mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-13 21:36:00 +03:00
Constify Transaction on variable resolution
This commit is contained in:
Felipe Zimmerle
Felipe Zimmerle
parent
7afcd3046d
commit
1f80055f63
@ -88,21 +88,21 @@ class AnchoredSetVariable : public std::unordered_multimap<std::string,
|
||||
void set(const std::string &key, const bpstd::string_view &value,
|
||||
size_t offset);
|
||||
|
||||
void resolve(VariableValues *l);
|
||||
void resolve(VariableValues *l) const noexcept;
|
||||
void resolve(VariableValues *l,
|
||||
variables::KeyExclusions &ke);
|
||||
const variables::KeyExclusions &ke) const noexcept;
|
||||
|
||||
void resolve(const std::string &key,
|
||||
VariableValues *l);
|
||||
VariableValues *l) const noexcept;
|
||||
|
||||
void resolveRegularExpression(Utils::Regex *r,
|
||||
VariableValues *l);
|
||||
void resolveRegularExpression(const Utils::Regex *r,
|
||||
VariableValues *l) const noexcept;
|
||||
|
||||
void resolveRegularExpression(Utils::Regex *r,
|
||||
void resolveRegularExpression(const Utils::Regex *r,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke);
|
||||
const variables::KeyExclusions &ke) const noexcept;
|
||||
|
||||
std::unique_ptr<std::string> resolveFirst(const std::string &key);
|
||||
std::unique_ptr<std::string> resolveFirst(const std::string &key) const noexcept;
|
||||
|
||||
Transaction *m_transaction;
|
||||
std::string m_name;
|
||||
|
||||
@ -51,14 +51,6 @@ class AnchoredVariable {
|
||||
AnchoredVariable(const AnchoredVariable &a) = delete;
|
||||
AnchoredVariable &operator= (const AnchoredVariable &a) = delete;
|
||||
|
||||
/*
|
||||
: m_transaction(a.m_transaction),
|
||||
m_offset(a.m_offset),
|
||||
m_name(a.m_name),
|
||||
m_value(a.m_value),
|
||||
m_var(a.m_var) { }
|
||||
*/
|
||||
|
||||
void unset();
|
||||
void set(const std::string &a, size_t offset);
|
||||
void set(const bpstd::string_view &a, size_t offset);
|
||||
@ -69,9 +61,9 @@ class AnchoredVariable {
|
||||
void append(const std::string &a, size_t offset,
|
||||
bool spaceSeparator, int size);
|
||||
|
||||
void evaluate(VariableValues *l);
|
||||
std::string * evaluate();
|
||||
std::unique_ptr<std::string> resolveFirst();
|
||||
void evaluate(VariableValues *l) const noexcept;
|
||||
const std::string *evaluate() const noexcept;
|
||||
std::unique_ptr<std::string> resolveFirst() const noexcept;
|
||||
|
||||
Transaction *m_transaction;
|
||||
int m_offset;
|
||||
@ -88,4 +80,3 @@ class AnchoredVariable {
|
||||
|
||||
|
||||
#endif // HEADERS_MODSECURITY_ANCHORED_VARIABLE_H_
|
||||
|
||||
|
||||
@ -57,16 +57,16 @@ class Collection {
|
||||
virtual void del(const std::string& key) = 0;
|
||||
|
||||
virtual std::unique_ptr<std::string> resolveFirst(
|
||||
const std::string& var) = 0;
|
||||
const std::string& var) const = 0;
|
||||
|
||||
virtual void resolveSingleMatch(const std::string& var,
|
||||
VariableValues *l) = 0;
|
||||
VariableValues *l) const noexcept = 0;
|
||||
virtual void resolveMultiMatches(const std::string& var,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) = 0;
|
||||
const variables::KeyExclusions &ke) const noexcept = 0;
|
||||
virtual void resolveRegularExpression(const std::string& var,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) = 0;
|
||||
const variables::KeyExclusions &ke) const noexcept = 0;
|
||||
|
||||
|
||||
/* store */
|
||||
@ -131,14 +131,14 @@ class Collection {
|
||||
|
||||
/* resolveFirst */
|
||||
virtual std::unique_ptr<std::string> resolveFirst(const std::string& var,
|
||||
std::string compartment) {
|
||||
const std::string &compartment) const noexcept {
|
||||
std::string nkey = compartment + "::" + var;
|
||||
return resolveFirst(nkey);
|
||||
}
|
||||
|
||||
|
||||
virtual std::unique_ptr<std::string> resolveFirst(const std::string& var,
|
||||
std::string compartment, std::string compartment2) {
|
||||
const std::string &compartment, const std::string &compartment2) const noexcept {
|
||||
std::string nkey = compartment + "::" + compartment2 + "::" + var;
|
||||
return resolveFirst(nkey);
|
||||
}
|
||||
@ -146,15 +146,15 @@ class Collection {
|
||||
|
||||
/* resolveSingleMatch */
|
||||
virtual void resolveSingleMatch(const std::string& var,
|
||||
std::string compartment, VariableValues *l) {
|
||||
const std::string &compartment, VariableValues *l) const noexcept {
|
||||
std::string nkey = compartment + "::" + var;
|
||||
resolveSingleMatch(nkey, l);
|
||||
}
|
||||
|
||||
|
||||
virtual void resolveSingleMatch(const std::string& var,
|
||||
std::string compartment, std::string compartment2,
|
||||
VariableValues *l) {
|
||||
const std::string &compartment, const std::string &compartment2,
|
||||
VariableValues *l) const noexcept {
|
||||
std::string nkey = compartment + "::" + compartment2 + "::" + var;
|
||||
resolveSingleMatch(nkey, l);
|
||||
}
|
||||
@ -162,17 +162,17 @@ class Collection {
|
||||
|
||||
