github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring on the operators parsers (2/2)

Browse Source 
This is the first step towards remove the memory leaks in the parser
This commit is contained in:
Felipe Zimmerle 2017-01-04 15:30:45 -03:00 committed by Felipe Zimmerle
parent 9cda4c0be0
commit 59114dd598
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
49 changed files with 550 additions and 240 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/collection/backend/lmdb.cc
View File

@ -188,7 +188,7 @@ std::string* LMDB::resolveFirst(const std::string& var) {
goto end_get;
}
//FIXME: Memory leak here.
// FIXME: Memory leak here.
ret = new std::string(
reinterpret_cast<char *>(mdb_value_ret.mv_data),
mdb_value_ret.mv_size);

5
src/operators/begins_with.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,13 +29,14 @@ class BeginsWith : public Operator {
/** @ingroup ModSecurity_Operator */
BeginsWith(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit BeginsWith(std::string param)
: Operator("BeginsWith", param) { }
bool evaluate(Transaction *transaction, const std::string &str) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_BEGINS_WITH_H_

6
src/operators/contains.h
View File

@ -22,7 +22,7 @@
#include "modsecurity/transaction.h"
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -31,13 +31,13 @@ class Contains : public Operator {
/** @ingroup ModSecurity_Operator */
Contains(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit Contains(std::string param)
: Operator("Contains", param) { }
bool evaluate(Transaction *transaction, const std::string &exp) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_CONTAINS_H_

7
src/operators/contains_word.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,7 +29,8 @@ class ContainsWord : public Operator {
/** @ingroup ModSecurity_Operator */
ContainsWord(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit ContainsWord(std::string param)
: Operator("ContainsWord", param) { }
bool evaluate(Transaction *transaction, const std::string &str);
bool acceptableChar(const std::string& a, size_t pos);
@ -38,7 +39,5 @@ class ContainsWord : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_CONTAINS_WORD_H_

6
src/operators/ends_with.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,14 +29,14 @@ class EndsWith : public Operator {
/** @ingroup ModSecurity_Operator */
EndsWith(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit EndsWith(std::string param)
: Operator("EndsWith", param) { }
bool evaluate(Transaction *transaction, const std::string &str) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_ENDS_WITH_H_

6
src/operators/eq.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,13 +29,13 @@ class Eq : public Operator {
/** @ingroup ModSecurity_Operator */
Eq(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit Eq(std::string param)
: Operator("Eq", param) { }
bool evaluate(Transaction *transaction, const std::string &input) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_EQ_H_

7
src/operators/fuzzy_hash.cc
View File

@ -31,12 +31,5 @@ bool FuzzyHash::evaluate(Transaction *transaction, const std::string &str) {
return true;
}
FuzzyHash::FuzzyHash(std::string op, std::string param,
bool negation)
: Operator() {
this->m_op = op;
this->m_param = param;
}
} // namespace operators
} // namespace modsecurity

9
src/operators/fuzzy_hash.h
View File

@ -20,21 +20,22 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
class FuzzyHash : public Operator {
public:
/** @ingroup ModSecurity_Operator */
FuzzyHash(std::string o, std::string p, bool i);
FuzzyHash(std::string o, std::string p, bool n)
: Operator(o, p, n) { }
explicit FuzzyHash(std::string param)
: Operator("FuzzyHash", param) { }
bool evaluate(Transaction *transaction, const std::string &std) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_FUZZY_HASH_H_

6
src/operators/ge.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,13 +29,13 @@ class Ge : public Operator {
/** @ingroup ModSecurity_Operator */
Ge(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit Ge(std::string param)
: Operator("Ge", param) { }
bool evaluate(Transaction *transaction, const std::string &input) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_GE_H_

7
src/operators/geo_lookup.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,14 +29,15 @@ class GeoLookup : public Operator {
/** @ingroup ModSecurity_Operator */
GeoLookup(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
GeoLookup(std::string param)
explicit GeoLookup(std::string param)
: Operator("GeoLookup", param) { }
GeoLookup()
: Operator("GeoLookup") { }
bool evaluate(Transaction *transaction, const std::string &exp) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_GEO_LOOKUP_H_

8
src/operators/gsblookup.cc
View File

@ -22,6 +22,7 @@
namespace modsecurity {
namespace operators {
bool GsbLookup::evaluate(Transaction *transaction, const std::string &str) {
/**
* @todo Implement the operator GeoLookup.
@ -31,12 +32,5 @@ bool GsbLookup::evaluate(Transaction *transaction, const std::string &str) {
}
GsbLookup::GsbLookup(std::string op, std::string param,
bool negation)
: Operator() {
this->m_op = op;
this->m_param = param;
}
} // namespace operators
} // namespace modsecurity

9
src/operators/gsblookup.h
View File

@ -20,21 +20,22 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
class GsbLookup : public Operator {
public:
/** @ingroup ModSecurity_Operator */
GsbLookup(std::string o, std::string p, bool i);
GsbLookup(std::string o, std::string p, bool n)
: Operator(o, p, n) { }
explicit GsbLookup(std::string param)
: Operator("GsbLookup", param) { }
bool evaluate(Transaction *transaction, const std::string &str);
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_GSBLOOKUP_H_

9
src/operators/gt.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,12 +29,13 @@ class Gt : public Operator {
/** @ingroup ModSecurity_Operator */
Gt(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
bool evaluate(Transaction *transaction, const std::string &input) override;
explicit Gt(std::string param)
: Operator("Gt", param) { }
bool evaluate(Transaction *transaction, const std::string &input) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_GT_H_

7
src/operators/inspect_file.cc
View File

@ -31,12 +31,5 @@ bool InspectFile::evaluate(Transaction *transaction, const std::string &str) {
}
InspectFile::InspectFile(std::string op, std::string param,
bool negation)
: Operator() {
this->m_op = op;
this->m_param = param;
}
} // namespace operators
} // namespace modsecurity

9
src/operators/inspect_file.h
View File

@ -20,20 +20,23 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
class InspectFile : public Operator {
public:
/** @ingroup ModSecurity_Operator */
InspectFile(std::string o, std::string p, bool i);
InspectFile(std::string o, std::string p, bool n)
: Operator(o, p, n) { }
explicit InspectFile(std::string param)
: Operator("InspectFile", param) { }
bool evaluate(Transaction *transaction, const std::string &str) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_INSPECT_FILE_H_

7
src/operators/ip_match.h
View File

@ -21,7 +21,6 @@
#include "src/operators/operator.h"
#include "src/utils/ip_tree.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -30,7 +29,10 @@ class IpMatch : public Operator {
/** @ingroup ModSecurity_Operator */
IpMatch(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
IpMatch(std::string op, std::string param)
: Operator(op, param) { }
explicit IpMatch(std::string param)
: Operator("IpMatch", param) { }
bool evaluate(Transaction *transaction, const std::string &input) override;
bool init(const std::string &file, std::string *error) override;
@ -41,7 +43,6 @@ class IpMatch : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_IP_MATCH_H_

