github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring on `utils.cc' and adjacents

Browse Source 
Completely removed the `utils.cc' by moving residual functions into
sub-classes of `utils/'
This commit is contained in:
Felipe Zimmerle 2016-11-03 20:02:37 -03:00
parent b48dccff70
commit 507ec44cc2
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
75 changed files with 702 additions and 686 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Makefile.am
View File

@ -213,11 +213,13 @@ OPERATORS = \
UTILS = \ UTILS = \
utils/acmp.cc \ utils/acmp.cc \
utils/base64.cc \ utils/base64.cc \
utils/decode.cc \
utils/geo_lookup.cc \ utils/geo_lookup.cc \
utils/https_client.cc \ utils/https_client.cc \
utils/ip_tree.cc \ utils/ip_tree.cc \
utils/md5.cc \ utils/md5.cc \
utils/msc_tree.cc \ utils/msc_tree.cc \
utils/random.cc \
utils/regex.cc \ utils/regex.cc \
utils/sha1.cc \ utils/sha1.cc \
utils/msc_string.cc \ utils/msc_string.cc \
@ -247,7 +249,6 @@ libmodsecurity_la_SOURCES = \
audit_log/writer/parallel.cc \ audit_log/writer/parallel.cc \
modsecurity.cc \ modsecurity.cc \
rules.cc \ rules.cc \
utils.cc \
debug_log.cc \ debug_log.cc \
debug_log_writer.cc \ debug_log_writer.cc \
macro_expansion.cc \ macro_expansion.cc \

2
src/actions/accuracy.cc
View File

@ -20,10 +20,10 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

3
src/actions/allow.cc
View File

@ -20,12 +20,13 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
#include "modsecurity/modsecurity.h" #include "modsecurity/modsecurity.h"
using modsecurity::utils::String; using modsecurity::utils::String;
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

2
src/actions/ctl/request_body_access.h
View File

@ -17,7 +17,7 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_ #ifndef SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_
#define SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_ #define SRC_ACTIONS_CTL_REQUEST_BODY_ACCESS_H_

2
src/actions/ctl/rule_remove_by_id.h
View File

@ -17,7 +17,7 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_ #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_
#define SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_BY_ID_H_

2
src/actions/ctl/rule_remove_target_by_id.h
View File

@ -17,7 +17,7 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_ #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_
#define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_ID_H_

2
src/actions/ctl/rule_remove_target_by_tag.h
View File

@ -17,7 +17,7 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_ #ifndef SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_
#define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_ #define SRC_ACTIONS_CTL_RULE_REMOVE_TARGET_BY_TAG_H_

2
src/actions/init_col.cc
View File

@ -20,10 +20,10 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

1
src/actions/log.cc
View File

@ -20,7 +20,6 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "operators/operator.h" #include "operators/operator.h"

1
src/actions/log_data.cc
View File

@ -20,7 +20,6 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"

2
src/actions/maturity.cc
View File

@ -20,10 +20,10 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

1
src/actions/msg.cc
View File

@ -20,7 +20,6 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"

1
src/actions/no_log.cc
View File

@ -20,7 +20,6 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "operators/operator.h" #include "operators/operator.h"

2
src/actions/phase.cc
View File

@ -20,10 +20,10 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/utils.h"
#include "modsecurity/modsecurity.h" #include "modsecurity/modsecurity.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;

2
src/actions/rev.cc
View File

@ -20,10 +20,10 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

2
src/actions/set_sid.cc
View File

@ -21,7 +21,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

2
src/actions/set_uid.cc
View File

@ -21,7 +21,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

1
src/actions/set_var.cc
View File

@ -21,7 +21,6 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;

2
src/actions/severity.cc
View File

@ -21,9 +21,9 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;

2
src/actions/skip.cc
View File

@ -20,7 +20,7 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

2
src/actions/skip_after.cc
View File

@ -20,7 +20,7 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

1
src/actions/tag.cc
View File

@ -20,7 +20,6 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"

146
src/actions/transformations/css_decode.cc
View File

@ -26,7 +26,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "src/utils/msc_string.h"
namespace modsecurity { namespace modsecurity {
@ -42,13 +42,155 @@ std::string CssDecode::evaluate(std::string value,
memcpy(tmp, value.c_str(), value.size() + 1); memcpy(tmp, value.c_str(), value.size() + 1);
tmp[value.size()] = '\0'; tmp[value.size()] = '\0';
css_decode_inplace(reinterpret_cast<unsigned char *>(tmp), value.size()); CssDecode::css_decode_inplace(reinterpret_cast<unsigned char *>(tmp),
value.size());
std::string ret(tmp, 0, value.size()); std::string ret(tmp, 0, value.size());
free(tmp); free(tmp);
return ret; return ret;
} }
/**
* Decode a string that contains CSS-escaped characters.
*
* References:
* http://www.w3.org/TR/REC-CSS2/syndata.html#q4
* http://www.unicode.org/roadmaps/
*/
int CssDecode::css_decode_inplace(unsigned char *input, int64_t input_len) {
unsigned char *d = (unsigned char *)input;
int64_t i, j, count;
if (input == NULL) {
return -1;
}
i = count = 0;
while (i < input_len) {
/* Is the character a backslash? */
if (input[i] == '\\') {
/* Is there at least one more byte? */
if (i + 1 < input_len) {
i++; /* We are not going to need the backslash. */
/* Check for 1-6 hex characters following the backslash */
j = 0;
while ((j < 6)
&& (i + j < input_len)
&& (VALID_HEX(input[i + j]))) {
j++;
}
if (j > 0) {
/* We have at least one valid hexadecimal character. */
int fullcheck = 0;
/* For now just use the last two bytes. */
switch (j) {
/* Number of hex characters */
case 1:
*d++ = modsecurity::utils::xsingle2c(&input[i]);
break;
case 2:
case 3:
/* Use the last two from the end. */
*d++ = modsecurity::utils::x2c(&input[i + j - 2]);
break;
case 4:
/* Use the last two from the end, but request
* a full width check.
*/
*d = modsecurity::utils::x2c(&input[i + j - 2]);
fullcheck = 1;
break;
case 5:
/* Use the last two from the end, but request
* a full width check if the number is greater
* or equal to 0xFFFF.
*/
*d = modsecurity::utils::x2c(&input[i + j - 2]);
/* Do full check if first byte is 0 */
if (input[i] == '0') {
fullcheck = 1;
} else {
d++;
}
break;
case 6:
/* Use the last two from the end, but request
* a full width check if the number is greater
* or equal to 0xFFFF.
*/
*d = modsecurity::utils::x2c(&input[i + j - 2]);
/* Do full check if first/second bytes are 0 */
if ((input[i] == '0')
&& (input[i + 1] == '0')) {
fullcheck = 1;
} else {
d++;
}
break;
}
/* Full width ASCII (0xff01 - 0xff5e) needs 0x20 added */
if (fullcheck) {
if ((*d > 0x00) && (*d < 0x5f)
&& ((input[i + j - 3] == 'f') ||
(input[i + j - 3] == 'F'))
&& ((input[i + j - 4] == 'f') ||
(input[i + j - 4] == 'F'))) {
(*d) += 0x20;
}
d++;
}
/* We must ignore a single whitespace after a hex escape */
if ((i + j < input_len) && isspace(input[i + j])) {
j++;
}
/* Move over. */
count++;
i += j;
} else if (input[i] == '\n') {
/* No hexadecimal digits after backslash */
/* A newline character following backslash is ignored. */
i++;
} else {
/* The character after backslash is not a hexadecimal digit,
* nor a newline. */
/* Use one character after backslash as is. */
*d++ = input[i++];
count++;
}
} else {
/* No characters after backslash. */
/* Do not include backslash in output
*(continuation to nothing) */
i++;
}
} else {
/* Character is not a backslash. */
/* Copy one normal character to output. */
*d++ = input[i++];
count++;
}
}
/* Terminate output string. */
*d = '\0';
return count;
}
} // namespace transformations } // namespace transformations
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

