github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds RemoveNulls trasnformation

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-08-05 22:03:26 -03:00
parent 62d004cf04
commit 6dad6af4a9
7 changed files with 74 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/actions/transformations/remove_nulls.cc
View File

@ -15,6 +15,8 @@
#include "actions/transformations/remove_nulls.h" #include "actions/transformations/remove_nulls.h"
#include <string.h>
#include <iostream> #include <iostream>
#include <string> #include <string>
#include <algorithm> #include <algorithm>
@ -30,20 +32,31 @@ namespace ModSecurity {
namespace actions { namespace actions {
namespace transformations { namespace transformations {
RemoveNulls::RemoveNulls(std::string action)
: Transformation(action) {
this->action_kind = 1;
}
std::string RemoveNulls::evaluate(std::string value, std::string RemoveNulls::evaluate(std::string value,
Assay *assay) { Assay *assay) {
/** int64_t i, j;
* @todo Implement the transformation RemoveNulls
*/ char *input = reinterpret_cast<char *>(malloc(value.size()
assay->debug(4, "Transformation RemoveNulls is not implemented yet."); * sizeof(char)));
return value; memcpy(input, value.c_str(), value.size());
i = j = 0;
while (i < value.size()) {
if (input[i] != '\0') {
input[j] = input[i];
j++;
}
i++;
}
std::string ret(input, 0, j);
free(input);
return ret;
} }
} // namespace transformations } // namespace transformations
} // namespace actions } // namespace actions
} // namespace ModSecurity } // namespace ModSecurity

4
src/actions/transformations/remove_nulls.h
View File

@ -30,7 +30,9 @@ namespace transformations {
class RemoveNulls : public Transformation { class RemoveNulls : public Transformation {
public: public:
explicit RemoveNulls(std::string action); explicit RemoveNulls(std::string action)
: Transformation(action) { }
std::string evaluate(std::string exp, std::string evaluate(std::string exp,
Assay *assay) override; Assay *assay) override;
}; };

2
src/actions/transformations/transformation.cc
View File

@ -94,7 +94,7 @@ Transformation* Transformation::instantiate(std::string a) {
IF_MATCH(parity_zero_7bit) { return new ParityZero7bit(a); } IF_MATCH(parity_zero_7bit) { return new ParityZero7bit(a); }
IF_MATCH(remove_comments_char) { return new RemoveCommentsChar(a); } IF_MATCH(remove_comments_char) { return new RemoveCommentsChar(a); }
IF_MATCH(remove_comments) { return new RemoveComments(a); } IF_MATCH(remove_comments) { return new RemoveComments(a); }
IF_MATCH(remove_nulls) { return new RemoveNulls(a); } IF_MATCH(removeNulls) { return new RemoveNulls(a); }
IF_MATCH(remove_whitespace) { return new RemoveWhitespace(a); } IF_MATCH(remove_whitespace) { return new RemoveWhitespace(a); }
IF_MATCH(replace_comments) { return new ReplaceComments(a); } IF_MATCH(replace_comments) { return new ReplaceComments(a); }
IF_MATCH(replace_nulls) { return new ReplaceNulls(a); } IF_MATCH(replace_nulls) { return new ReplaceNulls(a); }

15
src/utils.cc
View File

@ -809,5 +809,20 @@ static unsigned char x2c(unsigned char *what) {
} }
std::string string_to_hex(const std::string& input) {
static const char* const lut = "0123456789ABCDEF";
size_t len = input.length();
std::string output;
output.reserve(2 * len);
for (size_t i = 0; i < len; ++i) {
const unsigned char c = input[i];
output.push_back(lut[c >> 4]);
output.push_back(lut[c & 15]);
}
return output;
}
} // namespace ModSecurity } // namespace ModSecurity

1
src/utils.h
View File

@ -40,6 +40,7 @@ namespace ModSecurity {
int html_entities_decode_inplace(unsigned char *input, int input_len); int html_entities_decode_inplace(unsigned char *input, int input_len);
int normalize_path_inplace(unsigned char *input, int input_len, int normalize_path_inplace(unsigned char *input, int input_len,
int win, int *changed); int win, int *changed);
std::string string_to_hex(const std::string& input);
} // namespace ModSecurity } // namespace ModSecurity
#define SRC_UTILS_H_ #define SRC_UTILS_H_

2
test/test-cases/secrules-language-tests

@ -1 +1 @@
Subproject commit e1671340cf078af3c904fca2be3e2266c5cef8b2 Subproject commit e56e51a9218909431328cd083b0e163a6ad7fab1

31
test/unit/unit_test.cc
View File

@ -22,8 +22,38 @@
#include "common/colors.h" #include "common/colors.h"
namespace modsecurity_test { namespace modsecurity_test {
std::string string_to_hex(const std::string& input) {
static const char* const lut = "0123456789ABCDEF";
size_t len = input.length();
std::string output;
output.reserve(2 * len);
for (size_t i = 0; i < len; ++i) {
const unsigned char c = input[i];
output.push_back(lut[c >> 4]);
output.push_back(lut[c & 15]);
}
return output;
}
void replaceAll(std::string *s, const std::string &search,
const char replace) {
for (size_t pos = 0; ; pos += 0) {
pos = s->find(search, pos);
if (pos == std::string::npos) {
break;
}
s->erase(pos, search.length());
s->insert(pos, &replace);
}
}
std::string UnitTest::print() { std::string UnitTest::print() {
std::stringstream i; std::stringstream i;
@ -63,6 +93,7 @@ UnitTest *UnitTest::from_yajl_node(yajl_val &node) {
u->param = YAJL_GET_STRING(val); u->param = YAJL_GET_STRING(val);
} else if (strcmp(key, "input") == 0) { } else if (strcmp(key, "input") == 0) {
u->input = YAJL_GET_STRING(val); u->input = YAJL_GET_STRING(val);
replaceAll(&(u->input), "\\0", '\0');
} else if (strcmp(key, "name") == 0) { } else if (strcmp(key, "name") == 0) {
u->name = YAJL_GET_STRING(val); u->name = YAJL_GET_STRING(val);
} else if (strcmp(key, "type") == 0) { } else if (strcmp(key, "type") == 0) {