github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Coding style fixes

Browse Source
This commit is contained in:
Felipe Zimmerle 2017-11-13 14:22:17 -03:00
parent 023e7acbad
commit 3fb71f32d8
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
40 changed files with 591 additions and 662 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h
View File

@ -13,10 +13,11 @@
* *
*/ */
#include <unistd.h>
#include <string> #include <string>
#include <memory> #include <memory>
#include <unistd.h>
#define NUM_THREADS 100 #define NUM_THREADS 100
@ -151,8 +152,9 @@ class ReadingLogsViaRuleMessage {
dms.rules = rules; dms.rules = rules;
for (i = 0; i < NUM_THREADS; i++) { for (i = 0; i < NUM_THREADS; i++) {
pthread_create(&threads[i], NULL, process_request, (void *)&dms); pthread_create(&threads[i], NULL, process_request,
//process_request((void *)&dms); reinterpret_cast<void *>(&dms));
// process_request((void *)&dms);
} }
usleep(10000); usleep(10000);

5
examples/reading_logs_via_rule_message/simple_request.cc
View File

@ -23,14 +23,13 @@
int main(int argc, char **argv) { int main(int argc, char **argv) {
*argv++; if (argc < 2) {
if (*argv == NULL) {
*argv--;
std::cout << "Use " << *argv << " test-case-file.conf"; std::cout << "Use " << *argv << " test-case-file.conf";
std::cout << std::endl << std::endl; std::cout << std::endl << std::endl;
return -1; return -1;
} }
*(argv++);
std::string rules(*argv); std::string rules(*argv);
ReadingLogsViaRuleMessage rlvrm(request_header, request_uri, request_body, ReadingLogsViaRuleMessage rlvrm(request_header, request_uri, request_body,
response_headers, response_body, ip, rules); response_headers, response_body, ip, rules);

3
examples/simple_example_using_c/basic_rules.conf
View File

@ -35,14 +35,11 @@ SecRule REQUEST_HEADERS:Content-Type "application/json" \
# to the size of data, with files excluded. You want to keep that value as # to the size of data, with files excluded. You want to keep that value as
# low as practical. # low as practical.
# #
SecRequestBodyLimit 13107200
SecRequestBodyNoFilesLimit 131072
# Store up to 128 KB of request body data in memory. When the multipart # Store up to 128 KB of request body data in memory. When the multipart
# parser reachers this limit, it will start using your hard disk for # parser reachers this limit, it will start using your hard disk for
# storage. That is slow, but unavoidable. # storage. That is slow, but unavoidable.
# #
SecRequestBodyInMemoryLimit 131072
# What do do if the request body size is above our configured limit. # What do do if the request body size is above our configured limit.
# Keep in mind that this setting will automatically be set to ProcessPartial # Keep in mind that this setting will automatically be set to ProcessPartial

22
examples/using_bodies_in_chunks/simple_request.cc
View File

@ -13,18 +13,20 @@
* *
*/ */
#include <unistd.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <string>
#include <memory>
#include <unistd.h>
#include <modsecurity/modsecurity.h> #include <modsecurity/modsecurity.h>
#include <modsecurity/rules.h> #include <modsecurity/rules.h>
#include <modsecurity/rule_message.h> #include <modsecurity/rule_message.h>
#include <string>
#include <memory>
char request_uri[] = "/test.pl?param1=test&para2=test2"; char request_uri[] = "/test.pl?param1=test&para2=test2";
@ -85,8 +87,7 @@ static void logCb(void *data, const void *ruleMessagev) {
} }
} }
int process_intervention(modsecurity::Transaction *transaction) int process_intervention(modsecurity::Transaction *transaction) {
{
modsecurity::ModSecurityIntervention intervention; modsecurity::ModSecurityIntervention intervention;
intervention.status = 200; intervention.status = 200;
intervention.url = NULL; intervention.url = NULL;
@ -105,8 +106,7 @@ int process_intervention(modsecurity::Transaction *transaction)
free(intervention.log); free(intervention.log);
intervention.log = NULL; intervention.log = NULL;
if (intervention.url != NULL) if (intervention.url != NULL) {
{
std::cout << "Intervention, redirect to: " << intervention.url; std::cout << "Intervention, redirect to: " << intervention.url;
std::cout << " with status code: " << intervention.status << std::endl; std::cout << " with status code: " << intervention.status << std::endl;
free(intervention.url); free(intervention.url);
@ -114,8 +114,7 @@ int process_intervention(modsecurity::Transaction *transaction)
return intervention.status; return intervention.status;
} }
if (intervention.status != 200) if (intervention.status != 200) {
{
std::cout << "Intervention, returning code: " << intervention.status; std::cout << "Intervention, returning code: " << intervention.status;
std::cout << std::endl; std::cout << std::endl;
return intervention.status; return intervention.status;
@ -129,13 +128,12 @@ int main(int argc, char **argv) {
modsecurity::Rules *rules; modsecurity::Rules *rules;
modsecurity::ModSecurityIntervention it; modsecurity::ModSecurityIntervention it;
*argv++; if (argc < 2) {
if (*argv == NULL) {
*argv--;
std::cout << "Use " << *argv << " test-case-file.conf"; std::cout << "Use " << *argv << " test-case-file.conf";
std::cout << std::endl << std::endl; std::cout << std::endl << std::endl;
return -1; return -1;
} }
*(argv++);
std::string rules_arg(*argv); std::string rules_arg(*argv);

2
headers/modsecurity/audit_log.h
View File

@ -206,7 +206,7 @@ class AuditLog {
int m_directoryPermission; int m_directoryPermission;
int m_defaultDirectoryPermission = 0750; int m_defaultDirectoryPermission = 0750;
private: private:
AuditLogStatus m_status; AuditLogStatus m_status;
AuditLogType m_type; AuditLogType m_type;

3
headers/modsecurity/collection/variable.h
View File

@ -19,6 +19,7 @@
#include <iostream> #include <iostream>
#include <memory> #include <memory>
#include <list> #include <list>
#include <utility>
#endif #endif
#include "modsecurity/variable_origin.h" #include "modsecurity/variable_origin.h"
@ -51,7 +52,7 @@ class Variable {
m_key(""), m_key(""),
m_value("") { } m_value("") { }
Variable(const Variable *o) : explicit Variable(const Variable *o) :
m_key(""), m_key(""),
m_value("") { m_value("") {
m_key.assign(o->m_key); m_key.assign(o->m_key);

5
headers/modsecurity/rule.h
View File

@ -52,7 +52,8 @@ class Rule {
explicit Rule(std::string marker); explicit Rule(std::string marker);
~Rule(); ~Rule();
virtual bool evaluate(Transaction *transaction, std::shared_ptr<RuleMessage> rm); virtual bool evaluate(Transaction *transaction,
std::shared_ptr<RuleMessage> rm);
bool evaluateActions(Transaction *transaction); bool evaluateActions(Transaction *transaction);
std::vector<std::unique_ptr<collection::Variable>> std::vector<std::unique_ptr<collection::Variable>>
getFinalVars(Transaction *trasn); getFinalVars(Transaction *trasn);
@ -108,7 +109,7 @@ class Rule {
operators::Operator *m_op; operators::Operator *m_op;
int m_phase; int m_phase;
std::string m_rev; std::string m_rev;
long m_ruleId; int64_t m_ruleId;
bool m_secMarker; bool m_secMarker;
std::vector<Variables::Variable *> *m_variables; std::vector<Variables::Variable *> *m_variables;
std::string m_ver; std::string m_ver;

3
headers/modsecurity/rule_message.h
View File

@ -76,7 +76,8 @@ class RuleMessage {
return RuleMessage::log(this, props, responseCode); return RuleMessage::log(this, props, responseCode);
} }
std::string errorLog() { std::string errorLog() {
return RuleMessage::log(this, ClientLogMessageInfo | ErrorLogTailLogMessageInfo); return RuleMessage::log(this,
ClientLogMessageInfo | ErrorLogTailLogMessageInfo);
} }
static std::string log(const RuleMessage *rm, int props, int code); static std::string log(const RuleMessage *rm, int props, int code);

17
headers/modsecurity/rules_exceptions.h
View File

@ -48,26 +48,29 @@ class RulesExceptions {
bool addRange(int a, int b); bool addRange(int a, int b);
bool addNumber(int a); bool addNumber(int a);
bool contains(int a); bool contains(int a);
bool merge(RulesExceptions& from); bool merge(RulesExceptions *from);
bool loadRemoveRuleByMsg(const std::string &msg, std::string *error); bool loadRemoveRuleByMsg(const std::string &msg, std::string *error);
bool loadRemoveRuleByTag(const std::string &msg, std::string *error); bool loadRemoveRuleByTag(const std::string &msg, std::string *error);
bool loadUpdateTargetByMsg(const std::string &msg, bool loadUpdateTargetByMsg(const std::string &msg,
std::unique_ptr<std::vector<std::unique_ptr<Variables::Variable> > > var, std::unique_ptr<std::vector<std::unique_ptr<Variables::Variable> > > v,
std::string *error); std::string *error);
bool loadUpdateTargetByTag(const std::string &tag, bool loadUpdateTargetByTag(const std::string &tag,
std::unique_ptr<std::vector<std::unique_ptr<Variables::Variable> > > var, std::unique_ptr<std::vector<std::unique_ptr<Variables::Variable> > > v,
std::string *error); std::string *error);
bool loadUpdateTargetById(double id, bool loadUpdateTargetById(double id,
std::unique_ptr<std::vector<std::unique_ptr<Variables::Variable> > > var, std::unique_ptr<std::vector<std::unique_ptr<Variables::Variable> > > v,
std::string *error); std::string *error);
std::unordered_multimap<std::shared_ptr<std::string>, std::unique_ptr<Variables::Variable>> m_variable_update_target_by_tag; std::unordered_multimap<std::shared_ptr<std::string>,
std::unordered_multimap<std::shared_ptr<std::string>, std::unique_ptr<Variables::Variable>> m_variable_update_target_by_msg; std::unique_ptr<Variables::Variable>> m_variable_update_target_by_tag;
std::unordered_multimap<double, std::unique_ptr<Variables::Variable>> m_variable_update_target_by_id; std::unordered_multimap<std::shared_ptr<std::string>,
std::unique_ptr<Variables::Variable>> m_variable_update_target_by_msg;
std::unordered_multimap<double,
std::unique_ptr<Variables::Variable>> m_variable_update_target_by_id;
std::list<std::string> m_remove_rule_by_msg; std::list<std::string> m_remove_rule_by_msg;
std::list<std::string> m_remove_rule_by_tag; std::list<std::string> m_remove_rule_by_tag;

2
headers/modsecurity/rules_properties.h
View File

@ -355,7 +355,7 @@ class RulesProperties {
to->m_httpblKey.m_set = from->m_httpblKey.m_set; to->m_httpblKey.m_set = from->m_httpblKey.m_set;
} }
to->m_exceptions.merge(from->m_exceptions); to->m_exceptions.merge(&from->m_exceptions);
to->m_components.insert(to->m_components.end(), to->m_components.insert(to->m_components.end(),
from->m_components.begin(), from->m_components.end()); from->m_components.begin(), from->m_components.end());

2
headers/modsecurity/transaction.h
View File

@ -323,7 +323,7 @@ class Transaction : public TransactionAnchoredVariables {
size_t getRequestBodyLength(); size_t getRequestBodyLength();
#ifndef NO_LOGS #ifndef NO_LOGS
void debug(int, std::string); void debug(int, std::string) const;
#endif #endif
void serverLog(std::shared_ptr<RuleMessage> rm); void serverLog(std::shared_ptr<RuleMessage> rm);

3
src/actions/set_var.cc
View File

@ -155,7 +155,8 @@ bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) {
+ ":" + m_variableNameExpanded + " with value: " + targetValue); + ":" + m_variableNameExpanded + " with value: " + targetValue);
#endif #endif
transm_parser_payload->m_collections.storeOrUpdateFirst(m_collectionName, transm_parser_payload->m_collections.storeOrUpdateFirst(m_collectionName,
m_variableNameExpanded, transm_parser_payload->m_rules->m_secWebAppId.m_value, targetValue); m_variableNameExpanded,
transm_parser_payload->m_rules->m_secWebAppId.m_value, targetValue);
end: end:
return true; return true;