2
src/actions/transformations/css_decode.h
View File

@ -35,6 +35,8 @@ class CssDecode : public Transformation {
: Transformation(action) { } : Transformation(action) { }
std::string evaluate(std::string exp, std::string evaluate(std::string exp,
Transaction *transaction) override; Transaction *transaction) override;
static int css_decode_inplace(unsigned char *input, int64_t input_len);
}; };

4
src/actions/transformations/escape_seq_decode.cc
View File

@ -25,7 +25,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "src/utils/msc_string.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
@ -92,7 +92,7 @@ int EscapeSeqDecode::ansi_c_sequences_decode_inplace(unsigned char *input,
if ((i + 3 < input_len) && (isxdigit(input[i + 2])) if ((i + 3 < input_len) && (isxdigit(input[i + 2]))
&& (isxdigit(input[i + 3]))) { && (isxdigit(input[i + 3]))) {
/* Two digits. */ /* Two digits. */
c = x2c(&input[i + 2]); c = modsecurity::utils::x2c(&input[i + 2]);
i += 4; i += 4;
} else { } else {
/* Invalid encoding, do nothing. */ /* Invalid encoding, do nothing. */

4
src/actions/transformations/hex_decode.cc
View File

@ -25,7 +25,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "src/utils/msc_string.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
@ -65,7 +65,7 @@ int HexDecode::inplace(unsigned char *data, int len) {
} }
for (i = 0; i <= len - 2; i += 2) { for (i = 0; i <= len - 2; i += 2) {
*d++ = x2c(&data[i]); *d++ = modsecurity::utils::x2c(&data[i]);
count++; count++;
} }
*d = '\0'; *d = '\0';

1
src/actions/transformations/html_entity_decode.cc
View File

@ -26,7 +26,6 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {

1
src/actions/transformations/html_entity_decode.h
View File

@ -18,6 +18,7 @@
#include "actions/action.h" #include "actions/action.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "utils/msc_string.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_ #ifndef SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_ #define SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_

6
src/actions/transformations/js_decode.cc
View File

@ -26,7 +26,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "src/utils/msc_string.h"
namespace modsecurity { namespace modsecurity {
@ -72,7 +72,7 @@ int JsDecode::inplace(unsigned char *input, u_int64_t input_len) {
/* \uHHHH */ /* \uHHHH */
/* Use only the lower byte. */ /* Use only the lower byte. */
*d = x2c(&input[i + 4]); *d = modsecurity::utils::x2c(&input[i + 4]);
/* Full width ASCII (ff01 - ff5e) needs 0x20 added */ /* Full width ASCII (ff01 - ff5e) needs 0x20 added */
if ((*d > 0x00) && (*d < 0x5f) if ((*d > 0x00) && (*d < 0x5f)
@ -87,7 +87,7 @@ int JsDecode::inplace(unsigned char *input, u_int64_t input_len) {
} else if ((i + 3 < input_len) && (input[i + 1] == 'x') } else if ((i + 3 < input_len) && (input[i + 1] == 'x')
&& VALID_HEX(input[i + 2]) && VALID_HEX(input[i + 3])) { && VALID_HEX(input[i + 2]) && VALID_HEX(input[i + 3])) {
/* \xHH */ /* \xHH */
*d++ = x2c(&input[i + 2]); *d++ = modsecurity::utils::x2c(&input[i + 2]);
count++; count++;
i += 4; i += 4;
} else if ((i + 1 < input_len) && ISODIGIT(input[i + 1])) { } else if ((i + 1 < input_len) && ISODIGIT(input[i + 1])) {

