github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-19 18:54:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

actions: Compute the rule association during rules load

Browse Source
This commit is contained in:
Felipe Zimmerle
2020-05-18 15:08:17 -03:00
parent a4cd7a0091
commit 2ee9ccffa9
83 changed files with 842 additions and 415 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/variables/duration.cc
View File

@@ -28,7 +28,6 @@ namespace modsecurity {
namespace variables {
void Duration::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
double e = utils::cpu_seconds() - transaction->m_creationTimeStamp;

1
src/variables/duration.h
View File

@@ -35,7 +35,6 @@ class Duration : public Variable {
m_retName("DURATION") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

1
src/variables/env.cc
View File

@@ -33,7 +33,6 @@ namespace modsecurity {
namespace variables {
void Env::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
for (char **current = environ; *current; current++) {
std::string env = std::string(*current);

1
src/variables/env.h
View File

@@ -34,7 +34,6 @@ class Env : public Variable {
: Variable(_name) { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
};

16
src/variables/global.h
View File

@@ -25,6 +25,7 @@
#include "src/variables/variable.h"
#include "src/run_time_string.h"
#include "src/variables/variable_with_runtime_string.h"
namespace modsecurity {
@@ -39,7 +40,6 @@ class Global_DictElement : public Variable {
m_dictElement("GLOBAL:" + dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_global_collection->resolveMultiMatches(
m_name, t->m_collections.m_global_collection_key,
@@ -56,7 +56,6 @@ class Global_NoDictElement : public Variable {
: Variable("GLOBAL") { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_global_collection->resolveMultiMatches("",
t->m_collections.m_global_collection_key,
@@ -72,7 +71,6 @@ class Global_DictElementRegexp : public VariableRegex {
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_global_collection->resolveRegularExpression(
m_dictElement,
@@ -84,14 +82,16 @@ class Global_DictElementRegexp : public VariableRegex {
};
class Global_DynamicElement : public Variable {
class Global_DynamicElement : public VariableWithRunTimeString {
public:
explicit Global_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("GLOBAL:dynamic"),
m_string(std::move(dictElement)) { }
: VariableWithRunTimeString(
"GLOBAL:dynamic",
std::move(dictElement)
)
{ };
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_global_collection->resolveMultiMatches(
@@ -113,8 +113,6 @@ class Global_DynamicElement : public Variable {
t->m_rules->m_secWebAppId.m_value,
value);
}
std::unique_ptr<RunTimeString> m_string;
};

1
src/variables/highest_severity.cc
View File

@@ -27,7 +27,6 @@ namespace modsecurity {
namespace variables {
void HighestSeverity::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
transaction->m_variableHighestSeverityAction.assign(
std::to_string(transaction->m_highestSeverityAction));

1
src/variables/highest_severity.h
View File

@@ -35,7 +35,6 @@ class HighestSeverity : public Variable {
{ }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
};

16
src/variables/ip.h
View File

@@ -25,6 +25,7 @@
#include "src/variables/variable.h"
#include "src/run_time_string.h"
#include "src/variables/variable_with_runtime_string.h"
namespace modsecurity {
@@ -39,7 +40,6 @@ class Ip_DictElement : public Variable {
m_dictElement("IP:" + dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_ip_collection->resolveMultiMatches(
m_name, t->m_collections.m_ip_collection_key,
@@ -56,7 +56,6 @@ class Ip_NoDictElement : public Variable {
: Variable("IP") { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_ip_collection->resolveMultiMatches("",
t->m_collections.m_ip_collection_key,
@@ -72,7 +71,6 @@ class Ip_DictElementRegexp : public VariableRegex {
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_ip_collection->resolveRegularExpression(
m_dictElement, t->m_collections.m_ip_collection_key,
@@ -83,14 +81,16 @@ class Ip_DictElementRegexp : public VariableRegex {
};
class Ip_DynamicElement : public Variable {
class Ip_DynamicElement : public VariableWithRunTimeString {
public:
explicit Ip_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("IP:dynamic"),
m_string(std::move(dictElement)) { }
: VariableWithRunTimeString(
"IP:dynamic",
std::move(dictElement)
)
{ }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_ip_collection->resolveMultiMatches(
@@ -112,8 +112,6 @@ class Ip_DynamicElement : public Variable {
t->m_rules->m_secWebAppId.m_value,
value);
}
std::unique_ptr<RunTimeString> m_string;
};

