github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring on the RULE variable

Browse Source
This commit is contained in:
Felipe Zimmerle 2018-09-28 22:38:40 -03:00
parent 554251bade
commit 3e8e28da48
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
11 changed files with 188 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
headers/modsecurity/rule.h
View File

@ -94,7 +94,6 @@ class Rule {
void updateMatchedVars(Transaction *trasn, std::string key,
std::string value);
void cleanMatchedVars(Transaction *trasn);
void updateRulesVariable(Transaction *trasn, std::shared_ptr<RuleMessage> rm);
std::vector<actions::Action *> getActionsByName(const std::string& name,
Transaction *t);

2
headers/modsecurity/transaction.h
View File

@ -174,7 +174,6 @@ class TransactionAnchoredVariables {
m_variableResponseHeaders(t, "RESPONSE_HEADERS"),
m_variableGeo(t, "GEO"),
m_variableRequestCookiesNames(t, "REQUEST_COOKIES_NAMES"),
m_variableRule(t, "RULE"),
m_variableFilesTmpNames(t, "FILES_TMPNAMES"),
m_variableOffset(0)
{ }
@ -256,7 +255,6 @@ class TransactionAnchoredVariables {
AnchoredSetVariable m_variableResponseHeaders;
AnchoredSetVariable m_variableGeo;
AnchoredSetVariable m_variableRequestCookiesNames;
AnchoredSetVariable m_variableRule;
AnchoredSetVariable m_variableFilesTmpNames;
int m_variableOffset;

2
src/actions/log_data.cc
View File

@ -33,8 +33,6 @@ bool LogData::evaluate(Rule *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
rm->m_data = data(transaction);
transaction->m_variableRule.set("logdata", rm->m_data, 0);
return true;
}

2
src/actions/msg.cc
View File

@ -54,8 +54,6 @@ bool Msg::evaluate(Rule *rule, Transaction *transaction,
transaction->debug(9, "Saving msg: " + msg);
#endif
transaction->m_variableRule.set("msg", msg, 0);
return true;
}

2
src/actions/set_var.cc
View File

@ -45,7 +45,7 @@ bool SetVar::evaluate(Rule *rule, Transaction *t) {
std::string resolvedPre;
if (m_string) {
resolvedPre = m_string->evaluate(t);
resolvedPre = m_string->evaluate(t, rule);
}
std::string m_variableNameExpanded;

2
src/actions/severity.cc
View File

@ -84,8 +84,6 @@ bool Severity::evaluate(Rule *rule, Transaction *transaction,
transaction->m_highestSeverityAction = this->m_severity;
}
transaction->m_variableRule.set("severity", std::to_string(m_severity), 0);
return true;
}

23
src/rule.cc
View File

@ -258,27 +258,6 @@ void Rule::cleanMatchedVars(Transaction *trans) {
}
void Rule::updateRulesVariable(Transaction *trans,
std::shared_ptr<RuleMessage> rm) {
if (m_ruleId != 0) {
trans->m_variableRule.set("id", std::to_string(m_ruleId), 0);
}
if (m_rev.empty() == false) {
trans->m_variableRule.set("rev", m_rev, 0);
}
if (m_severity) {
trans->m_variableRule.set("severity",
std::to_string(m_severity->m_severity), 0);
}
if (m_logData) {
trans->m_variableRule.set("logdata", m_logData->data(trans), 0);
}
if (m_msg) {
trans->m_variableRule.set("msg", m_msg->data(trans), 0);
}
}
void Rule::executeActionsIndependentOfChainedRuleResult(Transaction *trans,
bool *containsBlock, std::shared_ptr<RuleMessage> ruleMessage) {
@ -720,8 +699,6 @@ bool Rule::evaluate(Transaction *trans,
#endif
}
updateRulesVariable(trans, ruleMessage);
getFinalVars(&vars, &exclusion, trans);
for (auto &var : vars) {

8
src/run_time_string.cc
View File

@ -47,13 +47,18 @@ void RunTimeString::appendVar(
std::string RunTimeString::evaluate(Transaction *t) {
return evaluate(t, NULL);
}
std::string RunTimeString::evaluate(Transaction *t, Rule *r) {
std::string s;
for (auto &z : m_elements) {
if (z->m_string.size() > 0) {
s.append(z->m_string);
} else if (z->m_var != NULL && t != NULL) {
std::vector<const VariableValue *> l;
z->m_var->evaluate(t, NULL, &l);
z->m_var->evaluate(t, r, &l);
if (l.size() > 0) {
s.append(l[0]->m_value);
}
@ -65,5 +70,4 @@ std::string RunTimeString::evaluate(Transaction *t) {
return s;
}
} // namespace modsecurity

1
src/run_time_string.h
View File

@ -49,6 +49,7 @@ class RunTimeString {
void appendText(std::string text);
void appendVar(std::unique_ptr<modsecurity::Variables::Variable> var);
std::string evaluate(Transaction *t);
std::string evaluate(Transaction *t, Rule *r);
std::string evaluate() {
return evaluate(NULL);
}

