github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Updated Transformation::evaluate signature to allow for in-place updates, removing unnecessary heap allocated copies.

Browse Source 
- Renamed Transformation::evaluate to Transformation::transform to avoid
  confusion with Action's overload methods.
- Updated Transformation::transform signature to receive the value by
  reference and perform the transformation inline, if possible.
  - Some transformations still need to use a temporary std::string to
    perform their work, and then copy the result back.
- Made Transformation::transform methods const and updated Transaction
  parameter to be const.
  - Transaction parameter could not be removed because it's used by just
    a single transformation, UrlDecodeUni.
- Removed std::string Action::evaluate(const std::string &exp,
  Transaction *transaction); which was only implemented by
  Transformation but was not used from the base class, but only after
  downcasting to Transformation, so it can just be declared there (and
  not pollute other actions with a default member implementation -that
  does nothing- which is never called).
This commit is contained in:
Eduardo Arias 2024-05-14 01:47:59 +00:00
parent 97c8766ef1
commit 5d39890783
96 changed files with 643 additions and 1642 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
headers/modsecurity/actions/action.h
View File

@ -13,26 +13,19 @@
*
*/
#ifdef __cplusplus
#include <string>
#include <iostream>
#include <memory>
#endif
#include "modsecurity/intervention.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
#ifndef HEADERS_MODSECURITY_ACTIONS_ACTION_H_
#define HEADERS_MODSECURITY_ACTIONS_ACTION_H_
#ifdef __cplusplus
#include <string>
#include <memory>
namespace modsecurity {
class Transaction;
class RuleWithOperator;
class RuleWithActions;
class RuleMessage;
namespace actions {
@ -74,8 +67,6 @@ class Action {
virtual ~Action() { }
virtual std::string evaluate(const std::string &exp,
Transaction *transaction);
virtual bool evaluate(RuleWithActions *rule, Transaction *transaction);
virtual bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> ruleMessage) {
@ -87,9 +78,9 @@ class Action {
void set_name_and_payload(const std::string& data) {
size_t pos = data.find(":");
std::string t = "t:";
const char t[] = "t:";
if (data.compare(0, t.length(), t) == 0) {
if (data.compare(0, std::size(t) - 1, t) == 0) {
pos = data.find(":", 2);
}

2
headers/modsecurity/rule.h
View File

@ -52,7 +52,7 @@ namespace operators {
class Operator;
}
using TransformationResult = std::pair<std::shared_ptr<std::string>,
using TransformationResult = std::pair<std::string,
std::shared_ptr<std::string>>;
using TransformationResults = std::list<TransformationResult>;

19
headers/modsecurity/rule_with_actions.h
View File

@ -119,16 +119,7 @@ class RuleWithActions : public Rule {
void executeTransformations(
Transaction *trasn, const std::string &value, TransformationResults &ret);
inline void executeTransformation(
actions::transformations::Transformation *a,
std::shared_ptr<std::string> *value,
Transaction *trans,
TransformationResults *ret,
std::string *path,
int *nth) const;
const Transaction *trasn, const std::string &value, TransformationResults &ret);
void performLogging(Transaction *trans,
std::shared_ptr<RuleMessage> ruleMessage,
@ -166,6 +157,14 @@ class RuleWithActions : public Rule {
RuleWithActions *m_chainedRuleParent;
private:
inline void executeTransformation(
const actions::transformations::Transformation &a,
std::string &value,
const Transaction *trans,
TransformationResults *ret,
std::string *path,
int *nth) const;
/* actions */
actions::Action *m_disruptiveAction;
actions::LogData *m_logData;

13
src/actions/accuracy.cc
View File

@ -15,16 +15,10 @@
#include "src/actions/accuracy.h"
#include <iostream>
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {
namespace modsecurity::actions {
bool Accuracy::init(std::string *error) {
@ -45,5 +39,4 @@ bool Accuracy::evaluate(RuleWithActions *rule, Transaction *transaction) {
}
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions

6
src/actions/action.cc
View File

@ -45,12 +45,6 @@ namespace modsecurity {
namespace actions {
std::string Action::evaluate(const std::string &value,
Transaction *transaction) {
return value;
}
bool Action::evaluate(RuleWithActions *rule, Transaction *transaction) {
return true;
}

12
src/actions/chain.cc
View File

@ -15,14 +15,9 @@
#include "src/actions/chain.h"
#include <iostream>
#include <string>
#include "modsecurity/rule_with_actions.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
namespace modsecurity {
namespace actions {
namespace modsecurity::actions {
bool Chain::evaluate(RuleWithActions *rule, Transaction *transaction) {
@ -31,5 +26,4 @@ bool Chain::evaluate(RuleWithActions *rule, Transaction *transaction) {
}
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions

13
src/actions/maturity.cc
View File

@ -15,16 +15,10 @@
#include "src/actions/maturity.h"
#include <iostream>
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {
namespace modsecurity::actions {
bool Maturity::init(std::string *error) {
@ -45,5 +39,4 @@ bool Maturity::evaluate(RuleWithActions *rule, Transaction *transaction) {
}
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions

17
src/actions/phase.cc
View File

@ -15,20 +15,15 @@
#include "src/actions/phase.h"
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/modsecurity.h"
#include "modsecurity/rule_with_actions.h"
#include "src/utils/string.h"
namespace modsecurity {
namespace actions {
namespace modsecurity::actions {
bool Phase::init(std::string *error) {
std::string a = utils::string::tolower(m_parser_payload);
const auto a = utils::string::tolower(m_parser_payload);
m_phase = -1;
try {
@ -77,5 +72,5 @@ bool Phase::evaluate(RuleWithActions *rule, Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions

13
src/actions/rev.cc
View File

@ -15,16 +15,10 @@
#include "src/actions/rev.h"
#include <iostream>
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {
namespace modsecurity::actions {
bool Rev::init(std::string *error) {
@ -39,5 +33,4 @@ bool Rev::evaluate(RuleWithActions *rule, Transaction *transaction) {
}
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions

11
src/actions/rule_id.cc
View File

@ -15,14 +15,10 @@
#include "src/actions/rule_id.h"
#include <iostream>
#include <string>
#include "modsecurity/rule_with_actions.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
namespace modsecurity {
namespace actions {
namespace modsecurity::actions {
bool RuleId::init(std::string *error) {
@ -54,5 +50,4 @@ bool RuleId::evaluate(RuleWithActions *rule, Transaction *transaction) {
}
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions

28
src/actions/transformations/base64_decode.cc
View File

@ -13,33 +13,19 @@
*
*/
#include "src/actions/transformations/base64_decode.h"
#include "base64_decode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/base64.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string Base64Decode::evaluate(const std::string &value,
Transaction *transaction) {
std::string ret = Utils::Base64::decode(value);
return ret;
bool Base64Decode::transform(std::string &value, const Transaction *trans) const {
if (value.empty()) return false;
value = Utils::Base64::decode(value);
return true;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/base64_decode.h
View File

@ -13,33 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class Base64Decode : public Transformation {
public:
explicit Base64Decode(const std::string &action) : Transformation(action) { }
explicit Base64Decode(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_H_

28
src/actions/transformations/base64_decode_ext.cc
View File

@ -13,33 +13,19 @@
*
*/
#include "src/actions/transformations/base64_decode_ext.h"
#include "base64_decode_ext.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/base64.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string Base64DecodeExt::evaluate(const std::string &value,
Transaction *transaction) {
std::string ret = Utils::Base64::decode_forgiven(value);
return ret;
bool Base64DecodeExt::transform(std::string &value, const Transaction *trans) const {
if (value.empty()) return false;
value = Utils::Base64::decode_forgiven(value);
return true;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/base64_decode_ext.h
View File

@ -13,33 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_
#define SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class Base64DecodeExt : public Transformation {
public:
explicit Base64DecodeExt(const std::string &action) : Transformation(action) { }
explicit Base64DecodeExt(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_DECODE_EXT_H_

