Fix QUERY_STRING variable

QUERY_STRING should be populated using the raw string.

src/assay.cc

@@ -214,6 +214,7 @@ int Assay::processURI(const char *uri, const char *protocol,
     } else {
         store_variable("PATH_INFO", std::string(m_uri_decoded, 0,
             pos - m_uri_decoded.c_str()));
+        store_variable("QUERY_STRING", std::string(strchr(m_uri, '?')));
     }
 
     if (pos != NULL && strlen(pos) > 2) {
@@ -259,7 +260,6 @@ int Assay::processURI(const char *uri, const char *protocol,
 
             debug(4, "Adding request argument (QUERY_STRING): name \"" + \
                 key_value[0] + "\", value \"" + key_value[1] + "\"");
-            store_variable("QUERY_STRING:" + key_value[0], key_value[1]);
         }
     }
     return true;

test/test-cases/regression/variable-QUERY_STRING.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: QUERY_STRING",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"key2=v\\%20a\\%20l\\%20u\\%20e\\%202\" \\(Variable: QUERY_STRING\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule QUERY_STRING \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]