/* resolveMultiMatches */
|
||||
virtual void resolveMultiMatches(const std::string& var,
|
||||
std::string compartment, VariableValues *l,
|
||||
variables::KeyExclusions &ke) {
|
||||
const std::string &compartment, VariableValues *l,
|
||||
const variables::KeyExclusions &ke) const noexcept {
|
||||
std::string nkey = compartment + "::" + var;
|
||||
resolveMultiMatches(nkey, l, ke);
|
||||
}
|
||||
|
||||
|
||||
virtual void resolveMultiMatches(const std::string& var,
|
||||
std::string compartment, std::string compartment2,
|
||||
const std::string &compartment, const std::string &compartment2,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) {
|
||||
const variables::KeyExclusions &ke) const noexcept {
|
||||
std::string nkey = compartment + "::" + compartment2 + "::" + var;
|
||||
resolveMultiMatches(nkey, l, ke);
|
||||
}
|
||||
@ -180,16 +180,16 @@ class Collection {
|
||||
|
||||
/* resolveRegularExpression */
|
||||
virtual void resolveRegularExpression(const std::string& var,
|
||||
std::string compartment, VariableValues *l,
|
||||
variables::KeyExclusions &ke) {
|
||||
const std::string &compartment, VariableValues *l,
|
||||
const variables::KeyExclusions &ke) const noexcept {
|
||||
std::string nkey = compartment + "::" + var;
|
||||
resolveRegularExpression(nkey, l, ke);
|
||||
}
|
||||
|
||||
|
||||
virtual void resolveRegularExpression(const std::string& var,
|
||||
std::string compartment, std::string compartment2,
|
||||
VariableValues *l, variables::KeyExclusions &ke) {
|
||||
const std::string &compartment, const std::string &compartment2,
|
||||
VariableValues *l, const variables::KeyExclusions &ke) const noexcept {
|
||||
std::string nkey = compartment + "::" + compartment2 + "::" + var;
|
||||
resolveRegularExpression(nkey, l, ke);
|
||||
}
|
||||
|
||||
@ -314,6 +314,7 @@ libmodsecurity_la_CPPFLAGS = \
|
||||
-fPIC \
|
||||
-O3 \
|
||||
-I../headers \
|
||||
$(CURL_CFLAGS) \
|
||||
$(GEOIP_CFLAGS) \
|
||||
$(GLOBAL_CPPFLAGS) \
|
||||
$(MODSEC_NO_LOGS) \
|
||||
|
||||
@ -49,7 +49,7 @@ class ActionWithRunTimeString : public virtual Action {
|
||||
}
|
||||
}
|
||||
|
||||
std::string getEvaluatedRunTimeString(Transaction *transaction) const noexcept {
|
||||
std::string getEvaluatedRunTimeString(const Transaction *transaction) const noexcept {
|
||||
return (m_string == nullptr)?"":m_string->evaluate(transaction);
|
||||
}
|
||||
|
||||
|
||||
@ -71,7 +71,7 @@ void AnchoredSetVariable::set(const std::string &key,
|
||||
|
||||
|
||||
void AnchoredSetVariable::resolve(
|
||||
VariableValues *l) {
|
||||
VariableValues *l) const noexcept {
|
||||
for (const auto& x : *this) {
|
||||
l->insert(l->begin(), x.second);
|
||||
}
|
||||
@ -80,7 +80,7 @@ void AnchoredSetVariable::resolve(
|
||||
|
||||
void AnchoredSetVariable::resolve(
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) {
|
||||
const variables::KeyExclusions &ke) const noexcept {
|
||||
for (const auto& x : *this) {
|
||||
if (!ke.toOmit(x.first)) {
|
||||
l->insert(l->begin(), x.second);
|
||||
@ -93,7 +93,7 @@ void AnchoredSetVariable::resolve(
|
||||
|
||||
|
||||
void AnchoredSetVariable::resolve(const std::string &key,
|
||||
VariableValues *l) {
|
||||
VariableValues *l) const noexcept {
|
||||
auto range = this->equal_range(key);
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
l->push_back(it->second);
|
||||
@ -102,7 +102,7 @@ void AnchoredSetVariable::resolve(const std::string &key,
|
||||
|
||||
|
||||
std::unique_ptr<std::string> AnchoredSetVariable::resolveFirst(
|
||||
const std::string &key) {
|
||||
const std::string &key) const noexcept {
|
||||
auto range = equal_range(key);
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
std::unique_ptr<std::string> b(new std::string());
|
||||
@ -113,8 +113,8 @@ std::unique_ptr<std::string> AnchoredSetVariable::resolveFirst(
|
||||
}
|
||||
|
||||
|
||||
void AnchoredSetVariable::resolveRegularExpression(Utils::Regex *r,
|
||||
VariableValues *l) {
|
||||
void AnchoredSetVariable::resolveRegularExpression(const Utils::Regex *r,
|
||||
VariableValues *l) const noexcept {
|
||||
for (const auto& x : *this) {
|
||||
int ret = Utils::regex_search(x.first, *r);
|
||||
if (ret <= 0) {
|
||||
@ -125,9 +125,9 @@ void AnchoredSetVariable::resolveRegularExpression(Utils::Regex *r,
|
||||
}
|
||||
|
||||
|
||||
void AnchoredSetVariable::resolveRegularExpression(Utils::Regex *r,
|
||||
void AnchoredSetVariable::resolveRegularExpression(const Utils::Regex *r,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) {
|
||||
const variables::KeyExclusions &ke) const noexcept {
|
||||
for (const auto& x : *this) {
|
||||
int ret = Utils::regex_search(x.first, *r);
|
||||
if (ret <= 0) {
|
||||
|
||||
@ -118,7 +118,7 @@ void AnchoredVariable::append(const std::string &a, size_t offset,
|
||||
}
|
||||
|
||||
|
||||
void AnchoredVariable::evaluate(VariableValues *l) {
|
||||
