Changes the actions to affect the ruleMessage instead of transaction

2025-08-14 05:45:59 +03:00 · 2016-11-28 09:59:50 -03:00 · 2016-11-28 09:59:50 -03:00 · 2930d40d57
commit 2930d40d57
parent 8fa0523fe0
10 changed files with 30 additions and 19 deletions
--- a/src/actions/block.cc
+++ b/src/actions/block.cc
@ -26,13 +26,13 @@ namespace modsecurity {
 namespace actions {


-bool Block::evaluate(Rule *rule, Transaction *transaction) {
+bool Block::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
 #ifndef NO_LOGS
    transaction->debug(8, "Running action block");
 #endif
-    for (Action *a : rule->actions_runtime_pos) {
+    for (Action *a : rule->m_actionsRuntimePos) {
        if (a->isDisruptive() == true) {
-            transaction->m_actions.push_back(a);
+            rm->m_tmp_actions.push_back(a);
        }
    }
    return true;
--- a/src/actions/block.h
+++ b/src/actions/block.h
@ -16,6 +16,7 @@
 #include <string>

 #include "modsecurity/actions/action.h"
+#include "modsecurity/rule_message.h"

 #ifndef SRC_ACTIONS_BLOCK_H_
 #define SRC_ACTIONS_BLOCK_H_
@ -33,7 +34,8 @@ class Block : public Action {
 public:
    explicit Block(std::string action) : Action(action) { }

-    bool evaluate(Rule *rule, Transaction *transaction) override;
+    bool evaluate(Rule *rule, Transaction *transaction,
+        RuleMessage *rm) override;
    void fillIntervention(ModSecurityIntervention *i) override;
    bool isDisruptive() override { return true; }
 };
--- a/src/actions/deny.cc
+++ b/src/actions/deny.cc
@ -24,11 +24,11 @@ namespace modsecurity {
 namespace actions {


-bool Deny::evaluate(Rule *rule, Transaction *transaction) {
+bool Deny::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
 #ifndef NO_LOGS
    transaction->debug(8, "Running action deny");
 #endif
-    transaction->m_actions.push_back(this);
+    rm->m_tmp_actions.push_back(this);
    return true;
 }

--- a/src/actions/deny.h
+++ b/src/actions/deny.h
@ -17,6 +17,7 @@

 #include "modsecurity/actions/action.h"
 #include "modsecurity/transaction.h"
+#include "modsecurity/rule_message.h"

 #ifndef SRC_ACTIONS_DENY_H_
 #define SRC_ACTIONS_DENY_H_
@ -29,7 +30,8 @@ class Deny : public Action {
 public:
    explicit Deny(std::string action) : Action(action) { }

-    bool evaluate(Rule *rule, Transaction *transaction) override;
+    bool evaluate(Rule *rule, Transaction *transaction,
+        RuleMessage *rm) override;
    void fillIntervention(ModSecurityIntervention *i) override;
    bool isDisruptive() override { return true; }
 };
--- a/src/actions/msg.cc
+++ b/src/actions/msg.cc
@ -22,6 +22,7 @@
 #include "modsecurity/transaction.h"
 #include "src/macro_expansion.h"
 #include "modsecurity/rule.h"
+#include "modsecurity/rule_message.h"

 /*
 * Description: Assigns a custom message to the rule or chain in which it
@ -45,14 +46,12 @@ namespace modsecurity {
 namespace actions {


-bool Msg::evaluate(Rule *rule, Transaction *transaction) {
-#ifndef NO_LOGS
-    std::string msg = MacroExpansion::expand(m_parser_payload, transaction);
+bool Msg::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
+    std::string msg = data(transaction);
    transaction->debug(9, "Saving msg: " + msg);
-#endif
-
-    rule->m_log_message = data(transaction);
+    rm->m_message = msg;

+    transaction->m_collections.storeOrUpdateFirst("RULE:msg", msg);
    return true;
 }

--- a/src/actions/msg.h
+++ b/src/actions/msg.h
@ -16,6 +16,7 @@
 #include <string>

 #include "modsecurity/actions/action.h"
+#include "modsecurity/rule_message.h"

 #ifndef SRC_ACTIONS_MSG_H_
 #define SRC_ACTIONS_MSG_H_
@ -32,7 +33,8 @@ class Msg : public Action {
    explicit Msg(std::string action)
        : Action(action, RunTimeOnlyIfMatchKind) { }

-    bool evaluate(Rule *rule, Transaction *transaction) override;
+    bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm)
+        override;

    std::string data(Transaction *Transaction);
 };
--- a/src/actions/pass.cc
+++ b/src/actions/pass.cc
@ -20,12 +20,14 @@

 #include "modsecurity/transaction.h"
 #include "modsecurity/rule.h"
+#include "modsecurity/rule_message.h"

 namespace modsecurity {
 namespace actions {


-bool Pass::evaluate(Rule *rule, Transaction *transaction) {
+bool Pass::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
+    rm->m_tmp_actions.clear();
    return true;
 }

--- a/src/actions/pass.h
+++ b/src/actions/pass.h
@ -29,7 +29,8 @@ class Pass : public Action {
 public:
    explicit Pass(std::string action) : Action(action) { }

-    bool evaluate(Rule *rule, Transaction *transaction) override;
+    bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm)
+        override;
    bool isDisruptive() override { return true; }
 };

--- a/src/actions/status.cc
+++ b/src/actions/status.cc
@ -20,6 +20,7 @@

 #include "modsecurity/transaction.h"

+
 namespace modsecurity {
 namespace actions {

@ -36,8 +37,8 @@ bool Status::init(std::string *error) {
 }


-bool Status::evaluate(Rule *rule, Transaction *transaction) {
-    transaction->m_actions.push_back(this);
+bool Status::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
+    rm->m_tmp_actions.push_back(this);
    return true;
 }

--- a/src/actions/status.h
+++ b/src/actions/status.h
@ -16,6 +16,7 @@
 #include <string>

 #include "modsecurity/actions/action.h"
+#include "modsecurity/rule_message.h"

 #ifndef SRC_ACTIONS_STATUS_H_
 #define SRC_ACTIONS_STATUS_H_
@ -32,7 +33,8 @@ class Status : public Action {
    explicit Status(std::string action) : Action(action, 2) { }

    bool init(std::string *error) override;
-    bool evaluate(Rule *rule, Transaction *transaction) override;
+    bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm)
+        override;
    void fillIntervention(ModSecurityIntervention *i) override;

 protected: