github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Reference RuleWithActions & Transaction object instead of copying values in RuleMessage

Browse Source 
- Because the lifetime of the RuleMessage instances do not extend beyond
  the lifetime of the enclosing RuleWithActions & Transaction,
  RuleMessage can just reference it and simplify its definition.
- Additionally, make the references const to show that it doesn't modify it.
- Replace RuleMessage copy constructor with default implementations.
- Removed unused RuleMessage assignment operator (which cannot be implemented
  now that it has reference members).
- Removed constructor from RuleMessage pointer.
- Addressed Sonarcloud suggestions: Do not use the constructor's
  initializer list for data member "xxx". Use the in-class initializer
  instead.
This commit is contained in:
Eduardo Arias 2024-05-05 15:15:47 -03:00
parent 2ec640fd76
commit 2ad87f640f
11 changed files with 85 additions and 205 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h
View File

@ -155,8 +155,8 @@ class ReadingLogsViaRuleMessage {
const modsecurity::RuleMessage *ruleMessage = \ const modsecurity::RuleMessage *ruleMessage = \
reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev); reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev);
std::cout << "Rule Id: " << std::to_string(ruleMessage->m_ruleId); std::cout << "Rule Id: " << std::to_string(ruleMessage->m_rule.m_ruleId);
std::cout << " phase: " << std::to_string(ruleMessage->m_phase); std::cout << " phase: " << std::to_string(ruleMessage->getPhase());
std::cout << std::endl; std::cout << std::endl;
if (ruleMessage->m_isDisruptive) { if (ruleMessage->m_isDisruptive) {
std::cout << " * Disruptive action: "; std::cout << " * Disruptive action: ";

4
examples/using_bodies_in_chunks/simple_request.cc
View File

@ -76,8 +76,8 @@ static void logCb(void *data, const void *ruleMessagev) {
const modsecurity::RuleMessage *ruleMessage = \ const modsecurity::RuleMessage *ruleMessage = \
reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev); reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev);
std::cout << "Rule Id: " << std::to_string(ruleMessage->m_ruleId); std::cout << "Rule Id: " << std::to_string(ruleMessage->m_rule.m_ruleId);
std::cout << " phase: " << std::to_string(ruleMessage->m_phase); std::cout << " phase: " << std::to_string(ruleMessage->getPhase());
std::cout << std::endl; std::cout << std::endl;
if (ruleMessage->m_isDisruptive) { if (ruleMessage->m_isDisruptive) {
std::cout << " * Disruptive action: "; std::cout << " * Disruptive action: ";

13
headers/modsecurity/rule.h
View File

@ -65,7 +65,7 @@ using MatchActions = std::vector<actions::Action *>;
class Rule { class Rule {
public: public:
Rule(std::unique_ptr<std::string> fileName, int lineNumber) Rule(std::unique_ptr<std::string> fileName, int lineNumber)
: m_fileName(std::make_shared<std::string>(*fileName)), : m_fileName(*fileName),
m_lineNumber(lineNumber), m_lineNumber(lineNumber),
m_phase(modsecurity::Phases::RequestHeadersPhase) { m_phase(modsecurity::Phases::RequestHeadersPhase) {
} }
@ -81,7 +81,7 @@ class Rule {
virtual bool evaluate(Transaction *transaction, virtual bool evaluate(Transaction *transaction,
std::shared_ptr<RuleMessage> rm) = 0; std::shared_ptr<RuleMessage> rm) = 0;
std::shared_ptr<std::string> getFileName() const { const std::string& getFileName() const {
return m_fileName; return m_fileName;
} }
@ -93,18 +93,15 @@ class Rule {
void setPhase(int phase) { m_phase = phase; } void setPhase(int phase) { m_phase = phase; }
virtual std::string getReference() { virtual std::string getReference() {
if (m_fileName) { return m_fileName + ":" + std::to_string(m_lineNumber);
return *m_fileName + ":" + std::to_string(m_lineNumber);
}
return "<<no file>>:" + std::to_string(m_lineNumber);
} }
virtual bool isMarker() { return false; } virtual bool isMarker() { return false; }
private: private:
std::shared_ptr<std::string> m_fileName; const std::string m_fileName;
int m_lineNumber; const int m_lineNumber;
// FIXME: phase may not be neede to SecMarker. // FIXME: phase may not be neede to SecMarker.
int m_phase; int m_phase;
}; };