28
src/actions/transformations/base64_encode.cc
View File

@ -13,33 +13,19 @@
*
*/
#include "src/actions/transformations/base64_encode.h"
#include "base64_encode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/base64.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string Base64Encode::evaluate(const std::string &value,
Transaction *transaction) {
std::string ret = Utils::Base64::encode(value);
return ret;
bool Base64Encode::transform(std::string &value, const Transaction *trans) const {
if (value.empty()) return false;
value = Utils::Base64::encode(value);
return true;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/base64_encode.h
View File

@ -13,33 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class Base64Encode : public Transformation {
public:
explicit Base64Encode(const std::string &action) : Transformation(action) { }
explicit Base64Encode(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_BASE64_ENCODE_H_

27
src/actions/transformations/cmd_line.cc
View File

@ -13,26 +13,13 @@
*
*/
#include "src/actions/transformations/cmd_line.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "cmd_line.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string CmdLine::evaluate(const std::string &value,
Transaction *transaction) {
bool CmdLine::transform(std::string &value, const Transaction *trans) const {
std::string ret;
int space = 0;
@ -77,11 +64,11 @@ std::string CmdLine::evaluate(const std::string &value,
}
}
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

21
src/actions/transformations/cmd_line.h
View File

@ -13,35 +13,22 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_CMD_LINE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_CMD_LINE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class CmdLine : public Transformation {
public:
explicit CmdLine(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // modsecurity::namespace actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_CMD_LINE_H_

29
src/actions/transformations/compress_whitespace.cc
View File

@ -13,30 +13,18 @@
*
*/
#include "src/actions/transformations/compress_whitespace.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "compress_whitespace.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
CompressWhitespace::CompressWhitespace(const std::string &action)
: Transformation(action) {
this->action_kind = 1;
}
std::string CompressWhitespace::evaluate(const std::string &value,
Transaction *transaction) {
bool CompressWhitespace::transform(std::string &value, const Transaction *trans) const {
std::string a;
int inWhiteSpace = 0;
@ -58,9 +46,10 @@ std::string CompressWhitespace::evaluate(const std::string &value,
i++;
}
return a;
const auto changed = a != value;
value = a;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/compress_whitespace.h
View File

@ -13,34 +13,20 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_COMPRESS_WHITESPACE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_COMPRESS_WHITESPACE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class CompressWhitespace : public Transformation {
public:
explicit CompressWhitespace(const std::string &action);
explicit CompressWhitespace(const std::string &action) ;
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_COMPRESS_WHITESPACE_H_

29
src/actions/transformations/css_decode.cc
View File

@ -13,29 +13,15 @@
*
*/
#include "src/actions/transformations/css_decode.h"
#include "css_decode.h"
#include <string.h>
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string CssDecode::evaluate(const std::string &value,
Transaction *transaction) {
bool CssDecode::transform(std::string &value, const Transaction *trans) const {
char *tmp = reinterpret_cast<char *>(
malloc(sizeof(char) * value.size() + 1));
@ -47,7 +33,10 @@ std::string CssDecode::evaluate(const std::string &value,
std::string ret(tmp, 0, value.size());
free(tmp);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
@ -191,6 +180,4 @@ int CssDecode::css_decode_inplace(unsigned char *input, int64_t input_len) {
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/css_decode.h
View File

@ -13,37 +13,23 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_CSS_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_CSS_DECODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
#include "transformation.h"
namespace modsecurity::actions::transformations {
class CssDecode : public Transformation {
public:
explicit CssDecode(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static int css_decode_inplace(unsigned char *input, int64_t input_len);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_CSS_DECODE_H_

29
src/actions/transformations/escape_seq_decode.cc
View File

@ -13,23 +13,12 @@
*
*/
#include "src/actions/transformations/escape_seq_decode.h"
#include "escape_seq_decode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
EscapeSeqDecode::EscapeSeqDecode(const std::string &action)
: Transformation(action) {
@ -140,8 +129,7 @@ int EscapeSeqDecode::ansi_c_sequences_decode_inplace(unsigned char *input,
}
std::string EscapeSeqDecode::evaluate(const std::string &value,
Transaction *transaction) {
bool EscapeSeqDecode::transform(std::string &value, const Transaction *trans) const {
unsigned char *tmp = (unsigned char *) malloc(sizeof(char)
* value.size() + 1);
@ -154,9 +142,10 @@ std::string EscapeSeqDecode::evaluate(const std::string &value,
ret.assign(reinterpret_cast<char *>(tmp), size);
free(tmp);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

26
src/actions/transformations/escape_seq_decode.h
View File

@ -13,35 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_ESCAPE_SEQ_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_ESCAPE_SEQ_DECODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class EscapeSeqDecode : public Transformation {
public:
explicit EscapeSeqDecode(const std::string &action);
explicit EscapeSeqDecode(const std::string &action) ;
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len);
bool transform(std::string &value, const Transaction *trans) const override;
static int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_ESCAPE_SEQ_DECODE_H_

28
src/actions/transformations/hex_decode.cc
View File

@ -13,27 +13,15 @@
*
*/
#include "src/actions/transformations/hex_decode.h"
#include "hex_decode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string HexDecode::evaluate(const std::string &value,
Transaction *transaction) {
bool HexDecode::transform(std::string &value, const Transaction *trans) const {
std::string ret;
unsigned char *input;
int size = 0;
@ -52,7 +40,9 @@ std::string HexDecode::evaluate(const std::string &value,
ret.assign(reinterpret_cast<char *>(input), size);
free(input);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
@ -74,6 +64,4 @@ int HexDecode::inplace(unsigned char *data, int len) {
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/hex_decode.h
View File

@ -13,35 +13,23 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_HEX_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_HEX_DECODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class HexDecode : public Transformation {
public:
explicit HexDecode(const std::string &action) : Transformation(action) { }
explicit HexDecode(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static int inplace(unsigned char *data, int len);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_HEX_DECODE_H_

32
src/actions/transformations/hex_encode.cc
View File

@ -13,41 +13,29 @@
*
*/
#include "src/actions/transformations/hex_encode.h"
#include "hex_encode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <iterator>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
HexEncode::HexEncode(const std::string &action)
: Transformation(action) {
this->action_kind = 1;
}
std::string HexEncode::evaluate(const std::string &value,
Transaction *transaction) {
bool HexEncode::transform(std::string &value, const Transaction *trans) const {
if (value.empty()) return false;
std::stringstream result;
for (std::size_t i=0; i < value.length(); i++) {
unsigned int ii = (unsigned char)(value[i]);
for (const auto c : value) {
unsigned int ii = (unsigned char)c;
result << std::setw(2) << std::setfill('0') << std::hex << ii;
}
return result.str();
value = result.str();
return true;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

22
src/actions/transformations/hex_encode.h
View File

@ -13,34 +13,20 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_HEX_ENCODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_HEX_ENCODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class HexEncode : public Transformation {
public:
explicit HexEncode(const std::string &action);
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_HEX_ENCODE_H_

30
src/actions/transformations/html_entity_decode.cc
View File

@ -13,32 +13,21 @@
*
*/
#include "src/actions/transformations/html_entity_decode.h"
#include "html_entity_decode.h"
#include <string.h>
#include <cstring>
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
#ifdef WIN32
#include "src/compat/msvc.h"
#endif
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string HtmlEntityDecode::evaluate(const std::string &value,
Transaction *transaction) {
bool HtmlEntityDecode::transform(std::string &value, const Transaction *trans) const {
std::string ret;
unsigned char *input;
@ -56,7 +45,9 @@ std::string HtmlEntityDecode::evaluate(const std::string &value,
ret.assign(reinterpret_cast<char *>(input), i);
free(input);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
@ -207,6 +198,5 @@ HTML_ENT_OUT:
return count;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

25
src/actions/transformations/html_entity_decode.h
View File

@ -13,40 +13,23 @@
*
*/
#include <string>
#include <unordered_map>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
#include "transformation.h"
namespace modsecurity::actions::transformations {
class HtmlEntityDecode : public Transformation {
public:
explicit HtmlEntityDecode(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static int inplace(unsigned char *input, uint64_t input_len);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_HTML_ENTITY_DECODE_H_

