github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 03:34:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring on the variables resoluvtion method

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-07-14 19:15:54 -03:00
parent 8c408ebcd7
commit 33dff0f1bf
8 changed files with 100 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/parser/seclang-parser.yy
View File

@@ -82,12 +82,13 @@ using ModSecurity::Rule;
%token <std::string> OPERATOR
%token <std::string> ACTION
%token <std::string> VARIABLE
%token <std::string> RUN_TIME_VAR_DUR
%token <std::string> TRANSFORMATION
%token <double> CONFIG_VALUE_NUMBER
%type <std::vector<Action *> *> actions
%type <std::vector<Variable> *> variables
%type <std::vector<Variable *> *> variables
%printer { yyoutput << $$; } <*>;
%%
@@ -232,14 +233,26 @@ expression:
variables:
variables PIPE VARIABLE
{
std::vector<Variable> *v = $1;
v->push_back(Variable($3));
std::vector<Variable *> *v = $1;
v->push_back(new Variable($3));
$$ = $1;
}
| VARIABLE
{
std::vector<Variable> *variables = new std::vector<Variable>;
variables->push_back(Variable($1));
std::vector<Variable *> *variables = new std::vector<Variable *>;
variables->push_back(new Variable($1));
$$ = variables;
}
| variables PIPE RUN_TIME_VAR_DUR
{
std::vector<Variable *> *v = $1;
v->push_back(new Variable($3));
$$ = $1;
}
| RUN_TIME_VAR_DUR
{
std::vector<Variable *> *variables = new std::vector<Variable *>;
variables->push_back(new Variable($1));
$$ = variables;
}

4
src/parser/seclang-scanner.ll
View File

@@ -56,7 +56,8 @@ OPERATORNOARG (?i:@detectSQLi|@detectXSS|@geoLookup|@validateUrlEncoding|@valida
TRANSFORMATION t:(lowercase|urlDecodeUni|urlDecode|none|compressWhitespace|removeWhitespace|replaceNulls|removeNulls|htmlEntityDecode|jsDecode|cssDecode|trim)
VARIABLE (?i:AUTH_TYPE|ARGS_NAMES|ARGS|QUERY_STRING|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_COOKIES_NAMES|REQUEST_COOKIES|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_HEADERS|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_HEADERS|RESPONSE_PROTOCOL|RESPONSE_STATUS|TX)
VARIABLE (?i:AUTH_TYPE|ARGS_NAMES|ARGS|QUERY_STRING|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_COOKIES_NAMES|REQUEST_COOKIES|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_HEADERS|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_HEADERS|RESPONSE_PROTOCOL|RESPONSE_STATUS|TX)
RUN_TIME_VAR_DUR (?i:DURATION)
VARIABLENOCOLON (?i:REQBODY_ERROR|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
@@ -121,6 +122,7 @@ FREE_TEXT [^\"]+
[,] { return yy::seclang_parser::make_COMMA(loc); }
[|] { return yy::seclang_parser::make_PIPE(loc); }
{VARIABLE}:?{DICT_ELEMENT}? { return yy::seclang_parser::make_VARIABLE(yytext, loc); }
{RUN_TIME_VAR_DUR} { return yy::seclang_parser::make_RUN_TIME_VAR_DUR(yytext, loc); }
{VARIABLENOCOLON} { return yy::seclang_parser::make_VARIABLE(yytext, loc); }
[ \t]+ { return yy::seclang_parser::make_SPACE(loc); }
\n { return yy::seclang_parser::make_NEW_LINE(loc); }