github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Using direct variable access instead m_collections

Browse Source
This commit is contained in:
Felipe Zimmerle 2018-01-28 02:31:11 -03:00
parent 43bba3f942
commit 6f7fdd9493
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
17 changed files with 247 additions and 447 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
headers/modsecurity/collection/collections.h
View File

@ -43,69 +43,12 @@ typedef struct Collections_t Collections;
namespace modsecurity { namespace modsecurity {
namespace collection { namespace collection {
class Collections : class Collections {
public std::unordered_map<std::string, Collection *> {
public: public:
Collections(Collection *global, Collection *ip, Collection *session, Collections(Collection *global, Collection *ip, Collection *session,
Collection *user, Collection *resource); Collection *user, Collection *resource);
~Collections(); ~Collections();
void store(std::string key, std::string value);
void storeOrUpdateFirst(const std::string& collectionName,
const std::string& variableName,
const std::string& targetValue);
void storeOrUpdateFirst(const std::string& collectionName,
const std::string& variableName,
const std::string& appid,
const std::string& targetValue);
bool storeOrUpdateFirst(const std::string &key, const std::string &value);
bool updateFirst(const std::string &key, const std::string &value);
void del(const std::string& key);
std::unique_ptr<std::string> resolveFirst(const std::string& var);
std::unique_ptr<std::string> resolveFirst(const std::string& collectionName,
const std::string& var);
std::unique_ptr<std::string> resolveFirst(const std::string& collectionName,
const std::string &appid, const std::string& var);
void resolveSingleMatch(const std::string& var,
std::vector<const Variable *> *l);
void resolveSingleMatch(const std::string& var,
const std::string& collection,
std::vector<const Variable *> *l);
void resolveSingleMatch(const std::string& var,
const std::string& collection,
const std::string& appid,
std::vector<const Variable *> *l);
void resolveMultiMatches(const std::string& var,
std::vector<const Variable *> *l);
void resolveMultiMatches(const std::string& var,
const std::string& collection,
std::vector<const Variable *> *l);
void resolveMultiMatches(const std::string& var,
const std::string& collection,
const std::string& appid,
std::vector<const Variable *> *l);
void resolveRegularExpression(const std::string& var,
std::vector<const Variable *> *l);
void resolveRegularExpression(const std::string& var,
const std::string& collection,
std::vector<const Variable *> *l);
void resolveRegularExpression(const std::string& var,
const std::string& collection,
const std::string& appid,
std::vector<const Variable *> *l);
/**
* This is a special collection to host the transaction variables.
*
* It exists independent of initialization and it is only valid during a transaction.
*
* Notice that it is not the TX collection.
*/
Collection *m_transient;
std::string m_global_collection_key; std::string m_global_collection_key;
std::string m_ip_collection_key; std::string m_ip_collection_key;
std::string m_session_collection_key; std::string m_session_collection_key;
@ -117,6 +60,7 @@ class Collections :
Collection *m_session_collection; Collection *m_session_collection;
Collection *m_user_collection; Collection *m_user_collection;
Collection *m_resource_collection; Collection *m_resource_collection;
Collection *m_tx_collection;
}; };
} // namespace collection } // namespace collection

3
src/actions/log_data.cc
View File

@ -33,7 +33,8 @@ bool LogData::evaluate(Rule *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
rm->m_data = data(transaction); rm->m_data = data(transaction);
transaction->m_collections.storeOrUpdateFirst("RULE:logdata", rm->m_data); transaction->m_variableRule.set("logdata", rm->m_data, 0);
return true; return true;
} }

2
src/actions/msg.cc
View File

@ -54,7 +54,7 @@ bool Msg::evaluate(Rule *rule, Transaction *transaction,
transaction->debug(9, "Saving msg: " + msg); transaction->debug(9, "Saving msg: " + msg);
#endif #endif
transaction->m_collections.storeOrUpdateFirst("RULE:msg", msg); transaction->m_variableRule.set("msg", msg, 0);
return true; return true;
} }

34
src/actions/set_var.cc
View File

@ -79,8 +79,21 @@ bool SetVar::evaluate(Rule *rule, Transaction *t) {
} else if (m_operation == setToOneOperation) { } else if (m_operation == setToOneOperation) {
targetValue = std::string("1"); targetValue = std::string("1");
} else if (m_operation == unsetOperation) { } else if (m_operation == unsetOperation) {
t->m_collections.del(m_variable->m_collectionName + ":" + if (tx) {
m_variableNameExpanded); tx->del(t, m_variableNameExpanded);
} else if (session) {
session->del(t, m_variableNameExpanded);
} else if (ip) {
ip->del(t, m_variableNameExpanded);
} else if (resource) {
resource->del(t, m_variableNameExpanded);
} else if (global) {
global->del(t, m_variableNameExpanded);
} else if (user) {
user->del(t, m_variableNameExpanded);
} else {
// ?
}
goto end; goto end;
} else { } else {
int pre = 0; int pre = 0;
@ -118,9 +131,26 @@ bool SetVar::evaluate(Rule *rule, Transaction *t) {
t->debug(8, "Saving variable: " + m_variable->m_collectionName \ t->debug(8, "Saving variable: " + m_variable->m_collectionName \
+ ":" + m_variableNameExpanded + " with value: " + targetValue); + ":" + m_variableNameExpanded + " with value: " + targetValue);
#endif #endif
if (tx) {
tx->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue);
} else if (session) {
session->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue);
} else if (ip) {
ip->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue);
} else if (resource) {
resource->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue);
} else if (global) {
global->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue);
} else if (user) {
user->storeOrUpdateFirst(t, m_variableNameExpanded, targetValue);
} else {
// ?
}
/*
t->m_collections.storeOrUpdateFirst(m_variable->m_collectionName, t->m_collections.storeOrUpdateFirst(m_variable->m_collectionName,
m_variableNameExpanded, m_variableNameExpanded,
t->m_rules->m_secWebAppId.m_value, targetValue); t->m_rules->m_secWebAppId.m_value, targetValue);
*/
end: end:
return true; return true;
} }

4
src/actions/severity.cc
View File

@ -84,8 +84,8 @@ bool Severity::evaluate(Rule *rule, Transaction *transaction,
transaction->m_highestSeverityAction = this->m_severity; transaction->m_highestSeverityAction = this->m_severity;
} }
transaction->m_collections.storeOrUpdateFirst("RULE:severity", transaction->m_variableRule.set("severity", std::to_string(m_severity), 0);
std::to_string(m_severity));
return true; return true;
} }