1
src/variables/modsec_build.cc
View File

@@ -25,7 +25,6 @@ namespace modsecurity {
namespace variables {
void ModsecBuild::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
l->push_back(new VariableValue(&m_retName, &m_build));

1
src/variables/modsec_build.h
View File

@@ -44,7 +44,6 @@ class ModsecBuild : public Variable {
}
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_build;

1
src/variables/remote_user.cc
View File

@@ -37,7 +37,6 @@ namespace variables {
void RemoteUser::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
size_t pos;
std::string base64;

1
src/variables/remote_user.h
View File

@@ -37,7 +37,6 @@ class RemoteUser : public Variable {
m_retName("REMOTE_USER") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

16
src/variables/resource.h
View File

@@ -25,6 +25,7 @@
#include "src/variables/variable.h"
#include "src/run_time_string.h"
#include "src/variables/variable_with_runtime_string.h"
namespace modsecurity {
@@ -39,7 +40,6 @@ class Resource_DictElement : public Variable {
m_dictElement("RESOURCE:" + dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_resource_collection->resolveMultiMatches(
m_name, t->m_collections.m_resource_collection_key,
@@ -56,7 +56,6 @@ class Resource_NoDictElement : public Variable {
: Variable("RESOURCE") { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_resource_collection->resolveMultiMatches(m_name,
t->m_collections.m_resource_collection_key,
@@ -72,7 +71,6 @@ class Resource_DictElementRegexp : public VariableRegex {
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_resource_collection->resolveRegularExpression(
m_dictElement, t->m_collections.m_resource_collection_key,
@@ -83,14 +81,16 @@ class Resource_DictElementRegexp : public VariableRegex {
};
class Resource_DynamicElement : public Variable {
class Resource_DynamicElement : public VariableWithRunTimeString {
public:
explicit Resource_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("RESOURCE:dynamic"),
m_string(std::move(dictElement)) { }
: VariableWithRunTimeString(
"RESOURCE:dynamic",
std::move(dictElement)
)
{ }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_resource_collection->resolveMultiMatches(
@@ -111,8 +111,6 @@ class Resource_DynamicElement : public Variable {
var, t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, value);
}
std::unique_ptr<RunTimeString> m_string;
};

