Adds support for jsDecode transformation

2025-09-30 11:44:32 +03:00 · 2015-08-05 14:41:43 -03:00
parent 4f47651a6f
commit 391002c665
10 changed files with 198 additions and 30 deletions
--- a/src/actions/transformations/js_decode.cc
+++ b/src/actions/transformations/js_decode.cc
@@ -15,6 +15,8 @@

 #include "actions/transformations/js_decode.h"

+#include <string.h>
+
 #include <iostream>
 #include <string>
 #include <algorithm>
@@ -24,26 +26,26 @@

 #include "modsecurity/assay.h"
 #include "actions/transformations/transformation.h"
+#include "src/utils.h"


 namespace ModSecurity {
 namespace actions {
 namespace transformations {

-JsDecode::JsDecode(std::string action)
-    : Transformation(action) {
-    this->action_kind = 1;
-}

 std::string JsDecode::evaluate(std::string value,
    Assay *assay) {
-    /**
-     * @todo Implement the transformation JsDecode
-     */
-    assay->debug(4, "Transformation JsDecode is not implemented yet.");
-    return value;
+    char *tmp = strdup(value.c_str());
+    int res = js_decode_nonstrict_inplace((unsigned char *)tmp, value.size());
+    std::string ret("");
+    ret.assign(tmp);
+    free(tmp);
+
+    return ret;
 }

+
 }  // namespace transformations
 }  // namespace actions
 }  // namespace ModSecurity
--- a/src/actions/transformations/js_decode.h
+++ b/src/actions/transformations/js_decode.h
@@ -30,7 +30,9 @@ namespace transformations {

 class JsDecode : public Transformation {
 public:
-    explicit JsDecode(std::string action);
+    explicit JsDecode(std::string action)
+        : Transformation(action) { }
+
    std::string evaluate(std::string exp,
        Assay *assay) override;
 };
--- a/src/actions/transformations/transformation.cc
+++ b/src/actions/transformations/transformation.cc
@@ -65,18 +65,13 @@ namespace ModSecurity {
 namespace actions {
 namespace transformations {

-Transformation::Transformation(std::string action)
-    : Action(action) {
-    this->name = this->action;
-    this->name.erase(0, 2);
-    this->action_kind = 1;
-}

 std::string Transformation::evaluate(std::string value,
    Assay *assay) {
    return value;
 }

+
 Transformation* Transformation::instantiate(std::string a) {
    IF_MATCH(base64_decode_ext) { return new Base64DecodeExt(a); }
    IF_MATCH(base64_decode) { return new Base64Decode(a); }
@@ -87,7 +82,7 @@ Transformation* Transformation::instantiate(std::string a) {
    IF_MATCH(hex_decode) { return new HexDecode(a); }
    IF_MATCH(hex_encode) { return new HexEncode(a); }
    IF_MATCH(html_entity_decode) { return new HtmlEntityDecode(a); }
-    IF_MATCH(js_decode) { return new JsDecode(a); }
+    IF_MATCH(jsDecode) { return new JsDecode(a); }
    IF_MATCH(length) { return new Length(a); }
    IF_MATCH(lowercase) { return new LowerCase(a); }
    IF_MATCH(md5) { return new Md5(a); }
--- a/src/actions/transformations/transformation.h
+++ b/src/actions/transformations/transformation.h
@@ -30,7 +30,12 @@ namespace transformations {

 class Transformation : public Action {
 public:
-    explicit Transformation(std::string action);
+    explicit Transformation(const std::string& _action)
+        : Action(_action, RunTimeBeforeMatchAttemptKind) { }
+
+    explicit Transformation(const std::string& _action, int kind)
+        : Action(_action, kind) { }
+
    static Transformation* instantiate(std::string);

    std::string evaluate(std::string exp,