29
src/actions/transformations/js_decode.cc
View File

@ -13,29 +13,15 @@
*
*/
#include "src/actions/transformations/js_decode.h"
#include "js_decode.h"
#include <string.h>
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string JsDecode::evaluate(const std::string &value,
Transaction *transaction) {
bool JsDecode::transform(std::string &value, const Transaction *trans) const {
std::string ret;
unsigned char *input;
@ -53,7 +39,9 @@ std::string JsDecode::evaluate(const std::string &value,
ret.assign(reinterpret_cast<char *>(input), i);
free(input);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
@ -163,6 +151,5 @@ int JsDecode::inplace(unsigned char *input, uint64_t input_len) {
return count;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

21
src/actions/transformations/js_decode.h
View File

@ -13,35 +13,22 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_JS_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_JS_DECODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class JsDecode : public Transformation {
public:
explicit JsDecode(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static int inplace(unsigned char *input, uint64_t input_len);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_JS_DECODE_H_

29
src/actions/transformations/length.cc
View File

@ -13,34 +13,21 @@
*
*/
#include "src/actions/transformations/length.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "length.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
Length::Length(const std::string &action)
: Transformation(action) {
this->action_kind = 1;
}
std::string Length::evaluate(const std::string &value,
Transaction *transaction) {
return std::to_string(value.size());
bool Length::transform(std::string &value, const Transaction *trans) const {
value = std::to_string(value.size());
return true;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

22
src/actions/transformations/length.h
View File

@ -13,34 +13,20 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_LENGTH_H_
#define SRC_ACTIONS_TRANSFORMATIONS_LENGTH_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class Length : public Transformation {
public:
explicit Length(const std::string &action);
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_LENGTH_H_

24
src/actions/transformations/lower_case.cc
View File

@ -13,27 +13,20 @@
*
*/
#include "src/actions/transformations/lower_case.h"
#include <algorithm>
#include <string>
#include "lower_case.h"
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "modsecurity/actions/action.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
LowerCase::LowerCase(const std::string &a)
: Transformation(a) {
}
std::string LowerCase::evaluate(const std::string &val,
Transaction *transaction) {
bool LowerCase::transform(std::string &val, const Transaction *trans) const {
std::locale loc;
std::string value(val);
@ -41,9 +34,10 @@ std::string LowerCase::evaluate(const std::string &val,
value[i] = std::tolower(value[i], loc);
}
return value;
const auto changed = val != value;
val = value;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/lower_case.h
View File

@ -13,34 +13,20 @@
*
*/
#include <string>
#include <unordered_map>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_LOWER_CASE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_LOWER_CASE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
#include "transformation.h"
namespace modsecurity::actions::transformations {
class LowerCase : public Transformation {
public:
explicit LowerCase(const std::string &action);
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_LOWER_CASE_H_

27
src/actions/transformations/md5.cc
View File

@ -13,32 +13,17 @@
*
*/
#include "src/actions/transformations/md5.h"
#include "md5.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/md5.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string Md5::evaluate(const std::string &value,
Transaction *transaction) {
std::string ret = Utils::Md5::digest(value);
return ret;
bool Md5::transform(std::string &value, const Transaction *trans) const {
value = Utils::Md5::digest(value);
return true;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/md5.h
View File

@ -13,33 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_MD5_H_
#define SRC_ACTIONS_TRANSFORMATIONS_MD5_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class Md5 : public Transformation {
public:
explicit Md5(const std::string &action) : Transformation(action) { }
explicit Md5(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_MD5_H_

25
src/actions/transformations/none.cc
View File

@ -13,30 +13,15 @@
*
*/
#include "src/actions/transformations/none.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "none.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string None::evaluate(const std::string &value,
Transaction *transaction) {
return value;
bool None::transform(std::string &value, const Transaction *trans) const {
return false;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

21
src/actions/transformations/none.h
View File

@ -13,20 +13,12 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_NONE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_NONE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class None : public Transformation {
public:
@ -34,14 +26,9 @@ class None : public Transformation {
: Transformation(action)
{ m_isNone = true; }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_NONE_H_

34
src/actions/transformations/normalise_path.cc
View File

@ -13,33 +13,19 @@
*
*/
#include "src/actions/transformations/normalise_path.h"
#include <string.h>
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "normalise_path.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
NormalisePath::NormalisePath(const std::string &action)
: Transformation(action) {
this->action_kind = 1;
}
std::string NormalisePath::evaluate(const std::string &value,
Transaction *transaction) {
int changed = 0;
bool NormalisePath::transform(std::string &value, const Transaction *trans) const {
int _changed = 0;
char *tmp = reinterpret_cast<char *>(
malloc(sizeof(char) * value.size() + 1));
@ -47,13 +33,15 @@ std::string NormalisePath::evaluate(const std::string &value,
tmp[value.size()] = '\0';
int i = normalize_path_inplace((unsigned char *)tmp,
value.size(), 0, &changed);
value.size(), 0, &_changed);
std::string ret("");
ret.assign(tmp, i);
free(tmp);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
@ -223,6 +211,4 @@ length:
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

22
src/actions/transformations/normalise_path.h
View File

@ -13,37 +13,23 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_H_
#define SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class NormalisePath : public Transformation {
public:
explicit NormalisePath(const std::string &action);
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static int normalize_path_inplace(unsigned char *input, int input_len,
int win, int *changed);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_H_

34
src/actions/transformations/normalise_path_win.cc
View File

@ -13,30 +13,16 @@
*
*/
#include "src/actions/transformations/normalise_path_win.h"
#include "normalise_path_win.h"
#include <string.h>
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/actions/transformations/normalise_path.h"
#include "normalise_path.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string NormalisePathWin::evaluate(const std::string &value,
Transaction *transaction) {
int changed;
bool NormalisePathWin::transform(std::string &value, const Transaction *trans) const {
int _changed;
char *tmp = reinterpret_cast<char *>(
malloc(sizeof(char) * value.size() + 1));
@ -45,16 +31,16 @@ std::string NormalisePathWin::evaluate(const std::string &value,
int i = NormalisePath::normalize_path_inplace(
reinterpret_cast<unsigned char *>(tmp),
value.size(), 1, &changed);
value.size(), 1, &_changed);
std::string ret("");
ret.assign(tmp, i);
free(tmp);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

20
src/actions/transformations/normalise_path_win.h
View File

@ -13,33 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_WIN_H_
#define SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_WIN_H_
#include "transformation.h"
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class NormalisePathWin : public Transformation {
public:
explicit NormalisePathWin(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_NORMALISE_PATH_WIN_H_

30
src/actions/transformations/parity_even_7bit.cc
View File

@ -13,28 +13,17 @@
*
*/
#include "src/actions/transformations/parity_even_7bit.h"
#include "parity_even_7bit.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
namespace modsecurity::actions::transformations {
namespace modsecurity {
namespace actions {
namespace transformations {
bool ParityEven7bit::transform(std::string &value, const Transaction *trans) const {
if (value.empty()) return false;
std::string ParityEven7bit::evaluate(const std::string &value,
Transaction *transaction) {
std::string ret;
unsigned char *input;
input = reinterpret_cast<unsigned char *>
@ -46,9 +35,9 @@ std::string ParityEven7bit::evaluate(const std::string &value,
std::memcpy(input, value.c_str(), value.length()+1);
inplace(input, value.length());
const auto ret = inplace(input, value.length());
ret.assign(reinterpret_cast<char *>(input), value.length());
value.assign(reinterpret_cast<char *>(input), value.length());
free(input);
return ret;
@ -76,7 +65,4 @@ bool ParityEven7bit::inplace(unsigned char *input, uint64_t input_len) {
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

23
src/actions/transformations/parity_even_7bit.h
View File

@ -13,33 +13,22 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_PARITY_EVEN_7BIT_H_
#define SRC_ACTIONS_TRANSFORMATIONS_PARITY_EVEN_7BIT_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class ParityEven7bit : public Transformation {
public:
explicit ParityEven7bit(const std::string &action) : Transformation(action) { }
explicit ParityEven7bit(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp, Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static bool inplace(unsigned char *input, uint64_t input_len);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_PARITY_EVEN_7BIT_H_

