From 28a44b966a7a5809e9c7f860363de569d8e924a3 Mon Sep 17 00:00:00 2001
From: Abhi Joglekar <abhijeet@avinetworks.com>
Date: Tue, 18 Oct 2016 21:49:26 +0000
Subject: [PATCH] SecLang uses RESPONSE_STATUS as variable, not STATUS

Seclang uses RESPONSE_STATUS as variable to encode the status code for the
request.
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#RESPONSE_STATUS

The CRS v3.0.0-dev rules, for instance, uses the RESPONSE_STATUS variable.
https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.0.0-dev/rules/RESPONSE-50-DATA-LEAKAGES-IIS.conf

When processing response headers, the variable was named STATUS when creating/storing
it in the collection. Fix it, and update regression testcases.
---
 src/transaction.cc                              | 2 +-
 test/test-cases/regression/variable-STATUS.json | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/transaction.cc b/src/transaction.cc
index 31d32eb5..c71bb15f 100644
--- a/src/transaction.cc
+++ b/src/transaction.cc
@@ -876,7 +876,7 @@ int Transaction::processResponseHeaders(int code, const std::string& proto) {
 #endif
 
     this->m_httpCodeReturned = code;
-    this->m_collections.store("STATUS", std::to_string(code));
+    this->m_collections.store("RESPONSE_STATUS", std::to_string(code));
     m_collections.store("RESPONSE_PROTOCOL", proto);
 
     if (m_rules->m_secRuleEngine == Rules::DisabledRuleEngine) {
diff --git a/test/test-cases/regression/variable-STATUS.json b/test/test-cases/regression/variable-STATUS.json
index 57a52d51..9e451f73 100644
--- a/test/test-cases/regression/variable-STATUS.json
+++ b/test/test-cases/regression/variable-STATUS.json
@@ -36,11 +36,11 @@
       ]
     },
     "expected":{
-      "debug_log":"Target value: \"200\" \\(Variable: STATUS\\)"
+      "debug_log":"Target value: \"200\" \\(Variable: RESPONSE_STATUS\\)"
     },
     "rules":[
       "SecRuleEngine On",
-      "SecRule STATUS \"@contains test\" \"id:1,phase:5,rev:1.3,pass,t:trim\""
+      "SecRule RESPONSE_STATUS \"@contains test\" \"id:1,phase:5,rev:1.3,pass,t:trim\""
     ]
   },
   {
@@ -80,13 +80,13 @@
       ]
     },
     "expected":{
-      "debug_log":"Target value: \"500\" \\(Variable: STATUS\\)",
+      "debug_log":"Target value: \"500\" \\(Variable: RESPONSE_STATUS\\)",
       "http_code": 500
     },
     "rules":[
       "SecRuleEngine On",
       "SecRule ARGS \"@pm value\" \"id:1,phase:2,t:trim,status:500,deny\"",
-      "SecRule STATUS \"@contains test\" \"id:2,phase:5,rev:1.3,pass,t:trim\""
+      "SecRule RESPONSE_STATUS \"@contains test\" \"id:2,phase:5,rev:1.3,pass,t:trim\""
     ]
   }
 ]