138
headers/modsecurity/rule_message.h
View File

@ -42,116 +42,13 @@ class RuleMessage {
ClientLogMessageInfo = 4 ClientLogMessageInfo = 4
}; };
/** RuleMessage(const RuleWithActions &rule, const Transaction &trans) :
*
* FIXME: RuleMessage is currently too big, doing a lot of
* unnecessary data duplication. Needs to be shrink down.
*
*/
RuleMessage(RuleWithActions *rule, Transaction *trans) :
m_accuracy(rule->m_accuracy),
m_clientIpAddress(trans->m_clientIpAddress),
m_data(""),
m_id(trans->m_id),
m_isDisruptive(false),
m_match(""),
m_maturity(rule->m_maturity),
m_message(""),
m_noAuditLog(false),
m_phase(rule->getPhase() - 1),
m_reference(""),
m_rev(rule->m_rev),
m_rule(rule), m_rule(rule),
m_ruleFile(rule->getFileName()), m_transaction(trans)
m_ruleId(rule->m_ruleId),
m_ruleLine(rule->getLineNumber()),
m_saveMessage(true),
m_serverIpAddress(trans->m_serverIpAddress),
m_requestHostName(trans->m_requestHostName),
m_severity(0),
m_uriNoQueryStringDecoded(trans->m_uri_no_query_string_decoded),
m_ver(rule->m_ver),
m_tags()
{ } { }
explicit RuleMessage(RuleMessage *rule) : RuleMessage(const RuleMessage &ruleMessage) = default;
m_accuracy(rule->m_accuracy), RuleMessage &operator=(const RuleMessage &ruleMessage) = delete;
m_clientIpAddress(rule->m_clientIpAddress),
m_data(rule->m_data),
m_id(rule->m_id),
m_isDisruptive(rule->m_isDisruptive),
m_match(rule->m_match),
m_maturity(rule->m_maturity),
m_message(rule->m_message),
m_noAuditLog(rule->m_noAuditLog),
m_phase(rule->m_phase),
m_reference(rule->m_reference),
m_rev(rule->m_rev),
m_rule(rule->m_rule),
m_ruleFile(rule->m_ruleFile),
m_ruleId(rule->m_ruleId),
m_ruleLine(rule->m_ruleLine),
m_saveMessage(rule->m_saveMessage),
m_serverIpAddress(rule->m_serverIpAddress),
m_requestHostName(rule->m_requestHostName),
m_severity(rule->m_severity),
m_uriNoQueryStringDecoded(rule->m_uriNoQueryStringDecoded),
m_ver(rule->m_ver),
m_tags(rule->m_tags)
{ }
RuleMessage(const RuleMessage& ruleMessage)
: m_accuracy(ruleMessage.m_accuracy),
m_clientIpAddress(ruleMessage.m_clientIpAddress),
m_data(ruleMessage.m_data),
m_id(ruleMessage.m_id),
m_isDisruptive(ruleMessage.m_isDisruptive),
m_match(ruleMessage.m_match),
m_maturity(ruleMessage.m_maturity),
m_message(ruleMessage.m_message),
m_noAuditLog(ruleMessage.m_noAuditLog),
m_phase(ruleMessage.m_phase),
m_reference(ruleMessage.m_reference),
m_rev(ruleMessage.m_rev),
m_rule(ruleMessage.m_rule),
m_ruleFile(ruleMessage.m_ruleFile),
m_ruleId(ruleMessage.m_ruleId),
m_ruleLine(ruleMessage.m_ruleLine),
m_saveMessage(ruleMessage.m_saveMessage),
m_serverIpAddress(ruleMessage.m_serverIpAddress),
m_requestHostName(ruleMessage.m_requestHostName),
m_severity(ruleMessage.m_severity),
m_uriNoQueryStringDecoded(ruleMessage.m_uriNoQueryStringDecoded),
m_ver(ruleMessage.m_ver),
m_tags(ruleMessage.m_tags)
{ }
RuleMessage &operator=(const RuleMessage& ruleMessage) {
m_accuracy = ruleMessage.m_accuracy;
m_clientIpAddress = ruleMessage.m_clientIpAddress;
m_data = ruleMessage.m_data;
m_id = ruleMessage.m_id;
m_isDisruptive = ruleMessage.m_isDisruptive;
m_match = ruleMessage.m_match;
m_maturity = ruleMessage.m_maturity;
m_message = ruleMessage.m_message;
m_noAuditLog = ruleMessage.m_noAuditLog;
m_phase = ruleMessage.m_phase;
m_reference = ruleMessage.m_reference;
m_rev = ruleMessage.m_rev;
m_rule = ruleMessage.m_rule;
m_ruleFile = ruleMessage.m_ruleFile;
m_ruleId = ruleMessage.m_ruleId;
m_ruleLine = ruleMessage.m_ruleLine;
m_saveMessage = ruleMessage.m_saveMessage;
m_serverIpAddress = ruleMessage.m_serverIpAddress;
m_requestHostName = ruleMessage.m_requestHostName;
m_severity = ruleMessage.m_severity;
m_uriNoQueryStringDecoded = ruleMessage.m_uriNoQueryStringDecoded;
m_ver = ruleMessage.m_ver;
m_tags = ruleMessage.m_tags;
return *this;
}
void clean() { void clean() {
m_data = ""; m_data = "";
@ -159,7 +56,6 @@ class RuleMessage {
m_isDisruptive = false; m_isDisruptive = false;
m_reference = ""; m_reference = "";
m_severity = 0; m_severity = 0;
m_ver = "";
} }
std::string log() { std::string log() {
@ -187,28 +83,18 @@ class RuleMessage {
static std::string _details(const RuleMessage *rm); static std::string _details(const RuleMessage *rm);
static std::string _errorLogTail(const RuleMessage *rm); static std::string _errorLogTail(const RuleMessage *rm);
int m_accuracy; int getPhase() const { return m_rule.getPhase() - 1; }
std::shared_ptr<std::string> m_clientIpAddress;
const RuleWithActions &m_rule;
const Transaction &m_transaction;
std::string m_data; std::string m_data;
std::shared_ptr<std::string> m_id; bool m_isDisruptive = false;
bool m_isDisruptive;
std::string m_match; std::string m_match;
int m_maturity;
std::string m_message; std::string m_message;
bool m_noAuditLog; bool m_noAuditLog = false;
int m_phase;
std::string m_reference; std::string m_reference;
std::string m_rev; bool m_saveMessage = true;
RuleWithActions *m_rule; int m_severity = 0;
std::shared_ptr<std::string> m_ruleFile;
int m_ruleId;
int m_ruleLine;
bool m_saveMessage;
std::shared_ptr<std::string> m_serverIpAddress;
std::shared_ptr<std::string> m_requestHostName;
int m_severity;
std::shared_ptr<std::string> m_uriNoQueryStringDecoded;
std::string m_ver;
std::list<std::string> m_tags; std::list<std::string> m_tags;
}; };

