fix: remove target by {id,tag} are now considering collections

Fix issue #1409

src/rule.cc

@@ -530,15 +530,27 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
             for (auto &i : trans->m_ruleRemoveTargetByTag) {
                 std::string tag = i.first;
                 std::string args = i.second;
+                size_t posa = key->find(":");
+
                 if (containsTag(tag, trans) == false) {
                     continue;
                 }
+
                 if (args == *key) {
                     trans->debug(9, "Variable: " + *key +
                         " was excluded by ruleRemoteTargetByTag...");
                     ignoreVariable = true;
                     break;
                 }
+                if (posa != std::string::npos) {
+                    std::string var = std::string(*key, posa);
+                    if (var == args) {
+                        trans->debug(9, "Variable: " + *key +
+                            " was excluded by ruleRemoteTargetByTag...");
+                        ignoreVariable = true;
+                        break;
+                    }
+                }
             }
             if (ignoreVariable) {
                 if (v->m_dynamic) {
@@ -551,15 +563,29 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
             for (auto &i : trans->m_ruleRemoveTargetById) {
                 int id = i.first;
                 std::string args = i.second;
+                size_t posa = key->find(":");
+
                 if (m_ruleId != id) {
                     continue;
                 }
+
                 if (args == *key) {
                     trans->debug(9, "Variable: " + *key +
                         " was excluded by ruleRemoveTargetById...");
                     ignoreVariable = true;
                     break;
                 }
+                if (posa != std::string::npos) {
+                    if (key->size() > posa) {
+                        std::string var = std::string(*key, 0, posa);
+                        if (var == args) {
+                            trans->debug(9, "Variable: " + var +
+                                " was excluded by ruleRemoveTargetById...");
+                            ignoreVariable = true;
+                            break;
+                        }
+                    }
+                }
             }
             if (ignoreVariable) {
                 if (v->m_dynamic) {

test/test-cases/regression/action-ctl_rule_remove_target_by_id.json

@@ -2,9 +2,9 @@
   {
     "enabled":1,
     "version_min":300000,
-    "title":"Testing CtlRuleRemoteTargetById (1)",
+    "title":"Testing CtlRuleRemoveTargetById (1)",
     "expected":{
-      "debug_log": "Variable: ARGS:pwd was excluded by ruleRemoteTargetById..."
+      "debug_log": "Variable: ARGS:pwd was excluded by ruleRemoveTargetById..."
     },
     "client":{
       "ip":"200.249.12.31",
@@ -34,7 +34,7 @@
   {
     "enabled":1,
     "version_min":300000,
-    "title":"Testing CtlRuleRemoteTargetById (2)",
+    "title":"Testing CtlRuleRemoveTargetById (2)",
     "expected":{
       "debug_log": "Target value: .*Variable: ARGS:pwd"
     },
@@ -62,5 +62,37 @@
         "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=123;ARGS:pwd\"",
         "SecRule ARGS \"@contais whe\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\""
     ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing CtlRuleRemoveTargetById (3)",
+    "expected":{
+      "debug_log": "Variable: ARGS was excluded by ruleRemoveTargetById..."
+    },
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
+        "Content-Type": "text/xml"
+      },
+      "uri":"/wp-login.php?whee&pwd=lhebs",
+      "method":"GET",
+      "body": [ ]
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "rules":[
+        "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS\"",
+        "SecRule ARGS \"@contais whe\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS'\""
+    ]
   }
 ]

test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json

@@ -62,5 +62,37 @@
         "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"",
         "SecRule ARGS \"@contais whe\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\""
     ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing CtlRuleRemoteTargetByTag (3)",
+    "expected":{
+      "debug_log": "Target value: .*Variable: ARGS:pwd"
+    },
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
+        "Content-Type": "text/xml"
+      },
+      "uri":"/wp-login.php?whee&pwd=lhebs",
+      "method":"GET",
+      "body": [ ]
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "rules":[
+        "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS\"",
+        "SecRule ARGS \"@contais whe\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\""
+    ]
   }
 ]

test/test-cases/secrules-language-tests

@@ -1 +1 @@
-Subproject commit 1a572362156de9c570e2589c36d382bf59dcc1a0
+Subproject commit add8f637703ac2c069f1b650164b70cd35675228