29
src/actions/transformations/parity_odd_7bit.cc
View File

@ -13,28 +13,17 @@
*
*/
#include "src/actions/transformations/parity_odd_7bit.h"
#include "parity_odd_7bit.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
namespace modsecurity::actions::transformations {
namespace modsecurity {
namespace actions {
namespace transformations {
bool ParityOdd7bit::transform(std::string &value, const Transaction *trans) const {
if (value.empty()) return false;
std::string ParityOdd7bit::evaluate(const std::string &value,
Transaction *transaction) {
std::string ret;
unsigned char *input;
input = reinterpret_cast<unsigned char *>
@ -46,9 +35,9 @@ std::string ParityOdd7bit::evaluate(const std::string &value,
memcpy(input, value.c_str(), value.length()+1);
inplace(input, value.length());
const auto ret = inplace(input, value.length());
ret.assign(reinterpret_cast<char *>(input), value.length());
value.assign(reinterpret_cast<char *>(input), value.length());
free(input);
return ret;
@ -76,6 +65,4 @@ bool ParityOdd7bit::inplace(unsigned char *input, uint64_t input_len) {
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

23
src/actions/transformations/parity_odd_7bit.h
View File

@ -13,33 +13,22 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_PARITY_ODD_7BIT_H_
#define SRC_ACTIONS_TRANSFORMATIONS_PARITY_ODD_7BIT_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class ParityOdd7bit : public Transformation {
public:
explicit ParityOdd7bit(const std::string &action) : Transformation(action) { }
explicit ParityOdd7bit(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp, Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static bool inplace(unsigned char *input, uint64_t input_len);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_PARITY_ODD_7BIT_H_

29
src/actions/transformations/parity_zero_7bit.cc
View File

@ -13,28 +13,17 @@
*
*/
#include "src/actions/transformations/parity_zero_7bit.h"
#include "parity_zero_7bit.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
namespace modsecurity::actions::transformations {
namespace modsecurity {
namespace actions {
namespace transformations {
bool ParityZero7bit::transform(std::string &value, const Transaction *trans) const {
if (value.empty()) return false;
std::string ParityZero7bit::evaluate(const std::string &value,
Transaction *transaction) {
std::string ret;
unsigned char *input;
input = reinterpret_cast<unsigned char *>
@ -46,9 +35,9 @@ std::string ParityZero7bit::evaluate(const std::string &value,
memcpy(input, value.c_str(), value.length()+1);
inplace(input, value.length());
const auto ret = inplace(input, value.length());
ret.assign(reinterpret_cast<char *>(input), value.length());
value.assign(reinterpret_cast<char *>(input), value.length());
free(input);
return ret;
@ -68,6 +57,4 @@ bool ParityZero7bit::inplace(unsigned char *input, uint64_t input_len) {
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

23
src/actions/transformations/parity_zero_7bit.h
View File

@ -13,33 +13,22 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_PARITY_ZERO_7BIT_H_
#define SRC_ACTIONS_TRANSFORMATIONS_PARITY_ZERO_7BIT_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class ParityZero7bit : public Transformation {
public:
explicit ParityZero7bit(const std::string &action) : Transformation(action) { }
explicit ParityZero7bit(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp, Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static bool inplace(unsigned char *input, uint64_t input_len);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_PARITY_ZERO_7BIT_H_

28
src/actions/transformations/remove_comments.cc
View File

@ -13,27 +13,13 @@
*
*/
#include "src/actions/transformations/remove_comments.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "remove_comments.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string RemoveComments::evaluate(const std::string &value,
Transaction *transaction) {
bool RemoveComments::transform(std::string &value, const Transaction *trans) const {
std::string ret;
unsigned char *input;
@ -103,10 +89,10 @@ std::string RemoveComments::evaluate(const std::string &value,
ret.assign(reinterpret_cast<char *>(input), j);
free(input);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

26
src/actions/transformations/remove_comments.h
View File

@ -13,35 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_H_
#define SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
#include "transformation.h"
namespace modsecurity::actions::transformations {
class RemoveComments : public Transformation {
public:
explicit RemoveComments(const std::string &action) : Transformation(action) { }
explicit RemoveComments(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_H_

23
src/actions/transformations/remove_comments_char.cc
View File

@ -13,25 +13,17 @@
*
*/
#include "src/actions/transformations/remove_comments_char.h"
#include <string>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "remove_comments_char.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
RemoveCommentsChar::RemoveCommentsChar(const std::string &action)
: Transformation(action) {
this->action_kind = 1;
}
std::string RemoveCommentsChar::evaluate(const std::string &val,
Transaction *transaction) {
bool RemoveCommentsChar::transform(std::string &val, const Transaction *trans) const {
size_t i = 0;
std::string transformed_value;
transformed_value.reserve(val.size());
@ -65,10 +57,11 @@ std::string RemoveCommentsChar::evaluate(const std::string &val,
i++;
}
}
return transformed_value;
const auto changed = transformed_value != val;
val = transformed_value;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

21
src/actions/transformations/remove_comments_char.h
View File

@ -13,33 +13,20 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_CHAR_H_
#define SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_CHAR_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class RemoveCommentsChar : public Transformation {
public:
explicit RemoveCommentsChar(const std::string &action);
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_REMOVE_COMMENTS_CHAR_H_

24
src/actions/transformations/remove_nulls.cc
View File

@ -13,23 +13,13 @@
*
*/
#include "src/actions/transformations/remove_nulls.h"
#include <string.h>
#include <string>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "remove_nulls.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string RemoveNulls::evaluate(const std::string &val,
Transaction *transaction) {
bool RemoveNulls::transform(std::string &val, const Transaction *trans) const {
size_t i = 0;
std::string transformed_value;
transformed_value.reserve(val.size());
@ -43,10 +33,10 @@ std::string RemoveNulls::evaluate(const std::string &val,
i++;
}
return transformed_value;
const auto changed = transformed_value != val;
val = transformed_value;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

21
src/actions/transformations/remove_nulls.h
View File

@ -13,34 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_REMOVE_NULLS_H_
#define SRC_ACTIONS_TRANSFORMATIONS_REMOVE_NULLS_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class RemoveNulls : public Transformation {
public:
explicit RemoveNulls(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_REMOVE_NULLS_H_

23
src/actions/transformations/remove_whitespace.cc
View File

@ -13,25 +13,17 @@
*
*/
#include "src/actions/transformations/remove_whitespace.h"
#include "remove_whitespace.h"
#include <string>
namespace modsecurity::actions::transformations {
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
namespace modsecurity {
namespace actions {
namespace transformations {
RemoveWhitespace::RemoveWhitespace(const std::string &action)
: Transformation(action) {
this->action_kind = 1;
}
std::string RemoveWhitespace::evaluate(const std::string &val,
Transaction *transaction) {
bool RemoveWhitespace::transform(std::string &val, const Transaction *trans) const {
std::string transformed_value;
transformed_value.reserve(val.size());
@ -52,10 +44,11 @@ std::string RemoveWhitespace::evaluate(const std::string &val,
i++;
}
return transformed_value;
const auto changed = transformed_value != val;
val = transformed_value;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

21
src/actions/transformations/remove_whitespace.h
View File

@ -13,33 +13,20 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_REMOVE_WHITESPACE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_REMOVE_WHITESPACE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class RemoveWhitespace : public Transformation {
public:
explicit RemoveWhitespace(const std::string &action);
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_REMOVE_WHITESPACE_H_

31
src/actions/transformations/replace_comments.cc
View File

@ -13,31 +13,19 @@
*
*/
#include "src/actions/transformations/replace_comments.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "replace_comments.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
ReplaceComments::ReplaceComments(const std::string &action)
: Transformation(action) {
this->action_kind = 1;
}
std::string ReplaceComments::evaluate(const std::string &value,
Transaction *transaction) {
bool ReplaceComments::transform(std::string &value, const Transaction *trans) const {
uint64_t i, j, incomment;
char *input = reinterpret_cast<char *>(
@ -80,9 +68,10 @@ std::string ReplaceComments::evaluate(const std::string &value,
free(input);
return resp;
const auto changed = resp != value;
value = resp;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/replace_comments.h
View File