2
headers/modsecurity/rule_with_actions.h
View File

@ -76,7 +76,7 @@ class RuleWithActions : public Rule {
void performLogging(Transaction *trans, void performLogging(Transaction *trans,
std::shared_ptr<RuleMessage> ruleMessage, std::shared_ptr<RuleMessage> ruleMessage,
bool lastLog = true, bool lastLog = true,
bool chainedParentNull = false); bool chainedParentNull = false) const;
std::vector<actions::Action *> getActionsByName(const std::string& name, std::vector<actions::Action *> getActionsByName(const std::string& name,
Transaction *t); Transaction *t);

12
headers/modsecurity/transaction.h
View File

@ -57,7 +57,7 @@ typedef struct Rules_t RulesSet;
#define ms_dbg(b, c) \ #define ms_dbg(b, c) \
do { \ do { \
if (m_rules && m_rules->m_debugLog && m_rules->m_debugLog->m_debugLevel >= b) { \ if (m_rules && m_rules->m_debugLog && m_rules->m_debugLog->m_debugLevel >= b) { \
m_rules->debug(b, *m_id.get(), m_uri, c); \ m_rules->debug(b, m_id, m_uri, c); \
} \ } \
} while (0); } while (0);
#else #else
@ -431,7 +431,7 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
/** /**
* Holds the client IP address. * Holds the client IP address.
*/ */
std::shared_ptr<std::string> m_clientIpAddress; std::string m_clientIpAddress;
/** /**
* Holds the HTTP version: 1.2, 2.0, 3.0 and so on.... * Holds the HTTP version: 1.2, 2.0, 3.0 and so on....
@ -441,12 +441,12 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
/** /**
* Holds the server IP Address * Holds the server IP Address
*/ */
std::shared_ptr<std::string> m_serverIpAddress; std::string m_serverIpAddress;
/** /**
* Holds the request's hostname * Holds the request's hostname
*/ */
std::shared_ptr<std::string> m_requestHostName; std::string m_requestHostName;
/** /**
* Holds the raw URI that was requested. * Holds the raw URI that was requested.
@ -456,7 +456,7 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
/** /**
* Holds the URI that was requests (without the query string). * Holds the URI that was requests (without the query string).
*/ */
std::shared_ptr<std::string> m_uri_no_query_string_decoded; std::string m_uri_no_query_string_decoded;
/** /**
* Holds the combined size of all arguments, later used to fill the * Holds the combined size of all arguments, later used to fill the
@ -568,7 +568,7 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
* Contains the unique ID of the transaction. Use by the variable * Contains the unique ID of the transaction. Use by the variable
* `UNIQUE_ID'. This unique id is also saved as part of the AuditLog. * `UNIQUE_ID'. This unique id is also saved as part of the AuditLog.
*/ */
std::shared_ptr<std::string> m_id; std::string m_id;
/** /**
* Holds the amount of rules that should be skipped. If bigger than 0 the * Holds the amount of rules that should be skipped. If bigger than 0 the

2
src/audit_log/writer/parallel.cc
View File

@ -123,7 +123,7 @@ bool Parallel::write(Transaction *transaction, int parts, std::string *error) {
} }
const auto &logPath = m_audit->m_storage_dir; const auto &logPath = m_audit->m_storage_dir;
fileName = logPath + fileName + "-" + *transaction->m_id.get(); fileName = logPath + fileName + "-" + transaction->m_id;
if (logPath.empty()) { if (logPath.empty()) {
error->assign("Log path is not valid."); error->assign("Log path is not valid.");

2
src/request_body_processor/multipart.cc
View File

@ -74,7 +74,7 @@ void MultipartPartTmpFile::Open() {
strftime(tstr, std::size(tstr), "/%Y%m%d-%H%M%S", &timeinfo); strftime(tstr, std::size(tstr), "/%Y%m%d-%H%M%S", &timeinfo);
std::string path = m_transaction->m_rules->m_uploadDirectory.m_value; std::string path = m_transaction->m_rules->m_uploadDirectory.m_value;
path = path + tstr + "-" + *m_transaction->m_id.get(); path = path + tstr + "-" + m_transaction->m_id;
path += "-file-XXXXXX"; path += "-file-XXXXXX";
#ifndef WIN32 #ifndef WIN32