147
src/variables/rule.h
View File

@@ -33,21 +33,32 @@ class Transaction;
namespace variables {
class Rule_DictElement : public VariableDictElement { \
class Rule_DictElement : public RuleVariable, public VariableDictElement {
public:
explicit Rule_DictElement(const std::string &dictElement)
: VariableDictElement(std::string("RULE"), dictElement) { }
: RuleVariable(),
VariableDictElement(
std::string("RULE"),
dictElement
)
{ };
Rule_DictElement(const Rule_DictElement &r)
: RuleVariable(),
VariableDictElement(r)
{ };
virtual Variable *clone() override {
return new Rule_DictElement(*this);
};
static void id(Transaction *t,
RuleWithActions *rule,
const RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
RuleWithActions *r = rule;
if (!r || r->getId() == 0) {
return;
}
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(std::to_string(r->getId()));
std::string *a = new std::string(std::to_string(rule->getId()));
VariableValue *var = new VariableValue(&m_rule, &m_rule_id,
a
);
@@ -59,18 +70,14 @@ class Rule_DictElement : public VariableDictElement { \
}
static void rev(Transaction *t,
RuleWithActions *rule,
const RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
RuleWithActions *r = rule;
if (!r) {
return;
}
if (r->hasRevisionAction()) {
if (rule->hasRevisionAction()) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(r->getRevision());
std::string *a = new std::string(rule->getRevision());
VariableValue *var = new VariableValue(&m_rule, &m_rule_rev,
a
);
@@ -84,17 +91,12 @@ class Rule_DictElement : public VariableDictElement { \
static void severity(Transaction *t,
RuleWithActions *rule,
const RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
RuleWithActions *r = rule;
if (!r) {
return;
}
if (r->hasSeverityAction()) {
if (rule->hasSeverityAction()) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(std::to_string(r->getSeverity()));
std::string *a = new std::string(std::to_string(rule->getSeverity()));
VariableValue *var = new VariableValue(&m_rule, &m_rule_severity,
a
);
@@ -104,21 +106,16 @@ class Rule_DictElement : public VariableDictElement { \
var->addOrigin(std::move(origin));
l->push_back(var);
}
}
static void logData(Transaction *t,
RuleWithActions *rule,
const RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
RuleWithActions *r = rule;
if (!r) {
return;
}
if (r->hasLogDataAction()) {
if (rule->hasLogDataAction()) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(r->getLogData(t));
std::string *a = new std::string(rule->getLogData(t));
VariableValue *var = new VariableValue(&m_rule, &m_rule_logdata,
a
);
@@ -131,17 +128,12 @@ class Rule_DictElement : public VariableDictElement { \
}
static void msg(Transaction *t,
RuleWithActions *rule,
const RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
RuleWithActions *r = rule;
if (!r) {
return;
}
if (r->hasMessageAction()) {
if (rule->hasMessageAction()) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(r->getMessage(t));
std::string *a = new std::string(rule->getMessage(t));
VariableValue *var = new VariableValue(&m_rule, &m_rule_msg,
a
);
@@ -154,26 +146,26 @@ class Rule_DictElement : public VariableDictElement { \
}
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
if (m_dictElement == "id") {
id(t, rule, l);
id(t, getRule(), l);
return;
}
if (m_dictElement == "rev") {
rev(t, rule, l);
rev(t, getRule(), l);
return;
}
if (m_dictElement == "severity") {
severity(t, rule, l);
severity(t, getRule(), l);
return;
}
if (m_dictElement == "logdata") {
logData(t, rule, l);
logData(t, getRule(), l);
return;
}
if (m_dictElement == "msg") {
msg(t, rule, l);
msg(t, getRule(), l);
return;
}
}
@@ -187,52 +179,77 @@ class Rule_DictElement : public VariableDictElement { \
};
class Rule_DictElementRegexp : public VariableRegex {
class Rule_DictElementRegexp : public RuleVariable, public VariableRegex {
public:
explicit Rule_DictElementRegexp(const std::string &regex)
: VariableRegex("RULE", regex) { }
: RuleVariable(),
VariableRegex("RULE", regex)
{ };
Rule_DictElementRegexp(const Rule_DictElementRegexp &r)
: RuleVariable(),
VariableRegex(r)
{ };
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
if (Utils::regex_search("id", m_r) > 0) {
Rule_DictElement::id(t, rule, l);
Rule_DictElement::id(t, getRule(), l);
return;
}
if (Utils::regex_search("rev", m_r) > 0) {
Rule_DictElement::rev(t, rule, l);
Rule_DictElement::rev(t, getRule(), l);
return;
}
if (Utils::regex_search("severity", m_r) > 0) {
Rule_DictElement::severity(t, rule, l);
Rule_DictElement::severity(t, getRule(), l);
return;
}
if (Utils::regex_search("logdata", m_r) > 0) {
Rule_DictElement::logData(t, rule, l);
Rule_DictElement::logData(t, getRule(), l);
return;
}
if (Utils::regex_search("msg", m_r) > 0) {
Rule_DictElement::msg(t, rule, l);
Rule_DictElement::msg(t, getRule(), l);
return;
}
}
virtual Variable *clone() override {
return new Rule_DictElementRegexp(*this);
};
};
class Rule_NoDictElement : public Variable {
class Rule_NoDictElement : public RuleVariable, public Variable {
public:
explicit Rule_NoDictElement()
: Variable("RULE") { }
Rule_NoDictElement()
: RuleVariable(),
Variable("RULE")
{ };
explicit Rule_NoDictElement(const Rule_DictElementRegexp &r)
: RuleVariable(),
Variable(r)
{ };
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
Rule_DictElement::id(t, rule, l);
Rule_DictElement::rev(t, rule, l);
Rule_DictElement::severity(t, rule, l);
Rule_DictElement::logData(t, rule, l);
Rule_DictElement::msg(t, rule, l);
Rule_DictElement::id(t, getRule(), l);
Rule_DictElement::rev(t, getRule(), l);
Rule_DictElement::severity(t, getRule(), l);
Rule_DictElement::logData(t, getRule(), l);
Rule_DictElement::msg(t, getRule(), l);
}
virtual Variable *clone() override {
return new Rule_NoDictElement(*this);
};
};
// DEFINE_VARIABLE_DICT(Rule, RULE, m_variableRule)

