
{ {
$$ = new actions::SetVar($1); $$ = new modsecurity::actions::SetVar($1);
} }
| ACTION_SEVERITY | ACTION_SEVERITY
{ {
$$ = new actions::Severity($1); $$ = new modsecurity::actions::Severity($1);
} }
| ACTION_SKIP | ACTION_SKIP
{ {
@ -1231,41 +1315,127 @@ act:
} }
| ACTION_STATUS | ACTION_STATUS
{ {
$$ = new actions::data::Status($1); $$ = new modsecurity::actions::data::Status($1);
} }
| ACTION_TAG | ACTION_TAG
{ {
$$ = new actions::Tag($1); $$ = new modsecurity::actions::Tag($1);
} }
| ACTION_VER | ACTION_VER
{ {
$$ = new actions::Ver($1); $$ = new modsecurity::actions::Ver($1);
} }
| ACTION_XMLNS | ACTION_XMLNS
{ {
$$ = new modsecurity::actions::XmlNS($1); $$ = new modsecurity::actions::XmlNS($1);
} }
| ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT
| TRANSFORMATION
{ {
$$ = actions::transformations::Transformation::instantiate($1); $$ = new modsecurity::actions::transformations::ParityZero7bit($1);
} }
; | ACTION_TRANSFORMATION_PARITY_ODD_7_BIT
actions:
actions COMMA act
{ {
std::vector<actions::Action *> *a = $1; $$ = new modsecurity::actions::transformations::ParityOdd7bit($1);
ACTION_INIT($3, @0)
a->push_back($3);
$$ = $1;
} }
| act | ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT
{ {
std::vector<actions::Action *> *a = new std::vector<actions::Action *>; $$ = new modsecurity::actions::transformations::ParityEven7bit($1);
ACTION_INIT($1, @0) }
a->push_back($1); | ACTION_TRANSFORMATION_SQL_HEX_DECODE
$$ = a; {
$$ = new modsecurity::actions::transformations::SqlHexDecode($1);
}
| ACTION_TRANSFORMATION_CMD_LINE
{
$$ = new modsecurity::actions::transformations::CmdLine($1);
}
| ACTION_TRANSFORMATION_SHA1
{
$$ = new modsecurity::actions::transformations::Sha1($1);
}
| ACTION_TRANSFORMATION_MD5
{
$$ = new modsecurity::actions::transformations::Md5($1);
}
| ACTION_TRANSFORMATION_HEX_ENCODE
{
$$ = new modsecurity::actions::transformations::HexEncode($1);
}
| ACTION_TRANSFORMATION_LOWERCASE
{
$$ = new modsecurity::actions::transformations::LowerCase($1);
}
| ACTION_TRANSFORMATION_URL_DECODE_UNI
{
$$ = new modsecurity::actions::transformations::UrlDecodeUni($1);
}
| ACTION_TRANSFORMATION_URL_DECODE
{
$$ = new modsecurity::actions::transformations::UrlDecode($1);
}
| ACTION_TRANSFORMATION_NONE
{
$$ = new modsecurity::actions::transformations::None($1);
}
| ACTION_TRANSFORMATION_COMPRESS_WHITESPACE
{
$$ = new modsecurity::actions::transformations::CompressWhitespace($1);
}
| ACTION_TRANSFORMATION_REMOVE_WHITESPACE
{
$$ = new modsecurity::actions::transformations::RemoveWhitespace($1);
}
| ACTION_TRANSFORMATION_REPLACE_NULLS
{
$$ = new modsecurity::actions::transformations::ReplaceNulls($1);
}
| ACTION_TRANSFORMATION_REMOVE_NULLS
{
$$ = new modsecurity::actions::transformations::RemoveNulls($1);
}
| ACTION_TRANSFORMATION_HTML_ENTITY_DECODE
{
$$ = new modsecurity::actions::transformations::HtmlEntityDecode($1);
}
| ACTION_TRANSFORMATION_JS_DECODE
{
$$ = new modsecurity::actions::transformations::JsDecode($1);
}
| ACTION_TRANSFORMATION_CSS_DECODE
{
$$ = new modsecurity::actions::transformations::CssDecode($1);
}
| ACTION_TRANSFORMATION_TRIM
{
$$ = new modsecurity::actions::transformations::Trim($1);
}
| ACTION_TRANSFORMATION_NORMALISE_PATH_WIN
{
$$ = new modsecurity::actions::transformations::NormalisePathWin($1);
}
| ACTION_TRANSFORMATION_NORMALISE_PATH
{
$$ = new modsecurity::actions::transformations::NormalisePath($1);