32
src/rule_message.cc
View File

@ -26,26 +26,26 @@ namespace modsecurity {
std::string RuleMessage::_details(const RuleMessage *rm) { std::string RuleMessage::_details(const RuleMessage *rm) {
std::string msg; std::string msg;
msg.append(" [file \"" + std::string(*rm->m_ruleFile.get()) + "\"]"); msg.append(" [file \"" + rm->m_rule.getFileName() + "\"]");
msg.append(" [line \"" + std::to_string(rm->m_ruleLine) + "\"]"); msg.append(" [line \"" + std::to_string(rm->m_rule.getLineNumber()) + "\"]");
msg.append(" [id \"" + std::to_string(rm->m_ruleId) + "\"]"); msg.append(" [id \"" + std::to_string(rm->m_rule.m_ruleId) + "\"]");
msg.append(" [rev \"" + utils::string::toHexIfNeeded(rm->m_rev, true) + "\"]"); msg.append(" [rev \"" + utils::string::toHexIfNeeded(rm->m_rule.m_rev, true) + "\"]");
msg.append(" [msg \"" + rm->m_message + "\"]"); msg.append(" [msg \"" + rm->m_message + "\"]");
msg.append(" [data \"" + utils::string::toHexIfNeeded(utils::string::limitTo(200, rm->m_data), true) + "\"]"); msg.append(" [data \"" + utils::string::toHexIfNeeded(utils::string::limitTo(200, rm->m_data), true) + "\"]");
msg.append(" [severity \"" + msg.append(" [severity \"" +
std::to_string(rm->m_severity) + "\"]"); std::to_string(rm->m_severity) + "\"]");
msg.append(" [ver \"" + utils::string::toHexIfNeeded(rm->m_ver, true) + "\"]"); msg.append(" [ver \"" + utils::string::toHexIfNeeded(rm->m_rule.m_ver, true) + "\"]");
msg.append(" [maturity \"" + std::to_string(rm->m_maturity) + "\"]"); msg.append(" [maturity \"" + std::to_string(rm->m_rule.m_maturity) + "\"]");
msg.append(" [accuracy \"" + std::to_string(rm->m_accuracy) + "\"]"); msg.append(" [accuracy \"" + std::to_string(rm->m_rule.m_accuracy) + "\"]");
for (const auto &a : rm->m_tags) { for (const auto &a : rm->m_tags) {
msg.append(" [tag \"" + utils::string::toHexIfNeeded(a, true) + "\"]"); msg.append(" [tag \"" + utils::string::toHexIfNeeded(a, true) + "\"]");
} }
msg.append(" [hostname \"" + *rm->m_requestHostName.get() + "\"]"); msg.append(" [hostname \"" + rm->m_transaction.m_requestHostName \
+ "\"]");
msg.append(" [uri \"" + utils::string::limitTo(200, *rm->m_uriNoQueryStringDecoded.get()) + "\"]"); msg.append(" [uri \"" + utils::string::limitTo(200, rm->m_transaction.m_uri_no_query_string_decoded) + "\"]");
msg.append(" [unique_id \"" + *rm->m_id + "\"]"); msg.append(" [unique_id \"" + rm->m_transaction.m_id + "\"]");
msg.append(" [ref \"" + utils::string::limitTo(200, rm->m_reference) + "\"]"); msg.append(" [ref \"" + utils::string::limitTo(200, rm->m_reference) + "\"]");
return msg; return msg;
@ -55,9 +55,9 @@ std::string RuleMessage::_details(const RuleMessage *rm) {
std::string RuleMessage::_errorLogTail(const RuleMessage *rm) { std::string RuleMessage::_errorLogTail(const RuleMessage *rm) {
std::string msg; std::string msg;
msg.append("[hostname \"" + *rm->m_serverIpAddress.get() + "\"]"); msg.append("[hostname \"" + rm->m_transaction.m_serverIpAddress + "\"]");
msg.append(" [uri \"" + utils::string::limitTo(200, *rm->m_uriNoQueryStringDecoded.get()) + "\"]"); msg.append(" [uri \"" + utils::string::limitTo(200, rm->m_transaction.m_uri_no_query_string_decoded) + "\"]");
msg.append(" [unique_id \"" + *rm->m_id + "\"]"); msg.append(" [unique_id \"" + rm->m_transaction.m_id + "\"]");
return msg; return msg;
} }
@ -68,7 +68,7 @@ std::string RuleMessage::log(const RuleMessage *rm, int props, int code) {
msg.reserve(2048); msg.reserve(2048);
if (props & ClientLogMessageInfo) { if (props & ClientLogMessageInfo) {
msg.append("[client " + std::string(*rm->m_clientIpAddress.get()) + "] "); msg.append("[client " + rm->m_transaction.m_clientIpAddress + "] ");
} }
if (rm->m_isDisruptive) { if (rm->m_isDisruptive) {
@ -79,7 +79,7 @@ std::string RuleMessage::log(const RuleMessage *rm, int props, int code) {
msg.append(std::to_string(code)); msg.append(std::to_string(code));
} }
msg.append(" (phase "); msg.append(" (phase ");
msg.append(std::to_string(rm->m_rule->getPhase() - 1) + "). "); msg.append(std::to_string(rm->getPhase()) + "). ");
} else { } else {
msg.append("ModSecurity: Warning. "); msg.append("ModSecurity: Warning. ");
} }

