diff --git a/headers/modsecurity/actions/action.h b/headers/modsecurity/actions/action.h index f42991df..72a95069 100644 --- a/headers/modsecurity/actions/action.h +++ b/headers/modsecurity/actions/action.h @@ -39,35 +39,27 @@ namespace actions { class Action { public: - explicit Action(const std::string& _action) - : m_isNone(false), - temporaryAction(false), - action_kind(2), + : m_actionKind(2), m_name(nullptr), m_parser_payload("") { set_name_and_payload(_action); } + Action(const std::string& _action, int kind) - : m_isNone(false), - temporaryAction(false), - action_kind(kind), + : m_actionKind(kind), m_name(nullptr), m_parser_payload("") { set_name_and_payload(_action); } Action(const Action &a) - : m_isNone(a.m_isNone), - temporaryAction(a.temporaryAction), - action_kind(a.action_kind), + : m_actionKind(a.m_actionKind), m_name(a.m_name), m_parser_payload(a.m_parser_payload) { } Action &operator=(const Action& a) { - m_isNone = a.m_isNone; - temporaryAction = a.temporaryAction; - action_kind = a.action_kind; + m_actionKind = a.m_actionKind; m_name = a.m_name; m_parser_payload = a.m_parser_payload; return *this; @@ -75,52 +67,24 @@ class Action { virtual ~Action() { } + virtual bool init(std::string *error) { return true; } + virtual std::string execute(const std::string &exp, Transaction *transaction); - virtual bool execute(RuleWithActions *rule, Transaction *transaction); - + virtual bool execute(RuleWithActions *rule, + Transaction *transaction); /** * This method is meant to be used by transformations — a particular * type of action. * */ virtual void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { }; - virtual bool init(std::string *error) { return true; } virtual bool isDisruptive() { return false; } - - void set_name_and_payload(const std::string& data) { - size_t pos = data.find(":"); - std::string t = "t:"; - - if (data.compare(0, t.length(), t) == 0) { - pos = data.find(":", 2); - } - - if (pos == std::string::npos) { - m_name = std::shared_ptr(new std::string(data)); - return; - } - - m_name = std::shared_ptr(new std::string(data, 0, pos)); - m_parser_payload = std::string(data, pos + 1, data.length()); - - if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) { - m_parser_payload.erase(0, 1); - m_parser_payload.pop_back(); - } - } - - bool m_isNone; - bool temporaryAction; - int action_kind; - std::shared_ptr m_name; - std::string m_parser_payload; - /** * * Define the action kind regarding to the execution time. @@ -152,7 +116,35 @@ class Action { */ RunTimeOnlyIfMatchKind, }; - }; + + int m_actionKind; + std::shared_ptr m_name; + std::string m_parser_payload; + + private: + + void set_name_and_payload(const std::string& data) { + size_t pos = data.find(":"); + std::string t = "t:"; + + if (data.compare(0, t.length(), t) == 0) { + pos = data.find(":", 2); + } + + if (pos == std::string::npos) { + m_name = std::shared_ptr(new std::string(data)); + return; + } + + m_name = std::shared_ptr(new std::string(data, 0, pos)); + m_parser_payload = std::string(data, pos + 1, data.length()); + + if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) { + m_parser_payload.erase(0, 1); + m_parser_payload.pop_back(); + } + } +}; } // namespace actions diff --git a/headers/modsecurity/modsecurity.h b/headers/modsecurity/modsecurity.h index 7eac444c..51e64f53 100644 --- a/headers/modsecurity/modsecurity.h +++ b/headers/modsecurity/modsecurity.h @@ -89,6 +89,12 @@ typedef struct ModSecurity_t modsecurity; #else namespace modsecurity { + /** + * Further that will be changed to be a stack-based string, + * for the benefit of performance. + */ + using ModSecString = std::string; + /** * * The Phases enumerator consists in mapping the different stages of a diff --git a/headers/modsecurity/rule_with_actions.h b/headers/modsecurity/rule_with_actions.h index d71ffeea..085a65dd 100644 --- a/headers/modsecurity/rule_with_actions.h +++ b/headers/modsecurity/rule_with_actions.h @@ -64,18 +64,17 @@ using MatchActionsPtr = std::vector; using XmlNSs = std::vector >; using XmlNSsPtr = std::vector; -using ModSecStackString = std::basic_string, std::allocator >; class TransformationResult { public: TransformationResult( - ModSecStackString *after, + ModSecString *after, std::string *transformation) : m_after(*after), m_transformation(transformation) { }; explicit TransformationResult( - ModSecStackString *after) + ModSecString *after) : m_after(*after), m_transformation(nullptr) { }; @@ -84,7 +83,7 @@ class TransformationResult { m_transformation(t2.m_transformation) { }; - ModSecStackString *getAfter() { + ModSecString *getAfter() { return &m_after; } @@ -95,7 +94,7 @@ class TransformationResult { private: - ModSecStackString m_after; + ModSecString m_after; std::string *m_transformation; }; @@ -224,7 +223,7 @@ class RuleWithActions : public Rule { static void executeTransformation( Transaction *transaction, - ModSecStackString in, + ModSecString in, TransformationsResults *ret, Transformation *transformation); diff --git a/headers/modsecurity/rules.h b/headers/modsecurity/rules.h index 1ed88ebc..43198b7c 100644 --- a/headers/modsecurity/rules.h +++ b/headers/modsecurity/rules.h @@ -40,52 +40,20 @@ namespace modsecurity { class Rules { public: - void dump() const { - for (int j = 0; j < m_rules.size(); j++) { - std::cout << " Rule ID: " << m_rules.at(j)->getReference(); - std::cout << "--" << m_rules.at(j) << std::endl; - } - } + void dump() const; - int append(Rules *from, const std::vector &ids, std::ostringstream *err) { - size_t j = 0; - for (; j < from->size(); j++) { - RuleWithOperator *rule = dynamic_cast(from->at(j).get()); - if (rule && std::binary_search(ids.begin(), ids.end(), rule->getId())) { - if (err != NULL) { - *err << "Rule id: " << std::to_string(rule->getId()) \ - << " is duplicated" << std::endl; - } - return -1; - } - } - m_rules.insert(m_rules.end(), from->m_rules.begin(), from->m_rules.end()); - return j; - } + int append(Rules *from, const std::vector &ids, std::ostringstream *err); - bool insert(const std::shared_ptr &rule) { - return insert(rule, nullptr, nullptr); - } + bool insert(const std::shared_ptr &rule); - bool insert(std::shared_ptr rule, const std::vector *ids, std::ostringstream *err) { - RuleWithOperator *r = dynamic_cast(rule.get()); - if (r && ids != nullptr && std::binary_search(ids->begin(), ids->end(), r->getId())) { - if (err != nullptr) { - *err << "Rule id: " << std::to_string(r->getId()) \ - << " is duplicated" << std::endl; - } - return false; - } - m_rules.push_back(rule); - return true; - } + bool insert(std::shared_ptr rule, const std::vector *ids, std::ostringstream *err); + + size_t size() const; + std::shared_ptr operator[](int index) const; + std::shared_ptr at(int index) const; void fixDefaultActions(); - size_t size() const { return m_rules.size(); } - std::shared_ptr operator[](int