302
src/collection/collections.cc
View File

@ -44,309 +44,11 @@ Collections::Collections(Collection *global,
m_ip_collection(ip), m_ip_collection(ip),
m_session_collection(session), m_session_collection(session),
m_user_collection(user), m_user_collection(user),
m_transient(new backend::InMemoryPerProcess()) { m_tx_collection(new backend::InMemoryPerProcess()) { }
/* Create collection TX */
this->emplace("TX", new backend::InMemoryPerProcess());
}
Collections::~Collections() { Collections::~Collections() { }
for (const auto &thing : *this) {
delete thing.second;
}
delete m_transient;
this->clear();
}
void Collections::storeOrUpdateFirst(const std::string& collectionName,
const std::string& variableName,
const std::string& targetValue) {
storeOrUpdateFirst(collectionName, variableName, "", targetValue);
}
void Collections::storeOrUpdateFirst(const std::string& collectionName,
const std::string& variableName, const std::string& appid,
const std::string& targetValue) {
if (utils::string::tolower(collectionName) == "ip"
&& !m_ip_collection_key.empty()) {
m_ip_collection->storeOrUpdateFirst(collectionName + ":"
+ variableName, m_ip_collection_key, targetValue);
return;
}
if (utils::string::tolower(collectionName) == "global"
&& !m_global_collection_key.empty()) {
m_global_collection->storeOrUpdateFirst(collectionName + ":"
+ variableName, m_global_collection_key, targetValue);
return;
}
if (utils::string::tolower(collectionName) == "resource"
&& !m_resource_collection_key.empty()) {
m_resource_collection->storeOrUpdateFirst(collectionName + ":"
+ variableName, m_resource_collection_key, appid, targetValue);
return;
}
if (utils::string::tolower(collectionName) == "session"
&& !m_session_collection_key.empty()) {
m_session_collection->storeOrUpdateFirst(collectionName + ":"
+ variableName, m_session_collection_key, appid, targetValue);
return;
}
try {
Collection *collection;
collection = this->at(collectionName);
collection->storeOrUpdateFirst(collectionName + ":"
+ variableName, targetValue);
} catch (...) {
#if 0
debug(9, "don't know any collection named: "
+ collectionName + ". it was created?");
#endif
}
}
void Collections::store(std::string key, std::string value) {
m_transient->store(key, value);
}
bool Collections::storeOrUpdateFirst(const std::string &key,
const std::string &value) {
return m_transient->storeOrUpdateFirst(key, value);
}
bool Collections::updateFirst(const std::string &key,
const std::string &value) {
return m_transient->updateFirst(key, value);
}
void Collections::del(const std::string& key) {
return m_transient->del(key);
}
std::unique_ptr<std::string> Collections::resolveFirst(const std::string& var) {
std::unique_ptr<std::string> transientVar = m_transient->resolveFirst(var);
if (transientVar != NULL) {
return transientVar;
}
for (auto &a : *this) {
std::unique_ptr<std::string> res = a.second->resolveFirst(
utils::string::toupper(a.first) + ":" + var);
if (res != NULL) {
return res;
}
}
return nullptr;
}
std::unique_ptr<std::string> Collections::resolveFirst(
const std::string& collectionName, const std::string& var) {
return resolveFirst(collectionName, "", var);
}
std::unique_ptr<std::string> Collections::resolveFirst(
const std::string& collectionName, const std::string &appid,
const std::string& var) {
if (utils::string::tolower(collectionName) == "ip"
&& !m_ip_collection_key.empty()) {
return m_ip_collection->resolveFirst(
utils::string::toupper(collectionName)
+ ":" + var, m_ip_collection_key);
}
if (utils::string::tolower(collectionName) == "global"
&& !m_global_collection_key.empty()) {
return m_global_collection->resolveFirst(
utils::string::toupper(collectionName)
+ ":" + var, m_global_collection_key);
}
if (utils::string::tolower(collectionName) == "resource"
&& !m_resource_collection_key.empty()) {
return m_resource_collection->resolveFirst(
utils::string::toupper(collectionName)
+ ":" + var, m_resource_collection_key, appid);
}
if (utils::string::tolower(collectionName) == "session"
&& !m_session_collection_key.empty()) {
return m_session_collection->resolveFirst(
utils::string::toupper(collectionName)
+ ":" + var, m_session_collection_key, appid);
}
for (auto &a : *this) {
if (utils::string::tolower(a.first)
== utils::string::tolower(collectionName)) {
std::unique_ptr<std::string> res = a.second->resolveFirst(
utils::string::toupper(a.first)
+ ":" + var);
if (res != NULL) {
return res;
}
}
}
return NULL;
}
void Collections::resolveSingleMatch(const std::string& var,
std::vector<const Variable *> *l) {
m_transient->resolveSingleMatch(var, l);
}
void Collections::resolveSingleMatch(const std::string& var,
const std::string& collection,
std::vector<const Variable *> *l) {
resolveSingleMatch(var, collection, "", l);
}
void Collections::resolveSingleMatch(const std::string& var,
const std::string& collection, const std::string& appid,
std::vector<const Variable *> *l) {
if (utils::string::tolower(collection) == "ip"
&& !m_ip_collection_key.empty()) {
m_ip_collection->resolveSingleMatch(var, m_ip_collection_key, l);
return;
}
if (utils::string::tolower(collection) == "global"
&& !m_global_collection_key.empty()) {
m_global_collection->resolveSingleMatch(var,
m_global_collection_key, l);
return;
}
if (utils::string::tolower(collection) == "resource"
&& !m_resource_collection_key.empty()) {
m_resource_collection->resolveSingleMatch(var,
m_resource_collection_key, appid, l);
return;
}
if (utils::string::tolower(collection) == "session"
&& !m_session_collection_key.empty()) {
m_session_collection->resolveSingleMatch(var,
m_session_collection_key, appid, l);
return;
}
try {
this->at(collection)->resolveSingleMatch(var, l);
} catch (...) { }
}
void Collections::resolveMultiMatches(const std::string& var,
std::vector<const Variable *> *l) {
m_transient->resolveMultiMatches(var, l);
}
void Collections::resolveMultiMatches(const std::string& var,
const std::string& collection,
std::vector<const Variable *> *l) {
return resolveMultiMatches(var, collection, "", l);
}
void Collections::resolveMultiMatches(const std::string& var,
const std::string& collection, const std::string &appid,
std::vector<const Variable *> *l) {
if (utils::string::tolower(collection) == "ip"
&& !m_ip_collection_key.empty()) {
m_ip_collection->resolveMultiMatches(var, m_ip_collection_key, l);
return;
}
if (utils::string::tolower(collection) == "global"
&& !m_global_collection_key.empty()) {
m_global_collection->resolveMultiMatches(var,
m_global_collection_key, l);
return;
}
if (utils::string::tolower(collection) == "resource"
&& !m_resource_collection_key.empty()) {
m_resource_collection->resolveMultiMatches(var,
m_resource_collection_key, appid, l);
return;
}
if (utils::string::tolower(collection) == "session"
&& !m_session_collection_key.empty()) {
m_session_collection->resolveMultiMatches(var,
m_session_collection_key, appid, l);
return;
}
try {
this->at(collection)->resolveMultiMatches(var, l);
} catch (...) { }
}
void Collections::resolveRegularExpression(const std::string& var,
std::vector<const Variable *> *l) {
m_transient->resolveRegularExpression(var, l);
}
void Collections::resolveRegularExpression(const std::string& var,
const std::string& collection,
std::vector<const Variable *> *l) {
return resolveRegularExpression(var, collection, "", l);
}
void Collections::resolveRegularExpression(const std::string& var,
const std::string& collection, const std::string &appid,
std::vector<const Variable *> *l) {
if (utils::string::tolower(collection) == "ip"
&& !m_ip_collection_key.empty()) {
m_ip_collection->resolveRegularExpression(
utils::string::toupper(collection)
+ ":" + var, m_ip_collection_key, l);
return;
}
if (utils::string::tolower(collection) == "global"
&& !m_global_collection_key.empty()) {
m_global_collection->resolveRegularExpression(
utils::string::toupper(collection)
+ ":" + var, m_global_collection_key, l);
return;
}
if (utils::string::tolower(collection) == "resource"
&& !m_resource_collection_key.empty()) {
m_resource_collection->resolveRegularExpression(
utils::string::toupper(collection)
+ ":" + var, m_resource_collection_key, appid, l);
return;
}
if (utils::string::tolower(collection) == "session"
&& !m_session_collection_key.empty()) {
m_session_collection->resolveRegularExpression(
utils::string::toupper(collection)
+ ":" + var, m_session_collection_key, appid, l);
return;
}
try {
this->at(collection)->resolveRegularExpression(var, l);
} catch (...) { }
}
} // namespace collection } // namespace collection
} // namespace modsecurity } // namespace modsecurity