6
src/rule_with_actions.cc
View File

@ -179,7 +179,7 @@ RuleWithActions::~RuleWithActions() {
bool RuleWithActions::evaluate(Transaction *transaction) { bool RuleWithActions::evaluate(Transaction *transaction) {
return evaluate(transaction, std::make_shared<RuleMessage>(this, transaction)); return evaluate(transaction, std::make_shared<RuleMessage>(*this, *transaction));
} }
@ -494,7 +494,7 @@ std::vector<actions::Action *> RuleWithActions::getActionsByName(const std::stri
void RuleWithActions::performLogging(Transaction *trans, void RuleWithActions::performLogging(Transaction *trans,
std::shared_ptr<RuleMessage> ruleMessage, std::shared_ptr<RuleMessage> ruleMessage,
bool lastLog, bool lastLog,
bool chainedParentNull) { bool chainedParentNull) const {
/* last rule in the chain. */ /* last rule in the chain. */
bool isItToBeLogged = ruleMessage->m_saveMessage; bool isItToBeLogged = ruleMessage->m_saveMessage;
@ -551,7 +551,7 @@ void RuleWithActions::performLogging(Transaction *trans,
trans->serverLog(ruleMessage); trans->serverLog(ruleMessage);
} }
RuleMessage *rm = new RuleMessage(this, trans); RuleMessage *rm = new RuleMessage(*this, *trans);
rm->m_saveMessage = ruleMessage->m_saveMessage; rm->m_saveMessage = ruleMessage->m_saveMessage;
ruleMessage.reset(rm); ruleMessage.reset(rm);
} }