}
| ACTION_TRANSFORMATION_LENGTH
{
$$ = new modsecurity::actions::transformations::Length($1);
}
| ACTION_TRANSFORMATION_UTF8_TO_UNICODE
{
$$ = new modsecurity::actions::transformations::Utf8ToUnicode($1);
}
| ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR
{
$$ = new modsecurity::actions::transformations::RemoveCommentsChar($1);
}
| ACTION_TRANSFORMATION_REMOVE_COMMENTS
{
$$ = new modsecurity::actions::transformations::RemoveComments($1);
}
| ACTION_TRANSFORMATION_REPLACE_COMMENTS
{
$$ = new modsecurity::actions::transformations::ReplaceComments($1);
} }
; ;

60
src/parser/seclang-scanner.ll
View File

@ -82,6 +82,34 @@ ACTION_TAG (?i:tag)
ACTION_VER (?i:ver) ACTION_VER (?i:ver)
ACTION_XMLNS (?i:xmlns) ACTION_XMLNS (?i:xmlns)
ACTION_TRANSFORMATION_CMD_LINE (?i:t:cmdLine)
ACTION_TRANSFORMATION_COMPRESS_WHITESPACE (?i:t:compressWhitespace)
ACTION_TRANSFORMATION_CSS_DECODE (?i:t:cssDecode)
ACTION_TRANSFORMATION_HEX_ENCODE (?i:t:hexEncode)
ACTION_TRANSFORMATION_HTML_ENTITY_DECODE (?i:t:htmlEntityDecode)
ACTION_TRANSFORMATION_JS_DECODE (?i:t:jsDecode)
ACTION_TRANSFORMATION_LENGTH (?i:t:length)
ACTION_TRANSFORMATION_LOWERCASE (?i:t:lowercase)
ACTION_TRANSFORMATION_MD5 (?i:t:md5)
ACTION_TRANSFORMATION_NONE (?i:t:none)
ACTION_TRANSFORMATION_NORMALISE_PATH (?i:t:(normalisePath|normalizePath))
ACTION_TRANSFORMATION_NORMALISE_PATH_WIN (?i:t:(normalisePathWin|normalizePathWin))
ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT (?i:t:parityEven7bit)
ACTION_TRANSFORMATION_PARITY_ODD_7_BIT (?i:t:parityOdd7bit)
ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT (?i:t:parityZero7bit)
ACTION_TRANSFORMATION_REMOVE_COMMENTS (?i:t:removeComments)
ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR (?i:t:removeCommentsChar)
ACTION_TRANSFORMATION_REMOVE_NULLS (?i:t:removeNulls)
ACTION_TRANSFORMATION_REMOVE_WHITESPACE (?i:t:removeWhitespace)
ACTION_TRANSFORMATION_REPLACE_COMMENTS (?i:t:replaceComments)
ACTION_TRANSFORMATION_REPLACE_NULLS (?i:t:replaceNulls)
ACTION_TRANSFORMATION_SHA1 (?i:t:sha1)
ACTION_TRANSFORMATION_SQL_HEX_DECODE (?i:t:sqlHexDecode)
ACTION_TRANSFORMATION_TRIM (?i:t:trim)
ACTION_TRANSFORMATION_URL_DECODE (?i:t:urlDecode)
ACTION_TRANSFORMATION_URL_DECODE_UNI (?i:t:urlDecodeUni)
ACTION_TRANSFORMATION_UTF8_TO_UNICODE (?i:t:utf8toUnicode)
AUDIT_PARTS [ABCDEFHJKIZ]+ AUDIT_PARTS [ABCDEFHJKIZ]+
COL_FREE_TEXT_SPACE_COMMA ([^,"])+ COL_FREE_TEXT_SPACE_COMMA ([^,"])+
@ -176,7 +204,6 @@ RUN_TIME_VAR_TIME_WDAY (?i:TIME_WDAY)
RUN_TIME_VAR_TIME_YEAR (?i:TIME_YEAR) RUN_TIME_VAR_TIME_YEAR (?i:TIME_YEAR)
RUN_TIME_VAR_XML (?i:XML) RUN_TIME_VAR_XML (?i:XML)
SOMETHING ["]{1}([^"]|([^\\"]\\\"))*["]{1} SOMETHING ["]{1}([^"]|([^\\"]\\\"))*["]{1}
TRANSFORMATION t:(?i:(parityZero7bit|parityOdd7bit|parityEven7bit|sqlHexDecode|cmdLine|sha1|md5|hexEncode|lowercase|urlDecodeUni|urlDecode|none|compressWhitespace|removeWhitespace|replaceNulls|removeNulls|htmlEntityDecode|jsDecode|cssDecode|trim|normalizePathWin|normalisePathWin|normalizePath|normalisePath|length|utf8toUnicode|urldecode|removeCommentsChar|removeComments|replaceComments))
