github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring on variables::Variable

Browse Source 
Using the references on key and collection as shared pointers
This commit is contained in:
Felipe Zimmerle 2020-08-21 19:48:05 -03:00
parent bac54787af
commit 6c79e716e7
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
16 changed files with 116 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/actions/set_var.cc
View File

@ -73,7 +73,7 @@ bool SetVar::execute(Transaction *t) const noexcept {
} else if (user) {
m_variableNameExpanded = user->evaluateRunTimeString(t);
} else {
m_variableNameExpanded = m_variable->m_name;
m_variableNameExpanded = *m_variable->getVariableKey();
}
if (m_operation == setOperation) {
@ -126,7 +126,7 @@ bool SetVar::execute(Transaction *t) const noexcept {
}
}
ms_dbg_a(t, 8, "Saving variable: " + m_variable->m_collectionName \
ms_dbg_a(t, 8, "Saving variable: " + *m_variable->getVariableKeyWithCollection() \
+ ":" + m_variableNameExpanded + " with value: " + targetValue);
if (tx) {

15
src/rule_with_actions.h.rej
View File

@ -1,15 +0,0 @@
--- src/rule_with_actions.h
+++ src/rule_with_actions.h
@@ -520,11 +528,10 @@ class RuleWithActions : public Rule {
for (auto &a : m_XmlNSs) {
dst.push_back(a.get());
}
-
+
return dst;
}
-
virtual void dump(std::stringstream &out) const override {
out << "RuleWithActions" << std::endl;
}

4
src/rule_with_operator.cc
View File

@ -187,7 +187,7 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars,
trans->m_ruleRemoveTargetById.end(),
[&, variable, this](std::pair<int, std::string> &m) -> bool {
return m.first == getId()
&& m.second == *variable->m_fullName.get();
&& m.second == *variable->getVariableKeyWithCollection();
}) != trans->m_ruleRemoveTargetById.end()) {
continue;
}
@ -196,7 +196,7 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars,
[&, variable, trans, this](
std::pair<std::string, std::string> &m) -> bool {
return containsTag(m.first, trans)
&& m.second == *variable->m_fullName.get();
&& m.second == *variable->getVariableKeyWithCollection();
}) != trans->m_ruleRemoveTargetByTag.end()) {
continue;
}

5
src/variables/env.cc
View File

@ -47,11 +47,12 @@ void Env::evaluate(Transaction *transaction,
}
for (auto& x : transaction->m_variableEnvs) {
if (x.first != m_name && m_name.length() > 0) {
if (x.first != *getVariableKey() && getVariableKey()->length() > 0) {
continue;
}
if (!m_keyExclusion.toOmit(x.first)) {
l->emplace_back(std::make_shared<VariableValue>(&m_collectionName, &x.first, &x.second));
l->emplace_back(std::make_shared<VariableValue>(getVariableKeyWithCollection().get(),
&x.first, &x.second));
}
}
}

4
src/variables/global.h
View File

@ -42,7 +42,7 @@ class Global_DictElement : public Variable {
void evaluate(Transaction *t,
std::vector<std::shared_ptr<const VariableValue>> *l) override {
t->m_collections.m_global_collection->resolveMultiMatches(
m_name, t->m_collections.m_global_collection_key,
*getVariableKey(), t->m_collections.m_global_collection_key,
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
}
@ -86,7 +86,7 @@ class Global_DynamicElement : public VariableWithRunTimeString {
public:
explicit Global_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: VariableWithRunTimeString(
"GLOBAL:dynamic",
"GLOBAL",
std::move(dictElement)
)
{ };

2
src/variables/highest_severity.cc
View File

@ -30,7 +30,7 @@ void HighestSeverity::evaluate(Transaction *transaction,
std::vector<std::shared_ptr<const VariableValue>> *l) {
transaction->m_variableHighestSeverityAction.assign(
std::to_string(transaction->m_highestSeverityAction));
l->push_back(std::make_shared<VariableValue>(m_fullName.get(), &transaction->m_variableHighestSeverityAction));
l->push_back(std::make_shared<VariableValue>(getVariableKeyWithCollection().get(), &transaction->m_variableHighestSeverityAction));
}