void AnchoredVariable::evaluate(VariableValues *l) const noexcept {
|
||||
if (m_name.empty()) {
|
||||
return;
|
||||
}
|
||||
@ -128,12 +128,12 @@ void AnchoredVariable::evaluate(VariableValues *l) {
|
||||
}
|
||||
|
||||
|
||||
std::string * AnchoredVariable::evaluate() {
|
||||
const std::string *AnchoredVariable::evaluate() const noexcept {
|
||||
return &m_value;
|
||||
}
|
||||
|
||||
|
||||
std::unique_ptr<std::string> AnchoredVariable::resolveFirst() {
|
||||
std::unique_ptr<std::string> AnchoredVariable::resolveFirst() const noexcept {
|
||||
if (m_value.empty()) {
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
@ -86,7 +86,7 @@ void InMemoryPerProcess::del(const std::string& key) {
|
||||
|
||||
|
||||
void InMemoryPerProcess::resolveSingleMatch(const std::string& var,
|
||||
VariableValues *l) {
|
||||
VariableValues *l) const noexcept {
|
||||
auto range = this->equal_range(var);
|
||||
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
@ -96,7 +96,7 @@ void InMemoryPerProcess::resolveSingleMatch(const std::string& var,
|
||||
|
||||
|
||||
void InMemoryPerProcess::resolveMultiMatches(const std::string& var,
|
||||
VariableValues *l, variables::KeyExclusions &ke) {
|
||||
VariableValues *l, const variables::KeyExclusions &ke) const noexcept {
|
||||
size_t keySize = var.size();
|
||||
l->reserve(15);
|
||||
|
||||
@ -121,7 +121,7 @@ void InMemoryPerProcess::resolveMultiMatches(const std::string& var,
|
||||
|
||||
|
||||
void InMemoryPerProcess::resolveRegularExpression(const std::string& var,
|
||||
VariableValues *l, variables::KeyExclusions &ke) {
|
||||
VariableValues *l, const variables::KeyExclusions &ke) const noexcept {
|
||||
|
||||
//if (var.find(":") == std::string::npos) {
|
||||
// return;
|
||||
@ -160,7 +160,7 @@ void InMemoryPerProcess::resolveRegularExpression(const std::string& var,
|
||||
|
||||
|
||||
std::unique_ptr<std::string> InMemoryPerProcess::resolveFirst(
|
||||
const std::string& var) {
|
||||
const std::string& var) const noexcept {
|
||||
auto range = equal_range(var);
|
||||
for (auto it = range.first; it != range.second; ++it) {
|
||||
return std::unique_ptr<std::string>(new std::string(it->second));
|
||||
|
||||
@ -84,16 +84,16 @@ class InMemoryPerProcess :
|
||||
|
||||
void del(const std::string& key) override;
|
||||
|
||||
std::unique_ptr<std::string> resolveFirst(const std::string& var) override;
|
||||
std::unique_ptr<std::string> resolveFirst(const std::string& var) const noexcept override;
|
||||
|
||||
void resolveSingleMatch(const std::string& var,
|
||||
VariableValues *l) override;
|
||||
VariableValues *l) const noexcept override;
|
||||
void resolveMultiMatches(const std::string& var,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) override;
|
||||
const variables::KeyExclusions &ke) const noexcept override;
|
||||
void resolveRegularExpression(const std::string& var,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) override;
|
||||
const variables::KeyExclusions &ke) const noexcept override;
|
||||
|
||||
private:
|
||||
pthread_mutex_t m_lock;
|
||||
|
||||
@ -48,13 +48,13 @@ LMDB::~LMDB() {
|
||||
}
|
||||
|
||||
|
||||
void LMDB::string2val(const std::string& str, MDB_val *val) {
|
||||
void LMDB::string2val(const std::string& str, MDB_val *val) const {
|
||||
val->mv_size = sizeof(char)*(str.size());
|
||||
val->mv_data = const_cast<char *>(str.c_str());
|
||||
}
|
||||
|
||||
|
||||
void LMDB::lmdb_debug(int rc, std::string op, std::string scope) {
|
||||
void LMDB::lmdb_debug(int rc, std::string op, std::string scope) const {
|
||||
#ifndef LMDB_STDOUT_COUT
|
||||
return;
|
||||
#else
|
||||
@ -162,7 +162,7 @@ void LMDB::lmdb_debug(int rc, std::string op, std::string scope) {
|
||||
}
|
||||
|
||||
|
||||
std::unique_ptr<std::string> LMDB::resolveFirst(const std::string& var) {
|
||||
std::unique_ptr<std::string> LMDB::resolveFirst(const std::string& var) const noexcept {
|
||||
int rc;
|
||||
MDB_val mdb_key;
|
||||
MDB_val mdb_value;
|
||||
@ -262,7 +262,7 @@ end_txn:
|
||||
|
||||
|
||||
void LMDB::resolveSingleMatch(const std::string& var,
|
||||
VariableValues *l) {
|
||||
VariableValues *l) const noexcept {
|
||||
int rc;
|
||||
MDB_txn *txn;
|
||||
MDB_dbi dbi;
|
||||
@ -287,10 +287,11 @@ void LMDB::resolveSingleMatch(const std::string& var,
|
||||
mdb_cursor_open(txn, dbi, &cursor);
|
||||
while ((rc = mdb_cursor_get(cursor, &mdb_key,
|
||||
&mdb_value_ret, MDB_NEXT_DUP)) == 0) {
|
||||
std::string a(
|
||||
reinterpret_cast<char *>(mdb_value_ret.mv_data),
|
||||
mdb_value_ret.mv_size);
|
||||
l->emplace_back(&var, &a);
|
||||
l->insert(l->begin(), std::make_shared<VariableValue>(
|
||||
&m_name,
|
||||
new std::string(var),
|
||||
new std::string(reinterpret_cast<char *>(mdb_value_ret.mv_data),
|
||||
mdb_value_ret.mv_size)));
|
||||
}
|
||||
|
||||
mdb_cursor_close(cursor);
|
||||
@ -466,7 +467,7 @@ end_txn:
|
||||
|
||||