16
src/actions/transformations/url_decode_uni.cc
View File

@ -36,7 +36,7 @@ namespace transformations {
std::string UrlDecodeUni::evaluate(std::string value, std::string UrlDecodeUni::evaluate(std::string value,
Transaction *transaction) { Transaction *t) {
std::string ret; std::string ret;
unsigned char *input; unsigned char *input;
@ -49,7 +49,7 @@ std::string UrlDecodeUni::evaluate(std::string value,
memcpy(input, value.c_str(), value.length()+1); memcpy(input, value.c_str(), value.length()+1);
size_t i = inplace(input, value.length(), transaction); size_t i = inplace(input, value.length(), t);
ret.assign(reinterpret_cast<char *>(input), i); ret.assign(reinterpret_cast<char *>(input), i);
free(input); free(input);
@ -63,7 +63,7 @@ std::string UrlDecodeUni::evaluate(std::string value,
* IMP1 Assumes NUL-terminated * IMP1 Assumes NUL-terminated
*/ */
int UrlDecodeUni::inplace(unsigned char *input, uint64_t input_len, int UrlDecodeUni::inplace(unsigned char *input, uint64_t input_len,
Transaction *transaction) { Transaction *t) {
unsigned char *d = input; unsigned char *d = input;
int64_t i, count, fact, j, xv; int64_t i, count, fact, j, xv;
int Code, hmap = -1; int Code, hmap = -1;
@ -86,10 +86,10 @@ int UrlDecodeUni::inplace(unsigned char *input, uint64_t input_len,
Code = 0; Code = 0;
fact = 1; fact = 1;
if (transaction if (t
&& transaction->m_rules->m_unicodeMapTable.m_set == true && t->m_rules->m_unicodeMapTable.m_set == true
&& transaction->m_rules->m_unicodeMapTable.m_unicode_map_table != NULL && t->m_rules->m_unicodeMapTable.m_unicode_map_table != NULL
&& transaction->m_rules->unicode_codepage > 0) { && t->m_rules->unicode_codepage > 0) {
for (j = 5; j >= 2; j--) { for (j = 5; j >= 2; j--) {
if (isxdigit((input[i+j]))) { if (isxdigit((input[i+j]))) {
if (input[i+j] >= 97) { if (input[i+j] >= 97) {
@ -105,7 +105,7 @@ int UrlDecodeUni::inplace(unsigned char *input, uint64_t input_len,
} }
if (Code >= 0 && Code <= 65535) { if (Code >= 0 && Code <= 65535) {
Rules *r = transaction->m_rules; Rules *r = t->m_rules;
hmap = r->m_unicodeMapTable.m_unicode_map_table[Code]; hmap = r->m_unicodeMapTable.m_unicode_map_table[Code];
} }
} }

2
src/anchored_variable.cc
View File

@ -111,7 +111,7 @@ void AnchoredVariable::append(const std::string &a, size_t offset,
void AnchoredVariable::evaluate(std::vector<const collection::Variable *> *l) { void AnchoredVariable::evaluate(std::vector<const collection::Variable *> *l) {
if (m_name.empty() or m_value.empty()) { if (m_name.empty() || m_value.empty()) {
return; return;
} }

1
src/audit_log/writer/serial.h
View File

@ -47,7 +47,6 @@ class Serial : public Writer {
bool init(std::string *error) override; bool init(std::string *error) override;
bool write(Transaction *transaction, int parts, bool write(Transaction *transaction, int parts,
std::string *error) override; std::string *error) override;
}; };
} // namespace writer } // namespace writer

90
src/engine/lua.cc
View File

@ -14,16 +14,10 @@
*/ */
#include "modsecurity/modsecurity.h"
#include "src/engine/lua.h" #include "src/engine/lua.h"
#include "src/utils/string.h"
#include "src/macro_expansion.h" #include <stdio.h>
#include "modsecurity/transaction.h" #include <string.h>
#include "modsecurity/collection/variable.h"
#include "src/variables/variable.h"
#include "src/variables/highest_severity.h"
#include "src/utils/string.h"
#include "src/actions/transformations/transformation.h"
#include <vector> #include <vector>
#include <string> #include <string>
@ -32,8 +26,14 @@
#include <iterator> #include <iterator>
#include <iostream> #include <iostream>
#include <stdio.h> #include "modsecurity/modsecurity.h"
#include <string.h> #include "src/utils/string.h"
#include "src/macro_expansion.h"
#include "modsecurity/transaction.h"
#include "modsecurity/collection/variable.h"
#include "src/variables/variable.h"
#include "src/variables/highest_severity.h"
#include "src/actions/transformations/transformation.h"
namespace modsecurity { namespace modsecurity {
@ -46,8 +46,7 @@ bool Lua::isCompatible(std::string script, Lua *l, std::string *error) {
std::string err; std::string err;
if (!(script.size() >= lua.size() && if (!(script.size() >= lua.size() &&
script.compare(script.size() - lua.size(), lua.size(), lua) == 0)) script.compare(script.size() - lua.size(), lua.size(), lua) == 0)) {
{
error->assign("Expecting a Lua script: " + script); error->assign("Expecting a Lua script: " + script);
return false; return false;
} }
@ -84,7 +83,7 @@ bool Lua::load(std::string script, std::string *err) {
return false; return false;
} }
if (lua_dump(L, Lua::blob_keeper, (void *)&m_blob, 0)) { if (lua_dump(L, Lua::blob_keeper, reinterpret_cast<void *>(&m_blob), 0)) {
const char *luaerr = lua_tostring(L, -1); const char *luaerr = lua_tostring(L, -1);
err->assign("Failed to compile script '" + script + ""); err->assign("Failed to compile script '" + script + "");
if (luaerr) { if (luaerr) {
@ -129,7 +128,7 @@ int Lua::run(Transaction *t) {
luaL_newmetatable(L, "luaL_msc"); luaL_newmetatable(L, "luaL_msc");
lua_newtable(L); lua_newtable(L);
lua_pushlightuserdata(L, (void *)t); lua_pushlightuserdata(L, reinterpret_cast<void *>(t));
lua_setglobal(L, "__transaction"); lua_setglobal(L, "__transaction");
luaL_setfuncs(L, mscLuaLib, 0); luaL_setfuncs(L, mscLuaLib, 0);
@ -184,7 +183,7 @@ int Lua::run(Transaction *t) {
return false; return false;
} }
char *a = (char *)lua_tostring(L, -1); const char *a = reinterpret_cast<const char *>(lua_tostring(L, -1));
if (a != NULL) { if (a != NULL) {
luaRet.assign(a); luaRet.assign(a);
} }
@ -208,7 +207,7 @@ int Lua::run(Transaction *t) {
#ifdef WITH_LUA #ifdef WITH_LUA
int Lua::log(lua_State *L) { int Lua::log(lua_State *L) {
Transaction *t = NULL; const Transaction *t = NULL;
const char *text; const char *text;
int level; int level;
@ -218,7 +217,7 @@ int Lua::log(lua_State *L) {
/* Retrieve msr. */ /* Retrieve msr. */
lua_getglobal(L, "__transaction"); lua_getglobal(L, "__transaction");
t = (Transaction *)lua_topointer(L, -1); t = reinterpret_cast<const Transaction *>(lua_topointer(L, -1));
/* Log message. */ /* Log message. */
if (t != NULL) { if (t != NULL) {
@ -230,14 +229,16 @@ int Lua::log(lua_State *L) {
int Lua::getvar(lua_State *L) { int Lua::getvar(lua_State *L) {
char *varname = NULL; const char *varname = NULL;
Transaction *t = NULL; Transaction *t = NULL;
void *z = NULL;
/* Retrieve parameters. */ /* Retrieve parameters. */
varname = (char *)luaL_checkstring(L, 1); varname = reinterpret_cast<const char *>(luaL_checkstring(L, 1));
lua_getglobal(L, "__transaction"); lua_getglobal(L, "__transaction");
t = (Transaction *)lua_topointer(L, -1); z = const_cast<void *>(lua_topointer(L, -1));
t = reinterpret_cast<Transaction *>(z);
std::string var = Variables::Variable::stringMatchResolve(t, varname); std::string var = Variables::Variable::stringMatchResolve(t, varname);
var = applyTransformations(L, t, 2, var); var = applyTransformations(L, t, 2, var);
@ -254,16 +255,18 @@ int Lua::getvar(lua_State *L) {
int Lua::getvars(lua_State *L) { int Lua::getvars(lua_State *L) {
char *varname = NULL; const char *varname = NULL;
Transaction *t = NULL; Transaction *t = NULL;
void *z = NULL;
std::vector<const collection::Variable *> l; std::vector<const collection::Variable *> l;
int idx = 1; int idx = 1;
/* Retrieve parameters. */ /* Retrieve parameters. */
varname = (char *)luaL_checkstring(L, 1); varname = reinterpret_cast<const char *>(luaL_checkstring(L, 1));
lua_getglobal(L, "__transaction"); lua_getglobal(L, "__transaction");
t = (Transaction *)lua_topointer(L, -1); z = const_cast<void *>(lua_topointer(L, -1));
t = reinterpret_cast<Transaction *>(z);
Variables::Variable::stringMatchResolveMulti(t, varname, &l); Variables::Variable::stringMatchResolveMulti(t, varname, &l);
@ -298,9 +301,12 @@ int Lua::setvar(lua_State *L) {
int nargs = lua_gettop(L); int nargs = lua_gettop(L);
char *chr = NULL; char *chr = NULL;
size_t pos; size_t pos;
void *z = NULL;
lua_getglobal(L, "__transaction"); lua_getglobal(L, "__transaction");
t = (Transaction *)lua_topointer(L, -1); z = const_cast<void *>(lua_topointer(L, -1));
t = reinterpret_cast<Transaction *>(z);
if (nargs != 2) { if (nargs != 2) {
t->debug(8, "m.setvar: Failed m.setvar funtion must has 2 arguments"); t->debug(8, "m.setvar: Failed m.setvar funtion must has 2 arguments");
@ -334,7 +340,8 @@ int Lua::setvar(lua_State *L) {
} }
std::string Lua::applyTransformations(lua_State *L, Transaction *t, int idx, std::string var) { std::string Lua::applyTransformations(lua_State *L, Transaction *t,
int idx, std::string var) {
std::string newVar = var; std::string newVar = var;
if (lua_isuserdata(L, idx) || lua_isnoneornil(L, idx)) { if (lua_isuserdata(L, idx) || lua_isnoneornil(L, idx)) {
@ -342,12 +349,12 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t, int idx, std
} }
if (lua_istable(L, idx)) { if (lua_istable(L, idx)) {
char *name = NULL; const char *name = NULL;
int i, n = lua_rawlen(L, idx); int i, n = lua_rawlen(L, idx);
for (i = 1; i <= n; i++) { for (i = 1; i <= n; i++) {
lua_rawgeti(L, idx, i); lua_rawgeti(L, idx, i);
name = (char *)luaL_checkstring(L, -1); name = reinterpret_cast<const char *>(luaL_checkstring(L, -1));
/* A "none" means start over */ /* A "none" means start over */
if (strcmp("none", name) == 0) { if (strcmp("none", name) == 0) {
@ -355,12 +362,15 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t, int idx, std
continue; continue;
} }
actions::transformations::Transformation *tfn = actions::transformations::Transformation::instantiate("t:" + std::string(name)); actions::transformations::Transformation *tfn = \
// FIXME: transformation is not yet returning null. actions::transformations::Transformation::instantiate(
"t:" + std::string(name));
// FIXME: transformation is not yet returning null.
if (tfn) { if (tfn) {
newVar = tfn->evaluate(newVar, t); newVar = tfn->evaluate(newVar, t);
} else { } else {
t->debug(1, "SecRuleScript: Invalid transformation function: " + std::string(name)); t->debug(1, "SecRuleScript: Invalid transformation function: " \
+ std::string(name));
} }
} }
@ -368,14 +378,19 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t, int idx, std
} }
if (lua_isstring(L, idx)) { if (lua_isstring(L, idx)) {
char *name = (char *)luaL_checkstring(L, idx); const char *name = NULL;
name = reinterpret_cast<const char *>(luaL_checkstring(L, idx));
actions::transformations::Transformation *tfn = actions::transformations::Transformation::instantiate("t:" + std::string(name)); actions::transformations::Transformation *tfn = \
// FIXME: transformation is not yet returning null. actions::transformations::Transformation::instantiate(
"t:" + std::string(name));
// FIXME: transformation is not yet returning null.
if (tfn) { if (tfn) {
newVar = tfn->evaluate(newVar, t); newVar = tfn->evaluate(newVar, t);
} else { } else {
t->debug(1, "SecRuleScript: Invalid transformation function: " + std::string(name)); t->debug(1, "SecRuleScript: Invalid transformation function: " \
+ std::string(name));
} }
return newVar; return newVar;
} }
@ -389,5 +404,6 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t, int idx, std
} }
#endif #endif
} // namespace engines } // namespace engine
} // namespace modsecurity } // namespace modsecurity

18
src/engine/lua.h
View File

@ -20,10 +20,10 @@
#include <iostream> #include <iostream>
#include <cstdint> #include <cstdint>
#include <cstring> #include <cstring>
#include <string>
#ifndef SRC_ENGINE_LUA_H_
#ifndef SRC_ENGINES_LUA_H_ #define SRC_ENGINE_LUA_H_
#define SRC_ENGINES_LUA_H_
namespace modsecurity { namespace modsecurity {
class Transaction; class Transaction;
@ -34,7 +34,7 @@ class LuaScriptBlob {
public: public:
LuaScriptBlob() : LuaScriptBlob() :
m_data(NULL), m_data(NULL),
m_len(0) { }; m_len(0) { }
~LuaScriptBlob() { ~LuaScriptBlob() {
if (m_data) { if (m_data) {
@ -66,7 +66,7 @@ class LuaScriptBlob {
class Lua { class Lua {
public: public:
Lua() { }; Lua() { }
bool load(std::string script, std::string *err); bool load(std::string script, std::string *err);
int run(Transaction *t); int run(Transaction *t);
@ -80,8 +80,8 @@ class Lua {
static int getvar(lua_State *L); static int getvar(lua_State *L);
static int getvars(lua_State *L); static int getvars(lua_State *L);
static int setvar(lua_State *L); static int setvar(lua_State *L);
static std::string applyTransformations(lua_State *L, Transaction *t, int idx, static std::string applyTransformations(lua_State *L, Transaction *t,
std::string var); int idx, std::string var);
LuaScriptBlob m_blob; LuaScriptBlob m_blob;
#endif #endif
@ -98,7 +98,7 @@ static const struct luaL_Reg mscLuaLib[] = {
}; };
#endif #endif
} // namespace engines } // namespace engine
} // namespace modsecurity } // namespace modsecurity
#endif // SRC_ENGINES_LUA_H_ #endif // SRC_ENGINE_LUA_H_

5
src/macro_expansion.h
View File

@ -39,13 +39,14 @@ class MacroExpansion {
static std::string expandKeepOriginal(const std::string& input, static std::string expandKeepOriginal(const std::string& input,
Transaction *transaction); Transaction *transaction);
static inline bool compareStrNoCase(const std::string &a, const std::string &b) { static inline bool compareStrNoCase(const std::string &a,
const std::string &b) {
return a.size() == b.size() return a.size() == b.size()
&& std::equal(a.begin(), a.end(), b.begin(), && std::equal(a.begin(), a.end(), b.begin(),
[](char aa, char bb) { [](char aa, char bb) {
return toupper(aa) == bb; return toupper(aa) == bb;
}); });
}; }
}; };

36
src/modsecurity.cc
View File

@ -13,28 +13,30 @@
* *
*/ */
#include <ctime>
#include <iostream>
#include <libxml/xmlschemas.h>
#include <libxml/xpath.h>
#include "modsecurity/modsecurity.h" #include "modsecurity/modsecurity.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
#include "src/collection/backend/in_memory-per_process.h"
#include "src/collection/backend/lmdb.h"
#include "src/config.h" #include "src/config.h"
#include "src/unique_id.h"
#include "src/utils/regex.h"
#ifdef MSC_WITH_CURL
#include <curl/curl.h>
#endif
#ifdef WITH_YAJL #ifdef WITH_YAJL
#include <yajl/yajl_tree.h> #include <yajl/yajl_tree.h>
#include <yajl/yajl_gen.h> #include <yajl/yajl_gen.h>
#endif #endif
#include <libxml/xmlschemas.h>
#include <libxml/xpath.h>
#ifdef MSC_WITH_CURL
#include <curl/curl.h>
#endif
#include <ctime>
#include <iostream>
#include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
#include "src/collection/backend/in_memory-per_process.h"
#include "src/collection/backend/lmdb.h"
#include "src/unique_id.h"
#include "src/utils/regex.h"
#include "src/utils/geo_lookup.h" #include "src/utils/geo_lookup.h"
#include "src/actions/transformations/transformation.h" #include "src/actions/transformations/transformation.h"
@ -303,14 +305,16 @@ int ModSecurity::processContentOffset(const char *content, size_t len,
reinterpret_cast<const unsigned char*>(trans.back().match.c_str()), reinterpret_cast<const unsigned char*>(trans.back().match.c_str()),
trans.back().match.size()); trans.back().match.size());
t = modsecurity::actions::transformations::Transformation::instantiate(trans.back().match.c_str()); t = modsecurity::actions::transformations::Transformation::instantiate(
trans.back().match.c_str());
varValueRes = t->evaluate(varValue, NULL); varValueRes = t->evaluate(varValue, NULL);
varValue.assign(varValueRes); varValue.assign(varValueRes);
trans.pop_back(); trans.pop_back();
yajl_gen_string(g, reinterpret_cast<const unsigned char*>("value"), yajl_gen_string(g, reinterpret_cast<const unsigned char*>("value"),
strlen("value")); strlen("value"));
yajl_gen_string(g, reinterpret_cast<const unsigned char*>(varValue.c_str()), yajl_gen_string(g, reinterpret_cast<const unsigned char*>(
varValue.c_str()),
varValue.size()); varValue.size());
yajl_gen_map_close(g); yajl_gen_map_close(g);
} }

16
src/operators/fuzzy_hash.cc
View File

@ -56,7 +56,8 @@ bool FuzzyHash::init(const std::string &param2, std::string *error) {
} }
for (std::string line; std::getline(*iss, line); ) { for (std::string line; std::getline(*iss, line); ) {
chunk = (struct fuzzy_hash_chunk *)calloc(1, sizeof(struct fuzzy_hash_chunk)); chunk = (struct fuzzy_hash_chunk *)calloc(1,
sizeof(struct fuzzy_hash_chunk));
chunk->data = strdup(line.c_str()); chunk->data = strdup(line.c_str());
chunk->next = NULL; chunk->next = NULL;
@ -77,7 +78,8 @@ bool FuzzyHash::init(const std::string &param2, std::string *error) {
delete iss; delete iss;
return true; return true;
#else #else
error->assign("@fuzzyHash: SSDEEP support was not enabled during the compilation."); error->assign("@fuzzyHash: SSDEEP support was not enabled " \
"during the compilation.");
return false; return false;
#endif #endif
} }
@ -89,17 +91,15 @@ bool FuzzyHash::evaluate(Transaction *t, const std::string &str) {
char result[FUZZY_MAX_RESULT]; char result[FUZZY_MAX_RESULT];
struct fuzzy_hash_chunk *chunk = m_head; struct fuzzy_hash_chunk *chunk = m_head;
if (fuzzy_hash_buf((const unsigned char*)str.c_str(), str.size(), result)) if (fuzzy_hash_buf((const unsigned char*)str.c_str(),
{ str.size(), result)) {
t->debug(4, "Problems generating fuzzy hash"); t->debug(4, "Problems generating fuzzy hash");
return false; return false;
} }
while (chunk != NULL) while (chunk != NULL) {
{
int i = fuzzy_compare(chunk->data, result); int i = fuzzy_compare(chunk->data, result);
if (i >= m_threshold) if (i >= m_threshold) {
{
t->debug(4, "Fuzzy hash: matched " \ t->debug(4, "Fuzzy hash: matched " \
"with score: " + std::to_string(i) + "."); "with score: " + std::to_string(i) + ".");
return true; return true;

2
src/operators/fuzzy_hash.h
View File

@ -19,7 +19,7 @@
#include <string> #include <string>
#ifdef WITH_SSDEEP #ifdef WITH_SSDEEP
#include "fuzzy.h" #include <fuzzy.h>
#endif #endif
#include "src/operators/operator.h" #include "src/operators/operator.h"

5
src/operators/inspect_file.cc
View File

@ -15,9 +15,10 @@
#include "src/operators/inspect_file.h" #include "src/operators/inspect_file.h"
#include <stdio.h>
#include <string> #include <string>
#include <iostream> #include <iostream>
#include <stdio.h>
#include "src/operators/operator.h" #include "src/operators/operator.h"
#include "src/utils/system.h" #include "src/utils/system.h"
@ -61,7 +62,7 @@ bool InspectFile::evaluate(Transaction *transaction, const std::string &str) {
openstr.append(m_param); openstr.append(m_param);
openstr.append(" "); openstr.append(" ");
openstr.append(str); openstr.append(str);
if (!(in = popen(openstr.c_str(), "r"))){ if (!(in = popen(openstr.c_str(), "r"))) {
return false; return false;
} }

1
src/operators/pm.h
View File

@ -57,6 +57,7 @@ class Pm : public Operator {
ACMP *m_p; ACMP *m_p;
#ifdef MODSEC_MUTEX_ON_PM #ifdef MODSEC_MUTEX_ON_PM
private: private:
pthread_mutex_t m_lock; pthread_mutex_t m_lock;
#endif #endif

43
src/operators/verify_cpf.cc
View File

@ -16,23 +16,24 @@
#include "src/operators/verify_cpf.h" #include "src/operators/verify_cpf.h"
#include <string> #include <string>
#include <list>
#include "src/operators/operator.h" #include "src/operators/operator.h"
namespace modsecurity { namespace modsecurity {
namespace operators { namespace operators {
int VerifyCPF::convert_to_int(const char c) int VerifyCPF::convert_to_int(const char c) {
{
int n; int n;
if ((c>='0') && (c<='9')) if ((c >= '0') && (c <= '9')) {
n = c - '0'; n = c - '0';
else if ((c>='A') && (c<='F')) } else if ((c >= 'A') && (c <= 'F')) {
n = c - 'A' + 10; n = c - 'A' + 10;
else if ((c>='a') && (c<='f')) } else if ((c >= 'a') && (c <= 'f')) {
n = c - 'a' + 10; n = c - 'a' + 10;
else } else {
n = 0; n = 0;
}
return n; return n;
} }
@ -53,12 +54,9 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {
"88888888888", "88888888888",
"99999999999"}; "99999999999"};
while ((*cpfnumber != '\0') && ( var_len > 0)) while ((*cpfnumber != '\0') && (var_len > 0)) {
{ if (*cpfnumber != '-' || *cpfnumber != '.') {
if (*cpfnumber != '-' || *cpfnumber != '.') if (i < cpf_len && isdigit(*cpfnumber)) {
{
if (i < cpf_len && isdigit(*cpfnumber))
{
s_cpf[i] = *cpfnumber; s_cpf[i] = *cpfnumber;
cpf[i] = convert_to_int(*cpfnumber); cpf[i] = convert_to_int(*cpfnumber);
i++; i++;
@ -69,16 +67,11 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {
} }
if (i != cpf_len) if (i != cpf_len) {
{
return 0; return 0;
} } else {
else for (i = 0; i< cpf_len; i++) {
{ if (strncmp(s_cpf, bad_cpf[i], cpf_len) == 0) {
for (i = 0; i< cpf_len; i++)
{
if (strncmp(s_cpf,bad_cpf[i],cpf_len) == 0)
{
return 0; return 0;
} }
} }
@ -95,7 +88,7 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {
factor = (sum % cpf_len); factor = (sum % cpf_len);
if(factor < 2) { if (factor < 2) {
cpf[9] = 0; cpf[9] = 0;
} else { } else {
cpf[9] = cpf_len-factor; cpf[9] = cpf_len-factor;
@ -104,8 +97,9 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {
sum = 0; sum = 0;
c = cpf_len; c = cpf_len;
for (i = 0;i < 10; i++) for (i = 0; i < 10; i++) {
sum += (cpf[i] * c--); sum += (cpf[i] * c--);
}
factor = (sum % cpf_len); factor = (sum % cpf_len);
@ -115,8 +109,7 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {
cpf[10] = cpf_len-factor; cpf[10] = cpf_len-factor;
} }
if (part_1 == cpf[9] && part_2 == cpf[10]) if (part_1 == cpf[9] && part_2 == cpf[10]) {
{
return true; return true;
} }

1
src/operators/verify_cpf.h
View File

@ -17,6 +17,7 @@
#define SRC_OPERATORS_VERIFY_CPF_H_ #define SRC_OPERATORS_VERIFY_CPF_H_
#include <string> #include <string>
#include <memory>
#include "src/operators/operator.h" #include "src/operators/operator.h"
#include "src/utils/regex.h" #include "src/utils/regex.h"

14
src/operators/verify_ssn.cc
View File

@ -16,23 +16,25 @@
#include "src/operators/verify_ssn.h" #include "src/operators/verify_ssn.h"
#include <string> #include <string>
#include <memory>
#include <list>
#include "src/operators/operator.h" #include "src/operators/operator.h"
namespace modsecurity { namespace modsecurity {
namespace operators { namespace operators {
int VerifySSN::convert_to_int(const char c) int VerifySSN::convert_to_int(const char c) {
{
int n; int n;
if ((c>='0') && (c<='9')) if ((c >= '0') && (c <= '9')) {
n = c - '0'; n = c - '0';
else if ((c>='A') && (c<='F')) } else if ((c >= 'A') && (c <= 'F')) {
n = c - 'A' + 10; n = c - 'A' + 10;
else if ((c>='a') && (c<='f')) } else if ((c >= 'a') && (c <= 'f')) {
n = c - 'a' + 10; n = c - 'a' + 10;
else } else {
n = 0; n = 0;
}
return n; return n;
} }

1
src/operators/verify_ssn.h
View File

@ -17,6 +17,7 @@
#define SRC_OPERATORS_VERIFY_SSN_H_ #define SRC_OPERATORS_VERIFY_SSN_H_
#include <string> #include <string>
#include <memory>
#include "src/operators/operator.h" #include "src/operators/operator.h"
#include "src/utils/regex.h" #include "src/utils/regex.h"

