From 507ec44cc2b4366a7ab4107ec9b15eb74416abd1 Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Thu, 3 Nov 2016 20:02:37 -0300 Subject: [PATCH] Refactoring on `utils.cc' and adjacents Completely removed the `utils.cc' by moving residual functions into sub-classes of `utils/' --- src/Makefile.am | 3 +- src/actions/accuracy.cc | 2 +- src/actions/allow.cc | 3 +- src/actions/ctl/request_body_access.h | 2 +- src/actions/ctl/rule_remove_by_id.h | 2 +- src/actions/ctl/rule_remove_target_by_id.h | 2 +- src/actions/ctl/rule_remove_target_by_tag.h | 2 +- src/actions/init_col.cc | 2 +- src/actions/log.cc | 1 - src/actions/log_data.cc | 1 - src/actions/maturity.cc | 2 +- src/actions/msg.cc | 1 - src/actions/no_log.cc | 1 - src/actions/phase.cc | 2 +- src/actions/rev.cc | 2 +- src/actions/set_sid.cc | 2 +- src/actions/set_uid.cc | 2 +- src/actions/set_var.cc | 1 - src/actions/severity.cc | 2 +- src/actions/skip.cc | 2 +- src/actions/skip_after.cc | 2 +- src/actions/tag.cc | 1 - src/actions/transformations/css_decode.cc | 146 ++++- src/actions/transformations/css_decode.h | 2 + .../transformations/escape_seq_decode.cc | 4 +- src/actions/transformations/hex_decode.cc | 4 +- .../transformations/html_entity_decode.cc | 1 - .../transformations/html_entity_decode.h | 1 + src/actions/transformations/js_decode.cc | 6 +- src/actions/transformations/normalise_path.cc | 168 +++++- src/actions/transformations/normalise_path.h | 3 + .../transformations/normalise_path_win.cc | 5 +- src/actions/transformations/remove_nulls.cc | 2 +- .../transformations/replace_comments.cc | 1 - src/actions/transformations/sha1.cc | 1 - src/actions/transformations/sql_hex_decode.cc | 4 +- src/actions/transformations/url_decode.cc | 4 +- src/actions/transformations/url_decode_uni.cc | 6 +- src/actions/transformations/url_encode.cc | 4 +- .../transformations/utf8_to_unicode.cc | 4 +- src/actions/ver.cc | 1 - src/actions/xmlns.cc | 1 - src/audit_log/writer/https.cc | 2 +- src/audit_log/writer/parallel.cc | 3 +- .../backend/in_memory-per_process.cc | 2 +- src/collection/backend/lmdb.cc | 1 - src/collection/collections.cc | 2 +- src/macro_expansion.cc | 1 - src/operators/pm_from_file.cc | 2 +- src/operators/validate_dtd.cc | 1 - src/parser/seclang-parser.yy | 1 - src/parser/seclang-scanner.ll | 1 - src/request_body_processor/multipart.cc | 3 +- src/rule.cc | 1 - src/rules.cc | 1 - src/rules_exceptions.cc | 3 +- src/transaction.cc | 12 +- src/utils.cc | 554 ------------------ src/utils.h | 49 -- src/utils/decode.cc | 124 ++++ src/utils/decode.h | 40 ++ src/utils/msc_string.cc | 34 ++ src/utils/msc_string.h | 32 + src/utils/msc_system.cc | 3 +- src/utils/msc_system.h | 6 +- src/utils/random.cc | 45 ++ src/utils/random.h | 39 ++ src/variables/env.cc | 1 - src/variables/rule.cc | 3 +- src/variables/variable.cc | 3 +- src/variables/variations/count.cc | 3 +- src/variables/variations/exclusion.cc | 2 +- test/optimization/optimization.cc | 1 - test/unit/unit.cc | 2 +- test/unit/unit_test.cc | 3 +- 75 files changed, 702 insertions(+), 686 deletions(-) delete mode 100644 src/utils.cc delete mode 100644 src/utils.h create mode 100644 src/utils/decode.cc create mode 100644 src/utils/decode.h create mode 100644 src/utils/random.cc create mode 100644 src/utils/random.h diff --git a/src/Makefile.am b/src/Makefile.am index cde9adae..c5b88f11 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -213,11 +213,13 @@ OPERATORS = \ UTILS = \ utils/acmp.cc \ utils/base64.cc \ + utils/decode.cc \ utils/geo_lookup.cc \ utils/https_client.cc \ utils/ip_tree.cc \ utils/md5.cc \ utils/msc_tree.cc \ + utils/random.cc \ utils/regex.cc \ utils/sha1.cc \ utils/msc_string.cc \ @@ -247,7 +249,6 @@ libmodsecurity_la_SOURCES = \ audit_log/writer/parallel.cc \ modsecurity.cc \ rules.cc \ - utils.cc \ debug_log.cc \ debug_log_writer.cc \ macro_expansion.cc \ diff --git a/src/actions/accuracy.cc b/src/actions/accuracy.cc index da23705b..72a49eae 100644 --- a/src/actions/accuracy.cc +++ b/src/actions/accuracy.cc @@ -20,10 +20,10 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/allow.cc b/src/actions/allow.cc index 44020db4..fca6f267 100644 --- a/src/actions/allow.cc +++ b/src/actions/allow.cc @@ -20,12 +20,13 @@ #include "modsecurity/transaction.h" #include "modsecurity/rule.h" -#include "src/utils.h" #include "utils/msc_string.h" #include "modsecurity/modsecurity.h" + using modsecurity::utils::String; + namespace modsecurity { namespace actions { diff --git a/src/actions/ctl/request_body_access.h b/src/actions/ctl/request_body_access.h index 508c8cb0..722227f4 100644 --- a/src/actions/ctl/request_body_access.h +++ b/src/actions/ctl/request_body_access.h @@ -17,7 +17,7 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" + #ifndef SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_ #define SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_ diff --git a/src/actions/ctl/rule_remove_by_id.h b/src/actions/ctl/rule_remove_by_id.h index 499407e1..2fa270f0 100644 --- a/src/actions/ctl/rule_remove_by_id.h +++ b/src/actions/ctl/rule_remove_by_id.h @@ -17,7 +17,7 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" + #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_ diff --git a/src/actions/ctl/rule_remove_target_by_id.h b/src/actions/ctl/rule_remove_target_by_id.h index 2bfdddc9..2420e8f5 100644 --- a/src/actions/ctl/rule_remove_target_by_id.h +++ b/src/actions/ctl/rule_remove_target_by_id.h @@ -17,7 +17,7 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" + #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_ diff --git a/src/actions/ctl/rule_remove_target_by_tag.h b/src/actions/ctl/rule_remove_target_by_tag.h index 793fe7e5..8c3b8849 100644 --- a/src/actions/ctl/rule_remove_target_by_tag.h +++ b/src/actions/ctl/rule_remove_target_by_tag.h @@ -17,7 +17,7 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" + #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_ diff --git a/src/actions/init_col.cc b/src/actions/init_col.cc index cf59d8af..78c637c7 100644 --- a/src/actions/init_col.cc +++ b/src/actions/init_col.cc @@ -20,10 +20,10 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/log.cc b/src/actions/log.cc index 90df07a7..788a4932 100644 --- a/src/actions/log.cc +++ b/src/actions/log.cc @@ -20,7 +20,6 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "operators/operator.h" diff --git a/src/actions/log_data.cc b/src/actions/log_data.cc index ac45c5d9..c7f83837 100644 --- a/src/actions/log_data.cc +++ b/src/actions/log_data.cc @@ -20,7 +20,6 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "src/macro_expansion.h" #include "modsecurity/rule.h" diff --git a/src/actions/maturity.cc b/src/actions/maturity.cc index f33404f9..9e9435fd 100644 --- a/src/actions/maturity.cc +++ b/src/actions/maturity.cc @@ -20,10 +20,10 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/msg.cc b/src/actions/msg.cc index 582c328f..96a9cd64 100644 --- a/src/actions/msg.cc +++ b/src/actions/msg.cc @@ -20,7 +20,6 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "src/macro_expansion.h" #include "modsecurity/rule.h" diff --git a/src/actions/no_log.cc b/src/actions/no_log.cc index b185175b..1adcc2aa 100644 --- a/src/actions/no_log.cc +++ b/src/actions/no_log.cc @@ -20,7 +20,6 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "operators/operator.h" diff --git a/src/actions/phase.cc b/src/actions/phase.cc index 24ff5b9c..c0c3c1ba 100644 --- a/src/actions/phase.cc +++ b/src/actions/phase.cc @@ -20,10 +20,10 @@ #include "modsecurity/transaction.h" #include "modsecurity/rule.h" -#include "src/utils.h" #include "modsecurity/modsecurity.h" #include "utils/msc_string.h" + using modsecurity::utils::String; diff --git a/src/actions/rev.cc b/src/actions/rev.cc index e8e2c204..d2f1fc8f 100644 --- a/src/actions/rev.cc +++ b/src/actions/rev.cc @@ -20,10 +20,10 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/set_sid.cc b/src/actions/set_sid.cc index 9cc21fc9..f22a2718 100644 --- a/src/actions/set_sid.cc +++ b/src/actions/set_sid.cc @@ -21,7 +21,7 @@ #include "modsecurity/transaction.