60
src/variables/rule_variable.h Normal file
View File

@@ -0,0 +1,60 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <string>
#include <vector>
#include <list>
#ifndef SRC_VARIABLES_RULE_VARIABLE_H_
#define SRC_VARIABLES_RULE_VARIABLE_H_
#include "src/rule_with_actions.h"
namespace modsecurity {
class Transaction;
namespace variables {
class RuleVariable {
public:
RuleVariable()
: m_rule(nullptr)
{ };
RuleVariable(const RuleVariable &a)
: m_rule(a.m_rule)
{ };
void populate(const RuleWithActions *rule) {
m_rule = rule;
}
const RuleWithActions *getRule() const noexcept {
return m_rule;
}
virtual Variable* clone() = 0;
private:
const RuleWithActions *m_rule;
};
} // namespace variables
} // namespace modsecurity
#endif // SRC_VARIABLES_RULE_VARIABLE_H_

15
src/variables/session.h
View File

@@ -39,7 +39,6 @@ class Session_DictElement : public Variable {
m_dictElement("SESSION:" + dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_session_collection->resolveMultiMatches(
m_name, t->m_collections.m_session_collection_key,
@@ -56,7 +55,6 @@ class Session_NoDictElement : public Variable {
: Variable("SESSION") { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_session_collection->resolveMultiMatches("",
t->m_collections.m_session_collection_key,
@@ -72,7 +70,6 @@ class Session_DictElementRegexp : public VariableRegex {
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_session_collection->resolveRegularExpression(
m_dictElement, t->m_collections.m_session_collection_key,
@@ -83,14 +80,16 @@ class Session_DictElementRegexp : public VariableRegex {
};
class Session_DynamicElement : public Variable {
class Session_DynamicElement : public VariableWithRunTimeString {
public:
explicit Session_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("SESSION:dynamic"),
m_string(std::move(dictElement)) { }
: VariableWithRunTimeString(
"SESSION:dynamic",
std::move(dictElement)
)
{ }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_session_collection->resolveMultiMatches(
@@ -112,8 +111,6 @@ class Session_DynamicElement : public Variable {
t->m_rules->m_secWebAppId.m_value,
value);
}
std::unique_ptr<RunTimeString> m_string;
};

1
src/variables/time.cc
View File

@@ -34,7 +34,6 @@ namespace modsecurity {
namespace variables {
void Time::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
char tstr[200];

1
src/variables/time.h
View File

@@ -36,7 +36,6 @@ class Time : public Variable {
m_retName("TIME") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

1
src/variables/time_day.cc
View File

@@ -34,7 +34,6 @@ namespace modsecurity {
namespace variables {
void TimeDay::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
char tstr[200];
struct tm timeinfo;

