github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support 'xmlns' action to the libmodsec parser

Browse Source
This commit is contained in:
Felipe Zimmerle 2016-05-16 18:24:10 -03:00
parent 3e8defb853
commit 1b88947d9b
6 changed files with 166 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Makefile.am
View File

@ -121,7 +121,8 @@ ACTIONS = \
actions/transformations/url_decode_uni.cc \ actions/transformations/url_decode_uni.cc \
actions/transformations/url_encode.cc \ actions/transformations/url_encode.cc \
actions/transformations/utf8_to_unicode.cc \ actions/transformations/utf8_to_unicode.cc \
actions/ver.cc actions/ver.cc \
actions/xmlns.cc
OPERATORS = \ OPERATORS = \

63
src/actions/xmlns.cc Normal file
View File

@ -0,0 +1,63 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "actions/xmlns.h"
#include <iostream>
#include <string>
#include "actions/action.h"
#include "modsecurity/transaction.h"
#include "src/utils.h"
namespace modsecurity {
namespace actions {
bool XmlNS::init(std::string *error) {
size_t pos;
std::string http = "http://";
pos = action.find("=");
if (pos == std::string::npos) {
error->assign("XMLS: Bad format, missing equals sign.");
return false;
}
m_name = std::string(action, 0, pos);
m_value = std::string(action, pos+1, action.size());
if (m_value.empty() or m_name.empty()) {
error->assign("XMLS: XMLNS is invalid. Expecting a " \
"name=value format.");
return false;
}
if (m_value.at(0) == '\'' && m_value.size() > 3) {
m_value.erase(0, 1);
m_value.pop_back();
}
if (m_value.compare(0, http.length(), http) != 0) {
error->assign("XMLS: Missing xmlns href for prefix: " \
"`" + m_value + "'.");
return false;
}
return true;
}
} // namespace actions
} // namespace modsecurity

49
src/actions/xmlns.h Normal file
View File

@ -0,0 +1,49 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <string>
#include "actions/action.h"
#ifndef SRC_ACTIONS_XMLNS_H_
#define SRC_ACTIONS_XMLNS_H_
class Transaction;
namespace modsecurity {
class Transaction;
namespace actions {
class XmlNS : public Action {
public:
explicit XmlNS(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override {
return true;
}
bool init(std::string *error);
private:
std::string m_name;
std::string m_value;
};
} // namespace actions
} // namespace modsecurity
#endif // SRC_ACTIONS_XMLNS_H_

11
src/parser/seclang-parser.yy
View File

@ -39,6 +39,7 @@ class Driver;
#include "actions/tag.h" #include "actions/tag.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "actions/transformations/none.h" #include "actions/transformations/none.h"
#include "actions/xmlns.h"
#include "operators/operator.h" #include "operators/operator.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "utils/geo_lookup.h" #include "utils/geo_lookup.h"
@ -261,6 +262,7 @@ using modsecurity::Variables::XML;
%token <std::string> ACTION_REV %token <std::string> ACTION_REV
%token <std::string> ACTION_VER %token <std::string> ACTION_VER
%token <std::string> ACTION_MATURITY %token <std::string> ACTION_MATURITY
%token <std::string> ACTION_XMLNS
%token <std::string> LOG_DATA %token <std::string> LOG_DATA
%token <std::string> TRANSFORMATION %token <std::string> TRANSFORMATION
%token <std::string> ACTION_CTL_AUDIT_ENGINE %token <std::string> ACTION_CTL_AUDIT_ENGINE
@ -1011,6 +1013,15 @@ act:
{ {
$$ = new Maturity($1); $$ = new Maturity($1);
} }
| ACTION_XMLNS
{
std::string error;
$$ = new modsecurity::actions::XmlNS($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
}
| ACTION_CTL_BDY_XML | ACTION_CTL_BDY_XML
{ {
/* not ready yet. */ /* not ready yet. */

4
src/parser/seclang-scanner.ll
View File

@ -23,7 +23,8 @@ using modsecurity::split;
%} %}
%option noyywrap nounput batch debug noinput %option noyywrap nounput batch debug noinput
ACTION (?i:accuracy|append|block|capture|chain|deny|deprecatevar|drop|expirevar|id:[0-9]+|id:'[0-9]+'|log|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setrsc|setenv|status:[0-9]+|xmlns) ACTION (?i:accuracy|append|block|capture|chain|deny|deprecatevar|drop|expirevar|id:[0-9]+|id:'[0-9]+'|log|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setrsc|setenv|status:[0-9]+)
ACTION_XMLNS (?i:xmlns)
ACTION_ALLOW (?i:allow) ACTION_ALLOW (?i:allow)
ACTION_INITCOL (?i:initcol) ACTION_INITCOL (?i:initcol)
@ -386,6 +387,7 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA} { {ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back()); return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back());
} }
{ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_XMLNS(strchr(yytext, ':') + 1, *driver.loc.back()); }
{LOG_DATA}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_LOG_DATA(strchr(yytext, ':') + 1, *driver.loc.back()); } {LOG_DATA}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_LOG_DATA(strchr(yytext, ':') + 1, *driver.loc.back()); }
{ACTION_MSG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MSG(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_MSG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MSG(strchr(yytext, ':') + 1, *driver.loc.back()); }

38
test/test-cases/regression/action-xmlns.json Normal file
View File

@ -0,0 +1,38 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing action :: XMLNS (parser error 1)",
"expected":{
"parser_error": "XMLS: Bad format, missing equals sign"
},
"rules":[
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap'http://schemas.xmlsoap.org/soap/envelope/'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing action :: XMLNS (parser error 2)",
"expected":{
"parser_error": "XMLS: XMLNS is invalid. Expecting a name=value format."
},
"rules":[
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:=\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing action :: XMLNS (parser error 3)",
"expected":{
"parser_error": "XMLS: Missing xmlns href for prefix: `schemas.xmlsoap.org/soap/envelope/'."
},
"rules":[
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap='schemas.xmlsoap.org/soap/envelope/'\""
]
}
]