26
src/engine/lua.cc
View File

@ -363,8 +363,30 @@ int Lua::setvar(lua_State *L) {
return -1; return -1;
} }
t->m_collections.storeOrUpdateFirst(collection, if (collection == "TX") {
variableName, var_value); t->m_collections.m_tx_collection->storeOrUpdateFirst(
"TX:" + variableName, "", var_value);
}
else if (collection == "IP") {
t->m_collections.m_ip_collection->storeOrUpdateFirst(
"IP:" + variableName, t->m_collections.m_ip_collection_key,
var_value);
}
else if (collection == "GLOBAL") {
t->m_collections.m_global_collection->storeOrUpdateFirst(
"GLOBAL:" + variableName, t->m_collections.m_global_collection_key,
var_value);
}
else if (collection == "RESOURCE") {
t->m_collections.m_resource_collection->storeOrUpdateFirst(
"RESOURCE:" + variableName,
t->m_collections.m_resource_collection_key, var_value);
}
else if (collection == "SESSION") {
t->m_collections.m_session_collection->storeOrUpdateFirst(
"SESSION:" + variableName, t->m_collections.m_session_collection_key,
var_value);
}
return 0; return 0;
} }

2
src/operators/pm.cc
View File

@ -105,7 +105,7 @@ bool Pm::evaluate(Transaction *transaction, Rule *rule,
} }
if (capture && transaction && rc) { if (capture && transaction && rc) {
transaction->m_collections.storeOrUpdateFirst("TX", "0", transaction->m_collections.m_tx_collection->storeOrUpdateFirst("TX:0",
std::string(match)); std::string(match));
#ifndef NO_LOGS #ifndef NO_LOGS
transaction->debug(7, "Added pm match TX.0: " + \ transaction->debug(7, "Added pm match TX.0: " + \

4
src/operators/rx.cc
View File

@ -58,8 +58,8 @@ bool Rx::evaluate(Transaction *transaction, Rule *rule,
int i = 0; int i = 0;
matches.reverse(); matches.reverse();
for (const SMatch& a : matches) { for (const SMatch& a : matches) {
transaction->m_collections.storeOrUpdateFirst("TX", transaction->m_collections.m_tx_collection->storeOrUpdateFirst(
std::to_string(i), a.match); "TX:" + std::to_string(i), a.match);
#ifndef NO_LOGS #ifndef NO_LOGS
transaction->debug(7, "Added regex subexpression TX." + transaction->debug(7, "Added regex subexpression TX." +
std::to_string(i) + ": " + a.match); std::to_string(i) + ": " + a.match);