index) const { return m_rules[index]; } - std::shared_ptr at(int index) const { return m_rules[index]; } - std::vector > m_defaultActions; std::vector > m_defaultTransformations; diff --git a/headers/modsecurity/transaction.h b/headers/modsecurity/transaction.h index a99e9bd0..0752780c 100644 --- a/headers/modsecurity/transaction.h +++ b/headers/modsecurity/transaction.h @@ -49,7 +49,6 @@ typedef struct Rules_t RulesSet; #include "modsecurity/collection/collection.h" #include "modsecurity/variable_origin.h" - #ifndef NO_LOGS #define ms_dbg(b, c) \ do { \ diff --git a/src/Makefile.am b/src/Makefile.am index e6496ccc..b90e2ffb 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -42,10 +42,6 @@ pkginclude_HEADERS = \ ../headers/modsecurity/intervention.h \ ../headers/modsecurity/modsecurity.h \ ../headers/modsecurity/rule.h \ - ../headers/modsecurity/rule_marker.h \ - ../headers/modsecurity/rule_unconditional.h \ - ../headers/modsecurity/rule_with_actions.h \ - ../headers/modsecurity/rule_with_operator.h \ ../headers/modsecurity/rules.h \ ../headers/modsecurity/rule_message.h \ ../headers/modsecurity/rules_set.h \ @@ -286,6 +282,7 @@ libmodsecurity_la_SOURCES = \ debug_log/debug_log_writer.cc \ run_time_string.cc \ rule.cc \ + rules.cc \ rule_unconditional.cc \ rule_with_actions.cc \ rule_with_operator.cc \ diff --git a/src/actions/accuracy.cc b/src/actions/accuracy.cc index 7fcd44bc..66cb913d 100644 --- a/src/actions/accuracy.cc +++ b/src/actions/accuracy.cc @@ -21,7 +21,7 @@ #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" #include "modsecurity/rule.h" - +#include "modsecurity/rule_with_actions.h" namespace modsecurity { namespace actions { diff --git a/src/actions/block.cc b/src/actions/block.cc index 757c1d12..c20cf6ab 100644 --- a/src/actions/block.cc +++ b/src/actions/block.cc @@ -24,6 +24,7 @@ #include "modsecurity/rule.h" #include "modsecurity/intervention.h" #include "src/actions/data/status.h" +#include "modsecurity/rule_with_actions.h" namespace modsecurity { namespace actions { diff --git a/src/actions/chain.cc b/src/actions/chain.cc index bcd27a74..b2ac0990 100644 --- a/src/actions/chain.cc +++ b/src/actions/chain.cc @@ -20,6 +20,8 @@ #include "modsecurity/transaction.h" #include "modsecurity/rule.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/maturity.cc b/src/actions/maturity.cc index 33b78855..1d6ae4a0 100644 --- a/src/actions/maturity.cc +++ b/src/actions/maturity.cc @@ -21,7 +21,7 @@ #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" #include "modsecurity/rule.h" - +#include "modsecurity/rule_with_actions.h" namespace modsecurity { namespace actions { diff --git a/src/actions/phase.cc b/src/actions/phase.cc index 3099592b..4cba84c4 100644 --- a/src/actions/phase.cc +++ b/src/actions/phase.cc @@ -22,6 +22,7 @@ #include "modsecurity/rule.h" #include "modsecurity/modsecurity.h" #include "src/utils/string.h" +#include "modsecurity/rule_with_actions.h" namespace modsecurity { diff --git a/src/actions/rev.cc b/src/actions/rev.cc index 86369ebb..e2ec45e7 100644 --- a/src/actions/rev.cc +++ b/src/actions/rev.cc @@ -21,6 +21,7 @@ #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" #include "modsecurity/rule.h" +#include "modsecurity/rule_with_actions.h" namespace modsecurity { diff --git a/src/actions/rule_id.cc b/src/actions/rule_id.cc index 7d68fe60..40424933 100644 --- a/src/actions/rule_id.cc +++ b/src/actions/rule_id.cc @@ -20,6 +20,8 @@ #include "modsecurity/transaction.h" #include "modsecurity/rule.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/set_env.cc b/src/actions/set_env.cc index e5d080bb..2d92d48c 100644 --- a/src/actions/set_env.cc +++ b/src/actions/set_env.cc @@ -21,6 +21,8 @@ #include "modsecurity/transaction.h" #include "modsecurity/rule.h" #include "src/utils/string.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/set_var.cc b/src/actions/set_var.cc index e97297e5..2ae13606 100644 --- a/src/actions/set_var.cc +++ b/src/actions/set_var.cc @@ -30,6 +30,7 @@ #include "src/variables/tx.h" #include "src/variables/user.h" #include "src/variables/variable.h" +#include "modsecurity/rule_with_operator.h" namespace modsecurity { namespace actions { diff --git a/src/actions/transformations/base64_decode.cc b/src/actions/transformations/base64_decode.cc index 08d72f11..40a7a442 100644 --- a/src/actions/transformations/base64_decode.cc +++ b/src/actions/transformations/base64_decode.cc @@ -33,8 +33,8 @@ namespace transformations { void Base64Decode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { std::string value(in.c_str(), in.size()); std::string ret = Utils::Base64::decode(value); out.assign(ret.c_str(), ret.size()); diff --git a/src/actions/transformations/base64_decode.h b/src/actions/transformations/base64_decode.h index 55e172a4..e96c1e15 100644 --- a/src/actions/transformations/base64_decode.h +++ b/src/actions/transformations/base64_decode.h @@ -34,8 +34,8 @@ class Base64Decode : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/base64_decode_ext.cc b/src/actions/transformations/base64_decode_ext.cc index 07a77ad0..f582d7e4 100644 --- a/src/actions/transformations/base64_decode_ext.cc +++ b/src/actions/transformations/base64_decode_ext.cc @@ -33,8 +33,8 @@ namespace transformations { void Base64DecodeExt::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { std::string ret = Utils::Base64::decode_forgiven(in.c_str()); out.assign(ret.c_str(), ret.size()); } diff --git a/src/actions/transformations/base64_decode_ext.h b/src/actions/transformations/base64_decode_ext.h index ed9edf78..3f36fc9f 100644 --- a/src/actions/transformations/base64_decode_ext.h +++ b/src/actions/transformations/base64_decode_ext.h @@ -34,8 +34,8 @@ class Base64DecodeExt : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/base64_encode.cc b/src/actions/transformations/base64_encode.cc index 4bc7871a..3560d6eb 100644 --- a/src/actions/transformations/base64_encode.cc +++ b/src/actions/transformations/base64_encode.cc @@ -33,8 +33,8 @@ namespace transformations { void Base64Encode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { std::string ret = Utils::Base64::encode( std::string(in.c_str(), in.size())); out.assign(ret.c_str(), ret.size()); diff --git a/src/actions/transformations/base64_encode.h b/src/actions/transformations/base64_encode.h index 2c816d6b..1158a5c5 100644 --- a/src/actions/transformations/base64_encode.h +++ b/src/actions/transformations/base64_encode.h @@ -34,8 +34,8 @@ class Base64Encode : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/cmd_line.cc b/src/actions/transformations/cmd_line.cc index acb572ac..4082bed6 100644 --- a/src/actions/transformations/cmd_line.cc +++ b/src/actions/transformations/cmd_line.cc @@ -32,8 +32,8 @@ namespace transformations { void CmdLine::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { int space = 0; for (auto& a : in) { diff --git