VARIABLENOCOLON (?i:URLENCODED_ERROR|REQBODY_PROCESSOR_ERROR_MSG|REQBODY_PROCESSOR_ERROR|REQBODY_PROCESSOR|REQBODY_ERROR_MSG|REQBODY_ERROR|MULTIPART_FILE_LIMIT_EXCEEDED|MULTIPART_INVALID_QUOTING|MULTIPART_HEADER_FOLDING|MULTIPART_INVALID_HEADER_FOLDING|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE) VARIABLENOCOLON (?i:URLENCODED_ERROR|REQBODY_PROCESSOR_ERROR_MSG|REQBODY_PROCESSOR_ERROR|REQBODY_PROCESSOR|REQBODY_ERROR_MSG|REQBODY_ERROR|MULTIPART_FILE_LIMIT_EXCEEDED|MULTIPART_INVALID_QUOTING|MULTIPART_HEADER_FOLDING|MULTIPART_INVALID_HEADER_FOLDING|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
VARIABLE (?i:(SERVER_NAME|MULTIPART_DATA_AFTER|RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_TMPNAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|USERID|SESSIONID)) VARIABLE (?i:(SERVER_NAME|MULTIPART_DATA_AFTER|RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_TMPNAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|USERID|SESSIONID))
VARIABLE_COL (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|REQUEST_COOKIES_NAMES)) VARIABLE_COL (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|REQUEST_COOKIES_NAMES))
@ -274,6 +301,36 @@ VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
{ACTION_TAG}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_TAG(yytext, *driver.loc.back()); } {ACTION_TAG}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_TAG(yytext, *driver.loc.back()); }
{ACTION_VER}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_VER(yytext, *driver.loc.back()); } {ACTION_VER}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_VER(yytext, *driver.loc.back()); }
{ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_XMLNS(yytext, *driver.loc.back()); } {ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_XMLNS(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT} { return p::make_ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_PARITY_ODD_7_BIT} { return p::make_ACTION_TRANSFORMATION_PARITY_ODD_7_BIT(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT} { return p::make_ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_SQL_HEX_DECODE} { return p::make_ACTION_TRANSFORMATION_SQL_HEX_DECODE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_CMD_LINE} { return p::make_ACTION_TRANSFORMATION_CMD_LINE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_SHA1} { return p::make_ACTION_TRANSFORMATION_SHA1(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_MD5} { return p::make_ACTION_TRANSFORMATION_MD5(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_HEX_ENCODE} { return p::make_ACTION_TRANSFORMATION_HEX_ENCODE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_LOWERCASE} { return p::make_ACTION_TRANSFORMATION_LOWERCASE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_URL_DECODE_UNI} { return p::make_ACTION_TRANSFORMATION_URL_DECODE_UNI(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_URL_DECODE} { return p::make_ACTION_TRANSFORMATION_URL_DECODE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_NONE} { return p::make_ACTION_TRANSFORMATION_NONE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_COMPRESS_WHITESPACE} { return p::make_ACTION_TRANSFORMATION_COMPRESS_WHITESPACE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REMOVE_WHITESPACE} { return p::make_ACTION_TRANSFORMATION_REMOVE_WHITESPACE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REPLACE_NULLS} { return p::make_ACTION_TRANSFORMATION_REPLACE_NULLS(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REMOVE_NULLS} { return p::make_ACTION_TRANSFORMATION_REMOVE_NULLS(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_HTML_ENTITY_DECODE} { return