4
src/variables/ip.h
View File

@ -42,7 +42,7 @@ class Ip_DictElement : public Variable {
void evaluate(Transaction *t,
std::vector<std::shared_ptr<const VariableValue>> *l) override {
t->m_collections.m_ip_collection->resolveMultiMatches(
m_name, t->m_collections.m_ip_collection_key,
*getVariableKey(), t->m_collections.m_ip_collection_key,
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
}
@ -85,7 +85,7 @@ class Ip_DynamicElement : public VariableWithRunTimeString {
public:
explicit Ip_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: VariableWithRunTimeString(
"IP:dynamic",
"IP",
std::move(dictElement)
)
{ }

8
src/variables/resource.h
View File

@ -42,7 +42,7 @@ class Resource_DictElement : public Variable {
void evaluate(Transaction *t,
std::vector<std::shared_ptr<const VariableValue>> *l) override {
t->m_collections.m_resource_collection->resolveMultiMatches(
m_name, t->m_collections.m_resource_collection_key,
*getVariableKey(), t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
}
@ -57,7 +57,7 @@ class Resource_NoDictElement : public Variable {
void evaluate(Transaction *t,
std::vector<std::shared_ptr<const VariableValue>> *l) override {
t->m_collections.m_resource_collection->resolveMultiMatches(m_name,
t->m_collections.m_resource_collection->resolveMultiMatches(*getVariableKey(),
t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
}
@ -67,7 +67,7 @@ class Resource_NoDictElement : public Variable {
class Resource_DictElementRegexp : public VariableRegex {
public:
explicit Resource_DictElementRegexp(const std::string &dictElement)
: VariableRegex("RESOURCE:", dictElement),
: VariableRegex("RESOURCE", dictElement),
m_dictElement(dictElement) { }
void evaluate(Transaction *t,
@ -85,7 +85,7 @@ class Resource_DynamicElement : public VariableWithRunTimeString {
public:
explicit Resource_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: VariableWithRunTimeString(
"RESOURCE:dynamic",
"RESOURCE",
std::move(dictElement)
)
{ }

4
src/variables/session.h
View File

@ -41,7 +41,7 @@ class Session_DictElement : public Variable {
void evaluate(Transaction *t,
std::vector<std::shared_ptr<const VariableValue>> *l) override {
t->m_collections.m_session_collection->resolveMultiMatches(
m_name, t->m_collections.m_session_collection_key,
*getVariableKey(), t->m_collections.m_session_collection_key,
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
}
@ -84,7 +84,7 @@ class Session_DynamicElement : public VariableWithRunTimeString {
public:
explicit Session_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: VariableWithRunTimeString(
"SESSION:dynamic",
"SESSION",
std::move(dictElement)
)
{ }

4
src/variables/tx.h
View File

@ -42,7 +42,7 @@ class Tx_DictElement : public Variable {
void evaluate(Transaction *t,
std::vector<std::shared_ptr<const VariableValue>> *l) override {
t->m_collections.m_tx_collection->resolveMultiMatches(
m_name, l, m_keyExclusion);
*getVariableKey(), l, m_keyExclusion);
}
std::string m_dictElement;
@ -82,7 +82,7 @@ class Tx_DynamicElement : public VariableWithRunTimeString {
public:
explicit Tx_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: VariableWithRunTimeString(
"TX:dynamic",
"TX",
std::move(dictElement)
)
{ }

6
src/variables/user.h
View File

@ -42,7 +42,7 @@ class User_DictElement : public Variable {
void evaluate(Transaction *t,
std::vector<std::shared_ptr<const VariableValue>> *l) override {
t->m_collections.m_user_collection->resolveMultiMatches(
m_name, t->m_collections.m_user_collection_key,
*getVariableKey(), t->m_collections.m_user_collection_key,
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
}
@ -57,7 +57,7 @@ class User_NoDictElement : public Variable {
void evaluate(Transaction *t,
std::vector<std::shared_ptr<const VariableValue>> *l) override {
t->m_collections.m_user_collection->resolveMultiMatches(m_name,
t->m_collections.m_user_collection->resolveMultiMatches(*getVariableKey(),
t->m_collections.m_user_collection_key,
t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion);
}
@ -85,7 +85,7 @@ class User_DynamicElement : public VariableWithRunTimeString {
public:
explicit User_DynamicElement(std::unique_ptr<RunTimeString> dictElement)
: VariableWithRunTimeString(
"USER:dynamic",
"USER",
std::move(dictElement)
)
{ }