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" -#include "src/utils.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/set_uid.cc b/src/actions/set_uid.cc index 0c1f0a1a..71ca1ffd 100644 --- a/src/actions/set_uid.cc +++ b/src/actions/set_uid.cc @@ -21,7 +21,7 @@ #include "modsecurity/transaction.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" -#include "src/utils.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/set_var.cc b/src/actions/set_var.cc index 81c5ecbd..089b0124 100644 --- a/src/actions/set_var.cc +++ b/src/actions/set_var.cc @@ -21,7 +21,6 @@ #include "modsecurity/transaction.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" -#include "src/utils.h" #include "utils/msc_string.h" using modsecurity::utils::String; diff --git a/src/actions/severity.cc b/src/actions/severity.cc index 0cbfbde3..b6ece755 100644 --- a/src/actions/severity.cc +++ b/src/actions/severity.cc @@ -21,9 +21,9 @@ #include "actions/action.h" #include "modsecurity/transaction.h" #include "modsecurity/rule.h" -#include "src/utils.h" #include "utils/msc_string.h" + using modsecurity::utils::String; diff --git a/src/actions/skip.cc b/src/actions/skip.cc index 5e91e7ad..b7c535c5 100644 --- a/src/actions/skip.cc +++ b/src/actions/skip.cc @@ -20,7 +20,7 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/skip_after.cc b/src/actions/skip_after.cc index 4286d1c4..1c2fc721 100644 --- a/src/actions/skip_after.cc +++ b/src/actions/skip_after.cc @@ -20,7 +20,7 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/tag.cc b/src/actions/tag.cc index b1d45a5a..f6343be6 100644 --- a/src/actions/tag.cc +++ b/src/actions/tag.cc @@ -20,7 +20,6 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "src/macro_expansion.h" #include "modsecurity/rule.h" diff --git a/src/actions/transformations/css_decode.cc b/src/actions/transformations/css_decode.cc index b5fb6f69..314a0a65 100644 --- a/src/actions/transformations/css_decode.cc +++ b/src/actions/transformations/css_decode.cc @@ -26,7 +26,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "src/utils/msc_string.h" namespace modsecurity { @@ -42,13 +42,155 @@ std::string CssDecode::evaluate(std::string value, memcpy(tmp, value.c_str(), value.size() + 1); tmp[value.size()] = '\0'; - css_decode_inplace(reinterpret_cast(tmp), value.size()); + CssDecode::css_decode_inplace(reinterpret_cast(tmp), + value.size()); + std::string ret(tmp, 0, value.size()); free(tmp); return ret; } +/** + * Decode a string that contains CSS-escaped characters. + * + * References: + * http://www.w3.org/TR/REC-CSS2/syndata.html#q4 + * http://www.unicode.org/roadmaps/ + */ +int CssDecode::css_decode_inplace(unsigned char *input, int64_t input_len) { + unsigned char *d = (unsigned char *)input; + int64_t i, j, count; + + if (input == NULL) { + return -1; + } + + i = count = 0; + while (i < input_len) { + /* Is the character a backslash? */ + if (input[i] == '\\') { + /* Is there at least one more byte? */ + if (i + 1 < input_len) { + i++; /* We are not going to need the backslash. */ + + /* Check for 1-6 hex characters following the backslash */ + j = 0; + while ((j < 6) + && (i + j < input_len) + && (VALID_HEX(input[i + j]))) { + j++; + } + + if (j > 0) { + /* We have at least one valid hexadecimal character. */ + int fullcheck = 0; + + /* For now just use the last two bytes. */ + switch (j) { + /* Number of hex characters */ + case 1: + *d++ = modsecurity::utils::xsingle2c(&input[i]); + break; + + case 2: + case 3: + /* Use the last two from the end. */ + *d++ = modsecurity::utils::x2c(&input[i + j - 2]); + break; + + case 4: + /* Use the last two from the end, but request + * a full width check. + */ + *d = modsecurity::utils::x2c(&input[i + j - 2]); + fullcheck = 1; + break; + + case 5: + /* Use the last two from the end, but request + * a full width check if the number is greater + * or equal to 0xFFFF. + */ + *d = modsecurity::utils::x2c(&input[i + j - 2]); + /* Do full check if first byte is 0 */ + if (input[i] == '0') { + fullcheck = 1; + } else { + d++; + } + break; + + case 6: + /* Use the last two from the end, but request + * a full width check if the number is greater + * or equal to 0xFFFF. + */ + *d = modsecurity::utils::x2c(&input[i + j - 2]); + + /* Do full check if first/second bytes are 0 */ + if ((input[i] == '0') + && (input[i + 1] == '0')) { + fullcheck = 1; + } else { + d++; + } + break; + } + + /* Full width ASCII (0xff01 - 0xff5e) needs 0x20 added */ + if (fullcheck) { + if ((*d > 0x00) && (*d < 0x5f) + && ((input[i + j - 3] == 'f') || + (input[i + j - 3] == 'F')) + && ((input[i + j - 4] == 'f') || + (input[i + j - 4] == 'F'))) { + (*d) += 0x20; + } + + d++; + } + + /* We must ignore a single whitespace after a hex escape */ + if ((i + j < input_len) && isspace(input[i + j])) { + j++; + } + + /* Move over. */ + count++; + i += j; + } else if (input[i] == '\n') { + /* No hexadecimal digits after backslash */ + /* A newline character following backslash is ignored. */ + i++; + } else { + /* The character after backslash is not a hexadecimal digit, + * nor a newline. */ + /* Use one character after backslash as is. */ + *d++ = input[i++]; + count++; + } + } else { + /* No characters after backslash. */ + /* Do not include backslash in output + *(continuation to nothing) */ + i++; + } + } else { + /* Character is not a backslash. */ + /* Copy one normal character to output. */ + *d++ = input[i++]; + count++; + } + } + + /* Terminate output string. */ + *d = '\0'; + + return count; +} + + } // namespace transformations } // namespace actions } // namespace modsecurity diff --git a/src/actions/transformations/css_decode.h b/src/actions/transformations/css_decode.h index fa19fd77..3b69732b 100644 --- a/src/actions/transformations/css_decode.h +++ b/src/actions/transformations/css_decode.h @@ -35,6 +35,8 @@ class CssDecode : public Transformation { : Transformation(action) { } std::string evaluate(std::string exp, Transaction *transaction) override; + + static int css_decode_inplace(unsigned char *input, int64_t input_len); }; diff --git a/src/actions/transformations/escape_seq_decode.cc b/src/actions/transformations/escape_seq_decode.cc index 23b490cb..5a342366 100644 --- a/src/actions/transformations/escape_seq_decode.cc +++ b/src/actions/transformations/escape_seq_decode.cc @@ -25,7 +25,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "src/utils/msc_string.h" namespace modsecurity { namespace actions { @@ -92,7 +92,7 @@ int EscapeSeqDecode::ansi_c_sequences_decode_inplace(unsigned char *input, if ((i + 3 < input_len) && (isxdigit(input[i + 2])) && (isxdigit(input[i + 3]))) { /* Two digits. */ - c = x2c(&input[i + 2]); + c = modsecurity::utils::x2c(&input[i + 2]); i += 4; } else { /* Invalid encoding, do nothing. */ diff --git a/src/actions/transformations/hex_decode.cc b/src/actions/transformations/hex_decode.cc index 67e2dc25..8b04136a 100644 --- a/src/actions/transformations/hex_decode.cc +++ b/src/actions/transformations/hex_decode.cc @@ -25,7 +25,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "src/utils/msc_string.h" namespace modsecurity { namespace actions { @@ -65,7 +65,7 @@ int HexDecode::inplace(unsigned char *data, int len) { } for (i = 0; i <= len - 2; i += 2) { - *d++ = x2c(&data[i]); + *d++ = modsecurity::utils::x2c(&data[i]); count++; } *d = '\0'; diff --git a/src/actions/transformations/html_entity_decode.cc b/src/actions/transformations/html_entity_decode.cc index a0476ea9..2853594c 100644 --- a/src/actions/transformations/html_entity_decode.cc +++ b/src/actions/transformations/html_entity_decode.cc @@ -26,7 +26,6 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" namespace modsecurity { diff --git a/src/actions/transformations/html_entity_decode.h b/src/actions/transformations/html_entity_decode.h index d606a296..63c3f345 100644 --- a/src/actions/transformations/html_entity_decode.h +++ b/src/actions/transformations/html_entity_decode.h @@ -18,6 +18,7 @@ #include "actions/action.h" #include "actions/transformations/transformation.h" +#include "utils/msc_string.h" #ifndef SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_ diff --git a/src/actions/transformations/js_decode.cc b/src/actions/transformations/js_decode.cc index acd48440..891d8282 100644 --- a/src/actions/transformations/js_decode.cc +++ b/src/actions/transformations/js_decode.cc @@ -26,7 +26,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "src/utils/msc_string.h" namespace modsecurity { @@ -72,7 +72,7 @@ int JsDecode::inplace(unsigned char *input, u_int64_t input_len) { /* \uHHHH */ /* Use only the lower byte. */ - *d = x2c(&input[i + 4]); + *d = modsecurity::utils::x2c(&input[i + 4]); /* Full width ASCII (ff01 - ff5e) needs 0x20 added */ if ((*d > 0x00) && (*d < 0x5f) @@ -87,7 +87,7 @@ int JsDecode::inplace(unsigned char *input, u_int64_t input_len) { } else if ((i + 3 < input_len) && (input[i + 1] == 'x') && VALID_HEX(input[i + 2]) && VALID_HEX(input[i + 3])) { /* \xHH */ - *d++ = x2c(&input[i + 2]); + *d++ = modsecurity::utils::x2c(&input[i + 2]); count++; i += 4; } else if ((i + 1 < input_len) && ISODIGIT(input[i + 1])) { diff --git a/src/actions/transformations/normalise_path.cc b/src/actions/transformations/normalise_path.cc index 42f8993c..4207b4ab 100644 --- a/src/actions/transformations/normalise_path.cc +++ b/src/actions/transformations/normalise_path.cc @@ -26,7 +26,6 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" namespace modsecurity { @@ -57,6 +56,173 @@ std::string NormalisePath::evaluate(std::string value, return ret; } + +/** + * + * IMP1 Assumes NUL-terminated + */ +int NormalisePath::normalize_path_inplace(unsigned char *input, int input_len, + int win, int *changed) { + unsigned char *src; + unsigned char *dst; + unsigned char *end; + int ldst = 0; + int hitroot = 0; + int done = 0; + int relative; + int trailing; + + *changed = 0; + + /* Need at least one byte to normalize */ + if (input_len <= 0) return 0; + + /* + * ENH: Deal with UNC and drive letters? + */ + + src = dst = input; + end = input + (input_len - 1); + ldst = 1; + + relative = ((*input == '/') || (win && (*input == '\\'))) ? 0 : 1; + trailing = ((*end == '/') || (win && (*end == '\\'))) ? 1 : 0; + + + while (!done && (src <= end) && (dst <= end)) { + /* Convert backslash to forward slash on Windows only. */ + if (win) { + if (*src == '\\') { + *src = '/'; + *changed = 1; + } + if ((src < end) && (*(src + 1) == '\\')) { + *(src + 1) = '/'; + *changed = 1; + } + } + + /* Always normalize at the end of the input. */ + if (src == end) { + done = 1; + } else if (*(src + 1) != '/') { + /* Skip normalization if this is NOT the + *end of the path segment. */ + goto copy; /* Skip normalization. */ + } + + /*** Normalize the path segment. ***/ + + /* Could it be an empty path segment? */ + if ((src != end) && *src == '/') { + /* Ignore */ + *changed = 1; + goto copy; /* Copy will take care of this. */ + } else if (*src == '.') { + /* Could it be a back or self reference? */ + /* Back-reference? */ + if ((dst > input) && (*(dst - 1) == '.')) { + /* If a relative path and either our normalization has + * already hit the rootdir, or this is a backref with no + * previous path segment, then mark that the rootdir was hit + * and just copy the backref as no normilization is possible. + */ + if (relative && (hitroot || ((dst - 2) <= input))) { + hitroot = 1; + + goto copy; /* Skip normalization. */ + } + + /* Remove backreference and the previous path segment. */ + dst -= 3; + while ((dst > input) && (*dst != '/')) { + dst--; + } + + /* But do not allow going above rootdir. */ + if (dst <= input) { + hitroot = 1; + dst = input; + + /* Need to leave the root slash if this + * is not a relative path and the end was reached + * on a backreference. + */ + if (!relative && (src == end)) { + dst++; + } + } + + if (done) goto length; /* Skip the copy. */ + src++; + + *changed = 1; + } else if (dst == input) { + /* Relative Self-reference? */ + *changed = 1; + + /* Ignore. */ + + if (done) goto length; /* Skip the copy. */ + src++; + } else if (*(dst - 1) == '/') { + /* Self-reference? */ + *changed = 1; + + /* Ignore. */ + + if (done) goto length; /* Skip the copy. */ + dst--; + src++; + } + } else if (dst > input) { + /* Found a regular path segment. */ + hitroot = 0; + } + +copy: + /*** Copy the byte if required. ***/ + + /* Skip to the last forward slash when multiple are used. */ + if (*src == '/') { + unsigned char *oldsrc = src; + + while ((src < end) + && ((*(src + 1) == '/') || (win && (*(src + 1) == '\\'))) ) { + src++; + } + if (oldsrc != src) *changed = 1; + + /* Do not copy the forward slash to the root + * if it is not a relative path. Instead + * move over the slash to the next segment. + */ + if (relative && (dst == input)) { + src++; + goto length; /* Skip the copy */ + } + } + + *(dst++) = *(src++); + +length: + ldst = (dst - input); + } + /* Make sure that there is not a trailing slash in the + * normalized form if there was not one in the original form. + */ + if (!trailing && (dst > input) && *(dst - 1) == '/') { + ldst--; + dst--; + } + + /* Always NUL terminate */ + *dst = '\0'; + + return ldst; +} + + } // namespace transformations } // namespace actions } // namespace modsecurity diff --git a/src/actions/transformations/normalise_path.h b/src/actions/transformations/normalise_path.h index 9d08e642..6fafa209 100644 --- a/src/actions/transformations/normalise_path.h +++ b/src/actions/transformations/normalise_path.h @@ -33,6 +33,9 @@ class NormalisePath : public Transformation { explicit NormalisePath(std::string action); std::string evaluate(std::string exp, Transaction *transaction) override; + + static int normalize_path_inplace(unsigned char *input, int input_len, + int win, int *changed); }; } // namespace transformations diff --git a/src/actions/transformations/normalise_path_win.cc b/src/actions/transformations/normalise_path_win.cc index ae78a519..78fd78d5 100644 --- a/src/actions/transformations/normalise_path_win.cc +++ b/src/actions/transformations/normalise_path_win.cc @@ -26,7 +26,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "actions/transformations/normalise_path.h" namespace modsecurity { @@ -43,7 +43,8 @@ std::string NormalisePathWin::evaluate(std::string value, memcpy(tmp, value.c_str(), value.size() + 1); tmp[value.size()] = '\0'; - int i = normalize_path_inplace(reinterpret_cast(tmp), + int