168
src/actions/transformations/normalise_path.cc
View File

@ -26,7 +26,6 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {
@ -57,6 +56,173 @@ std::string NormalisePath::evaluate(std::string value,
return ret; return ret;
} }
/**
*
* IMP1 Assumes NUL-terminated
*/
int NormalisePath::normalize_path_inplace(unsigned char *input, int input_len,
int win, int *changed) {
unsigned char *src;
unsigned char *dst;
unsigned char *end;
int ldst = 0;
int hitroot = 0;
int done = 0;
int relative;
int trailing;
*changed = 0;
/* Need at least one byte to normalize */
if (input_len <= 0) return 0;
/*
* ENH: Deal with UNC and drive letters?
*/
src = dst = input;
end = input + (input_len - 1);
ldst = 1;
relative = ((*input == '/') || (win && (*input == '\\'))) ? 0 : 1;
trailing = ((*end == '/') || (win && (*end == '\\'))) ? 1 : 0;
while (!done && (src <= end) && (dst <= end)) {
/* Convert backslash to forward slash on Windows only. */
if (win) {
if (*src == '\\') {
*src = '/';
*changed = 1;
}
if ((src < end) && (*(src + 1) == '\\')) {
*(src + 1) = '/';
*changed = 1;
}
}
/* Always normalize at the end of the input. */
if (src == end) {
done = 1;
} else if (*(src + 1) != '/') {
/* Skip normalization if this is NOT the
*end of the path segment. */
goto copy; /* Skip normalization. */
}
/*** Normalize the path segment. ***/
/* Could it be an empty path segment? */
if ((src != end) && *src == '/') {
/* Ignore */
*changed = 1;
goto copy; /* Copy will take care of this. */
} else if (*src == '.') {
/* Could it be a back or self reference? */
/* Back-reference? */
if ((dst > input) && (*(dst - 1) == '.')) {
/* If a relative path and either our normalization has
* already hit the rootdir, or this is a backref with no
* previous path segment, then mark that the rootdir was hit
* and just copy the backref as no normilization is possible.
*/
if (relative && (hitroot || ((dst - 2) <= input))) {
hitroot = 1;
goto copy; /* Skip normalization. */
}
/* Remove backreference and the previous path segment. */
dst -= 3;
while ((dst > input) && (*dst != '/')) {
dst--;
}
/* But do not allow going above rootdir. */
if (dst <= input) {
hitroot = 1;
dst = input;
/* Need to leave the root slash if this
* is not a relative path and the end was reached
* on a backreference.
*/
if (!relative && (src == end)) {
dst++;
}
}
if (done) goto length; /* Skip the copy. */
src++;
*changed = 1;
} else if (dst == input) {
/* Relative Self-reference? */
*changed = 1;
/* Ignore. */
if (done) goto length; /* Skip the copy. */
src++;
} else if (*(dst - 1) == '/') {
/* Self-reference? */
*changed = 1;
/* Ignore. */
if (done) goto length; /* Skip the copy. */
dst--;
src++;
}
} else if (dst > input) {
/* Found a regular path segment. */
hitroot = 0;
}
copy:
/*** Copy the byte if required. ***/
/* Skip to the last forward slash when multiple are used. */
if (*src == '/') {
unsigned char *oldsrc = src;
while ((src < end)
&& ((*(src + 1) == '/') || (win && (*(src + 1) == '\\'))) ) {
src++;
}
if (oldsrc != src) *changed = 1;
/* Do not copy the forward slash to the root
* if it is not a relative path. Instead
* move over the slash to the next segment.
*/
if (relative && (dst == input)) {
src++;
goto length; /* Skip the copy */
}
}
*(dst++) = *(src++);
length:
ldst = (dst - input);
}
/* Make sure that there is not a trailing slash in the
* normalized form if there was not one in the original form.
*/
if (!trailing && (dst > input) && *(dst - 1) == '/') {
ldst--;
dst--;
}
/* Always NUL terminate */
*dst = '\0';
return ldst;
}
} // namespace transformations } // namespace transformations
} // namespace actions } // namespace actions
} // namespace modsecurity } // namespace modsecurity

3
src/actions/transformations/normalise_path.h
View File

@ -33,6 +33,9 @@ class NormalisePath : public Transformation {
explicit NormalisePath(std::string action); explicit NormalisePath(std::string action);
std::string evaluate(std::string exp, std::string evaluate(std::string exp,
Transaction *transaction) override; Transaction *transaction) override;
static int normalize_path_inplace(unsigned char *input, int input_len,
int win, int *changed);
}; };
} // namespace transformations } // namespace transformations

5
src/actions/transformations/normalise_path_win.cc
View File

@ -26,7 +26,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "actions/transformations/normalise_path.h"
namespace modsecurity { namespace modsecurity {
@ -43,7 +43,8 @@ std::string NormalisePathWin::evaluate(std::string value,
memcpy(tmp, value.c_str(), value.size() + 1); memcpy(tmp, value.c_str(), value.size() + 1);
tmp[value.size()] = '\0'; tmp[value.size()] = '\0';
int i = normalize_path_inplace(reinterpret_cast<unsigned char *>(tmp), int i = NormalisePath::normalize_path_inplace(
reinterpret_cast<unsigned char *>(tmp),
value.size(), 1, &changed); value.size(), 1, &changed);
std::string ret(""); std::string ret("");

2
src/actions/transformations/remove_nulls.cc
View File

@ -26,7 +26,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

1
src/actions/transformations/replace_comments.cc
View File

@ -25,7 +25,6 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {

1
src/actions/transformations/sha1.cc
View File

@ -25,7 +25,6 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "utils/sha1.h" #include "utils/sha1.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {

4
src/actions/transformations/sql_hex_decode.cc
View File

@ -25,7 +25,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "src/utils/msc_string.h"
namespace modsecurity { namespace modsecurity {
@ -96,7 +96,7 @@ int SqlHexDecode::inplace(unsigned char *data, int len) {
} }
while (VALID_HEX(data[0]) && VALID_HEX(data[1])) { while (VALID_HEX(data[0]) && VALID_HEX(data[1])) {
*d++ = x2c(data); *d++ = modsecurity::utils::x2c(data);
data += 2; data += 2;
count += 2; count += 2;
} }

4
src/actions/transformations/url_decode.cc
View File

@ -25,7 +25,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "src/utils/decode.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
@ -51,7 +51,7 @@ std::string UrlDecode::evaluate(std::string value,
memcpy(val, value.c_str(), value.size() + 1); memcpy(val, value.c_str(), value.size() + 1);
val[value.size()] = '\0'; val[value.size()] = '\0';
int size = urldecode_nonstrict_inplace(val, value.size(), int size = utils::urldecode_nonstrict_inplace(val, value.size(),
&invalid_count, &changed); &invalid_count, &changed);
std::string out; std::string out;

6
src/actions/transformations/url_decode_uni.cc
View File

@ -27,7 +27,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "src/utils/msc_string.h"
#include "modsecurity/rules.h" #include "modsecurity/rules.h"
namespace modsecurity { namespace modsecurity {
@ -114,7 +114,7 @@ int UrlDecodeUni::inplace(unsigned char *input, u_int64_t input_len,
} else { } else {
/* We first make use of the lower byte here, /* We first make use of the lower byte here,
* ignoring the higher byte. */ * ignoring the higher byte. */
*d = x2c(&input[i + 4]); *d = modsecurity::utils::x2c(&input[i + 4]);
/* Full width ASCII (ff01 - ff5e) /* Full width ASCII (ff01 - ff5e)
* needs 0x20 added */ * needs 0x20 added */
@ -153,7 +153,7 @@ int UrlDecodeUni::inplace(unsigned char *input, u_int64_t input_len,
char c2 = input[i + 2]; char c2 = input[i + 2];
if (VALID_HEX(c1) && VALID_HEX(c2)) { if (VALID_HEX(c1) && VALID_HEX(c2)) {
*d++ = x2c(&input[i + 1]); *d++ = modsecurity::utils::x2c(&input[i + 1]);
count++; count++;
i += 3; i += 3;
} else { } else {