void LMDB::resolveMultiMatches(const std::string& var,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) {
|
||||
const variables::KeyExclusions &ke) const noexcept {
|
||||
MDB_val key, data;
|
||||
MDB_txn *txn = NULL;
|
||||
MDB_dbi dbi;
|
||||
@ -528,7 +529,7 @@ end_txn:
|
||||
|
||||
void LMDB::resolveRegularExpression(const std::string& var,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) {
|
||||
const variables::KeyExclusions &ke) const noexcept {
|
||||
MDB_val key, data;
|
||||
MDB_txn *txn = NULL;
|
||||
MDB_dbi dbi;
|
||||
@ -567,12 +568,16 @@ void LMDB::resolveRegularExpression(const std::string& var,
|
||||
continue;
|
||||
}
|
||||
|
||||
VariableValue *v = new VariableValue(
|
||||
l->insert(l->begin(), std::make_shared<VariableValue>(
|
||||
&m_name,
|
||||
new std::string(reinterpret_cast<char *>(key.mv_data),
|
||||
key.mv_size),
|
||||
key.mv_size),
|
||||
new std::string(reinterpret_cast<char *>(data.mv_data),
|
||||
data.mv_size));
|
||||
l->insert(l->begin(), v);
|
||||
data.mv_size)));
|
||||
//l->insert(l->begin(), std::make_shared<VariableValue>(&m_name,
|
||||
// new std::string(reinterpret_cast<char *>(key.mv_data), key.mv_size),
|
||||
// new std::string(reinterpret_cast<char *>(data.mv_data), data.mv_size))
|
||||
//);
|
||||
}
|
||||
|
||||
mdb_cursor_close(cursor);
|
||||
|
||||
@ -63,20 +63,20 @@ class LMDB :
|
||||
|
||||
void del(const std::string& key) override;
|
||||
|
||||
std::unique_ptr<std::string> resolveFirst(const std::string& var) override;
|
||||
std::unique_ptr<std::string> resolveFirst(const std::string& var) const noexcept override;
|
||||
|
||||
void resolveSingleMatch(const std::string& var,
|
||||
VariableValues *l) override;
|
||||
VariableValues *l) const noexcept override;
|
||||
void resolveMultiMatches(const std::string& var,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) override;
|
||||
const variables::KeyExclusions &ke) const noexcept override;
|
||||
void resolveRegularExpression(const std::string& var,
|
||||
VariableValues *l,
|
||||
variables::KeyExclusions &ke) override;
|
||||
const variables::KeyExclusions &ke) const noexcept override;
|
||||
|
||||
private:
|
||||
void string2val(const std::string& str, MDB_val *val);
|
||||
void inline lmdb_debug(int rc, std::string op, std::string scope);
|
||||
void string2val(const std::string& str, MDB_val *val) const;
|
||||
void inline lmdb_debug(int rc, std::string op, std::string scope) const;
|
||||
|
||||
MDB_env *m_env;
|
||||
};
|
||||
|
||||
@ -396,8 +396,8 @@ bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) const
|
||||
}
|
||||
|
||||
|
||||
std::string RuleWithActions::getLogData(Transaction *t) const { return m_logData->getEvaluatedRunTimeString(t); }
|
||||
std::string RuleWithActions::getMessage(Transaction *t) const { return m_msg->getEvaluatedRunTimeString(t); }
|
||||
std::string RuleWithActions::getLogData(const Transaction *t) const { return m_logData->getEvaluatedRunTimeString(t); }
|
||||
std::string RuleWithActions::getMessage(const Transaction *t) const { return m_msg->getEvaluatedRunTimeString(t); }
|
||||
|
||||
|
||||
} // namespace modsecurity
|
||||
|
||||
@ -420,13 +420,13 @@ class RuleWithActions : public Rule {
|
||||
|
||||
inline bool hasLogDataAction() const { return m_logData != nullptr || m_defaultActionLogData != nullptr; }
|
||||
inline std::shared_ptr<actions::LogData> getLogDataAction() const { return m_logData; }
|
||||
std::string getLogData(/*const */Transaction *t) const;
|
||||
std::string getLogData(const Transaction *t) const;
|
||||
inline void setLogDataAction(const std::shared_ptr<actions::LogData> &data) { m_logData = data; }
|
||||
|
||||
inline bool hasMessageAction() const { return m_msg != nullptr || m_defaultActionMsg != nullptr; }
|
||||
inline std::shared_ptr<actions::Msg> getMessageAction() const { return m_msg; }
|
||||
inline void setMessageAction(const std::shared_ptr<actions::Msg> &msg) { m_msg = msg; }
|
||||
std::string getMessage(/*const */Transaction *t) const;
|
||||
std::string getMessage(const Transaction *t) const;
|
||||
|
||||
|
||||
inline bool hasSeverityAction() const { return m_severity != SEVERITY_NOT_SET || m_defaultSeverity != SEVERITY_NOT_SET; }
|
||||
|
||||
@ -42,7 +42,7 @@ void RunTimeString::append(std::unique_ptr<Variable> var) {
|
||||
}
|
||||
|
||||
|
||||
std::string RunTimeString::evaluate(/* const */ Transaction *transaction) const noexcept {
|
||||
std::string RunTimeString::evaluate(const Transaction *transaction) const noexcept {
|
||||
std::string retString;
|
||||
// FIXME: Educated guess the size of retString based on the size of the elements.
|
||||
for (auto &element : m_elements) {
|
||||
|
||||
@ -67,13 +67,7 @@ class RunTimeString {
|
||||
void append(std::unique_ptr<Variable> var);
|
||||
|
||||
|
||||
/*
|
||||
*
|
||||
* FIXME: Transaction should be const here. Variables resolution does
|
||||
* not change anything on transaction instance.
