From 41bf1490b74fe0d7c0abec135bc1a8e0b497b865 Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <fcosta@trustwave.com>
Date: Fri, 17 Jul 2015 18:51:24 -0300
Subject: [PATCH] Adds MODSEC_BUILD variable

---
 headers/modsecurity/modsecurity.h             | 15 ++++++
 src/Makefile.am                               |  1 +
 src/parser/seclang-parser.yy                  | 15 ++++++
 src/parser/seclang-scanner.ll                 |  2 +
 src/variable_modsec_build.cc                  | 47 ++++++++++++++++++
 src/variable_modsec_build.h                   | 41 ++++++++++++++++
 .../regression/variable-MODSEC_BUILD.json     | 49 +++++++++++++++++++
 7 files changed, 170 insertions(+)
 create mode 100644 src/variable_modsec_build.cc
 create mode 100644 src/variable_modsec_build.h
 create mode 100644 test/test-cases/regression/variable-MODSEC_BUILD.json

diff --git a/headers/modsecurity/modsecurity.h b/headers/modsecurity/modsecurity.h
index 2468fb95..f7022530 100644
--- a/headers/modsecurity/modsecurity.h
+++ b/headers/modsecurity/modsecurity.h
@@ -94,16 +94,31 @@ typedef struct ModSecurity_t ModSecurity;
 #include "modsecurity/debug_log.h"
 #include "modsecurity/rules.h"
 
+/**
+ * TAG_NUM:
+ *
+ * Alpha  - 001
+ * Beta   - 002
+ * Dev    - 010
+ * Rc1    - 051
+ * Rc2    - 052
+ * ...    - ...
+ * Release- 100
+ *
+ */
 
 #define MODSECURITY_MAJOR "3"
 #define MODSECURITY_MINOR "0"
 #define MODSECURITY_PATCHLEVEL "0"
 #define MODSECURITY_TAG "-alpha"
+#define MODSECURITY_TAG_NUM "001"
 
 #define MODSECURITY_VERSION MODSECURITY_MAJOR "." \
     MODSECURITY_MINOR "." MODSECURITY_PATCHLEVEL \
     MODSECURITY_TAG
 
+#define MODSECURITY_VERSION_NUM MODSECURITY_MAJOR \
+    MODSECURITY_MINOR MODSECURITY_PATCHLEVEL MODSECURITY_TAG_NUM
 
 #ifdef __cplusplus
 namespace ModSecurity {
diff --git a/src/Makefile.am b/src/Makefile.am
index 471a1ae1..b9f56372 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -98,6 +98,7 @@ libmodsecurity_la_SOURCES = \
 	variable.cc \
 	variable_duration.cc \
 	variable_env.cc \
+	variable_modsec_build.cc \
 	operators/operator.cc \
 	operators/detect_sqli.cc \
 	operators/detect_xss.cc \
diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy
index 0000ca56..b38831eb 100644
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -17,6 +17,7 @@ class Driver;
 #include "rule.h"
 #include "variable_duration.h"
 #include "variable_env.h"
+#include "variable_modsec_build.h"
 
 using ModSecurity::actions::Action;
 using ModSecurity::actions::transformations::Transformation;
@@ -24,6 +25,7 @@ using ModSecurity::operators::Operator;
 using ModSecurity::Variable;
 using ModSecurity::VariableDuration;
 using ModSecurity::VariableEnv;
+using ModSecurity::VariableModsecBuild;
 using ModSecurity::Rule;
 
 }
@@ -86,6 +88,7 @@ using ModSecurity::Rule;
 %token <std::string> VARIABLE
 %token <std::string> RUN_TIME_VAR_DUR
 %token <std::string> RUN_TIME_VAR_ENV
+%token <std::string> RUN_TIME_VAR_BLD
 