20
src/transaction.cc
View File

@ -51,6 +51,7 @@
#include "modsecurity/rule_message.h" #include "modsecurity/rule_message.h"
#include "modsecurity/rules_properties.h" #include "modsecurity/rules_properties.h"
#include "src/actions/disruptive/allow.h" #include "src/actions/disruptive/allow.h"
#include "src/variables/remote_user.h"
@ -1367,14 +1368,19 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
<< " "; << " ";
ss << utils::string::dash_if_empty(this->m_clientIpAddress.c_str()) << " "; ss << utils::string::dash_if_empty(this->m_clientIpAddress.c_str()) << " ";
/** TODO: Check variable */ /** TODO: Check variable */
Variables::RemoteUser *r = new Variables::RemoteUser("REMOTE_USER");
std::vector<const collection::Variable *> l;
r->evaluate(this, NULL, &l);
delete r;
ss << utils::string::dash_if_empty( ss << utils::string::dash_if_empty(
m_collections.resolveFirst("REMOTE_USER").get()); m_variableRemoteUser.c_str());
ss << " "; ss << " ";
/** TODO: Check variable */ /** TODO: Check variable */
ss << utils::string::dash_if_empty( //ss << utils::string::dash_if_empty(
this->m_collections.resolveFirst("LOCAL_USER").get()); // this->m_collections.resolveFirst("LOCAL_USER").get());
ss << " "; //ss << " ";
ss << tstr << " "; //ss << tstr << " ";
ss << "\""; ss << "\"";
ss << utils::string::dash_if_empty(m_variableRequestMethod.evaluate()); ss << utils::string::dash_if_empty(m_variableRequestMethod.evaluate());
@ -1387,7 +1393,7 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
ss << this->m_responseBody.tellp() << " "; ss << this->m_responseBody.tellp() << " ";
/** TODO: Check variable */ /** TODO: Check variable */
ss << utils::string::dash_if_empty( ss << utils::string::dash_if_empty(
this->m_collections.resolveFirst("REFERER").get()) << " "; m_variableRequestHeaders.resolveFirst("REFERER").get()) << " ";
ss << "\""; ss << "\"";
ss << utils::string::dash_if_empty( ss << utils::string::dash_if_empty(
m_variableRequestHeaders.resolveFirst("User-Agent").get()); m_variableRequestHeaders.resolveFirst("User-Agent").get());
@ -1395,7 +1401,7 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
ss << this->m_id << " "; ss << this->m_id << " ";
/** TODO: Check variable */ /** TODO: Check variable */
ss << utils::string::dash_if_empty( ss << utils::string::dash_if_empty(
this->m_collections.resolveFirst("REFERER").get()) << " "; m_variableRequestHeaders.resolveFirst("REFERER").get()) << " ";
ss << filename << " "; ss << filename << " ";
ss << "0" << " "; ss << "0" << " ";

36
src/variables/global.h
View File

@ -37,11 +37,11 @@ class Global_DictElement : public Variable {
: Variable("GLOBAL"), : Variable("GLOBAL"),
m_dictElement("GLOBAL:" + dictElement) { } m_dictElement("GLOBAL:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_dictElement, t->m_collections.m_global_collection->resolveMultiMatches(
"GLOBAL", l); m_dictElement, t->m_collections.m_global_collection_key, l);
} }
std::string m_dictElement; std::string m_dictElement;
@ -53,10 +53,11 @@ class Global_NoDictElement : public Variable {
Global_NoDictElement() Global_NoDictElement()
: Variable("GLOBAL") { } : Variable("GLOBAL") { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_name, "GLOBAL", l); t->m_collections.m_global_collection->resolveMultiMatches(m_name,
t->m_collections.m_global_collection_key, l);
} }
}; };
@ -68,11 +69,11 @@ class Global_DictElementRegexp : public Variable {
m_r(dictElement), m_r(dictElement),
m_dictElement("GLOBAL:" + dictElement) { } m_dictElement("GLOBAL:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveRegularExpression(m_dictElement, t->m_collections.m_global_collection->resolveRegularExpression(
"GLOBAL", l); m_dictElement, t->m_collections.m_global_collection_key, l);
} }
Utils::Regex m_r; Utils::Regex m_r;
@ -86,11 +87,24 @@ class Global_DynamicElement : public Variable {
: Variable("GLOBAL:dynamic"), : Variable("GLOBAL:dynamic"),
m_string(std::move(dictElement)) { } m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction); std::string string = m_string->evaluate(t);
transaction->m_collections.resolveMultiMatches("GLOBAL:" + string, "GLOBAL", l); t->m_collections.m_global_collection->resolveMultiMatches(
"GLOBAL:" + string, t->m_collections.m_global_collection_key, l);
}
void del(Transaction *t, std::string k) {
t->m_collections.m_global_collection->del(k,
t->m_collections.m_global_collection_key);
}
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_global_collection->storeOrUpdateFirst(
"GLOBAL:" + var, t->m_collections.m_global_collection_key, value);
} }
std::unique_ptr<RunTimeString> m_string; std::unique_ptr<RunTimeString> m_string;

