github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Splits operator into OPERATOR and FREE_TEXT on sec lang grammar

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-10-02 12:07:18 -03:00
parent df819dc43b
commit 5cc9e94505
2 changed files with 54 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
src/parser/seclang-parser.yy
View File

@ -247,6 +247,7 @@ using ModSecurity::Variables::Variable;
%type <Variable *> var %type <Variable *> var
%type <Action *> act %type <Action *> act
%type <std::vector<Action *> *> actings %type <std::vector<Action *> *> actings
%type <Operator *> op
%printer { yyoutput << $$; } <*>; %printer { yyoutput << $$; } <*>;
@ -345,19 +346,34 @@ actings:
} }
; ;
op:
OPERATOR
{
Operator *op = Operator::instantiate($1);
const char *error = NULL;
if (op->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
$$ = op;
}
| FREE_TEXT
{
Operator *op = Operator::instantiate("\"@rx " + $1 + "\"");
const char *error = NULL;
if (op->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
$$ = op;
}
expression: expression:
audit_log audit_log
| DIRECTIVE variables OPERATOR actings | DIRECTIVE variables op actings
{ {
Operator *op = Operator::instantiate($3);
const char *error = NULL;
if (op->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
Rule *rule = new Rule( Rule *rule = new Rule(
/* op */ op, /* op */ $3,
/* variables */ $2, /* variables */ $2,
/* actions */ $4 /* actions */ $4
); );
@ -366,34 +382,10 @@ expression:
YYERROR; YYERROR;
} }
} }
| DIRECTIVE variables FREE_TEXT actings | DIRECTIVE variables op
{ {
Operator *op = Operator::instantiate("\"@rx " + $3 + "\"");
const char *error = NULL;
if (op->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
Rule *rule = new Rule( Rule *rule = new Rule(
/* op */ op, /* op */ $3,
/* variables */ $2,
/* actions */ $4
);
if (driver.addSecRule(rule) == false) {
YYERROR;
}
}
| DIRECTIVE variables OPERATOR
{
Operator *op = Operator::instantiate("\"@rx " + $3 + "\"");
const char *error = NULL;
if (op->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
Rule *rule = new Rule(
/* op */ op,
/* variables */ $2, /* variables */ $2,
/* actions */ NULL /* actions */ NULL
); );
@ -402,16 +394,7 @@ expression:
YYERROR; YYERROR;
} }
} }
| CONFIG_DIR_SEC_ACTION QUOTATION_MARK actions QUOTATION_MARK | CONFIG_DIR_SEC_ACTION actings
{
Rule *rule = new Rule(
/* op */ NULL,
/* variables */ NULL,
/* actions */ $3
);
driver.addSecAction(rule);
}
| CONFIG_DIR_SEC_ACTION actions
{ {
Rule *rule = new Rule( Rule *rule = new Rule(
/* op */ NULL, /* op */ NULL,
@ -420,9 +403,9 @@ expression:
); );
driver.addSecAction(rule); driver.addSecAction(rule);
} }
| CONFIG_DIR_SEC_DEFAULT_ACTION QUOTATION_MARK actions QUOTATION_MARK | CONFIG_DIR_SEC_DEFAULT_ACTION actings
{ {
std::vector<Action *> *actions = $3; std::vector<Action *> *actions = $2;
std::vector<Action *> checkedActions; std::vector<Action *> checkedActions;
int definedPhase = -1; int definedPhase = -1;
int secRuleDefinedPhase = -1; int secRuleDefinedPhase = -1;

26
test/benchmark/basic_rules.conf
View File

@ -1,3 +1,27 @@
include "owasp-modsecurity-crs-orig/modsecurity_crs_10_setup.conf" include "owasp-modsecurity-crs-orig/modsecurity_crs_10_setup.conf"
include "owasp-modsecurity-crs-orig/rules/*.conf" #include "owasp-modsecurity-crs-orig/rules/*.conf"
#include owasp-modsecurity-crs-orig/rules/RESPONSE-51-DATA-LEAKAGES-SQL.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-01-COMMON-EXCEPTIONS.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-10-IP-REPUTATION.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-11-METHOD-ENFORCEMENT.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-12-DOS-PROTECTION.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-13-SCANNER-DETECTION.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-21-PROTOCOL-ATTACK.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-30-APPLICATION-ATTACK-LFI.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-31-APPLICATION-ATTACK-RFI.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-32-APPLICATION-ATTACK-RCE.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-33-APPLICATION-ATTACK-PHP.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-41-APPLICATION-ATTACK-XSS.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-43-APPLICATION-ATTACK-SESSION-FIXATION.conf
include owasp-modsecurity-crs-orig/rules/REQUEST-49-BLOCKING-EVALUATION.conf
include owasp-modsecurity-crs-orig/rules/RESPONSE-50-DATA-LEAKAGES.conf
include owasp-modsecurity-crs-orig/rules/RESPONSE-50-DATA-LEAKAGES-IIS.conf
include owasp-modsecurity-crs-orig/rules/RESPONSE-50-DATA-LEAKAGES-JAVA.conf
include owasp-modsecurity-crs-orig/rules/RESPONSE-50-DATA-LEAKAGES-PHP.conf
include owasp-modsecurity-crs-orig/rules/RESPONSE-51-DATA-LEAKAGES-SQL.conf
include owasp-modsecurity-crs-orig/rules/RESPONSE-59-BLOCKING-EVALUATION.conf
include owasp-modsecurity-crs-orig/rules/RESPONSE-80-CORRELATION.conf