p::make_ACTION_TRANSFORMATION_HTML_ENTITY_DECODE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_JS_DECODE} { return p::make_ACTION_TRANSFORMATION_JS_DECODE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_CSS_DECODE} { return p::make_ACTION_TRANSFORMATION_CSS_DECODE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_TRIM} { return p::make_ACTION_TRANSFORMATION_TRIM(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_NORMALISE_PATH_WIN} { return p::make_ACTION_TRANSFORMATION_NORMALISE_PATH_WIN(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_NORMALISE_PATH} { return p::make_ACTION_TRANSFORMATION_NORMALISE_PATH(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_LENGTH} { return p::make_ACTION_TRANSFORMATION_LENGTH(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_UTF8_TO_UNICODE} { return p::make_ACTION_TRANSFORMATION_UTF8_TO_UNICODE(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR} { return p::make_ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REMOVE_COMMENTS} { return p::make_ACTION_TRANSFORMATION_REMOVE_COMMENTS(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REPLACE_COMMENTS} { return p::make_ACTION_TRANSFORMATION_REPLACE_COMMENTS(yytext, *driver.loc.back()); }
{ACTION_LOG_DATA}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_LOG_DATA(yytext, *driver.loc.back()); } {ACTION_LOG_DATA}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_LOG_DATA(yytext, *driver.loc.back()); }
{CONFIG_COMPONENT_SIG}[ \t]+["]{FREE_TEXT}["] { return p::make_CONFIG_COMPONENT_SIG(strchr(yytext, ' ') + 2, *driver.loc.back()); } {CONFIG_COMPONENT_SIG}[ \t]+["]{FREE_TEXT}["] { return p::make_CONFIG_COMPONENT_SIG(strchr(yytext, ' ') + 2, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_DIR_MOD}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_AUDIT_DIR_MOD(strchr(yytext, ' ') + 1, *driver.loc.back()); } {CONFIG_DIR_AUDIT_DIR_MOD}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_AUDIT_DIR_MOD(strchr(yytext, ' ') + 1, *driver.loc.back()); }
@ -330,7 +387,6 @@ VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
{CONGIG_DIR_SEC_TMP_DIR}[ ]{CONFIG_VALUE_PATH} { return p::make_CONGIG_DIR_SEC_TMP_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); } {CONGIG_DIR_SEC_TMP_DIR}[ ]{CONFIG_VALUE_PATH} { return p::make_CONGIG_DIR_SEC_TMP_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{DIRECTIVE_SECRULESCRIPT}[ ]{CONFIG_VALUE_PATH} { return p::make_DIRECTIVE_SECRULESCRIPT(yytext, *driver.loc.back()); } {DIRECTIVE_SECRULESCRIPT}[ ]{CONFIG_VALUE_PATH} { return p::make_DIRECTIVE_SECRULESCRIPT(yytext, *driver.loc.back()); }
{DIRECTIVE} { return p::make_DIRECTIVE(yytext, *driver.loc.back()); } {DIRECTIVE} { return p::make_DIRECTIVE(yytext, *driver.loc.back()); }
{TRANSFORMATION} { return p::make_TRANSFORMATION(yytext, *driver.loc.back()); }
{CONFIG_SEC_REMOTE_RULES_FAIL_ACTION} { return p::make_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION(yytext, *driver.loc.back()); } {CONFIG_SEC_REMOTE_RULES_FAIL_ACTION} { return p::make_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION(yytext, *driver.loc.back()); }
{CONFIG_SEC_COLLECTION_TIMEOUT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_SEC_COLLECTION_TIMEOUT(strchr(yytext, ' ') + 1, *driver.loc.back()); } {CONFIG_SEC_COLLECTION_TIMEOUT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_SEC_COLLECTION_TIMEOUT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