35
src/variables/ip.h
View File

@ -37,10 +37,12 @@ class Ip_DictElement : public Variable {
: Variable("IP:" + dictElement), : Variable("IP:" + dictElement),
m_dictElement("IP:" + dictElement) { } m_dictElement("IP:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_dictElement, "IP", l); t->m_collections.m_ip_collection->resolveMultiMatches(m_dictElement,
t->m_collections.m_ip_collection_key, l);
} }
std::string m_dictElement; std::string m_dictElement;
@ -52,10 +54,11 @@ class Ip_NoDictElement : public Variable {
Ip_NoDictElement() Ip_NoDictElement()
: Variable("IP") { } : Variable("IP") { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_name, "IP", l); t->m_collections.m_ip_collection->resolveMultiMatches(m_name,
t->m_collections.m_ip_collection_key, l);
} }
}; };
@ -67,11 +70,11 @@ class Ip_DictElementRegexp : public Variable {
m_r(dictElement), m_r(dictElement),
m_dictElement("IP:" + dictElement) { } m_dictElement("IP:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveRegularExpression(m_dictElement, t->m_collections.m_ip_collection->resolveRegularExpression(m_dictElement,
"IP", l); t->m_collections.m_ip_collection_key, l);
} }
Utils::Regex m_r; Utils::Regex m_r;
@ -85,11 +88,23 @@ class Ip_DynamicElement : public Variable {
: Variable("IP:dynamic"), : Variable("IP:dynamic"),
m_string(std::move(dictElement)) { } m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction); std::string string = m_string->evaluate(t);
transaction->m_collections.resolveMultiMatches("IP:" + string, "IP", l); t->m_collections.m_ip_collection->resolveMultiMatches("IP:" + string,
t->m_collections.m_ip_collection_key, l);
}
void del(Transaction *t, std::string k) {
t->m_collections.m_ip_collection->del(k,
t->m_collections.m_ip_collection_key);
}
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_ip_collection->storeOrUpdateFirst(
"IP:" + var, t->m_collections.m_ip_collection_key, value);
} }
std::unique_ptr<RunTimeString> m_string; std::unique_ptr<RunTimeString> m_string;

43
src/variables/resource.h
View File

@ -37,11 +37,12 @@ class Resource_DictElement : public Variable {
: Variable("RESOURCE:" + dictElement), : Variable("RESOURCE:" + dictElement),
m_dictElement("RESOURCE:" + dictElement) { } m_dictElement("RESOURCE:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_dictElement, t->m_collections.m_resource_collection->resolveMultiMatches(m_dictElement,
"RESOURCE", transaction->m_rules->m_secWebAppId.m_value, l); t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
} }
std::string m_dictElement; std::string m_dictElement;
@ -53,11 +54,12 @@ class Resource_NoDictElement : public Variable {
Resource_NoDictElement() Resource_NoDictElement()
: Variable("RESOURCE") { } : Variable("RESOURCE") { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_name, "RESOURCE", t->m_collections.m_resource_collection->resolveMultiMatches(m_name,
transaction->m_rules->m_secWebAppId.m_value, l); t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
} }
}; };
@ -69,11 +71,12 @@ class Resource_DictElementRegexp : public Variable {
m_r(dictElement), m_r(dictElement),
m_dictElement("RESOURCE:" + dictElement) { } m_dictElement("RESOURCE:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveRegularExpression(m_dictElement, t->m_collections.m_resource_collection->resolveRegularExpression(
"RESOURCE", transaction->m_rules->m_secWebAppId.m_value, l); m_dictElement, t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
} }
Utils::Regex m_r; Utils::Regex m_r;
@ -87,11 +90,27 @@ class Resource_DynamicElement : public Variable {
: Variable("RESOURCE:dynamic"), : Variable("RESOURCE:dynamic"),
m_string(std::move(dictElement)) { } m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction); std::string string = m_string->evaluate(t);
transaction->m_collections.resolveMultiMatches("RESOURCE:" + string, "RESOURCE", l); t->m_collections.m_resource_collection->resolveMultiMatches(
"RESOURCE:" + string,
t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
}
void del(Transaction *t, std::string k) {
t->m_collections.m_resource_collection->del(k,
t->m_collections.m_resource_collection_key);
}
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_resource_collection->storeOrUpdateFirst(
"RESOURCE:" + var,
t->m_collections.m_resource_collection_key,
t->m_rules->m_secWebAppId.m_value, value);
} }
std::unique_ptr<RunTimeString> m_string; std::unique_ptr<RunTimeString> m_string;