|
||||
*
|
||||
*/
|
||||
std::string evaluate(/* const */ Transaction *t = nullptr) const noexcept;
|
||||
std::string evaluate(const Transaction *t = nullptr) const noexcept;
|
||||
|
||||
|
||||
inline bool containsMacro() const noexcept {
|
||||
@ -122,7 +116,7 @@ class RunTimeString {
|
||||
};
|
||||
|
||||
|
||||
void appendValueTo(/* const */ Transaction *transaction, std::string &v) const noexcept {
|
||||
void appendValueTo(const Transaction *transaction, std::string &v) const noexcept {
|
||||
if (m_variable && transaction) {
|
||||
VariableValues l;
|
||||
m_variable->evaluate(transaction, &l);
|
||||
|
||||
@ -27,8 +27,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void Duration::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void Duration::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
double e = utils::cpu_seconds() - transaction->m_creationTimeStamp;
|
||||
|
||||
l->push_back(std::make_shared<VariableValue>(
|
||||
|
||||
@ -34,8 +34,8 @@ class Duration : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("DURATION") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -32,7 +32,7 @@ extern char **environ;
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void Env::evaluate(Transaction *transaction, VariableValues *l) {
|
||||
void Env::evaluate(const Transaction *transaction, VariableValues *l) const noexcept {
|
||||
bool checkForKey = getVariableKey()->length() > 0;
|
||||
|
||||
for (char **current = environ; *current; current++) {
|
||||
@ -57,6 +57,7 @@ void Env::evaluate(Transaction *transaction, VariableValues *l) {
|
||||
getVariableKeyWithCollection()
|
||||
));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -33,7 +33,7 @@ class Env : public Variable {
|
||||
explicit Env(const std::string &name)
|
||||
: Variable(name) { }
|
||||
|
||||
void evaluate(Transaction *transaction, VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction, VariableValues *l) const noexcept override;
|
||||
};
|
||||
|
||||
} // namespace variables
|
||||
|
||||
@ -39,8 +39,8 @@ class Global_DictElement : public Variable {
|
||||
: Variable("GLOBAL:" + dictElement),
|
||||
m_dictElement("GLOBAL:" + dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_global_collection->resolveMultiMatches(
|
||||
*getVariableKey(), t->m_collections.m_global_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -55,8 +55,8 @@ class Global_NoDictElement : public Variable {
|
||||
Global_NoDictElement()
|
||||
: Variable("GLOBAL") { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_global_collection->resolveMultiMatches("",
|
||||
t->m_collections.m_global_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -70,8 +70,8 @@ class Global_DictElementRegexp : public VariableRegex {
|
||||
: VariableRegex("GLOBAL", dictElement),
|
||||
m_dictElement(dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_global_collection->resolveRegularExpression(
|
||||
m_dictElement,
|
||||
t->m_collections.m_global_collection_key,
|
||||
@ -91,8 +91,8 @@ class Global_DynamicElement : public VariableWithRunTimeString {
|
||||
)
|
||||
{ };
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
std::string string = m_string->evaluate(t);
|
||||
t->m_collections.m_global_collection->resolveMultiMatches(
|
||||
string,
|
||||
|
||||
@ -26,8 +26,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void HighestSeverity::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void HighestSeverity::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
l->push_back(std::make_shared<VariableValue>(
|
||||
std::unique_ptr<std::string>(new std::string(std::to_string(transaction->m_highestSeverityAction))),
|
||||
getVariableKeyWithCollection().get()));
|
||||
|
||||
@ -34,8 +34,8 @@ class HighestSeverity : public Variable {
|
||||
: Variable(_name)
|
||||
{ }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -39,8 +39,8 @@ class Ip_DictElement : public Variable {
|
||||
: Variable("IP:" + dictElement),
|
||||
m_dictElement("IP:" + dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_ip_collection->resolveMultiMatches(
|
||||
*getVariableKey(), t->m_collections.m_ip_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -55,8 +55,8 @@ class Ip_NoDictElement : public Variable {
|
||||
Ip_NoDictElement()
|
||||
: Variable("IP") { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_ip_collection->resolveMultiMatches("",
|
||||
t->m_collections.m_ip_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -70,8 +70,8 @@ class Ip_DictElementRegexp : public VariableRegex {
|
||||
: VariableRegex("IP", dictElement),
|
||||
m_dictElement(dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_ip_collection->resolveRegularExpression(
|
||||
m_dictElement, t->m_collections.m_ip_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -90,8 +90,8 @@ class Ip_DynamicElement : public VariableWithRunTimeString {
|
||||
)
|
||||
{ }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
std::string string = m_string->evaluate(t);
|
||||
t->m_collections.m_ip_collection->resolveMultiMatches(
|
||||
string,
|
||||
|
||||
@ -24,8 +24,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void ModsecBuild::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void ModsecBuild::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
|
||||
l->push_back(std::make_shared<VariableValue>(&m_retName, &m_build));
|
||||
}
|
||||
|
||||
@ -43,8 +43,8 @@ class ModsecBuild : public Variable {
|
||||
m_build = ss.str();
|
||||
}
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
|
||||
std::string m_build;
|
||||
std::string m_retName;
|
||||
|
||||
@ -37,8 +37,8 @@ namespace variables {
|
||||
|
||||
|
||||
|
||||
void RemoteUser::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void RemoteUser::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
auto userName = parserRemoteUser(transaction);
|
||||
auto var = std::make_shared<VariableValue>(
|
||||
std::unique_ptr<std::string>(new std::string(userName.first)),
|
||||
|
||||
@ -37,10 +37,10 @@ class RemoteUser : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("REMOTE_USER") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
|
||||
static std::pair<std::string, VariableOrigin> parserRemoteUser(Transaction *transaction) {
|
||||
static std::pair<std::string, VariableOrigin> parserRemoteUser(const Transaction *transaction) {
|
||||
size_t pos;
|
||||
std::string base64;
|
||||
std::string header;
|
||||
|
||||
@ -39,8 +39,8 @@ class Resource_DictElement : public Variable {
|
||||
: Variable("RESOURCE:" + dictElement),
|
||||
m_dictElement("RESOURCE:" + dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_resource_collection->resolveMultiMatches(
|
||||
*getVariableKey(), t->m_collections.m_resource_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -55,8 +55,8 @@ class Resource_NoDictElement : public Variable {