32
src/variables/variable.cc
View File

@ -29,31 +29,25 @@ namespace variables {
Variable::Variable(const std::string &name)
: m_name(name),
m_collectionName("") {
size_t a = m_name.find(":");
: m_keyWithCollection(new std::string("")),
m_keyExclusion(),
m_collectionName(new std::string("")),
m_key(new std::string("")) {
size_t a = name.find(":");
if (a == std::string::npos) {
a = m_name.find(".");
a = name.find(".");
}
if (a != std::string::npos) {
m_collectionName = utils::string::toupper(std::string(m_name, 0, a));
m_name = std::string(m_name, a + 1, m_name.size());
m_fullName = std::make_shared<std::string>(m_collectionName
+ ":" + m_name);
m_collectionName->assign(utils::string::toupper(std::string(name, 0, a)));
m_key->assign(std::string(name, a + 1, name.size()));
m_keyWithCollection->assign(*m_collectionName.get() + ":" + std::string(name, a + 1, name.size()));
} else {
m_fullName = std::make_shared<std::string>(m_name);
m_collectionName = m_name;
m_name = "";
m_keyWithCollection->assign(name);
m_collectionName->assign(name);
}
}
Variable::Variable(Variable *var) :
m_name(var->m_name),
m_collectionName(var->m_collectionName),
m_fullName(var->m_fullName) { }
void Variable::addsKeyExclusion(Variable *v) {
std::unique_ptr<KeyExclusion> r;
VariableModificatorExclusion *ve = \
@ -67,7 +61,7 @@ void Variable::addsKeyExclusion(Variable *v) {
vr = dynamic_cast<VariableRegex *>(ve->m_base.get());
if (vr == NULL) {
r.reset(new KeyExclusionString(v->m_name));
r.reset(new KeyExclusionString(*v->getVariableKey()));
} else {
r.reset(new KeyExclusionRegex(vr->m_regex));
}
@ -77,7 +71,7 @@ void Variable::addsKeyExclusion(Variable *v) {
std::string operator+(const std::string &a, Variable *v) {
return a + *v->m_fullName.get();
return a + *v->getVariableKeyWithCollection();
}