1
src/variables/time_day.h
View File

@@ -35,7 +35,6 @@ class TimeDay : public Variable {
m_retName("TIME_DAY") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

1
src/variables/time_epoch.cc
View File

@@ -34,7 +34,6 @@ namespace modsecurity {
namespace variables {
void TimeEpoch::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
transaction->m_variableTimeEpoch.assign(
std::to_string(std::time(nullptr)));

1
src/variables/time_epoch.h
View File

@@ -35,7 +35,6 @@ class TimeEpoch : public Variable {
m_retName("TIME_EPOCH") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

1
src/variables/time_hour.cc
View File

@@ -34,7 +34,6 @@ namespace modsecurity {
namespace variables {
void TimeHour::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
char tstr[200];
struct tm timeinfo;

1
src/variables/time_hour.h
View File

@@ -35,7 +35,6 @@ class TimeHour : public Variable {
m_retName("TIME_HOUR") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

1
src/variables/time_min.cc
View File

@@ -34,7 +34,6 @@ namespace modsecurity {
namespace variables {
void TimeMin::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
char tstr[200];
struct tm timeinfo;

1
src/variables/time_min.h
View File

@@ -35,7 +35,6 @@ class TimeMin : public Variable {
m_retName("TIME_MIN") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

1
src/variables/time_mon.cc
View File

@@ -34,7 +34,6 @@ namespace modsecurity {
namespace variables {
void TimeMon::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
char tstr[200];
struct tm timeinfo;

1
src/variables/time_mon.h
View File

@@ -35,7 +35,6 @@ class TimeMon : public Variable {
m_retName("TIME_MON") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

1
src/variables/time_sec.cc
View File

@@ -34,7 +34,6 @@ namespace modsecurity {
namespace variables {
void TimeSec::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
char tstr[200];
struct tm timeinfo;

1
src/variables/time_sec.h
View File

@@ -35,7 +35,6 @@ class TimeSec : public Variable {
m_retName("TIME_SEC") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

1
src/variables/time_wday.cc
View File

@@ -34,7 +34,6 @@ namespace modsecurity {
namespace variables {
void TimeWDay::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
char tstr[200];
struct tm timeinfo;

1
src/variables/time_wday.h
View File

@@ -35,7 +35,6 @@ class TimeWDay : public Variable {
m_retName("TIME_WDAY") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

1
src/variables/time_year.cc
View File

@@ -34,7 +34,6 @@ namespace modsecurity {
namespace variables {
void TimeYear::evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) {
char tstr[200];
struct tm timeinfo;

1
src/variables/time_year.h
View File

@@ -35,7 +35,6 @@ class TimeYear : public Variable {
m_retName("TIME_YEAR") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
std::string m_retName;
};

16
src/variables/tx.h
View File

@@ -25,6 +25,7 @@
#include "src/variables/variable.h"
#include "src/run_time_string.h"
#include "src/variables/variable_with_runtime_string.h"
namespace modsecurity {
@@ -39,7 +40,6 @@ class Tx_DictElement : public Variable {
m_dictElement("TX:" + dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_tx_collection->resolveMultiMatches(
m_name, l, m_keyExclusion);
@@ -55,7 +55,6 @@ class Tx_NoDictElement : public Variable {
: Variable("TX") { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_tx_collection->resolveMultiMatches("", l,
m_keyExclusion);
@@ -70,7 +69,6 @@ class Tx_DictElementRegexp : public VariableRegex {
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_tx_collection->resolveRegularExpression(
m_dictElement, l, m_keyExclusion);
@@ -80,14 +78,16 @@ class Tx_DictElementRegexp : public VariableRegex {
};
class Tx_DynamicElement : public Variable {
class Tx_DynamicElement : public VariableWithRunTimeString {
public:
explicit Tx_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("TX:dynamic"),
m_string(std::move(dictElement)) { }
: VariableWithRunTimeString(
"TX:dynamic",
std::move(dictElement)
)
{ }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_tx_collection->resolveMultiMatches(string, l,
@@ -102,8 +102,6 @@ class Tx_DynamicElement : public Variable {
std::string value) {
t->m_collections.m_tx_collection->storeOrUpdateFirst(var, value);
}
std::unique_ptr<RunTimeString> m_string;
};