|
||||
Resource_NoDictElement()
|
||||
: Variable("RESOURCE") { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_resource_collection->resolveMultiMatches(*getVariableKey(),
|
||||
t->m_collections.m_resource_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -70,8 +70,8 @@ class Resource_DictElementRegexp : public VariableRegex {
|
||||
: VariableRegex("RESOURCE", dictElement),
|
||||
m_dictElement(dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_resource_collection->resolveRegularExpression(
|
||||
m_dictElement, t->m_collections.m_resource_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -90,8 +90,8 @@ class Resource_DynamicElement : public VariableWithRunTimeString {
|
||||
)
|
||||
{ }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
std::string string = m_string->evaluate(t);
|
||||
t->m_collections.m_resource_collection->resolveMultiMatches(
|
||||
string,
|
||||
|
||||
@ -54,7 +54,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement {
|
||||
return new Rule_DictElement(*this);
|
||||
};
|
||||
|
||||
static void id(Transaction *t,
|
||||
static void id(const Transaction *t,
|
||||
const RuleWithActions *rule,
|
||||
VariableValues *l) {
|
||||
auto var = std::make_shared<VariableValue>(&m_rule, &m_rule_id, std::unique_ptr<std::string>(new std::string(std::to_string(rule->getId()))));
|
||||
@ -67,7 +67,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement {
|
||||
|
||||
|
||||
|
||||
static void rev(Transaction *t,
|
||||
static void rev(const Transaction *t,
|
||||
const RuleWithActions *rule,
|
||||
VariableValues *l) {
|
||||
|
||||
@ -83,7 +83,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement {
|
||||
}
|
||||
|
||||
|
||||
static void severity(Transaction *t,
|
||||
static void severity(const Transaction *t,
|
||||
const RuleWithActions *rule,
|
||||
VariableValues *l) {
|
||||
|
||||
@ -98,7 +98,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement {
|
||||
|
||||
}
|
||||
|
||||
static void logData(Transaction *t,
|
||||
static void logData(const Transaction *t,
|
||||
const RuleWithActions *rule,
|
||||
VariableValues *l) {
|
||||
|
||||
@ -112,7 +112,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement {
|
||||
}
|
||||
}
|
||||
|
||||
static void msg(Transaction *t,
|
||||
static void msg(const Transaction *t,
|
||||
const RuleWithActions *rule,
|
||||
VariableValues *l) {
|
||||
|
||||
@ -126,8 +126,8 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement {
|
||||
}
|
||||
}
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
|
||||
if (m_dictElement == "id") {
|
||||
id(t, getRule(), l);
|
||||
@ -174,8 +174,8 @@ class Rule_DictElementRegexp : public RuleVariable, public VariableRegex {
|
||||
{ };
|
||||
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
|
||||
if (Utils::regex_search("id", m_r) > 0) {
|
||||
Rule_DictElement::id(t, getRule(), l);
|
||||
@ -219,8 +219,8 @@ class Rule_NoDictElement : public RuleVariable, public Variable {
|
||||
{ };
|
||||
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
Rule_DictElement::id(t, getRule(), l);
|
||||
Rule_DictElement::rev(t, getRule(), l);
|
||||
Rule_DictElement::severity(t, getRule(), l);
|
||||
|
||||
@ -38,8 +38,8 @@ class Session_DictElement : public Variable {
|
||||
: Variable("SESSION:" + dictElement),
|
||||
m_dictElement("SESSION:" + dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_session_collection->resolveMultiMatches(
|
||||
*getVariableKey(), t->m_collections.m_session_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -54,8 +54,8 @@ class Session_NoDictElement : public Variable {
|
||||
Session_NoDictElement()
|
||||
: Variable("SESSION") { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_session_collection->resolveMultiMatches("",
|
||||
t->m_collections.m_session_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -69,8 +69,8 @@ class Session_DictElementRegexp : public VariableRegex {
|
||||
: VariableRegex("SESSION", dictElement),
|
||||
m_dictElement(dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_session_collection->resolveRegularExpression(
|
||||
m_dictElement, t->m_collections.m_session_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -89,8 +89,8 @@ class Session_DynamicElement : public VariableWithRunTimeString {
|
||||
)
|
||||
{ }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
std::string string = m_string->evaluate(t);
|
||||
t->m_collections.m_session_collection->resolveMultiMatches(
|
||||
string,
|
||||
|
||||
@ -33,8 +33,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void Time::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void Time::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
|
||||
@ -35,8 +35,8 @@ class Time : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("TIME") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -33,8 +33,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void TimeDay::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void TimeDay::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
|
||||
@ -34,8 +34,8 @@ class TimeDay : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("TIME_DAY") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -33,8 +33,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void TimeEpoch::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void TimeEpoch::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
|
||||
l->push_back(std::make_shared<VariableValue>(
|
||||
std::unique_ptr<std::string>(new std::string(std::to_string(std::time(nullptr)))),
|
||||
|
||||
@ -34,8 +34,8 @@ class TimeEpoch : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("TIME_EPOCH") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -33,8 +33,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void TimeHour::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void TimeHour::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
|
||||
@ -34,8 +34,8 @@ class TimeHour : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("TIME_HOUR") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -33,8 +33,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void TimeMin::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void TimeMin::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
|
||||
@ -34,8 +34,8 @@ class TimeMin : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("TIME_MIN") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -33,8 +33,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void TimeMon::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void TimeMon::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
|
||||
@ -34,8 +34,8 @@ class TimeMon : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("TIME_MON") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -33,8 +33,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void TimeSec::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void TimeSec::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
