github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Changes the actions to affect the ruleMessage instead of transaction

Browse Source
This commit is contained in:
Felipe Zimmerle 2016-11-28 09:59:50 -03:00
parent 8fa0523fe0
commit 2930d40d57
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
10 changed files with 30 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/actions/block.cc
View File

@ -26,13 +26,13 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Block::evaluate(Rule *rule, Transaction *transaction) { bool Block::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
#ifndef NO_LOGS #ifndef NO_LOGS
transaction->debug(8, "Running action block"); transaction->debug(8, "Running action block");
#endif #endif
for (Action *a : rule->actions_runtime_pos) { for (Action *a : rule->m_actionsRuntimePos) {
if (a->isDisruptive() == true) { if (a->isDisruptive() == true) {
transaction->m_actions.push_back(a); rm->m_tmp_actions.push_back(a);
} }
} }
return true; return true;

4
src/actions/block.h
View File

@ -16,6 +16,7 @@
#include <string> #include <string>
#include "modsecurity/actions/action.h" #include "modsecurity/actions/action.h"
#include "modsecurity/rule_message.h"
#ifndef SRC_ACTIONS_BLOCK_H_ #ifndef SRC_ACTIONS_BLOCK_H_
#define SRC_ACTIONS_BLOCK_H_ #define SRC_ACTIONS_BLOCK_H_
@ -33,7 +34,8 @@ class Block : public Action {
public: public:
explicit Block(std::string action) : Action(action) { } explicit Block(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *rm) override;
void fillIntervention(ModSecurityIntervention *i) override; void fillIntervention(ModSecurityIntervention *i) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
}; };

4
src/actions/deny.cc
View File

@ -24,11 +24,11 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Deny::evaluate(Rule *rule, Transaction *transaction) { bool Deny::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
#ifndef NO_LOGS #ifndef NO_LOGS
transaction->debug(8, "Running action deny"); transaction->debug(8, "Running action deny");
#endif #endif
transaction->m_actions.push_back(this); rm->m_tmp_actions.push_back(this);
return true; return true;
} }

4
src/actions/deny.h
View File

@ -17,6 +17,7 @@
#include "modsecurity/actions/action.h" #include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rule_message.h"
#ifndef SRC_ACTIONS_DENY_H_ #ifndef SRC_ACTIONS_DENY_H_
#define SRC_ACTIONS_DENY_H_ #define SRC_ACTIONS_DENY_H_
@ -29,7 +30,8 @@ class Deny : public Action {
public: public:
explicit Deny(std::string action) : Action(action) { } explicit Deny(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *rm) override;
void fillIntervention(ModSecurityIntervention *i) override; void fillIntervention(ModSecurityIntervention *i) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
}; };

11
src/actions/msg.cc
View File

@ -22,6 +22,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
/* /*
* Description: Assigns a custom message to the rule or chain in which it * Description: Assigns a custom message to the rule or chain in which it
@ -45,14 +46,12 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Msg::evaluate(Rule *rule, Transaction *transaction) { bool Msg::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
#ifndef NO_LOGS std::string msg = data(transaction);
std::string msg = MacroExpansion::expand(m_parser_payload, transaction);
transaction->debug(9, "Saving msg: " + msg); transaction->debug(9, "Saving msg: " + msg);
#endif rm->m_message = msg;
rule->m_log_message = data(transaction);
transaction->m_collections.storeOrUpdateFirst("RULE:msg", msg);
return true; return true;
} }

4
src/actions/msg.h
View File

@ -16,6 +16,7 @@
#include <string> #include <string>
#include "modsecurity/actions/action.h" #include "modsecurity/actions/action.h"
#include "modsecurity/rule_message.h"
#ifndef SRC_ACTIONS_MSG_H_ #ifndef SRC_ACTIONS_MSG_H_
#define SRC_ACTIONS_MSG_H_ #define SRC_ACTIONS_MSG_H_
@ -32,7 +33,8 @@ class Msg : public Action {
explicit Msg(std::string action) explicit Msg(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm)
override;
std::string data(Transaction *Transaction); std::string data(Transaction *Transaction);
}; };

4
src/actions/pass.cc
View File

@ -20,12 +20,14 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
bool Pass::evaluate(Rule *rule, Transaction *transaction) { bool Pass::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
rm->m_tmp_actions.clear();
return true; return true;
} }

3
src/actions/pass.h
View File

@ -29,7 +29,8 @@ class Pass : public Action {
public: public:
explicit Pass(std::string action) : Action(action) { } explicit Pass(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm)
override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
}; };

5
src/actions/status.cc
View File

@ -20,6 +20,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
@ -36,8 +37,8 @@ bool Status::init(std::string *error) {
} }
bool Status::evaluate(Rule *rule, Transaction *transaction) { bool Status::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
transaction->m_actions.push_back(this); rm->m_tmp_actions.push_back(this);
return true; return true;
} }

4
src/actions/status.h
View File

@ -16,6 +16,7 @@
#include <string> #include <string>
#include "modsecurity/actions/action.h" #include "modsecurity/actions/action.h"
#include "modsecurity/rule_message.h"
#ifndef SRC_ACTIONS_STATUS_H_ #ifndef SRC_ACTIONS_STATUS_H_
#define SRC_ACTIONS_STATUS_H_ #define SRC_ACTIONS_STATUS_H_
@ -32,7 +33,8 @@ class Status : public Action {
explicit Status(std::string action) : Action(action, 2) { } explicit Status(std::string action) : Action(action, 2) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm)
override;
void fillIntervention(ModSecurityIntervention *i) override; void fillIntervention(ModSecurityIntervention *i) override;
protected: protected: