github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support for RunTimeString

Browse Source 
Using RunTimeStrings instead of runtime parser for
macro expansion.
This commit is contained in:
Felipe Zimmerle 2018-01-09 20:39:09 -03:00
parent cd30509f3a
commit 6fe8655ed9
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
24 changed files with 7153 additions and 6775 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Makefile.am
View File

@ -272,6 +272,7 @@ libmodsecurity_la_SOURCES = \
debug_log/debug_log.cc \
debug_log/debug_log_writer.cc \
macro_expansion.cc \
run_time_string.cc \
rule.cc \
rule_message.cc \
rule_script.cc \

7
src/actions/disruptive/redirect.cc
View File

@ -30,17 +30,14 @@ namespace disruptive {
bool Redirect::init(std::string *error) {
m_url = m_parser_payload;
m_url = utils::string::parserSanitizer(m_url);
m_status = 302;
return true;
}
bool Redirect::evaluate(Rule *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
m_urlExpanded = MacroExpansion::expand(m_url, transaction);
std::shared_ptr<RuleMessage> rm) {
std::string m_urlExpanded(m_string->evaluate(transaction));
/* if it was changed before, lets keep it. */
if (transaction->m_it.status == 200) {
transaction->m_it.status = m_status;

12
src/actions/disruptive/redirect.h
View File

@ -18,6 +18,7 @@
#include "modsecurity/actions/action.h"
#include "modsecurity/rule_message.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_
#define SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_
@ -36,9 +37,11 @@ class Redirect : public Action {
public:
explicit Redirect(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind),
m_status(0),
m_urlExpanded(""),
m_url("") { }
m_status(0) { }
explicit Redirect(std::unique_ptr<RunTimeString> z)
: Action("redirert", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
@ -47,8 +50,7 @@ class Redirect : public Action {
private:
int m_status;
std::string m_urlExpanded;
std::string m_url;
std::unique_ptr<RunTimeString> m_string;
};

7
src/actions/init_col.cc
View File

@ -31,7 +31,7 @@ namespace actions {
bool InitCol::init(std::string *error) {
int posEquals = m_parser_payload.find("=");
if (m_parser_payload.size() < 8) {
if (m_parser_payload.size() < 2) {
error->assign("Something wrong with initcol format: too small");
return false;
}
@ -42,7 +42,6 @@ bool InitCol::init(std::string *error) {
}
m_collection_key = std::string(m_parser_payload, 0, posEquals);
m_collection_value = std::string(m_parser_payload, posEquals + 1);
if (m_collection_key != "ip" &&
m_collection_key != "global" &&
@ -57,9 +56,7 @@ bool InitCol::init(std::string *error) {
bool InitCol::evaluate(Rule *rule, Transaction *t) {
std::string collectionName;
collectionName = MacroExpansion::expand(m_collection_value, t);
std::string collectionName(m_string->evaluate(t));
if (m_collection_key == "ip") {
t->m_collections.m_ip_collection_key = collectionName;

7
src/actions/init_col.h
View File

@ -16,6 +16,7 @@
#include <string>
#include "modsecurity/actions/action.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_INIT_COL_H_
#define SRC_ACTIONS_INIT_COL_H_
@ -31,11 +32,15 @@ class InitCol : public Action {
public:
explicit InitCol(std::string action) : Action(action) { }
InitCol(std::string action, std::unique_ptr<RunTimeString> z)
: Action(action, RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
std::string m_collection_key;
std::string m_collection_value;
std::unique_ptr<RunTimeString> m_string;
};

3
src/actions/log_data.cc
View File

@ -39,7 +39,8 @@ bool LogData::evaluate(Rule *rule, Transaction *transaction,
}
std::string LogData::data(Transaction *transaction) {
return MacroExpansion::expand(m_parser_payload, transaction);
std::string a(m_string->evaluate(transaction));
return a;
}

7
src/actions/log_data.h
View File

@ -17,6 +17,7 @@
#include <memory>
#include "modsecurity/actions/action.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_LOG_DATA_H_
#define SRC_ACTIONS_LOG_DATA_H_
@ -33,10 +34,16 @@ class LogData : public Action {
explicit LogData(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
explicit LogData(std::unique_ptr<RunTimeString> z)
: Action("logdata", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
std::string data(Transaction *Transaction);
std::unique_ptr<RunTimeString> m_string;
};

5
src/actions/msg.cc
View File

@ -61,8 +61,9 @@ bool Msg::evaluate(Rule *rule, Transaction *transaction,
}
std::string Msg::data(Transaction *transaction) {
return MacroExpansion::expand(m_parser_payload, transaction);
std::string Msg::data(Transaction *t) {
std::string a(m_string->evaluate(t));
return a;
}

6
src/actions/msg.h
View File

@ -18,6 +18,7 @@
#include "modsecurity/actions/action.h"
#include "modsecurity/rule_message.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_MSG_H_
#define SRC_ACTIONS_MSG_H_
@ -34,10 +35,15 @@ class Msg : public Action {
explicit Msg(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
explicit Msg(std::unique_ptr<RunTimeString> z)
: Action("msg", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
std::string data(Transaction *Transaction);
std::unique_ptr<RunTimeString> m_string;
};

10
src/actions/set_rsc.cc
View File

@ -28,20 +28,12 @@ namespace actions {
bool SetRSC::init(std::string *error) {
m_collection_key = std::string(m_parser_payload, 0,
m_parser_payload.length());
if (m_collection_key.empty()) {
error->assign("Missing collection key");
return false;
}
return true;
}
bool SetRSC::evaluate(Rule *rule, Transaction *t) {
std::string colNameExpanded = MacroExpansion::expand(m_collection_key, t);
std::string colNameExpanded(m_string->evaluate(t));
#ifndef NO_LOGS
t->debug(8, "RESOURCE initiated with value: \'"

7
src/actions/set_rsc.h
View File

@ -16,6 +16,7 @@
#include <string>
#include "modsecurity/actions/action.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_SET_RSC_H_
#define SRC_ACTIONS_SET_RSC_H_
@ -32,11 +33,15 @@ class SetRSC : public Action {
explicit SetRSC(std::string _action)
: Action(_action) { }
explicit SetRSC(std::unique_ptr<RunTimeString> z)
: Action("setsrc", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
std::string m_collection_key;
std::unique_ptr<RunTimeString> m_string;
};

10
src/actions/set_sid.cc
View File

@ -28,20 +28,12 @@ namespace actions {
bool SetSID::init(std::string *error) {
m_collection_key = std::string(m_parser_payload, 0,
m_parser_payload.length());
if (m_collection_key.empty()) {
error->assign("Missing collection key");
return false;
}
return true;
}
bool SetSID::evaluate(Rule *rule, Transaction *t) {
std::string colNameExpanded = MacroExpansion::expand(m_collection_key, t);
std::string colNameExpanded(m_string->evaluate(t));
#ifndef NO_LOGS
t->debug(8, "Session ID initiated with value: \'"

7
src/actions/set_sid.h
View File

@ -16,6 +16,7 @@
#include <string>
#include "modsecurity/actions/action.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_SET_SID_H_
#define SRC_ACTIONS_SET_SID_H_
@ -32,11 +33,15 @@ class SetSID : public Action {
explicit SetSID(std::string _action)
: Action(_action) { }
explicit SetSID(std::unique_ptr<RunTimeString> z)
: Action("setsid", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
std::string m_collection_key;
std::unique_ptr<RunTimeString> m_string;
};

10
src/actions/set_uid.cc
View File

@ -28,20 +28,12 @@ namespace actions {
bool SetUID::init(std::string *error) {
m_collection_key = std::string(m_parser_payload, 0,
m_parser_payload.length());
if (m_collection_key.empty()) {
error->assign("Missing collection key");
return false;
}
return true;
}
bool SetUID::evaluate(Rule *rule, Transaction *t) {
std::string colNameExpanded = MacroExpansion::expand(m_collection_key, t);
std::string colNameExpanded(m_string->evaluate(t));
#ifndef NO_LOGS
t->debug(8, "User collection initiated with value: \'"

7
src/actions/set_uid.h
View File

@ -16,6 +16,7 @@
#include <string>
#include "modsecurity/actions/action.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_SET_UID_H_
#define SRC_ACTIONS_SET_UID_H_
@ -32,11 +33,15 @@ class SetUID : public Action {
explicit SetUID(std::string _action)
: Action(_action) { }
explicit SetUID(std::unique_ptr<RunTimeString> z)
: Action("setuid", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
std::string m_collection_key;
std::unique_ptr<RunTimeString> m_string;
};

2
src/actions/tag.cc
View File

@ -52,7 +52,7 @@ namespace actions {
std::string Tag::getName(Transaction *transaction) {
std::string tag = MacroExpansion::expand(m_parser_payload, transaction);
std::string tag(m_string->evaluate(transaction));
return tag;
}

7
src/actions/tag.h
View File

@ -17,6 +17,7 @@
#include <memory>
#include "modsecurity/actions/action.h"
#include "src/run_time_string.h"
#ifndef SRC_ACTIONS_TAG_H_
#define SRC_ACTIONS_TAG_H_
@ -33,10 +34,16 @@ class Tag : public Action {
explicit Tag(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
explicit Tag(std::unique_ptr<RunTimeString> z)
: Action("tag", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { }
std::string getName(Transaction *transaction);
bool evaluate(Rule *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
std::unique_ptr<RunTimeString> m_string;
};

2760
src/parser/seclang-parser.cc
View File

File diff suppressed because it is too large Load Diff

724
src/parser/seclang-parser.hh
View File

@ -765,6 +765,7 @@ namespace yy {
// "DIRECTIVE"
// "DIRECTIVE_SECRULESCRIPT"
// "FREE_TEXT"
// "FREE_TEXT_QUOTE_MACRO_EXPANSION"
// "OPERATOR"
// "OPERATOR_BEGINS_WITH"
// "OPERATOR_CONTAINS"
@ -830,20 +831,23 @@ namespace yy {
// op_before_init
char dummy2[sizeof(std::unique_ptr<Operator>)];
// run_time_string
char dummy3[sizeof(std::unique_ptr<RunTimeString>)];
// var
char dummy3[sizeof(std::unique_ptr<Variable>)];
char dummy4[sizeof(std::unique_ptr<Variable>)];
// act
// setvar_action
char dummy4[sizeof(std::unique_ptr<actions::Action>)];
char dummy5[sizeof(std::unique_ptr<actions::Action>)];
// variables
// variables_may_be_quoted
char dummy5[sizeof(std::unique_ptr<std::vector<std::unique_ptr<Variable> > > )];
char dummy6[sizeof(std::unique_ptr<std::vector<std::unique_ptr<Variable> > > )];
// actions
// actions_may_quoted
char dummy6[sizeof(std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > )];
char dummy7[sizeof(std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > )];
};
/// Symbol semantic values.
@ -1114,63 +1118,64 @@ namespace yy {
TOK_DIRECTIVE = 502,
TOK_DIRECTIVE_SECRULESCRIPT = 503,
TOK_FREE_TEXT = 504,
TOK_OPERATOR = 505,
TOK_OPERATOR_BEGINS_WITH = 506,
TOK_OPERATOR_CONTAINS = 507,
TOK_OPERATOR_CONTAINS_WORD = 508,
TOK_OPERATOR_DETECT_SQLI = 509,
TOK_OPERATOR_DETECT_XSS = 510,
TOK_OPERATOR_ENDS_WITH = 511,
TOK_OPERATOR_EQ = 512,
TOK_OPERATOR_FUZZY_HASH = 513,
TOK_OPERATOR_GE = 514,
TOK_OPERATOR_GEOLOOKUP = 515,
TOK_OPERATOR_GSB_LOOKUP = 516,
TOK_OPERATOR_GT = 517,
TOK_OPERATOR_INSPECT_FILE = 518,
TOK_OPERATOR_IP_MATCH = 519,
TOK_OPERATOR_IP_MATCH_FROM_FILE = 520,
TOK_OPERATOR_LE = 521,
TOK_OPERATOR_LT = 522,
TOK_OPERATOR_PM = 523,
TOK_OPERATOR_PM_FROM_FILE = 524,
TOK_OPERATOR_RBL = 525,
TOK_OPERATOR_RSUB = 526,
TOK_OPERATOR_RX = 527,
TOK_OPERATOR_RX_CONTENT_ONLY = 528,
TOK_OPERATOR_STR_EQ = 529,
TOK_OPERATOR_STR_MATCH = 530,
TOK_OPERATOR_UNCONDITIONAL_MATCH = 531,
TOK_OPERATOR_VALIDATE_BYTE_RANGE = 532,
TOK_OPERATOR_VALIDATE_DTD = 533,
TOK_OPERATOR_VALIDATE_HASH = 534,
TOK_OPERATOR_VALIDATE_SCHEMA = 535,
TOK_OPERATOR_VALIDATE_URL_ENCODING = 536,
TOK_OPERATOR_VALIDATE_UTF8_ENCODING = 537,
TOK_OPERATOR_VERIFY_CC = 538,
TOK_OPERATOR_VERIFY_CPF = 539,
TOK_OPERATOR_VERIFY_SSN = 540,
TOK_OPERATOR_WITHIN = 541,
TOK_OP_QUOTE = 542,
TOK_QUOTATION_MARK = 543,
TOK_RUN_TIME_VAR_BLD = 544,
TOK_RUN_TIME_VAR_DUR = 545,
TOK_RUN_TIME_VAR_HSV = 546,
TOK_RUN_TIME_VAR_REMOTE_USER = 547,
TOK_RUN_TIME_VAR_TIME = 548,
TOK_RUN_TIME_VAR_TIME_DAY = 549,
TOK_RUN_TIME_VAR_TIME_EPOCH = 550,
TOK_RUN_TIME_VAR_TIME_HOUR = 551,
TOK_RUN_TIME_VAR_TIME_MIN = 552,
TOK_RUN_TIME_VAR_TIME_MON = 553,
TOK_RUN_TIME_VAR_TIME_SEC = 554,
TOK_RUN_TIME_VAR_TIME_WDAY = 555,
TOK_RUN_TIME_VAR_TIME_YEAR = 556,
TOK_SETVAR_VARIABLE_PART = 557,
TOK_SETVAR_CONTENT_PART = 558,
TOK_VARIABLE = 559,
TOK_DICT_ELEMENT = 560,
TOK_DICT_ELEMENT_REGEXP = 561
TOK_FREE_TEXT_QUOTE_MACRO_EXPANSION = 505,
TOK_OPERATOR = 506,
TOK_OPERATOR_BEGINS_WITH = 507,
TOK_OPERATOR_CONTAINS = 508,
TOK_OPERATOR_CONTAINS_WORD = 509,
TOK_OPERATOR_DETECT_SQLI = 510,
TOK_OPERATOR_DETECT_XSS = 511,
TOK_OPERATOR_ENDS_WITH = 512,
TOK_OPERATOR_EQ = 513,
TOK_OPERATOR_FUZZY_HASH = 514,
TOK_OPERATOR_GE = 515,
TOK_OPERATOR_GEOLOOKUP = 516,
TOK_OPERATOR_GSB_LOOKUP = 517,
TOK_OPERATOR_GT = 518,
TOK_OPERATOR_INSPECT_FILE = 519,
TOK_OPERATOR_IP_MATCH = 520,
TOK_OPERATOR_IP_MATCH_FROM_FILE = 521,
TOK_OPERATOR_LE = 522,
TOK_OPERATOR_LT = 523,
TOK_OPERATOR_PM = 524,
TOK_OPERATOR_PM_FROM_FILE = 525,
TOK_OPERATOR_RBL = 526,
TOK_OPERATOR_RSUB = 527,
TOK_OPERATOR_RX = 528,
TOK_OPERATOR_RX_CONTENT_ONLY = 529,
TOK_OPERATOR_STR_EQ = 530,
TOK_OPERATOR_STR_MATCH = 531,
TOK_OPERATOR_UNCONDITIONAL_MATCH = 532,
TOK_OPERATOR_VALIDATE_BYTE_RANGE = 533,
TOK_OPERATOR_VALIDATE_DTD = 534,
TOK_OPERATOR_VALIDATE_HASH = 535,
TOK_OPERATOR_VALIDATE_SCHEMA = 536,
TOK_OPERATOR_VALIDATE_URL_ENCODING = 537,
TOK_OPERATOR_VALIDATE_UTF8_ENCODING = 538,
TOK_OPERATOR_VERIFY_CC = 539,
TOK_OPERATOR_VERIFY_CPF = 540,
TOK_OPERATOR_VERIFY_SSN = 541,
TOK_OPERATOR_WITHIN = 542,
TOK_OP_QUOTE = 543,
TOK_QUOTATION_MARK = 544,
TOK_RUN_TIME_VAR_BLD = 545,
TOK_RUN_TIME_VAR_DUR = 546,
TOK_RUN_TIME_VAR_HSV = 547,
TOK_RUN_TIME_VAR_REMOTE_USER = 548,
TOK_RUN_TIME_VAR_TIME = 549,
TOK_RUN_TIME_VAR_TIME_DAY = 550,
TOK_RUN_TIME_VAR_TIME_EPOCH = 551,
TOK_RUN_TIME_VAR_TIME_HOUR = 552,
TOK_RUN_TIME_VAR_TIME_MIN = 553,
TOK_RUN_TIME_VAR_TIME_MON = 554,
TOK_RUN_TIME_VAR_TIME_SEC = 555,
TOK_RUN_TIME_VAR_TIME_WDAY = 556,
TOK_RUN_TIME_VAR_TIME_YEAR = 557,
TOK_SETVAR_VARIABLE_PART = 558,
TOK_SETVAR_CONTENT_PART = 559,
TOK_VARIABLE = 560,
TOK_DICT_ELEMENT = 561,
TOK_DICT_ELEMENT_REGEXP = 562
};
};
@ -1212,6 +1217,8 @@ namespace yy {
basic_symbol (typename Base::kind_type t, const std::unique_ptr<Operator> v, const location_type& l);
basic_symbol (typename Base::kind_type t, const std::unique_ptr<RunTimeString> v, const location_type& l);
basic_symbol (typename Base::kind_type t, const std::unique_ptr<Variable> v, const location_type& l);
basic_symbol (typename Base::kind_type t, const std::unique_ptr<actions::Action> v, const location_type& l);
@ -2279,6 +2286,10 @@ namespace yy {
symbol_type
make_FREE_TEXT (const std::string& v, const location_type& l);
static inline
symbol_type
make_FREE_TEXT_QUOTE_MACRO_EXPANSION (const std::string& v, const location_type& l);
static inline
symbol_type
make_OPERATOR (const std::string& v, const location_type& l);
@ -2712,12 +2723,12 @@ namespace yy {
enum
{
yyeof_ = 0,
yylast_ = 1110, ///< Last index in yytable_.
yynnts_ = 16, ///< Number of nonterminal symbols.
yylast_ = 1513, ///< Last index in yytable_.
yynnts_ = 17, ///< Number of nonterminal symbols.
yyfinal_ = 287, ///< Termination state number.
yyterror_ = 1,
yyerrcode_ = 256,
yyntokens_ = 307 ///< Number of tokens.
yyntokens_ = 308 ///< Number of tokens.
};
@ -2790,9 +2801,9 @@ namespace yy {
275, 276, 277, 278, 279, 280, 281, 282, 283, 284,
285, 286, 287, 288, 289, 290, 291, 292, 293, 294,
295, 296, 297, 298, 299, 300, 301, 302, 303, 304,
305, 306
305, 306, 307
};
const unsigned int user_token_number_max_ = 561;
const unsigned int user_token_number_max_ = 562;
const token_number_type undef_token_ = 2;
if (static_cast<int>(t) <= yyeof_)
@ -2975,89 +2986,94 @@ namespace yy {
case 247: // "DIRECTIVE"
case 248: // "DIRECTIVE_SECRULESCRIPT"
case 249: // "FREE_TEXT"
case 250: // "OPERATOR"
case 251: // "OPERATOR_BEGINS_WITH"
case 252: // "OPERATOR_CONTAINS"
case 253: // "OPERATOR_CONTAINS_WORD"
case 254: // "OPERATOR_DETECT_SQLI"
case 255: // "OPERATOR_DETECT_XSS"
case 256: // "OPERATOR_ENDS_WITH"
case 257: // "OPERATOR_EQ"
case 258: // "OPERATOR_FUZZY_HASH"
case 259: // "OPERATOR_GE"
case 260: // "OPERATOR_GEOLOOKUP"
case 261: // "OPERATOR_GSB_LOOKUP"
case 262: // "OPERATOR_GT"
case 263: // "OPERATOR_INSPECT_FILE"
case 264: // "OPERATOR_IP_MATCH"
case 265: // "OPERATOR_IP_MATCH_FROM_FILE"
case 266: // "OPERATOR_LE"
case 267: // "OPERATOR_LT"
case 268: // "OPERATOR_PM"
case 269: // "OPERATOR_PM_FROM_FILE"
case 270: // "OPERATOR_RBL"
case 271: // "OPERATOR_RSUB"
case 272: // "OPERATOR_RX"
case 273: // "Operator RX (content only)"
case 274: // "OPERATOR_STR_EQ"
case 275: // "OPERATOR_STR_MATCH"
case 276: // "OPERATOR_UNCONDITIONAL_MATCH"
case 277: // "OPERATOR_VALIDATE_BYTE_RANGE"
case 278: // "OPERATOR_VALIDATE_DTD"
case 279: // "OPERATOR_VALIDATE_HASH"
case 280: // "OPERATOR_VALIDATE_SCHEMA"
case 281: // "OPERATOR_VALIDATE_URL_ENCODING"
case 282: // "OPERATOR_VALIDATE_UTF8_ENCODING"
case 283: // "OPERATOR_VERIFY_CC"
case 284: // "OPERATOR_VERIFY_CPF"
case 285: // "OPERATOR_VERIFY_SSN"
case 286: // "OPERATOR_WITHIN"
case 287: // "OP_QUOTE"
case 288: // "QUOTATION_MARK"
case 289: // "RUN_TIME_VAR_BLD"
case 290: // "RUN_TIME_VAR_DUR"
case 291: // "RUN_TIME_VAR_HSV"
case 292: // "RUN_TIME_VAR_REMOTE_USER"
case 293: // "RUN_TIME_VAR_TIME"
case 294: // "RUN_TIME_VAR_TIME_DAY"
case 295: // "RUN_TIME_VAR_TIME_EPOCH"
case 296: // "RUN_TIME_VAR_TIME_HOUR"
case 297: // "RUN_TIME_VAR_TIME_MIN"
case 298: // "RUN_TIME_VAR_TIME_MON"
case 299: // "RUN_TIME_VAR_TIME_SEC"
case 300: // "RUN_TIME_VAR_TIME_WDAY"
case 301: // "RUN_TIME_VAR_TIME_YEAR"
case 302: // "SETVAR_VARIABLE_PART"
case 303: // "SETVAR_CONTENT_PART"
case 304: // "VARIABLE"
case 305: // "Dictionary element"
case 306: // "Dictionary element, selected by regexp"
case 321: // setvar_variable
case 322: // setvar_content
case 250: // "FREE_TEXT_QUOTE_MACRO_EXPANSION"
case 251: // "OPERATOR"
case 252: // "OPERATOR_BEGINS_WITH"
case 253: // "OPERATOR_CONTAINS"
case 254: // "OPERATOR_CONTAINS_WORD"
case 255: // "OPERATOR_DETECT_SQLI"
case 256: // "OPERATOR_DETECT_XSS"
case 257: // "OPERATOR_ENDS_WITH"
case 258: // "OPERATOR_EQ"
case 259: // "OPERATOR_FUZZY_HASH"
case 260: // "OPERATOR_GE"
case 261: // "OPERATOR_GEOLOOKUP"
case 262: // "OPERATOR_GSB_LOOKUP"
case 263: // "OPERATOR_GT"
case 264: // "OPERATOR_INSPECT_FILE"
case 265: // "OPERATOR_IP_MATCH"
case 266: // "OPERATOR_IP_MATCH_FROM_FILE"
case 267: // "OPERATOR_LE"
case 268: // "OPERATOR_LT"
case 269: // "OPERATOR_PM"
case 270: // "OPERATOR_PM_FROM_FILE"
case 271: // "OPERATOR_RBL"
case 272: // "OPERATOR_RSUB"
case 273: // "OPERATOR_RX"
case 274: // "Operator RX (content only)"
case 275: // "OPERATOR_STR_EQ"
case 276: // "OPERATOR_STR_MATCH"
case 277: // "OPERATOR_UNCONDITIONAL_MATCH"
case 278: // "OPERATOR_VALIDATE_BYTE_RANGE"
case 279: // "OPERATOR_VALIDATE_DTD"
case 280: // "OPERATOR_VALIDATE_HASH"
case 281: // "OPERATOR_VALIDATE_SCHEMA"
case 282: // "OPERATOR_VALIDATE_URL_ENCODING"
case 283: // "OPERATOR_VALIDATE_UTF8_ENCODING"
case 284: // "OPERATOR_VERIFY_CC"
case 285: // "OPERATOR_VERIFY_CPF"
case 286: // "OPERATOR_VERIFY_SSN"
case 287: // "OPERATOR_WITHIN"
case 288: // "OP_QUOTE"
case 289: // "QUOTATION_MARK"
case 290: // "RUN_TIME_VAR_BLD"
case 291: // "RUN_TIME_VAR_DUR"
case 292: // "RUN_TIME_VAR_HSV"
case 293: // "RUN_TIME_VAR_REMOTE_USER"
case 294: // "RUN_TIME_VAR_TIME"
case 295: // "RUN_TIME_VAR_TIME_DAY"
case 296: // "RUN_TIME_VAR_TIME_EPOCH"
case 297: // "RUN_TIME_VAR_TIME_HOUR"
case 298: // "RUN_TIME_VAR_TIME_MIN"
case 299: // "RUN_TIME_VAR_TIME_MON"
case 300: // "RUN_TIME_VAR_TIME_SEC"
case 301: // "RUN_TIME_VAR_TIME_WDAY"
case 302: // "RUN_TIME_VAR_TIME_YEAR"
case 303: // "SETVAR_VARIABLE_PART"
case 304: // "SETVAR_CONTENT_PART"
case 305: // "VARIABLE"
case 306: // "Dictionary element"
case 307: // "Dictionary element, selected by regexp"
case 322: // setvar_variable
case 323: // setvar_content
value.copy< std::string > (other.value);
break;
case 313: // op
case 314: // op_before_init
case 314: // op
case 315: // op_before_init
value.copy< std::unique_ptr<Operator> > (other.value);
break;
case 318: // var
case 324: // run_time_string
value.copy< std::unique_ptr<RunTimeString> > (other.value);
break;
case 319: // var
value.copy< std::unique_ptr<Variable> > (other.value);
break;
case 319: // act
case 320: // setvar_action
case 320: // act
case 321: // setvar_action
value.copy< std::unique_ptr<actions::Action> > (other.value);
break;
case 316: // variables
case 317: // variables_may_be_quoted
case 317: // variables
case 318: // variables_may_be_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (other.value);
break;
case 311: // actions
case 312: // actions_may_quoted
case 312: // actions
case 313: // actions_may_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > > (other.value);
break;
@ -3228,89 +3244,94 @@ namespace yy {
case 247: // "DIRECTIVE"
case 248: // "DIRECTIVE_SECRULESCRIPT"
case 249: // "FREE_TEXT"
case 250: // "OPERATOR"
case 251: // "OPERATOR_BEGINS_WITH"
case 252: // "OPERATOR_CONTAINS"
case 253: // "OPERATOR_CONTAINS_WORD"
case 254: // "OPERATOR_DETECT_SQLI"
case 255: // "OPERATOR_DETECT_XSS"
case 256: // "OPERATOR_ENDS_WITH"
case 257: // "OPERATOR_EQ"
case 258: // "OPERATOR_FUZZY_HASH"
case 259: // "OPERATOR_GE"
case 260: // "OPERATOR_GEOLOOKUP"
case 261: // "OPERATOR_GSB_LOOKUP"
case 262: // "OPERATOR_GT"
case 263: // "OPERATOR_INSPECT_FILE"
case 264: // "OPERATOR_IP_MATCH"
case 265: // "OPERATOR_IP_MATCH_FROM_FILE"
case 266: // "OPERATOR_LE"
case 267: // "OPERATOR_LT"
case 268: // "OPERATOR_PM"
case 269: // "OPERATOR_PM_FROM_FILE"
case 270: // "OPERATOR_RBL"
case 271: // "OPERATOR_RSUB"
case 272: // "OPERATOR_RX"
case 273: // "Operator RX (content only)"
case 274: // "OPERATOR_STR_EQ"
case 275: // "OPERATOR_STR_MATCH"
case 276: // "OPERATOR_UNCONDITIONAL_MATCH"
case 277: // "OPERATOR_VALIDATE_BYTE_RANGE"
case 278: // "OPERATOR_VALIDATE_DTD"
case 279: // "OPERATOR_VALIDATE_HASH"
case 280: // "OPERATOR_VALIDATE_SCHEMA"
case 281: // "OPERATOR_VALIDATE_URL_ENCODING"
case 282: // "OPERATOR_VALIDATE_UTF8_ENCODING"
case 283: // "OPERATOR_VERIFY_CC"
case 284: // "OPERATOR_VERIFY_CPF"
case 285: // "OPERATOR_VERIFY_SSN"
case 286: // "OPERATOR_WITHIN"
case 287: // "OP_QUOTE"
case 288: // "QUOTATION_MARK"
case 289: // "RUN_TIME_VAR_BLD"
case 290: // "RUN_TIME_VAR_DUR"
case 291: // "RUN_TIME_VAR_HSV"
case 292: // "RUN_TIME_VAR_REMOTE_USER"
case 293: // "RUN_TIME_VAR_TIME"
case 294: // "RUN_TIME_VAR_TIME_DAY"
case 295: // "RUN_TIME_VAR_TIME_EPOCH"
case 296: // "RUN_TIME_VAR_TIME_HOUR"
case 297: // "RUN_TIME_VAR_TIME_MIN"
case 298: // "RUN_TIME_VAR_TIME_MON"
case 299: // "RUN_TIME_VAR_TIME_SEC"
case 300: // "RUN_TIME_VAR_TIME_WDAY"
case 301: // "RUN_TIME_VAR_TIME_YEAR"
case 302: // "SETVAR_VARIABLE_PART"
case 303: // "SETVAR_CONTENT_PART"
case 304: // "VARIABLE"
case 305: // "Dictionary element"
case 306: // "Dictionary element, selected by regexp"
case 321: // setvar_variable
case 322: // setvar_content
case 250: // "FREE_TEXT_QUOTE_MACRO_EXPANSION"
case 251: // "OPERATOR"
case 252: // "OPERATOR_BEGINS_WITH"
case 253: // "OPERATOR_CONTAINS"
case 254: // "OPERATOR_CONTAINS_WORD"
case 255: // "OPERATOR_DETECT_SQLI"
case 256: // "OPERATOR_DETECT_XSS"
case 257: // "OPERATOR_ENDS_WITH"
case 258: // "OPERATOR_EQ"
case 259: // "OPERATOR_FUZZY_HASH"
case 260: // "OPERATOR_GE"
case 261: // "OPERATOR_GEOLOOKUP"
case 262: // "OPERATOR_GSB_LOOKUP"
case 263: // "OPERATOR_GT"
case 264: // "OPERATOR_INSPECT_FILE"
case 265: // "OPERATOR_IP_MATCH"
case 266: // "OPERATOR_IP_MATCH_FROM_FILE"
case 267: // "OPERATOR_LE"
case 268: // "OPERATOR_LT"
case 269: // "OPERATOR_PM"
case 270: // "OPERATOR_PM_FROM_FILE"
case 271: // "OPERATOR_RBL"
case 272: // "OPERATOR_RSUB"
case 273: // "OPERATOR_RX"
case 274: // "Operator RX (content only)"
case 275: // "OPERATOR_STR_EQ"
case 276: // "OPERATOR_STR_MATCH"
case 277: // "OPERATOR_UNCONDITIONAL_MATCH"
case 278: // "OPERATOR_VALIDATE_BYTE_RANGE"
case 279: // "OPERATOR_VALIDATE_DTD"
case 280: // "OPERATOR_VALIDATE_HASH"
case 281: // "OPERATOR_VALIDATE_SCHEMA"
case 282: // "OPERATOR_VALIDATE_URL_ENCODING"
case 283: // "OPERATOR_VALIDATE_UTF8_ENCODING"
case 284: // "OPERATOR_VERIFY_CC"
case 285: // "OPERATOR_VERIFY_CPF"
case 286: // "OPERATOR_VERIFY_SSN"
case 287: // "OPERATOR_WITHIN"
case 288: // "OP_QUOTE"
case 289: // "QUOTATION_MARK"
case 290: // "RUN_TIME_VAR_BLD"
case 291: // "RUN_TIME_VAR_DUR"
case 292: // "RUN_TIME_VAR_HSV"
case 293: // "RUN_TIME_VAR_REMOTE_USER"
case 294: // "RUN_TIME_VAR_TIME"
case 295: // "RUN_TIME_VAR_TIME_DAY"
case 296: // "RUN_TIME_VAR_TIME_EPOCH"
case 297: // "RUN_TIME_VAR_TIME_HOUR"
case 298: // "RUN_TIME_VAR_TIME_MIN"
case 299: // "RUN_TIME_VAR_TIME_MON"
case 300: // "RUN_TIME_VAR_TIME_SEC"
case 301: // "RUN_TIME_VAR_TIME_WDAY"
case 302: // "RUN_TIME_VAR_TIME_YEAR"
case 303: // "SETVAR_VARIABLE_PART"
case 304: // "SETVAR_CONTENT_PART"
case 305: // "VARIABLE"
case 306: // "Dictionary element"
case 307: // "Dictionary element, selected by regexp"
case 322: // setvar_variable
case 323: // setvar_content
value.copy< std::string > (v);
break;
case 313: // op
case 314: // op_before_init
case 314: // op
case 315: // op_before_init
value.copy< std::unique_ptr<Operator> > (v);
break;
case 318: // var
case 324: // run_time_string
value.copy< std::unique_ptr<RunTimeString> > (v);
break;
case 319: // var
value.copy< std::unique_ptr<Variable> > (v);
break;
case 319: // act
case 320: // setvar_action
case 320: // act
case 321: // setvar_action
value.copy< std::unique_ptr<actions::Action> > (v);
break;
case 316: // variables
case 317: // variables_may_be_quoted
case 317: // variables
case 318: // variables_may_be_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (v);
break;
case 311: // actions
case 312: // actions_may_quoted
case 312: // actions
case 313: // actions_may_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > > (v);
break;
@ -3343,6 +3364,13 @@ namespace yy {
, location (l)
{}
template <typename Base>
seclang_parser::basic_symbol<Base>::basic_symbol (typename Base::kind_type t, const std::unique_ptr<RunTimeString> v, const location_type& l)
: Base (t)
, value (v)
, location (l)
{}
template <typename Base>
seclang_parser::basic_symbol<Base>::basic_symbol (typename Base::kind_type t, const std::unique_ptr<Variable> v, const location_type& l)
: Base (t)
@ -3547,89 +3575,94 @@ namespace yy {
case 247: // "DIRECTIVE"
case 248: // "DIRECTIVE_SECRULESCRIPT"
case 249: // "FREE_TEXT"
case 250: // "OPERATOR"
case 251: // "OPERATOR_BEGINS_WITH"
case 252: // "OPERATOR_CONTAINS"
case 253: // "OPERATOR_CONTAINS_WORD"
case 254: // "OPERATOR_DETECT_SQLI"
case 255: // "OPERATOR_DETECT_XSS"
case 256: // "OPERATOR_ENDS_WITH"
case 257: // "OPERATOR_EQ"
case 258: // "OPERATOR_FUZZY_HASH"
case 259: // "OPERATOR_GE"
case 260: // "OPERATOR_GEOLOOKUP"
case 261: // "OPERATOR_GSB_LOOKUP"
case 262: // "OPERATOR_GT"
case 263: // "OPERATOR_INSPECT_FILE"
case 264: // "OPERATOR_IP_MATCH"
case 265: // "OPERATOR_IP_MATCH_FROM_FILE"
case 266: // "OPERATOR_LE"
case 267: // "OPERATOR_LT"
case 268: // "OPERATOR_PM"
case 269: // "OPERATOR_PM_FROM_FILE"
case 270: // "OPERATOR_RBL"
case 271: // "OPERATOR_RSUB"
case 272: // "OPERATOR_RX"
case 273: // "Operator RX (content only)"
case 274: // "OPERATOR_STR_EQ"
case 275: // "OPERATOR_STR_MATCH"
case 276: // "OPERATOR_UNCONDITIONAL_MATCH"
case 277: // "OPERATOR_VALIDATE_BYTE_RANGE"
case 278: // "OPERATOR_VALIDATE_DTD"
case 279: // "OPERATOR_VALIDATE_HASH"
case 280: // "OPERATOR_VALIDATE_SCHEMA"
case 281: // "OPERATOR_VALIDATE_URL_ENCODING"
case 282: // "OPERATOR_VALIDATE_UTF8_ENCODING"
case 283: // "OPERATOR_VERIFY_CC"
case 284: // "OPERATOR_VERIFY_CPF"
case 285: // "OPERATOR_VERIFY_SSN"
case 286: // "OPERATOR_WITHIN"
case 287: // "OP_QUOTE"
case 288: // "QUOTATION_MARK"
case 289: // "RUN_TIME_VAR_BLD"
case 290: // "RUN_TIME_VAR_DUR"
case 291: // "RUN_TIME_VAR_HSV"
case 292: // "RUN_TIME_VAR_REMOTE_USER"
case 293: // "RUN_TIME_VAR_TIME"
case 294: // "RUN_TIME_VAR_TIME_DAY"
case 295: // "RUN_TIME_VAR_TIME_EPOCH"
case 296: // "RUN_TIME_VAR_TIME_HOUR"
case 297: // "RUN_TIME_VAR_TIME_MIN"
case 298: // "RUN_TIME_VAR_TIME_MON"
case 299: // "RUN_TIME_VAR_TIME_SEC"
case 300: // "RUN_TIME_VAR_TIME_WDAY"
case 301: // "RUN_TIME_VAR_TIME_YEAR"
case 302: // "SETVAR_VARIABLE_PART"
case 303: // "SETVAR_CONTENT_PART"
case 304: // "VARIABLE"
case 305: // "Dictionary element"
case 306: // "Dictionary element, selected by regexp"
case 321: // setvar_variable
case 322: // setvar_content
case 250: // "FREE_TEXT_QUOTE_MACRO_EXPANSION"
case 251: // "OPERATOR"
case 252: // "OPERATOR_BEGINS_WITH"
case 253: // "OPERATOR_CONTAINS"
case 254: // "OPERATOR_CONTAINS_WORD"
case 255: // "OPERATOR_DETECT_SQLI"
case 256: // "OPERATOR_DETECT_XSS"
case 257: // "OPERATOR_ENDS_WITH"
case 258: // "OPERATOR_EQ"
case 259: // "OPERATOR_FUZZY_HASH"
case 260: // "OPERATOR_GE"
case 261: // "OPERATOR_GEOLOOKUP"
case 262: // "OPERATOR_GSB_LOOKUP"
case 263: // "OPERATOR_GT"
case 264: // "OPERATOR_INSPECT_FILE"
case 265: // "OPERATOR_IP_MATCH"
case 266: // "OPERATOR_IP_MATCH_FROM_FILE"
case 267: // "OPERATOR_LE"
case 268: // "OPERATOR_LT"
case 269: // "OPERATOR_PM"
case 270: // "OPERATOR_PM_FROM_FILE"
case 271: // "OPERATOR_RBL"
case 272: // "OPERATOR_RSUB"
case 273: // "OPERATOR_RX"
case 274: // "Operator RX (content only)"
case 275: // "OPERATOR_STR_EQ"
case 276: // "OPERATOR_STR_MATCH"
case 277: // "OPERATOR_UNCONDITIONAL_MATCH"
case 278: // "OPERATOR_VALIDATE_BYTE_RANGE"
case 279: // "OPERATOR_VALIDATE_DTD"
case 280: // "OPERATOR_VALIDATE_HASH"
case 281: // "OPERATOR_VALIDATE_SCHEMA"
case 282: // "OPERATOR_VALIDATE_URL_ENCODING"
case 283: // "OPERATOR_VALIDATE_UTF8_ENCODING"
case 284: // "OPERATOR_VERIFY_CC"
case 285: // "OPERATOR_VERIFY_CPF"
case 286: // "OPERATOR_VERIFY_SSN"
case 287: // "OPERATOR_WITHIN"
case 288: // "OP_QUOTE"
case 289: // "QUOTATION_MARK"
case 290: // "RUN_TIME_VAR_BLD"
case 291: // "RUN_TIME_VAR_DUR"
case 292: // "RUN_TIME_VAR_HSV"
case 293: // "RUN_TIME_VAR_REMOTE_USER"
case 294: // "RUN_TIME_VAR_TIME"
case 295: // "RUN_TIME_VAR_TIME_DAY"
case 296: // "RUN_TIME_VAR_TIME_EPOCH"
case 297: // "RUN_TIME_VAR_TIME_HOUR"
case 298: // "RUN_TIME_VAR_TIME_MIN"
case 299: // "RUN_TIME_VAR_TIME_MON"
case 300: // "RUN_TIME_VAR_TIME_SEC"
case 301: // "RUN_TIME_VAR_TIME_WDAY"
case 302: // "RUN_TIME_VAR_TIME_YEAR"
case 303: // "SETVAR_VARIABLE_PART"
case 304: // "SETVAR_CONTENT_PART"
case 305: // "VARIABLE"
case 306: // "Dictionary element"
case 307: // "Dictionary element, selected by regexp"
case 322: // setvar_variable
case 323: // setvar_content
value.template destroy< std::string > ();
break;
case 313: // op
case 314: // op_before_init
case 314: // op
case 315: // op_before_init
value.template destroy< std::unique_ptr<Operator> > ();
break;
case 318: // var
case 324: // run_time_string
value.template destroy< std::unique_ptr<RunTimeString> > ();
break;
case 319: // var
value.template destroy< std::unique_ptr<Variable> > ();
break;
case 319: // act
case 320: // setvar_action
case 320: // act
case 321: // setvar_action
value.template destroy< std::unique_ptr<actions::Action> > ();
break;
case 316: // variables
case 317: // variables_may_be_quoted
case 317: // variables
case 318: // variables_may_be_quoted
value.template destroy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > ();
break;
case 311: // actions
case 312: // actions_may_quoted
case 312: // actions
case 313: // actions_may_quoted
value.template destroy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > > ();
break;
@ -3806,89 +3839,94 @@ namespace yy {
case 247: // "DIRECTIVE"
case 248: // "DIRECTIVE_SECRULESCRIPT"
case 249: // "FREE_TEXT"
case 250: // "OPERATOR"
case 251: // "OPERATOR_BEGINS_WITH"
case 252: // "OPERATOR_CONTAINS"
case 253: // "OPERATOR_CONTAINS_WORD"
case 254: // "OPERATOR_DETECT_SQLI"
case 255: // "OPERATOR_DETECT_XSS"
case 256: // "OPERATOR_ENDS_WITH"
case 257: // "OPERATOR_EQ"
case 258: // "OPERATOR_FUZZY_HASH"
case 259: // "OPERATOR_GE"
case 260: // "OPERATOR_GEOLOOKUP"
case 261: // "OPERATOR_GSB_LOOKUP"
case 262: // "OPERATOR_GT"
case 263: // "OPERATOR_INSPECT_FILE"
case 264: // "OPERATOR_IP_MATCH"
case 265: // "OPERATOR_IP_MATCH_FROM_FILE"
case 266: // "OPERATOR_LE"
case 267: // "OPERATOR_LT"
case 268: // "OPERATOR_PM"
case 269: // "OPERATOR_PM_FROM_FILE"
case 270: // "OPERATOR_RBL"
case 271: // "OPERATOR_RSUB"
case 272: // "OPERATOR_RX"
case 273: // "Operator RX (content only)"
case 274: // "OPERATOR_STR_EQ"
case 275: // "OPERATOR_STR_MATCH"
case 276: // "OPERATOR_UNCONDITIONAL_MATCH"
case 277: // "OPERATOR_VALIDATE_BYTE_RANGE"
case 278: // "OPERATOR_VALIDATE_DTD"
case 279: // "OPERATOR_VALIDATE_HASH"
case 280: // "OPERATOR_VALIDATE_SCHEMA"
case 281: // "OPERATOR_VALIDATE_URL_ENCODING"
case 282: // "OPERATOR_VALIDATE_UTF8_ENCODING"
case 283: // "OPERATOR_VERIFY_CC"
case 284: // "OPERATOR_VERIFY_CPF"
case 285: // "OPERATOR_VERIFY_SSN"
case 286: // "OPERATOR_WITHIN"
case 287: // "OP_QUOTE"
case 288: // "QUOTATION_MARK"
case 289: // "RUN_TIME_VAR_BLD"
case 290: // "RUN_TIME_VAR_DUR"
case 291: // "RUN_TIME_VAR_HSV"
case 292: // "RUN_TIME_VAR_REMOTE_USER"
case 293: // "RUN_TIME_VAR_TIME"
case 294: // "RUN_TIME_VAR_TIME_DAY"
case 295: // "RUN_TIME_VAR_TIME_EPOCH"
case 296: // "RUN_TIME_VAR_TIME_HOUR"
case 297: // "RUN_TIME_VAR_TIME_MIN"
case 298: // "RUN_TIME_VAR_TIME_MON"
case 299: // "RUN_TIME_VAR_TIME_SEC"
case 300: // "RUN_TIME_VAR_TIME_WDAY"
case 301: // "RUN_TIME_VAR_TIME_YEAR"
case 302: // "SETVAR_VARIABLE_PART"
case 303: // "SETVAR_CONTENT_PART"
case 304: // "VARIABLE"
case 305: // "Dictionary element"
case 306: // "Dictionary element, selected by regexp"
case 321: // setvar_variable
case 322: // setvar_content
case 250: // "FREE_TEXT_QUOTE_MACRO_EXPANSION"
case 251: // "OPERATOR"
case 252: // "OPERATOR_BEGINS_WITH"
case 253: // "OPERATOR_CONTAINS"
case 254: // "OPERATOR_CONTAINS_WORD"
case 255: // "OPERATOR_DETECT_SQLI"
case 256: // "OPERATOR_DETECT_XSS"
case 257: // "OPERATOR_ENDS_WITH"
case 258: // "OPERATOR_EQ"
case 259: // "OPERATOR_FUZZY_HASH"
case 260: // "OPERATOR_GE"
case 261: // "OPERATOR_GEOLOOKUP"
case 262: // "OPERATOR_GSB_LOOKUP"
case 263: // "OPERATOR_GT"
case 264: // "OPERATOR_INSPECT_FILE"
case 265: // "OPERATOR_IP_MATCH"
case 266: // "OPERATOR_IP_MATCH_FROM_FILE"
case 267: // "OPERATOR_LE"
case 268: // "OPERATOR_LT"
case 269: // "OPERATOR_PM"
case 270: // "OPERATOR_PM_FROM_FILE"
case 271: // "OPERATOR_RBL"
case 272: // "OPERATOR_RSUB"
case 273: // "OPERATOR_RX"
case 274: // "Operator RX (content only)"
case 275: // "OPERATOR_STR_EQ"
case 276: // "OPERATOR_STR_MATCH"
case 277: // "OPERATOR_UNCONDITIONAL_MATCH"
case 278: // "OPERATOR_VALIDATE_BYTE_RANGE"
case 279: // "OPERATOR_VALIDATE_DTD"
case 280: // "OPERATOR_VALIDATE_HASH"
case 281: // "OPERATOR_VALIDATE_SCHEMA"
case 282: // "OPERATOR_VALIDATE_URL_ENCODING"
case 283: // "OPERATOR_VALIDATE_UTF8_ENCODING"
case 284: // "OPERATOR_VERIFY_CC"
case 285: // "OPERATOR_VERIFY_CPF"
case 286: // "OPERATOR_VERIFY_SSN"
case 287: // "OPERATOR_WITHIN"
case 288: // "OP_QUOTE"
case 289: // "QUOTATION_MARK"
case 290: // "RUN_TIME_VAR_BLD"
case 291: // "RUN_TIME_VAR_DUR"
case 292: // "RUN_TIME_VAR_HSV"
case 293: // "RUN_TIME_VAR_REMOTE_USER"
case 294: // "RUN_TIME_VAR_TIME"
case 295: // "RUN_TIME_VAR_TIME_DAY"
case 296: // "RUN_TIME_VAR_TIME_EPOCH"
case 297: // "RUN_TIME_VAR_TIME_HOUR"
case 298: // "RUN_TIME_VAR_TIME_MIN"
case 299: // "RUN_TIME_VAR_TIME_MON"
case 300: // "RUN_TIME_VAR_TIME_SEC"
case 301: // "RUN_TIME_VAR_TIME_WDAY"
case 302: // "RUN_TIME_VAR_TIME_YEAR"
case 303: // "SETVAR_VARIABLE_PART"
case 304: // "SETVAR_CONTENT_PART"
case 305: // "VARIABLE"
case 306: // "Dictionary element"
case 307: // "Dictionary element, selected by regexp"
case 322: // setvar_variable
case 323: // setvar_content
value.move< std::string > (s.value);
break;
case 313: // op
case 314: // op_before_init
case 314: // op
case 315: // op_before_init
value.move< std::unique_ptr<Operator> > (s.value);
break;
case 318: // var
case 324: // run_time_string
value.move< std::unique_ptr<RunTimeString> > (s.value);
break;
case 319: // var
value.move< std::unique_ptr<Variable> > (s.value);
break;
case 319: // act
case 320: // setvar_action
case 320: // act
case 321: // setvar_action
value.move< std::unique_ptr<actions::Action> > (s.value);
break;
case 316: // variables
case 317: // variables_may_be_quoted
case 317: // variables
case 318: // variables_may_be_quoted
value.move< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (s.value);
break;
case 311: // actions
case 312: // actions_may_quoted
case 312: // actions
case 313: // actions_may_quoted
value.move< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > > (s.value);
break;
@ -3977,7 +4015,7 @@ namespace yy {
525, 526, 527, 528, 529, 530, 531, 532, 533, 534,
535, 536, 537, 538, 539, 540, 541, 542, 543, 544,
545, 546, 547, 548, 549, 550, 551, 552, 553, 554,
555, 556, 557, 558, 559, 560, 561
555, 556, 557, 558, 559, 560, 561, 562
};
return static_cast<token_type> (yytoken_number_[type]);
}
@ -5470,6 +5508,12 @@ namespace yy {
return symbol_type (token::TOK_FREE_TEXT, v, l);
}
seclang_parser::symbol_type
seclang_parser::make_FREE_TEXT_QUOTE_MACRO_EXPANSION (const std::string& v, const location_type& l)
{
return symbol_type (token::TOK_FREE_TEXT_QUOTE_MACRO_EXPANSION, v, l);
}
seclang_parser::symbol_type
seclang_parser::make_OPERATOR (const std::string& v, const location_type& l)
{
@ -5815,7 +5859,7 @@ namespace yy {
} // yy
#line 5819 "seclang-parser.hh" // lalr1.cc:377
#line 5863 "seclang-parser.hh" // lalr1.cc:377

59
src/parser/seclang-parser.yy
View File

@ -607,6 +607,7 @@ using modsecurity::operators::Operator;
DIRECTIVE "DIRECTIVE"
DIRECTIVE_SECRULESCRIPT "DIRECTIVE_SECRULESCRIPT"
FREE_TEXT "FREE_TEXT"
FREE_TEXT_QUOTE_MACRO_EXPANSION "FREE_TEXT_QUOTE_MACRO_EXPANSION"
OPERATOR "OPERATOR"
OPERATOR_BEGINS_WITH "OPERATOR_BEGINS_WITH"
OPERATOR_CONTAINS "OPERATOR_CONTAINS"
@ -671,6 +672,7 @@ using modsecurity::operators::Operator;
%type <std::unique_ptr<actions::Action>> setvar_action
%type <std::string> setvar_variable
%type <std::string> setvar_content
%type <std::unique_ptr<RunTimeString>> run_time_string
%type <std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > > >
actions_may_quoted
@ -682,6 +684,7 @@ using modsecurity::operators::Operator;
op
;
%type <std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > variables_may_be_quoted
%type <std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > variables
%type <std::unique_ptr<Variable>> var
@ -2367,13 +2370,13 @@ act:
{
ACTION_CONTAINER($$, new actions::RuleId($1));
}
| ACTION_INITCOL
| ACTION_INITCOL run_time_string
{
ACTION_CONTAINER($$, new actions::InitCol($1));
ACTION_CONTAINER($$, new actions::InitCol($1, std::move($2)));
}
| ACTION_LOG_DATA
| ACTION_LOG_DATA run_time_string
{
ACTION_CONTAINER($$, new actions::LogData($1));
ACTION_CONTAINER($$, new actions::LogData(std::move($2)));
}
| ACTION_LOG
{
@ -2383,9 +2386,9 @@ act:
{
ACTION_CONTAINER($$, new actions::Maturity($1));
}
| ACTION_MSG
| ACTION_MSG run_time_string
{
ACTION_CONTAINER($$, new actions::Msg($1));
ACTION_CONTAINER($$, new actions::Msg(std::move($2)));
}
| ACTION_MULTI_MATCH
{
@ -2419,9 +2422,9 @@ act:
{
ACTION_NOT_SUPPORTED("Proxy", @0);
}
| ACTION_REDIRECT
| ACTION_REDIRECT run_time_string
{
ACTION_CONTAINER($$, new actions::disruptive::Redirect($1));
ACTION_CONTAINER($$, new actions::disruptive::Redirect(std::move($2)));
}
| ACTION_REV
{
@ -2451,17 +2454,17 @@ act:
{
ACTION_NOT_SUPPORTED("SetEnv", @0);
}
| ACTION_SETRSC
| ACTION_SETRSC run_time_string
{
ACTION_CONTAINER($$, new actions::SetRSC($1));
ACTION_CONTAINER($$, new actions::SetRSC(std::move($2)));
}
| ACTION_SETSID
| ACTION_SETSID run_time_string
{
ACTION_CONTAINER($$, new actions::SetSID($1));
ACTION_CONTAINER($$, new actions::SetSID(std::move($2)));
}
| ACTION_SETUID
| ACTION_SETUID run_time_string
{
ACTION_CONTAINER($$, new actions::SetUID($1));
ACTION_CONTAINER($$, new actions::SetUID(std::move($2)));
}
| ACTION_SETVAR setvar_action
{
@ -2483,9 +2486,9 @@ act:
{
ACTION_CONTAINER($$, new actions::data::Status($1));
}
| ACTION_TAG
| ACTION_TAG run_time_string
{
ACTION_CONTAINER($$, new actions::Tag($1));
ACTION_CONTAINER($$, new actions::Tag(std::move($2)));
}
| ACTION_VER
{
@ -2660,6 +2663,30 @@ setvar_content:
}
;
run_time_string:
run_time_string FREE_TEXT_QUOTE_MACRO_EXPANSION
{
$1->appendText($2);
$$ = std::move($1);
}
| run_time_string var
{
$1->appendVar(std::move($2));
$$ = std::move($1);
}
| FREE_TEXT_QUOTE_MACRO_EXPANSION
{
std::unique_ptr<RunTimeString> r(new RunTimeString());
r->appendText($1);
$$ = std::move(r);
}
| var
{
std::unique_ptr<RunTimeString> r(new RunTimeString());
r->appendVar(std::move($1));
$$ = std::move(r);
}
;
%%
void yy::seclang_parser::error (const location_type& l, const std::string& m) {

9975
src/parser/seclang-scanner.cc
View File

File diff suppressed because it is too large Load Diff

169
src/parser/seclang-scanner.ll
View File

@ -15,6 +15,8 @@ using modsecurity::utils::string::parserSanitizer;
typedef yy::seclang_parser p;
static int state_variable_from = 0;
static int YY_PREVIOUS_STATE = 0;
static int YY_PREVIOUS_STATE2 = 0;
// Work around an incompatibility in flex (at least versions
// 2.5.31 through 2.5.33): it generates code that does
@ -23,6 +25,11 @@ static int state_variable_from = 0;
# undef yywrap
# define yywrap() 1
#define BEGINX(z) { YY_PREVIOUS_STATE = YY_START; BEGIN(z); }
#define BEGINX2(z) { YY_PREVIOUS_STATE2 = YY_START; BEGIN(z); }
#define BEGIN_PREVIOUS() { BEGIN(YY_PREVIOUS_STATE); YY_PREVIOUS_STATE = 0; }
#define BEGIN_PREVIOUS2() { BEGIN(YY_PREVIOUS_STATE2); YY_PREVIOUS_STATE2 = 0; }
// The location of the current token.
%}
%option noyywrap nounput batch debug noinput
@ -328,7 +335,7 @@ CONGIG_DIR_SEC_COOKIE_FORMAT (?i:SecCookieFormat)
CONGIG_DIR_SEC_DATA_DIR (?i:SecDataDir)
CONGIG_DIR_SEC_STATUS_ENGINE (?i:SecStatusEngine)
CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir)
DICT_ELEMENT ([^\"|,\n \t]|([^\\]\\\"))+
DICT_ELEMENT ([^\"|,\n \t}]|([^\\]\\\"))+
DICT_ELEMENT_WITH_PIPE [^ \t"]+
DICT_ELEMENT_NO_PIPE [^ \|\t"]+
@ -339,6 +346,13 @@ DIRECTIVE (?i:SecRule)
DIRECTIVE_SECRULESCRIPT (?i:SecRuleScript)
FREE_TEXT_NEW_LINE [^\"|\n]+
FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
QUOTE_BUT_SCAPED (')
DOUBLE_QUOTE_BUT_SCAPED (")
COMMA_BUT_SCAPED (,)
FREE_TEXT_QUOTE_MACRO_EXPANSION (([^%'\b])|([^\\][\\][%][{])|([^\\]([\\][\\])+[\\][%][{])|[^\\][\\][']|[^\\]([\\][\\])+[\\]['])+
FREE_TEXT_DOUBLE_QUOTE_MACRO_EXPANSION (([^%"])|([^\\][\\][%][{])|([^\\]([\\][\\])+[\\][%][{])|[^\\][\\]["]|[^\\]([\\][\\])+[\\]["])+
FREE_TEXT_COMMA_MACRO_EXPANSION (([^%,])|([^\\][\\][%][{])|([^\\]([\\][\\])+[\\][%][{])|[^\\][\\][,]|[^\\]([\\][\\])+[\\][,])+
START_MACRO_VARIABLE (\%\{)
FREE_TEXT_QUOTE_COMMA [^,\']+
FREE_TEXT_SPACE [^ \t]+
FREE_TEXT_SPACE_COMMA [^, \t]+
@ -363,10 +377,12 @@ EQUALS (?i:=)
EQUALS_PLUS (?i:=\+)
EQUALS_MINUS (?i:=\-)
%x EXPECTING_ACTION_PREDICATE_VARIABLE
%x TRANSACTION_TO_VARIABLE
%x EXPECTING_VARIABLE
%x EXPECTING_SINGLE_VARIABLE
%x EXPECTING_OPERATOR
%x EXPECTING_ACTION_PREDICATE ACTION_PREDICATE_ENDS_WITH_QUOTE ACTION_PREDICATE_ENDS_WITH_DOUBLE_QUOTE ACTION_PREDICATE_ENDS_WITH_COMMA
%x COMMENT
%x EXPECTING_VAR_PARAMETER
%x EXPECTING_PARAMETER
@ -377,6 +393,7 @@ EQUALS_MINUS (?i:=\-)
%x FINISH_ACTIONS
%x LEXING_ERROR
%x LEXING_ERROR_ACTION
%x LEXING_ERROR_VARIABLE
%x SETVAR_ACTION_NONQUOTED
%x SETVAR_ACTION_NONQUOTED_WAITING_COLLECTION_ELEM
%x SETVAR_ACTION_NONQUOTED_WAITING_OPERATION
@ -421,9 +438,7 @@ EQUALS_MINUS (?i:=\-)
{ACTION_SANATISE_MATCHED_BYTES} { return p::make_ACTION_SANATISE_MATCHED_BYTES(yytext, *driver.loc.back()); }
{ACTION_SANATISE_REQUEST_HEADER} { return p::make_ACTION_SANATISE_REQUEST_HEADER(yytext, *driver.loc.back()); }
{ACTION_SANATISE_RESPONSE_HEADER} { return p::make_ACTION_SANATISE_RESPONSE_HEADER(yytext, *driver.loc.back()); }
{ACTION_SETRSC}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETRSC(yytext, *driver.loc.back()); }
{ACTION_SETRSC}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETRSC(yytext, *driver.loc.back()); }
{ACTION_SETRSC}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETRSC(yytext, *driver.loc.back()); }
{ACTION_SETRSC}: { BEGIN(EXPECTING_ACTION_PREDICATE); return p::make_ACTION_SETRSC(yytext, *driver.loc.back()); }
{ACTION_STATUS} { return p::make_ACTION_STATUS(yytext, *driver.loc.back()); }
{ACTION_ACCURACY}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_ACCURACY(yytext, *driver.loc.back()); }
@ -446,23 +461,20 @@ EQUALS_MINUS (?i:=\-)
{ACTION_EXPIRE_VAR}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_EXPIRE_VAR(yytext, *driver.loc.back()); }
{ACTION_EXPIRE_VAR}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_EXPIRE_VAR(yytext, *driver.loc.back()); }
{ACTION_EXPIRE_VAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_EXPIRE_VAR(yytext, *driver.loc.back()); }
{ACTION_INITCOL}:{COL_NAME}={COL_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_INITCOL(yytext, *driver.loc.back()); }
{ACTION_INITCOL}:{COL_NAME}= { BEGIN(EXPECTING_ACTION_PREDICATE); return p::make_ACTION_INITCOL(yytext, *driver.loc.back()); }
{ACTION_MATURITY}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_MATURITY(yytext, *driver.loc.back()); }
{ACTION_MATURITY}:{FREE_TEXT_QUOTE} { return p::make_ACTION_MATURITY(yytext, *driver.loc.back()); }
{ACTION_MSG}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_MSG(yytext, *driver.loc.back()); }
{ACTION_MSG}: { BEGIN(EXPECTING_ACTION_PREDICATE); return p::make_ACTION_MSG(yytext, *driver.loc.back()); }
{ACTION_PHASE} { return p::make_ACTION_PHASE(yytext, *driver.loc.back()); }
{ACTION_REDIRECT}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_REDIRECT(yytext, *driver.loc.back()); }
{ACTION_REDIRECT}:'{FREE_TEXT_QUOTE_COMMA}' { return p::make_ACTION_REDIRECT(yytext, *driver.loc.back()); }
{ACTION_REDIRECT}: { BEGIN(EXPECTING_ACTION_PREDICATE); return p::make_ACTION_REDIRECT(yytext, *driver.loc.back()); }
{ACTION_REV}:'{FREE_TEXT_QUOTE_COMMA}' { return p::make_ACTION_REV(yytext, *driver.loc.back()); }
{ACTION_REV}:{FREE_TEXT_QUOTE_COMMA} { return p::make_ACTION_REV(yytext, *driver.loc.back()); }
{ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETENV(yytext, *driver.loc.back()); }
{ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETENV(yytext, *driver.loc.back()); }
{ACTION_SETENV}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETENV(yytext, *driver.loc.back()); }
{ACTION_SETENV}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETENV(yytext, *driver.loc.back()); }
{ACTION_SETSID}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETSID(yytext, *driver.loc.back()); }
{ACTION_SETSID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETSID(yytext, *driver.loc.back()); }
{ACTION_SETUID}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
{ACTION_SETUID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
{ACTION_SETSID}: { BEGIN(EXPECTING_ACTION_PREDICATE); return p::make_ACTION_SETSID(yytext, *driver.loc.back()); }
{ACTION_SETUID}: { BEGIN(EXPECTING_ACTION_PREDICATE); return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
{ACTION_SETVAR}:' { BEGIN(SETVAR_ACTION_QUOTED); return p::make_ACTION_SETVAR(*driver.loc.back()); }
{ACTION_SETVAR}: { BEGIN(SETVAR_ACTION_NONQUOTED); return p::make_ACTION_SETVAR(*driver.loc.back()); }
@ -472,8 +484,7 @@ EQUALS_MINUS (?i:=\-)
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return p::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
{ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_SKIP_AFTER(yytext, *driver.loc.back()); }
{ACTION_SKIP}:{CONFIG_VALUE_NUMBER} { return p::make_ACTION_SKIP(yytext, *driver.loc.back()); }
{ACTION_TAG}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_TAG(yytext, *driver.loc.back()); }
{ACTION_TAG}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_TAG(yytext, *driver.loc.back()); }
{ACTION_TAG}: { BEGIN(EXPECTING_ACTION_PREDICATE); return p::make_ACTION_TAG(yytext, *driver.loc.back()); }
{ACTION_VER}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_VER(yytext, *driver.loc.back()); }
{ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_XMLNS(yytext, *driver.loc.back()); }
@ -506,7 +517,7 @@ EQUALS_MINUS (?i:=\-)
{ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR} { return p::make_ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REMOVE_COMMENTS} { return p::make_ACTION_TRANSFORMATION_REMOVE_COMMENTS(yytext, *driver.loc.back()); }
{ACTION_TRANSFORMATION_REPLACE_COMMENTS} { return p::make_ACTION_TRANSFORMATION_REPLACE_COMMENTS(yytext, *driver.loc.back()); }
{ACTION_LOG_DATA}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_LOG_DATA(yytext, *driver.loc.back()); }
{ACTION_LOG_DATA}: { BEGIN(EXPECTING_ACTION_PREDICATE); return p::make_ACTION_LOG_DATA(yytext, *driver.loc.back()); }
{CONFIG_VALUE_DETC} { return p::make_CONFIG_VALUE_DETC(yytext, *driver.loc.back()); }
{CONFIG_VALUE_OFF} { return p::make_CONFIG_VALUE_OFF(yytext, *driver.loc.back()); }
@ -526,6 +537,42 @@ EQUALS_MINUS (?i:=\-)
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
}
<EXPECTING_ACTION_PREDICATE>{
['] { BEGIN(ACTION_PREDICATE_ENDS_WITH_QUOTE); }
["] { BEGIN(ACTION_PREDICATE_ENDS_WITH_DOUBLE_QUOTE); }
. { BEGIN(ACTION_PREDICATE_ENDS_WITH_COMMA); yyless(0); }
}
<EXPECTING_ACTION_PREDICATE_VARIABLE,ACTION_PREDICATE_ENDS_WITH_QUOTE,ACTION_PREDICATE_ENDS_WITH_DOUBLE_QUOTE,ACTION_PREDICATE_ENDS_WITH_COMMA>{
[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
}
<EXPECTING_ACTION_PREDICATE_VARIABLE>{
[}] { BEGIN_PREVIOUS2(); }
[}][%] { BEGIN_PREVIOUS2(); }
}
<ACTION_PREDICATE_ENDS_WITH_QUOTE>{
['] { BEGIN(EXPECTING_ACTIONS); yyless(yyleng); }
{FREE_TEXT_QUOTE_MACRO_EXPANSION} { return p::make_FREE_TEXT_QUOTE_MACRO_EXPANSION(yytext, *driver.loc.back()); }
}
<ACTION_PREDICATE_ENDS_WITH_DOUBLE_QUOTE>{
["] { BEGIN(EXPECTING_ACTIONS); yyless(yyleng); }
{FREE_TEXT_DOUBLE_QUOTE_MACRO_EXPANSION} { return p::make_FREE_TEXT_QUOTE_MACRO_EXPANSION(yytext, *driver.loc.back()); }
}
<ACTION_PREDICATE_ENDS_WITH_COMMA>{
[,] { yyless(0); BEGIN(EXPECTING_ACTIONS); }
{FREE_TEXT_COMMA_MACRO_EXPANSION} { return p::make_FREE_TEXT_QUOTE_MACRO_EXPANSION(yytext, *driver.loc.back()); }
}
<ACTION_PREDICATE_ENDS_WITH_QUOTE,ACTION_PREDICATE_ENDS_WITH_DOUBLE_QUOTE,ACTION_PREDICATE_ENDS_WITH_COMMA>{
{START_MACRO_VARIABLE} { BEGINX2(EXPECTING_ACTION_PREDICATE_VARIABLE); }
. { BEGIN(LEXING_ERROR_VARIABLE); yyless(0); }
}
<SETVAR_ACTION_NONQUOTED>{
{NOT} { return p::make_NOT(*driver.loc.back()); }
{VARIABLE_TX}|{VARIABLE_SESSION}|{VARIABLE_RESOURCE}|{VARIABLE_IP}|{VARIABLE_USER}|{VARIABLE_GLOBAL}[:\.] { BEGIN(SETVAR_ACTION_NONQUOTED_WAITING_COLLECTION_ELEM); return p::make_SETVAR_VARIABLE_PART(yytext, *driver.loc.back());}
@ -700,7 +747,6 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
[ \t]*\\\r\n[ \t]*\"[ \t]* { BEGIN(EXPECTING_ACTIONS); }
}
<EXPECTING_VARIABLE>{
[|] { return p::make_PIPE(*driver.loc.back()); }
[,] { return p::make_PIPE(*driver.loc.back()); }
@ -713,13 +759,19 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
[ \t]*[\\\r\n]*[ \t]* { if (state_variable_from == 0) { BEGIN(EXPECTING_OPERATOR); } else { state_variable_from = 0; BEGIN(INITIAL);} }
[ \t]*[\\\r\n]*[ \t]*\" { if (state_variable_from == 0) { BEGIN(EXPECTING_OPERATOR); } else { state_variable_from = 0; BEGIN(INITIAL);} }
{VAR_EXCLUSION} { return p::make_VAR_EXCLUSION(*driver.loc.back()); }
{VAR_COUNT} { return p::make_VAR_COUNT(*driver.loc.back()); }
}
<EXPECTING_VARIABLE,EXPECTING_ACTION_PREDICATE_VARIABLE>{
. { BEGIN(LEXING_ERROR_VARIABLE); yyless(0); }
{VARIABLE_ARGS_COMBINED_SIZE} { return p::make_VARIABLE_ARGS_COMBINED_SIZE(*driver.loc.back()); }
{VARIABLE_ARGS_GET_NAMES} { return p::make_VARIABLE_ARGS_GET_NAMES(*driver.loc.back()); }
{VARIABLE_ARGS_GET_NAMES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_GET_NAMES(*driver.loc.back()); }
{VARIABLE_ARGS_GET_NAMES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_GET_NAMES(*driver.loc.back()); }
{VARIABLE_ARGS_NAMES} { return p::make_VARIABLE_ARGS_NAMES(*driver.loc.back()); }
{VARIABLE_ARGS_NAMES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_NAMES(*driver.loc.back()); }
{VARIABLE_ARGS_NAMES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_NAMES(*driver.loc.back()); }
{VARIABLE_ARGS_POST_NAMES} { return p::make_VARIABLE_ARGS_POST_NAMES(*driver.loc.back()); }
{VARIABLE_ARGS_POST_NAMES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_POST_NAMES(*driver.loc.back()); }
{VARIABLE_ARGS_POST_NAMES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_POST_NAMES(*driver.loc.back()); }
{VARIABLE_AUTH_TYPE} { return p::make_VARIABLE_AUTH_TYPE(*driver.loc.back()); }
{VARIABLE_FILES_COMBINED_SIZE} { return p::make_VARIABLE_FILES_COMBINED_SIZE(*driver.loc.back()); }
{VARIABLE_FULL_REQUEST_LENGTH} { return p::make_VARIABLE_FULL_REQUEST_LENGTH(*driver.loc.back()); }
@ -751,7 +803,7 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
{VARIABLE_REQUEST_BODY} { return p::make_VARIABLE_REQUEST_BODY(*driver.loc.back()); }
{VARIABLE_REQUEST_FILE_NAME} { return p::make_VARIABLE_REQUEST_FILE_NAME(*driver.loc.back()); }
{VARIABLE_REQUEST_HEADERS_NAMES} { return p::make_VARIABLE_REQUEST_HEADERS_NAMES(*driver.loc.back()); }
{VARIABLE_REQUEST_HEADERS_NAMES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_HEADERS_NAMES(*driver.loc.back()); }
{VARIABLE_REQUEST_HEADERS_NAMES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_HEADERS_NAMES(*driver.loc.back()); }
{VARIABLE_REQUEST_LINE} { return p::make_VARIABLE_REQUEST_LINE(*driver.loc.back()); }
{VARIABLE_REQUEST_METHOD} { return p::make_VARIABLE_REQUEST_METHOD(*driver.loc.back()); }
{VARIABLE_REQUEST_PROTOCOL} { return p::make_VARIABLE_REQUEST_PROTOCOL(*driver.loc.back()); }
@ -762,7 +814,7 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
{VARIABLE_RESPONSE_CONTENT_LENGTH} { return p::make_VARIABLE_RESPONSE_CONTENT_LENGTH(*driver.loc.back()); }
{VARIABLE_RESPONSE_CONTENT_TYPE} { return p::make_VARIABLE_RESPONSE_CONTENT_TYPE(*driver.loc.back()); }
{VARIABLE_RESPONSE_HEADERS_NAMES} { return p::make_VARIABLE_RESPONSE_HEADERS_NAMES(*driver.loc.back()); }
{VARIABLE_RESPONSE_HEADERS_NAMES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RESPONSE_HEADERS_NAMES(*driver.loc.back()); }
{VARIABLE_RESPONSE_HEADERS_NAMES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RESPONSE_HEADERS_NAMES(*driver.loc.back()); }
{VARIABLE_RESPONSE_PROTOCOL} { return p::make_VARIABLE_RESPONSE_PROTOCOL(*driver.loc.back()); }
{VARIABLE_RESPONSE_STATUS} { return p::make_VARIABLE_RESPONSE_STATUS(*driver.loc.back()); }
{VARIABLE_SERVER_ADDR} { return p::make_VARIABLE_SERVER_ADDR(*driver.loc.back()); }
@ -774,59 +826,59 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
{VARIABLE_USER_ID} { return p::make_VARIABLE_USER_ID(*driver.loc.back()); }
{VARIABLE_WEB_APP_ID} { return p::make_VARIABLE_WEB_APP_ID(*driver.loc.back()); }
{VARIABLE_ARGS} { return p::make_VARIABLE_ARGS(*driver.loc.back()); }
{VARIABLE_ARGS}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS(*driver.loc.back()); }
{VARIABLE_ARGS}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS(*driver.loc.back()); }
{VARIABLE_ARGS_GET} { return p::make_VARIABLE_ARGS_GET(*driver.loc.back()); }
{VARIABLE_ARGS_GET}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_GET(*driver.loc.back()); }
{VARIABLE_ARGS_GET}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_GET(*driver.loc.back()); }
{VARIABLE_ARGS_POST} { return p::make_VARIABLE_ARGS_POST(*driver.loc.back()); }
{VARIABLE_ARGS_POST}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_POST(*driver.loc.back()); }
{VARIABLE_ARGS_POST}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_POST(*driver.loc.back()); }
{VARIABLE_FILES_SIZES} { return p::make_VARIABLE_FILES_SIZES(*driver.loc.back()); }
{VARIABLE_FILES_SIZES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_SIZES(*driver.loc.back()); }
{VARIABLE_FILES_SIZES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_SIZES(*driver.loc.back()); }
{VARIABLE_FILES_NAMES} { return p::make_VARIABLE_FILES_NAMES(*driver.loc.back()); }
{VARIABLE_FILES_NAMES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_NAMES(*driver.loc.back()); }
{VARIABLE_FILES_NAMES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_NAMES(*driver.loc.back()); }
{VARIABLE_FILES_TMP_CONTENT} { return p::make_VARIABLE_FILES_TMP_CONTENT(*driver.loc.back()); }
{VARIABLE_FILES_TMP_CONTENT}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_TMP_CONTENT(*driver.loc.back()); }
{VARIABLE_FILES_TMP_CONTENT}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_TMP_CONTENT(*driver.loc.back()); }
{VARIABLE_MULTIPART_FILENAME} { return p::make_VARIABLE_MULTIPART_FILENAME(*driver.loc.back()); }
{VARIABLE_MULTIPART_FILENAME}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MULTIPART_FILENAME(*driver.loc.back()); }
{VARIABLE_MULTIPART_FILENAME}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MULTIPART_FILENAME(*driver.loc.back()); }
{VARIABLE_MULTIPART_NAME} { return p::make_VARIABLE_MULTIPART_NAME(*driver.loc.back()); }
{VARIABLE_MULTIPART_NAME}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MULTIPART_NAME(*driver.loc.back()); }
{VARIABLE_MULTIPART_NAME}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MULTIPART_NAME(*driver.loc.back()); }
{VARIABLE_MATCHED_VARS_NAMES} { return p::make_VARIABLE_MATCHED_VARS_NAMES(*driver.loc.back()); }
{VARIABLE_MATCHED_VARS_NAMES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MATCHED_VARS_NAMES(*driver.loc.back()); }
{VARIABLE_MATCHED_VARS_NAMES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MATCHED_VARS_NAMES(*driver.loc.back()); }
{VARIABLE_MATCHED_VARS} { return p::make_VARIABLE_MATCHED_VARS(*driver.loc.back()); }
{VARIABLE_MATCHED_VARS}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MATCHED_VARS(*driver.loc.back()); }
{VARIABLE_MATCHED_VARS}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MATCHED_VARS(*driver.loc.back()); }
{VARIABLE_FILES} { return p::make_VARIABLE_FILES(*driver.loc.back()); }
{VARIABLE_FILES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES(*driver.loc.back()); }
{VARIABLE_FILES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES(*driver.loc.back()); }
{VARIABLE_REQUEST_COOKIES} { return p::make_VARIABLE_REQUEST_COOKIES(*driver.loc.back()); }
{VARIABLE_REQUEST_COOKIES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_COOKIES(*driver.loc.back()); }
{VARIABLE_REQUEST_COOKIES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_COOKIES(*driver.loc.back()); }
{VARIABLE_REQUEST_HEADERS} { return p::make_VARIABLE_REQUEST_HEADERS(*driver.loc.back()); }
{VARIABLE_REQUEST_HEADERS}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_HEADERS(*driver.loc.back()); }
{VARIABLE_REQUEST_HEADERS}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_HEADERS(*driver.loc.back()); }
{VARIABLE_RESPONSE_HEADERS} { return p::make_VARIABLE_RESPONSE_HEADERS(*driver.loc.back()); }
{VARIABLE_RESPONSE_HEADERS}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RESPONSE_HEADERS(*driver.loc.back()); }
{VARIABLE_RESPONSE_HEADERS}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RESPONSE_HEADERS(*driver.loc.back()); }
{VARIABLE_GEO} { return p::make_VARIABLE_GEO(*driver.loc.back()); }
{VARIABLE_GEO}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_GEO(*driver.loc.back()); }
{VARIABLE_GEO}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_GEO(*driver.loc.back()); }
{VARIABLE_REQUEST_COOKIES_NAMES} { return p::make_VARIABLE_REQUEST_COOKIES_NAMES(*driver.loc.back()); }
{VARIABLE_REQUEST_COOKIES_NAMES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_COOKIES_NAMES(*driver.loc.back()); }
{VARIABLE_REQUEST_COOKIES_NAMES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_COOKIES_NAMES(*driver.loc.back()); }
{VARIABLE_RULE} { return p::make_VARIABLE_RULE(*driver.loc.back()); }
{VARIABLE_RULE}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RULE(*driver.loc.back()); }
{VARIABLE_RULE}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RULE(*driver.loc.back()); }
{VARIABLE_FILES_TMP_NAMES} { return p::make_VARIABLE_FILES_TMP_NAMES(*driver.loc.back()); }
{VARIABLE_FILES_TMP_NAMES}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_TMP_NAMES(*driver.loc.back()); }
{VARIABLE_FILES_TMP_NAMES}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_TMP_NAMES(*driver.loc.back()); }
{RUN_TIME_VAR_XML} { return p::make_RUN_TIME_VAR_XML(*driver.loc.back()); }
{RUN_TIME_VAR_XML}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_RUN_TIME_VAR_XML(*driver.loc.back()); }
{RUN_TIME_VAR_XML}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_RUN_TIME_VAR_XML(*driver.loc.back()); }
{RUN_TIME_VAR_ENV} { return p::make_RUN_TIME_VAR_ENV(*driver.loc.back()); }
{RUN_TIME_VAR_ENV}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_RUN_TIME_VAR_ENV(*driver.loc.back()); }
{RUN_TIME_VAR_ENV}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_RUN_TIME_VAR_ENV(*driver.loc.back()); }
{VARIABLE_IP} { return p::make_VARIABLE_IP(*driver.loc.back()); }
{VARIABLE_IP}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_IP(*driver.loc.back()); }
{VARIABLE_IP}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_IP(*driver.loc.back()); }
{VARIABLE_RESOURCE} { return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
{VARIABLE_RESOURCE}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
{VARIABLE_RESOURCE}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
{VARIABLE_GLOBAL} { return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
{VARIABLE_GLOBAL}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
{VARIABLE_GLOBAL}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
{VARIABLE_SESSION} { return p::make_VARIABLE_SESSION(*driver.loc.back()); }
{VARIABLE_SESSION}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_SESSION(*driver.loc.back()); }
{VARIABLE_SESSION}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_SESSION(*driver.loc.back()); }
{VARIABLE_USER} { return p::make_VARIABLE_USER(*driver.loc.back()); }
{VARIABLE_USER}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_USER(*driver.loc.back()); }
{VARIABLE_USER}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_USER(*driver.loc.back()); }
{VARIABLE_TX} { return p::make_VARIABLE_TX(*driver.loc.back()); }
{VARIABLE_TX}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_TX(*driver.loc.back()); }
{VARIABLE_TX}[:.] { BEGINX(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_TX(*driver.loc.back()); }
{RUN_TIME_VAR_BLD} { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
@ -846,24 +898,20 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
{VARIABLE_WEBSERVER_ERROR_LOG} { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
{VARIABLE_STATUS} { return p::make_VARIABLE_STATUS(*driver.loc.back()); }
{VAR_EXCLUSION} { return p::make_VAR_EXCLUSION(*driver.loc.back()); }
{VAR_COUNT} { return p::make_VAR_COUNT(*driver.loc.back()); }
}
<EXPECTING_VAR_PARAMETER>{
[\/]{DICT_ELEMENT_NO_PIPE}[\/][ ] { BEGIN(EXPECTING_VARIABLE); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][|] { BEGIN(EXPECTING_VARIABLE); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['] { BEGIN(EXPECTING_VARIABLE); yyless(yyleng - 0); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['][|] { BEGIN(EXPECTING_VARIABLE); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
{DICT_ELEMENT} { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT(yytext, *driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][ ] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][|] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['] { BEGIN_PREVIOUS(); yyless(yyleng - 0); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['][|] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
{DICT_ELEMENT} { BEGIN_PREVIOUS(); return p::make_DICT_ELEMENT(yytext, *driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][,] { BEGIN(EXPECTING_VARIABLE); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_NO_PIPE}[\/]['][,] { BEGIN(EXPECTING_VARIABLE); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
[\/]{DICT_ELEMENT_NO_PIPE}[\/][,] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
['][\/]{DICT_ELEMENT_NO_PIPE}[\/]['][,] { BEGIN_PREVIOUS(); yyless(yyleng - 1); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
. { BEGINX(LEXING_ERROR_ACTION); yyless(0); }
["] { return p::make_QUOTATION_MARK(yytext, *driver.loc.back()); }
}
@ -946,6 +994,7 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
<LEXING_ERROR>.+ { driver.error (*driver.loc.back(), "Invalid input: ", yytext); throw p::syntax_error(*driver.loc.back(), ""); }
<LEXING_ERROR_ACTION>.+ { driver.error (*driver.loc.back(), "Invalid action: ", yytext); throw p::syntax_error(*driver.loc.back(), ""); }
<LEXING_ERROR_VARIABLE>.+ { driver.error (*driver.loc.back(), "Invalid variable: ", yytext); throw p::syntax_error(*driver.loc.back(), ""); }
<<EOF>> {