18
src/request_body_processor/json.cc
View File

@ -117,7 +117,8 @@ int JSON::addArgument(const std::string& value) {
std::string path; std::string path;
for (size_t i = 0; i < m_containers.size(); i++) { for (size_t i = 0; i < m_containers.size(); i++) {
JSONContainerArray *a = dynamic_cast<JSONContainerArray *>(m_containers[i]); JSONContainerArray *a = dynamic_cast<JSONContainerArray *>(
m_containers[i]);
path = path + m_containers[i]->m_name; path = path + m_containers[i]->m_name;
if (a != NULL) { if (a != NULL) {
path = path + ".array_" + std::to_string(a->m_elementCounter); path = path + ".array_" + std::to_string(a->m_elementCounter);
@ -126,7 +127,8 @@ int JSON::addArgument(const std::string& value) {
} }
} }
JSONContainerArray *a = dynamic_cast<JSONContainerArray *>(m_containers.back()); JSONContainerArray *a = dynamic_cast<JSONContainerArray *>(
m_containers.back());
if (a) { if (a) {
a->m_elementCounter++; a->m_elementCounter++;
} else { } else {
@ -212,7 +214,8 @@ int JSON::yajl_number(void *ctx, const char *value, size_t length) {
int JSON::yajl_start_array(void *ctx) { int JSON::yajl_start_array(void *ctx) {
JSON *tthis = reinterpret_cast<JSON *>(ctx); JSON *tthis = reinterpret_cast<JSON *>(ctx);
std::string name = tthis->getCurrentKey(); std::string name = tthis->getCurrentKey();
tthis->m_containers.push_back((JSONContainer *)new JSONContainerArray(name)); tthis->m_containers.push_back(
reinterpret_cast<JSONContainer *>(new JSONContainerArray(name)));
return 1; return 1;
} }
@ -223,7 +226,8 @@ int JSON::yajl_end_array(void *ctx) {
tthis->m_containers.pop_back(); tthis->m_containers.pop_back();
delete a; delete a;
if (tthis->m_containers.size() > 0) { if (tthis->m_containers.size() > 0) {
JSONContainerArray *a = dynamic_cast<JSONContainerArray *>(tthis->m_containers.back()); JSONContainerArray *a = dynamic_cast<JSONContainerArray *>(
tthis->m_containers.back());
if (a) { if (a) {
a->m_elementCounter++; a->m_elementCounter++;
} }
@ -236,7 +240,8 @@ int JSON::yajl_end_array(void *ctx) {
int JSON::yajl_start_map(void *ctx) { int JSON::yajl_start_map(void *ctx) {
JSON *tthis = reinterpret_cast<JSON *>(ctx); JSON *tthis = reinterpret_cast<JSON *>(ctx);
std::string name(tthis->getCurrentKey()); std::string name(tthis->getCurrentKey());
tthis->m_containers.push_back((JSONContainer *)new JSONContainerMap(name)); tthis->m_containers.push_back(
reinterpret_cast<JSONContainer *>(new JSONContainerMap(name)));
return 1; return 1;
} }
@ -252,7 +257,8 @@ int JSON::yajl_end_map(void *ctx) {
delete a; delete a;
if (tthis->m_containers.size() > 0) { if (tthis->m_containers.size() > 0) {
JSONContainerArray *a = dynamic_cast<JSONContainerArray *>(tthis->m_containers.back()); JSONContainerArray *a = dynamic_cast<JSONContainerArray *>(
tthis->m_containers.back());
if (a) { if (a) {
a->m_elementCounter++; a->m_elementCounter++;
} }

12
src/request_body_processor/json.h
View File

@ -23,6 +23,7 @@
#include <string> #include <string>
#include <iostream> #include <iostream>
#include <deque>
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rules.h" #include "modsecurity/rules.h"
@ -35,15 +36,15 @@ namespace RequestBodyProcessor {
class JSONContainer { class JSONContainer {
public: public:
JSONContainer(std::string name) : m_name(name) { }; explicit JSONContainer(std::string name) : m_name(name) { }
virtual ~JSONContainer() { }; virtual ~JSONContainer() { }
std::string m_name; std::string m_name;
}; };
class JSONContainerArray : public JSONContainer { class JSONContainerArray : public JSONContainer {
public: public:
JSONContainerArray(std::string name) : JSONContainer(name), explicit JSONContainerArray(std::string name) : JSONContainer(name),
m_elementCounter(0) { } m_elementCounter(0) { }
size_t m_elementCounter; size_t m_elementCounter;
}; };
@ -51,7 +52,7 @@ class JSONContainerArray : public JSONContainer {
class JSONContainerMap : public JSONContainer { class JSONContainerMap : public JSONContainer {
public: public:
JSONContainerMap(std::string name) : JSONContainer(name) { } explicit JSONContainerMap(std::string name) : JSONContainer(name) { }
}; };
@ -89,7 +90,8 @@ class JSON {
if (m_containers.size() < 1) { if (m_containers.size() < 1) {
return false; return false;
} }
prev = dynamic_cast<JSONContainerArray *>(m_containers[m_containers.size() - 1]); prev = dynamic_cast<JSONContainerArray *>(
m_containers[m_containers.size() - 1]);
return prev != NULL; return prev != NULL;
} }

42
src/rule.cc
View File

@ -265,9 +265,11 @@ void Rule::executeActionsIndependentOfChainedRuleResult(Transaction *trans,
*containsDisruptive = true; *containsDisruptive = true;
} }
} else { } else {
if (a->m_name == "setvar" || a->m_name == "msg" || a->m_name == "log") { if (a->m_name == "setvar" || a->m_name == "msg"
|| a->m_name == "log") {
#ifndef NO_LOGS #ifndef NO_LOGS
trans->debug(4, "Running [independent] (non-disruptive) action: " + a->m_name); trans->debug(4, "Running [independent] (non-disruptive) " \
"action: " + a->m_name);
#endif #endif
a->evaluate(this, trans, ruleMessage); a->evaluate(this, trans, ruleMessage);
} }
@ -438,9 +440,11 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
std::vector<Variables::Variable *> variables; std::vector<Variables::Variable *> variables;
std::vector<std::unique_ptr<collection::Variable>> finalVars; std::vector<std::unique_ptr<collection::Variable>> finalVars;
std::copy (m_variables->begin(), m_variables->end(), std::back_inserter(variables)); std::copy(m_variables->begin(), m_variables->end(),
std::back_inserter(variables));
for (auto &a : trans->m_rules->m_exceptions.m_variable_update_target_by_tag) { for (auto &a :
trans->m_rules->m_exceptions.m_variable_update_target_by_tag) {
if (containsTag(*a.first.get(), trans) == false) { if (containsTag(*a.first.get(), trans) == false) {
continue; continue;
} }
@ -448,10 +452,12 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
std::vector<const collection::Variable *> z; std::vector<const collection::Variable *> z;
a.second->evaluate(trans, this, &z); a.second->evaluate(trans, this, &z);
for (auto &y : z) { for (auto &y : z) {
exclusions_update_by_tag_remove.push_back(std::string(y->m_key)); exclusions_update_by_tag_remove.push_back(
std::string(y->m_key));
delete y; delete y;
} }
exclusions_update_by_tag_remove.push_back(std::string(a.second->m_name)); exclusions_update_by_tag_remove.push_back(
std::string(a.second->m_name));
} else { } else {
Variable *b = a.second.get(); Variable *b = a.second.get();
@ -459,7 +465,8 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
} }
} }
for (auto &a : trans->m_rules->m_exceptions.m_variable_update_target_by_msg) { for (auto &a :
trans->m_rules->m_exceptions.m_variable_update_target_by_msg) {
if (containsMsg(*a.first.get(), trans) == false) { if (containsMsg(*a.first.get(), trans) == false) {
continue; continue;
} }
@ -467,10 +474,12 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
std::vector<const collection::Variable *> z; std::vector<const collection::Variable *> z;
a.second->evaluate(trans, this, &z); a.second->evaluate(trans, this, &z);
for (auto &y : z) { for (auto &y : z) {
exclusions_update_by_msg_remove.push_back(std::string(y->m_key)); exclusions_update_by_msg_remove.push_back(
std::string(y->m_key));
delete y; delete y;
} }
exclusions_update_by_msg_remove.push_back(std::string(a.second->m_name)); exclusions_update_by_msg_remove.push_back(
std::string(a.second->m_name));
} else { } else {
Variable *b = a.second.get(); Variable *b = a.second.get();
@ -478,7 +487,8 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
} }
} }
for (auto &a : trans->m_rules->m_exceptions.m_variable_update_target_by_id) { for (auto &a :
trans->m_rules->m_exceptions.m_variable_update_target_by_id) {
if (m_ruleId != a.first) { if (m_ruleId != a.first) {
continue; continue;
} }
@ -489,7 +499,8 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
exclusions_update_by_id_remove.push_back(std::string(y->m_key)); exclusions_update_by_id_remove.push_back(std::string(y->m_key));
delete y; delete y;
} }
exclusions_update_by_id_remove.push_back(std::string(a.second->m_name)); exclusions_update_by_id_remove.push_back(
std::string(a.second->m_name));
} else { } else {
Variable *b = a.second.get(); Variable *b = a.second.get();
variables.push_back(b); variables.push_back(b);
@ -567,7 +578,8 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
!= exclusions_update_by_id_remove.end()) { != exclusions_update_by_id_remove.end()) {
#ifndef NO_LOGS #ifndef NO_LOGS
trans->debug(9, "Variable: " + key + trans->debug(9, "Variable: " + key +
" is part of the exclusion list (from update by ID), skipping..."); " is part of the exclusion list (from " \
"update by ID), skipping...");
#endif #endif
delete v; delete v;
v = NULL; v = NULL;
@ -646,7 +658,8 @@ std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
continue; continue;
} }
std::unique_ptr<collection::Variable> var(new collection::Variable(v)); std::unique_ptr<collection::Variable> var(
new collection::Variable(v));
delete v; delete v;
v = NULL; v = NULL;
finalVars.push_back(std::move(var)); finalVars.push_back(std::move(var));
@ -705,7 +718,8 @@ void Rule::executeActionsAfterFullMatch(Transaction *trans,
if (a->m_name != "setvar" && a->m_name != "log" if (a->m_name != "setvar" && a->m_name != "log"
&& a->m_name != "msg") { && a->m_name != "msg") {
#ifndef NO_LOGS #ifndef NO_LOGS
trans->debug(4, "Running (non-disruptive) action: " + a->m_name); trans->debug(4, "Running (non-disruptive) action: " \
+ a->m_name);
#endif #endif
a->evaluate(this, trans, ruleMessage); a->evaluate(this, trans, ruleMessage);
} }

11
src/rule_message.cc
View File

@ -69,21 +69,16 @@ std::string RuleMessage::log(const RuleMessage *rm, int props, int code) {
msg.append("[client " + std::string(rm->m_clientIpAddress) + "] "); msg.append("[client " + std::string(rm->m_clientIpAddress) + "] ");
} }
if (rm->m_isDisruptive) if (rm->m_isDisruptive) {
{
msg.append("ModSecurity: Access denied with code "); msg.append("ModSecurity: Access denied with code ");
if (code == -1) { if (code == -1) {
msg.append("%d"); msg.append("%d");
} } else {
else
{
msg.append(std::to_string(code)); msg.append(std::to_string(code));
} }
msg.append(" (phase "); msg.append(" (phase ");
msg.append(std::to_string(rm->m_rule->m_phase - 1) + "). "); msg.append(std::to_string(rm->m_rule->m_phase - 1) + "). ");
} } else {
else
{
msg.append("ModSecurity: Warning. "); msg.append("ModSecurity: Warning. ");
} }

9
src/rule_script.h
View File

@ -15,6 +15,9 @@
*/ */
#include <string> #include <string>
#include <memory>
#include <vector>
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/engine/lua.h" #include "src/engine/lua.h"
#include "src/operators/operator.h" #include "src/operators/operator.h"
@ -45,9 +48,9 @@ class RuleScript : public Rule {
RuleScript(std::string name, RuleScript(std::string name,
std::vector<Action *> *actions, std::vector<Action *> *actions,
std::string fileName, std::string fileName,
int lineNumber int lineNumber)
) : Rule (NULL, NULL, actions, fileName, lineNumber), : Rule(NULL, NULL, actions, fileName, lineNumber),
m_name(name) { }; m_name(name) { }
bool init(std::string *err); bool init(std::string *err);
bool evaluate(Transaction *trans, bool evaluate(Transaction *trans,

6
src/rules.cc
View File

@ -206,7 +206,8 @@ int Rules::evaluate(int phase, Transaction *transaction) {
if (m_exceptions.m_remove_rule_by_msg.empty() == false) { if (m_exceptions.m_remove_rule_by_msg.empty() == false) {
for (auto &z : m_exceptions.m_remove_rule_by_msg) { for (auto &z : m_exceptions.m_remove_rule_by_msg) {
if (rule->containsMsg(z, transaction) == true) { if (rule->containsMsg(z, transaction) == true) {
debug(9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \ debug(9, "Skipped rule id '" \
+ std::to_string(rule->m_ruleId) \
+ "'. Removed by a SecRuleRemoveByMsg directive."); + "'. Removed by a SecRuleRemoveByMsg directive.");
return 1; return 1;
} }
@ -216,7 +217,8 @@ int Rules::evaluate(int phase, Transaction *transaction) {
if (m_exceptions.m_remove_rule_by_tag.empty() == false) { if (m_exceptions.m_remove_rule_by_tag.empty() == false) {
for (auto &z : m_exceptions.m_remove_rule_by_tag) { for (auto &z : m_exceptions.m_remove_rule_by_tag) {
if (rule->containsTag(z, transaction) == true) { if (rule->containsTag(z, transaction) == true) {
debug(9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \ debug(9, "Skipped rule id '" \
+ std::to_string(rule->m_ruleId) \
+ "'. Removed by a SecRuleRemoveByTag directive."); + "'. Removed by a SecRuleRemoveByTag directive.");
return 1; return 1;
} }