i = NormalisePath::normalize_path_inplace( + reinterpret_cast(tmp), value.size(), 1, &changed); std::string ret(""); diff --git a/src/actions/transformations/remove_nulls.cc b/src/actions/transformations/remove_nulls.cc index a19f496d..18a9f305 100644 --- a/src/actions/transformations/remove_nulls.cc +++ b/src/actions/transformations/remove_nulls.cc @@ -26,7 +26,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" + namespace modsecurity { namespace actions { diff --git a/src/actions/transformations/replace_comments.cc b/src/actions/transformations/replace_comments.cc index 9b8ab73e..52411096 100644 --- a/src/actions/transformations/replace_comments.cc +++ b/src/actions/transformations/replace_comments.cc @@ -25,7 +25,6 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" namespace modsecurity { diff --git a/src/actions/transformations/sha1.cc b/src/actions/transformations/sha1.cc index ebb71bb9..34c5c156 100644 --- a/src/actions/transformations/sha1.cc +++ b/src/actions/transformations/sha1.cc @@ -25,7 +25,6 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" #include "utils/sha1.h" -#include "src/utils.h" namespace modsecurity { diff --git a/src/actions/transformations/sql_hex_decode.cc b/src/actions/transformations/sql_hex_decode.cc index eed4b3dc..ed637e4e 100644 --- a/src/actions/transformations/sql_hex_decode.cc +++ b/src/actions/transformations/sql_hex_decode.cc @@ -25,7 +25,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "src/utils/msc_string.h" namespace modsecurity { @@ -96,7 +96,7 @@ int SqlHexDecode::inplace(unsigned char *data, int len) { } while (VALID_HEX(data[0]) && VALID_HEX(data[1])) { - *d++ = x2c(data); + *d++ = modsecurity::utils::x2c(data); data += 2; count += 2; } diff --git a/src/actions/transformations/url_decode.cc b/src/actions/transformations/url_decode.cc index 61e9edc6..1ac75286 100644 --- a/src/actions/transformations/url_decode.cc +++ b/src/actions/transformations/url_decode.cc @@ -25,7 +25,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "src/utils/decode.h" namespace modsecurity { namespace actions { @@ -51,7 +51,7 @@ std::string UrlDecode::evaluate(std::string value, memcpy(val, value.c_str(), value.size() + 1); val[value.size()] = '\0'; - int size = urldecode_nonstrict_inplace(val, value.size(), + int size = utils::urldecode_nonstrict_inplace(val, value.size(), &invalid_count, &changed); std::string out; diff --git a/src/actions/transformations/url_decode_uni.cc b/src/actions/transformations/url_decode_uni.cc index 245a4c8d..b0abfe62 100644 --- a/src/actions/transformations/url_decode_uni.cc +++ b/src/actions/transformations/url_decode_uni.cc @@ -27,7 +27,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "src/utils/msc_string.h" #include "modsecurity/rules.h" namespace modsecurity { @@ -114,7 +114,7 @@ int UrlDecodeUni::inplace(unsigned char *input, u_int64_t input_len, } else { /* We first make use of the lower byte here, * ignoring the higher byte. */ - *d = x2c(&input[i + 4]); + *d = modsecurity::utils::x2c(&input[i + 4]); /* Full width ASCII (ff01 - ff5e) * needs 0x20 added */ @@ -153,7 +153,7 @@ int UrlDecodeUni::inplace(unsigned char *input, u_int64_t input_len, char c2 = input[i + 2]; if (VALID_HEX(c1) && VALID_HEX(c2)) { - *d++ = x2c(&input[i + 1]); + *d++ = modsecurity::utils::x2c(&input[i + 1]); count++; i += 3; } else { diff --git a/src/actions/transformations/url_encode.cc b/src/actions/transformations/url_encode.cc index 362204bc..ad6863d7 100644 --- a/src/actions/transformations/url_encode.cc +++ b/src/actions/transformations/url_encode.cc @@ -24,7 +24,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "src/utils/msc_string.h" namespace modsecurity { namespace actions { @@ -69,7 +69,7 @@ std::string UrlEncode::url_enc(const char *input, } else { *d++ = '%'; count++; - c2x(c, (unsigned char *)d); + modsecurity::utils::c2x(c, (unsigned char *)d); d += 2; count++; count++; diff --git a/src/actions/transformations/utf8_to_unicode.cc b/src/actions/transformations/utf8_to_unicode.cc index 205ac21a..c53ee964 100644 --- a/src/actions/transformations/utf8_to_unicode.cc +++ b/src/actions/transformations/utf8_to_unicode.cc @@ -25,7 +25,7 @@ #include "modsecurity/transaction.h" #include "actions/transformations/transformation.h" -#include "src/utils.h" +#include "src/utils/msc_string.h" namespace modsecurity { @@ -93,7 +93,7 @@ char *Utf8ToUnicode::inplace(unsigned char *input, count++; if (count <= len) { if (c == 0) - *data = x2c(&c); + *data = modsecurity::utils::x2c(&c); else *data++ = c; } diff --git a/src/actions/ver.cc b/src/actions/ver.cc index 19c7a256..d827faa1 100644 --- a/src/actions/ver.cc +++ b/src/actions/ver.cc @@ -20,7 +20,6 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "modsecurity/rule.h" #include "src/macro_expansion.h" diff --git a/src/actions/xmlns.cc b/src/actions/xmlns.cc index efc07826..83b26b7f 100644 --- a/src/actions/xmlns.cc +++ b/src/actions/xmlns.cc @@ -20,7 +20,6 @@ #include "actions/action.h" #include "modsecurity/transaction.h" -#include "src/utils.h" namespace modsecurity { namespace actions { diff --git a/src/audit_log/writer/https.cc b/src/audit_log/writer/https.cc index 52289459..7266a211 100644 --- a/src/audit_log/writer/https.cc +++ b/src/audit_log/writer/https.cc @@ -27,10 +27,10 @@ #include "audit_log/audit_log.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "utils/md5.h" #include "utils/https_client.h" + namespace modsecurity { namespace audit_log { namespace writer { diff --git a/src/audit_log/writer/parallel.cc b/src/audit_log/writer/parallel.cc index 6ed1410b..c029b451 100644 --- a/src/audit_log/writer/parallel.cc +++ b/src/audit_log/writer/parallel.cc @@ -27,14 +27,15 @@ #include "audit_log/audit_log.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "src/utils/msc_system.h" #include "utils/md5.h" + namespace modsecurity { namespace audit_log { namespace writer { + std::mutex g_writeMutex; diff --git a/src/collection/backend/in_memory-per_process.cc b/src/collection/backend/in_memory-per_process.cc index 248e2d44..78ee0e7a 100644 --- a/src/collection/backend/in_memory-per_process.cc +++ b/src/collection/backend/in_memory-per_process.cc @@ -24,10 +24,10 @@ #endif #include "modsecurity/collection/variable.h" -#include "src/utils.h" #include "src/utils/regex.h" #include "utils/msc_string.h" + using modsecurity::utils::String; diff --git a/src/collection/backend/lmdb.cc b/src/collection/backend/lmdb.cc index 18804d45..a8eec027 100644 --- a/src/collection/backend/lmdb.cc +++ b/src/collection/backend/lmdb.cc @@ -22,7 +22,6 @@ #include #include "modsecurity/collection/variable.h" -#include "src/utils.h" #include "src/utils/regex.h" #undef LMDB_STDOUT_COUT diff --git a/src/collection/collections.cc b/src/collection/collections.cc index 01f5095e..3036010b 100644 --- a/src/collection/collections.cc +++ b/src/collection/collections.cc @@ -27,9 +27,9 @@ #include "modsecurity/collection/variable.h" #include "modsecurity/collection/collection.h" #include "src/collection/backend/in_memory-per_process.h" -#include "src/utils.h" #include "utils/msc_string.h" + using modsecurity::utils::String; diff --git a/src/macro_expansion.cc b/src/macro_expansion.cc index 2e151dd1..6371b12e 100644 --- a/src/macro_expansion.cc +++ b/src/macro_expansion.cc @@ -19,7 +19,6 @@ #include "src/variables/rule.h" #include "src/variables/tx.h" #include "src/variables/highest_severity.h" -#include "src/utils.h" #include "utils/msc_string.h" diff --git