75
src/transaction.cc
View File

@ -104,12 +104,12 @@ namespace modsecurity {
*/ */
Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData) Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData)
: m_creationTimeStamp(utils::cpu_seconds()), : m_creationTimeStamp(utils::cpu_seconds()),
m_clientIpAddress(std::make_shared<std::string>("")), m_clientIpAddress(""),
m_httpVersion(""), m_httpVersion(""),
m_serverIpAddress(std::make_shared<std::string>("")), m_serverIpAddress(""),
m_requestHostName(std::make_shared<std::string>("")), m_requestHostName(""),
m_uri(""), m_uri(""),
m_uri_no_query_string_decoded(std::make_shared<std::string>("")), m_uri_no_query_string_decoded(""),
m_ARGScombinedSizeDouble(0), m_ARGScombinedSizeDouble(0),
m_clientPort(0), m_clientPort(0),
m_highestSeverityAction(255), m_highestSeverityAction(255),
@ -166,9 +166,8 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData)
m_variableTimeYear(""), m_variableTimeYear(""),
m_logCbData(logCbData), m_logCbData(logCbData),
TransactionAnchoredVariables(this) { TransactionAnchoredVariables(this) {
m_id = std::unique_ptr<std::string>( new std::string( m_id = std::to_string(m_timeStamp) +
std::to_string(m_timeStamp) std::to_string(modsecurity::utils::generate_transaction_unique_id());
+ std::to_string(modsecurity::utils::generate_transaction_unique_id())));
m_variableUrlEncodedError.set("0", 0); m_variableUrlEncodedError.set("0", 0);
m_variableMscPcreError.set("0", 0); m_variableMscPcreError.set("0", 0);
@ -181,12 +180,12 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData)
Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCbData) Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCbData)
: m_creationTimeStamp(utils::cpu_seconds()), : m_creationTimeStamp(utils::cpu_seconds()),
m_clientIpAddress(std::make_shared<std::string>("")), m_clientIpAddress(""),
m_httpVersion(""), m_httpVersion(""),
m_serverIpAddress(std::make_shared<std::string>("")), m_serverIpAddress(""),
m_requestHostName(std::make_shared<std::string>("")), m_requestHostName(""),
m_uri(""), m_uri(""),
m_uri_no_query_string_decoded(std::make_shared<std::string>("")), m_uri_no_query_string_decoded(""),
m_ARGScombinedSizeDouble(0), m_ARGScombinedSizeDouble(0),
m_clientPort(0), m_clientPort(0),
m_highestSeverityAction(255), m_highestSeverityAction(255),
@ -207,7 +206,7 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCb
m_rulesMessages(), m_rulesMessages(),
m_requestBody(), m_requestBody(),
m_responseBody(), m_responseBody(),
m_id(std::unique_ptr<std::string>(new std::string(id))), m_id(id),
m_skip_next(0), m_skip_next(0),
m_allowType(modsecurity::actions::disruptive::NoneAllowType), m_allowType(modsecurity::actions::disruptive::NoneAllowType),
m_uri_decoded(""), m_uri_decoded(""),
@ -292,7 +291,7 @@ void Transaction::debug(int level, const std::string& message) const {
return; return;
} }
m_rules->debug(level, *m_id.get(), m_uri, message); m_rules->debug(level, m_id, m_uri, message);
} }
#endif #endif
@ -319,19 +318,19 @@ void Transaction::debug(int level, const std::string& message) const {
*/ */
int Transaction::processConnection(const char *client, int cPort, int Transaction::processConnection(const char *client, int cPort,
const char *server, int sPort) { const char *server, int sPort) {
m_clientIpAddress = std::unique_ptr<std::string>(new std::string(client)); m_clientIpAddress = client;