46
src/rules_exceptions.cc
View File

@ -51,7 +51,11 @@ bool RulesExceptions::loadUpdateTargetByMsg(const std::string &msg,
std::unique_ptr<std::vector<std::unique_ptr<Variables::Variable> > > var, std::unique_ptr<std::vector<std::unique_ptr<Variables::Variable> > > var,
std::string *error) { std::string *error) {
for (auto &i : *var) { for (auto &i : *var) {
m_variable_update_target_by_msg.emplace(std::pair<std::shared_ptr<std::string>, std::unique_ptr<Variables::Variable>>(std::make_shared<std::string>(msg), std::move(i))); m_variable_update_target_by_msg.emplace(
std::pair<std::shared_ptr<std::string>,
std::unique_ptr<Variables::Variable>>(
std::make_shared<std::string>(msg),
std::move(i)));
} }
return true; return true;
@ -63,7 +67,10 @@ bool RulesExceptions::loadUpdateTargetByTag(const std::string &tag,
std::string *error) { std::string *error) {
for (auto &i : *var) { for (auto &i : *var) {
m_variable_update_target_by_tag.emplace(std::pair<std::shared_ptr<std::string>, std::unique_ptr<Variables::Variable>>(std::make_shared<std::string>(tag), std::move(i))); m_variable_update_target_by_tag.emplace(
std::pair<std::shared_ptr<std::string>,
std::unique_ptr<Variables::Variable>>(
std::make_shared<std::string>(tag), std::move(i)));
} }
return true; return true;
@ -75,7 +82,9 @@ bool RulesExceptions::loadUpdateTargetById(double id,
std::string *error) { std::string *error) {
for (auto &i : *var) { for (auto &i : *var) {
m_variable_update_target_by_id.emplace(std::pair<double, std::unique_ptr<Variables::Variable>>(id , std::move(i))); m_variable_update_target_by_id.emplace(
std::pair<double,
std::unique_ptr<Variables::Variable>>(id , std::move(i)));
} }
return true; return true;
@ -168,37 +177,46 @@ bool RulesExceptions::contains(int a) {
} }
bool RulesExceptions::merge(RulesExceptions& from) { bool RulesExceptions::merge(RulesExceptions *from) {
for (int a : from.m_numbers) { for (int a : from->m_numbers) {
bool ret = addNumber(a); bool ret = addNumber(a);
if (ret == false) { if (ret == false) {
return ret; return ret;
} }
} }
for (auto b : from.m_ranges) { for (auto b : from->m_ranges) {
bool ret = addRange(b.first, b.second); bool ret = addRange(b.first, b.second);
if (ret == false) { if (ret == false) {
return ret; return ret;
} }
} }
for (auto &p : from.m_variable_update_target_by_tag) { for (auto &p : from->m_variable_update_target_by_tag) {
m_variable_update_target_by_tag.emplace(std::pair<std::shared_ptr<std::string>, std::unique_ptr<Variables::Variable>>(p.first, std::move(p.second))); m_variable_update_target_by_tag.emplace(
std::pair<std::shared_ptr<std::string>,
std::unique_ptr<Variables::Variable>>(p.first,
std::move(p.second)));
} }
for (auto &p : from.m_variable_update_target_by_msg) { for (auto &p : from->m_variable_update_target_by_msg) {
m_variable_update_target_by_msg.emplace(std::pair<std::shared_ptr<std::string>, std::unique_ptr<Variables::Variable>>(p.first, std::move(p.second))); m_variable_update_target_by_msg.emplace(
std::pair<std::shared_ptr<std::string>,
std::unique_ptr<Variables::Variable>>(p.first,
std::move(p.second)));
} }
for (auto &p : from.m_variable_update_target_by_id) { for (auto &p : from->m_variable_update_target_by_id) {
m_variable_update_target_by_id.emplace(std::pair<double, std::unique_ptr<Variables::Variable>>(p.first, std::move(p.second))); m_variable_update_target_by_id.emplace(
std::pair<double,
std::unique_ptr<Variables::Variable>>(p.first,
std::move(p.second)));
} }
for (auto &p : from.m_remove_rule_by_msg) { for (auto &p : from->m_remove_rule_by_msg) {
m_remove_rule_by_msg.push_back(p); m_remove_rule_by_msg.push_back(p);
} }
for (auto &p : from.m_remove_rule_by_tag) { for (auto &p : from->m_remove_rule_by_tag) {
m_remove_rule_by_tag.push_back(p); m_remove_rule_by_tag.push_back(p);
} }

17
src/transaction.cc
View File

@ -174,7 +174,7 @@ Transaction::~Transaction() {
* *
*/ */
#ifndef NO_LOGS #ifndef NO_LOGS
void Transaction::debug(int level, std::string message) { void Transaction::debug(int level, std::string message) const {
if (m_rules == NULL) { if (m_rules == NULL) {
return; return;
} }
@ -1076,9 +1076,11 @@ int Transaction::processResponseBody() {
return true; return true;
} }
std::set<std::string> &bi = m_rules->m_responseBodyTypeToBeInspected.m_value; std::set<std::string> &bi = \
m_rules->m_responseBodyTypeToBeInspected.m_value;
auto t = bi.find(m_variableResponseContentType.m_value); auto t = bi.find(m_variableResponseContentType.m_value);
if (t == bi.end() && m_rules->m_responseBodyTypeToBeInspected.m_set == true) { if (t == bi.end()
&& m_rules->m_responseBodyTypeToBeInspected.m_set == true) {
#ifndef NO_LOGS #ifndef NO_LOGS
debug(5, "Response Content-Type is " \ debug(5, "Response Content-Type is " \
+ m_variableResponseContentType.m_value \ + m_variableResponseContentType.m_value \
@ -1127,7 +1129,8 @@ int Transaction::processResponseBody() {
int Transaction::appendResponseBody(const unsigned char *buf, size_t len) { int Transaction::appendResponseBody(const unsigned char *buf, size_t len) {
int current_size = this->m_responseBody.tellp(); int current_size = this->m_responseBody.tellp();
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected.m_value; std::set<std::string> &bi = \
this->m_rules->m_responseBodyTypeToBeInspected.m_value;
auto t = bi.find(m_variableResponseContentType.m_value); auto t = bi.find(m_variableResponseContentType.m_value);
if (t == bi.end() && bi.empty() == false) { if (t == bi.end() && bi.empty() == false) {
#ifndef NO_LOGS #ifndef NO_LOGS
@ -1466,7 +1469,8 @@ std::string Transaction::toOldAuditLogFormat(int parts,
std::vector<const collection::Variable *> l; std::vector<const collection::Variable *> l;
audit_log << "--" << trailer << "-" << "F--" << std::endl; audit_log << "--" << trailer << "-" << "F--" << std::endl;
audit_log << "HTTP/" << m_httpVersion.c_str() << " " << this->m_httpCodeReturned << std::endl; audit_log << "HTTP/" << m_httpVersion.c_str() << " ";
audit_log << this->m_httpCodeReturned << std::endl;
m_variableResponseHeaders.resolve(&l); m_variableResponseHeaders.resolve(&l);
for (auto &h : l) { for (auto &h : l) {
size_t pos = strlen("RESPONSE_HEADERS:"); size_t pos = strlen("RESPONSE_HEADERS:");
@ -1701,7 +1705,8 @@ std::string Transaction::toJSON(int parts) {
return log; return log;
#else #else
return std::string("{\"error\":\"ModSecurity was not compiled with JSON support.\"}"); return std::string("{\"error\":\"ModSecurity was " \
"not compiled with JSON support.\"}");
#endif #endif
} }

3
src/variables/remote_user.cc
View File

@ -44,7 +44,8 @@ void RemoteUser::evaluate(Transaction *transaction,
collection::Variable *var; collection::Variable *var;
std::string header; std::string header;
std::vector<const collection::Variable *> *l2 = new std::vector<const collection::Variable *>(); std::vector<const collection::Variable *> *l2 = \
new std::vector<const collection::Variable *>();
transaction->m_variableRequestHeaders.resolve("authorization", l2); transaction->m_variableRequestHeaders.resolve("authorization", l2);
if (l2->size() < 1) { if (l2->size() < 1) {