41
src/variables/session.h
View File

@ -37,11 +37,12 @@ class Session_DictElement : public Variable {
: Variable("SESSION"), : Variable("SESSION"),
m_dictElement("SESSION:" + dictElement) { } m_dictElement("SESSION:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_dictElement, t->m_collections.m_session_collection->resolveMultiMatches(
"SESSION", transaction->m_rules->m_secWebAppId.m_value, l); m_dictElement, t->m_collections.m_session_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
} }
std::string m_dictElement; std::string m_dictElement;
@ -53,11 +54,12 @@ class Session_NoDictElement : public Variable {
Session_NoDictElement() Session_NoDictElement()
: Variable("SESSION") { } : Variable("SESSION") { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_name, "SESSION", t->m_collections.m_session_collection->resolveMultiMatches(m_name,
transaction->m_rules->m_secWebAppId.m_value, l); t->m_collections.m_session_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
} }
}; };
@ -69,11 +71,12 @@ class Session_DictElementRegexp : public Variable {
m_r(dictElement), m_r(dictElement),
m_dictElement("SESSION:" + dictElement) { } m_dictElement("SESSION:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveRegularExpression(m_dictElement, t->m_collections.m_session_collection->resolveRegularExpression(m_dictElement,
"SESSION", transaction->m_rules->m_secWebAppId.m_value, l); t->m_collections.m_session_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
} }
Utils::Regex m_r; Utils::Regex m_r;
@ -87,11 +90,25 @@ class Session_DynamicElement : public Variable {
: Variable("SESSION:dynamic"), : Variable("SESSION:dynamic"),
m_string(std::move(dictElement)) { } m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction); std::string string = m_string->evaluate(t);
transaction->m_collections.resolveMultiMatches("SESSION:" + string, "SESSION", l); t->m_collections.m_session_collection->resolveMultiMatches(
"SESSION:" + string,
t->m_collections.m_session_collection_key, l);
}
void del(Transaction *t, std::string k) {
t->m_collections.m_session_collection->del(k,
t->m_collections.m_session_collection_key);
}
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_session_collection->storeOrUpdateFirst(
"SESSION:" + var, t->m_collections.m_session_collection_key,
value);
} }
std::unique_ptr<RunTimeString> m_string; std::unique_ptr<RunTimeString> m_string;

32
src/variables/tx.h
View File

@ -37,10 +37,11 @@ class Tx_DictElement : public Variable {
: Variable("TX:" + dictElement), : Variable("TX:" + dictElement),
m_dictElement("TX:" + dictElement) { } m_dictElement("TX:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_dictElement, "TX", l); t->m_collections.m_tx_collection->resolveMultiMatches(
m_dictElement, l);
} }
std::string m_dictElement; std::string m_dictElement;
@ -52,10 +53,10 @@ class Tx_NoDictElement : public Variable {
Tx_NoDictElement() Tx_NoDictElement()
: Variable("TX") { } : Variable("TX") { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_name, "TX", l); t->m_collections.m_tx_collection->resolveMultiMatches(m_name, l);
} }
}; };
@ -67,11 +68,11 @@ class Tx_DictElementRegexp : public Variable {
m_r(dictElement), m_r(dictElement),
m_dictElement("TX:" + dictElement) { } m_dictElement("TX:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveRegularExpression(m_dictElement, t->m_collections.m_tx_collection->resolveRegularExpression(
"TX", l); m_dictElement, l);
} }
Utils::Regex m_r; Utils::Regex m_r;
@ -85,11 +86,22 @@ class Tx_DynamicElement : public Variable {
: Variable("TX:dynamic"), : Variable("TX:dynamic"),
m_string(std::move(dictElement)) { } m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction); std::string string = m_string->evaluate(t);
transaction->m_collections.resolveMultiMatches("TX:" + string, "TX", l); t->m_collections.m_tx_collection->resolveMultiMatches(
"TX:" + string, l);
}
void del(Transaction *t, std::string k) {
t->m_collections.m_tx_collection->del(k);
}
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_tx_collection->storeOrUpdateFirst(
"TX:" + var, value);
} }
std::unique_ptr<RunTimeString> m_string; std::unique_ptr<RunTimeString> m_string;