4
src/actions/transformations/url_encode.cc
View File

@ -24,7 +24,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "src/utils/msc_string.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {
@ -69,7 +69,7 @@ std::string UrlEncode::url_enc(const char *input,
} else { } else {
*d++ = '%'; *d++ = '%';
count++; count++;
c2x(c, (unsigned char *)d); modsecurity::utils::c2x(c, (unsigned char *)d);
d += 2; d += 2;
count++; count++;
count++; count++;

4
src/actions/transformations/utf8_to_unicode.cc
View File

@ -25,7 +25,7 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "actions/transformations/transformation.h" #include "actions/transformations/transformation.h"
#include "src/utils.h" #include "src/utils/msc_string.h"
namespace modsecurity { namespace modsecurity {
@ -93,7 +93,7 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
count++; count++;
if (count <= len) { if (count <= len) {
if (c == 0) if (c == 0)
*data = x2c(&c); *data = modsecurity::utils::x2c(&c);
else else
*data++ = c; *data++ = c;
} }

1
src/actions/ver.cc
View File

@ -20,7 +20,6 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"

1
src/actions/xmlns.cc
View File

@ -20,7 +20,6 @@
#include "actions/action.h" #include "actions/action.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {
namespace actions { namespace actions {

2
src/audit_log/writer/https.cc
View File

@ -27,10 +27,10 @@
#include "audit_log/audit_log.h" #include "audit_log/audit_log.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "utils/md5.h" #include "utils/md5.h"
#include "utils/https_client.h" #include "utils/https_client.h"
namespace modsecurity { namespace modsecurity {
namespace audit_log { namespace audit_log {
namespace writer { namespace writer {

3
src/audit_log/writer/parallel.cc
View File

@ -27,14 +27,15 @@
#include "audit_log/audit_log.h" #include "audit_log/audit_log.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "src/utils/msc_system.h" #include "src/utils/msc_system.h"
#include "utils/md5.h" #include "utils/md5.h"
namespace modsecurity { namespace modsecurity {
namespace audit_log { namespace audit_log {
namespace writer { namespace writer {
std::mutex g_writeMutex; std::mutex g_writeMutex;

2
src/collection/backend/in_memory-per_process.cc
View File

@ -24,10 +24,10 @@
#endif #endif
#include "modsecurity/collection/variable.h" #include "modsecurity/collection/variable.h"
#include "src/utils.h"
#include "src/utils/regex.h" #include "src/utils/regex.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;

1
src/collection/backend/lmdb.cc
View File

@ -22,7 +22,6 @@
#include <string> #include <string>
#include "modsecurity/collection/variable.h" #include "modsecurity/collection/variable.h"
#include "src/utils.h"
#include "src/utils/regex.h" #include "src/utils/regex.h"
#undef LMDB_STDOUT_COUT #undef LMDB_STDOUT_COUT

2
src/collection/collections.cc
View File

@ -27,9 +27,9 @@
#include "modsecurity/collection/variable.h" #include "modsecurity/collection/variable.h"
#include "modsecurity/collection/collection.h" #include "modsecurity/collection/collection.h"
#include "src/collection/backend/in_memory-per_process.h" #include "src/collection/backend/in_memory-per_process.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;

1
src/macro_expansion.cc
View File

@ -19,7 +19,6 @@
#include "src/variables/rule.h" #include "src/variables/rule.h"
#include "src/variables/tx.h" #include "src/variables/tx.h"
#include "src/variables/highest_severity.h" #include "src/variables/highest_severity.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"

2
src/operators/pm_from_file.cc
View File

@ -19,9 +19,9 @@
#include "operators/operator.h" #include "operators/operator.h"
#include "utils/https_client.h" #include "utils/https_client.h"
#include "src/utils.h"
#include "src/utils/msc_system.h" #include "src/utils/msc_system.h"
namespace modsecurity { namespace modsecurity {
namespace operators { namespace operators {

1
src/operators/validate_dtd.cc
View File

@ -18,7 +18,6 @@
#include <string> #include <string>
#include "request_body_processor/xml.h" #include "request_body_processor/xml.h"
#include "src/utils.h"
#include "src/utils/msc_system.h" #include "src/utils/msc_system.h"
#include "operators/operator.h" #include "operators/operator.h"

1
src/parser/seclang-parser.yy
View File

@ -54,7 +54,6 @@ class Driver;
#include "modsecurity/rules_properties.h" #include "modsecurity/rules_properties.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "operators/operator.h" #include "operators/operator.h"
#include "utils.h"
#include "utils/geo_lookup.h" #include "utils/geo_lookup.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
#include "utils/msc_system.h" #include "utils/msc_system.h"

1
src/parser/seclang-scanner.ll
View File

@ -7,7 +7,6 @@
#include "parser/driver.h" #include "parser/driver.h"
#include "seclang-parser.hh" #include "seclang-parser.hh"
#include "utils/https_client.h" #include "utils/https_client.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::Parser::Driver; using modsecurity::Parser::Driver;

3
src/request_body_processor/multipart.cc
View File

@ -28,11 +28,12 @@
#include "modsecurity/collection/collections.h" #include "modsecurity/collection/collections.h"
#include "modsecurity/rules.h" #include "modsecurity/rules.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;
namespace modsecurity { namespace modsecurity {
namespace RequestBodyProcessor { namespace RequestBodyProcessor {

1
src/rule.cc
View File

@ -30,7 +30,6 @@
#include "actions/transformations/none.h" #include "actions/transformations/none.h"
#include "actions/tag.h" #include "actions/tag.h"
#include "variables/variations/exclusion.h" #include "variables/variations/exclusion.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
#include "modsecurity/rules.h" #include "modsecurity/rules.h"
#include "src/macro_expansion.h" #include "src/macro_expansion.h"

1
src/rules.cc
View File

@ -23,7 +23,6 @@
#include "modsecurity/modsecurity.h" #include "modsecurity/modsecurity.h"
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
#include "parser/driver.h" #include "parser/driver.h"
#include "utils/https_client.h" #include "utils/https_client.h"

3
src/rules_exceptions.cc
View File

@ -17,11 +17,12 @@
#include <string> #include <string>
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;
namespace modsecurity { namespace modsecurity {