752
src/variables/variable.h
View File

@ -70,491 +70,349 @@ class Variable {
Variable(std::string name, VariableKind kind); Variable(std::string name, VariableKind kind);
virtual ~Variable() { } virtual ~Variable() { }
virtual void evaluate(Transaction *transaction, virtual void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) = 0; std::vector<const collection::Variable *> *l) = 0;
static std::string to_s(std::vector<Variable *> *variables); static std::string to_s(std::vector<Variable *> *variables);
static inline bool compareStrNoCase(const std::string &a, const std::string &b) { static inline bool comp(const std::string &a, const std::string &b) {
return a.size() == b.size() return a.size() == b.size()
&& std::equal(a.begin(), a.end(), b.begin(), && std::equal(a.begin(), a.end(), b.begin(),
[](char aa, char bb) { [](char aa, char bb) {
return toupper(aa) == bb; return toupper(aa) == bb;
}); });
}; }
static void stringMatchResolveMulti(Transaction *transaction, const std::string &variable, static void stringMatchResolveMulti(Transaction *t,
const std::string &variable,
std::vector<const collection::Variable *> *l) { std::vector<const collection::Variable *> *l) {
size_t collection = variable.find("."); size_t collection = variable.find(".");
if (collection == std::string::npos) { if (collection == std::string::npos) {
collection = variable.find(":"); collection = variable.find(":");
} }
if (collection == std::string::npos) { if (collection == std::string::npos) {
if (compareStrNoCase(variable, "RESPONSE_CONTENT_TYPE")) { if (comp(variable, "RESPONSE_CONTENT_TYPE")) {
transaction->m_variableResponseContentType.evaluate(l); t->m_variableResponseContentType.evaluate(l);
} } else if (comp(variable, "ARGS_COMBINED_SIZE")) {
else if (compareStrNoCase(variable, "ARGS_COMBINED_SIZE")) { t->m_variableARGScombinedSize.evaluate(l);
transaction->m_variableARGScombinedSize.evaluate(l); } else if (comp(variable, "AUTH_TYPE")) {
} t->m_variableAuthType.evaluate(l);
else if (compareStrNoCase(variable, "AUTH_TYPE")) { } else if (comp(variable, "FILES_COMBINED_SIZE")) {
transaction->m_variableAuthType.evaluate(l); t->m_variableFilesCombinedSize.evaluate(l);
} } else if (comp(variable, "FULL_REQUEST")) {
else if (compareStrNoCase(variable, "FILES_COMBINED_SIZE")) { t->m_variableFullRequest.evaluate(l);
transaction->m_variableFilesCombinedSize.evaluate(l); } else if (comp(variable, "FULL_REQUEST_LENGTH")) {
} t->m_variableFullRequestLength.evaluate(l);
else if (compareStrNoCase(variable, "FULL_REQUEST")) { } else if (comp(variable, "INBOUND_DATA_ERROR")) {
transaction->m_variableFullRequest.evaluate(l); t->m_variableInboundDataError.evaluate(l);
} } else if (comp(variable, "MATCHED_VAR")) {
else if (compareStrNoCase(variable, "FULL_REQUEST_LENGTH")) { t->m_variableMatchedVar.evaluate(l);
transaction->m_variableFullRequestLength.evaluate(l); } else if (comp(variable, "MATCHED_VAR_NAME")) {
} t->m_variableMatchedVarName.evaluate(l);
else if (compareStrNoCase(variable, "INBOUND_DATA_ERROR")) { } else if (comp(variable, "MULTIPART_CRLF_LF_LINES")) {
transaction->m_variableInboundDataError.evaluate(l); t->m_variableMultipartCrlfLFLines.evaluate(l);
} } else if (comp(variable, "MULTIPART_DATA_AFTER")) {
else if (compareStrNoCase(variable, "MATCHED_VAR")) { t->m_variableMultipartDataAfter.evaluate(l);
transaction->m_variableMatchedVar.evaluate(l); } else if (comp(variable, "MULTIPART_FILE_LIMIT_EXCEEDED")) {
} t->m_variableMultipartFileLimitExceeded.evaluate(l);
else if (compareStrNoCase(variable, "MATCHED_VAR_NAME")) { } else if (comp(variable, "MULTIPART_STRICT_ERROR")) {
transaction->m_variableMatchedVarName.evaluate(l); t->m_variableMultipartStrictError.evaluate(l);
} } else if (comp(variable, "MULTIPART_HEADER_FOLDING")) {
else if (compareStrNoCase(variable, "MULTIPART_CRLF_LF_LINES")) { t->m_variableMultipartHeaderFolding.evaluate(l);
transaction->m_variableMultipartCrlfLFLines.evaluate(l); } else if (comp(variable, "MULTIPART_INVALID_QUOTING")) {
} t->m_variableMultipartInvalidQuoting.evaluate(l);
else if (compareStrNoCase(variable, "MULTIPART_DATA_AFTER")) { } else if (comp(variable, "MULTIPART_INVALID_HEADER_FOLDING")) {
transaction->m_variableMultipartDataAfter.evaluate(l); t->m_variableMultipartInvalidHeaderFolding.evaluate(l);
} } else if (comp(variable, "MULTIPART_UNMATCHED_BOUNDARY")) {
else if (compareStrNoCase(variable, "MULTIPART_FILE_LIMIT_EXCEEDED")) { t->m_variableMultipartUnmatchedBoundary.evaluate(l);
transaction->m_variableMultipartFileLimitExceeded.evaluate(l); } else if (comp(variable, "OUTBOUND_DATA_ERROR")) {
} t->m_variableOutboundDataError.evaluate(l);
else if (compareStrNoCase(variable, "MULTIPART_STRICT_ERROR")) { } else if (comp(variable, "PATH_INFO")) {
transaction->m_variableMultipartStrictError.evaluate(l); t->m_variablePathInfo.evaluate(l);
} } else if (comp(variable, "QUERY_STRING")) {
else if (compareStrNoCase(variable, "MULTIPART_HEADER_FOLDING")) { t->m_variableQueryString.evaluate(l);
transaction->m_variableMultipartHeaderFolding.evaluate(l); } else if (comp(variable, "REMOTE_ADDR")) {
} t->m_variableRemoteAddr.evaluate(l);
else if (compareStrNoCase(variable, "MULTIPART_INVALID_QUOTING")) { } else if (comp(variable, "REMOTE_HOST")) {
transaction->m_variableMultipartInvalidQuoting.evaluate(l); t->m_variableRemoteHost.evaluate(l);
} } else if (comp(variable, "REMOTE_PORT")) {
else if (compareStrNoCase(variable, "MULTIPART_INVALID_HEADER_FOLDING")) { t->m_variableRemotePort.evaluate(l);
transaction->m_variableMultipartInvalidHeaderFolding.evaluate(l); } else if (comp(variable, "REQBODY_ERROR")) {
} t->m_variableReqbodyError.evaluate(l);
else if (compareStrNoCase(variable, "MULTIPART_UNMATCHED_BOUNDARY")) { } else if (comp(variable, "REQBODY_ERROR_MSG")) {
transaction->m_variableMultipartUnmatchedBoundary.evaluate(l); t->m_variableReqbodyErrorMsg.evaluate(l);
} } else if (comp(variable, "REQBODY_PROCESSOR_ERROR_MSG")) {
else if (compareStrNoCase(variable, "OUTBOUND_DATA_ERROR")) { t->m_variableReqbodyProcessorErrorMsg.evaluate(l);
transaction->m_variableOutboundDataError.evaluate(l); } else if (comp(variable, "REQBODY_PROCESSOR_ERROR")) {
} t->m_variableReqbodyProcessorError.evaluate(l);
else if (compareStrNoCase(variable, "PATH_INFO")) { } else if (comp(variable, "REQBODY_PROCESSOR")) {
transaction->m_variablePathInfo.evaluate(l); t->m_variableReqbodyProcessor.evaluate(l);
} } else if (comp(variable, "REQUEST_BASENAME")) {
else if (compareStrNoCase(variable, "QUERY_STRING")) { t->m_variableRequestBasename.evaluate(l);
transaction->m_variableQueryString.evaluate(l); } else if (comp(variable, "REQUEST_BODY")) {
} t->m_variableRequestBody.evaluate(l);
else if (compareStrNoCase(variable, "REMOTE_ADDR")) { } else if (comp(variable, "REQUEST_BODY_LENGTH")) {
transaction->m_variableRemoteAddr.evaluate(l); t->m_variableRequestBodyLength.evaluate(l);
} } else if (comp(variable, "REQUEST_FILENAME")) {
else if (compareStrNoCase(variable, "REMOTE_HOST")) { t->m_variableRequestFilename.evaluate(l);
transaction->m_variableRemoteHost.evaluate(l); } else if (comp(variable, "REQUEST_LINE")) {
} t->m_variableRequestLine.evaluate(l);
else if (compareStrNoCase(variable, "REMOTE_PORT")) { } else if (comp(variable, "REQUEST_METHOD")) {
transaction->m_variableRemotePort.evaluate(l); t->m_variableRequestMethod.evaluate(l);
} } else if (comp(variable, "REQUEST_PROTOCOL")) {
else if (compareStrNoCase(variable, "REQBODY_ERROR")) { t->m_variableRequestProtocol.evaluate(l);
transaction->m_variableReqbodyError.evaluate(l); } else if (comp(variable, "REQUEST_URI")) {
} t->m_variableRequestURI.evaluate(l);
else if (compareStrNoCase(variable, "REQBODY_ERROR_MSG")) { } else if (comp(variable, "REQUEST_URI_RAW")) {
transaction->m_variableReqbodyErrorMsg.evaluate(l); t->m_variableRequestURIRaw.evaluate(l);
} } else if (comp(variable, "RESOURCE")) {
else if (compareStrNoCase(variable, "REQBODY_PROCESSOR_ERROR_MSG")) { t->m_variableResource.evaluate(l);
transaction->m_variableReqbodyProcessorErrorMsg.evaluate(l); } else if (comp(variable, "RESPONSE_BODY")) {
} t->m_variableResponseBody.evaluate(l);
else if (compareStrNoCase(variable, "REQBODY_PROCESSOR_ERROR")) { } else if (comp(variable, "RESPONSE_CONTENT_LENGTH")) {
transaction->m_variableReqbodyProcessorError.evaluate(l); t->m_variableResponseContentLength.evaluate(l);
} } else if (comp(variable, "RESPONSE_PROTOCOL")) {
else if (compareStrNoCase(variable, "REQBODY_PROCESSOR")) { t->m_variableResponseProtocol.evaluate(l);
transaction->m_variableReqbodyProcessor.evaluate(l); } else if (comp(variable, "RESPONSE_STATUS")) {
} t->m_variableResponseStatus.evaluate(l);
else if (compareStrNoCase(variable, "REQUEST_BASENAME")) { } else if (comp(variable, "SERVER_ADDR")) {
transaction->m_variableRequestBasename.evaluate(l); t->m_variableServerAddr.evaluate(l);
} } else if (comp(variable, "SERVER_NAME")) {
else if (compareStrNoCase(variable, "REQUEST_BODY")) { t->m_variableServerName.evaluate(l);
transaction->m_variableRequestBody.evaluate(l); } else if (comp(variable, "SERVER_PORT")) {
} t->m_variableServerPort.evaluate(l);
else if (compareStrNoCase(variable, "REQUEST_BODY_LENGTH")) { } else if (comp(variable, "SESSIONID")) {
transaction->m_variableRequestBodyLength.evaluate(l); t->m_variableSessionID.evaluate(l);
} } else if (comp(variable, "UNIQUE_ID")) {
else if (compareStrNoCase(variable, "REQUEST_FILENAME")) { t->m_variableUniqueID.evaluate(l);
transaction->m_variableRequestFilename.evaluate(l); } else if (comp(variable, "URLENCODED_ERROR")) {
} t->m_variableUrlEncodedError.evaluate(l);
else if (compareStrNoCase(variable, "REQUEST_LINE")) { } else if (comp(variable, "USERID")) {
transaction->m_variableRequestLine.evaluate(l); t->m_variableUserID.evaluate(l);
}
else if (compareStrNoCase(variable, "REQUEST_METHOD")) {
transaction->m_variableRequestMethod.evaluate(l);
}
else if (compareStrNoCase(variable, "REQUEST_PROTOCOL")) {
transaction->m_variableRequestProtocol.evaluate(l);
}
else if (compareStrNoCase(variable, "REQUEST_URI")) {
transaction->m_variableRequestURI.evaluate(l);
}
else if (compareStrNoCase(variable, "REQUEST_URI_RAW")) {
transaction->m_variableRequestURIRaw.evaluate(l);
}
else if (compareStrNoCase(variable, "RESOURCE")) {
transaction->m_variableResource.evaluate(l);
}
else if (compareStrNoCase(variable, "RESPONSE_BODY")) {
transaction->m_variableResponseBody.evaluate(l);
}
else if (compareStrNoCase(variable, "RESPONSE_CONTENT_LENGTH")) {
transaction->m_variableResponseContentLength.evaluate(l);
}
else if (compareStrNoCase(variable, "RESPONSE_PROTOCOL")) {
transaction->m_variableResponseProtocol.evaluate(l);
}
else if (compareStrNoCase(variable, "RESPONSE_STATUS")) {
transaction->m_variableResponseStatus.evaluate(l);
}
else if (compareStrNoCase(variable, "SERVER_ADDR")) {
transaction->m_variableServerAddr.evaluate(l);
}
else if (compareStrNoCase(variable, "SERVER_NAME")) {
transaction->m_variableServerName.evaluate(l);
}
else if (compareStrNoCase(variable, "SERVER_PORT")) {
transaction->m_variableServerPort.evaluate(l);
}
else if (compareStrNoCase(variable, "SESSIONID")) {
transaction->m_variableSessionID.evaluate(l);
}
else if (compareStrNoCase(variable, "UNIQUE_ID")) {
transaction->m_variableUniqueID.evaluate(l);
}
else if (compareStrNoCase(variable, "URLENCODED_ERROR")) {
transaction->m_variableUrlEncodedError.evaluate(l);
}
else if (compareStrNoCase(variable, "USERID")) {
transaction->m_variableUserID.evaluate(l);
} else { } else {
transaction->m_collections.resolveMultiMatches( t->m_collections.resolveMultiMatches(variable, l);
variable, l);
} }
} else { } else {
std::string col = std::string(variable, 0, collection); std::string col = std::string(variable, 0, collection);
std::string var = std::string(variable, collection + 1, std::string var = std::string(variable, collection + 1,
variable.length() - (collection + 1)); variable.length() - (collection + 1));
if (compareStrNoCase(col, "ARGS")) { if (comp(col, "ARGS")) {
transaction->m_variableArgs.resolve(var, l); t->m_variableArgs.resolve(var, l);
} } else if (comp(variable, "ARGS_NAMES")) {
else if (compareStrNoCase(variable, "ARGS_NAMES")) { t->m_variableArgsNames.resolve(var, l);
transaction->m_variableArgsNames.resolve(var, l); } else if (comp(variable, "ARGS_GET_NAMES")) {
} t->m_variableArgsGetNames.resolve(var, l);
else if (compareStrNoCase(variable, "ARGS_GET_NAMES")) { } else if (comp(variable, "ARGS_POST_NAMES")) {
transaction->m_variableArgsGetNames.resolve(var, l); t->m_variableArgsPostNames.resolve(var, l);
} } else if (comp(col, "RULE")) {
else if (compareStrNoCase(variable, "ARGS_POST_NAMES")) { t->m_variableRule.resolve(var, l);
transaction->m_variableArgsPostNames.resolve(var, l); } else if (comp(col, "ARGS_GET")) {
} t->m_variableArgsGet.resolve(var, l);
else if (compareStrNoCase(col, "RULE")) { } else if (comp(col, "ARGS_POST")) {
transaction->m_variableRule.resolve(var, l); t->m_variableArgsPost.resolve(var, l);
} } else if (comp(col, "FILES_SIZES")) {
else if (compareStrNoCase(col, "ARGS_GET")) { t->m_variableFilesSizes.resolve(var, l);
transaction->m_variableArgsGet.resolve(var, l); } else if (comp(col, "FILES_NAMES")) {
} t->m_variableFilesNames.resolve(var, l);
else if (compareStrNoCase(col, "ARGS_POST")) { } else if (comp(col, "FILES_TMP_CONTENT")) {
transaction->m_variableArgsPost.resolve(var, l); t->m_variableFilesTmpContent.resolve(var, l);
} } else if (comp(col, "MULTIPART_FILENAME")) {
else if (compareStrNoCase(col, "FILES_SIZES")) { t->m_variableMultiPartFileName.resolve(var, l);
transaction->m_variableFilesSizes.resolve(var, l); } else if (comp(col, "MULTIPART_NAME")) {
} t->m_variableMultiPartName.resolve(var, l);
else if (compareStrNoCase(col, "FILES_NAMES")) { } else if (comp(col, "MATCHED_VARS_NAMES")) {
transaction->m_variableFilesNames.resolve(var, l); t->m_variableMatchedVarsNames.resolve(var, l);
} } else if (comp(col, "MATCHED_VARS")) {
else if (compareStrNoCase(col, "FILES_TMP_CONTENT")) { t->m_variableMatchedVars.resolve(var, l);
transaction->m_variableFilesTmpContent.resolve(var, l); } else if (comp(col, "FILES")) {
} t->m_variableFiles.resolve(var, l);
else if (compareStrNoCase(col, "MULTIPART_FILENAME")) { } else if (comp(col, "REQUEST_COOKIES")) {
transaction->m_variableMultiPartFileName.resolve(var, l); t->m_variableRequestCookies.resolve(var, l);
} } else if (comp(col, "REQUEST_HEADERS")) {
else if (compareStrNoCase(col, "MULTIPART_NAME")) { t->m_variableRequestHeaders.resolve(var, l);
transaction->m_variableMultiPartName.resolve(var, l); } else if (comp(variable, "REQUEST_HEADERS_NAMES")) {
} t->m_variableRequestHeadersNames.resolve(var, l);
else if (compareStrNoCase(col, "MATCHED_VARS_NAMES")) { } else if (comp(col, "RESPONSE_HEADERS")) {
transaction->m_variableMatchedVarsNames.resolve(var, l); t->m_variableResponseHeaders.resolve(var, l);
} } else if (comp(variable, "RESPONSE_HEADERS_NAMES")) {
else if (compareStrNoCase(col, "MATCHED_VARS")) { t->m_variableResponseHeadersNames.resolve(var, l);
transaction->m_variableMatchedVars.resolve(var, l); } else if (comp(col, "GEO")) {
} t->m_variableGeo.resolve(var, l);
else if (compareStrNoCase(col, "FILES")) { } else if (comp(col, "REQUEST_COOKIES_NAMES")) {
transaction->m_variableFiles.resolve(var, l); t->m_variableRequestCookiesNames.resolve(var, l);
} } else if (comp(col, "FILES_TMPNAMES")) {
else if (compareStrNoCase(col, "REQUEST_COOKIES")) { t->m_variableFilesTmpNames.resolve(var, l);
transaction->m_variableRequestCookies.resolve(var, l);
}
else if (compareStrNoCase(col, "REQUEST_HEADERS")) {
transaction->m_variableRequestHeaders.resolve(var, l);
}
else if (compareStrNoCase(variable, "REQUEST_HEADERS_NAMES")) {
transaction->m_variableRequestHeadersNames.resolve(var, l);
}
else if (compareStrNoCase(col, "RESPONSE_HEADERS")) {
transaction->m_variableResponseHeaders.resolve(var, l);
}
else if (compareStrNoCase(variable, "RESPONSE_HEADERS_NAMES")) {
transaction->m_variableResponseHeadersNames.resolve(var, l);
}
else if (compareStrNoCase(col, "GEO")) {
transaction->m_variableGeo.resolve(var, l);
}
else if (compareStrNoCase(col, "REQUEST_COOKIES_NAMES")) {
transaction->m_variableRequestCookiesNames.resolve(var, l);
}
else if (compareStrNoCase(col, "FILES_TMPNAMES")) {
transaction->m_variableFilesTmpNames.resolve(var, l);
} else { } else {
transaction->m_collections.resolveMultiMatches(col, t->m_collections.resolveMultiMatches(col, var, l);
var, l);
} }
} }
} }
static std::string stringMatchResolve(Transaction *transaction, const std::string &variable) { static std::string stringMatchResolve(Transaction *t,
std::unique_ptr<std::string> variableValue = nullptr; const std::string &variable) {
std::unique_ptr<std::string> vv = nullptr;
size_t collection = variable.find("."); size_t collection = variable.find(".");
if (collection == std::string::npos) { if (collection == std::string::npos) {
collection = variable.find(":"); collection = variable.find(":");
} }
if (collection == std::string::npos) { if (collection == std::string::npos) {
if (compareStrNoCase(variable, "RESPONSE_CONTENT_TYPE")) { if (comp(variable, "RESPONSE_CONTENT_TYPE")) {
variableValue = transaction->m_variableResponseContentType.resolveFirst(); vv = t->m_variableResponseContentType.resolveFirst();
} } else if (comp(variable, "ARGS_COMBINED_SIZE")) {
else if (compareStrNoCase(variable, "ARGS_COMBINED_SIZE")) { vv = t->m_variableARGScombinedSize.resolveFirst();
variableValue = transaction->m_variableARGScombinedSize.resolveFirst(); } else if (comp(variable, "AUTH_TYPE")) {