5
src/operators/ip_match_f.h
View File

@ -20,7 +20,7 @@
#include "src/operators/ip_match_from_file.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -28,11 +28,12 @@ class IpMatchF : public IpMatchFromFile {
public:
IpMatchF(std::string op, std::string param, bool negation)
: IpMatchFromFile(op, param, negation) { }
explicit IpMatchF(std::string param)
: IpMatchFromFile("IpMatchFromFile", param) { }
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_IP_MATCH_F_H_

4
src/operators/ip_match_from_file.h
View File

@ -19,7 +19,6 @@
#include "src/operators/ip_match.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -28,13 +27,14 @@ class IpMatchFromFile : public IpMatch {
/** @ingroup ModSecurity_Operator */
IpMatchFromFile(std::string op, std::string param, bool negation)
: IpMatch(op, param, negation) { }
IpMatchFromFile(std::string op, std::string param)
: IpMatch(op, param) { }
bool init(const std::string& file, std::string *error) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_IP_MATCH_FROM_FILE_H_

6
src/operators/le.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,6 +29,8 @@ class Le : public Operator {
/** @ingroup ModSecurity_Operator */
Le(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit Le(std::string param)
: Operator("Le", param) { }
bool evaluate(Transaction *transaction, const std::string &input) override;
};
@ -37,7 +39,5 @@ class Le : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_LE_H_

6
src/operators/lt.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,6 +29,8 @@ class Lt : public Operator {
/** @ingroup ModSecurity_Operator */
Lt(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit Lt(std::string param)
: Operator("Lt", param) { }
bool evaluate(Transaction *transaction, const std::string &input) override;
};
@ -36,7 +38,5 @@ class Lt : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_LT_H_

9
src/operators/operator.h
View File

@ -13,9 +13,7 @@
*
*/
#ifdef __cplusplus
#include <string>
#endif
#ifndef SRC_OPERATORS_OPERATOR_H__
#define SRC_OPERATORS_OPERATOR_H__
@ -23,7 +21,7 @@
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -48,7 +46,7 @@ class Operator {
m_op(opName),
m_param(param) { }
Operator(std::string opName)
explicit Operator(std::string opName)
: m_match_message(""),
m_negation(false),
m_op(opName),
@ -82,7 +80,6 @@ class Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_OPERATOR_H__

11
src/operators/pm.h
View File

@ -22,7 +22,7 @@
#include "src/operators/operator.h"
#include "src/utils/acmp.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -34,6 +34,14 @@ class Pm : public Operator {
: Operator(op, param, negation) {
m_p = acmp_create(0);
}
Pm(std::string op, std::string param)
: Operator(op, param) {
m_p = acmp_create(0);
}
explicit Pm(std::string param)
: Operator("Pm", param) {
m_p = acmp_create(0);
}
~Pm();
bool evaluate(Transaction *transaction, Rule *rule,
const std::string &input) override;
@ -53,7 +61,6 @@ class Pm : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_PM_H_

3
src/operators/pm_f.h
View File

@ -20,7 +20,7 @@
#include "src/operators/pm_from_file.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -35,7 +35,6 @@ class PmF : public PmFromFile {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_PM_F_H_

7
src/operators/pm_from_file.h
View File

@ -20,7 +20,7 @@
#include "src/operators/pm.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -30,7 +30,8 @@ class PmFromFile : public Pm {
/** @ingroup ModSecurity_Operator */
PmFromFile(std::string op, std::string param, bool negation)
: Pm(op, param, negation) { }
explicit PmFromFile(std::string param)
: Pm("PmFromFile", param) { }
bool init(const std::string &file, std::string *error) override;
};
@ -38,7 +39,5 @@ class PmFromFile : public Pm {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_PM_FROM_FILE_H_

17
src/operators/rbl.h
View File

@ -26,7 +26,6 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -74,7 +73,20 @@ class Rbl : public Operator {
m_provider = RblProvider::httpbl;
}
}
explicit Rbl(std::string param)
: Operator("Rbl", param),
m_service(param),
m_demandsPassword(false) {
m_provider = RblProvider::UnknownProvider;
if (m_service == "httpbl.org") {
m_demandsPassword = true;
m_provider = RblProvider::httpbl;
} else if (m_service == "uribl.com") {
m_provider = RblProvider::httpbl;
} else if (m_service == "spamhaus.org") {
m_provider = RblProvider::httpbl;
}
}
bool evaluate(Transaction *transaction, const std::string &str) override;
std::string mapIpToAddress(std::string ipStr, Transaction *trans);
@ -95,7 +107,6 @@ class Rbl : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_RBL_H_

7
src/operators/rsub.cc
View File

@ -22,6 +22,7 @@
namespace modsecurity {
namespace operators {
bool Rsub::evaluate(Transaction *transaction, const std::string &str) {
/**
* @todo Implement the operator Rsub.
@ -31,11 +32,5 @@ bool Rsub::evaluate(Transaction *transaction, const std::string &str) {
}
Rsub::Rsub(std::string op, std::string param, bool negation)
: Operator() {
this->m_op = op;
this->m_param = param;
}
} // namespace operators
} // namespace modsecurity

11
src/operators/rsub.h
View File

@ -20,19 +20,24 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
class Rsub : public Operator {
public:
/** @ingroup ModSecurity_Operator */
Rsub(std::string o, std::string p, bool i);
Rsub(std::string o, std::string p, bool n)
: Operator(o, p, n) { }
explicit Rsub(std::string param)
: Operator("Rsub", param) { }
bool evaluate(Transaction *transaction, const std::string &str) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_RSUB_H_

8
src/operators/rx.h
View File

@ -22,7 +22,7 @@
#include "src/operators/operator.h"
#include "src/utils/regex.h"
#ifdef __cplusplus
namespace modsecurity {
using Utils::SMatch;
using Utils::regex_search;
@ -42,6 +42,10 @@ class Rx : public Operator {
: Operator(name, param) {
m_re = new Regex(param);
}
explicit Rx(std::string param)
: Operator("Rx", param) {
m_re = new Regex(param);
}
~Rx() {
delete m_re;
@ -61,7 +65,5 @@ class Rx : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_RX_H_

5
src/operators/str_eq.h
View File

@ -23,7 +23,6 @@
#define SRC_OPERATORS_STR_EQ_H_
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -32,6 +31,8 @@ class StrEq : public Operator {
/** @ingroup ModSecurity_Operator */
StrEq(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit StrEq(std::string param)
: Operator("StrEq", param) { }
bool evaluate(Transaction *transaction, const std::string &str) override;
};
@ -39,7 +40,5 @@ class StrEq : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_STR_EQ_H_

5
src/operators/str_match.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,13 +29,14 @@ class StrMatch : public Operator {
/** @ingroup ModSecurity_Operator */
StrMatch(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit StrMatch(std::string param)
: Operator("StrMatch", param) { }
bool evaluate(Transaction *transaction, const std::string &input) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_STR_MATCH_H_

