github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-01 03:57:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix rule-update-target exclusions for plain (non-regex) variables

Browse Source
This commit is contained in:
martinhsv
2020-02-05 06:57:01 -08:00
committed by Felipe Zimmerle
parent f7e4c1d9f5
commit 1b1fdc055b
5 changed files with 92 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/rule.cc
View File

@@ -697,7 +697,7 @@ bool Rule::evaluate(Transaction *trans,
const std::string &value = v->getValue();
const std::string &key = v->getKeyWithCollection();
if (exclusion.contains(v->getKey()) ||
if (exclusion.contains(v) ||
std::find_if(trans->m_ruleRemoveTargetById.begin(),
trans->m_ruleRemoveTargetById.end(),
[&, v, this](std::pair<int, std::string> &m) -> bool {
@@ -708,7 +708,7 @@ bool Rule::evaluate(Transaction *trans,
v = NULL;
continue;
}
if (exclusion.contains(v->getKey()) ||
if (exclusion.contains(v) ||
std::find_if(trans->m_ruleRemoveTargetByTag.begin(),
trans->m_ruleRemoveTargetByTag.end(),
[&, v, trans, this](std::pair<std::string, std::string> &m) -> bool {