a/src/actions/transformations/cmd_line.h b/src/actions/transformations/cmd_line.h index a853ad83..3724b515 100644 --- a/src/actions/transformations/cmd_line.h +++ b/src/actions/transformations/cmd_line.h @@ -34,8 +34,8 @@ class CmdLine : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/compress_whitespace.cc b/src/actions/transformations/compress_whitespace.cc index a11c6ea4..7d1af976 100644 --- a/src/actions/transformations/compress_whitespace.cc +++ b/src/actions/transformations/compress_whitespace.cc @@ -32,8 +32,8 @@ namespace transformations { void CompressWhitespace::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { int inWhiteSpace = 0; size_t i = 0; out.reserve(in.size()); diff --git a/src/actions/transformations/compress_whitespace.h b/src/actions/transformations/compress_whitespace.h index 11d7b120..de14f33a 100644 --- a/src/actions/transformations/compress_whitespace.h +++ b/src/actions/transformations/compress_whitespace.h @@ -34,8 +34,8 @@ class CompressWhitespace : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/css_decode.cc b/src/actions/transformations/css_decode.cc index 05485d75..1ca7a824 100644 --- a/src/actions/transformations/css_decode.cc +++ b/src/actions/transformations/css_decode.cc @@ -35,17 +35,19 @@ namespace transformations { void CssDecode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { + size_t s = in.size(); + char *tmp = reinterpret_cast( - malloc(sizeof(char) * in.size() + 1)); - memcpy(tmp, in.c_str(), in.size() + 1); - tmp[in.size()] = '\0'; + malloc(sizeof(char) * s + 1)); + memcpy(tmp, in.c_str(), s + 1); + tmp[s] = '\0'; - CssDecode::css_decode_inplace(reinterpret_cast(tmp), - in.size()); + size_t r = CssDecode::css_decode_inplace(reinterpret_cast(tmp), + s); - out.assign(tmp, 0, in.size()); + out.assign(tmp, r); free(tmp); } diff --git a/src/actions/transformations/css_decode.h b/src/actions/transformations/css_decode.h index 112b3391..1be00f48 100644 --- a/src/actions/transformations/css_decode.h +++ b/src/actions/transformations/css_decode.h @@ -35,8 +35,8 @@ class CssDecode : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static int css_decode_inplace(unsigned char *input, int64_t input_len); }; diff --git a/src/actions/transformations/escape_seq_decode.cc b/src/actions/transformations/escape_seq_decode.cc index b81f5d72..073d314f 100644 --- a/src/actions/transformations/escape_seq_decode.cc +++ b/src/actions/transformations/escape_seq_decode.cc @@ -136,8 +136,8 @@ int EscapeSeqDecode::ansi_c_sequences_decode_inplace(unsigned char *input, void EscapeSeqDecode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *tmp = (unsigned char *) malloc(sizeof(char) * in.size() + 1); memcpy(tmp, in.c_str(), in.size() + 1); diff --git a/src/actions/transformations/escape_seq_decode.h b/src/actions/transformations/escape_seq_decode.h index f8c27fe1..7b690687 100644 --- a/src/actions/transformations/escape_seq_decode.h +++ b/src/actions/transformations/escape_seq_decode.h @@ -34,8 +34,8 @@ class EscapeSeqDecode : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len); }; diff --git a/src/actions/transformations/hex_decode.cc b/src/actions/transformations/hex_decode.cc index 13538a0e..212bcbee 100644 --- a/src/actions/transformations/hex_decode.cc +++ b/src/actions/transformations/hex_decode.cc @@ -33,8 +33,8 @@ namespace transformations { void HexDecode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; int size = 0; diff --git a/src/actions/transformations/hex_decode.h b/src/actions/transformations/hex_decode.h index 3501f138..58645cea 100644 --- a/src/actions/transformations/hex_decode.h +++ b/src/actions/transformations/hex_decode.h @@ -34,8 +34,8 @@ class HexDecode : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static int inplace(unsigned char *data, int len); }; diff --git a/src/actions/transformations/hex_encode.cc b/src/actions/transformations/hex_encode.cc index 751970c5..4a70e896 100644 --- a/src/actions/transformations/hex_encode.cc +++ b/src/actions/transformations/hex_encode.cc @@ -33,8 +33,8 @@ namespace transformations { void HexEncode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { std::stringstream result; for (std::size_t i=0; i < in.length(); i++) { int ii = reinterpret_cast(in[i]); diff --git a/src/actions/transformations/hex_encode.h b/src/actions/transformations/hex_encode.h index 2f8414e5..1e6ae842 100644 --- a/src/actions/transformations/hex_encode.h +++ b/src/actions/transformations/hex_encode.h @@ -34,8 +34,8 @@ class HexEncode : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; diff --git a/src/actions/transformations/html_entity_decode.cc b/src/actions/transformations/html_entity_decode.cc index 080f0c75..c2909e09 100644 --- a/src/actions/transformations/html_entity_decode.cc +++ b/src/actions/transformations/html_entity_decode.cc @@ -34,8 +34,8 @@ namespace transformations { void HtmlEntityDecode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/html_entity_decode.h b/src/actions/transformations/html_entity_decode.h index b2b39a7d..f315fb91 100644 --- a/src/actions/transformations/html_entity_decode.h +++ b/src/actions/transformations/html_entity_decode.h @@ -37,8 +37,8 @@ class HtmlEntityDecode : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static int inplace(unsigned char *input, uint64_t input_len); }; diff --git a/src/actions/transformations/js_decode.cc b/src/actions/transformations/js_decode.cc index 268e0321..32640cad 100644 --- a/src/actions/transformations/js_decode.cc +++ b/src/actions/transformations/js_decode.cc @@ -35,8 +35,8 @@ namespace transformations { void JsDecode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/js_decode.h b/src/actions/transformations/js_decode.h index 013e4d92..c029e611 100644 --- a/src/actions/transformations/js_decode.h +++ b/src/actions/transformations/js_decode.h @@ -34,8 +34,8 @@ class JsDecode : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static int inplace(unsigned char *input, uint64_t input_len); }; diff --git a/src/actions/transformations/length.cc b/src/actions/transformations/length.cc index d620de31..57f6ae2f 100644 --- a/src/actions/transformations/length.cc +++ b/src/actions/transformations/length.cc @@ -32,8 +32,8 @@ namespace transformations { void Length::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { out.assign(std::to_string(in.size()).c_str()); } diff --git a/src/actions/transformations/length.h b/src/actions/transformations/length.h index bd643005..39828159 100644 --- a/src/actions/transformations/length.h +++ b/src/actions/transformations/length.h @@ -34,8 +34,8 @@ class Length : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/lower_case.cc b/src/actions/transformations/lower_case.cc index fb974794..137227ef 100644 --- a/src/actions/transformations/lower_case.cc +++ b/src/actions/transformations/lower_case.cc @@ -28,8 +28,8 @@ namespace