9
src/operators/validate_byte_range.h
View File

@ -22,7 +22,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -33,7 +33,10 @@ class ValidateByteRange : public Operator {
: Operator(op, param, negation) {
std::memset(table, '\0', sizeof(char) * 32);
}
explicit ValidateByteRange(std::string param)
: Operator("ValidadeByteRange", param) {
std::memset(table, '\0', sizeof(char) * 32);
}
~ValidateByteRange() override { }
bool evaluate(Transaction *transaction, const std::string &input) override;
@ -47,7 +50,5 @@ class ValidateByteRange : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_VALIDATE_BYTE_RANGE_H_

5
src/operators/validate_dtd.h
View File

@ -26,7 +26,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -36,6 +36,8 @@ class ValidateDTD : public Operator {
ValidateDTD(std::string o, std::string p, bool i)
: Operator(o, p, i),
m_dtd(NULL) { }
explicit ValidateDTD(std::string param)
: Operator("ValidateDTD", param) { }
~ValidateDTD() {
if (m_dtd != NULL) {
xmlFreeDtd(m_dtd);
@ -91,7 +93,6 @@ class ValidateDTD : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_VALIDATE_DTD_H_

6
src/operators/validate_hash.cc
View File

@ -31,11 +31,5 @@ bool ValidateHash::evaluate(Transaction *transaction, const std::string &str) {
}
ValidateHash::ValidateHash(std::string op, std::string param, bool negation)
: Operator() {
this->m_op = op;
this->m_param = param;
}
} // namespace operators
} // namespace modsecurity

8
src/operators/validate_hash.h
View File

@ -20,20 +20,22 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
class ValidateHash : public Operator {
public:
/** @ingroup ModSecurity_Operator */
ValidateHash(std::string o, std::string p, bool i);
ValidateHash(std::string o, std::string p, bool n)
: Operator(o, p, n) { }
explicit ValidateHash(std::string param)
: Operator("ValidateHash", param) { }
bool evaluate(Transaction *transaction, const std::string &str) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_VALIDATE_HASH_H_

8
src/operators/validate_schema.h
View File

@ -26,7 +26,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -38,6 +38,11 @@ class ValidateSchema : public Operator {
m_parserCtx(NULL),
m_validCtx(NULL),
m_schema(NULL) { }
explicit ValidateSchema(std::string param)
: Operator("ValidateSchema", param),
m_parserCtx(NULL),
m_validCtx(NULL),
m_schema(NULL) { }
~ValidateSchema() {
/*
if (m_schema != NULL) {
@ -131,7 +136,6 @@ class ValidateSchema : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_VALIDATE_SCHEMA_H_

3
src/operators/validate_url_encoding.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -38,7 +38,6 @@ class ValidateUrlEncoding : public Operator {
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_VALIDATE_URL_ENCODING_H_

4
src/operators/verify_cc.h
View File

@ -31,6 +31,10 @@ class VerifyCC : public Operator {
: Operator(op, param, negation),
m_pc(NULL),
m_pce(NULL) { }
explicit VerifyCC(std::string param)
: Operator("VerifyCC", param),
m_pc(NULL),
m_pce(NULL) { }
~VerifyCC();
int luhnVerify(const char *ccnumber, int len);

7
src/operators/verify_cpf.cc
View File

@ -22,6 +22,7 @@
namespace modsecurity {
namespace operators {
bool VerifyCPF::evaluate(Transaction *transaction, const std::string &str) {
/**
* @todo Implement the operator VerifyCPF.
@ -31,11 +32,5 @@ bool VerifyCPF::evaluate(Transaction *transaction, const std::string &str) {
}
VerifyCPF::VerifyCPF(std::string op, std::string param, bool negation)
: Operator() {
this->m_op = op;
this->m_param = param;
}
} // namespace operators
} // namespace modsecurity

9
src/operators/verify_cpf.h
View File

@ -20,21 +20,24 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
class VerifyCPF : public Operator {
public:
/** @ingroup ModSecurity_Operator */
VerifyCPF(std::string o, std::string p, bool i);
VerifyCPF(std::string o, std::string p, bool n)
: Operator(o, p, n) { }
explicit VerifyCPF(std::string param)
: Operator("VerifyCPF", param) { }
bool evaluate(Transaction *transaction, const std::string &str) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_VERIFY_CPF_H_

6
src/operators/verify_ssn.cc
View File

@ -22,6 +22,7 @@
namespace modsecurity {
namespace operators {
bool VerifySSN::evaluate(Transaction *transaction, const std::string &str) {
/**
* @todo Implement the operator VerifySSN.
@ -30,11 +31,6 @@ bool VerifySSN::evaluate(Transaction *transaction, const std::string &str) {
return true;
}
VerifySSN::VerifySSN(std::string op, std::string param, bool negation)
: Operator() {
this->m_op = op;
this->m_param = param;
}
} // namespace operators
} // namespace modsecurity

7
src/operators/verify_ssn.h
View File

@ -20,7 +20,6 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -28,13 +27,15 @@ namespace operators {
class VerifySSN : public Operator {
public:
/** @ingroup ModSecurity_Operator */
VerifySSN(std::string o, std::string p, bool i);
VerifySSN(std::string o, std::string p, bool n)
: Operator(o, p, n) { }
explicit VerifySSN(std::string param)
: Operator("VerifySSN", param) { }
bool evaluate(Transaction *transaction, const std::string &str) override;
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_VERIFY_SSN_H_

6
src/operators/within.h
View File

@ -20,7 +20,7 @@
#include "src/operators/operator.h"
#ifdef __cplusplus
namespace modsecurity {
namespace operators {
@ -29,13 +29,13 @@ class Within : public Operator {
/** @ingroup ModSecurity_Operator */
Within(std::string op, std::string param, bool negation)
: Operator(op, param, negation) { }
explicit Within(std::string param)
: Operator("Within", param) { }
bool evaluate(Transaction *transaction, const std::string &str);
};
} // namespace operators
} // namespace modsecurity
#endif
#endif // SRC_OPERATORS_WITHIN_H_