a/src/operators/pm_from_file.cc b/src/operators/pm_from_file.cc index e7c5b5e9..886af500 100644 --- a/src/operators/pm_from_file.cc +++ b/src/operators/pm_from_file.cc @@ -19,9 +19,9 @@ #include "operators/operator.h" #include "utils/https_client.h" -#include "src/utils.h" #include "src/utils/msc_system.h" + namespace modsecurity { namespace operators { diff --git a/src/operators/validate_dtd.cc b/src/operators/validate_dtd.cc index 52851d15..f292bef3 100644 --- a/src/operators/validate_dtd.cc +++ b/src/operators/validate_dtd.cc @@ -18,7 +18,6 @@ #include #include "request_body_processor/xml.h" -#include "src/utils.h" #include "src/utils/msc_system.h" #include "operators/operator.h" diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy index 4d156928..35d18bb2 100644 --- a/src/parser/seclang-parser.yy +++ b/src/parser/seclang-parser.yy @@ -54,7 +54,6 @@ class Driver; #include "modsecurity/rules_properties.h" #include "modsecurity/rule.h" #include "operators/operator.h" -#include "utils.h" #include "utils/geo_lookup.h" #include "utils/msc_string.h" #include "utils/msc_system.h" diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll index 1b51dfaa..7961fb63 100755 --- a/src/parser/seclang-scanner.ll +++ b/src/parser/seclang-scanner.ll @@ -7,7 +7,6 @@ #include "parser/driver.h" #include "seclang-parser.hh" #include "utils/https_client.h" -#include "src/utils.h" #include "utils/msc_string.h" using modsecurity::Parser::Driver; diff --git a/src/request_body_processor/multipart.cc b/src/request_body_processor/multipart.cc index 7c52425b..b5dab32b 100644 --- a/src/request_body_processor/multipart.cc +++ b/src/request_body_processor/multipart.cc @@ -28,11 +28,12 @@ #include "modsecurity/collection/collections.h" #include "modsecurity/rules.h" -#include "src/utils.h" #include "utils/msc_string.h" + using modsecurity::utils::String; + namespace modsecurity { namespace RequestBodyProcessor { diff --git a/src/rule.cc b/src/rule.cc index 51d3e7d2..5417cd4a 100644 --- a/src/rule.cc +++ b/src/rule.cc @@ -30,7 +30,6 @@ #include "actions/transformations/none.h" #include "actions/tag.h" #include "variables/variations/exclusion.h" -#include "src/utils.h" #include "utils/msc_string.h" #include "modsecurity/rules.h" #include "src/macro_expansion.h" diff --git a/src/rules.cc b/src/rules.cc index caea6f2f..77542c98 100644 --- a/src/rules.cc +++ b/src/rules.cc @@ -23,7 +23,6 @@ #include "modsecurity/modsecurity.h" #include "modsecurity/transaction.h" -#include "src/utils.h" #include "parser/driver.h" #include "utils/https_client.h" diff --git a/src/rules_exceptions.cc b/src/rules_exceptions.cc index b5d92ac7..30137ece 100644 --- a/src/rules_exceptions.cc +++ b/src/rules_exceptions.cc @@ -17,11 +17,12 @@ #include -#include "src/utils.h" #include "utils/msc_string.h" + using modsecurity::utils::String; + namespace modsecurity { diff --git a/src/transaction.cc b/src/transaction.cc index f4af2965..6c1ed314 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -41,9 +41,10 @@ #include "request_body_processor/json.h" #include "audit_log/audit_log.h" #include "src/unique_id.h" -#include "src/utils.h" #include "utils/msc_string.h" #include "utils/msc_system.h" +#include "utils/decode.h" +#include "utils/random.h" #include "modsecurity/rule.h" #include "modsecurity/rules_properties.h" #include "src/actions/allow.h" @@ -132,7 +133,7 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData) m_json(new RequestBodyProcessor::JSON(this)), m_xml(new RequestBodyProcessor::XML(this)) { m_id = std::to_string(this->m_timeStamp) + \ - std::to_string(generate_transaction_unique_id()); + std::to_string(modsecurity::utils::generate_transaction_unique_id()); m_rules->incrementReferenceCount(); m_collections.store("ARGS_COMBINED_SIZE", std::string("0")); @@ -283,8 +284,9 @@ bool Transaction::extractArguments(const std::string &orig, memcpy(key_c, key.c_str(), key_s); memcpy(value_c, value.c_str(), value_s); - key_s = urldecode_nonstrict_inplace(key_c, key_s, &invalid, &changed); - value_s = urldecode_nonstrict_inplace(value_c, value_s, + key_s = utils::urldecode_nonstrict_inplace(key_c, key_s, + &invalid, &changed); + value_s = utils::urldecode_nonstrict_inplace(value_c, value_s, &invalid, &changed); if (invalid) { @@ -374,7 +376,7 @@ int Transaction::processURI(const char *uri, const char *method, m_httpVersion = http_version; m_uri = uri; std::string uri_s(uri); - m_uri_decoded = uri_decode(uri); + m_uri_decoded = utils::uri_decode(uri); size_t pos = m_uri_decoded.find("?"); size_t pos_raw = uri_s.find("?"); diff --git a/src/utils.cc b/src/utils.cc deleted file mode 100644 index 022a3355..00000000 --- a/src/utils.cc +++ /dev/null @@ -1,554 +0,0 @@ -/* - * ModSecurity, http://www.modsecurity.org/ - * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) - * - * You may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * If any of the files related to licensing are missing or if you have any - * other questions related to licensing please contact Trustwave Holdings, Inc. - * directly using the email address security@modsecurity.org. - * - */ - -#include "src/utils.h" - -#include -#include -#include -#include -#include - - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#if defined _MSC_VER -#include -#elif defined __GNUC__ -#include -#include -#endif - -#include "modsecurity/modsecurity.h" - -namespace modsecurity { - - -int urldecode_nonstrict_inplace(unsigned char *input, - uint64_t input_len, int *invalid_count, int *changed) { - unsigned char *d = (unsigned char *)input; - uint64_t i, count; - - *changed = 0; - - if (input == NULL) { - return -1; - } - - i = count = 0; - while (i < input_len) { - if (input[i] == '%') { - /* Character is a percent sign. */ - - /* Are there enough bytes available? */ - if (i + 2 < input_len) { - char c1 = input[i + 1]; - char c2 = input[i + 2]; - if (VALID_HEX(c1) && VALID_HEX(c2)) { - uint64_t uni = x2c(&input[i + 1]); - - *d++ = (wchar_t)uni; - count++; - i += 3; - *changed = 1; - } else { - /* Not a valid encoding, skip this % */ - *d++ = input[i++]; - count++; - (*invalid_count)++; - } - } else { - /* Not enough bytes available, copy the raw bytes. */ - *d++ = input[i++]; - count++; - (*invalid_count)++; - } - } else { - /* Character is not a percent sign. */ - if (input[i] == '+') { - *d++ = ' '; - *changed = 1; - } else { - *d++ = input[i]; - } - count++; - i++; - } - } - -#if 0 - *d = '\0'; -#endif - - return count; -} - - -double random_number(const double from, const double to) { - std::random_device rd; - std::mt19937 mt(rd()); - return std::bind( - std::uniform_real_distribution<>{from, to}, - std::default_random_engine{ mt() })(); -} - - - - -double generate_transaction_unique_id() { - return random_number(0, 100); -} - - -const char SAFE[256] = { - /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */ - /* 0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - /* 1 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - /* 2 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - /* 3 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, - - /* 4 */ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - /* 5 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, - /* 6 */ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - /* 7 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, - - /* 8 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - /* 9 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - /* A */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - /* B */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - - /* C */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - /* D */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - /* E */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - /* F */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - - -const char HEX2DEC[256] = { - /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */ - /* 0 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* 1 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* 2 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* 3 */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1, - - /* 4 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* 5 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* 6 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* 7 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - - /* 8 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* 9 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* A */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* B */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - - /* C */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* D */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* E */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - /* F */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 -}; - - -std::string uri_decode(const std::string & sSrc) { - // Note from RFC1630: "Sequences which start with a percent - // sign but are not followed by two hexadecimal characters - // (0-9, A-F) are reserved for future extension" - - const unsigned char * pSrc = (const unsigned char *)sSrc.c_str(); - const int SRC_LEN = sSrc.length(); - const unsigned char * const SRC_END = pSrc + SRC_LEN; - // last decodable '%' - const unsigned char * const SRC_LAST_DEC = SRC_END - 2; - - char * const pStart = new char[SRC_LEN]; - char * pEnd = pStart; - - while (pSrc < SRC_LAST_DEC) { - if (*pSrc == '%') { - char dec1, dec2; - if (-1 != (dec1 = HEX2DEC[*(pSrc + 1)]) - && -1 != (dec2 = HEX2DEC[*(pSrc + 2)])) { - *pEnd++ = (dec1 << 4) + dec2; - pSrc += 3; - continue; - } - } - *pEnd++ = *pSrc++; - } - - // the last 2- chars - while (pSrc < SRC_END) { - *pEnd++ = *pSrc++; - } - - std::string sResult(pStart, pEnd); - delete [] pStart; - return sResult; -} - - - - -/** - * Decode a string that contains CSS-escaped characters. - * - * References: - * http://www.w3.org/TR/REC-CSS2/syndata.html#q4 - * http://www.unicode.org/roadmaps/ - */ -int css_decode_inplace(unsigned char *input, int64_t input_len) { - unsigned char *d = (unsigned char *)input; - int64_t i, j, count; - - if (input == NULL) { - return -1; - } - - i = count = 0; - while (i < input_len) { - /* Is the character a backslash? */ - if (input[i] == '\\') { - /* Is there at least one more byte? */ - if (i + 1 < input_len) { - i++; /* We are not going to need the backslash. */ - - /* Check for 1-6 hex characters following the backslash */ - j = 0; - while ((j < 6) - && (i + j < input_len) - && (VALID_HEX(input[i + j]))) { - j++; - } - - if (j > 0) { - /* We have at least one valid hexadecimal character. */ - int fullcheck = 0; - - /* For now just use the last two bytes. */ - switch (j) { - /* Number of hex characters */ - case 1: - *d++ = xsingle2c(&input[i]); - break; - - case 2: - case 3: - /* Use the last two from the end. */ - *d++ = x2c(&input[i + j - 2]); - break; - - case 4: - /* Use the last two from the end, but request - * a full width check. - */ - *d = x2c(&input[i + j - 2]); - fullcheck = 1; - break; - - case 5: - /* Use the last two from the end, but request - * a full width check if the number is greater - * or equal to 0xFFFF. - */ - *d = x2c(&input[i + j - 2]); - /* Do full check if first byte is 0 */ - if (input[i] == '0') { - fullcheck = 1; - } else { - d++; - } - break; - - case 6: - /* Use the last two from the end, but request - * a full width check if the number is greater - * or equal to 0xFFFF. - */ - *d = x2c(&input[i + j - 2]); - - /* Do full check if first/second bytes are 0 */ - if ((input[i] == '0') - && (input[i + 1] == '0')) { - fullcheck = 1; - } else { - d++; - } - break; - } - - /* Full width ASCII (0xff01 - 0xff5e) needs 0x20 added */ - if (fullcheck) { - if ((*d > 0x00) && (*d < 0x5f) - && ((input[i + j - 3] == 'f') || - (input[i + j - 3] == 'F')) - && ((input[i + j - 4] == 'f') || - (input[i + j - 4] == 'F'))) { - (*d) += 0x20; - } - - d++; - } - - /* We must ignore a single whitespace after a hex escape */ - if ((i + j < input_len) && isspace(input[i + j])) { - j++; - } - - /* Move over. */ - count++; - i += j; - } else if (input[i] == '\n') { - /* No hexadecimal digits after backslash */ - /* A newline character following backslash is ignored. */ - i++; - } else { - /* The character after backslash is not a hexadecimal digit, - * nor a newline. */ - /* Use one character after backslash as is. */ - *d++ = input[i++]; - count++; - } - } else { - /* No characters after backslash. */ - /* Do not include backslash in output - *(continuation to nothing) */ - i++; - } - } else { - /* Character is not a backslash. */ - /* Copy one normal character to output. */ - *d++ = input[i++]; - count++; - } - } - - /* Terminate output string. */ - *d = '\0'; - - return count; -} - - -/** - * - * IMP1 Assumes NUL-terminated - */ -int normalize_path_inplace(unsigned char *input, int input_len, - int win, int *changed) { - unsigned char *src; - unsigned char *dst; - unsigned char *end; - int ldst = 0; - int hitroot = 0; - int done = 0; - int relative; - int trailing; - - *changed = 0; - - /* Need at least one byte to normalize */ - if (input_len <= 0) return 0; - - /* - * ENH: Deal with UNC and drive letters? - */ - - src = dst = input; - end = input + (input_len - 1); - ldst = 1; - - relative = ((*input == '/') || (win && (*input == '\\'))) ? 0 : 1; - trailing = ((*end == '/') || (win && (*end == '\\'))) ? 1 : 0; - - - while (!done && (src <= end) && (dst <= end)) { - /* Convert backslash to forward slash on Windows only. */ - if (win) { - if (*src == '\\') { - *src = '/'; - *changed = 1; - } - if ((src < end) && (*(src + 1) == '\\')) { - *(src + 1) = '/'; - *changed = 1; - } - } - - /* Always normalize at the end of the input. */ - if (src == end) { - done = 1; - } else if (*(src + 1) != '/') { - /* Skip normalization if this is NOT the - *end of the path segment. */ - goto copy; /* Skip normalization. */ - } - - /*** Normalize the path segment. ***/ - - /* Could it be an empty path segment? */ - if ((src != end) && *src == '/') { - /* Ignore */ - *changed = 1; - goto copy; /* Copy will take care of this. */ - } else if (*src == '.') { - /* Could it be a back or self reference? */ - /* Back-reference? */ - if ((dst > input) && (*(dst - 1) == '.')) { - /* If a relative path and either our normalization has - * already hit the rootdir, or this is a backref with no - * previous path segment, then mark that the rootdir was hit - * and just copy the backref as no normilization is possible. - */ - if (relative && (hitroot || ((dst - 2) <= input))) { - hitroot = 1; - - goto copy; /* Skip normalization. */ - } - - /* Remove backreference and the previous path segment. */ - dst -= 3; - while ((dst > input) && (*dst != '/')) { - dst--; - } - - /* But do not allow going above rootdir. */ - if (dst <= input) { - hitroot = 1; - dst = input; - - /* Need to leave the root slash if this - * is not a relative path and the end was reached - * on a