16
src/variables/user.h
View File

@@ -25,6 +25,7 @@
#include "src/variables/variable.h"
#include "src/run_time_string.h"
#include "src/variables/variable_with_runtime_string.h"
namespace modsecurity {
@@ -39,7 +40,6 @@ class User_DictElement : public Variable {
m_dictElement("USER:" + dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_user_collection->resolveMultiMatches(
m_name, t->m_collections.m_user_collection_key,
@@ -56,7 +56,6 @@ class User_NoDictElement : public Variable {
: Variable("USER") { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_user_collection->resolveMultiMatches(m_name,
t->m_collections.m_user_collection_key,
@@ -72,7 +71,6 @@ class User_DictElementRegexp : public VariableRegex {
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
t->m_collections.m_user_collection->resolveRegularExpression(
m_dictElement, t->m_collections.m_user_collection_key,
@@ -83,14 +81,16 @@ class User_DictElementRegexp : public VariableRegex {
};
class User_DynamicElement : public Variable {
class User_DynamicElement : public VariableWithRunTimeString {
public:
explicit User_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: Variable("USER:dynamic"),
m_string(std::move(dictElement)) { }
: VariableWithRunTimeString(
"USER:dynamic",
std::move(dictElement)
)
{ }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
std::string string = m_string->evaluate(t);
t->m_collections.m_user_collection->resolveMultiMatches(
@@ -112,8 +112,6 @@ class User_DynamicElement : public Variable {
t->m_rules->m_secWebAppId.m_value,
value);
}
std::unique_ptr<RunTimeString> m_string;
};