215
src/parser/seclang-parser.yy
View File

@ -214,6 +214,12 @@ using modsecurity::operators::Operator;
driver.error(b, "Action: " + std::string(a) + " is not yet supported."); \
YYERROR;
#define OPERATOR_NOT_SUPPORTED(a, b) \
driver.error(b, "Operator: " + std::string(a) + " is not yet supported."); \
YYERROR;
#define ACTION_INIT(a, b) \
std::string error; \
if (a->init(&error) == false) { \
@ -256,6 +262,7 @@ using modsecurity::operators::Operator;
END 0 "end of file"
COMMA ","
PIPE
NEW_LINE
;
%token <std::string> ACTION_ACCURACY
@ -408,7 +415,41 @@ using modsecurity::operators::Operator;
%token <std::string> OPERATOR_DETECT_XSS
%token <std::string> OPERATOR_VALIDATE_URL_ENCODING
%token <std::string> OPERATOR_VALIDATE_UTF8_ENCODING
%token <std::string> OPERATOR_GEOIP
%token <std::string> OPERATOR_GEOLOOKUP
%token <std::string> OPERATOR_INSPECT_FILE
%token <std::string> OPERATOR_FUZZY_HASH
%token <std::string> OPERATOR_VALIDATE_BYTE_RANGE
%token <std::string> OPERATOR_VALIDATE_DTD
%token <std::string> OPERATOR_VALIDATE_HASH
%token <std::string> OPERATOR_VALIDATE_SCHEMA
%token <std::string> OPERATOR_VERIFY_CC
%token <std::string> OPERATOR_VERIFY_CPF
%token <std::string> OPERATOR_VERIFY_SSN
%token <std::string> OPERATOR_GSB_LOOKUP
%token <std::string> OPERATOR_RSUB
%token <std::string> OPERATOR_RX_CONTENT_ONLY
%token <std::string> NOT
%token <std::string> OPERATOR_WITHIN
%token <std::string> OPERATOR_CONTAINS_WORD
%token <std::string> OPERATOR_CONTAINS
%token <std::string> OPERATOR_ENDS_WITH
%token <std::string> OPERATOR_EQ
%token <std::string> OPERATOR_GE
%token <std::string> OPERATOR_GT
%token <std::string> OPERATOR_IP_MATCH_FROM_FILE
%token <std::string> OPERATOR_IP_MATCH
%token <std::string> OPERATOR_LE
%token <std::string> OPERATOR_LT
%token <std::string> OPERATOR_PM_FROM_FILE
%token <std::string> OPERATOR_PM
%token <std::string> OPERATOR_RBL
%token <std::string> OPERATOR_RX
%token <std::string> OPERATOR_STR_EQ
%token <std::string> OPERATOR_STR_MATCH
%token <std::string> OPERATOR_BEGINS_WITH
%token <std::string> QUOTATION_MARK
%token <std::string> RUN_TIME_VAR_BLD
%token <std::string> RUN_TIME_VAR_DUR
@ -431,6 +472,8 @@ using modsecurity::operators::Operator;
%token <std::string> VARIABLE_STATUS
%token <std::string> VARIABLE_TX
%token <std::string> OP_QUOTE
%type <actions::Action *> act
%type <std::vector<actions::Action *> *> actings
%type <std::vector<actions::Action *> *> actions
@ -605,14 +648,40 @@ op:
YYERROR;
}
}
| NOT op_before_init
{
$$ = $2;
$$->m_negation = true;
std::string error;
if ($$->init(driver.ref.back(), &error) == false) {
driver.error(@0, error);
YYERROR;
}
}
| OPERATOR_RX_CONTENT_ONLY
{
$$ = new operators::Rx(utils::string::removeBracketsIfNeeded($1));
std::string error;
if ($$->init(driver.ref.back(), &error) == false) {
$$->m_negation = true;
driver.error(@0, error);
YYERROR;
}
}
| NOT OPERATOR_RX_CONTENT_ONLY
{
$$ = new operators::Rx("!" + utils::string::removeBracketsIfNeeded($2));
std::string error;
if ($$->init(driver.ref.back(), &error) == false) {
$$->m_negation = true;
driver.error(@0, error);
YYERROR;
}
}
;
op_before_init:
OPERATOR
{
$$ = Operator::instantiate($1);
}
| OPERATOR_UNCONDITIONAL_MATCH
OPERATOR_UNCONDITIONAL_MATCH
{
$$ = new operators::UnconditionalMatch();
}
@ -632,10 +701,133 @@ op_before_init:
{
$$ = new operators::ValidateUtf8Encoding();
}
| OPERATOR_GEOIP
| OPERATOR_INSPECT_FILE FREE_TEXT
{
/* $$ = new operators::InspectFile($1); */
OPERATOR_NOT_SUPPORTED("InspectFile", @0);
}
| OPERATOR_FUZZY_HASH FREE_TEXT
{
/* $$ = new operators::FuzzyHash(); */
OPERATOR_NOT_SUPPORTED("FuzzyHash", @0);
}
| OPERATOR_VALIDATE_BYTE_RANGE FREE_TEXT
{
$$ = new operators::ValidateByteRange($2);
}
| OPERATOR_VALIDATE_DTD FREE_TEXT
{
$$ = new operators::ValidateDTD($2);
}
| OPERATOR_VALIDATE_HASH FREE_TEXT
{
/* $$ = new operators::ValidateHash($1); */
OPERATOR_NOT_SUPPORTED("ValidateHash", @0);
}
| OPERATOR_VALIDATE_SCHEMA FREE_TEXT
{
$$ = new operators::ValidateSchema($2);
}
| OPERATOR_VERIFY_CC FREE_TEXT
{
$$ = new operators::VerifyCC($2);
}
| OPERATOR_VERIFY_CPF FREE_TEXT
{
/* $$ = new operators::VerifyCPF($1); */
OPERATOR_NOT_SUPPORTED("VerifyCPF", @0);
}
| OPERATOR_VERIFY_SSN FREE_TEXT
{
/* $$ = new operators::VerifySSN($1); */
OPERATOR_NOT_SUPPORTED("VerifySSN", @0);
}
| OPERATOR_GSB_LOOKUP FREE_TEXT
{
/* $$ = new operators::GsbLookup($1); */
OPERATOR_NOT_SUPPORTED("GsbLookup", @0);
}
| OPERATOR_RSUB FREE_TEXT
{
/* $$ = new operators::Rsub($1); */
OPERATOR_NOT_SUPPORTED("Rsub", @0);
}
| OPERATOR_WITHIN FREE_TEXT
{
$$ = new operators::Within($2);
}
| OPERATOR_CONTAINS_WORD FREE_TEXT
{
$$ = new operators::ContainsWord($2);
}
| OPERATOR_CONTAINS FREE_TEXT
{
$$ = new operators::Contains($2);
}
| OPERATOR_ENDS_WITH FREE_TEXT
{
$$ = new operators::EndsWith($2);
}
| OPERATOR_EQ FREE_TEXT
{
$$ = new operators::Eq($2);
}
| OPERATOR_GE FREE_TEXT
{
$$ = new operators::Ge($2);
}
| OPERATOR_GT FREE_TEXT
{
$$ = new operators::Gt($2);
}
| OPERATOR_IP_MATCH_FROM_FILE FREE_TEXT
{
$$ = new operators::IpMatchF($2);
}
| OPERATOR_IP_MATCH FREE_TEXT
{
$$ = new operators::IpMatch($2);
}
| OPERATOR_LE FREE_TEXT
{
$$ = new operators::Le($2);
}
| OPERATOR_LT FREE_TEXT
{
$$ = new operators::Lt($2);
}
| OPERATOR_PM_FROM_FILE FREE_TEXT
{
$$ = new operators::PmFromFile($2);
}
| OPERATOR_PM FREE_TEXT
{
$$ = new operators::Pm($2);
}
| OPERATOR_RBL FREE_TEXT
{
$$ = new operators::Rbl($2);
}
| OPERATOR_RX FREE_TEXT
{
$$ = new operators::Rx($2);
}
| OPERATOR_STR_EQ FREE_TEXT
{
$$ = new operators::StrEq($2);
}
| OPERATOR_STR_MATCH FREE_TEXT
{
$$ = new operators::StrMatch($2);
}
| OPERATOR_BEGINS_WITH FREE_TEXT
{
$$ = new operators::BeginsWith($2);
}
| OPERATOR_GEOLOOKUP
{
#ifdef WITH_GEOIP
$$ = $$ = new operators::GeoLookup($1);
$$ = new operators::GeoLookup();
#else
std::stringstream ss;
ss << "This version of ModSecurity was not compiled with GeoIP support.";
@ -643,13 +835,6 @@ op_before_init:
YYERROR;
#endif // WITH_GEOIP
}
| FREE_TEXT
{
std::string text = std::string($1);
text.pop_back();
text.erase(0, 1);
$$ = new operators::Rx("rx", text);
}
;
expression:

261
src/parser/seclang-scanner.ll
View File

@ -81,7 +81,6 @@ ACTION_STATUS (?i:status:[0-9]+)
ACTION_TAG (?i:tag)
ACTION_VER (?i:ver)
ACTION_XMLNS (?i:xmlns)
ACTION_TRANSFORMATION_CMD_LINE (?i:t:cmdLine)
ACTION_TRANSFORMATION_COMPRESS_WHITESPACE (?i:t:compressWhitespace)
ACTION_TRANSFORMATION_CSS_DECODE (?i:t:cssDecode)
@ -175,7 +174,6 @@ CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir)
DICT_ELEMENT [^ \t|]+
DIRECTIVE (?i:SecRule)
DIRECTIVE_SECRULESCRIPT (?i:SecRuleScript)
FREE_TEXT ([^\"]|([^\\]\\\"))+
FREE_TEXT_NEW_LINE [^\"|\n]+
FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
FREE_TEXT_QUOTE_COMMA [^,\']+
@ -183,14 +181,51 @@ FREE_TEXT_SPACE [^ \t]+
FREE_TEXT_SPACE_COMMA [^, \t]+
FREE_TEXT_SPACE_COMMA_QUOTE [^, \t\"\n\r]+
NEW_LINE_FREE_TEXT [^, \t\"\n\r]+
OPERATOR_UNCONDITIONAL_MATCH (?i:@unconditionalMatch)
OPERATOR_DETECT_SQLI (?i:@detectSQLi)
OPERATOR_DETECT_XSS (?i:@detectXSS)
OPERATOR_VALIDATE_URL_ENCODING (?i:@validateUrlEncoding)
OPERATOR_VALIDATE_UTF8_ENCODING (?i:@validateUtf8Encoding)
OPERATOR_INSPECT_FILE (?i:@inspectFile)
OPERATOR_FUZZY_HASH (?i:@fuzzyHash)
OPERATOR_VALIDATE_BYTE_RANGE (?i:@validateByteRange)
OPERATOR_VALIDATE_DTD (?i:@validateDTD)
OPERATOR_VALIDATE_HASH (?i:@validateHash)
OPERATOR_VALIDATE_SCHEMA (?i:@validateSchema)
OPERATOR_VERIFY_CC (?i:@verifyCC)
OPERATOR_VERIFY_CPF (?i:@verifyCPF)
OPERATOR_VERIFY_SSN (?i:@verifySSN)
OPERATOR_GSB_LOOKUP (?i:@gsbLookup)
OPERATOR_RSUB (?i:@rsub)
OPERATOR_WITHIN (?i:@within)
OPERATOR_CONTAINS_WORD (?i:@containsWord)
OPERATOR_CONTAINS (?i:@contains)
OPERATOR_ENDS_WITH (?i:@endsWith)
OPERATOR_EQ (?i:@eq)
OPERATOR_GE (?i:@ge)
OPERATOR_GT (?i:@gt)
OPERATOR_IP_MATCH_FROM_FILE (?i:(@ipMatchF|@ipMatchFromFile))
OPERATOR_IP_MATCH (?i:@ipMatch)
OPERATOR_LE (?i:@le)
OPERATOR_LT (?i:@lt)
OPERATOR_PM_FROM_FILE (?i:(@pmf|@pmFromFile))
OPERATOR_PM (?i:@pm)
OPERATOR_RBL (?i:@rbl)
OPERATOR_RX (?i:@rx)
OPERATOR_STR_EQ (?i:@streq)
OPERATOR_STR_MATCH (?i:@strmatch)
OPERATOR_BEGINS_WITH (?i:@beginsWith)
OPERATOR_GEOLOOKUP (?i:@geoLookup)
OPERATOR_RX_CONTENT_ONLY ([^\"]|([^\\]\\\"))+
NOT !
OP_QUOTE \"
FREE_TEXT ([^\"]|([^\\]\\\"))+
OPERATOR (?i:(?:@inspectFile|@fuzzyHash|@validateByteRange|@validateDTD|@validateHash|@validateSchema|@verifyCC|@verifyCPF|@verifySSN|@gsbLookup|@rsub)|(?:\!{0,1})(?:@within|@containsWord|@contains|@endsWith|@eq|@ge|@gt|@ipMatchF|@ipMatch|@ipMatchFromFile|@le|@lt|@pmf|@pm|@pmFromFile|@rbl|@rx|@streq|@strmatch|@beginsWith))
OPERATOR_GEOIP (?i:@geoLookup)
REMOVE_RULE_BY [0-9A-Za-z_\/\.\-\*\:\;\]\[]+
RUN_TIME_VAR_BLD (?i:MODSEC_BUILD)
RUN_TIME_VAR_DUR (?i:DURATION)
@ -208,7 +243,6 @@ RUN_TIME_VAR_TIME_SEC (?i:TIME_SEC)
RUN_TIME_VAR_TIME_WDAY (?i:TIME_WDAY)
RUN_TIME_VAR_TIME_YEAR (?i:TIME_YEAR)
RUN_TIME_VAR_XML (?i:XML)
SOMETHING ["]{1}([^"]|([^\\"]\\\"))*["]{1}
VARIABLENOCOLON (?i:URLENCODED_ERROR|REQBODY_PROCESSOR_ERROR_MSG|REQBODY_PROCESSOR_ERROR|REQBODY_PROCESSOR|REQBODY_ERROR_MSG|REQBODY_ERROR|MULTIPART_FILE_LIMIT_EXCEEDED|MULTIPART_INVALID_QUOTING|MULTIPART_HEADER_FOLDING|MULTIPART_INVALID_HEADER_FOLDING|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
VARIABLE (?i:(SERVER_NAME|MULTIPART_DATA_AFTER|RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_TMPNAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|USERID|SESSIONID))
VARIABLE_COL (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|REQUEST_COOKIES_NAMES))
@ -219,9 +253,9 @@ VAR_FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
VAR_FREE_TEXT_SPACE [^ \t\"]+
VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
NEW_LINE [\n\r]+
%x EXPECTING_OPERATOR COMMENT EXPECTING_VARIABLE
%x TRANSACTION_TO_VARIABLE EXPECTING_VARIABLE TRANSACTION_FROM_VARIABLE_TO_OPERATOR EXPECTING_OPERATOR COMMENT EXPECTING_PARAMETER EXPECTING_ACTIONS TRANSACTION_FROM_OPERATOR_TO_ACTIONS TRANSACTION_FROM_DIRECTIVE_TO_ACTIONS NO_OP_INFORMED FINISH_ACTIONS
%{
// Code run each time a pattern is matched.
@ -236,6 +270,7 @@ VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
driver.loc.back()->step();
%}
<EXPECTING_ACTIONS>{
{ACTION_APPEND} { return p::make_ACTION_APPEND(yytext, *driver.loc.back()); }
{ACTION_BLOCK} { return p::make_ACTION_BLOCK(yytext, *driver.loc.back()); }
{ACTION_CAPTURE} { return p::make_ACTION_CAPTURE(yytext, *driver.loc.back()); }
@ -334,9 +369,31 @@ VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
{ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR} { return p::make_ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REMOVE_COMMENTS} { return p::make_ACTION_TRANSFORMATION_REMOVE_COMMENTS(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REPLACE_COMMENTS} { return p::make_ACTION_TRANSFORMATION_REPLACE_COMMENTS(yytext, *driver.loc.back()); }
{ACTION_LOG_DATA}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_LOG_DATA(yytext, *driver.loc.back()); }
{CONFIG_VALUE_DETC} { return p::make_CONFIG_VALUE_DETC(yytext, *driver.loc.back()); }
{CONFIG_VALUE_OFF} { return p::make_CONFIG_VALUE_OFF(yytext, *driver.loc.back()); }
{CONFIG_VALUE_ON} { return p::make_CONFIG_VALUE_ON(yytext, *driver.loc.back()); }
[ \t]*[,][ \t]* { return p::make_COMMA(*driver.loc.back()); }
[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
\"[ \t]* { BEGIN(INITIAL); yyless(yyleng); }
[ \t]*\n { BEGIN(INITIAL); yyless(yyleng); driver.loc.back()->lines(1); driver.loc.back()->step(); }
[ \t]*\r\n { BEGIN(INITIAL); yyless(yyleng); driver.loc.back()->lines(1); driver.loc.back()->step(); }
\"[ \t]*\n { BEGIN(INITIAL); yyless(1); }
\"[ \t]*\r\n { BEGIN(INITIAL); driver.loc.back()->lines(1); driver.loc.back()->step(); }
. { driver.error (*driver.loc.back(), "invalid character", yytext); throw p::syntax_error(*driver.loc.back(), ""); }
}
<FINISH_ACTIONS>{
<<EOF>> { BEGIN(INITIAL); yyless(0); p::make_NEW_LINE(*driver.loc.back()); }
. { BEGIN(INITIAL); }
}
{CONFIG_COMPONENT_SIG}[ \t]+["]{FREE_TEXT}["] { return p::make_CONFIG_COMPONENT_SIG(strchr(yytext, ' ') + 2, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_DIR_MOD}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_AUDIT_DIR_MOD(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_DIR}[ ]{CONFIG_VALUE_PATH} { return p::make_CONFIG_DIR_AUDIT_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
@ -361,8 +418,6 @@ VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
{CONFIG_DIR_RES_BODY_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_RES_BODY_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_RES_BODY} { return p::make_CONFIG_DIR_RES_BODY(yytext, *driver.loc.back()); }