backreference. - */ - if (!relative && (src == end)) { - dst++; - } - } - - if (done) goto length; /* Skip the copy. */ - src++; - - *changed = 1; - } else if (dst == input) { - /* Relative Self-reference? */ - *changed = 1; - - /* Ignore. */ - - if (done) goto length; /* Skip the copy. */ - src++; - } else if (*(dst - 1) == '/') { - /* Self-reference? */ - *changed = 1; - - /* Ignore. */ - - if (done) goto length; /* Skip the copy. */ - dst--; - src++; - } - } else if (dst > input) { - /* Found a regular path segment. */ - hitroot = 0; - } - -copy: - /*** Copy the byte if required. ***/ - - /* Skip to the last forward slash when multiple are used. */ - if (*src == '/') { - unsigned char *oldsrc = src; - - while ((src < end) - && ((*(src + 1) == '/') || (win && (*(src + 1) == '\\'))) ) { - src++; - } - if (oldsrc != src) *changed = 1; - - /* Do not copy the forward slash to the root - * if it is not a relative path. Instead - * move over the slash to the next segment. - */ - if (relative && (dst == input)) { - src++; - goto length; /* Skip the copy */ - } - } - - *(dst++) = *(src++); - -length: - ldst = (dst - input); - } - /* Make sure that there is not a trailing slash in the - * normalized form if there was not one in the original form. - */ - if (!trailing && (dst > input) && *(dst - 1) == '/') { - ldst--; - dst--; - } - - /* Always NUL terminate */ - *dst = '\0'; - - return ldst; -} - - -/** - * Converts a single hexadecimal digit into a decimal value. - */ -unsigned char xsingle2c(unsigned char *what) { - unsigned char digit; - - digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0')); - - return digit; -} - - -unsigned char x2c(unsigned char *what) { - unsigned char digit; - - digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0')); - digit *= 16; - digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10 : (what[1] - '0')); - - return digit; -} - - -unsigned char *c2x(unsigned what, unsigned char *where) { - static const char c2x_table[] = "0123456789abcdef"; - - what = what & 0xff; - *where++ = c2x_table[what >> 4]; - *where++ = c2x_table[what & 0x0f]; - - return where; -} - - -} // namespace modsecurity - diff --git a/src/utils.h b/src/utils.h deleted file mode 100644 index faa60e7c..00000000 --- a/src/utils.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * ModSecurity, http://www.modsecurity.org/ - * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) - * - * You may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * If any of the files related to licensing are missing or if you have any - * other questions related to licensing please contact Trustwave Holdings, Inc. - * directly using the email address security@modsecurity.org. - * - */ - -#include -#include -#include -#include - -#include "modsecurity/modsecurity.h" - -#ifndef SRC_UTILS_H_ -#define SRC_UTILS_H_ - -#define VALID_HEX(X) (((X >= '0') && (X <= '9')) || \ - ((X >= 'a') && (X <= 'f')) || ((X >= 'A') && (X <= 'F'))) -#define ISODIGIT(X) ((X >= '0') && (X <= '7')) -#define NBSP 160 - - -namespace modsecurity { - int urldecode_nonstrict_inplace(unsigned char *input, - uint64_t input_len, int *invalid_count, int *changed); - double random_number(const double from, const double to); - double generate_transaction_unique_id(); - std::string uri_decode(const std::string & sSrc); - int js_decode_nonstrict_inplace(unsigned char *input, int64_t input_len); - unsigned char x2c(unsigned char *what); - unsigned char *c2x(unsigned what, unsigned char *where); - int css_decode_inplace(unsigned char *input, int64_t input_len); - unsigned char xsingle2c(unsigned char *what); - int html_entities_decode_inplace(unsigned char *input, int input_len); - int normalize_path_inplace(unsigned char *input, int input_len, - int win, int *changed); -} // namespace modsecurity - - -#endif // SRC_UTILS_H_ diff --git a/src/utils/decode.cc b/src/utils/decode.cc new file mode 100644 index 00000000..d29a4de2 --- /dev/null +++ b/src/utils/decode.cc @@ -0,0 +1,124 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + +#include "utils/decode.h" +#include "modsecurity/modsecurity.h" +#include "utils/msc_string.h" + + +namespace modsecurity { +namespace utils { + + +int urldecode_nonstrict_inplace(unsigned char *input, + uint64_t input_len, int *invalid_count, int *changed) { + unsigned char *d = (unsigned char *)input; + uint64_t i, count; + + *changed = 0; + + if (input == NULL) { + return -1; + } + + i = count = 0; + while (i < input_len) { + if (input[i] == '%') { + /* Character is a percent sign. */ + + /* Are there enough bytes available? */ + if (i + 2 < input_len) { + char c1 = input[i + 1]; + char c2 = input[i + 2]; + if (VALID_HEX(c1) && VALID_HEX(c2)) { + uint64_t uni = x2c(&input[i + 1]); + + *d++ = (wchar_t)uni; + count++; + i += 3; + *changed = 1; + } else { + /* Not a valid encoding, skip this % */ + *d++ = input[i++]; + count++; + (*invalid_count)++; + } + } else { + /* Not enough bytes available, copy the raw bytes. */ + *d++ = input[i++]; + count++; + (*invalid_count)++; + } + } else { + /* Character is not a percent sign. */ + if (input[i] == '+') { + *d++ = ' '; + *changed = 1; + } else { + *d++ = input[i]; + } + count++; + i++; + } + } + +#if 0 + *d = '\0'; +#endif + + return count; +} + + +std::string uri_decode(const std::string & sSrc) { + // Note from RFC1630: "Sequences which start with a percent + // sign but are not followed by two hexadecimal characters + // (0-9, A-F) are reserved for future extension" + + const unsigned char * pSrc = (const unsigned char *)sSrc.c_str(); + const int SRC_LEN = sSrc.length(); + const unsigned char * const SRC_END = pSrc + SRC_LEN; + // last decodable '%' + const unsigned char * const SRC_LAST_DEC = SRC_END - 2; + + char * const pStart = new char[SRC_LEN]; + char * pEnd = pStart; + + while (pSrc < SRC_LAST_DEC) { + if (*pSrc == '%') { + char dec1, dec2; + if (-1 != (dec1 = HEX2DEC[*(pSrc + 1)]) + && -1 != (dec2 = HEX2DEC[*(pSrc + 2)])) { + *pEnd++ = (dec1 << 4) + dec2; + pSrc += 3; + continue; + } + } + *pEnd++ = *pSrc++; + } + + // the last 2- chars + while (pSrc < SRC_END) { + *pEnd++ = *pSrc++; + } + + std::string sResult(pStart, pEnd); + delete [] pStart; + return sResult; +} + + +} // namespace utils +} // namespace modsecurity diff --git a/src/utils/decode.h b/src/utils/decode.h new file mode 100644 index 00000000..c39072f4 --- /dev/null +++ b/src/utils/decode.h @@ -0,0 +1,40 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + +#include +#include +#include +#include + +#include "modsecurity/modsecurity.h" +#include "src/utils/msc_string.h" + +#ifndef SRC_UTILS_DECODE_H_ +#define SRC_UTILS_DECODE_H_ + + +namespace modsecurity { +namespace utils { + + +int urldecode_nonstrict_inplace(unsigned char *input, + uint64_t input_len, int *invalid_count, int *changed); +std::string uri_decode(const std::string & sSrc); + + +} // namespace utils +} // namespace modsecurity + +#endif // SRC_UTILS_DECODE_H_ diff --git a/src/utils/msc_string.cc b/src/utils/msc_string.cc index d183435b..922cdcbf 100644 --- a/src/utils/msc_string.cc +++ b/src/utils/msc_string.cc @@ -171,5 +171,39 @@ void String::chomp(std::string *str) { } +unsigned char x2c(unsigned char *what) { + unsigned char digit; + + digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0')); + digit *= 16; + digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10 : (what[1] - '0')); + + return digit; +} + + +/** + * Converts a single hexadecimal digit into a decimal