@ -13,34 +13,20 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_REPLACE_COMMENTS_H_
#define SRC_ACTIONS_TRANSFORMATIONS_REPLACE_COMMENTS_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class ReplaceComments : public Transformation {
public:
explicit ReplaceComments(const std::string &action);
explicit ReplaceComments(const std::string &action) ;
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_REPLACE_COMMENTS_H_

22
src/actions/transformations/replace_nulls.cc
View File

@ -13,25 +13,17 @@
*
*/
#include "src/actions/transformations/replace_nulls.h"
#include <string>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "replace_nulls.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
ReplaceNulls::ReplaceNulls(const std::string &action)
: Transformation(action) {
this->action_kind = 1;
}
std::string ReplaceNulls::evaluate(const std::string &val,
Transaction *transaction) {
bool ReplaceNulls::transform(std::string &val, const Transaction *trans) const {
int64_t i;
std::string value(val);
@ -44,9 +36,9 @@ std::string ReplaceNulls::evaluate(const std::string &val,
}
}
return value;
const auto changed = val != value;
val = value;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/replace_nulls.h
View File

@ -13,34 +13,20 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_REPLACE_NULLS_H_
#define SRC_ACTIONS_TRANSFORMATIONS_REPLACE_NULLS_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class ReplaceNulls : public Transformation {
public:
explicit ReplaceNulls(const std::string &action);
explicit ReplaceNulls(const std::string &action) ;
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_REPLACE_NULLS_H_

26
src/actions/transformations/sha1.cc
View File

@ -13,35 +13,21 @@
*
*/
#include "src/actions/transformations/sha1.h"
#include "sha1.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/sha1.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
Sha1::Sha1(const std::string &action)
: Transformation(action) {
this->action_kind = 1;
}
std::string Sha1::evaluate(const std::string &value,
Transaction *transaction) {
return Utils::Sha1::digest(value);
bool Sha1::transform(std::string &value, const Transaction *trans) const {
value = Utils::Sha1::digest(value);
return true;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/sha1.h
View File

@ -13,32 +13,20 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_SHA1_H_
#define SRC_ACTIONS_TRANSFORMATIONS_SHA1_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class Sha1 : public Transformation {
public:
explicit Sha1(const std::string &action) ;
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
explicit Sha1(const std::string &action);
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_SHA1_H_

27
src/actions/transformations/sql_hex_decode.cc
View File

@ -13,24 +13,15 @@
*
*/
#include "src/actions/transformations/sql_hex_decode.h"
#include "sql_hex_decode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
#ifndef VALID_HEX
#define VALID_HEX(X) (((X >= '0') && (X <= '9')) \
@ -41,8 +32,7 @@ namespace transformations {
#define ISODIGIT(X) ((X >= '0') && (X <= '7'))
#endif
std::string SqlHexDecode::evaluate(const std::string &value,
Transaction *transaction) {
bool SqlHexDecode::transform(std::string &value, const Transaction *trans) const {
std::string ret;
unsigned char *input;
int size = 0;
@ -61,7 +51,9 @@ std::string SqlHexDecode::evaluate(const std::string &value,
ret.assign(reinterpret_cast<char *>(input), size);
free(input);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
@ -107,7 +99,4 @@ int SqlHexDecode::inplace(unsigned char *data, int len) {
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/sql_hex_decode.h
View File

@ -13,27 +13,19 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_SQL_HEX_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_SQL_HEX_DECODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class SqlHexDecode : public Transformation {
public:
explicit SqlHexDecode(const std::string &action) : Transformation(action) { }
explicit SqlHexDecode(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static int inplace(unsigned char *data, int len);
@ -45,10 +37,6 @@ class SqlHexDecode : public Transformation {
}
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_SQL_HEX_DECODE_H_

90
src/actions/transformations/transformation.cc
View File

@ -13,65 +13,62 @@
*
*/
#include "src/actions/transformations/transformation.h"
#include "transformation.h"
#include <cstring>
#include <iostream>
#include <string>
#include "modsecurity/transaction.h"
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/base64_decode_ext.h"
#include "src/actions/transformations/base64_decode.h"
#include "src/actions/transformations/base64_encode.h"
#include "src/actions/transformations/cmd_line.h"
#include "src/actions/transformations/compress_whitespace.h"
#include "src/actions/transformations/css_decode.h"
#include "src/actions/transformations/escape_seq_decode.h"
#include "src/actions/transformations/hex_decode.h"
#include "src/actions/transformations/hex_encode.h"
#include "src/actions/transformations/html_entity_decode.h"
#include "src/actions/transformations/js_decode.h"
#include "src/actions/transformations/length.h"
#include "src/actions/transformations/lower_case.h"
#include "src/actions/transformations/md5.h"
#include "src/actions/transformations/none.h"
#include "src/actions/transformations/normalise_path.h"
#include "src/actions/transformations/normalise_path_win.h"
#include "src/actions/transformations/parity_even_7bit.h"
#include "src/actions/transformations/parity_odd_7bit.h"
#include "src/actions/transformations/parity_zero_7bit.h"
#include "src/actions/transformations/remove_comments_char.h"
#include "src/actions/transformations/remove_comments.h"
#include "src/actions/transformations/remove_nulls.h"
#include "src/actions/transformations/remove_whitespace.h"
#include "src/actions/transformations/replace_comments.h"
#include "src/actions/transformations/replace_nulls.h"
#include "src/actions/transformations/sha1.h"
#include "src/actions/transformations/sql_hex_decode.h"
#include "src/actions/transformations/trim.h"
#include "src/actions/transformations/trim_left.h"
#include "src/actions/transformations/trim_right.h"
#include "src/actions/transformations/upper_case.h"
#include "src/actions/transformations/url_decode.h"
#include "src/actions/transformations/url_decode_uni.h"
#include "src/actions/transformations/url_encode.h"
#include "src/actions/transformations/utf8_to_unicode.h"
#include "base64_decode_ext.h"
#include "base64_decode.h"
#include "base64_encode.h"
#include "cmd_line.h"
#include "compress_whitespace.h"
#include "css_decode.h"
#include "escape_seq_decode.h"
#include "hex_decode.h"
#include "hex_encode.h"
#include "html_entity_decode.h"
#include "js_decode.h"
#include "length.h"
#include "lower_case.h"
#include "md5.h"
#include "none.h"
#include "normalise_path.h"
#include "normalise_path_win.h"
#include "parity_even_7bit.h"
#include "parity_odd_7bit.h"
#include "parity_zero_7bit.h"
#include "remove_comments_char.h"
#include "remove_comments.h"
#include "remove_nulls.h"
#include "remove_whitespace.h"
#include "replace_comments.h"
#include "replace_nulls.h"
#include "sha1.h"
#include "sql_hex_decode.h"
#include "trim.h"
#include "trim_left.h"
#include "trim_right.h"
#include "upper_case.h"
#include "url_decode.h"
#include "url_decode_uni.h"
#include "url_encode.h"
#include "utf8_to_unicode.h"
#define IF_MATCH(b) \
if (a.compare(2, std::strlen(#b), #b) == 0)
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string Transformation::evaluate(const std::string &value,
Transaction *transaction) {
return value;
bool Transformation::transform(std::string &value, const Transaction *trans) const {
return false;
}
Transformation* Transformation::instantiate(std::string a) {
@ -119,6 +116,5 @@ Transformation* Transformation::instantiate(std::string a) {
return new Transformation(a);
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

21
src/actions/transformations/transformation.h
View File

@ -13,19 +13,12 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_
#define SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_
#include "modsecurity/actions/action.h"
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class Transformation : public Action {
public:
@ -35,15 +28,11 @@ class Transformation : public Action {
explicit Transformation(const std::string& _action, int kind)
: Action(_action, kind) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
static Transformation* instantiate(std::string a);
virtual bool transform(std::string &value, const Transaction *trans) const;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_