{CONFIG_DIR_RULE_ENG} { return p::make_CONFIG_DIR_RULE_ENG(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_ACTION} { return p::make_CONFIG_DIR_SEC_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_DEFAULT_ACTION} { return p::make_CONFIG_DIR_SEC_DEFAULT_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_MARKER}[ \t]+["]{NEW_LINE_FREE_TEXT}["] { return p::make_CONFIG_DIR_SEC_MARKER(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_SEC_MARKER}[ \t]+{NEW_LINE_FREE_TEXT} { return p::make_CONFIG_DIR_SEC_MARKER(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_UNICODE_MAP_FILE}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONFIG_DIR_UNICODE_MAP_FILE(strchr(yytext, ' ') + 1, *driver.loc.back()); }
@ -391,7 +446,11 @@ VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
{CONGIG_DIR_SEC_STATUS_ENGINE}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONGIG_DIR_SEC_STATUS_ENGINE(yytext, *driver.loc.back()); }
{CONGIG_DIR_SEC_TMP_DIR}[ ]{CONFIG_VALUE_PATH} { return p::make_CONGIG_DIR_SEC_TMP_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{DIRECTIVE_SECRULESCRIPT}[ ]{CONFIG_VALUE_PATH} { return p::make_DIRECTIVE_SECRULESCRIPT(yytext, *driver.loc.back()); }
{DIRECTIVE} { return p::make_DIRECTIVE(yytext, *driver.loc.back()); }
{DIRECTIVE} { BEGIN(TRANSACTION_TO_VARIABLE); return p::make_DIRECTIVE(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_DEFAULT_ACTION} { BEGIN(TRANSACTION_FROM_DIRECTIVE_TO_ACTIONS); return p::make_CONFIG_DIR_SEC_DEFAULT_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_ACTION} { BEGIN(TRANSACTION_FROM_DIRECTIVE_TO_ACTIONS); return p::make_CONFIG_DIR_SEC_ACTION(yytext, *driver.loc.back()); }
{CONFIG_SEC_REMOTE_RULES_FAIL_ACTION} { return p::make_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION(yytext, *driver.loc.back()); }
{CONFIG_SEC_COLLECTION_TIMEOUT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_SEC_COLLECTION_TIMEOUT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
[ \t]*[\n] { driver.loc.back()->lines(1); driver.loc.back()->step(); }
@ -402,74 +461,133 @@ VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
["] { return p::make_QUOTATION_MARK(yytext, *driver.loc.back()); }
[,] { return p::make_COMMA(*driver.loc.back()); }
<TRANSACTION_TO_VARIABLE>{
[ \t]* { BEGIN(EXPECTING_VARIABLE); }
}
<INITIAL,EXPECTING_VARIABLE>{
[!&]?{RUN_TIME_VAR_BLD} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_DUR} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_ENV}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_HSV} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_REMOTE_USER} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_REMOTE_USER(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_DAY} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_DAY(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_EPOCH} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_EPOCH(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_HOUR} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_HOUR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_MIN} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_MIN(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_MON} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_MON(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_SEC} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_SEC(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_YEAR} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_YEAR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
[!&]?{VARIABLENOCOLON} { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_STATUS} { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_STATUS(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_WEBSERVER_ERROR_LOG} { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
[!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
[!&]?{VARIABLE}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_BLD}["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_DUR}["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_ENV}(\:\'{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})?["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_HSV}["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
["][!&]?{VARIABLENOCOLON}["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE}(\:{DICT_ELEMENT})?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
[&]?{RUN_TIME_VAR_TIME_WDAY} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_WDAY(yytext, *driver.loc.back()); }
<TRANSACTION_FROM_DIRECTIVE_TO_ACTIONS>{
[ \t]* { }
[ \t]*\"[ \t]* { BEGIN(EXPECTING_ACTIONS); }
[ \t]*\\\n[ \t]*\"[ \t]* { BEGIN(EXPECTING_ACTIONS); }
[ \t]*\\\r\n[ \t]*\"[ \t]* { BEGIN(EXPECTING_ACTIONS); }
}
<EXPECTING_VARIABLE>{
[!&]?{RUN_TIME_VAR_BLD} { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_DUR} { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_ENV}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_HSV} { return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_REMOTE_USER} { return p::make_RUN_TIME_VAR_REMOTE_USER(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_DAY} { return p::make_RUN_TIME_VAR_TIME_DAY(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_EPOCH} { return p::make_RUN_TIME_VAR_TIME_EPOCH(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_HOUR} { return p::make_RUN_TIME_VAR_TIME_HOUR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_MIN} { return p::make_RUN_TIME_VAR_TIME_MIN(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_MON} { return p::make_RUN_TIME_VAR_TIME_MON(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_SEC} { return p::make_RUN_TIME_VAR_TIME_SEC(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_YEAR} { return p::make_RUN_TIME_VAR_TIME_YEAR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME} { return p::make_RUN_TIME_VAR_TIME(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
[!&]?{VARIABLENOCOLON} { return p::make_VARIABLE(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_STATUS} { return p::make_VARIABLE_STATUS(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_WEBSERVER_ERROR_LOG} { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
[!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { return p::make_VARIABLE(yytext, *driver.loc.back()); }
[!&]?{VARIABLE}(\:{DICT_ELEMENT})? { return p::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_BLD}["] { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_DUR}["] { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_ENV}(\:\'{FREE_TEXT_QUOTE}[\'])?["] { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})?["] { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_HSV}["] { return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
["][!&]?{VARIABLENOCOLON}["] { return p::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})?["] { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { return p::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE}(\:{DICT_ELEMENT})?["] { return p::make_VARIABLE(yytext, *driver.loc.back()); }