57
src/variables/variable.h
View File

@@ -23,7 +23,6 @@
#include "modsecurity/rules_set.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/utils/string.h"
#include "src/utils/regex.h"
@@ -49,7 +48,6 @@ class n ## _DictElementRegexp : public VariableRegex { \
: VariableRegex(#N, regex) { } \
\
void evaluate(Transaction *transaction, \
RuleWithActions *rule, \
std::vector<const VariableValue *> *l) override { \
transaction-> e .resolveRegularExpression(&m_r, l, \
m_keyExclusion); \
@@ -64,7 +62,6 @@ class n ## _DictElement : public VariableDictElement { \
: VariableDictElement(#N, dictElement) { } \
\
void evaluate(Transaction *transaction, \
RuleWithActions *rule, \
std::vector<const VariableValue *> *l) override { \
transaction-> e .resolve(m_dictElement, l); \
} \
@@ -78,7 +75,6 @@ class n ## _NoDictElement : public Variable { \
: Variable(#N) { } \
\
void evaluate(Transaction *transaction, \
RuleWithActions *rule, \
std::vector<const VariableValue *> *l) override { \
transaction-> e .resolve(l, m_keyExclusion); \
} \
@@ -92,13 +88,14 @@ class n : public Variable { \
: Variable(#N) { } \
\
void evaluate(Transaction *transaction, \
RuleWithActions *rule, \
std::vector<const VariableValue *> *l) override { \
transaction-> e .evaluate(l); \
} \
};
// FIXME: Copy methods for variables modificators needs to be done.
namespace modsecurity {
class Transaction;
@@ -151,8 +148,19 @@ class KeyExclusionString : public KeyExclusion {
class KeyExclusions : public std::deque<std::unique_ptr<KeyExclusion>> {
public:
KeyExclusions() {
}
KeyExclusions()
: std::deque<std::unique_ptr<KeyExclusion>>()
{ };
KeyExclusions(const KeyExclusions &k)
: std::deque<std::unique_ptr<KeyExclusion>>()
{
//for (auto &a : k) {
//}
};
bool toOmit(std::string a) {
for (auto &z : *this) {
@@ -545,12 +553,20 @@ class VariableMonkeyResolution {
class Variable : public VariableMonkeyResolution {
public:
explicit Variable(const std::string &name);
explicit Variable(Variable *_name);
Variable(const Variable &v)
: m_name(v.m_name),
m_collectionName(v.m_collectionName),
m_fullName(v.m_fullName),
m_keyExclusion(v.m_keyExclusion)
{ };
virtual ~Variable() { }
virtual void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) = 0;
@@ -586,7 +602,14 @@ class Variable : public VariableMonkeyResolution {
class VariableDictElement : public Variable {
public:
VariableDictElement(const std::string &name, const std::string &dict_element)
: m_dictElement(dict_element), Variable(name + ":" + dict_element) { }
: m_dictElement(dict_element), Variable(name + ":" + dict_element)
{ };
VariableDictElement(const VariableDictElement &v)
: m_dictElement(v.m_dictElement),
Variable(v)
{ };
std::string m_dictElement;
};
@@ -597,7 +620,15 @@ class VariableRegex : public Variable {
VariableRegex(const std::string &name, const std::string &regex)
: m_r(regex),
m_regex(regex),
Variable(name + ":" + "regex(" + regex + ")") { }
Variable(name + ":" + "regex(" + regex + ")")
{ }
VariableRegex(const VariableRegex &v)
: m_r(v.m_regex),
m_regex(v.m_regex),
Variable(v)
{ };
Utils::Regex m_r;
// FIXME: no need for that.
@@ -644,9 +675,8 @@ class VariableModificatorExclusion : public Variable {
m_base(std::move(var)) { }
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
m_base->evaluate(t, rule, l);
m_base->evaluate(t, l);
}
std::unique_ptr<Variable> m_base;
@@ -662,13 +692,12 @@ class VariableModificatorCount : public Variable {
}
void evaluate(Transaction *t,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
std::vector<const VariableValue *> reslIn;
VariableValue *val = NULL;
int count = 0;
m_base->evaluate(t, rule, &reslIn);
m_base->evaluate(t, &reslIn);
for (const VariableValue *a : reslIn) {
count++;

61
src/variables/variable_with_runtime_string.h Normal file
View File

@@ -0,0 +1,61 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "src/variables/variable.h"
#include "src/run_time_string.h"
#ifndef SRC_VARIABLES_VARIABLE_WITH_RUN_TIME_STRING_H_
#define SRC_VARIABLES_VARIABLE_WITH_RUN_TIME_STRING_H_
namespace modsecurity {
namespace variables {
class VariableWithRunTimeString : public Variable {
public:
VariableWithRunTimeString(const std::string &name, std::unique_ptr<RunTimeString> string)
: Variable(name),
m_string(std::move(string))
{ };
VariableWithRunTimeString(const VariableWithRunTimeString &v)
: Variable(v),
m_string(std::unique_ptr<RunTimeString>(new RunTimeString(*v.m_string.get())))
{ };
VariableWithRunTimeString& operator=(const VariableWithRunTimeString& v)
{
m_string = std::unique_ptr<RunTimeString>(new RunTimeString(*v.m_string.get()));
return *this;
}
virtual void populate(RuleWithActions *rule) {
if (m_string) {
m_string->populate(rule);
}
}
std::string evaluateRunTimeString(Transaction *t) {
return m_string->evaluate(t);
}
protected:
std::unique_ptr<RunTimeString> m_string;
};
} // namespace variables
} // namespace modsecurity
#endif // SRC_VARIABLES_VARIABLE_WITH_RUN_TIME_STRING_H_