} vv = t->m_variableAuthType.resolveFirst();
else if (compareStrNoCase(variable, "AUTH_TYPE")) { } else if (comp(variable, "FILES_COMBINED_SIZE")) {
variableValue = transaction->m_variableAuthType.resolveFirst(); vv = t->m_variableFilesCombinedSize.resolveFirst();
} } else if (comp(variable, "FULL_REQUEST")) {
else if (compareStrNoCase(variable, "FILES_COMBINED_SIZE")) { vv = t->m_variableFullRequest.resolveFirst();
variableValue = transaction->m_variableFilesCombinedSize.resolveFirst(); } else if (comp(variable, "FULL_REQUEST_LENGTH")) {
} vv = t->m_variableFullRequestLength.resolveFirst();
else if (compareStrNoCase(variable, "FULL_REQUEST")) { } else if (comp(variable, "INBOUND_DATA_ERROR")) {
variableValue = transaction->m_variableFullRequest.resolveFirst(); vv = t->m_variableInboundDataError.resolveFirst();
} } else if (comp(variable, "MATCHED_VAR")) {
else if (compareStrNoCase(variable, "FULL_REQUEST_LENGTH")) { vv = t->m_variableMatchedVar.resolveFirst();
variableValue = transaction->m_variableFullRequestLength.resolveFirst(); } else if (comp(variable, "MATCHED_VAR_NAME")) {
} vv = t->m_variableMatchedVarName.resolveFirst();
else if (compareStrNoCase(variable, "INBOUND_DATA_ERROR")) { } else if (comp(variable, "MULTIPART_CRLF_LF_LINES")) {
variableValue = transaction->m_variableInboundDataError.resolveFirst(); vv = t->m_variableMultipartCrlfLFLines.resolveFirst();
} } else if (comp(variable, "MULTIPART_DATA_AFTER")) {
else if (compareStrNoCase(variable, "MATCHED_VAR")) { vv = t->m_variableMultipartDataAfter.resolveFirst();
variableValue = transaction->m_variableMatchedVar.resolveFirst(); } else if (comp(variable, "MULTIPART_FILE_LIMIT_EXCEEDED")) {
} vv = t->m_variableMultipartFileLimitExceeded.resolveFirst();
else if (compareStrNoCase(variable, "MATCHED_VAR_NAME")) { } else if (comp(variable, "MULTIPART_STRICT_ERROR")) {
variableValue = transaction->m_variableMatchedVarName.resolveFirst(); vv = t->m_variableMultipartStrictError.resolveFirst();
} } else if (comp(variable, "MULTIPART_HEADER_FOLDING")) {
else if (compareStrNoCase(variable, "MULTIPART_CRLF_LF_LINES")) { vv = t->m_variableMultipartHeaderFolding.resolveFirst();
variableValue = transaction->m_variableMultipartCrlfLFLines.resolveFirst(); } else if (comp(variable, "MULTIPART_INVALID_QUOTING")) {
} vv = t->m_variableMultipartInvalidQuoting.resolveFirst();
else if (compareStrNoCase(variable, "MULTIPART_DATA_AFTER")) { } else if (comp(variable, "MULTIPART_INVALID_HEADER_FOLDING")) {
variableValue = transaction->m_variableMultipartDataAfter.resolveFirst(); vv = t->m_variableMultipartInvalidHeaderFolding.resolveFirst();
} } else if (comp(variable, "MULTIPART_UNMATCHED_BOUNDARY")) {
else if (compareStrNoCase(variable, "MULTIPART_FILE_LIMIT_EXCEEDED")) { vv = t->m_variableMultipartUnmatchedBoundary.resolveFirst();
variableValue = transaction->m_variableMultipartFileLimitExceeded.resolveFirst(); } else if (comp(variable, "OUTBOUND_DATA_ERROR")) {
} vv = t->m_variableOutboundDataError.resolveFirst();
else if (compareStrNoCase(variable, "MULTIPART_STRICT_ERROR")) { } else if (comp(variable, "PATH_INFO")) {
variableValue = transaction->m_variableMultipartStrictError.resolveFirst(); vv = t->m_variablePathInfo.resolveFirst();
} } else if (comp(variable, "QUERY_STRING")) {
else if (compareStrNoCase(variable, "MULTIPART_HEADER_FOLDING")) { vv = t->m_variableQueryString.resolveFirst();
variableValue = transaction->m_variableMultipartHeaderFolding.resolveFirst(); } else if (comp(variable, "REMOTE_ADDR")) {
} vv = t->m_variableRemoteAddr.resolveFirst();
else if (compareStrNoCase(variable, "MULTIPART_INVALID_QUOTING")) { } else if (comp(variable, "REMOTE_HOST")) {
variableValue = transaction->m_variableMultipartInvalidQuoting.resolveFirst(); vv = t->m_variableRemoteHost.resolveFirst();
} } else if (comp(variable, "REMOTE_PORT")) {
else if (compareStrNoCase(variable, "MULTIPART_INVALID_HEADER_FOLDING")) { vv = t->m_variableRemotePort.resolveFirst();
variableValue = transaction->m_variableMultipartInvalidHeaderFolding.resolveFirst(); } else if (comp(variable, "REQBODY_ERROR")) {
} vv = t->m_variableReqbodyError.resolveFirst();
else if (compareStrNoCase(variable, "MULTIPART_UNMATCHED_BOUNDARY")) { } else if (comp(variable, "REQBODY_ERROR_MSG")) {
variableValue = transaction->m_variableMultipartUnmatchedBoundary.resolveFirst(); vv = t->m_variableReqbodyErrorMsg.resolveFirst();
} } else if (comp(variable, "REQBODY_PROCESSOR_ERROR_MSG")) {
else if (compareStrNoCase(variable, "OUTBOUND_DATA_ERROR")) { vv = t->m_variableReqbodyProcessorErrorMsg.resolveFirst();
variableValue = transaction->m_variableOutboundDataError.resolveFirst(); } else if (comp(variable, "REQBODY_PROCESSOR_ERROR")) {
} vv = t->m_variableReqbodyProcessorError.resolveFirst();
else if (compareStrNoCase(variable, "PATH_INFO")) { } else if (comp(variable, "REQBODY_PROCESSOR")) {
variableValue = transaction->m_variablePathInfo.resolveFirst(); vv = t->m_variableReqbodyProcessor.resolveFirst();
} } else if (comp(variable, "REQUEST_BASENAME")) {
else if (compareStrNoCase(variable, "QUERY_STRING")) { vv = t->m_variableRequestBasename.resolveFirst();
variableValue = transaction->m_variableQueryString.resolveFirst(); } else if (comp(variable, "REQUEST_BODY")) {
} vv = t->m_variableRequestBody.resolveFirst();
else if (compareStrNoCase(variable, "REMOTE_ADDR")) { } else if (comp(variable, "REQUEST_BODY_LENGTH")) {
variableValue = transaction->m_variableRemoteAddr.resolveFirst(); vv = t->m_variableRequestBodyLength.resolveFirst();
} } else if (comp(variable, "REQUEST_FILENAME")) {
else if (compareStrNoCase(variable, "REMOTE_HOST")) { vv = t->m_variableRequestFilename.resolveFirst();
variableValue = transaction->m_variableRemoteHost.resolveFirst(); } else if (comp(variable, "REQUEST_LINE")) {
} vv = t->m_variableRequestLine.resolveFirst();
else if (compareStrNoCase(variable, "REMOTE_PORT")) { } else if (comp(variable, "REQUEST_METHOD")) {
variableValue = transaction->m_variableRemotePort.resolveFirst(); vv = t->m_variableRequestMethod.resolveFirst();
} } else if (comp(variable, "REQUEST_PROTOCOL")) {
else if (compareStrNoCase(variable, "REQBODY_ERROR")) { vv = t->m_variableRequestProtocol.resolveFirst();
variableValue = transaction->m_variableReqbodyError.resolveFirst(); } else if (comp(variable, "REQUEST_URI")) {
} vv = t->m_variableRequestURI.resolveFirst();
else if (compareStrNoCase(variable, "REQBODY_ERROR_MSG")) { } else if (comp(variable, "REQUEST_URI_RAW")) {
variableValue = transaction->m_variableReqbodyErrorMsg.resolveFirst(); vv = t->m_variableRequestURIRaw.resolveFirst();
} } else if (comp(variable, "RESOURCE")) {
else if (compareStrNoCase(variable, "REQBODY_PROCESSOR_ERROR_MSG")) { vv = t->m_variableResource.resolveFirst();
variableValue = transaction->m_variableReqbodyProcessorErrorMsg.resolveFirst(); } else if (comp(variable, "RESPONSE_BODY")) {
} vv = t->m_variableResponseBody.resolveFirst();
else if (compareStrNoCase(variable, "REQBODY_PROCESSOR_ERROR")) { } else if (comp(variable, "RESPONSE_CONTENT_LENGTH")) {
variableValue = transaction->m_variableReqbodyProcessorError.resolveFirst(); vv = t->m_variableResponseContentLength.resolveFirst();
} } else if (comp(variable, "RESPONSE_PROTOCOL")) {
else if (compareStrNoCase(variable, "REQBODY_PROCESSOR")) { vv = t->m_variableResponseProtocol.resolveFirst();
variableValue = transaction->m_variableReqbodyProcessor.resolveFirst(); } else if (comp(variable, "RESPONSE_STATUS")) {
} vv = t->m_variableResponseStatus.resolveFirst();
else if (compareStrNoCase(variable, "REQUEST_BASENAME")) { } else if (comp(variable, "SERVER_ADDR")) {
variableValue = transaction->m_variableRequestBasename.resolveFirst(); vv = t->m_variableServerAddr.resolveFirst();
} } else if (comp(variable, "SERVER_NAME")) {
else if (compareStrNoCase(variable, "REQUEST_BODY")) { vv = t->m_variableServerName.resolveFirst();
variableValue = transaction->m_variableRequestBody.resolveFirst(); } else if (comp(variable, "SERVER_PORT")) {
} vv = t->m_variableServerPort.resolveFirst();
else if (compareStrNoCase(variable, "REQUEST_BODY_LENGTH")) { } else if (comp(variable, "SESSIONID")) {
variableValue = transaction->m_variableRequestBodyLength.resolveFirst(); vv = t->m_variableSessionID.resolveFirst();
} } else if (comp(variable, "UNIQUE_ID")) {
else if (compareStrNoCase(variable, "REQUEST_FILENAME")) { vv = t->m_variableUniqueID.resolveFirst();
variableValue = transaction->m_variableRequestFilename.resolveFirst(); } else if (comp(variable, "URLENCODED_ERROR")) {
} vv = t->m_variableUrlEncodedError.resolveFirst();
else if (compareStrNoCase(variable, "REQUEST_LINE")) { } else if (comp(variable, "USERID")) {
variableValue = transaction->m_variableRequestLine.resolveFirst(); vv = t->m_variableUserID.resolveFirst();
}
else if (compareStrNoCase(variable, "REQUEST_METHOD")) {
variableValue = transaction->m_variableRequestMethod.resolveFirst();
}
else if (compareStrNoCase(variable, "REQUEST_PROTOCOL")) {
variableValue = transaction->m_variableRequestProtocol.resolveFirst();
}
else if (compareStrNoCase(variable, "REQUEST_URI")) {
variableValue = transaction->m_variableRequestURI.resolveFirst();
}
else if (compareStrNoCase(variable, "REQUEST_URI_RAW")) {
variableValue = transaction->m_variableRequestURIRaw.resolveFirst();
}
else if (compareStrNoCase(variable, "RESOURCE")) {
variableValue = transaction->m_variableResource.resolveFirst();
}
else if (compareStrNoCase(variable, "RESPONSE_BODY")) {
variableValue = transaction->m_variableResponseBody.resolveFirst();
}
else if (compareStrNoCase(variable, "RESPONSE_CONTENT_LENGTH")) {
variableValue = transaction->m_variableResponseContentLength.resolveFirst();
}
else if (compareStrNoCase(variable, "RESPONSE_PROTOCOL")) {
variableValue = transaction->m_variableResponseProtocol.resolveFirst();
}
else if (compareStrNoCase(variable, "RESPONSE_STATUS")) {
variableValue = transaction->m_variableResponseStatus.resolveFirst();
}
else if (compareStrNoCase(variable, "SERVER_ADDR")) {
variableValue = transaction->m_variableServerAddr.resolveFirst();
}
else if (compareStrNoCase(variable, "SERVER_NAME")) {
variableValue = transaction->m_variableServerName.resolveFirst();
}
else if (compareStrNoCase(variable, "SERVER_PORT")) {
variableValue = transaction->m_variableServerPort.resolveFirst();
}
else if (compareStrNoCase(variable, "SESSIONID")) {
variableValue = transaction->m_variableSessionID.resolveFirst();
}
else if (compareStrNoCase(variable, "UNIQUE_ID")) {
variableValue = transaction->m_variableUniqueID.resolveFirst();
}
else if (compareStrNoCase(variable, "URLENCODED_ERROR")) {
variableValue = transaction->m_variableUrlEncodedError.resolveFirst();
}
else if (compareStrNoCase(variable, "USERID")) {
variableValue = transaction->m_variableUserID.resolveFirst();
} else { } else {
variableValue = transaction->m_collections.resolveFirst( vv = t->m_collections.resolveFirst(variable);
variable);
} }
} else { } else {
std::string col = std::string(variable, 0, collection); std::string col = std::string(variable, 0, collection);
std::string var = std::string(variable, collection + 1, std::string var = std::string(variable, collection + 1,
variable.length() - (collection + 1)); variable.length() - (collection + 1));
if (compareStrNoCase(col, "ARGS")) { if (comp(col, "ARGS")) {
variableValue = transaction->m_variableArgs.resolveFirst(var); vv = t->m_variableArgs.resolveFirst(var);
} } else if (comp(variable, "ARGS_NAMES")) {
else if (compareStrNoCase(variable, "ARGS_NAMES")) { vv = t->m_variableArgsNames.resolveFirst(var);
variableValue = transaction->m_variableArgsNames.resolveFirst(var); } else if (comp(variable, "ARGS_GET_NAMES")) {
} vv = t->m_variableArgsGetNames.resolveFirst(var);
else if (compareStrNoCase(variable, "ARGS_GET_NAMES")) { } else if (comp(variable, "ARGS_POST_NAMES")) {
variableValue = transaction->m_variableArgsGetNames.resolveFirst(var); vv = t->m_variableArgsPostNames.resolveFirst(var);
} } else if (comp(col, "RULE")) {
else if (compareStrNoCase(variable, "ARGS_POST_NAMES")) { vv = t->m_variableRule.resolveFirst(var);
variableValue = transaction->m_variableArgsPostNames.resolveFirst(var); } else if (comp(col, "ARGS_GET")) {
} vv = t->m_variableArgsGet.resolveFirst(var);
else if (compareStrNoCase(col, "RULE")) { } else if (comp(col, "ARGS_POST")) {
variableValue = transaction->m_variableRule.resolveFirst(var); vv = t->m_variableArgsPost.resolveFirst(var);
} } else if (comp(col, "FILES_SIZES")) {
else if (compareStrNoCase(col, "ARGS_GET")) { vv = t->m_variableFilesSizes.resolveFirst(var);
variableValue = transaction->m_variableArgsGet.resolveFirst(var); } else if (comp(col, "FILES_NAMES")) {
} vv = t->m_variableFilesNames.resolveFirst(var);
else if (compareStrNoCase(col, "ARGS_POST")) { } else if (comp(col, "FILES_TMP_CONTENT")) {
variableValue = transaction->m_variableArgsPost.resolveFirst(var); vv = t->m_variableFilesTmpContent.resolveFirst(var);
} } else if (comp(col, "MULTIPART_FILENAME")) {
else if (compareStrNoCase(col, "FILES_SIZES")) { vv = t->m_variableMultiPartFileName.resolveFirst(var);
variableValue = transaction->m_variableFilesSizes.resolveFirst(var); } else if (comp(col, "MULTIPART_NAME")) {
} vv = t->m_variableMultiPartName.resolveFirst(var);
else if (compareStrNoCase(col, "FILES_NAMES")) { } else if (comp(col, "MATCHED_VARS_NAMES")) {
variableValue = transaction->m_variableFilesNames.resolveFirst(var); vv = t->m_variableMatchedVarsNames.resolveFirst(var);
} } else if (comp(col, "MATCHED_VARS")) {
else if (compareStrNoCase(col, "FILES_TMP_CONTENT")) { vv = t->m_variableMatchedVars.resolveFirst(var);
variableValue = transaction->m_variableFilesTmpContent.resolveFirst(var); } else if (comp(col, "FILES")) {
} vv = t->m_variableFiles.resolveFirst(var);
else if (compareStrNoCase(col, "MULTIPART_FILENAME")) { } else if (comp(col, "REQUEST_COOKIES")) {
variableValue = transaction->m_variableMultiPartFileName.resolveFirst(var); vv = t->m_variableRequestCookies.resolveFirst(var);
} } else if (comp(col, "REQUEST_HEADERS")) {
else if (compareStrNoCase(col, "MULTIPART_NAME")) { vv = t->m_variableRequestHeaders.resolveFirst(var);
variableValue = transaction->m_variableMultiPartName.resolveFirst(var); } else if (comp(variable, "REQUEST_HEADERS_NAMES")) {
} vv = t->m_variableRequestHeadersNames.resolveFirst(var);
else if (compareStrNoCase(col, "MATCHED_VARS_NAMES")) { } else if (comp(col, "RESPONSE_HEADERS")) {
variableValue = transaction->m_variableMatchedVarsNames.resolveFirst(var); vv = t->m_variableResponseHeaders.resolveFirst(var);
} } else if (comp(variable, "RESPONSE_HEADERS_NAMES")) {
else if (compareStrNoCase(col, "MATCHED_VARS")) { vv = t->m_variableResponseHeadersNames.resolveFirst(var);
variableValue = transaction->m_variableMatchedVars.resolveFirst(var); } else if (comp(col, "GEO")) {
} vv = t->m_variableGeo.resolveFirst(var);
else if (compareStrNoCase(col, "FILES")) { } else if (comp(col, "REQUEST_COOKIES_NAMES")) {
variableValue = transaction->m_variableFiles.resolveFirst(var); vv = t->m_variableRequestCookiesNames.resolveFirst(var);
} } else if (comp(col, "FILES_TMPNAMES")) {
else if (compareStrNoCase(col, "REQUEST_COOKIES")) { vv = t->m_variableFilesTmpNames.resolveFirst(var);
variableValue = transaction->m_variableRequestCookies.resolveFirst(var);
}
else if (compareStrNoCase(col, "REQUEST_HEADERS")) {
variableValue = transaction->m_variableRequestHeaders.resolveFirst(var);
}
else if (compareStrNoCase(variable, "REQUEST_HEADERS_NAMES")) {
variableValue = transaction->m_variableRequestHeadersNames.resolveFirst(var);
}
else if (compareStrNoCase(col, "RESPONSE_HEADERS")) {
variableValue = transaction->m_variableResponseHeaders.resolveFirst(var);
}
else if (compareStrNoCase(variable, "RESPONSE_HEADERS_NAMES")) {
variableValue = transaction->m_variableResponseHeadersNames.resolveFirst(var);
}
else if (compareStrNoCase(col, "GEO")) {
variableValue = transaction->m_variableGeo.resolveFirst(var);
}
else if (compareStrNoCase(col, "REQUEST_COOKIES_NAMES")) {
variableValue = transaction->m_variableRequestCookiesNames.resolveFirst(var);
}
else if (compareStrNoCase(col, "FILES_TMPNAMES")) {
variableValue = transaction->m_variableFilesTmpNames.resolveFirst(var);
} else { } else {
variableValue = transaction->m_collections.resolveFirst(col, vv = t->m_collections.resolveFirst(col, var);
var);
} }
} }
return std::string(*variableValue.get()); return std::string(*vv.get());
} }
std::string m_name; std::string m_name;
@ -575,10 +433,10 @@ class VariableModificatorExclusion : public Variable {
m_isExclusion = true; m_isExclusion = true;
} }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) { std::vector<const collection::Variable *> *l) {
m_var->evaluate(transaction, rule, l); m_var->evaluate(t, rule, l);
} }
std::unique_ptr<Variable> m_var; std::unique_ptr<Variable> m_var;
@ -593,14 +451,14 @@ class VariableModificatorCount : public Variable {
m_isCount = true; m_isCount = true;
} }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) { std::vector<const collection::Variable *> *l) {
std::vector<const collection::Variable *> reslIn; std::vector<const collection::Variable *> reslIn;
collection::Variable *val = NULL; collection::Variable *val = NULL;
int count = 0; int count = 0;
m_var->evaluate(transaction, rule, &reslIn); m_var->evaluate(t, rule, &reslIn);
for (const collection::Variable *a : reslIn) { for (const collection::Variable *a : reslIn) {
count++; count++;
delete a; delete a;