12
src/transaction.cc
View File

@ -41,9 +41,10 @@
#include "request_body_processor/json.h" #include "request_body_processor/json.h"
#include "audit_log/audit_log.h" #include "audit_log/audit_log.h"
#include "src/unique_id.h" #include "src/unique_id.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
#include "utils/msc_system.h" #include "utils/msc_system.h"
#include "utils/decode.h"
#include "utils/random.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
#include "modsecurity/rules_properties.h" #include "modsecurity/rules_properties.h"
#include "src/actions/allow.h" #include "src/actions/allow.h"
@ -132,7 +133,7 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
m_json(new RequestBodyProcessor::JSON(this)), m_json(new RequestBodyProcessor::JSON(this)),
m_xml(new RequestBodyProcessor::XML(this)) { m_xml(new RequestBodyProcessor::XML(this)) {
m_id = std::to_string(this->m_timeStamp) + \ m_id = std::to_string(this->m_timeStamp) + \
std::to_string(generate_transaction_unique_id()); std::to_string(modsecurity::utils::generate_transaction_unique_id());
m_rules->incrementReferenceCount(); m_rules->incrementReferenceCount();
m_collections.store("ARGS_COMBINED_SIZE", std::string("0")); m_collections.store("ARGS_COMBINED_SIZE", std::string("0"));
@ -283,8 +284,9 @@ bool Transaction::extractArguments(const std::string &orig,
memcpy(key_c, key.c_str(), key_s); memcpy(key_c, key.c_str(), key_s);
memcpy(value_c, value.c_str(), value_s); memcpy(value_c, value.c_str(), value_s);
key_s = urldecode_nonstrict_inplace(key_c, key_s, &invalid, &changed); key_s = utils::urldecode_nonstrict_inplace(key_c, key_s,
value_s = urldecode_nonstrict_inplace(value_c, value_s, &invalid, &changed);
value_s = utils::urldecode_nonstrict_inplace(value_c, value_s,
&invalid, &changed); &invalid, &changed);
if (invalid) { if (invalid) {
@ -374,7 +376,7 @@ int Transaction::processURI(const char *uri, const char *method,
m_httpVersion = http_version; m_httpVersion = http_version;
m_uri = uri; m_uri = uri;
std::string uri_s(uri); std::string uri_s(uri);
m_uri_decoded = uri_decode(uri); m_uri_decoded = utils::uri_decode(uri);
size_t pos = m_uri_decoded.find("?"); size_t pos = m_uri_decoded.find("?");
size_t pos_raw = uri_s.find("?"); size_t pos_raw = uri_s.find("?");