181
src/variables/rule.h
View File

@ -21,6 +21,10 @@
#define SRC_VARIABLES_RULE_H_
#include "src/variables/variable.h"
#include "src/actions/severity.h"
#include "src/actions/log_data.h"
#include "src/actions/msg.h"
namespace modsecurity {
@ -28,7 +32,182 @@ class Transaction;
namespace Variables {
DEFINE_VARIABLE_DICT(Rule, RULE, m_variableRule)
class Rule_DictElement : public VariableDictElement { \
public:
explicit Rule_DictElement(std::string dictElement)
: VariableDictElement("RULE", dictElement) { }
static void id(Transaction *t,
Rule *rule,
std::vector<const VariableValue *> *l) {
if (!rule) {
return;
}
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(std::to_string(rule->m_ruleId));
VariableValue *var = new VariableValue(
std::make_shared<std::string>("RULE:id"),
a
);
delete a;
origin->m_offset = 0;
origin->m_length = 0;
var->m_orign.push_back(std::move(origin));
l->push_back(var);
}
static void rev(Transaction *t,
Rule *rule,
std::vector<const VariableValue *> *l) {
if (!rule) {
return;
}
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(rule->m_rev);
VariableValue *var = new VariableValue(
std::make_shared<std::string>("RULE:rev"),
a
);
delete a;
origin->m_offset = 0;
origin->m_length = 0;
var->m_orign.push_back(std::move(origin));
l->push_back(var);
}
static void severity(Transaction *t,
Rule *rule,
std::vector<const VariableValue *> *l) {
if (rule && rule->m_severity) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(std::to_string(rule->m_severity->m_severity));
VariableValue *var = new VariableValue(
std::make_shared<std::string>("RULE:severity"),
a
);
delete a;
origin->m_offset = 0;
origin->m_length = 0;
var->m_orign.push_back(std::move(origin));
l->push_back(var);
}
}
static void logData(Transaction *t,
Rule *rule,
std::vector<const VariableValue *> *l) {
if (rule && rule->m_logData) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(rule->m_logData->data(t));
VariableValue *var = new VariableValue(
std::make_shared<std::string>("RULE:logdata"),
a
);
delete a;
origin->m_offset = 0;
origin->m_length = 0;
var->m_orign.push_back(std::move(origin));
l->push_back(var);
}
}
static void msg(Transaction *t,
Rule *rule,
std::vector<const VariableValue *> *l) {
if (rule && rule->m_msg) {
std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
std::string *a = new std::string(rule->m_msg->data(t));
VariableValue *var = new VariableValue(
std::make_shared<std::string>("RULE:msg"),
a
);
delete a;
origin->m_offset = 0;
origin->m_length = 0;
var->m_orign.push_back(std::move(origin));
l->push_back(var);
}
}
void evaluate(Transaction *t,
Rule *rule,
std::vector<const VariableValue *> *l) override {
if (m_dictElement == "id") {
id(t, rule, l);
return;
}
if (rule && m_dictElement == "rev") {
rev(t, rule, l);
return;
}
if (rule && m_dictElement == "severity") {
severity(t, rule, l);
return;
}
if (m_dictElement == "logdata") {
logData(t, rule, l);
return;
}
if (m_dictElement == "msg") {
msg(t, rule, l);
return;
}
}
};
class Rule_DictElementRegexp : public VariableRegex {
public:
explicit Rule_DictElementRegexp(std::string regex)
: VariableRegex("RULE", regex) { }
void evaluate(Transaction *t,
Rule *rule,
std::vector<const VariableValue *> *l) override {
if (Utils::regex_search("id", m_r) > 0) {
Rule_DictElement::id(t, rule, l);
return;
}
if (Utils::regex_search("rev", m_r) > 0) {
Rule_DictElement::rev(t, rule, l);
return;
}
if (Utils::regex_search("severity", m_r) > 0) {
Rule_DictElement::severity(t, rule, l);
return;
}
if (Utils::regex_search("logdata", m_r) > 0) {
Rule_DictElement::logData(t, rule, l);
return;
}
if (Utils::regex_search("msg", m_r) > 0) {
Rule_DictElement::msg(t, rule, l);
return;
}
}
};
class Rule_NoDictElement : public Variable {
public:
explicit Rule_NoDictElement()
: Variable("RULE") { }
void evaluate(Transaction *t,
Rule *rule,
std::vector<const VariableValue *> *l) override {
Rule_DictElement::id(t, rule, l);
Rule_DictElement::rev(t, rule, l);
Rule_DictElement::severity(t, rule, l);
Rule_DictElement::logData(t, rule, l);
Rule_DictElement::msg(t, rule, l);
}
};
// DEFINE_VARIABLE_DICT(Rule, RULE, m_variableRule)
} // namespace Variables

4
src/variables/variable.h
View File

@ -292,8 +292,6 @@ class VariableMonkeyResolution {
t->m_variableArgsGetNames.resolve(var, l);
} else if (comp(variable, "ARGS_POST_NAMES")) {
t->m_variableArgsPostNames.resolve(var, l);
} else if (comp(col, "RULE")) {
t->m_variableRule.resolve(var, l);
} else if (comp(col, "ARGS_GET")) {
t->m_variableArgsGet.resolve(var, l);
} else if (comp(col, "ARGS_POST")) {
@ -474,8 +472,6 @@ class VariableMonkeyResolution {
vv = t->m_variableArgsGetNames.resolveFirst(var);
} else if (comp(variable, "ARGS_POST_NAMES")) {
vv = t->m_variableArgsPostNames.resolveFirst(var);
} else if (comp(col, "RULE")) {
vv = t->m_variableRule.resolveFirst(var);
} else if (comp(col, "ARGS_GET")) {
vv = t->m_variableArgsGet.resolveFirst(var);
} else if (comp(col, "ARGS_POST")) {