2
src/variables/web_app_id.h
View File

@ -32,7 +32,7 @@ namespace Variables {
class WebAppId : public Variable { class WebAppId : public Variable {
public: public:
explicit WebAppId() WebAppId()
: Variable("WEBAPPID") { } : Variable("WEBAPPID") { }
void evaluate(Transaction *transaction, void evaluate(Transaction *transaction,

5
test/coding_style_suppressions.txt
View File

@ -29,4 +29,9 @@
./test/benchmark/owasp-v3/util/av-scanning/runAV/common.h ./test/benchmark/owasp-v3/util/av-scanning/runAV/common.h
./src/audit_log/writer/parallel.cc:28 ./src/audit_log/writer/parallel.cc:28
./src/macro_expansion.c ./src/macro_expansion.c
./src/utils/string.h
./headers/modsecurity/rules_properties.h:369
./headers/modsecurity/rules_properties.h:370
./src/actions/transformations/url_decode_uni.cc
./test/unit/unit.cc:47
Total errors found Total errors found

4
test/unit/unit.cc
View File

@ -27,7 +27,6 @@
#include "src/actions/transformations/transformation.h" #include "src/actions/transformations/transformation.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/actions/action.h" #include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#include "test/common/modsecurity_test.h" #include "test/common/modsecurity_test.h"
@ -44,10 +43,9 @@ using modsecurity_test::ModSecurityTest;
using modsecurity_test::ModSecurityTestResults; using modsecurity_test::ModSecurityTestResults;
using modsecurity::actions::transformations::Transformation; using modsecurity::actions::transformations::Transformation;
using modsecurity::operators::Operator; using modsecurity::operators::Operator;
using namespace modsecurity::actions::transformations;
std::string default_test_path = "test-cases/secrules-language-tests/operators"; std::string default_test_path = "test-cases/secrules-language-tests/operators";
std::list<std::string> resources; static std::list<std::string> resources;
void print_help() { void print_help() {
std::cout << "Use ./unit /path/to/file" << std::endl; std::cout << "Use ./unit /path/to/file" << std::endl;