554
src/utils.cc
View File

@ -1,554 +0,0 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "src/utils.h"
#include <stdio.h>
#include <stdlib.h>
#include <stddef.h>
#include <string.h>
#include <wordexp.h>
#include <stdint.h>
#include <inttypes.h>
#include <algorithm>
#include <random>
#include <memory>
#include <functional>
#include <string>
#include <iostream>
#include <sstream>
#include <cstring>
#if defined _MSC_VER
#include <direct.h>
#elif defined __GNUC__
#include <sys/types.h>
#include <sys/stat.h>
#endif
#include "modsecurity/modsecurity.h"
namespace modsecurity {
int urldecode_nonstrict_inplace(unsigned char *input,
uint64_t input_len, int *invalid_count, int *changed) {
unsigned char *d = (unsigned char *)input;
uint64_t i, count;
*changed = 0;
if (input == NULL) {
return -1;
}
i = count = 0;
while (i < input_len) {
if (input[i] == '%') {
/* Character is a percent sign. */
/* Are there enough bytes available? */
if (i + 2 < input_len) {
char c1 = input[i + 1];
char c2 = input[i + 2];
if (VALID_HEX(c1) && VALID_HEX(c2)) {
uint64_t uni = x2c(&input[i + 1]);
*d++ = (wchar_t)uni;
count++;
i += 3;
*changed = 1;
} else {
/* Not a valid encoding, skip this % */
*d++ = input[i++];
count++;
(*invalid_count)++;
}
} else {
/* Not enough bytes available, copy the raw bytes. */
*d++ = input[i++];
count++;
(*invalid_count)++;
}
} else {
/* Character is not a percent sign. */
if (input[i] == '+') {
*d++ = ' ';
*changed = 1;
} else {
*d++ = input[i];
}
count++;
i++;
}
}
#if 0
*d = '\0';
#endif
return count;
}
double random_number(const double from, const double to) {
std::random_device rd;
std::mt19937 mt(rd());
return std::bind(
std::uniform_real_distribution<>{from, to},
std::default_random_engine{ mt() })();
}
double generate_transaction_unique_id() {
return random_number(0, 100);
}
const char SAFE[256] = {
/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
/* 0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* 1 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* 2 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* 3 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0,
/* 4 */ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
/* 5 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0,
/* 6 */ 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
/* 7 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0,
/* 8 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* 9 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* A */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* B */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* C */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* D */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* E */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
/* F */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
const char HEX2DEC[256] = {
/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
/* 0 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 1 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 2 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 3 */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1,
/* 4 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 5 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 6 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 7 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 8 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 9 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* A */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* B */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* C */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* D */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* E */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* F */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
};
std::string uri_decode(const std::string & sSrc) {
// Note from RFC1630: "Sequences which start with a percent
// sign but are not followed by two hexadecimal characters
// (0-9, A-F) are reserved for future extension"
const unsigned char * pSrc = (const unsigned char *)sSrc.c_str();
const int SRC_LEN = sSrc.length();
const unsigned char * const SRC_END = pSrc + SRC_LEN;
// last decodable '%'
const unsigned char * const SRC_LAST_DEC = SRC_END - 2;
char * const pStart = new char[SRC_LEN];
char * pEnd = pStart;
while (pSrc < SRC_LAST_DEC) {
if (*pSrc == '%') {
char dec1, dec2;
if (-1 != (dec1 = HEX2DEC[*(pSrc + 1)])
&& -1 != (dec2 = HEX2DEC[*(pSrc + 2)])) {
*pEnd++ = (dec1 << 4) + dec2;
pSrc += 3;
continue;
}
}
*pEnd++ = *pSrc++;
}
// the last 2- chars
while (pSrc < SRC_END) {
*pEnd++ = *pSrc++;
}
std::string sResult(pStart, pEnd);
delete [] pStart;
return sResult;
}
/**
* Decode a string that contains CSS-escaped characters.
*
* References:
* http://www.w3.org/TR/REC-CSS2/syndata.html#q4
* http://www.unicode.org/roadmaps/
*/
int css_decode_inplace(unsigned char *input, int64_t input_len) {
unsigned char *d = (unsigned char *)input;
int64_t i, j, count;
if (input == NULL) {
return -1;
}
i = count = 0;
while (i < input_len) {
/* Is the character a backslash? */
if (input[i] == '\\') {
/* Is there at least one more byte? */
if (i + 1 < input_len) {
i++; /* We are not going to need the backslash. */
/* Check for 1-6 hex characters following the backslash */
j = 0;
while ((j < 6)
&& (i + j < input_len)
&& (VALID_HEX(input[i + j]))) {
j++;
}
if (j > 0) {
/* We have at least one valid hexadecimal character. */
int fullcheck = 0;
/* For now just use the last two bytes. */
switch (j) {
/* Number of hex characters */
case 1:
*d++ = xsingle2c(&input[i]);
break;
case 2:
case 3:
/* Use the last two from the end. */
*d++ = x2c(&input[i + j - 2]);
break;
case 4:
/* Use the last two from the end, but request
* a full width check.
*/
*d = x2c(&input[i + j - 2]);
fullcheck = 1;
break;
case 5:
/* Use the last two from the end, but request
* a full width check if the number is greater
* or equal to 0xFFFF.
*/
*d = x2c(&input[i + j - 2]);
/* Do full check if first byte is 0 */
if (input[i] == '0') {
fullcheck = 1;
} else {
d++;
}
break;
case 6:
/* Use the last two from the end, but request
* a full width check if the number is greater
* or equal to 0xFFFF.
*/
*d = x2c(&input[i + j - 2]);
/* Do full check if first/second bytes are 0 */
if ((input[i] == '0')
&& (input[i + 1] == '0')) {
fullcheck = 1;
} else {
d++;
}
break;
}
/* Full width ASCII (0xff01 - 0xff5e) needs 0x20 added */
if (fullcheck) {
if ((*d > 0x00) && (*d < 0x5f)
&& ((input[i + j - 3] == 'f') ||
(input[i + j - 3] == 'F'))
&& ((input[i + j - 4] == 'f') ||
(input[i + j - 4] == 'F'))) {
(*d) += 0x20;
}
d++;
}
/* We must ignore a single whitespace after a hex escape */
if ((i + j < input_len) && isspace(input[i + j])) {
j++;
}
/* Move over. */
count++;
i += j;
} else if (input[i] == '\n') {
/* No hexadecimal digits after backslash */
/* A newline character following backslash is ignored. */
i++;
} else {
/* The character after backslash is not a hexadecimal digit,
* nor a newline. */
/* Use one character after backslash as is. */
*d++ = input[i++];
count++;
}
} else {
/* No characters after backslash. */
/* Do not include backslash in output
*(continuation to nothing) */
i++;
}
} else {
/* Character is not a backslash. */
/* Copy one normal character to output. */
*d++ = input[i++];
count++;
}
}
/* Terminate output string. */
*d = '\0';
return count;
}
/**
*
* IMP1 Assumes NUL-terminated
*/
int normalize_path_inplace(unsigned char *input, int input_len,
int win, int *changed) {
unsigned char *src;
unsigned char *dst;
unsigned char *end;
int ldst = 0;
int hitroot = 0;
int done = 0;
int relative;
int trailing;
*changed = 0;
/* Need at least one byte to normalize */
if (input_len <= 0) return 0;
/*
* ENH: Deal with UNC and drive letters?
*/
src = dst = input;
end = input + (input_len - 1);
ldst = 1;
relative = ((*input == '/') || (win && (*input == '\\'))) ? 0 : 1;
trailing = ((*end == '/') || (win && (*end == '\\'))) ? 1 : 0;
while (!done && (src <= end) && (dst <= end)) {
/* Convert backslash to forward slash on Windows only. */
if (win) {
if (*src == '\\') {
*src = '/';
*changed = 1;
}
if ((src < end) && (*(src + 1) == '\\')) {
*(src + 1) = '/';
*changed = 1;
}
}
/* Always normalize at the end of the input. */
if (src == end) {
done = 1;
} else if (*(src + 1) != '/') {
/* Skip normalization if this is NOT the
*end of the path segment. */
goto copy; /* Skip normalization. */
}
/*** Normalize the path segment. ***/
/* Could it be an empty path segment? */
if ((src != end) && *src == '/') {
/* Ignore */
*changed = 1;
goto copy; /* Copy will take care of this. */
} else if (*src == '.') {
/* Could it be a back or self reference? */
/* Back-reference? */
if ((dst > input) && (*(dst - 1) == '.')) {
/* If a relative path and either our normalization has
* already hit the rootdir, or this is a backref with no
* previous path segment, then mark that the rootdir was hit
* and just copy the backref as no normilization is possible.
*/
if (relative && (hitroot || ((dst - 2) <= input))) {
hitroot = 1;
goto copy; /* Skip normalization. */
}
/* Remove backreference and the previous path segment. */
dst -= 3;
while ((dst > input) && (*dst != '/')) {
dst--;
}
/* But do not allow going above rootdir. */
if (dst <= input) {
hitroot = 1;
dst = input;
/* Need to leave the root slash if this
* is not a relative path and the end was reached
* on a backreference.
*/
if (!relative && (src == end)) {
dst++;
}
}
if (done) goto length; /* Skip the copy. */
src++;
*changed = 1;
} else if (dst == input) {
/* Relative Self-reference? */
*changed = 1;
/* Ignore. */
if (done) goto length; /* Skip the copy. */
src++;
} else if (*(dst - 1) == '/') {
/* Self-reference? */
*changed = 1;
/* Ignore. */
if (done) goto length; /* Skip the copy. */
dst--;
src++;
}
} else if (dst > input) {
/* Found a regular path segment. */
hitroot = 0;
}
copy:
/*** Copy the byte if required. ***/
/* Skip to the last forward slash when multiple are used. */
if (*src == '/') {
unsigned char *oldsrc = src;
while ((src < end)
&& ((*(src + 1) == '/') || (win && (*(src + 1) == '\\'))) ) {
src++;
}
if (oldsrc != src) *changed = 1;
/* Do not copy the forward slash to the root
* if it is not a relative path. Instead
* move over the slash to the next segment.
*/
if (relative && (dst == input)) {
src++;
goto length; /* Skip the copy */
}
}
*(dst++) = *(src++);
length:
ldst = (dst - input);
}
/* Make sure that there is not a trailing slash in the
* normalized form if there was not one in the original form.
*/
if (!trailing && (dst > input) && *(dst - 1) == '/') {
ldst--;
dst--;
}
/* Always NUL terminate */
*dst = '\0';
return ldst;
}
/**
* Converts a single hexadecimal digit into a decimal value.
*/
unsigned char xsingle2c(unsigned char *what) {
unsigned char digit;
digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0'));
return digit;
}
unsigned char x2c(unsigned char *what) {
unsigned char digit;
digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0'));
digit *= 16;
digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10 : (what[1] - '0'));
return digit;
}
unsigned char *c2x(unsigned what, unsigned char *where) {
static const char c2x_table[] = "0123456789abcdef";
what = what & 0xff;
*where++ = c2x_table[what >> 4];
*where++ = c2x_table[what & 0x0f];
return where;
}
} // namespace modsecurity