transformations { void LowerCase::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { std::locale loc; out.resize(in.size()); for (std::string::size_type i=0; i < in.size(); ++i) { diff --git a/src/actions/transformations/lower_case.h b/src/actions/transformations/lower_case.h index 2f885914..79852094 100644 --- a/src/actions/transformations/lower_case.h +++ b/src/actions/transformations/lower_case.h @@ -36,8 +36,8 @@ class LowerCase : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/md5.cc b/src/actions/transformations/md5.cc index 3996645a..a179e174 100644 --- a/src/actions/transformations/md5.cc +++ b/src/actions/transformations/md5.cc @@ -32,8 +32,8 @@ namespace transformations { void Md5::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { std::string ret = Utils::Md5::digest(std::string(in.c_str(), in.size())); out.assign(ret.c_str(), ret.size()); diff --git a/src/actions/transformations/md5.h b/src/actions/transformations/md5.h index c822eecf..5b86b0ca 100644 --- a/src/actions/transformations/md5.h +++ b/src/actions/transformations/md5.h @@ -34,8 +34,8 @@ class Md5 : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/none.cc b/src/actions/transformations/none.cc index f093c550..00b5aadc 100644 --- a/src/actions/transformations/none.cc +++ b/src/actions/transformations/none.cc @@ -32,8 +32,8 @@ namespace transformations { void None::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { } + ModSecString &in, + ModSecString &out) { } } // namespace transformations diff --git a/src/actions/transformations/none.h b/src/actions/transformations/none.h index e69c3b07..130cbb74 100644 --- a/src/actions/transformations/none.h +++ b/src/actions/transformations/none.h @@ -32,11 +32,15 @@ class None : public Transformation { public: explicit None(const std::string &action) : Transformation(action) - { m_isNone = true; } + { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; + + bool isNone() override { + return true; + } }; } // namespace transformations diff --git a/src/actions/transformations/normalise_path.cc b/src/actions/transformations/normalise_path.cc index 16290e34..c7ff95a9 100644 --- a/src/actions/transformations/normalise_path.cc +++ b/src/actions/transformations/normalise_path.cc @@ -34,8 +34,8 @@ namespace transformations { void NormalisePath::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { int changed = 0; char *tmp = reinterpret_cast( diff --git a/src/actions/transformations/normalise_path.h b/src/actions/transformations/normalise_path.h index a5667f13..7fd91fc1 100644 --- a/src/actions/transformations/normalise_path.h +++ b/src/actions/transformations/normalise_path.h @@ -34,8 +34,8 @@ class NormalisePath : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static int normalize_path_inplace(unsigned char *input, int input_len, int win, int *changed); diff --git a/src/actions/transformations/normalise_path_win.cc b/src/actions/transformations/normalise_path_win.cc index 7b0541f7..a3746618 100644 --- a/src/actions/transformations/normalise_path_win.cc +++ b/src/actions/transformations/normalise_path_win.cc @@ -35,8 +35,8 @@ namespace transformations { void NormalisePathWin::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { int changed; char *tmp = reinterpret_cast( diff --git a/src/actions/transformations/normalise_path_win.h b/src/actions/transformations/normalise_path_win.h index 48be406b..3d7c8d75 100644 --- a/src/actions/transformations/normalise_path_win.h +++ b/src/actions/transformations/normalise_path_win.h @@ -34,8 +34,8 @@ class NormalisePathWin : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/parity_even_7bit.cc b/src/actions/transformations/parity_even_7bit.cc index 2e8c874f..29d547da 100644 --- a/src/actions/transformations/parity_even_7bit.cc +++ b/src/actions/transformations/parity_even_7bit.cc @@ -33,8 +33,8 @@ namespace transformations { void ParityEven7bit::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/parity_even_7bit.h b/src/actions/transformations/parity_even_7bit.h index ac4f7ac6..de250260 100644 --- a/src/actions/transformations/parity_even_7bit.h +++ b/src/actions/transformations/parity_even_7bit.h @@ -34,8 +34,8 @@ class ParityEven7bit : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static bool inplace(unsigned char *input, uint64_t input_len); }; diff --git a/src/actions/transformations/parity_odd_7bit.cc b/src/actions/transformations/parity_odd_7bit.cc index ca6946fe..d2695826 100644 --- a/src/actions/transformations/parity_odd_7bit.cc +++ b/src/actions/transformations/parity_odd_7bit.cc @@ -33,8 +33,8 @@ namespace transformations { void ParityOdd7bit::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/parity_odd_7bit.h b/src/actions/transformations/parity_odd_7bit.h index a99a488d..823b7fc7 100644 --- a/src/actions/transformations/parity_odd_7bit.h +++ b/src/actions/transformations/parity_odd_7bit.h @@ -34,8 +34,8 @@ class ParityOdd7bit : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static bool inplace(unsigned char *input, uint64_t input_len); }; diff --git a/src/actions/transformations/parity_zero_7bit.cc b/src/actions/transformations/parity_zero_7bit.cc index d54e8e13..25e24f42 100644 --- a/src/actions/transformations/parity_zero_7bit.cc +++ b/src/actions/transformations/parity_zero_7bit.cc @@ -33,8 +33,8 @@ namespace transformations { void ParityZero7bit::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/parity_zero_7bit.h b/src/actions/transformations/parity_zero_7bit.h index 647c7fa2..3dff4d33 100644 --- a/src/actions/transformations/parity_zero_7bit.h +++ b/src/actions/transformations/parity_zero_7bit.h @@ -34,8 +34,8 @@ class ParityZero7bit : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static bool inplace(unsigned char *input, uint64_t input_len); }; diff --git a/src/actions/transformations/remove_comments.cc b/src/actions/transformations/remove_comments.cc index 44882e81..86b29320 100644 --- a/src/actions/transformations/remove_comments.cc +++ b/src/actions/transformations/remove_comments.cc @@ -33,8 +33,8 @@ namespace transformations { void RemoveComments::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/remove_comments.h b/src/actions/transformations/remove_comments.h index 9fb33ea0..804a468f 100644 --- a/src/actions/transformations/remove_comments.h +++ b/src/actions/transformations/remove_comments.h @@ -35,8 +35,8 @@ class RemoveComments : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override;; + ModSecString &in, + ModSecString &out) override;; }; diff --git a/src/actions/transformations/remove_comments_char.cc b/src/actions/transformations/remove_comments_char.cc index e1bbf42a..db9c50b2 100644 --- a/src/actions/transformations/remove_comments_char.cc +++ b/src/actions/transformations/remove_comments_char.cc @@ -32,8 +32,8 @@ namespace transformations { void RemoveCommentsChar::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { int64_t i; out = in; diff --git a/src/actions/transformations/remove_comments_char.h b/src/actions/transformations/remove_comments_char.h index 31919925..53ac44ac 100644 --- a/src/actions/transformations/remove_comments_char.h +++ b/src/actions/transformations/remove_comments_char.h @@ -34,8 +34,8 @@ class RemoveCommentsChar : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/remove_nulls.cc b/src/actions/transformations/remove_nulls.cc index 99f0ff14..5ee5fdf4 100644 --- a/src/actions/transformations/remove_nulls.cc +++ b/src/actions/transformations/remove_nulls.cc @@ -34,8 +34,8 @@ namespace transformations { void RemoveNulls::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { int64_t i; out = in; diff --git a/src/actions/transformations/remove_nulls.h b/src/actions/transformations/remove_nulls.h index 452c93cc..00adf316 100644 --- a/src/actions/transformations/remove_nulls.h +++ b/src/actions/transformations/remove_nulls.h @@ -34,8 +34,8 @@ class RemoveNulls : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/remove_whitespace.cc b/src/actions/transformations/remove_whitespace.cc index 19a30b97..7d758fad 100644 --- a/src/actions/transformations/remove_whitespace.cc +++ b/src/actions/transformations/remove_whitespace.cc @@ -33,8 +33,8 @@ namespace transformations { void RemoveWhitespace::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { out = in; int64_t i = 0; diff --git a/src/actions/transformations/remove_whitespace.h b/src/actions/transformations/remove_whitespace.h index f4a41007..71119be1 100644 --- a/src/actions/transformations/remove_whitespace.h +++ b/src/actions/transformations/remove_whitespace.h @@ -34,8 +34,8 @@ class RemoveWhitespace : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/replace_comments.cc b/src/actions/transformations/replace_comments.cc index a4f19489..25fdac9f 100644 --- a/src/actions/transformations/replace_comments.cc +++ b/src/actions/transformations/replace_comments.cc @@ -33,8 +33,8 @@ namespace transformations { void ReplaceComments::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { uint64_t i, j, incomment; char *input = reinterpret_cast( diff --git a/src/actions/transformations/replace_comments.h b/src/actions/transformations/replace_comments.h index 80899cfe..c09c65a4 100644 --- a/src/actions/transformations/replace_comments.h +++ b/src/actions/transformations/replace_comments.h @@ -34,8 +34,8 @@ class ReplaceComments : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/replace_nulls.cc b/src/actions/transformations/replace_nulls.cc index 5b54e24e..bcd28497 100644 --- a/src/actions/transformations/replace_nulls.cc +++ b/src/actions/transformations/replace_nulls.cc @@ -32,8 +32,8 @@ namespace transformations { void ReplaceNulls::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { int64_t i; out = in; diff --git a/src/actions/transformations/replace_nulls.h b/src/actions/transformations/replace_nulls.h index e9434a5c..544f256d 100644 --- a/src/actions/transformations/replace_nulls.h +++ b/src/actions/transformations/replace_nulls.h @@ -34,8 +34,8 @@ class ReplaceNulls : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/sha1.cc b/src/actions/transformations/sha1.cc index 17bcc0c2..995922b9 100644 --- a/src/actions/transformations/sha1.cc +++ b/src/actions/transformations/sha1.cc @@ -33,8 +33,8 @@ namespace transformations { void Sha1::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { auto a = Utils::Sha1::digest( std::string(in.c_str(), in.size()) diff --git a/src/actions/transformations/sha1.h b/src/actions/transformations/sha1.h index 02377e43..fce9aa75 100644 --- a/src/actions/transformations/sha1.h +++ b/src/actions/transformations/sha1.h @@ -34,8 +34,8 @@ class Sha1 : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/sql_hex_decode.cc b/src/actions/transformations/sql_hex_decode.cc index 1420451a..da7fc301 100644 --- a/src/actions/transformations/sql_hex_decode.cc +++ b/src/actions/transformations/sql_hex_decode.cc @@ -42,8 +42,8 @@ namespace transformations { #endif void SqlHexDecode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; int size = 0; diff --git a/src/actions/transformations/sql_hex_decode.h b/src/actions/transformations/sql_hex_decode.h index cb7617a6..7e0d4dd4 100644 --- a/src/actions/transformations/sql_hex_decode.h +++ b/src/actions/transformations/sql_hex_decode.h @@ -34,8 +34,8 @@ class SqlHexDecode : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static int inplace(unsigned char *data, int len); diff --git a/src/actions/transformations/transformation.cc b/src/actions/transformations/transformation.cc index 5becd84c..f039c5ab 100644 --- a/src/actions/transformations/transformation.cc +++ b/src/actions/transformations/transformation.cc @@ -114,6 +114,7 @@ Transformation* Transformation::instantiate(std::string a) { return new Transformation(a); } + } // namespace transformations } // namespace actions } // namespace modsecurity diff --git a/src/actions/transformations/transformation.h b/src/actions/transformations/transformation.h index 8f11542d..9bedeb3f 100644 --- a/src/actions/transformations/transformation.h +++ b/src/actions/transformations/transformation.h @@ -32,12 +32,7 @@ class Transformation : public Action { explicit Transformation(const std::string& _action) : Action(_action, RunTimeBeforeMatchAttemptKind) { } - void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override { - // FIXME: this should be remove as soon as #1974 got fixed. - out.assign(in.c_str(), in.length()); - } + virtual bool isNone() { return false; } static Transformation* instantiate(std::string a); }; diff --git a/src/actions/transformations/trim.cc b/src/actions/transformations/trim.cc index dba82910..251d75df 100644 --- a/src/actions/transformations/trim.cc +++ b/src/actions/transformations/trim.cc @@ -31,27 +31,27 @@ namespace actions { namespace transformations { -void Trim::ltrim(ModSecStackString *s) { +void Trim::ltrim(ModSecString *s) { s->erase(s->begin(), std::find_if(s->begin(), s->end(), std::not1(std::ptr_fun(std::isspace)))); } -void Trim::rtrim(ModSecStackString *s) { +void Trim::rtrim(ModSecString *s) { s->erase(std::find_if(s->rbegin(), s->rend(), std::not1(std::ptr_fun(std::isspace))).base(), s->end()); } -void Trim::trim(ModSecStackString *s) { +void Trim::trim(ModSecString *s) { rtrim(s); ltrim(s); } void Trim::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { out = in; trim(&out); }; diff --git a/src/actions/transformations/trim.h b/src/actions/transformations/trim.h index bfb76160..6a390fd6 100644 --- a/src/actions/transformations/trim.h +++ b/src/actions/transformations/trim.h @@ -34,12 +34,12 @@ class Trim : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; - void ltrim(ModSecStackString *s); - void rtrim(ModSecStackString *s); - void trim(ModSecStackString *s); + void ltrim(ModSecString *s); + void rtrim(ModSecString *s); + void trim(ModSecString *s); }; } // namespace transformations diff --git a/src/actions/transformations/trim_left.cc b/src/actions/transformations/trim_left.cc index 3451389b..bdf099e2 100644 --- a/src/actions/transformations/trim_left.cc +++ b/src/actions/transformations/trim_left.cc @@ -33,8 +33,8 @@ namespace transformations { void TrimLeft::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { out = in; ltrim(&out); }; diff --git a/src/actions/transformations/trim_left.h b/src/actions/transformations/trim_left.h index 91912921..02b40685 100644 --- a/src/actions/transformations/trim_left.h +++ b/src/actions/transformations/trim_left.h @@ -35,8 +35,8 @@ class TrimLeft : public Trim { : Trim(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/trim_right.cc b/src/actions/transformations/trim_right.cc index ee968a90..91898e18 100644 --- a/src/actions/transformations/trim_right.cc +++ b/src/actions/transformations/trim_right.cc @@ -32,8 +32,8 @@ namespace transformations { void TrimRight::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { out = in; rtrim(&out); }; diff --git a/src/actions/transformations/trim_right.h b/src/actions/transformations/trim_right.h index 7fa2d570..5300559d 100644 --- a/src/actions/transformations/trim_right.h +++ b/src/actions/transformations/trim_right.h @@ -35,8 +35,8 @@ class TrimRight : public Trim { : Trim(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/upper_case.cc b/src/actions/transformations/upper_case.cc index 99100df0..2e6eaf24 100644 --- a/src/actions/transformations/upper_case.cc +++ b/src/actions/transformations/upper_case.cc @@ -28,8 +28,8 @@ namespace transformations { void UpperCase::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { std::locale loc; out.reserve(in.size()); for (std::string::size_type i=0; i < in.size(); ++i) { diff --git a/src/actions/transformations/upper_case.h b/src/actions/transformations/upper_case.h index cf3de628..37c10444 100644 --- a/src/actions/transformations/upper_case.h +++ b/src/actions/transformations/upper_case.h @@ -36,8 +36,8 @@ class UpperCase : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/url_decode.cc b/src/actions/transformations/url_decode.cc index 75ba798c..e5f32afd 100644 --- a/src/actions/transformations/url_decode.cc +++ b/src/actions/transformations/url_decode.cc @@ -33,8 +33,8 @@ namespace transformations { void UrlDecode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *val(NULL); int invalid_count = 0; int changed; diff --git a/src/actions/transformations/url_decode.h b/src/actions/transformations/url_decode.h index b39707a4..03535f2f 100644 --- a/src/actions/transformations/url_decode.h +++ b/src/actions/transformations/url_decode.h @@ -36,8 +36,8 @@ class UrlDecode : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; }; } // namespace transformations diff --git a/src/actions/transformations/url_decode_uni.cc b/src/actions/transformations/url_decode_uni.cc index 9855ae41..18326d24 100644 --- a/src/actions/transformations/url_decode_uni.cc +++ b/src/actions/transformations/url_decode_uni.cc @@ -39,8 +39,8 @@ namespace transformations { void UrlDecodeUni::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; input = reinterpret_cast diff --git a/src/actions/transformations/url_decode_uni.h b/src/actions/transformations/url_decode_uni.h index 4ffbcc6a..4b739919 100644 --- a/src/actions/transformations/url_decode_uni.h +++ b/src/actions/transformations/url_decode_uni.h @@ -35,8 +35,8 @@ class UrlDecodeUni : public Transformation { : Transformation(action) { } void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static int inplace(unsigned char *input, uint64_t input_len, Transaction *transaction); diff --git a/src/actions/transformations/url_encode.cc b/src/actions/transformations/url_encode.cc index 6bfc3463..aa722883 100644 --- a/src/actions/transformations/url_encode.cc +++ b/src/actions/transformations/url_encode.cc @@ -82,8 +82,8 @@ std::string UrlEncode::url_enc(const char *input, void UrlEncode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { int changed; std::string ret = url_enc(in.c_str(), in.size(), &changed); diff --git a/src/actions/transformations/url_encode.h b/src/actions/transformations/url_encode.h index 85217bd4..d4d23e63 100644 --- a/src/actions/transformations/url_encode.h +++ b/src/actions/transformations/url_encode.h @@ -34,8 +34,8 @@ class UrlEncode : public Transformation { : Transformation(action) { }; void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static std::string url_enc(const char *input, unsigned int input_len, int *changed); diff --git a/src/actions/transformations/utf8_to_unicode.cc b/src/actions/transformations/utf8_to_unicode.cc index d979be38..ab848f4e 100644 --- a/src/actions/transformations/utf8_to_unicode.cc +++ b/src/actions/transformations/utf8_to_unicode.cc @@ -34,8 +34,8 @@ namespace transformations { void Utf8ToUnicode::execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) { + ModSecString &in, + ModSecString &out) { unsigned char *input; int changed = 0; diff --git a/src/actions/transformations/utf8_to_unicode.h b/src/actions/transformations/utf8_to_unicode.h index 5bb9bd15..ffc863bc 100644 --- a/src/actions/transformations/utf8_to_unicode.h +++ b/src/actions/transformations/utf8_to_unicode.h @@ -40,8 +40,8 @@ class Utf8ToUnicode : public Transformation { void execute(Transaction *t, - ModSecStackString &in, - ModSecStackString &out) override; + ModSecString &in, + ModSecString &out) override; static char *inplace(unsigned char *input, uint64_t input_len, int *changed); diff --git a/src/actions/ver.cc b/src/actions/ver.cc index e967b1c9..caf3d08b 100644 --- a/src/actions/ver.cc +++ b/src/actions/ver.cc @@ -21,6 +21,7 @@ #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" #include "modsecurity/rule.h" +#include "modsecurity/rule_with_actions.h" namespace modsecurity { diff --git a/src/engine/lua.cc b/src/engine/lua.cc index ca1d3ebe..ef99d701 100644 --- a/src/engine/lua.cc +++ b/src/engine/lua.cc @@ -439,8 +439,8 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t, "t:" + std::string(name)); // FIXME: transformation is not yet returning null. if (tfn) { - ModSecStackString in; - ModSecStackString out; + ModSecString in; + ModSecString out; in.assign(newVar.c_str(), newVar.size()); tfn->execute(t, in, out); newVar.assign(out.c_str(), out.size()); @@ -465,8 +465,8 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t, // FIXME: transformation is not yet returning null. if (tfn) { - ModSecStackString in; - ModSecStackString out; + ModSecString in; + ModSecString out; in.assign(newVar.c_str(), newVar.size()); tfn->execute(t, in, out); newVar.assign(out.c_str(), out.size()); diff --git a/src/modsecurity.cc b/src/modsecurity.cc index a4d691ac..2f70d470 100644 --- a/src/modsecurity.cc +++ b/src/modsecurity.cc @@ -305,8 +305,8 @@ int ModSecurity::processContentOffset(const char *content, size_t len, while (!trans.empty()) { modsecurity::actions::transformations::Transformation *t; - ModSecStackString in; - ModSecStackString out; + ModSecString in; + ModSecString out; yajl_gen_map_open(g); yajl_gen_string(g, diff --git a/src/operators/detect_sqli.cc b/src/operators/detect_sqli.cc index 232ef9f4..b79e0a0b 100644 --- a/src/operators/detect_sqli.cc +++ b/src/operators/detect_sqli.cc @@ -20,6 +20,8 @@ #include "src/operators/operator.h" #include "others/libinjection/src/libinjection.