 %token <std::string> OPERATOR
 %token <std::string> ACTION
@@ -273,6 +276,18 @@ variables:
         variables->push_back(new VariableEnv($1));
         $$ = variables;
       }
+    | variables PIPE RUN_TIME_VAR_BLD
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new VariableModsecBuild($3));
+        $$ = $1;
+      }
+    | RUN_TIME_VAR_BLD
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new VariableModsecBuild($1));
+        $$ = variables;
+      }
 
 actions:
     actions COMMA SPACE ACTION
diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll
index 6e2b118c..9097509d 100755
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@@ -59,6 +59,7 @@ TRANSFORMATION  t:(lowercase|urlDecodeUni|urlDecode|none|compressWhitespace|remo
 VARIABLE          (?i:FULL_REQUEST|FILES|AUTH_TYPE|ARGS_NAMES|ARGS|QUERY_STRING|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_COOKIES_NAMES|REQUEST_COOKIES|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_HEADERS|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_HEADERS|RESPONSE_PROTOCOL|RESPONSE_STATUS|TX)
 RUN_TIME_VAR_DUR  (?i:DURATION)
 RUN_TIME_VAR_ENV  (?i:ENV)
+RUN_TIME_VAR_BLD  (?i:MODSEC_BUILD)
 
 VARIABLENOCOLON  (?i:REQBODY_ERROR|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
 
@@ -112,6 +113,7 @@ FREE_TEXT       [^\"]+
 {VARIABLE}:?{DICT_ELEMENT}?             { return yy::seclang_parser::make_VARIABLE(yytext, loc); }
 {RUN_TIME_VAR_DUR}                      { return yy::seclang_parser::make_RUN_TIME_VAR_DUR(yytext, loc); }
 {RUN_TIME_VAR_ENV}:?{DICT_ELEMENT}?     { return yy::seclang_parser::make_RUN_TIME_VAR_ENV(yytext, loc); }
+{RUN_TIME_VAR_BLD}                      { return yy::seclang_parser::make_RUN_TIME_VAR_BLD(yytext, loc); }
 
 
 {CONFIG_COMPONENT_SIG}[ ]["]{FREE_TEXT}["] { return yy::seclang_parser::make_CONFIG_COMPONENT_SIG(strchr(yytext, ' ') + 2, loc); }
diff --git a/src/variable_modsec_build.cc b/src/variable_modsec_build.cc
new file mode 100644
index 00000000..d6fd0141
--- /dev/null
+++ b/src/variable_modsec_build.cc
@@ -0,0 +1,47 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "src/variable_modsec_build.h"
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+#include "modsecurity/modsecurity.h"
+
+namespace ModSecurity {
+
+std::list<std::pair<std::string, std::string>>
+    VariableModsecBuild::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+
+    std::ostringstream ss;
+    ss << std::setw(2) << std::setfill('0') << MODSECURITY_MAJOR;
+    ss << std::setw(2) << std::setfill('0') << MODSECURITY_MINOR;
+    ss << std::setw(2) << std::setfill('0') << MODSECURITY_PATCHLEVEL;
+    ss << std::setw(2) << std::setfill('0') << MODSECURITY_TAG_NUM;
+
+    pair = std::make_pair(std::string("MODSEC_BUILD"), ss.str());
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace ModSecurity
diff --git a/src/variable_modsec_build.h b/src/variable_modsec_build.h
new file mode 100644
index 00000000..acfc23ca
--- /dev/null
+++ b/src/variable_modsec_build.h
@@ -0,0 +1,41 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <vector>
+#include <string>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLE_MODSEC_BUILD_H_
+#define SRC_VARIABLE_MODSEC_BUILD_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+
+class VariableModsecBuild : public Variable {
+ public:
+    explicit VariableModsecBuild(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLE_MODSEC_BUILD_H_
diff --git a/test/test-cases/regression/variable-MODSEC_BUILD.json b/test/test-cases/regression/variable-MODSEC_BUILD.json
new file mode 100644
index 00000000..2a49b6a2
--- /dev/null
+++ b/test/test-cases/regression/variable-MODSEC_BUILD.json
@@ -0,0 +1,49 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: MODSEC_BUILD (1/1)",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length": "27",
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      "uri":"/",
+      "protocol":"POST",
+      "body": [
+        "param1=value1&param2=value2"
+      ]
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"03([0-9]+)\" \\(Variable: MODSEC_BUILD\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule MODSEC_BUILD \"@contains test\" \"phase:3,pass,t:trim\""
+    ]
+  }
+]
+