31
src/actions/transformations/trim.cc
View File

@ -13,22 +13,10 @@
*
*/
#include "src/actions/transformations/trim.h"
#include "trim.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "modsecurity/actions/action.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string *Trim::ltrim(std::string *s) {
@ -66,14 +54,13 @@ Trim::Trim(const std::string &action)
}
std::string
Trim::evaluate(const std::string &val,
Transaction *transaction) {
std::string value(val);
return *this->trim(&value);
bool Trim::transform(std::string &value, const Transaction *trans) const {
std::string ret(value);
this->trim(&ret);
const auto changed = ret != value;
value = ret;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

30
src/actions/transformations/trim.h
View File

@ -13,38 +13,24 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_TRIM_H_
#define SRC_ACTIONS_TRANSFORMATIONS_TRIM_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class Trim : public Transformation {
public:
explicit Trim(const std::string &action);
explicit Trim(const std::string &action) ;
bool transform(std::string &value, const Transaction *trans) const override;
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
std::string *ltrim(std::string *s);
std::string *rtrim(std::string *s);
std::string *trim(std::string *s);
static std::string *ltrim(std::string *s);
static std::string *rtrim(std::string *s);
static std::string *trim(std::string *s);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_TRIM_H_

32
src/actions/transformations/trim_left.cc
View File

@ -13,23 +13,10 @@
*
*/
#include "src/actions/transformations/trim_left.h"
#include "trim_left.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/actions/transformations/trim.h"
#include "modsecurity/actions/action.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
@ -38,12 +25,13 @@ TrimLeft::TrimLeft(const std::string &action)
this->action_kind = 1;
}
std::string TrimLeft::evaluate(const std::string &val,
Transaction *transaction) {
std::string value(val);
return *ltrim(&value);
bool TrimLeft::transform(std::string &value, const Transaction *trans) const {
std::string ret(value);
this->ltrim(&ret);
const auto changed = ret != value;
value = ret;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

25
src/actions/transformations/trim_left.h
View File

@ -13,34 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#include "src/actions/transformations/trim.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_TRIM_LEFT_H_
#define SRC_ACTIONS_TRANSFORMATIONS_TRIM_LEFT_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
#include "trim.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class TrimLeft : public Trim {
public:
explicit TrimLeft(const std::string &action) ;
explicit TrimLeft(const std::string &action);
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_TRIM_LEFT_H_

31
src/actions/transformations/trim_right.cc
View File

@ -13,22 +13,10 @@
*
*/
#include "src/actions/transformations/trim_right.h"
#include "trim_right.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "modsecurity/actions/action.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
TrimRight::TrimRight(const std::string &action)
@ -36,12 +24,13 @@ TrimRight::TrimRight(const std::string &action)
this->action_kind = 1;
}
std::string TrimRight::evaluate(const std::string &val,
Transaction *transaction) {
std::string value(val);
return *this->rtrim(&value);
bool TrimRight::transform(std::string &value, const Transaction *trans) const {
std::string ret(value);
this->rtrim(&ret);
const auto changed = ret != value;
value = ret;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

25
src/actions/transformations/trim_right.h
View File

@ -13,34 +13,21 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#include "src/actions/transformations/trim.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_TRIM_RIGHT_H_
#define SRC_ACTIONS_TRANSFORMATIONS_TRIM_RIGHT_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
#include "trim.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class TrimRight : public Trim {
public:
explicit TrimRight(const std::string &action) ;
explicit TrimRight(const std::string &action);
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_TRIM_RIGHT_H_

25
src/actions/transformations/upper_case.cc
View File

@ -13,27 +13,19 @@
*
*/
#include "src/actions/transformations/upper_case.h"
#include <algorithm>
#include <string>
#include "upper_case.h"
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "modsecurity/actions/action.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
UpperCase::UpperCase(const std::string &a)
: Transformation(a) {
}
std::string UpperCase::evaluate(const std::string &val,
Transaction *transaction) {
bool UpperCase::transform(std::string &val, const Transaction *trans) const {
std::string value(val);
std::locale loc;
@ -41,9 +33,10 @@ std::string UpperCase::evaluate(const std::string &val,
value[i] = std::toupper(value[i], loc);
}
return value;
const auto changed = val != value;
val = value;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

25
src/actions/transformations/upper_case.h
View File

@ -13,35 +13,20 @@
*
*/
#include <string>
#include <unordered_map>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_UPPER_CASE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_UPPER_CASE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
#include "transformation.h"
namespace modsecurity::actions::transformations {
class UpperCase : public Transformation {
public:
explicit UpperCase(const std::string &action) ;
explicit UpperCase(const std::string &action);
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_UPPER_CASE_H_

32
src/actions/transformations/url_decode.cc
View File

@ -13,23 +13,12 @@
*
*/
#include "src/actions/transformations/url_decode.h"
#include "url_decode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/decode.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
UrlDecode::UrlDecode(const std::string &action)
@ -37,28 +26,27 @@ UrlDecode::UrlDecode(const std::string &action)
this->action_kind = 1;
}
std::string UrlDecode::evaluate(const std::string &value,
Transaction *transaction) {
bool UrlDecode::transform(std::string &value, const Transaction *trans) const {
unsigned char *val(NULL);
int invalid_count = 0;
int changed;
int _changed;
val = (unsigned char *) malloc(sizeof(char) * value.size() + 1);
memcpy(val, value.c_str(), value.size() + 1);
val[value.size()] = '\0';
int size = utils::urldecode_nonstrict_inplace(val, value.size(),
&invalid_count, &changed);
&invalid_count, &_changed);
std::string out;
out.append((const char *)val, size);
free(val);
return out;
const auto changed = out != value;
value = out;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

26
src/actions/transformations/url_decode.h
View File

@ -13,36 +13,20 @@
*
*/
#include <string>
#include <unordered_map>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
#include "transformation.h"
namespace modsecurity::actions::transformations {
class UrlDecode : public Transformation {
public:
explicit UrlDecode(const std::string &action);
explicit UrlDecode(const std::string &action) ;
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_H_

33
src/actions/transformations/url_decode_uni.cc
View File

@ -13,33 +13,16 @@
*
*/
#include "src/actions/transformations/url_decode_uni.h"
#include "url_decode_uni.h"
#include <string.h>
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/rules_set_properties.h"
#include "modsecurity/rules_set.h"
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
#include "src/utils/system.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string UrlDecodeUni::evaluate(const std::string &value,
Transaction *t) {
bool UrlDecodeUni::transform(std::string &value, const Transaction *t) const {
std::string ret;
unsigned char *input;
@ -57,7 +40,9 @@ std::string UrlDecodeUni::evaluate(const std::string &value,
ret.assign(reinterpret_cast<char *>(input), i);
free(input);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
@ -66,7 +51,7 @@ std::string UrlDecodeUni::evaluate(const std::string &value,
* IMP1 Assumes NUL-terminated
*/
int UrlDecodeUni::inplace(unsigned char *input, uint64_t input_len,
Transaction *t) {
const Transaction *t) {
unsigned char *d = input;
int64_t i, count, fact, j, xv;
int Code, hmap = -1;
@ -190,6 +175,4 @@ int UrlDecodeUni::inplace(unsigned char *input, uint64_t input_len,
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

26
src/actions/transformations/url_decode_uni.h
View File

@ -13,35 +13,23 @@
*
*/
#include <string>
#include "modsecurity/rules_set_properties.h"
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_UNI_H_
#define SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_UNI_H_
#include "transformation.h"
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class UrlDecodeUni : public Transformation {
public:
explicit UrlDecodeUni(const std::string &action) : Transformation(action) { }
explicit UrlDecodeUni(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp, Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static int inplace(unsigned char *input, uint64_t input_len,
Transaction *transaction);
const Transaction *transaction);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_URL_DECODE_UNI_H_