[&]?{RUN_TIME_VAR_TIME_WDAY} { return p::make_RUN_TIME_VAR_TIME_WDAY(yytext, *driver.loc.back()); }
}
<EXPECTING_VARIABLE,TRANSACTION_FROM_VARIABLE_TO_OPERATOR>{
[ \t]+["]* { BEGIN(EXPECTING_OPERATOR); }
}
<EXPECTING_OPERATOR>{
["]{OPERATOR}[ ]{FREE_TEXT}["] { BEGIN(INITIAL); return p::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATOR_UNCONDITIONAL_MATCH}[\t ]*["] { BEGIN(INITIAL); return p::make_OPERATOR_UNCONDITIONAL_MATCH(yytext, *driver.loc.back()); }
["]{OPERATOR_DETECT_SQLI}[\t ]*["] { BEGIN(INITIAL); return p::make_OPERATOR_DETECT_SQLI(yytext, *driver.loc.back()); }
["]{OPERATOR_DETECT_XSS}[\t ]*["] { BEGIN(INITIAL); return p::make_OPERATOR_DETECT_XSS(yytext, *driver.loc.back()); }
["]{OPERATOR_VALIDATE_URL_ENCODING}[\t ]*["] { BEGIN(INITIAL); return p::make_OPERATOR_VALIDATE_URL_ENCODING(yytext, *driver.loc.back()); }
["]{OPERATOR_VALIDATE_UTF8_ENCODING}[\t ]*["] { BEGIN(INITIAL); return p::make_OPERATOR_VALIDATE_UTF8_ENCODING(yytext, *driver.loc.back()); }
["]{OPERATOR_GEOIP}[\t ]*["] { BEGIN(INITIAL); return p::make_OPERATOR_GEOIP(yytext, *driver.loc.back()); }
{SOMETHING} { BEGIN(INITIAL); return p::make_FREE_TEXT(yytext, *driver.loc.back()); }
{OPERATOR_GEOLOOKUP} { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_OPERATOR_GEOLOOKUP(yytext, *driver.loc.back()); }
{OPERATOR_WITHIN} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_WITHIN(yytext, *driver.loc.back()); }
{OPERATOR_CONTAINS_WORD} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_CONTAINS_WORD(yytext, *driver.loc.back()); }
{OPERATOR_CONTAINS} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_CONTAINS(yytext, *driver.loc.back()); }
{OPERATOR_ENDS_WITH} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_ENDS_WITH(yytext, *driver.loc.back()); }
{OPERATOR_EQ} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_EQ(yytext, *driver.loc.back()); }
{OPERATOR_GE} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_GE(yytext, *driver.loc.back()); }
{OPERATOR_GT} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_GT(yytext, *driver.loc.back()); }
{OPERATOR_IP_MATCH_FROM_FILE} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_IP_MATCH_FROM_FILE(yytext, *driver.loc.back()); }
{OPERATOR_IP_MATCH} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_IP_MATCH(yytext, *driver.loc.back()); }
{OPERATOR_LE} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_LE(yytext, *driver.loc.back()); }
{OPERATOR_LT} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_LT(yytext, *driver.loc.back()); }
{OPERATOR_PM_FROM_FILE} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_PM_FROM_FILE(yytext, *driver.loc.back()); }
{OPERATOR_PM} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_PM(yytext, *driver.loc.back()); }
{OPERATOR_RBL} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_RBL(yytext, *driver.loc.back()); }
{OPERATOR_RX} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_RX(yytext, *driver.loc.back()); }
{OPERATOR_STR_EQ} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_STR_EQ(yytext, *driver.loc.back()); }
{OPERATOR_STR_MATCH} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_STR_MATCH(yytext, *driver.loc.back()); }
{OPERATOR_BEGINS_WITH} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_BEGINS_WITH(yytext, *driver.loc.back()); }
{OPERATOR_INSPECT_FILE} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_INSPECT_FILE(yytext, *driver.loc.back()); }
{OPERATOR_FUZZY_HASH} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_FUZZY_HASH(yytext, *driver.loc.back()); }
{OPERATOR_VALIDATE_BYTE_RANGE} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_VALIDATE_BYTE_RANGE(yytext, *driver.loc.back()); }
{OPERATOR_VALIDATE_DTD} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_VALIDATE_DTD(yytext, *driver.loc.back()); }
{OPERATOR_VALIDATE_HASH} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_VALIDATE_HASH(yytext, *driver.loc.back()); }
{OPERATOR_VALIDATE_SCHEMA} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_VALIDATE_SCHEMA(yytext, *driver.loc.back()); }
{OPERATOR_VERIFY_CC} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_VERIFY_CC(yytext, *driver.loc.back()); }
{OPERATOR_VERIFY_CPF} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_VERIFY_CPF(yytext, *driver.loc.back()); }
{OPERATOR_VERIFY_SSN} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_VERIFY_SSN(yytext, *driver.loc.back()); }
{OPERATOR_GSB_LOOKUP} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_GSB_LOOKUP(yytext, *driver.loc.back()); }
{OPERATOR_RSUB} { BEGIN(EXPECTING_PARAMETER); return p::make_OPERATOR_RSUB(yytext, *driver.loc.back()); }
{OPERATOR_UNCONDITIONAL_MATCH} { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_OPERATOR_UNCONDITIONAL_MATCH(yytext, *driver.loc.back()); }
{OPERATOR_DETECT_SQLI} { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_OPERATOR_DETECT_SQLI(yytext, *driver.loc.back()); }
{OPERATOR_DETECT_XSS} { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_OPERATOR_DETECT_XSS(yytext, *driver.loc.back()); }
{OPERATOR_VALIDATE_URL_ENCODING} { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_OPERATOR_VALIDATE_URL_ENCODING(yytext, *driver.loc.back()); }
{OPERATOR_VALIDATE_UTF8_ENCODING} { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_OPERATOR_VALIDATE_UTF8_ENCODING(yytext, *driver.loc.back()); }
{NOT} { BEGIN(EXPECTING_OPERATOR); return p::make_NOT(yytext, *driver.loc.back()); }
. { BEGIN(NO_OP_INFORMED); yyless(0); }
}
<NO_OP_INFORMED>{
{FREE_TEXT} { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_OPERATOR_RX_CONTENT_ONLY(yytext, *driver.loc.back()); }
}
<INITIAL,EXPECTING_OPERATOR,EXPECTING_VARIABLE>{
[|] { BEGIN(EXPECTING_VARIABLE); return p::make_PIPE(*driver.loc.back()); }
<TRANSACTION_FROM_OPERATOR_TO_ACTIONS>{
[ \t]*\"[ \t]* { BEGIN(EXPECTING_ACTIONS); }
[ \t]*\"[ \t]*\"[ \t]* { BEGIN(EXPECTING_ACTIONS); }
[ \t]*\"[ \t]*\\\n[ \t]*\"[ \t]* { BEGIN(EXPECTING_ACTIONS); }
[ \t]*\"[ \t]*\\\r\n[ \t]*\"[ \t]* { BEGIN(EXPECTING_ACTIONS); }
}
<INITIAL,EXPECTING_OPERATOR>{
<EXPECTING_PARAMETER>{
[ ]{FREE_TEXT} { BEGIN(TRANSACTION_FROM_OPERATOR_TO_ACTIONS); return p::make_FREE_TEXT(yytext+1, *driver.loc.back()); }
}
<EXPECTING_VARIABLE>{
[|] { return p::make_PIPE(*driver.loc.back()); }
}
<INITIAL,EXPECTING_VARIABLE,EXPECTING_OPERATOR>{
[ \t]+ { }
[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
@ -484,8 +602,11 @@ VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
. { driver.error (*driver.loc.back(), "invalid character", yytext); throw p::syntax_error(*driver.loc.back(), ""); }
<<EOF>> {
if (driver.ref.size() > 0) {
if (driver.ref.size() > 1) {
driver.ref.pop_back();
}

