mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 19:24:29 +03:00
Splits Rule class into: Rule, RuleBase, RuleMarker
This commit is contained in:
Felipe Zimmerle
@@ -133,42 +133,38 @@ int RulesSet::evaluate(int phase, Transaction *t) {
|
||||
//}
|
||||
|
||||
for (int i = 0; i < rules->size(); i++) {
|
||||
Rule *rule = rules->at(i).get();
|
||||
if (t->m_marker.empty() == false) {
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \
|
||||
+ "' due to a SecMarker: " + t->m_marker);
|
||||
#ifndef NO_LOGS
|
||||
m_secmarker_skipped++;
|
||||
#endif
|
||||
ms_dbg_a(t, 9, "Rule: " + rule->m_marker);
|
||||
// FIXME: This is not meant to be here. At the end of this refactoring,
|
||||
// the shared pointer won't be used.
|
||||
std::shared_ptr<RuleBase> rule = rules->at(i);
|
||||
if (t->isInsideAMarker() && !rule->isMarker()) {
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" + rule->getReference() \
|
||||
+ "' due to a SecMarker: " + *t->getCurrentMarker());
|
||||
|
||||
if (rule->isMarker() && rule->m_marker == t->m_marker) {
|
||||
ms_dbg_a(t, 4, "Out of a SecMarker after skip " \
|
||||
+ std::to_string(m_secmarker_skipped) + " rules.");
|
||||
t->m_marker.clear();
|
||||
#ifndef NO_LOGS
|
||||
m_secmarker_skipped = 0;
|
||||
#endif
|
||||
}
|
||||
} else if (rule->isMarker()) {
|
||||
rule->evaluate(t, NULL);
|
||||
} else if (t->m_skip_next > 0) {
|
||||
t->m_skip_next--;
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" + rule->getReference() \
|
||||
+ "' due to a `skip' action. Still " + \
|
||||
std::to_string(t->m_skip_next) + " to be skipped.");
|
||||
} else if (t->m_allowType
|
||||
!= actions::disruptive::NoneAllowType) {
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" + rule->getReference() \
|
||||
+ "' as request trough the utilization of an `allow' action.");
|
||||
} else if (m_exceptions.contains(rule->m_ruleId)) {
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \
|
||||
+ "'. Removed by an SecRuleRemove directive.");
|
||||
} else {
|
||||
RuleBase *base = rule.get();
|
||||
Rule *ruleWithOperator = dynamic_cast<Rule *>(base);
|
||||
if (m_exceptions.contains(ruleWithOperator->m_ruleId)) {
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" + rule->getReference() \
|
||||
+ "'. Removed by an SecRuleRemove directive.");
|
||||
continue;
|
||||
}
|
||||
bool remove_rule = false;
|
||||
if (m_exceptions.m_remove_rule_by_msg.empty() == false) {
|
||||
for (auto &z : m_exceptions.m_remove_rule_by_msg) {
|
||||
if (rule->containsMsg(z, t) == true) {
|
||||
if (ruleWithOperator->containsMsg(z, t) == true) {
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" \
|
||||
+ std::to_string(rule->m_ruleId) \
|
||||
+ ruleWithOperator->getReference() \
|
||||
+ "'. Removed by a SecRuleRemoveByMsg directive.");
|
||||
remove_rule = true;
|
||||
break;
|
||||
@@ -181,9 +177,9 @@ int RulesSet::evaluate(int phase, Transaction *t) {
|
||||
|
||||
if (m_exceptions.m_remove_rule_by_tag.empty() == false) {
|
||||
for (auto &z : m_exceptions.m_remove_rule_by_tag) {
|
||||
if (rule->containsTag(z, t) == true) {
|
||||
if (ruleWithOperator->containsTag(z, t) == true) {
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" \
|
||||
+ std::to_string(rule->m_ruleId) \
|
||||
+ ruleWithOperator->getReference() \
|
||||
+ "'. Removed by a SecRuleRemoveByTag directive.");
|
||||
remove_rule = true;
|
||||
break;
|
||||
@@ -196,9 +192,9 @@ int RulesSet::evaluate(int phase, Transaction *t) {
|
||||
|
||||
if (t->m_ruleRemoveByTag.empty() == false) {
|
||||
for (auto &z : t->m_ruleRemoveByTag) {
|
||||
if (rule->containsTag(z, t) == true) {
|
||||
if (ruleWithOperator->containsTag(z, t) == true) {
|
||||
ms_dbg_a(t, 9, "Skipped rule id '" \
|
||||
+ std::to_string(rule->m_ruleId) \
|
||||
+ ruleWithOperator->getReference() \
|
||||
+ "'. Skipped due to a ruleRemoveByTag action.");
|
||||
remove_rule = true;
|
||||
break;
|
||||
|
||||
Reference in New Issue
Block a user