[ \t]*[\n] { driver.loc.back()->lines(1); driver.loc.back()->step(); } [ \t]*[\n] { driver.loc.back()->lines(1); driver.loc.back()->step(); }

93
test/unit/unit.cc
View File

@ -14,15 +14,55 @@
*/ */
#include <string.h> #include <string.h>
#include <cstring>
#include <ctime>
#include <iostream> #include <iostream>
#include <ctime>
#include <string> #include <string>
#include "modsecurity/modsecurity.h" #include "modsecurity/modsecurity.h"
#include "modsecurity/rules.h" #include "modsecurity/rules.h"
#include "src/operators/operator.h" #include "src/operators/operator.h"
#include "src/actions/transformations/transformation.h" #include "src/actions/transformations/transformation.h"
#include "modsecurity/transaction.h"
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/base64_decode_ext.h"
#include "src/actions/transformations/base64_decode.h"
#include "src/actions/transformations/base64_encode.h"
#include "src/actions/transformations/cmd_line.h"
#include "src/actions/transformations/compress_whitespace.h"
#include "src/actions/transformations/css_decode.h"
#include "src/actions/transformations/escape_seq_decode.h"
#include "src/actions/transformations/hex_decode.h"
#include "src/actions/transformations/hex_encode.h"
#include "src/actions/transformations/html_entity_decode.h"
#include "src/actions/transformations/js_decode.h"
#include "src/actions/transformations/length.h"
#include "src/actions/transformations/lower_case.h"
#include "src/actions/transformations/md5.h"
#include "src/actions/transformations/none.h"
#include "src/actions/transformations/normalise_path.h"
#include "src/actions/transformations/normalise_path_win.h"
#include "src/actions/transformations/parity_even_7bit.h"
#include "src/actions/transformations/parity_odd_7bit.h"
#include "src/actions/transformations/parity_zero_7bit.h"
#include "src/actions/transformations/remove_comments_char.h"
#include "src/actions/transformations/remove_comments.h"
#include "src/actions/transformations/remove_nulls.h"
#include "src/actions/transformations/remove_whitespace.h"
#include "src/actions/transformations/replace_comments.h"
#include "src/actions/transformations/replace_nulls.h"
#include "src/actions/transformations/sha1.h"
#include "src/actions/transformations/sql_hex_decode.h"
#include "src/actions/transformations/trim.h"
#include "src/actions/transformations/trim_left.h"
#include "src/actions/transformations/trim_right.h"
#include "src/actions/transformations/url_decode.h"
#include "src/actions/transformations/url_decode_uni.h"
#include "src/actions/transformations/url_encode.h"
#include "src/actions/transformations/utf8_to_unicode.h"
#include "test/common/modsecurity_test.h" #include "test/common/modsecurity_test.h"
#include "test/common/modsecurity_test_results.h" #include "test/common/modsecurity_test_results.h"
@ -30,12 +70,16 @@
#include "test/unit/unit_test.h" #include "test/unit/unit_test.h"
#include "src/utils/string.h" #include "src/utils/string.h"
#define IF_MATCH(b) \
if (a.compare(2, std::strlen(#b), #b) == 0)
using modsecurity_test::UnitTest; using modsecurity_test::UnitTest;
using modsecurity_test::ModSecurityTest; using modsecurity_test::ModSecurityTest;
using modsecurity_test::ModSecurityTestResults; using modsecurity_test::ModSecurityTestResults;
