Adds support to the resource collection

2025-08-13 21:36:00 +03:00 · 2016-06-24 15:17:29 -03:00 · 2016-06-24 15:17:29 -03:00 · 2477470607
commit 2477470607
parent bad3e13612
6 changed files with 52 additions and 5 deletions
--- a/headers/modsecurity/collection/collections.h
+++ b/headers/modsecurity/collection/collections.h
@ -46,7 +46,7 @@ class Collections :
    public std::unordered_map<std::string, Collection *> {
 public:
    Collections(Collection *global, Collection *ip, Collection *session,
-        Collection *user);
+        Collection *user, Collection *resource);
    ~Collections();

    void store(std::string key, std::string value);
@ -89,11 +89,13 @@ class Collections :
    std::string m_ip_collection_key;
    std::string m_session_collection_key;
    std::string m_user_collection_key;
+    std::string m_resource_collection_key;

    Collection *m_global_collection;
    Collection *m_ip_collection;
    Collection *m_session_collection;
    Collection *m_user_collection;
+    Collection *m_resource_collection;
 };

 }  // namespace collection
--- a/headers/modsecurity/modsecurity.h
+++ b/headers/modsecurity/modsecurity.h
@ -223,6 +223,7 @@ class ModSecurity {
    };

    collection::Collection *m_global_collection;
+    collection::Collection *m_resource_collection;
    collection::Collection *m_ip_collection;
    collection::Collection *m_session_collection;
    collection::Collection *m_user_collection;
--- a/src/actions/init_col.cc
+++ b/src/actions/init_col.cc
@ -43,7 +43,9 @@ bool InitCol::init(std::string *error) {
    m_collection_key = std::string(m_parser_payload, 0,  posEquals);
    m_collection_value = std::string(m_parser_payload, posEquals + 1);

-    if (m_collection_key != "ip" && m_collection_key != "global") {
+    if (m_collection_key != "ip" &&
+        m_collection_key != "global" &&
+        m_collection_key != "resource") {
        error->assign("Something wrong with initcol: collection must be `ip' or `global'");
        return false;
    }
@ -61,6 +63,8 @@ bool InitCol::evaluate(Rule *rule, Transaction *t) {
        t->m_collections.m_ip_collection_key = collectionName;
    } else if (m_collection_key == "global") {
        t->m_collections.m_global_collection_key = collectionName;
+    } else if (m_collection_key == "resource") {
+        t->m_collections.m_resource_collection_key = collectionName;
    } else {
        return false;
    }
--- a/src/collection/collections.cc
+++ b/src/collection/collections.cc
@ -34,10 +34,12 @@ namespace collection {


 Collections::Collections(Collection *global,
-    Collection *ip, Collection *session, Collection *user)
-    : m_global_collection_key(""),
+    Collection *ip, Collection *session, Collection *user,
+    Collection *resource) : m_global_collection_key(""),
    m_ip_collection_key(""),
+    m_resource_collection_key(""),
    m_global_collection(global),
+    m_resource_collection(resource),
    m_ip_collection(ip),
    m_session_collection(session),
    m_user_collection(user),
@ -72,6 +74,14 @@ void Collections::storeOrUpdateFirst(const std::string& collectionName,
        return;
    }

+    if (tolower(collectionName) == "resource"
+        && !m_resource_collection_key.empty()) {
+        m_resource_collection->storeOrUpdateFirst(collectionName + ":"
+            + variableName, m_resource_collection_key, targetValue);
+        return;
+    }
+
+
    if (tolower(collectionName) == "session"
        && !m_session_collection_key.empty()) {
        m_session_collection->storeOrUpdateFirst(collectionName + ":"
@ -147,6 +157,12 @@ std::string* Collections::resolveFirst(const std::string& collectionName,
                    + ":" + var, m_global_collection_key);
        }

+        if (tolower(collectionName) == "resource"
+            && !m_resource_collection_key.empty()) {
+            return m_resource_collection->resolveFirst(toupper(collectionName)
+                    + ":" + var, m_resource_collection_key);
+        }
+
        if (tolower(collectionName) == "session"
            && !m_session_collection_key.empty()) {
            return m_session_collection->resolveFirst(toupper(collectionName)
@ -191,6 +207,13 @@ void Collections::resolveSingleMatch(const std::string& var,
        return;
    }

+    if (tolower(collection) == "resource"
+        && !m_resource_collection_key.empty()) {
+        m_resource_collection->resolveSingleMatch(var,
+            m_resource_collection_key, l);
+        return;
+    }
+
    if (tolower(collection) == "session"
        && !m_session_collection_key.empty()) {
        m_session_collection->resolveSingleMatch(var,
@ -226,6 +249,13 @@ void Collections::resolveMultiMatches(const std::string& var,
        return;
    }

+    if (tolower(collection) == "resource"
+        && !m_resource_collection_key.empty()) {
+        m_resource_collection->resolveMultiMatches(var,
+            m_resource_collection_key, l);
+        return;
+    }
+
    if (tolower(collection) == "session"
        && !m_session_collection_key.empty()) {
        m_session_collection->resolveMultiMatches(var,
@ -261,6 +291,13 @@ void Collections::resolveRegularExpression(const std::string& var,
        return;
    }

+    if (tolower(collection) == "resource"
+        && !m_resource_collection_key.empty()) {
+        m_resource_collection->resolveRegularExpression(toupper(collection)
+            + ":" + var, m_resource_collection_key, l);
+        return;
+    }
+
    if (tolower(collection) == "session"
        && !m_session_collection_key.empty()) {
        m_session_collection->resolveRegularExpression(toupper(collection)
--- a/src/modsecurity.cc
+++ b/src/modsecurity.cc
@ -47,6 +47,7 @@ namespace modsecurity {
 ModSecurity::ModSecurity()
    : m_connector(""),
    m_global_collection(new collection::backend::InMemoryPerProcess()),
+    m_resource_collection(new collection::backend::InMemoryPerProcess()),
    m_ip_collection(new collection::backend::InMemoryPerProcess()),
    m_session_collection(new collection::backend::InMemoryPerProcess()),
    m_user_collection(new collection::backend::InMemoryPerProcess()),
@ -67,6 +68,7 @@ ModSecurity::~ModSecurity() {
    Utils::GeoLookup::getInstance().cleanUp();
 #endif
    delete m_global_collection;
+    delete m_resource_collection;
    delete m_ip_collection;
    delete m_session_collection;
    delete m_user_collection;
--- a/src/transaction.cc
+++ b/src/transaction.cc
@ -116,7 +116,8 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
    m_logCbData(logCbData),
    m_ms(ms),
    m_collections(ms->m_global_collection, ms->m_ip_collection,
-        ms->m_session_collection, ms->m_user_collection),
+        ms->m_session_collection, ms->m_user_collection,
+        ms->m_resource_collection),
    m_xml(new RequestBodyProcessor::XML(this)) {
    m_id = std::to_string(this->m_timeStamp) + \
        std::to_string(generate_transaction_unique_id());