github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

negative lookup on the key name instead of COLLECTION:key

Browse Source
This commit is contained in:
Felipe Zimmerle 2019-06-17 12:57:42 -03:00
parent 47dd9c5df4
commit 6ab464ab78
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
2 changed files with 86 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/rule.cc
View File

@ -699,7 +699,7 @@ bool Rule::evaluate(Transaction *trans,
const std::string &value = v->getValue();
const std::string &key = v->getKeyWithCollection();
if (exclusion.contains(v->getKeyWithCollection()) ||
if (exclusion.contains(v->getKey()) ||
std::find_if(trans->m_ruleRemoveTargetById.begin(),
trans->m_ruleRemoveTargetById.end(),
[&, v, this](std::pair<int, std::string> &m) -> bool {
@ -710,7 +710,7 @@ bool Rule::evaluate(Transaction *trans,
v = NULL;
continue;
}
if (exclusion.contains(v->getKeyWithCollection()) ||
if (exclusion.contains(v->getKey()) ||
std::find_if(trans->m_ruleRemoveTargetByTag.begin(),
trans->m_ruleRemoveTargetByTag.end(),
[&, v, trans, this](std::pair<std::string, std::string> &m) -> bool {

88
test/test-cases/regression/config-update-target-by-tag.json
View File

@ -2,7 +2,7 @@
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateTargetByTag (1/4)",
"title":"SecRuleUpdateTargetByTag (1/6)",
"client":{
"ip":"200.249.12.31",
"port":123
@ -42,7 +42,7 @@
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateTargetByTag (2/4)",
"title":"SecRuleUpdateTargetByTag (2/6)",
"client":{
"ip":"200.249.12.31",
"port":123
@ -82,7 +82,7 @@
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateTargetByTag (3/4)",
"title":"SecRuleUpdateTargetByTag (3/6)",
"client":{
"ip":"200.249.12.31",
"port":123
@ -122,7 +122,7 @@
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateTargetByTag (4/4)",
"title":"SecRuleUpdateTargetByTag (4/6)",
"client":{
"ip":"200.249.12.31",
"port":123
@ -158,5 +158,85 @@
"SecRuleUpdateTargetByTag test !ARGS:/ke/",
"SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateTargetByTag Test (5/6) Regex with match anchored at beginning of Subject",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&ref=something",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateTargetByTag test !ARGS:'/(?!ref)/'",
"SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateTargetByTag Test (6/6) Regex with match anchored at beginning of Subject",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&ref=something",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateTargetByTag test !ARGS:'/^ref/'",
"SecRule ARGS \"@contains something\" \"id:1,pass,t:trim,tag:'test',deny\""
]
}
]