|
||||
@ -34,8 +34,8 @@ class TimeSec : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("TIME_SEC") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -33,8 +33,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void TimeWDay::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void TimeWDay::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
|
||||
@ -34,8 +34,8 @@ class TimeWDay : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("TIME_WDAY") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -33,8 +33,8 @@
|
||||
namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
void TimeYear::evaluate(Transaction *transaction,
|
||||
VariableValues *l) {
|
||||
void TimeYear::evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept {
|
||||
char tstr[200];
|
||||
struct tm timeinfo;
|
||||
time_t timer;
|
||||
|
||||
@ -34,8 +34,8 @@ class TimeYear : public Variable {
|
||||
: Variable(_name),
|
||||
m_retName("TIME_YEAR") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
std::string m_retName;
|
||||
};
|
||||
|
||||
|
||||
@ -39,8 +39,8 @@ class Tx_DictElement : public Variable {
|
||||
: Variable("TX:" + dictElement),
|
||||
m_dictElement("TX:" + dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_tx_collection->resolveMultiMatches(
|
||||
*getVariableKey(), l, m_keyExclusion);
|
||||
}
|
||||
@ -54,8 +54,8 @@ class Tx_NoDictElement : public Variable {
|
||||
Tx_NoDictElement()
|
||||
: Variable("TX") { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_tx_collection->resolveMultiMatches("", l,
|
||||
m_keyExclusion);
|
||||
}
|
||||
@ -68,8 +68,8 @@ class Tx_DictElementRegexp : public VariableRegex {
|
||||
: VariableRegex("TX", dictElement),
|
||||
m_dictElement(dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_tx_collection->resolveRegularExpression(
|
||||
m_dictElement, l, m_keyExclusion);
|
||||
}
|
||||
@ -87,8 +87,8 @@ class Tx_DynamicElement : public VariableWithRunTimeString {
|
||||
)
|
||||
{ }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
std::string string = m_string->evaluate(t);
|
||||
t->m_collections.m_tx_collection->resolveMultiMatches(string, l,
|
||||
m_keyExclusion);
|
||||
|
||||
@ -39,8 +39,8 @@ class User_DictElement : public Variable {
|
||||
: Variable("USER:" + dictElement),
|
||||
m_dictElement("USER:" + dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_user_collection->resolveMultiMatches(
|
||||
*getVariableKey(), t->m_collections.m_user_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -55,8 +55,8 @@ class User_NoDictElement : public Variable {
|
||||
User_NoDictElement()
|
||||
: Variable("USER") { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_user_collection->resolveMultiMatches(*getVariableKey(),
|
||||
t->m_collections.m_user_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -70,8 +70,8 @@ class User_DictElementRegexp : public VariableRegex {
|
||||
: VariableRegex("USER", dictElement),
|
||||
m_dictElement(dictElement) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
t->m_collections.m_user_collection->resolveRegularExpression(
|
||||
m_dictElement, t->m_collections.m_user_collection_key,
|
||||
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
|
||||
@ -90,8 +90,8 @@ class User_DynamicElement : public VariableWithRunTimeString {
|
||||
)
|
||||
{ }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
std::string string = m_string->evaluate(t);
|
||||
t->m_collections.m_user_collection->resolveMultiMatches(
|
||||
string,
|
||||
|
||||
@ -29,10 +29,10 @@ namespace variables {
|
||||
|
||||
|
||||
Variable::Variable(const std::string &name)
|
||||
: m_keyWithCollection(new std::string("")),
|
||||
m_keyExclusion(),
|
||||
m_collectionName(new std::string("")),
|
||||
m_key(new std::string("")) {
|
||||
: m_keyExclusion(),
|
||||
m_keyWithCollection(new std::string("")),
|
||||
m_key(new std::string("")),
|
||||
m_collectionName(new std::string("")) {
|
||||
size_t a = name.find(":");
|
||||
if (a == std::string::npos) {
|
||||
a = name.find(".");
|
||||
|
||||
@ -47,8 +47,8 @@ class n ## _DictElementRegexp : public VariableRegex { \
|
||||
explicit n ## _DictElementRegexp(const std::string ®ex) \
|
||||
: VariableRegex(#N, regex) { } \
|
||||
\
|
||||
void evaluate(Transaction *transaction, \
|
||||
VariableValues *l) override { \
|
||||
void evaluate(const Transaction *transaction, \
|
||||
VariableValues *l) const noexcept override { \
|
||||
transaction-> e .resolveRegularExpression(&m_r, l, \
|
||||
m_keyExclusion); \
|
||||
} \
|
||||
@ -61,8 +61,8 @@ class n ## _DictElement : public VariableDictElement { \
|
||||
explicit n ## _DictElement(const std::string &dictElement) \
|
||||
: VariableDictElement(#N, dictElement) { } \
|
||||
\
|
||||
void evaluate(Transaction *transaction, \
|
||||
VariableValues *l) override { \
|
||||
void evaluate(const Transaction *transaction, \
|
||||
VariableValues *l) const noexcept override { \
|
||||
transaction-> e .resolve(m_dictElement, l); \
|
||||
} \
|
||||
};
|
||||
@ -74,8 +74,8 @@ class n ## _NoDictElement : public Variable { \
|
||||
explicit n ## _NoDictElement() \
|
||||
: Variable(#N) { } \
|
||||
\
|
||||
void evaluate(Transaction *transaction, \
|
||||
VariableValues *l) override { \
|
||||
void evaluate(const Transaction *transaction, \
|
||||
VariableValues *l) const noexcept override { \
|
||||
transaction-> e .resolve(l, m_keyExclusion); \
|
||||
} \
|
||||
};
|
||||
@ -87,8 +87,8 @@ class n : public Variable { \
|
||||
n() \
|
||||
: Variable(#N) { } \
|
||||
\
|
||||
void evaluate(Transaction *transaction, \
|
||||
VariableValues *l) override { \
|
||||
void evaluate(const Transaction *transaction, \
|
||||
VariableValues *l) const noexcept override { \
|
||||
transaction-> e .evaluate(l); \
|
||||
} \
|
||||
};
|
||||
@ -104,8 +104,8 @@ namespace variables {
|
||||
class KeyExclusion {
|
||||
public:
|
||||
KeyExclusion() { }
|
||||
virtual bool match(const std::string &a) = 0;
|
||||
virtual bool match(const bpstd::string_view &a) = 0;
|
||||
virtual bool match(const std::string &a) const = 0;
|
||||
virtual bool match(const bpstd::string_view &a) const = 0;
|
||||
virtual ~KeyExclusion() { }
|
||||
};
|
||||
|
||||
@ -120,10 +120,10 @@ class KeyExclusionRegex : public KeyExclusion {
|
||||
|
||||
~KeyExclusionRegex() override { }
|
||||
|
||||
bool match(const std::string &a) override {
|
||||
bool match(const std::string &a) const override {
|
||||
return m_re.searchAll(a).size() > 0;
|
||||
}
|
||||
bool match(const bpstd::string_view &a) override {
|
||||
bool match(const bpstd::string_view &a) const override {
|
||||
// FIXME: string_view will be a good thing in searchAll.