30
src/actions/transformations/url_encode.cc
View File

@ -13,22 +13,11 @@
*
*/
#include "src/actions/transformations/url_encode.h"
#include "url_encode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
UrlEncode::UrlEncode(const std::string &action)
@ -87,16 +76,15 @@ std::string UrlEncode::url_enc(const char *input,
}
std::string UrlEncode::evaluate(const std::string &value,
Transaction *transaction) {
int changed;
bool UrlEncode::transform(std::string &value, const Transaction *trans) const {
int _changed;
std::string ret = url_enc(value.c_str(), value.size(), &changed);
std::string ret = url_enc(value.c_str(), value.size(), &_changed);
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

26
src/actions/transformations/url_encode.h
View File

@ -13,37 +13,23 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_URL_ENCODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_URL_ENCODE_H_
#ifdef __cplusplus
namespace modsecurity {
class Transaction;
#include "transformation.h"
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class UrlEncode : public Transformation {
public:
explicit UrlEncode(const std::string &action);
explicit UrlEncode(const std::string &action) ;
bool transform(std::string &value, const Transaction *trans) const override;
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
std::string url_enc(const char *input,
static std::string url_enc(const char *input,
unsigned int input_len, int *changed);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
#endif
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_URL_ENCODE_H_

29
src/actions/transformations/utf8_to_unicode.cc
View File

@ -13,31 +13,20 @@
*
*/
#include "src/actions/transformations/utf8_to_unicode.h"
#include "utf8_to_unicode.h"
#include <iostream>
#include <string>
#include <algorithm>
#include <functional>
#include <cctype>
#include <locale>
#include <cstring>
#include "modsecurity/transaction.h"
#include "src/actions/transformations/transformation.h"
#include "src/utils/string.h"
namespace modsecurity {
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
std::string Utf8ToUnicode::evaluate(const std::string &value,
Transaction *transaction) {
bool Utf8ToUnicode::transform(std::string &value, const Transaction *trans) const {
std::string ret;
unsigned char *input;
int changed = 0;
int _changed = 0;
char *out;
input = reinterpret_cast<unsigned char *>
@ -49,7 +38,7 @@ std::string Utf8ToUnicode::evaluate(const std::string &value,
memcpy(input, value.c_str(), value.length()+1);
out = inplace(input, value.size() + 1, &changed);
out = inplace(input, value.size() + 1, &_changed);
free(input);
if (out != NULL) {
ret.assign(reinterpret_cast<char *>(out),
@ -57,7 +46,9 @@ std::string Utf8ToUnicode::evaluate(const std::string &value,
free(out);
}
return ret;
const auto changed = ret != value;
value = ret;
return changed;
}
@ -313,6 +304,4 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations

24
src/actions/transformations/utf8_to_unicode.h
View File

@ -13,40 +13,30 @@
*
*/
#include <string>
#include "modsecurity/actions/action.h"
#include "src/actions/transformations/transformation.h"
#ifndef SRC_ACTIONS_TRANSFORMATIONS_UTF8_TO_UNICODE_H_
#define SRC_ACTIONS_TRANSFORMATIONS_UTF8_TO_UNICODE_H_
#include "transformation.h"
#define UNICODE_ERROR_CHARACTERS_MISSING -1
#define UNICODE_ERROR_INVALID_ENCODING -2
#define UNICODE_ERROR_OVERLONG_CHARACTER -3
#define UNICODE_ERROR_RESTRICTED_CHARACTER -4
#define UNICODE_ERROR_DECODING_ERROR -5
namespace modsecurity {
class Transaction;
namespace actions {
namespace transformations {
namespace modsecurity::actions::transformations {
class Utf8ToUnicode : public Transformation {
public:
explicit Utf8ToUnicode(const std::string &action) : Transformation(action) { }
explicit Utf8ToUnicode(const std::string &action)
: Transformation(action) { }
std::string evaluate(const std::string &exp,
Transaction *transaction) override;
bool transform(std::string &value, const Transaction *trans) const override;
static char *inplace(unsigned char *input, uint64_t input_len,
int *changed);
};
} // namespace transformations
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions::transformations
#endif // SRC_ACTIONS_TRANSFORMATIONS_UTF8_TO_UNICODE_H_

13
src/actions/ver.cc
View File

@ -15,16 +15,10 @@
#include "src/actions/ver.h"
#include <iostream>
#include <string>
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {
namespace modsecurity::actions {
bool Ver::evaluate(RuleWithActions *rule, Transaction *transaction) {
@ -33,5 +27,4 @@ bool Ver::evaluate(RuleWithActions *rule, Transaction *transaction) {
}
} // namespace actions
} // namespace modsecurity
} // namespace modsecurity::actions

24
src/engine/lua.cc
View File

@ -267,7 +267,7 @@ int Lua::getvar(lua_State *L) {
t = reinterpret_cast<Transaction *>(z);
std::string var = variables::Variable::stringMatchResolve(t, varname);
var = applyTransformations(L, t, 2, var);
applyTransformations(L, t, 2, var);
if (var.size() == 0) {
lua_pushnil(L);
@ -407,12 +407,10 @@ int Lua::setvar(lua_State *L) {
}
std::string Lua::applyTransformations(lua_State *L, Transaction *t,
int idx, std::string var) {
std::string newVar = var;
void Lua::applyTransformations(lua_State *L, const Transaction *t,
int idx, std::string &var) {
if (lua_isuserdata(L, idx) || lua_isnoneornil(L, idx)) {
return var;
return;
}
if (lua_istable(L, idx)) {
@ -429,16 +427,15 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t,
/* A "none" means start over */
if (strcmp("none", name) == 0) {
newVar = var;
continue;
}
actions::transformations::Transformation *tfn = \
auto tfn = \
actions::transformations::Transformation::instantiate(
"t:" + std::string(name));
// FIXME: transformation is not yet returning null.
if (tfn) {
newVar = tfn->evaluate(newVar, t);
tfn->transform(var, t);
} else {
ms_dbg_a(t, 1,
"SecRuleScript: Invalid transformation function: " \
@ -447,32 +444,31 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t,
delete tfn;
}
return newVar;
return;
}
if (lua_isstring(L, idx)) {
const char *name(NULL);
name = reinterpret_cast<const char *>(luaL_checkstring(L, idx));
actions::transformations::Transformation *tfn = \
auto tfn = \
actions::transformations::Transformation::instantiate(
"t:" + std::string(name));
// FIXME: transformation is not yet returning null.
if (tfn) {
newVar = tfn->evaluate(newVar, t);
tfn->transform(var, t);
delete tfn;
} else {
ms_dbg_a(t, 1, "SecRuleScript: Invalid transformation function: " \
+ std::string(name));
}
return newVar;
return;
}
ms_dbg_a(t, 8, "SecRuleScript: Transformation parameter must be a " \
"transformation name or array of transformation names, but found " \
"" + std::string(lua_typename(L, idx)) + " (type " \
+ std::to_string(lua_type(L, idx)) + ")");
return newVar;
}
#endif

4
src/engine/lua.h
View File

@ -79,8 +79,8 @@ class Lua {
static int getvar(lua_State *L);
static int getvars(lua_State *L);
static int setvar(lua_State *L);
static std::string applyTransformations(lua_State *L, Transaction *t,
int idx, std::string var);
static void applyTransformations(lua_State *L, const Transaction *t,
int idx, std::string &var);
LuaScriptBlob m_blob;
#endif

4
src/modsecurity.cc
View File

@ -300,7 +300,6 @@ int ModSecurity::processContentOffset(const char *content, size_t len,
while (!trans.empty()) {
modsecurity::actions::transformations::Transformation *t;
std::string varValueRes;
yajl_gen_map_open(g);
yajl_gen_string(g,
reinterpret_cast<const unsigned char*>("transformation"),
@ -312,8 +311,7 @@ int ModSecurity::processContentOffset(const char *content, size_t len,
t = modsecurity::actions::transformations::Transformation::instantiate(
trans.back().str().c_str());
varValueRes = t->evaluate(varValue, NULL);
varValue.assign(varValueRes);
t->transform(varValue, nullptr);
trans.pop_back();
yajl_gen_string(g, reinterpret_cast<const unsigned char*>("value"),