40
src/variables/user.h
View File

@ -37,11 +37,12 @@ class User_DictElement : public Variable {
: Variable("USER"), : Variable("USER"),
m_dictElement("USER:" + dictElement) { } m_dictElement("USER:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_dictElement, t->m_collections.m_user_collection->resolveMultiMatches(
"USER", transaction->m_rules->m_secWebAppId.m_value, l); m_dictElement, t->m_collections.m_user_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
} }
std::string m_dictElement; std::string m_dictElement;
@ -53,11 +54,12 @@ class User_NoDictElement : public Variable {
User_NoDictElement() User_NoDictElement()
: Variable("USER") { } : Variable("USER") { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveMultiMatches(m_name, "USER", t->m_collections.m_user_collection->resolveMultiMatches(m_name,
transaction->m_rules->m_secWebAppId.m_value, l); t->m_collections.m_user_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
} }
}; };
@ -69,11 +71,12 @@ class User_DictElementRegexp : public Variable {
m_r(dictElement), m_r(dictElement),
m_dictElement("USER:" + dictElement) { } m_dictElement("USER:" + dictElement) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
transaction->m_collections.resolveRegularExpression(m_dictElement, t->m_collections.m_user_collection->resolveRegularExpression(
"USER", transaction->m_rules->m_secWebAppId.m_value, l); m_dictElement, t->m_collections.m_user_collection_key,
t->m_rules->m_secWebAppId.m_value, l);
} }
Utils::Regex m_r; Utils::Regex m_r;
@ -87,11 +90,24 @@ class User_DynamicElement : public Variable {
: Variable("USER:dynamic"), : Variable("USER:dynamic"),
m_string(std::move(dictElement)) { } m_string(std::move(dictElement)) { }
void evaluate(Transaction *transaction, void evaluate(Transaction *t,
Rule *rule, Rule *rule,
std::vector<const collection::Variable *> *l) override { std::vector<const collection::Variable *> *l) override {
std::string string = m_string->evaluate(transaction); std::string string = m_string->evaluate(t);
transaction->m_collections.resolveMultiMatches("USER:" + string, "USER", l); t->m_collections.m_user_collection->resolveMultiMatches(
"USER:" + string, t->m_collections.m_user_collection_key, l);
}
void del(Transaction *t, std::string k) {
t->m_collections.m_user_collection->del(k,
t->m_collections.m_user_collection_key);
}
void storeOrUpdateFirst(Transaction *t, std::string var,
std::string value) {
t->m_collections.m_user_collection->storeOrUpdateFirst(
"USER:" + var, t->m_collections.m_user_collection_key,
value);
} }
std::unique_ptr<RunTimeString> m_string; std::unique_ptr<RunTimeString> m_string;

10
src/variables/variable.h
View File

@ -18,6 +18,7 @@
#include <list> #include <list>
#include <utility> #include <utility>
#include <memory> #include <memory>
#include <exception>
#include "modsecurity/transaction.h" #include "modsecurity/transaction.h"
#include "modsecurity/rule.h" #include "modsecurity/rule.h"
@ -32,6 +33,7 @@ namespace modsecurity {
class Transaction; class Transaction;
namespace Variables { namespace Variables {
class Variable { class Variable {
public: public:
/** /**
@ -191,7 +193,7 @@ class Variable {
} else if (comp(variable, "USERID")) { } else if (comp(variable, "USERID")) {
t->m_variableUserID.evaluate(l); t->m_variableUserID.evaluate(l);
} else { } else {
t->m_collections.resolveMultiMatches(variable, l); throw std::invalid_argument("Variable not found.");
} }
} else { } else {
std::string col = std::string(variable, 0, collection); std::string col = std::string(variable, 0, collection);
@ -244,7 +246,7 @@ class Variable {
} else if (comp(col, "FILES_TMPNAMES")) { } else if (comp(col, "FILES_TMPNAMES")) {
t->m_variableFilesTmpNames.resolve(var, l); t->m_variableFilesTmpNames.resolve(var, l);
} else { } else {
t->m_collections.resolveMultiMatches(col, var, l); throw std::invalid_argument("Variable not found.");
} }
} }
} }
@ -356,7 +358,7 @@ class Variable {
} else if (comp(variable, "USERID")) { } else if (comp(variable, "USERID")) {
vv = t->m_variableUserID.resolveFirst(); vv = t->m_variableUserID.resolveFirst();
} else { } else {
vv = t->m_collections.resolveFirst(variable); throw std::invalid_argument("Variable not found.");
} }
} else { } else {
std::string col = std::string(variable, 0, collection); std::string col = std::string(variable, 0, collection);
@ -409,7 +411,7 @@ class Variable {
} else if (comp(col, "FILES_TMPNAMES")) { } else if (comp(col, "FILES_TMPNAMES")) {
vv = t->m_variableFilesTmpNames.resolveFirst(var); vv = t->m_variableFilesTmpNames.resolveFirst(var);
} else { } else {
vv = t->m_collections.resolveFirst(col, var); throw std::invalid_argument("Variable not found.");
} }
} }
return std::string(*vv.get()); return std::string(*vv.get());