mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2026-01-02 14:44:45 +03:00
Makes m_id a shared pointer
This commit is contained in:
Felipe Zimmerle
@@ -88,13 +88,13 @@ class RuleMessage {
|
|||||||
return RuleMessage::log(rm, 0);
|
return RuleMessage::log(rm, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
static std::string _details(const RuleMessage *rm);
|
static inline void _details(const RuleMessage *rm, std::string *msg);
|
||||||
static std::string _errorLogTail(const RuleMessage *rm);
|
static inline void _errorLogTail(const RuleMessage *rm, std::string *msg);
|
||||||
|
|
||||||
int m_accuracy;
|
int m_accuracy;
|
||||||
std::shared_ptr<std::string> m_clientIpAddress;
|
std::shared_ptr<std::string> m_clientIpAddress;
|
||||||
std::string m_data;
|
std::string m_data;
|
||||||
std::string m_id;
|
std::shared_ptr<std::string> m_id;
|
||||||
bool m_isDisruptive;
|
bool m_isDisruptive;
|
||||||
std::string m_match;
|
std::string m_match;
|
||||||
int m_maturity;
|
int m_maturity;
|
||||||
|
|||||||
@@ -52,7 +52,7 @@ typedef struct Rules_t RulesSet;
|
|||||||
#define ms_dbg(b, c) \
|
#define ms_dbg(b, c) \
|
||||||
do { \
|
do { \
|
||||||
if (m_rules && m_rules->m_debugLog && m_rules->m_debugLog->m_debugLevel >= b) { \
|
if (m_rules && m_rules->m_debugLog && m_rules->m_debugLog->m_debugLevel >= b) { \
|
||||||
m_rules->debug(b, m_id, m_uri, c); \
|
m_rules->debug(b, *m_id.get(), m_uri, c); \
|
||||||
} \
|
} \
|
||||||
} while (0);
|
} while (0);
|
||||||
#else
|
#else
|
||||||
@@ -512,7 +512,7 @@ class Transaction : public TransactionAnchoredVariables {
|
|||||||
* Contains the unique ID of the transaction. Use by the variable
|
* Contains the unique ID of the transaction. Use by the variable
|
||||||
* `UNIQUE_ID'. This unique id is also saved as part of the AuditLog.
|
* `UNIQUE_ID'. This unique id is also saved as part of the AuditLog.
|
||||||
*/
|
*/
|
||||||
std::string m_id;
|
std::shared_ptr<std::string> m_id;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds the SecMarker name that this transaction should wait to perform
|
* Holds the SecMarker name that this transaction should wait to perform
|
||||||
|
|||||||
@@ -119,7 +119,7 @@ bool Parallel::write(Transaction *transaction, int parts, std::string *error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
std::string logPath = m_audit->m_storage_dir;
|
std::string logPath = m_audit->m_storage_dir;
|
||||||
fileName = logPath + fileName + "-" + transaction->m_id;
|
fileName = logPath + fileName + "-" + *transaction->m_id.get();
|
||||||
|
|
||||||
if (logPath.empty()) {
|
if (logPath.empty()) {
|
||||||
error->assign("Log path is not valid.");
|
error->assign("Log path is not valid.");
|
||||||
|
|||||||
@@ -417,7 +417,7 @@ int Multipart::tmp_file_name(std::string *filename) const {
|
|||||||
|
|
||||||
memset(tstr, '\0', 300);
|
memset(tstr, '\0', 300);
|
||||||
strftime(tstr, 299, "/%Y%m%d-%H%M%S", &timeinfo);
|
strftime(tstr, 299, "/%Y%m%d-%H%M%S", &timeinfo);
|
||||||
path = path + tstr + "-" + m_transaction->m_id;