m_serverIpAddress = std::unique_ptr<std::string>(new std::string(server)); m_serverIpAddress = server;
m_requestHostName = std::unique_ptr<std::string>(new std::string(server)); m_requestHostName = server;
this->m_clientPort = cPort; this->m_clientPort = cPort;
this->m_serverPort = sPort; this->m_serverPort = sPort;
ms_dbg(4, "Transaction context created."); ms_dbg(4, "Transaction context created.");
ms_dbg(4, "Starting phase CONNECTION. (SecRules 0)"); ms_dbg(4, "Starting phase CONNECTION. (SecRules 0)");
m_variableRemoteHost.set(*m_clientIpAddress.get(), m_variableOffset); m_variableRemoteHost.set(m_clientIpAddress, m_variableOffset);
m_variableUniqueID.set(*m_id.get(), m_variableOffset); m_variableUniqueID.set(m_id, m_variableOffset);
m_variableRemoteAddr.set(*m_clientIpAddress.get(), m_variableOffset); m_variableRemoteAddr.set(m_clientIpAddress, m_variableOffset);
m_variableServerAddr.set(*m_serverIpAddress.get(), m_variableOffset); m_variableServerAddr.set(m_serverIpAddress, m_variableOffset);
m_variableServerPort.set(std::to_string(this->m_serverPort), m_variableServerPort.set(std::to_string(this->m_serverPort),
m_variableOffset); m_variableOffset);
m_variableRemotePort.set(std::to_string(this->m_clientPort), m_variableRemotePort.set(std::to_string(this->m_clientPort),
@ -467,9 +466,7 @@ int Transaction::processURI(const char *uri, const char *method,
m_variableRequestProtocol.set("HTTP/" + std::string(http_version), m_variableRequestProtocol.set("HTTP/" + std::string(http_version),
m_variableOffset + requestLine.size() + 1); m_variableOffset + requestLine.size() + 1);
m_uri_no_query_string_decoded = std::unique_ptr<std::string>( m_uri_no_query_string_decoded = path_info;
new std::string(path_info));
if (pos_raw_query != std::string::npos) { if (pos_raw_query != std::string::npos) {
std::string qry = std::string(uri_s, pos_raw_query + 1, std::string qry = std::string(uri_s, pos_raw_query + 1,
@ -1495,7 +1492,7 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
ss << utils::string::dash_if_empty( ss << utils::string::dash_if_empty(
m_variableRequestHeaders.resolveFirst("Host").get()) m_variableRequestHeaders.resolveFirst("Host").get())
<< " "; << " ";
ss << utils::string::dash_if_empty(this->m_clientIpAddress.get()) << " "; ss << utils::string::dash_if_empty(&this->m_clientIpAddress) << " ";
/** TODO: Check variable */ /** TODO: Check variable */
variables::RemoteUser *r = new variables::RemoteUser("REMOTE_USER"); variables::RemoteUser *r = new variables::RemoteUser("REMOTE_USER");
std::vector<const VariableValue *> l; std::vector<const VariableValue *> l;
@ -1530,7 +1527,7 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
ss << utils::string::dash_if_empty( ss << utils::string::dash_if_empty(
m_variableRequestHeaders.resolveFirst("User-Agent").get()); m_variableRequestHeaders.resolveFirst("User-Agent").get());
ss << "\" "; ss << "\" ";
ss << *m_id.get() << " "; ss << m_id << " ";
/** TODO: Check variable */ /** TODO: Check variable */
ss << utils::string::dash_if_empty( ss << utils::string::dash_if_empty(
m_variableRequestHeaders.resolveFirst("REFERER").get()) << " "; m_variableRequestHeaders.resolveFirst("REFERER").get()) << " ";
@ -1556,10 +1553,10 @@ std::string Transaction::toOldAuditLogFormat(int parts,
audit_log << "--" << trailer << "-" << "A--" << std::endl; audit_log << "--" << trailer << "-" << "A--" << std::endl;
audit_log << tstr; audit_log << tstr;