1
src/variables/web_app_id.h
View File

@@ -36,7 +36,6 @@ class WebAppId : public Variable {
: Variable("WEBAPPID") { }
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
const std::string rname = transaction->m_rules->m_secWebAppId.m_value;
l->push_back(new VariableValue(&m_name, &rname));

20
src/variables/xml.cc
View File

@@ -49,13 +49,11 @@ namespace modsecurity {
namespace variables {
#ifndef WITH_LIBXML2
void XML::evaluate(Transaction *t,
RuleWithActions *rule,
void XML_WithNSPath::evaluate(Transaction *t,
std::vector<const VariableValue *> *l) { }
#else
void XML::evaluate(Transaction *t,
RuleWithActions *rule,
void XML_WithNSPath::evaluate(Transaction *t,
std::vector<const VariableValue *> *l) {
xmlXPathContextPtr xpathCtx;
xmlXPathObjectPtr xpathObj;
@@ -88,20 +86,20 @@ void XML::evaluate(Transaction *t,
return;
}
if (rule == NULL) {
if (getRule() == NULL) {
ms_dbg_a(t, 2, "XML: Can't look for xmlns, internal error.");
} else {
std::vector<actions::XmlNS *> acts = rule->getXmlNSsPtr();
XmlNSsPtr acts = getRule()->getXmlNSsPtr();
for (auto &z : acts) {
if (xmlXPathRegisterNs(xpathCtx, (const xmlChar*)z->m_scope.c_str(),
(const xmlChar*)z->m_href.c_str()) != 0) {
if (xmlXPathRegisterNs(xpathCtx, (const xmlChar*)z->getScope().c_str(),
(const xmlChar*)z->getHref().c_str()) != 0) {
ms_dbg_a(t, 1, "Failed to register XML namespace href \"" + \
z->m_href + "\" prefix \"" + z->m_scope + "\".");
z->getHref() + "\" prefix \"" + z->getScope() + "\".");
return;
}
ms_dbg_a(t, 4, "Registered XML namespace href \"" + z->m_href + \
"\" prefix \"" + z->m_scope + "\"");
ms_dbg_a(t, 4, "Registered XML namespace href \"" + z->getHref() + \
"\" prefix \"" + z->getScope() + "\"");
}
}

44
src/variables/xml.h
View File

@@ -24,43 +24,63 @@
#include "src/variables/variable.h"
#include "src/variables/xml.h"
#include "src/variables/rule_variable.h"
namespace modsecurity {
class Transaction;
namespace variables {
/* Invocation without an XPath expression makes sense
* with functions that manipulate the document tree.
*/
class XML_NoDictElement : public Variable {
class XML_WithoutNSPath : public RuleVariable, public Variable {
public:
XML_NoDictElement()
: Variable("XML"),
XML_WithoutNSPath()
: RuleVariable(),
Variable("XML"),
m_plain("[XML document tree]"),
m_var(&m_name, &m_plain) {
}
m_var(&m_name, &m_plain)
{ };
XML_WithoutNSPath(const XML_WithoutNSPath &r)
: RuleVariable(r),
Variable(r),
m_plain(r.m_plain),
m_var(r.m_var)
{ };
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override {
l->push_back(new VariableValue(&m_var));
}
virtual variables::Variable *clone() override {
return new XML_WithoutNSPath(*this);
};
std::string m_plain;
VariableValue m_var;
};
class XML : public Variable {
class XML_WithNSPath : public RuleVariable, public VariableDictElement {
public:
explicit XML(const std::string &_name)
: Variable(_name) { }
explicit XML_WithNSPath(const std::string &nsPath)
: RuleVariable(),
VariableDictElement("XML", nsPath)
{ };
XML_WithNSPath(const XML_WithNSPath &r)
: RuleVariable(),
VariableDictElement(r)
{ };
void evaluate(Transaction *transaction,
RuleWithActions *rule,
std::vector<const VariableValue *> *l) override;
virtual Variable *clone() override {
return new XML_WithNSPath(*this);
};
};