|
path = path + tstr + "-" + *m_transaction->m_id.get();
|
||||||
path = path + "-file-XXXXXX";
|
path = path + "-file-XXXXXX";
|
||||||
|
|
||||||
tmp = strdup(path.c_str());
|
tmp = strdup(path.c_str());
|
||||||
|
|||||||
@@ -23,69 +23,60 @@
|
|||||||
namespace modsecurity {
|
namespace modsecurity {
|
||||||
|
|
||||||
|
|
||||||
std::string RuleMessage::_details(const RuleMessage *rm) {
|
inline void RuleMessage::_details(const RuleMessage *rm, std::string *msg) {
|
||||||
std::string msg;
|
*msg += " [file \"" + std::string(*rm->m_ruleFile.get()) + "\"]" \
|
||||||
|
" [line \"" + std::to_string(rm->m_ruleLine) + "\"]" \
|
||||||
msg.append(" [file \"" + std::string(*rm->m_ruleFile.get()) + "\"]");
|
" [id \"" + std::to_string(rm->m_ruleId) + "\"]" \
|
||||||
msg.append(" [line \"" + std::to_string(rm->m_ruleLine) + "\"]");
|
" [rev \"" + rm->m_rev + "\"]" \
|
||||||
msg.append(" [id \"" + std::to_string(rm->m_ruleId) + "\"]");
|
" [msg \"" + rm->m_message + "\"]" \
|
||||||
msg.append(" [rev \"" + rm->m_rev + "\"]");
|
" [data \"" + rm->m_data + "\"]" \
|
||||||
msg.append(" [msg \"" + rm->m_message + "\"]");
|
" [severity \"" + std::to_string(rm->m_severity) + "\"]" \
|
||||||
msg.append(" [data \"" + rm->m_data + "\"]");
|
" [ver \"" + rm->m_ver + "\"]" \
|
||||||
msg.append(" [severity \"" +
|
" [maturity \"" + std::to_string(rm->m_maturity) + "\"]" \
|
||||||
std::to_string(rm->m_severity) + "\"]");
|
" [accuracy \"" + std::to_string(rm->m_accuracy) + "\"]";
|
||||||
msg.append(" [ver \"" + rm->m_ver + "\"]");
|
|
||||||
msg.append(" [maturity \"" + std::to_string(rm->m_maturity) + "\"]");
|
|
||||||
msg.append(" [accuracy \"" + std::to_string(rm->m_accuracy) + "\"]");
|
|
||||||
for (auto &a : rm->m_tags) {
|
for (auto &a : rm->m_tags) {
|
||||||
msg.append(" [tag \"" + a + "\"]");
|
*msg += " [tag \"" + a + "\"]";
|
||||||
}
|
}
|
||||||
msg.append(" [hostname \"" + *rm->m_serverIpAddress.get() \
|
*msg += " [hostname \"" + *rm->m_serverIpAddress.get() + "\"]" \
|
||||||
+ "\"]");
|
" [uri \"" + *rm->m_uriNoQueryStringDecoded.get() + "\"]" \
|
||||||
msg.append(" [uri \"" + *rm->m_uriNoQueryStringDecoded.get() + "\"]");
|
" [unique_id \"" + *rm->m_id.get() + "\"]" \
|
||||||
msg.append(" [unique_id \"" + rm->m_id + "\"]");
|
" [ref \"" + rm->m_reference + "\"]";
|
||||||
msg.append(" [ref \"" + rm->m_reference + "\"]");
|
|
||||||
|
|
||||||
return msg;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
std::string RuleMessage::_errorLogTail(const RuleMessage *rm) {
|
inline void RuleMessage::_errorLogTail(const RuleMessage *rm,
|
||||||
std::string msg;
|
std::string *msg) {
|
||||||
|
*msg += " [hostname \"" + *rm->m_serverIpAddress.get() + "\"]" \
|
||||||
msg.append("[hostname \"" + *rm->m_serverIpAddress.get() + "\"]");
|
" [uri \"" + *rm->m_uriNoQueryStringDecoded.get() + "\"]" \
|
||||||
msg.append(" [uri \"" + *rm->m_uriNoQueryStringDecoded.get() + "\"]");
|
" [unique_id \"" + *rm->m_id.get() + "\"]";
|
||||||
msg.append(" [unique_id \"" + rm->m_id + "\"]");