using modsecurity::actions::transformations::Transformation; using modsecurity::actions::transformations::Transformation;
using modsecurity::operators::Operator; using modsecurity::operators::Operator;
using namespace modsecurity::actions::transformations;
std::string default_test_path = "test-cases/secrules-language-tests/operators"; std::string default_test_path = "test-cases/secrules-language-tests/operators";
@ -46,6 +90,51 @@ void print_help() {
} }
Transformation* t_instantiate(std::string a) {
IF_MATCH(base64DecodeExt) { return new Base64DecodeExt(a); }
IF_MATCH(base64Decode) { return new Base64Decode(a); }
IF_MATCH(base64Encode) { return new Base64Encode(a); }
IF_MATCH(cmd_line) { return new CmdLine(a); }
IF_MATCH(compress_whitespace) { return new CompressWhitespace(a); }
IF_MATCH(cssDecode) { return new CssDecode(a); }
IF_MATCH(escapeSeqDecode) { return new EscapeSeqDecode(a); }
IF_MATCH(hexDecode) { return new HexDecode(a); }
IF_MATCH(hexEncode) { return new HexEncode(a); }
IF_MATCH(htmlEntityDecode) { return new HtmlEntityDecode(a); }
IF_MATCH(jsDecode) { return new JsDecode(a); }
IF_MATCH(length) { return new Length(a); }
IF_MATCH(lowercase) { return new LowerCase(a); }
IF_MATCH(md5) { return new Md5(a); }
IF_MATCH(none) { return new None(a); }
IF_MATCH(normalizePathWin) { return new NormalisePathWin(a); }
IF_MATCH(normalisePathWin) { return new NormalisePathWin(a); }
IF_MATCH(normalizePath) { return new NormalisePath(a); }
IF_MATCH(normalisePath) { return new NormalisePath(a); }
IF_MATCH(parityEven7bit) { return new ParityEven7bit(a); }
IF_MATCH(parityOdd7bit) { return new ParityOdd7bit(a); }
IF_MATCH(parityZero7bit) { return new ParityZero7bit(a); }
IF_MATCH(removeCommentsChar) { return new RemoveCommentsChar(a); }
IF_MATCH(removeComments) { return new RemoveComments(a); }
IF_MATCH(removeNulls) { return new RemoveNulls(a); }
IF_MATCH(removeWhitespace) { return new RemoveWhitespace(a); }
IF_MATCH(compressWhitespace) { return new CompressWhitespace(a); }
IF_MATCH(replaceComments) { return new ReplaceComments(a); }
IF_MATCH(replaceNulls) { return new ReplaceNulls(a); }
IF_MATCH(sha1) { return new Sha1(a); }
IF_MATCH(sqlHexDecode) { return new SqlHexDecode(a); }
IF_MATCH(transformation) { return new Transformation(a); }
IF_MATCH(trimLeft) { return new TrimLeft(a); }
IF_MATCH(trimRight) { return new TrimRight(a); }
IF_MATCH(trim) { return new Trim(a); }
IF_MATCH(urlDecodeUni) { return new UrlDecodeUni(a); }
IF_MATCH(urlDecode) { return new UrlDecode(a); }
IF_MATCH(urlEncode) { return new UrlEncode(a); }
IF_MATCH(utf8ToUnicode) { return new Utf8ToUnicode(a); }
return new Transformation(a);
}
void perform_unit_test(ModSecurityTest<UnitTest> *test, UnitTest *t, void perform_unit_test(ModSecurityTest<UnitTest> *test, UnitTest *t,
ModSecurityTestResults<UnitTest>* res) { ModSecurityTestResults<UnitTest>* res) {
std::string error; std::string error;
@ -70,7 +159,7 @@ void perform_unit_test(ModSecurityTest<UnitTest> *test, UnitTest *t,
} }
delete op; delete op;
} else if (t->type == "tfn") { } else if (t->type == "tfn") {
Transformation *tfn = Transformation::instantiate("t:" + t->name); Transformation *tfn = t_instantiate("t:" + t->name);
std::string ret = tfn->evaluate(t->input, NULL); std::string ret = tfn->evaluate(t->input, NULL);
t->obtained = 1; t->obtained = 1;
t->obtainedOutput = ret; t->obtainedOutput = ret;