github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds full support to the libxml action

Browse Source 
Issue #1148
This commit is contained in:
Felipe Zimmerle
2016-05-18 09:47:30 -03:00
parent a9e6716c6a
commit 1f45d6cea8
7 changed files with 124 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/actions/xmlns.cc
View File

@@ -35,23 +35,23 @@ bool XmlNS::init(std::string *error) {
error->assign("XMLS: Bad format, missing equals sign.");
return false;
}
m_name = std::string(m_parser_payload, 0, pos);
m_value = std::string(m_parser_payload, pos+1, m_parser_payload.size());
m_scope = std::string(m_parser_payload, 0, pos);
m_href = std::string(m_parser_payload, pos+1, m_parser_payload.size());
if (m_value.empty() || m_name.empty()) {
if (m_href.empty() || m_scope.empty()) {
error->assign("XMLS: XMLNS is invalid. Expecting a " \
"name=value format.");
return false;
}
if (m_value.at(0) == '\'' && m_value.size() > 3) {
m_value.erase(0, 1);
m_value.pop_back();
if (m_href.at(0) == '\'' && m_href.size() > 3) {
m_href.erase(0, 1);
m_href.pop_back();
}
if (m_value.compare(0, http.length(), http) != 0) {
if (m_href.compare(0, http.length(), http) != 0) {
error->assign("XMLS: Missing xmlns href for prefix: " \
"`" + m_value + "'.");
"`" + m_href + "'.");
return false;
}

5
src/actions/xmlns.h
View File

@@ -37,9 +37,8 @@ class XmlNS : public Action {
bool init(std::string *error);
private:
std::string m_name;
std::string m_value;
std::string m_scope;
std::string m_href;
};