|
|
||||||
|
|
||||||
return msg;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
std::string RuleMessage::log(const RuleMessage *rm, int props, int code) {
|
std::string RuleMessage::log(const RuleMessage *rm, int props, int code) {
|
||||||
std::string msg("");
|
std::string msg("");
|
||||||
|
msg.reserve(2048);
|
||||||
|
|
||||||
if (props & ClientLogMessageInfo) {
|
if (props & ClientLogMessageInfo) {
|
||||||
msg.append("[client " + std::string(*rm->m_clientIpAddress.get()) + "] ");
|
msg += "[client " + std::string(*rm->m_clientIpAddress.get()) + "] ";
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rm->m_isDisruptive) {
|
if (rm->m_isDisruptive) {
|
||||||
msg.append("ModSecurity: Access denied with code ");
|
msg += "ModSecurity: Access denied with code ";
|
||||||
if (code == -1) {
|
if (code == -1) {
|
||||||
msg.append("%d");
|
msg += "%d";
|
||||||
} else {
|
} else {
|
||||||
msg.append(std::to_string(code));
|
msg += std::to_string(code);
|
||||||
}
|
}
|
||||||
msg.append(" (phase ");
|
msg += " (phase " + std::to_string(rm->m_rule->m_phase - 1) + "). ";
|
||||||
msg.append(std::to_string(rm->m_rule->m_phase - 1) + "). ");
|
|
||||||
} else {
|
} else {
|
||||||
msg.append("ModSecurity: Warning. ");
|
msg += "ModSecurity: Warning. ";
|
||||||
}
|
}
|
||||||
|
|
||||||
msg.append(rm->m_match);
|
msg += (rm->m_match);
|
||||||
msg.append(_details(rm));
|
_details(rm, &msg);
|
||||||
|
|
||||||
if (props & ErrorLogTailLogMessageInfo) {
|
if (props & ErrorLogTailLogMessageInfo) {
|
||||||
msg.append(" " + _errorLogTail(rm));
|
_errorLogTail(rm, &msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
return modsecurity::utils::string::toHexIfNeeded(msg);
|
return modsecurity::utils::string::toHexIfNeeded(msg);
|
||||||
|
|||||||
@@ -132,8 +132,9 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData)
|
|||||||
m_xml(NULL),
|
m_xml(NULL),
|
||||||
#endif
|
#endif
|
||||||
TransactionAnchoredVariables(this) {
|
TransactionAnchoredVariables(this) {
|
||||||
m_id = std::to_string(this->m_timeStamp) + \
|
m_id = std::unique_ptr<std::string>(
|
||||||
std::to_string(modsecurity::utils::generate_transaction_unique_id());
|
new std::string(
|
||||||
|
std::to_string(m_timeStamp)));
|
||||||
|
|
||||||
m_variableUrlEncodedError.set("0", 0);
|
m_variableUrlEncodedError.set("0", 0);
|
||||||
|
|
||||||
@@ -175,7 +176,7 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCb
|
|||||||
m_xml(NULL),
|
m_xml(NULL),
|
||||||
#endif
|
#endif
|
||||||
TransactionAnchoredVariables(this) {
|
TransactionAnchoredVariables(this) {
|
||||||
m_id = std::string(id);
|
m_id = std::unique_ptr<std::string>(new std::string(id));
|
||||||
|
|
||||||
m_variableUrlEncodedError.set("0", 0);
|
m_variableUrlEncodedError.set("0", 0);
|
||||||
|
|
||||||
@@ -223,7 +224,7 @@ void Transaction::debug(int level, std::string message) const {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
m_rules->debug(level, m_id, m_uri, message);
|