49
src/utils.h
View File

@ -1,49 +0,0 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <ctime>
#include <iostream>
#include <string>
#include <vector>
#include "modsecurity/modsecurity.h"
#ifndef SRC_UTILS_H_
#define SRC_UTILS_H_
#define VALID_HEX(X) (((X >= '0') && (X <= '9')) || \
((X >= 'a') && (X <= 'f')) || ((X >= 'A') && (X <= 'F')))
#define ISODIGIT(X) ((X >= '0') && (X <= '7'))
#define NBSP 160
namespace modsecurity {
int urldecode_nonstrict_inplace(unsigned char *input,
uint64_t input_len, int *invalid_count, int *changed);
double random_number(const double from, const double to);
double generate_transaction_unique_id();
std::string uri_decode(const std::string & sSrc);
int js_decode_nonstrict_inplace(unsigned char *input, int64_t input_len);
unsigned char x2c(unsigned char *what);
unsigned char *c2x(unsigned what, unsigned char *where);
int css_decode_inplace(unsigned char *input, int64_t input_len);
unsigned char xsingle2c(unsigned char *what);
int html_entities_decode_inplace(unsigned char *input, int input_len);
int normalize_path_inplace(unsigned char *input, int input_len,
int win, int *changed);
} // namespace modsecurity
#endif // SRC_UTILS_H_

124
src/utils/decode.cc Normal file
View File

@ -0,0 +1,124 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "utils/decode.h"
#include "modsecurity/modsecurity.h"
#include "utils/msc_string.h"
namespace modsecurity {
namespace utils {
int urldecode_nonstrict_inplace(unsigned char *input,
uint64_t input_len, int *invalid_count, int *changed) {
unsigned char *d = (unsigned char *)input;
uint64_t i, count;
*changed = 0;
if (input == NULL) {
return -1;
}
i = count = 0;
while (i < input_len) {
if (input[i] == '%') {
/* Character is a percent sign. */
/* Are there enough bytes available? */
if (i + 2 < input_len) {
char c1 = input[i + 1];
char c2 = input[i + 2];
if (VALID_HEX(c1) && VALID_HEX(c2)) {
uint64_t uni = x2c(&input[i + 1]);
*d++ = (wchar_t)uni;
count++;
i += 3;
*changed = 1;
} else {
/* Not a valid encoding, skip this % */
*d++ = input[i++];
count++;
(*invalid_count)++;
}
} else {
/* Not enough bytes available, copy the raw bytes. */
*d++ = input[i++];
count++;
(*invalid_count)++;
}
} else {
/* Character is not a percent sign. */
if (input[i] == '+') {
*d++ = ' ';
*changed = 1;
} else {
*d++ = input[i];
}
count++;
i++;
}
}
#if 0
*d = '\0';
#endif
return count;
}
std::string uri_decode(const std::string & sSrc) {
// Note from RFC1630: "Sequences which start with a percent
// sign but are not followed by two hexadecimal characters
// (0-9, A-F) are reserved for future extension"
const unsigned char * pSrc = (const unsigned char *)sSrc.c_str();
const int SRC_LEN = sSrc.length();
const unsigned char * const SRC_END = pSrc + SRC_LEN;
// last decodable '%'
const unsigned char * const SRC_LAST_DEC = SRC_END - 2;
char * const pStart = new char[SRC_LEN];
char * pEnd = pStart;
while (pSrc < SRC_LAST_DEC) {
if (*pSrc == '%') {
char dec1, dec2;
if (-1 != (dec1 = HEX2DEC[*(pSrc + 1)])
&& -1 != (dec2 = HEX2DEC[*(pSrc + 2)])) {
*pEnd++ = (dec1 << 4) + dec2;
pSrc += 3;
continue;
}
}
*pEnd++ = *pSrc++;
}
// the last 2- chars
while (pSrc < SRC_END) {
*pEnd++ = *pSrc++;
}
std::string sResult(pStart, pEnd);
delete [] pStart;
return sResult;
}
} // namespace utils
} // namespace modsecurity

40
src/utils/decode.h Normal file
View File

@ -0,0 +1,40 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <ctime>
#include <iostream>
#include <string>
#include <vector>
#include "modsecurity/modsecurity.h"
#include "src/utils/msc_string.h"
#ifndef SRC_UTILS_DECODE_H_
#define SRC_UTILS_DECODE_H_
namespace modsecurity {
namespace utils {
int urldecode_nonstrict_inplace(unsigned char *input,
uint64_t input_len, int *invalid_count, int *changed);
std::string uri_decode(const std::string & sSrc);
} // namespace utils
} // namespace modsecurity
#endif // SRC_UTILS_DECODE_H_

34
src/utils/msc_string.cc
View File

@ -171,5 +171,39 @@ void String::chomp(std::string *str) {
} }
unsigned char x2c(unsigned char *what) {
unsigned char digit;
digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0'));
digit *= 16;
digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10 : (what[1] - '0'));
return digit;
}
/**
* Converts a single hexadecimal digit into a decimal value.
*/
unsigned char xsingle2c(unsigned char *what) {
unsigned char digit;
digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0'));
return digit;
}
unsigned char *c2x(unsigned what, unsigned char *where) {
static const char c2x_table[] = "0123456789abcdef";
what = what & 0xff;
*where++ = c2x_table[what >> 4];
*where++ = c2x_table[what & 0x0f];
return where;
}
} // namespace utils } // namespace utils
} // namespace modsecurity } // namespace modsecurity