2
test/test-cases/regression/action-skip.json
View File

@ -38,7 +38,7 @@
"version_min":300000,
"title":"Testing skip action 2/3",
"expected":{
"parser_error": "Rules error. File: action-skip.json. Line: 2. Column: 61. invalid character s"
"parser_error": "Rules error. File: action-skip.json. Line: 2. Column: 62. invalid character s"
},
"client":{
"ip":"200.249.12.31",

12
test/test-cases/regression/config-include.json
View File

@ -31,7 +31,7 @@
]
},
"expected":{
"debug_log":"Executing operator \"@contains\" with param \"config_example2\" against ARGS."
"debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS."
},
"rules":[
"SecRuleEngine On",
@ -71,7 +71,7 @@
]
},
"expected":{
"debug_log":"Executing operator \"@contains\" with param \"config_example\" against ARGS."
"debug_log":"Executing operator \"Contains\" with param \"config_example\" against ARGS."
},
"rules":[
"SecRuleEngine On",
@ -111,7 +111,7 @@
]
},
"expected":{
"debug_log":"Executing operator \"@contains\" with param \"config_example2\" against ARGS."
"debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS."
},
"rules":[
"SecRuleEngine On",
@ -151,7 +151,7 @@
]
},
"expected":{
"debug_log":"Executing operator \"@contains\" with param \"test\" against ARGS."
"debug_log":"Executing operator \"Contains\" with param \"test\" against ARGS."
},
"rules":[
"SecRuleEngine On",
@ -191,7 +191,7 @@
]
},
"expected":{
"debug_log":"Executing operator \"@contains\" with param \"config_example2\" against ARGS."
"debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS."
},
"rules":[
"SecRuleEngine On",
@ -232,7 +232,7 @@
]
},
"expected":{
"debug_log":"Executing operator \"@contains\" with param \"test\" against ARGS."
"debug_log":"Executing operator \"Contains\" with param \"test\" against ARGS."
},
"rules":[
"SecRuleEngine On",

4
test/test-cases/regression/config-secremoterules.json
View File

@ -31,7 +31,7 @@
]
},
"expected":{
"debug_log":"Executing operator \"@pmfromfile\" with param \"https://www.modsecurity.org/modsecurity-regression-test.txt\" against REQUEST_FILENAME"
"debug_log":"Executing operator \"PmFromFile\" with param \"https://www.modsecurity.org/modsecurity-regression-test.txt\" against REQUEST_FILENAME"
},
"rules":[
"SecRuleEngine On",
@ -84,7 +84,7 @@
]
},
"expected":{
"debug_log":"Executing operator \"@contains\" with param \"somethingelse\" against ARGS."
"debug_log":"Executing operator \"Contains\" with param \"somethingelse\" against ARGS."
},
"rules":[
"SecRuleEngine On",

2
test/test-cases/regression/misc.json
View File

@ -6,7 +6,7 @@
"title":"Testing action :: SecRule directives should be case insensitive",
"expected":{
"audit_log":"",
"debug_log":"Executing operator \"@contains\" with param \"PHPSESSID\" against REQUEST_HEADERS.",
"debug_log":"Executing operator \"Contains\" with param \"PHPSESSID\" against REQUEST_HEADERS.",
"error_log":""
},
"rules":[

2
test/test-cases/regression/operator-rx.json
View File

@ -36,7 +36,7 @@
]
},
"expected":{
"debug_log":"Executing operator \"@rx"
"debug_log":"Executing operator \"Rx"
},
"rules":[
"SecRuleEngine On",