|
||||
return m_re.searchAll(std::string(a)).size() > 0;
|
||||
}
|
||||
@ -139,14 +139,14 @@ class KeyExclusionString : public KeyExclusion {
|
||||
|
||||
~KeyExclusionString() override { }
|
||||
|
||||
bool match(const std::string &a) override {
|
||||
bool match(const std::string &a) const override {
|
||||
return a.size() == m_key.size() && std::equal(a.begin(), a.end(),
|
||||
m_key.begin(),
|
||||
[](char aa, char bb) {
|
||||
return static_cast<char>(toupper(aa)) == static_cast<char>(bb);
|
||||
});
|
||||
}
|
||||
bool match(const bpstd::string_view &a) override {
|
||||
bool match(const bpstd::string_view &a) const override {
|
||||
return a.size() == m_key.size() && std::equal(a.begin(), a.end(),
|
||||
m_key.begin(),
|
||||
[](char aa, char bb) {
|
||||
@ -174,7 +174,7 @@ class KeyExclusions : public std::deque<std::unique_ptr<KeyExclusion>> {
|
||||
//}
|
||||
};
|
||||
|
||||
bool toOmit(const std::string &a) {
|
||||
bool toOmit(const std::string &a) const {
|
||||
for (auto &z : *this) {
|
||||
if (z->match(a)) {
|
||||
return true;
|
||||
@ -183,7 +183,7 @@ class KeyExclusions : public std::deque<std::unique_ptr<KeyExclusion>> {
|
||||
return false;
|
||||
}
|
||||
|
||||
bool toOmit(const bpstd::string_view &a) {
|
||||
bool toOmit(const bpstd::string_view &a) const {
|
||||
for (auto &z : *this) {
|
||||
if (z->match(a)) {
|
||||
return true;
|
||||
@ -206,7 +206,7 @@ class VariableMonkeyResolution {
|
||||
});
|
||||
}
|
||||
|
||||
static void stringMatchResolveMulti(Transaction *t,
|
||||
static void stringMatchResolveMulti(const Transaction *t,
|
||||
const std::string &variable,
|
||||
VariableValues *l) {
|
||||
size_t collection = variable.find(".");
|
||||
@ -369,7 +369,7 @@ class VariableMonkeyResolution {
|
||||
}
|
||||
}
|
||||
|
||||
static std::string stringMatchResolve(Transaction *t,
|
||||
static std::string stringMatchResolve(const Transaction *t,
|
||||
const std::string &variable) {
|
||||
std::unique_ptr<std::string> vv = nullptr;
|
||||
size_t collection = variable.find(".");
|
||||
@ -578,18 +578,18 @@ class Variable : public VariableMonkeyResolution {
|
||||
|
||||
|
||||
explicit Variable(Variable *var)
|
||||
: m_keyWithCollection(var->m_keyWithCollection),
|
||||
m_keyExclusion(var->m_keyExclusion),
|
||||
m_collectionName(var->m_collectionName),
|
||||
m_key(var->m_key)
|
||||
: m_keyExclusion(var->m_keyExclusion),
|
||||
m_keyWithCollection(var->m_keyWithCollection),
|
||||
m_key(var->m_key),
|
||||
m_collectionName(var->m_collectionName)
|
||||
{ };
|
||||
|
||||
|
||||
Variable(const Variable &v)
|
||||
: m_keyWithCollection(v.m_keyWithCollection),
|
||||
m_keyExclusion(v.m_keyExclusion),
|
||||
m_collectionName(v.m_collectionName),
|
||||
m_key(v.m_key)
|
||||
: m_keyExclusion(v.m_keyExclusion),
|
||||
m_keyWithCollection(v.m_keyWithCollection),
|
||||
m_key(v.m_key),
|
||||
m_collectionName(v.m_collectionName)
|
||||
{ };
|
||||
|
||||
|
||||
@ -597,8 +597,8 @@ class Variable : public VariableMonkeyResolution {
|
||||
{ };
|
||||
|
||||
|
||||
virtual void evaluate(Transaction *t,
|
||||
VariableValues *l) = 0;
|
||||
virtual void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept = 0;
|
||||
|
||||
|
||||
bool inline belongsToCollection(Variable *var) const noexcept {
|
||||
@ -748,8 +748,8 @@ class VariableModificatorExclusion : public Variable {
|
||||
: Variable(var.get()),
|
||||
m_base(std::move(var)) { }
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
m_base->evaluate(t, l);
|
||||
}
|
||||
|
||||
@ -765,8 +765,8 @@ class VariableModificatorCount : public Variable {
|
||||
m_base.reset(var.release());
|
||||
}
|
||||
|
||||
void evaluate(Transaction *t,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept override {
|
||||
|
||||
VariableValues reslIn;
|
||||
m_base->evaluate(t, &reslIn);
|
||||
|
||||
@ -35,8 +35,8 @@ class WebAppId : public Variable {
|
||||
WebAppId()
|
||||
: Variable("WEBAPPID") { }
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override {
|
||||
const std::string rname = transaction->m_rules->m_secWebAppId.m_value;
|
||||
l->push_back(std::make_shared<VariableValue>(getVariableKeyWithCollection().get(), &rname));
|
||||
}
|
||||
|
||||
@ -49,12 +49,12 @@ namespace modsecurity {
|
||||
namespace variables {
|
||||
|
||||
#ifndef WITH_LIBXML2
|
||||
void XML_WithNSPath::evaluate(Transaction *t,
|
||||
VariableValues *l) { }
|
||||
void XML_WithNSPath::evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept { }
|
||||
#else
|
||||
|
||||
void XML_WithNSPath::evaluate(Transaction *t,
|
||||
VariableValues *l) {
|
||||
void XML_WithNSPath::evaluate(const Transaction *t,
|
||||
VariableValues *l) const noexcept {
|
||||
xmlXPathContextPtr xpathCtx;
|
||||
xmlXPathObjectPtr xpathObj;
|
||||
xmlNodeSetPtr nodes;
|
||||
|
||||
@ -50,8 +50,8 @@ class XML_WithoutNSPath : public RuleVariable, public Variable {
|
||||
m_var(r.m_var)
|
||||
{ };
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override {
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override {
|
||||
l->push_back(m_var);
|
||||
}
|
||||
|
||||
@ -75,8 +75,8 @@ class XML_WithNSPath : public RuleVariable, public VariableDictElement {
|
||||
VariableDictElement(r)
|
||||
{ };
|
||||
|
||||
void evaluate(Transaction *transaction,
|
||||
VariableValues *l) override;
|
||||
void evaluate(const Transaction *transaction,
|
||||
VariableValues *l) const noexcept override;
|
||||
|
||||
virtual Variable *clone() override {
|
||||
return new XML_WithNSPath(*this);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user