32
src/utils/msc_string.h
View File

@ -21,9 +21,38 @@
#ifndef SRC_UTILS_MSC_STRING_H_ #ifndef SRC_UTILS_MSC_STRING_H_
#define SRC_UTILS_MSC_STRING_H_ #define SRC_UTILS_MSC_STRING_H_
#define VALID_HEX(X) (((X >= '0') && (X <= '9')) || \
((X >= 'a') && (X <= 'f')) || ((X >= 'A') && (X <= 'F')))
#define ISODIGIT(X) ((X >= '0') && (X <= '7'))
#define NBSP 160
namespace modsecurity { namespace modsecurity {
namespace utils { namespace utils {
const char HEX2DEC[256] = {
/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
/* 0 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 1 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 2 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 3 */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1,
/* 4 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 5 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 6 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 7 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 8 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 9 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* A */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* B */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* C */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* D */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* E */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* F */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
};
class String { class String {
public: public:
@ -40,6 +69,9 @@ class String {
static void chomp(std::string *str); static void chomp(std::string *str);
}; };
unsigned char x2c(unsigned char *what);
unsigned char xsingle2c(unsigned char *what);
unsigned char *c2x(unsigned what, unsigned char *where);
} // namespace utils } // namespace utils
} // namespace modsecurity } // namespace modsecurity

3
src/utils/msc_system.cc
View File

@ -33,8 +33,7 @@
#include <sys/stat.h> #include <sys/stat.h>
#endif #endif
#include "utils.h" #include "src/utils/msc_system.h"
#include "utils/msc_system.h"
namespace modsecurity { namespace modsecurity {
namespace utils { namespace utils {

6
src/utils/msc_system.h
View File

@ -20,8 +20,8 @@
#include "modsecurity/modsecurity.h" #include "modsecurity/modsecurity.h"
#ifndef SRC_UTILS_SYSTEM_H_ #ifndef SRC_UTILS_MSC_SYSTEM_H_
#define SRC_UTILS_SYSTEM_H_ #define SRC_UTILS_MSC_SYSTEM_H_
namespace modsecurity { namespace modsecurity {
@ -38,4 +38,4 @@ void createDir(std::string dir, int mode);
} // namespace utils } // namespace utils
} // namespace modsecurity } // namespace modsecurity
#endif // SRC_UTILS_SYSTEM_H_ #endif // SRC_UTILS_MSC_SYSTEM_H_

45
src/utils/random.cc Normal file
View File

@ -0,0 +1,45 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <algorithm>
#include <random>
#include <memory>
#include <functional>
#include <string>
#include "modsecurity/modsecurity.h"
namespace modsecurity {
namespace utils {
double random_number(const double from, const double to) {
std::random_device rd;
std::mt19937 mt(rd());
return std::bind(
std::uniform_real_distribution<>{from, to},
std::default_random_engine{ mt() })();
}
double generate_transaction_unique_id() {
return random_number(0, 100);
}
} // namespace utils
} // namespace modsecurity

39
src/utils/random.h Normal file
View File

@ -0,0 +1,39 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <ctime>
#include <iostream>
#include <string>
#include <vector>
#include "modsecurity/modsecurity.h"
#ifndef SRC_UTILS_RANDOM_H_
#define SRC_UTILS_RANDOM_H_
namespace modsecurity {
namespace utils {
double random_number(const double from, const double to);
double generate_transaction_unique_id();
} // namespace utils
} // namespace modsecurity
#endif // SRC_UTILS_RANDOM_H_

1
src/variables/env.cc
View File

@ -26,7 +26,6 @@
#include <map> #include <map>
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
extern char **environ; extern char **environ;

3
src/variables/rule.cc
View File

@ -44,11 +44,12 @@
#include "src/actions/xmlns.h" #include "src/actions/xmlns.h"
#include "src/actions/log_data.h" #include "src/actions/log_data.h"
#include "src/actions/msg.h" #include "src/actions/msg.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;
namespace modsecurity { namespace modsecurity {
namespace Variables { namespace Variables {

3
src/variables/variable.cc
View File

@ -22,12 +22,13 @@
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "variations/exclusion.h" #include "variations/exclusion.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;
using modsecurity::Variables::Variations::Exclusion; using modsecurity::Variables::Variations::Exclusion;
namespace modsecurity { namespace modsecurity {
namespace Variables { namespace Variables {

3
src/variables/variations/count.cc
View File

@ -22,12 +22,13 @@
#include <utility> #include <utility>
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {
namespace Variables { namespace Variables {
namespace Variations { namespace Variations {
void Count::evaluateInternal(Transaction *transaction, void Count::evaluateInternal(Transaction *transaction,
std::vector<const collection::Variable *> *l) { std::vector<const collection::Variable *> *l) {
std::vector<const collection::Variable *> *reslIn; std::vector<const collection::Variable *> *reslIn;

2
src/variables/variations/exclusion.cc
View File

@ -22,7 +22,7 @@
#include <utility> #include <utility>
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "src/utils.h"
namespace modsecurity { namespace modsecurity {
namespace Variables { namespace Variables {

1
test/optimization/optimization.cc
View File

@ -22,7 +22,6 @@
#include "modsecurity/modsecurity.h" #include "modsecurity/modsecurity.h"
#include "modsecurity/rules.h" #include "modsecurity/rules.h"
#include "src/utils.h"
#include "src/utils/msc_system.h" #include "src/utils/msc_system.h"
#include "parser/driver.h" #include "parser/driver.h"
#include "utils/https_client.h" #include "utils/https_client.h"

2
test/unit/unit.cc
View File

@ -28,9 +28,9 @@
#include "common/modsecurity_test_results.h" #include "common/modsecurity_test_results.h"
#include "common/colors.h" #include "common/colors.h"
#include "unit/unit_test.h" #include "unit/unit_test.h"
#include "src/utils.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;
using modsecurity_test::UnitTest; using modsecurity_test::UnitTest;
using modsecurity_test::ModSecurityTest; using modsecurity_test::ModSecurityTest;

3
test/unit/unit_test.cc
View File

@ -23,12 +23,13 @@
#include <iterator> #include <iterator>
#include "common/colors.h" #include "common/colors.h"
#include "src/utils.h"
#include "src/utils/regex.h" #include "src/utils/regex.h"
#include "utils/msc_string.h" #include "utils/msc_string.h"
using modsecurity::utils::String; using modsecurity::utils::String;
namespace modsecurity_test { namespace modsecurity_test {