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace operators { diff --git a/src/operators/detect_xss.cc b/src/operators/detect_xss.cc index a1d96845..c641ea5f 100644 --- a/src/operators/detect_xss.cc +++ b/src/operators/detect_xss.cc @@ -19,6 +19,7 @@ #include "src/operators/operator.h" #include "others/libinjection/src/libinjection.h" +#include "modsecurity/rule_with_actions.h" namespace modsecurity { diff --git a/src/operators/pm.cc b/src/operators/pm.cc index 5622df69..b673efac 100644 --- a/src/operators/pm.cc +++ b/src/operators/pm.cc @@ -28,6 +28,8 @@ #include "src/operators/operator.h" #include "src/utils/acmp.h" #include "src/utils/string.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace operators { diff --git a/src/operators/rbl.cc b/src/operators/rbl.cc index 0936fff3..0628dc18 100644 --- a/src/operators/rbl.cc +++ b/src/operators/rbl.cc @@ -25,6 +25,8 @@ #include "modsecurity/rules_set.h" #include "src/operators/operator.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace operators { diff --git a/src/operators/rx.cc b/src/operators/rx.cc index 84ca30af..cb3cec89 100644 --- a/src/operators/rx.cc +++ b/src/operators/rx.cc @@ -22,6 +22,8 @@ #include "src/operators/operator.h" #include "modsecurity/rule.h" #include "modsecurity/rule_message.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace operators { diff --git a/src/operators/verify_cc.cc b/src/operators/verify_cc.cc index eef2aaea..8891cb14 100644 --- a/src/operators/verify_cc.cc +++ b/src/operators/verify_cc.cc @@ -21,6 +21,8 @@ #include #include "src/operators/operator.h" +#include "modsecurity/rule_with_actions.h" + #if PCRE_HAVE_JIT #define pcre_study_opt PCRE_STUDY_JIT_COMPILE diff --git a/src/operators/verify_cpf.cc b/src/operators/verify_cpf.cc index f5d5a140..edac33a9 100644 --- a/src/operators/verify_cpf.cc +++ b/src/operators/verify_cpf.cc @@ -19,6 +19,8 @@ #include #include "src/operators/operator.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace operators { diff --git a/src/operators/verify_ssn.cc b/src/operators/verify_ssn.cc index e65520a7..3a5a69d9 100644 --- a/src/operators/verify_ssn.cc +++ b/src/operators/verify_ssn.cc @@ -20,6 +20,8 @@ #include #include "src/operators/operator.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace operators { diff --git a/src/operators/verify_svnr.cc b/src/operators/verify_svnr.cc index f9f4174c..075c5989 100644 --- a/src/operators/verify_svnr.cc +++ b/src/operators/verify_svnr.cc @@ -9,6 +9,7 @@ #include "modsecurity/rule_message.h" #include "modsecurity/rules_set_properties.h" +#include "modsecurity/rule_with_actions.h" namespace modsecurity { namespace operators { diff --git a/src/parser/seclang-parser.cc b/src/parser/seclang-parser.cc index 8f7de4e0..f32e987a 100644 --- a/src/parser/seclang-parser.cc +++ b/src/parser/seclang-parser.cc @@ -2439,8 +2439,8 @@ namespace yy { definedPhase = phase->m_phase; secRuleDefinedPhase = phase->m_secRulesPhase; delete phase; - } else if (a->action_kind == actions::Action::RunTimeOnlyIfMatchKind || - a->action_kind == actions::Action::RunTimeBeforeMatchAttemptKind) { + } else if (a->m_actionKind == actions::Action::RunTimeOnlyIfMatchKind || + a->m_actionKind == actions::Action::RunTimeBeforeMatchAttemptKind) { actions::transformations::None *none = dynamic_cast(a); if (none != NULL) { driver.error(yystack_[2].location, "The transformation none is not suitable to be part of the SecDefaultActions"); diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy index b59401e8..89f52329 100644 --- a/src/parser/seclang-parser.yy +++ b/src/parser/seclang-parser.yy @@ -18,6 +18,8 @@ class Driver; } #include "modsecurity/rule_unconditional.h" +#include "modsecurity/rule_with_operator.h" +#include "modsecurity/rule_with_actions.h" #include "src/rule_script.h" #include "src/actions/accuracy.h" @@ -1185,8 +1187,8 @@ expression: definedPhase = phase->m_phase; secRuleDefinedPhase = phase->m_secRulesPhase; delete phase; - } else if (a->action_kind == actions::Action::RunTimeOnlyIfMatchKind || - a->action_kind == actions::Action::RunTimeBeforeMatchAttemptKind) { + } else if (a->m_actionKind == actions::Action::RunTimeOnlyIfMatchKind || + a->m_actionKind == actions::Action::RunTimeBeforeMatchAttemptKind) { actions::transformations::None *none = dynamic_cast(a); if (none != NULL) { driver.error(@0, "The transformation none is not suitable to be part of the SecDefaultActions"); diff --git a/src/rule_script.h b/src/rule_script.h index 2e4c2086..6375d8ee 100644 --- a/src/rule_script.h +++ b/src/rule_script.h @@ -32,6 +32,8 @@ #include "src/actions/log_data.h" #include "src/actions/severity.h" #include "src/variables/variable.h" +#include "modsecurity/rule_with_actions.h" + #ifndef SRC_RULE_SCRIPT_H_ #define SRC_RULE_SCRIPT_H_ diff --git a/src/rule_with_actions.cc b/src/rule_with_actions.cc index f4867646..0312d089 100644 --- a/src/rule_with_actions.cc +++ b/src/rule_with_actions.cc @@ -104,12 +104,7 @@ RuleWithActions::RuleWithActions( } void RuleWithActions::addDefaultAction(std::shared_ptr a) { - if (a->action_kind == Action::ConfigurationKind) { - a->execute(this, NULL); - return; - } - - if (a->action_kind == Action::ConfigurationKind) { + if (a->m_actionKind == Action::ConfigurationKind) { if (dynamic_cast(a.get())) { actions::Accuracy *accuracy = dynamic_cast(a.get()); m_defaultAccuracy = accuracy->getAccuracy(); @@ -122,7 +117,7 @@ void RuleWithActions::addDefaultAction(std::shared_ptr a) { return; } - if (a->action_kind == Action::RunTimeOnlyIfMatchKind) { + if (a->m_actionKind == Action::RunTimeOnlyIfMatchKind) { if (dynamic_cast(a.get())) { m_defaultContainsCaptureAction = true; } else if (dynamic_cast(a.get())) { @@ -163,7 +158,7 @@ void RuleWithActions::addDefaultAction(std::shared_ptr a) { } void RuleWithActions::addAction(actions::Action *a) { - if (a->action_kind == Action::ConfigurationKind) { + if (a->m_actionKind == Action::ConfigurationKind) { if (dynamic_cast(a)) { actions::Accuracy *accuracy = dynamic_cast(a); m_accuracy = accuracy->getAccuracy(); @@ -177,7 +172,7 @@ void RuleWithActions::addAction(actions::Action *a) { return; } - if (a->action_kind == Action::RunTimeOnlyIfMatchKind) { + if (a->m_actionKind == Action::RunTimeOnlyIfMatchKind) { if (dynamic_cast(a)) { m_containsCaptureAction = true; delete a; @@ -281,7 +276,7 @@ void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans) { #if 0 for (auto &a : trans->m_rules->m_defaultActions[getPhase()]) { - if (a.get()->action_kind != actions::Action::RunTimeOnlyIfMatchKind) { + if (a.get()->m_actionKind != actions::Action::RunTimeOnlyIfMatchKind) { continue; } if (!a.get()->isDisruptive()) { @@ -363,7 +358,7 @@ void RuleWithActions::executeTransformations( TransformationsResults &results) { int none = 0; - ModSecStackString ssin; + ModSecString ssin; ssin.assign(in.c_str()); TransformationResult a = TransformationResult(&ssin); @@ -374,9 +369,8 @@ void RuleWithActions::executeTransformations( std::shared_ptr value = std::shared_ptr(new std::string(in)); - - for (Action *action : getTransformationPtr()) { - if (action->m_isNone) { + for (Transformation *action : getTransformationPtr()) { + if (action->isNone()) { none++; } } @@ -385,7 +379,7 @@ void RuleWithActions::executeTransformations( if (none == 0) { executeTransformation(trans, &results, t); } - if (t->m_isNone) { + if (t->isNone()) { none--; } } @@ -398,7 +392,7 @@ void RuleWithActions::executeTransformations( continue; } Transformation *t = dynamic_cast(b.second.get()); - if (t->m_isNone) { + if (t->isNone()) { none++; } } @@ -412,7 +406,7 @@ void RuleWithActions::executeTransformations( if (none == 0) { executeTransformation(trans, &results, t); } - if (t->m_isNone) { + if (t->isNone()) { none--; } } @@ -446,11 +440,11 @@ void RuleWithActions::executeTransformation( void RuleWithActions::executeTransformation( Transaction *transaction, - ModSecStackString in, + ModSecString in, TransformationsResults *ret, Transformation *transformation) { - ModSecStackString out; + ModSecString out; transformation->execute(transaction, in, out); ms_dbg_a(transaction, 9, " T (" + std::to_string(ret->size() - 1) + ") " + \ diff --git a/src/rules.cc b/src/rules.cc index 4666deb0..b35664fb 100644 --- a/src/rules.cc +++ b/src/rules.cc @@ -14,7 +14,7 @@ */ #include "modsecurity/rules.h" -#include "src/rule_with_actions.h" +#include "modsecurity/rule_with_actions.h" namespace modsecurity { @@ -37,14 +37,14 @@ int Rules::append(Rules *from, const std::vector &ids, std::ostringstre } -bool Rules::insert(std::shared_ptr rule) { +bool Rules::insert(const std::shared_ptr &rule) { return insert(rule, nullptr, nullptr); } bool Rules::insert(std::shared_ptr rule, const std::vector *ids, std::ostringstream *err) { RuleWithActions*r = dynamic_cast(rule.get()); - if (r && ids != nullptr && err != nullptr + if (r && ids != nullptr && std::binary_search(ids->begin(), ids->end(), r->getId())) { if (err != NULL) { *err << "Rule id: " << std::to_string(r->getId()) \ @@ -57,22 +57,22 @@ bool Rules::insert(std::shared_ptr rule, const std::vector *ids, } -size_t Rules::size() { +size_t Rules::size() const { return m_rules.size(); } -std::shared_ptr Rules::operator[](int index) { +std::shared_ptr Rules::operator[](int index) const { return m_rules[index]; } -std::shared_ptr Rules::at(int index) { +std::shared_ptr Rules::at(int index) const { return m_rules[index]; } -void Rules::dump() { +void Rules::dump() const { for (int j = 0; j < m_rules.size(); j++) { std::cout << " Rule ID: " << m_rules.at(j)->getReference(); std::cout << "--" << m_rules.at(j) << std::endl; diff --git a/src/rules_exceptions.cc b/src/rules_exceptions.cc index 93b23a43..4259ac09 100644 --- a/src/rules_exceptions.cc +++ b/src/rules_exceptions.cc @@ -36,15 +36,15 @@ bool RulesExceptions::loadUpdateActionById(double id, std::string *error) { for (auto &a : *actions) { - if (a->action_kind == actions::Action::ConfigurationKind) { + if (a->m_actionKind == actions::Action::ConfigurationKind) { std::cout << "General failure, action: " << a->m_name; std::cout << " has not expected to be used with UpdateActionByID."; std::cout << std::endl; - } else if (a->action_kind + } else if (a->m_actionKind == actions::Action::RunTimeBeforeMatchAttemptKind) { m_action_pre_update_target_by_id.emplace(std::pair>(id , std::move(a))); - } else if (a->action_kind == actions::Action::RunTimeOnlyIfMatchKind) { + } else if (a->m_actionKind == actions::Action::RunTimeOnlyIfMatchKind) { m_action_pos_update_target_by_id.emplace(std::pair>(id , std::move(a))); } else { diff --git a/src/run_time_string.cc b/src/run_time_string.cc index 604467e8..a470f5e7 100644 --- a/src/run_time_string.cc +++ b/src/run_time_string.cc @@ -25,6 +25,7 @@ #include "src/variables/highest_severity.h" #include "src/utils/string.h" #include "src/variables/variable.h" +#include "modsecurity/rule_with_operator.h" namespace modsecurity { diff --git a/src/variables/rule.h b/src/variables/rule.h index b313b188..76d13a8c 100644 --- a/src/variables/rule.h +++ b/src/variables/rule.h @@ -24,7 +24,7 @@ #include "src/actions/severity.h" #include "src/actions/log_data.h" #include "src/actions/msg.h" - +#include "modsecurity/rule_with_actions.h" namespace modsecurity { diff --git a/src/variables/xml.cc b/src/variables/xml.cc index 853db8f7..8e434c86 100644 --- a/src/variables/xml.cc +++ b/src/variables/xml.cc @@ -42,6 +42,8 @@ #include "src/request_body_processor/xml.h" #include "modsecurity/actions/action.h" #include "src/actions/xmlns.h" +#include "modsecurity/rule_with_actions.h" + namespace modsecurity { namespace variables { diff --git a/test/cppcheck_suppressions.txt b/test/cppcheck_suppressions.txt index d7a54b78..9c5e829e 100644 --- a/test/cppcheck_suppressions.txt +++ b/test/cppcheck_suppressions.txt @@ -37,7 +37,7 @@ redundantAssignment:src/operators/pm.cc:94 unmatchedSuppression:src/utils/geo_lookup.cc:82 useInitializationList:src/utils/shared_files.h:87 unmatchedSuppression:src/utils/msc_tree.cc -functionStatic:headers/modsecurity/transaction.h:453 +functionStatic:headers/modsecurity/transaction.h:452 duplicateBranch:src/audit_log/audit_log.cc:223 unreadVariable:src/request_body_processor/multipart.cc:435 stlcstrParam:src/audit_log/writer/parallel.cc:145 @@ -54,7 +54,7 @@ syntaxError:src/transaction.cc:62 noConstructor:src/variables/variable.h:152 duplicateBranch:src/request_body_processor/multipart.cc:93 knownConditionTrueFalse:src/operators/validate_url_encoding.cc:77 -knownConditionTrueFalse:src/operators/verify_svnr.cc:87 +knownConditionTrueFalse:src/operators/verify_svnr.cc:88 noExplicitConstructor:seclang-parser.hh diff --git a/test/unit/unit.cc b/test/unit/unit.cc index 9973ca27..40b47dfb 100644 --- a/test/unit/unit.cc +++ b/test/unit/unit.cc @@ -90,8 +90,8 @@ void perform_unit_test(ModSecurityTest *test, UnitTest *t, } delete op; } else if (t->type == "tfn") { - modsecurity::ModSecStackString in; - modsecurity::ModSecStackString out; + modsecurity::ModSecString in; + modsecurity::ModSecString out; std::string ret; in.assign(t->input.c_str(), t->input.size()); Transformation *tfn = Transformation::instantiate("t:" + t->name);