github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support to URLENCODED_ERROR variable

Browse Source
This commit is contained in:
Felipe Zimmerle
2016-06-17 20:41:07 -03:00
parent c5262d54f2
commit 6052d2628b
9 changed files with 406 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
src/actions/transformations/url_decode.cc
View File

@@ -31,64 +31,6 @@ namespace actions {
namespace transformations {
int UrlDecode::urldecode_nonstrict_inplace(unsigned char *input,
uint64_t input_len, int *invalid_count, int *changed) {
unsigned char *d = (unsigned char *)input;
uint64_t i, count;
*changed = 0;
if (input == NULL) {
return -1;
}
i = count = 0;
while (i < input_len) {
if (input[i] == '%') {
/* Character is a percent sign. */
/* Are there enough bytes available? */
if (i + 2 < input_len) {
char c1 = input[i + 1];
char c2 = input[i + 2];
if (VALID_HEX(c1) && VALID_HEX(c2)) {
uint64_t uni = x2c(&input[i + 1]);
*d++ = (wchar_t)uni;
count++;
i += 3;
*changed = 1;
} else {
/* Not a valid encoding, skip this % */
*d++ = input[i++];
count++;
(*invalid_count)++;
}
} else {
/* Not enough bytes available, copy the raw bytes. */
*d++ = input[i++];
count++;
(*invalid_count)++;
}
} else {
/* Character is not a percent sign. */
if (input[i] == '+') {
*d++ = ' ';
*changed = 1;
} else {
*d++ = input[i];
}
count++;
i++;
}
}
*d = '\0';
return count;
}
UrlDecode::UrlDecode(std::string action)
: Transformation(action) {
this->action_kind = 1;

3
src/actions/transformations/url_decode.h
View File

@@ -53,9 +53,6 @@ class UrlDecode : public Transformation {
explicit UrlDecode(std::string action);
std::string evaluate(std::string exp,
Transaction *transaction) override;
int urldecode_nonstrict_inplace(unsigned char *input, uint64_t input_len,
int *invalid_count, int *changed);
};
} // namespace transformations