m_rules->debug(level, *m_id.get(), m_uri, message);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -259,7 +260,7 @@ int Transaction::processConnection(const char *client, int cPort,
|
|||||||
|
|
||||||
|
|
||||||
m_variableRemoteHost.set(*m_clientIpAddress.get(), m_variableOffset);
|
m_variableRemoteHost.set(*m_clientIpAddress.get(), m_variableOffset);
|
||||||
m_variableUniqueID.set(m_id, m_variableOffset);
|
m_variableUniqueID.set(*m_id.get(), m_variableOffset);
|
||||||
m_variableRemoteAddr.set(*m_clientIpAddress.get(), m_variableOffset);
|
m_variableRemoteAddr.set(*m_clientIpAddress.get(), m_variableOffset);
|
||||||
m_variableServerAddr.set(*m_serverIpAddress.get(), m_variableOffset);
|
m_variableServerAddr.set(*m_serverIpAddress.get(), m_variableOffset);
|
||||||
m_variableServerPort.set(std::to_string(this->m_serverPort),
|
m_variableServerPort.set(std::to_string(this->m_serverPort),
|
||||||
@@ -1387,7 +1388,7 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
|
|||||||
ss << utils::string::dash_if_empty(
|
ss << utils::string::dash_if_empty(
|
||||||
m_variableRequestHeaders.resolveFirst("User-Agent").get());
|
m_variableRequestHeaders.resolveFirst("User-Agent").get());
|
||||||
ss << "\" ";
|
ss << "\" ";
|
||||||
ss << this->m_id << " ";
|
ss << *m_id.get() << " ";
|
||||||
/** TODO: Check variable */
|
/** TODO: Check variable */
|
||||||
ss << utils::string::dash_if_empty(
|
ss << utils::string::dash_if_empty(
|
||||||
m_variableRequestHeaders.resolveFirst("REFERER").get()) << " ";
|
m_variableRequestHeaders.resolveFirst("REFERER").get()) << " ";
|
||||||
@@ -1413,7 +1414,7 @@ std::string Transaction::toOldAuditLogFormat(int parts,
|
|||||||
audit_log << "--" << trailer << "-" << "A--" << std::endl;
|
audit_log << "--" << trailer << "-" << "A--" << std::endl;
|
||||||
strftime(tstr, 299, "[%d/%b/%Y:%H:%M:%S %z]", &timeinfo);
|
strftime(tstr, 299, "[%d/%b/%Y:%H:%M:%S %z]", &timeinfo);
|
||||||
audit_log << tstr;
|
audit_log << tstr;
|
||||||
audit_log << " " << this->m_id.c_str();
|
audit_log << " " << m_id->c_str();
|
||||||
audit_log << " " << this->m_clientIpAddress;
|
audit_log << " " << this->m_clientIpAddress;
|
||||||
audit_log << " " << this->m_clientPort;
|
audit_log << " " << this->m_clientPort;
|
||||||
audit_log << " " << m_serverIpAddress;
|
audit_log << " " << m_serverIpAddress;
|
||||||
@@ -1540,7 +1541,7 @@ std::string Transaction::toJSON(int parts) {
|
|||||||
LOGFY_ADD_NUM("client_port", m_clientPort);
|
LOGFY_ADD_NUM("client_port", m_clientPort);
|
||||||
LOGFY_ADD("host_ip", m_serverIpAddress->c_str());
|
LOGFY_ADD("host_ip", m_serverIpAddress->c_str());
|
||||||
LOGFY_ADD_NUM("host_port", m_serverPort);
|
LOGFY_ADD_NUM("host_port", m_serverPort);
|
||||||
LOGFY_ADD("unique_id", this->m_id.c_str());
|
LOGFY_ADD("unique_id", m_id->c_str());
|
||||||
|
|
||||||
/* request */
|
/* request */
|
||||||
yajl_gen_string(g, reinterpret_cast<const unsigned char*>("request"),
|
yajl_gen_string(g, reinterpret_cast<const unsigned char*>("request"),
|
||||||
|
|||||||
Reference in New Issue
Block a user