98
src/variables/variable.h
View File

@ -554,26 +554,35 @@ class Variable : public VariableMonkeyResolution {
public:
explicit Variable(const std::string &name);
explicit Variable(Variable *_name);
Variable(const Variable &v)
: m_name(v.m_name),
m_collectionName(v.m_collectionName),
m_fullName(v.m_fullName),
m_keyExclusion(v.m_keyExclusion)
explicit Variable(Variable *var)
: m_keyWithCollection(var->m_keyWithCollection),
m_keyExclusion(var->m_keyExclusion),
m_collectionName(var->m_collectionName),
m_key(var->m_key)
{ };
virtual ~Variable() { }
Variable(const Variable &v)
: m_keyWithCollection(v.m_keyWithCollection),
m_keyExclusion(v.m_keyExclusion),
m_collectionName(v.m_collectionName),
m_key(v.m_key)
{ };
virtual ~Variable()
{ };
virtual void evaluate(Transaction *t,
std::vector<std::shared_ptr<const VariableValue>> *l) = 0;
bool inline belongsToCollection(Variable *var) {
return m_collectionName.size() == var->m_collectionName.size()
&& std::equal(m_collectionName.begin(), m_collectionName.end(),
var->m_collectionName.begin(),
bool inline belongsToCollection(Variable *var) const noexcept {
return m_collectionName->size() == var->m_collectionName->size()
&& std::equal(m_collectionName->begin(), m_collectionName->end(),
var->m_collectionName->begin(),
[](char aa, char bb) {
return toupper(aa) == bb;
});
@ -583,22 +592,65 @@ class Variable : public VariableMonkeyResolution {
void addsKeyExclusion(Variable *v);
bool operator==(const Variable& b) const {
return m_collectionName == b.m_collectionName &&
m_name == b.m_name &&
*m_fullName == *b.m_fullName;
bool operator==(const Variable& b) const noexcept {
return *m_collectionName == *b.m_collectionName &&
*m_key == *b.m_key &&
*m_keyWithCollection == *b.m_keyWithCollection;
}
std::string& operator+=(const char * p) { return m_name; }
std::string& operator+=(const char *p) { return *m_key; }
std::string m_name;
std::string m_collectionName;
std::shared_ptr<std::string> m_fullName;
/**
*
* Returns the variable key, if any is specified.
*
* 'ENV:a' will return 'a'
* 'ENV' will return a blank std::shared_ptr.
*
**/
std::shared_ptr<std::string> getVariableKey() const noexcept {
return m_key;
}
/**
*
* Returns the Collection name.
*
* 'ENV:a' will return 'ENV'
* 'ENV' will return 'ENV'
*
**/
std::shared_ptr<std::string> getVariableCollection() const noexcept {
return m_collectionName;
}
/**
*
* Returns the Collection with key name.
*
* 'ENV:a' will return 'ENV:a'
* 'ENV' will return 'ENV'
*
**/
std::shared_ptr<std::string> getVariableKeyWithCollection() const noexcept {
return m_keyWithCollection;
}
protected:
KeyExclusions m_keyExclusion;
private:
std::shared_ptr<std::string> m_keyWithCollection;
std::shared_ptr<std::string> m_key;
std::shared_ptr<std::string> m_collectionName;
};
class VariableDictElement : public Variable {
public:
VariableDictElement(const std::string &name, const std::string &dict_element)
@ -649,7 +701,7 @@ class Variables : public std::vector<Variable *> {
if (r) {
return r->m_r.searchAll(v->getKey()).size() > 0;
}
return v->getKeyWithCollection() == *m->m_fullName.get();
return v->getKeyWithCollection() == *m->getVariableKeyWithCollection();
}) != end();
};
@ -658,9 +710,9 @@ class Variables : public std::vector<Variable *> {
std::string names;
for (auto a : *this) {
if (names.length() > 0) {
names = names + sep + *a->m_fullName;
names = names + sep + *a->getVariableKeyWithCollection();
} else {
names = *a->m_fullName;
names = *a->getVariableKeyWithCollection();
}
}
return names;
@ -699,7 +751,7 @@ class VariableModificatorCount : public Variable {
auto count = reslIn.size();
std::string res(std::to_string(count));
l->push_back(std::make_shared<VariableValue>(m_fullName.get(), &res));
l->push_back(std::make_shared<VariableValue>(getVariableKeyWithCollection().get(), &res));
return;
}

3
src/variables/web_app_id.h
View File

@ -37,9 +37,8 @@ class WebAppId : public Variable {
void evaluate(Transaction *transaction,
std::vector<std::shared_ptr<const VariableValue>> *l) override {
const std::string name("WEBAPPID");
const std::string rname = transaction->m_rules->m_secWebAppId.m_value;
l->push_back(std::make_shared<VariableValue>(&m_name, &rname));
l->push_back(std::make_shared<VariableValue>(getVariableKeyWithCollection().get(), &rname));
}
};

6
src/variables/xml.cc
View File

@ -63,7 +63,7 @@ void XML_WithNSPath::evaluate(Transaction *t,
int i;
//size_t pos;
param = m_name;
param = *getVariableKey();
/*
pos = m_name.find_first_of(":");
if (pos == std::string::npos) {
@ -124,8 +124,8 @@ void XML_WithNSPath::evaluate(Transaction *t,
xmlNodeGetContent(nodes->nodeTab[i]));
if (content != NULL) {
std::string a(content);
if (!m_keyExclusion.toOmit(*m_fullName)) {
l->push_back(std::make_shared<VariableValue>(m_fullName.get(), &a));
if (!m_keyExclusion.toOmit(*getVariableKeyWithCollection())) {
l->push_back(std::make_shared<VariableValue>(getVariableKeyWithCollection().get(), &a));
}
xmlFree(content);
}

2
src/variables/xml.h
View File

@ -40,7 +40,7 @@ class XML_WithoutNSPath : public RuleVariable, public Variable {
: RuleVariable(),
Variable("XML"),
m_plain("[XML document tree]"),
m_var(std::make_shared<VariableValue>(&m_name, &m_plain))
m_var(std::make_shared<VariableValue>(getVariableKeyWithCollection().get(), &m_plain))
{ };
XML_WithoutNSPath(const XML_WithoutNSPath &r)