value. + */ +unsigned char xsingle2c(unsigned char *what) { + unsigned char digit; + + digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0')); + + return digit; +} + + +unsigned char *c2x(unsigned what, unsigned char *where) { + static const char c2x_table[] = "0123456789abcdef"; + + what = what & 0xff; + *where++ = c2x_table[what >> 4]; + *where++ = c2x_table[what & 0x0f]; + + return where; +} + + } // namespace utils } // namespace modsecurity diff --git a/src/utils/msc_string.h b/src/utils/msc_string.h index 0abe85f8..a4b96255 100644 --- a/src/utils/msc_string.h +++ b/src/utils/msc_string.h @@ -21,9 +21,38 @@ #ifndef SRC_UTILS_MSC_STRING_H_ #define SRC_UTILS_MSC_STRING_H_ +#define VALID_HEX(X) (((X >= '0') && (X <= '9')) || \ + ((X >= 'a') && (X <= 'f')) || ((X >= 'A') && (X <= 'F'))) +#define ISODIGIT(X) ((X >= '0') && (X <= '7')) +#define NBSP 160 + + namespace modsecurity { namespace utils { +const char HEX2DEC[256] = { + /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */ + /* 0 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* 1 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* 2 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* 3 */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1, + + /* 4 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* 5 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* 6 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* 7 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + + /* 8 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* 9 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* A */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* B */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + + /* C */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* D */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* E */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + /* F */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 +}; + class String { public: @@ -40,6 +69,9 @@ class String { static void chomp(std::string *str); }; +unsigned char x2c(unsigned char *what); +unsigned char xsingle2c(unsigned char *what); +unsigned char *c2x(unsigned what, unsigned char *where); } // namespace utils } // namespace modsecurity diff --git a/src/utils/msc_system.cc b/src/utils/msc_system.cc index b6d0c935..f7dd2e8b 100644 --- a/src/utils/msc_system.cc +++ b/src/utils/msc_system.cc @@ -33,8 +33,7 @@ #include #endif -#include "utils.h" -#include "utils/msc_system.h" +#include "src/utils/msc_system.h" namespace modsecurity { namespace utils { diff --git a/src/utils/msc_system.h b/src/utils/msc_system.h index 42e075a6..3938adc1 100644 --- a/src/utils/msc_system.h +++ b/src/utils/msc_system.h @@ -20,8 +20,8 @@ #include "modsecurity/modsecurity.h" -#ifndef SRC_UTILS_SYSTEM_H_ -#define SRC_UTILS_SYSTEM_H_ +#ifndef SRC_UTILS_MSC_SYSTEM_H_ +#define SRC_UTILS_MSC_SYSTEM_H_ namespace modsecurity { @@ -38,4 +38,4 @@ void createDir(std::string dir, int mode); } // namespace utils } // namespace modsecurity -#endif // SRC_UTILS_SYSTEM_H_ \ No newline at end of file +#endif // SRC_UTILS_MSC_SYSTEM_H_ diff --git a/src/utils/random.cc b/src/utils/random.cc new file mode 100644 index 00000000..6c00a8f4 --- /dev/null +++ b/src/utils/random.cc @@ -0,0 +1,45 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + + +#include +#include +#include +#include +#include + +#include "modsecurity/modsecurity.h" + +namespace modsecurity { +namespace utils { + + +double random_number(const double from, const double to) { + std::random_device rd; + std::mt19937 mt(rd()); + return std::bind( + std::uniform_real_distribution<>{from, to}, + std::default_random_engine{ mt() })(); +} + + +double generate_transaction_unique_id() { + return random_number(0, 100); +} + + +} // namespace utils +} // namespace modsecurity + diff --git a/src/utils/random.h b/src/utils/random.h new file mode 100644 index 00000000..870da50e --- /dev/null +++ b/src/utils/random.h @@ -0,0 +1,39 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + +#include +#include +#include +#include + +#include "modsecurity/modsecurity.h" + +#ifndef SRC_UTILS_RANDOM_H_ +#define SRC_UTILS_RANDOM_H_ + + +namespace modsecurity { +namespace utils { + + + double random_number(const double from, const double to); + double generate_transaction_unique_id(); + + +} // namespace utils +} // namespace modsecurity + + +#endif // SRC_UTILS_RANDOM_H_ diff --git a/src/variables/env.cc b/src/variables/env.cc index ad16d88c..8d24e7de 100644 --- a/src/variables/env.cc +++ b/src/variables/env.cc @@ -26,7 +26,6 @@ #include #include "modsecurity/transaction.h" -#include "src/utils.h" extern char **environ; diff --git a/src/variables/rule.cc b/src/variables/rule.cc index 04e79f16..0056aa12 100644 --- a/src/variables/rule.cc +++ b/src/variables/rule.cc @@ -44,11 +44,12 @@ #include "src/actions/xmlns.h" #include "src/actions/log_data.h" #include "src/actions/msg.h" -#include "src/utils.h" #include "utils/msc_string.h" + using modsecurity::utils::String; + namespace modsecurity { namespace Variables { diff --git a/src/variables/variable.cc b/src/variables/variable.cc index c21410f0..0b2b2a73 100644 --- a/src/variables/variable.cc +++ b/src/variables/variable.cc @@ -22,12 +22,13 @@ #include "modsecurity/transaction.h" #include "variations/exclusion.h" -#include "src/utils.h" #include "utils/msc_string.h" + using modsecurity::utils::String; using modsecurity::Variables::Variations::Exclusion; + namespace modsecurity { namespace Variables { diff --git a/src/variables/variations/count.cc b/src/variables/variations/count.cc index b3794ddc..0fab18eb 100644 --- a/src/variables/variations/count.cc +++ b/src/variables/variations/count.cc @@ -22,12 +22,13 @@ #include #include "modsecurity/transaction.h" -#include "src/utils.h" + namespace modsecurity { namespace Variables { namespace Variations { + void Count::evaluateInternal(Transaction *transaction, std::vector *l) { std::vector *reslIn; diff --git a/src/variables/variations/exclusion.cc b/src/variables/variations/exclusion.cc index 45e99e82..bb024e29 100644 --- a/src/variables/variations/exclusion.cc +++ b/src/variables/variations/exclusion.cc @@ -22,7 +22,7 @@ #include #include "modsecurity/transaction.h" -#include "src/utils.h" + namespace modsecurity { namespace Variables { diff --git a/test/optimization/optimization.cc b/test/optimization/optimization.cc index fca14a6e..7f1b8568 100644 --- a/test/optimization/optimization.cc +++ b/test/optimization/optimization.cc @@ -22,7 +22,6 @@ #include "modsecurity/modsecurity.h" #include "modsecurity/rules.h" -#include "src/utils.h" #include "src/utils/msc_system.h" #include "parser/driver.h" #include "utils/https_client.h" diff --git a/test/unit/unit.cc b/test/unit/unit.cc index 9653ed2b..4fa0ad03 100644 --- a/test/unit/unit.cc +++ b/test/unit/unit.cc @@ -28,9 +28,9 @@ #include "common/modsecurity_test_results.h" #include "common/colors.h" #include "unit/unit_test.h" -#include "src/utils.h" #include "utils/msc_string.h" + using modsecurity::utils::String; using modsecurity_test::UnitTest; using modsecurity_test::ModSecurityTest; diff --git a/test/unit/unit_test.cc b/test/unit/unit_test.cc index c1325ea9..b56057c3 100644 --- a/test/unit/unit_test.cc +++ b/test/unit/unit_test.cc @@ -23,12 +23,13 @@ #include #include "common/colors.h" -#include "src/utils.h" #include "src/utils/regex.h" #include "utils/msc_string.h" + using modsecurity::utils::String; + namespace modsecurity_test {