github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Avoids unicode initialization on every rules block

Browse Source 
ModSecurity-nginx/#67
ModSecurity/#1563
This commit is contained in:
Felipe Zimmerle 2017-10-11 12:37:13 -03:00
parent 20edf9ab77
commit 1ad95254cd
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
5 changed files with 24 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -2,6 +2,9 @@
v3.0.????? - ?
---------------------------
- Avoids unicode initialization on every rules object
[Issue #1563 - @zimmerle, @Tiki-God, @sethinsd, @Cloaked9000, @AnoopAlias,
@intelbg]
- Makes clear to the user whenever the audit log is empty due to missing
JSON support.
[Issue #1585 - @zimmerle]

16
headers/modsecurity/rules.h
View File

@ -40,6 +40,7 @@ namespace Parser {
class Driver;
}
/** @ingroup ModSecurity_CPP_API */
class Rules : public RulesProperties {
public:
@ -47,23 +48,15 @@ class Rules : public RulesProperties {
: RulesProperties(new DebugLog()),
unicode_codepage(0),
m_referenceCount(0),
m_secmarker_skipped(0) {
unicode_map_table = reinterpret_cast<int *>(
malloc(sizeof(int)*65536));
memset(unicode_map_table, -1, (sizeof(int)*65536));
}
m_secmarker_skipped(0) { }
explicit Rules(DebugLog *customLog)
: RulesProperties(customLog),
unicode_codepage(0),
m_referenceCount(0),
m_secmarker_skipped(0) {
unicode_map_table = reinterpret_cast<int *>(
malloc(sizeof(int)*65536));
memset(unicode_map_table, -1, (sizeof(int)*65536));
}
m_secmarker_skipped(0) { }
~Rules();
~Rules() { }
void incrementReferenceCount(void);
void decrementReferenceCount(void);
@ -83,7 +76,6 @@ class Rules : public RulesProperties {
void debug(int level, std::string message);
int *unicode_map_table;
int64_t unicode_codepage;
private:

14
headers/modsecurity/rules_properties.h
View File

@ -79,6 +79,14 @@ class ConfigSet {
std::set<std::string> m_value;
};
class ConfigUnicodeMap {
public:
ConfigUnicodeMap() : m_set(false), m_unicode_map_table(NULL) { }
bool m_set;
int *m_unicode_map_table;
};
class RulesProperties {
public:
RulesProperties() :
@ -332,6 +340,11 @@ class RulesProperties {
from->m_secArgumentSeparator.m_value;
}
if (from->m_unicodeMapTable.m_set == true) {
to->m_unicodeMapTable.m_unicode_map_table = \
from->m_unicodeMapTable.m_unicode_map_table;
}
if (from->m_httpblKey.m_set == true) {
to->m_httpblKey.m_value = from->m_httpblKey.m_value;
to->m_httpblKey.m_set = from->m_httpblKey.m_set;
@ -469,6 +482,7 @@ class RulesProperties {
ConfigString m_secArgumentSeparator;
std::vector<actions::Action *> m_defaultActions[8];
std::vector<modsecurity::Rule *> m_rules[8];
ConfigUnicodeMap m_unicodeMapTable;
};
#endif

5
src/actions/transformations/url_decode_uni.cc
View File

@ -87,7 +87,8 @@ int UrlDecodeUni::inplace(unsigned char *input, uint64_t input_len,
fact = 1;
if (transaction
&& transaction->m_rules->unicode_map_table != NULL
&& transaction->m_rules->m_unicodeMapTable.m_set == true
&& transaction->m_rules->m_unicodeMapTable.m_unicode_map_table != NULL
&& transaction->m_rules->unicode_codepage > 0) {
for (j = 5; j >= 2; j--) {
if (isxdigit((input[i+j]))) {
@ -105,7 +106,7 @@ int UrlDecodeUni::inplace(unsigned char *input, uint64_t input_len,
if (Code >= 0 && Code <= 65535) {
Rules *r = transaction->m_rules;
hmap = r->unicode_map_table[Code];
hmap = r->m_unicodeMapTable.m_unicode_map_table[Code];
}
}

6
src/rules.cc
View File

@ -77,12 +77,6 @@ void Rules::decrementReferenceCount(void) {
}
Rules::~Rules() {
free(unicode_map_table);
unicode_map_table = NULL;
}
/**
* @name loadFromUri
* @brief load rules from a give uri