audit_log << " " << m_id->c_str(); audit_log << " " << m_id;
audit_log << " " << this->m_clientIpAddress->c_str(); audit_log << " " << this->m_clientIpAddress;
audit_log << " " << this->m_clientPort; audit_log << " " << this->m_clientPort;
audit_log << " " << m_serverIpAddress->c_str(); audit_log << " " << m_serverIpAddress;
audit_log << " " << this->m_serverPort; audit_log << " " << this->m_serverPort;
audit_log << std::endl; audit_log << std::endl;
@ -1676,13 +1673,13 @@ std::string Transaction::toJSON(int parts) {
yajl_gen_map_open(g); yajl_gen_map_open(g);
/* Part: A (header mandatory) */ /* Part: A (header mandatory) */
LOGFY_ADD("client_ip", this->m_clientIpAddress->c_str()); LOGFY_ADD("client_ip", m_clientIpAddress.c_str());
LOGFY_ADD("time_stamp", ts.c_str()); LOGFY_ADD("time_stamp", ts.c_str());
LOGFY_ADD("server_id", uniqueId.c_str()); LOGFY_ADD("server_id", uniqueId.c_str());
LOGFY_ADD_NUM("client_port", m_clientPort); LOGFY_ADD_NUM("client_port", m_clientPort);
LOGFY_ADD("host_ip", m_serverIpAddress->c_str()); LOGFY_ADD("host_ip", m_serverIpAddress.c_str());
LOGFY_ADD_NUM("host_port", m_serverPort); LOGFY_ADD_NUM("host_port", m_serverPort);
LOGFY_ADD("unique_id", m_id->c_str()); LOGFY_ADD("unique_id", m_id.c_str());
/* request */ /* request */
yajl_gen_string(g, reinterpret_cast<const unsigned char*>("request"), yajl_gen_string(g, reinterpret_cast<const unsigned char*>("request"),
@ -1797,13 +1794,13 @@ std::string Transaction::toJSON(int parts) {
yajl_gen_map_open(g); yajl_gen_map_open(g);
LOGFY_ADD("match", a.m_match.c_str()); LOGFY_ADD("match", a.m_match.c_str());
LOGFY_ADD("reference", a.m_reference.c_str()); LOGFY_ADD("reference", a.m_reference.c_str());
LOGFY_ADD("ruleId", std::to_string(a.m_ruleId).c_str()); LOGFY_ADD("ruleId", std::to_string(a.m_rule.m_ruleId).c_str());
LOGFY_ADD("file", a.m_ruleFile->c_str()); LOGFY_ADD("file", a.m_rule.getFileName().c_str());
LOGFY_ADD("lineNumber", std::to_string(a.m_ruleLine).c_str()); LOGFY_ADD("lineNumber", std::to_string(a.m_rule.getLineNumber()).c_str());
LOGFY_ADD("data", a.m_data.c_str()); LOGFY_ADD("data", a.m_data.c_str());
LOGFY_ADD("severity", std::to_string(a.m_severity).c_str()); LOGFY_ADD("severity", std::to_string(a.m_severity).c_str());
LOGFY_ADD("ver", a.m_ver.c_str()); LOGFY_ADD("ver", a.m_rule.m_ver.c_str());
LOGFY_ADD("rev", a.m_rev.c_str()); LOGFY_ADD("rev", a.m_rule.m_rev.c_str());
yajl_gen_string(g, yajl_gen_string(g,
reinterpret_cast<const unsigned char*>("tags"), reinterpret_cast<const unsigned char*>("tags"),
@ -1816,8 +1813,8 @@ std::string Transaction::toJSON(int parts) {
} }
yajl_gen_array_close(g); yajl_gen_array_close(g);
LOGFY_ADD("maturity", std::to_string(a.m_maturity).c_str()); LOGFY_ADD("maturity", std::to_string(a.m_rule.m_maturity).c_str());
LOGFY_ADD("accuracy", std::to_string(a.m_accuracy).c_str()); LOGFY_ADD("accuracy", std::to_string(a.m_rule.m_accuracy).c_str());
yajl_gen_map_close(g); yajl_gen_map_close(g);
yajl_gen_map_close(g); yajl_gen_map_close(g);
} }
@ -2384,7 +2381,7 @@ extern "C" int msc_update_status_code(Transaction *transaction, int status) {
int Transaction::setRequestHostName(const std::string& hostname) { int Transaction::setRequestHostName(const std::string& hostname) {
if (hostname != "") { if (hostname != "") {
m_requestHostName = std::unique_ptr<std::string>(new std::string(hostname)); m_requestHostName = hostname;
} }
return true; return true;