8
src/operators/validate_utf8_encoding.cc
View File

@ -19,6 +19,14 @@
#include "src/operators/operator.h"
constexpr int UNICODE_ERROR_CHARACTERS_MISSING = -1;
constexpr int UNICODE_ERROR_INVALID_ENCODING = -2;
constexpr int UNICODE_ERROR_OVERLONG_CHARACTER = -3;
constexpr int UNICODE_ERROR_RESTRICTED_CHARACTER = -4;
constexpr int UNICODE_ERROR_DECODING_ERROR = -5;
namespace modsecurity {
namespace operators {

7
src/operators/validate_utf8_encoding.h
View File

@ -22,13 +22,6 @@
#include "src/operators/operator.h"
#define UNICODE_ERROR_CHARACTERS_MISSING -1
#define UNICODE_ERROR_INVALID_ENCODING -2
#define UNICODE_ERROR_OVERLONG_CHARACTER -3
#define UNICODE_ERROR_RESTRICTED_CHARACTER -4
#define UNICODE_ERROR_DECODING_ERROR -5
namespace modsecurity {
namespace operators {

59
src/rule_with_actions.cc
View File

@ -25,6 +25,7 @@
#include <list>
#include <utility>
#include <memory>
#include <cassert>
#include "modsecurity/rules_set.h"
#include "src/operators/operator.h"
@ -323,49 +324,42 @@ void RuleWithActions::executeAction(Transaction *trans,
inline void RuleWithActions::executeTransformation(
actions::transformations::Transformation *a,
std::shared_ptr<std::string> *value,
Transaction *trans,
const actions::transformations::Transformation &a,
std::string &value,
const Transaction *trans,
TransformationResults *ret,
std::string *path,
int *nth) const {
std::string *oldValue = (*value).get();
std::string newValue = a->evaluate(*oldValue, trans);
if (newValue != *oldValue) {
auto u = std::make_shared<std::string>(newValue);
if (m_containsMultiMatchAction) {
ret->push_back(std::make_pair(u, a->m_name));
if (a.transform(value, trans) &&
m_containsMultiMatchAction) {
ret.emplace_back(value, a.m_name);
(*nth)++;
}
*value = u;
}
if (path->empty()) {
path->append(*a->m_name.get());
path->append(*a.m_name.get());
} else {
path->append("," + *a->m_name.get());
path->append("," + *a.m_name.get());
}
ms_dbg_a(trans, 9, " T (" + \
std::to_string(*nth) + ") " + \
*a->m_name.get() + ": \"" + \
utils::string::limitTo(80, newValue) +"\"");
*a.m_name.get() + ": \"" + \
utils::string::limitTo(80, value) +"\"");
}
void RuleWithActions::executeTransformations(
Transaction *trans, const std::string &in, TransformationResults &ret) {
const Transaction *trans, const std::string &in, TransformationResults &ret) {
int none = 0;
int transformations = 0;
std::string path("");
auto value = std::make_shared<std::string>(in);
auto value = in;
if (m_containsMultiMatchAction == true) {
/* keep the original value */
ret.push_back(std::make_pair(
std::make_shared<std::string>(*value),
std::make_shared<std::string>(path)));
ret.emplace_back(value,
std::make_shared<std::string>(path));
}
for (Action *a : m_transformations) {
@ -385,15 +379,17 @@ void RuleWithActions::executeTransformations(
}
// FIXME: here the object needs to be a transformation already.
Transformation *t = dynamic_cast<Transformation *>(a.get());
executeTransformation(t, &value, trans, &ret, &path,
auto t = dynamic_cast<const Transformation*>(a.get());
assert(t != nullptr);
executeTransformation(*t, value, trans, &ret, &path,
&transformations);
}
}
for (Transformation *a : m_transformations) {
for (const Transformation *a : m_transformations) {
assert(a != nullptr);
if (none == 0) {
executeTransformation(a, &value, trans, &ret, &path,
executeTransformation(*a, value, trans, &ret, &path,
&transformations);
}
if (a->m_isNone) {
@ -408,7 +404,8 @@ void RuleWithActions::executeTransformations(
if (m_ruleId != b.first) {
continue;
}
Transformation *a = dynamic_cast<Transformation*>(b.second.get());
auto a = dynamic_cast<const Transformation*>(b.second.get());
assert(a != nullptr);
if (a->m_isNone) {
none++;
}
@ -419,9 +416,10 @@ void RuleWithActions::executeTransformations(
if (m_ruleId != b.first) {
continue;
}
Transformation *a = dynamic_cast<Transformation*>(b.second.get());
auto a = dynamic_cast<const Transformation*>(b.second.get());
assert(a != nullptr);
if (none == 0) {
executeTransformation(a, &value, trans, &ret, &path,
executeTransformation(*a, value, trans, &ret, &path,
&transformations);
}
if (a->m_isNone) {
@ -436,9 +434,8 @@ void RuleWithActions::executeTransformations(
}
if (!m_containsMultiMatchAction) {
ret.push_back(std::make_pair(
std::make_shared<std::string>(*value),
std::make_shared<std::string>(path)));
ret.emplace_back(value,
std::make_shared<std::string>(path));
}
}

5
src/rule_with_operator.cc
View File

@ -296,10 +296,9 @@ bool RuleWithOperator::evaluate(Transaction *trans,
executeTransformations(trans, value, values);
for (const auto &valueTemp : values) {
bool ret;
std::string valueAfterTrans = std::move(*valueTemp.first);
const auto &valueAfterTrans = valueTemp.first;
ret = executeOperatorAt(trans, key, valueAfterTrans, ruleMessage);
const bool ret = executeOperatorAt(trans, key, valueAfterTrans, ruleMessage);
if (ret == true) {
ruleMessage->m_match = m_operator->resolveMatchMessage(trans,

20
src/utils/string.h
View File

@ -235,18 +235,18 @@ inline unsigned char *c2x(unsigned what, unsigned char *where) {
}
inline std::string string_to_hex(const std::string& input) {
static const char* const lut = "0123456789ABCDEF";
size_t len = input.length();
inline std::string string_to_hex(std::string_view input) {
static const char* const lut = "0123456789abcdef";
std::string output;
output.reserve(2 * len);
for (size_t i = 0; i < len; ++i) {
const unsigned char c = input[i];
output.push_back(lut[c >> 4]);
output.push_back(lut[c & 15]);
std::string a(input.size()*2, 0);
char *d = a.data();
for (const unsigned char c : input) {
*d++ = lut[c >> 4];
*d++ = lut[c & 15];
}
return output;
return a;
}

1
test/coding_style_suppressions.txt
View File

@ -13,7 +13,6 @@
./src/utils/acmp.cc
./src/utils/acmp.h
./src/utils/mbedtls/
./src/utils/md5.cc
./src/utils/md5.h
./src/utils/msc_tree.cc
./src/utils/msc_tree.h

6
test/unit/unit.cc
View File

@ -89,8 +89,10 @@ struct TransformationTest {
return tfn;
}
static UnitTestResult eval(ItemType &tfn, const UnitTest &t) {
return {1, tfn.evaluate(t.input, nullptr)};
static UnitTestResult eval(const ItemType &tfn, const UnitTest &t) {
std::string ret = t.input;
tfn.transform(ret, nullptr);
return {1, ret};
}
static bool check(const UnitTestResult &result, const UnitTest &t) {

14
test/unit/unit_test.cc
View File

@ -30,20 +30,6 @@
namespace modsecurity_test {
std::string string_to_hex(const std::string& input) {
static const char* const lut = "0123456789ABCDEF";
size_t len = input.length();
std::string output;
output.reserve(2 * len);
for (size_t i = 0; i < len; ++i) {
const unsigned char c = input[i];
output.push_back(lut[c >> 4]);
output.push_back(lut[c & 15]);
}
return output;
}
void replaceAll(std::string *s, const std::string &search,
const char replace) {
for (size_t pos = 0; ; pos += 0) {