68
src/run_time_string.cc Normal file
View File

@ -0,0 +1,68 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <memory>
#include "src/run_time_string.h"
#include "modsecurity/transaction.h"
#include "modsecurity/collection/variable.h"
#include "src/variables/rule.h"
#include "src/variables/tx.h"
#include "src/variables/highest_severity.h"
#include "src/utils/string.h"
namespace modsecurity {
void RunTimeString::appendText(std::string &text) {
std::unique_ptr<RunTimeElementHolder> r(new RunTimeElementHolder);
r->m_string = text;
m_elements.push_back(std::move(r));
}
void RunTimeString::appendVar(std::unique_ptr<modsecurity::Variables::Variable> var) {
std::unique_ptr<RunTimeElementHolder> r(new RunTimeElementHolder);
r->m_var = std::move(var);
m_elements.push_back(std::move(r));
}
std::string RunTimeString::evaluate(Transaction *t) {
std::string s;
//int i = 0;
for (auto &z : m_elements) {
//s.append("Element: " + std::to_string(i) + " value: ");
if (z->m_string.size() > 0) {
s.append(z->m_string);
} else if (z->m_var != NULL) {
std::vector<const collection::Variable *> l;
z->m_var->evaluate(t, NULL, &l);
if (l.size() > 0) {
s.append(l[0]->m_value);
}
for (auto &i : l) {
delete i;
}
}
//s.append(" -- ");
}
return s;
}
} // namespace modsecurity

58
src/run_time_string.h Normal file
View File

@ -0,0 +1,58 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <ctime>
#include <iostream>
#include <string>
#include <vector>
#include "modsecurity/modsecurity.h"
#include "modsecurity/transaction.h"
#include "src/variables/variable.h"
#ifndef SRC_RUN_TIME_STRING_H_
#define SRC_RUN_TIME_STRING_H_
namespace modsecurity {
class RunTimeElementHolder {
public:
RunTimeElementHolder() :
m_string("") {
m_var.reset(NULL);
};
std::unique_ptr<modsecurity::Variables::Variable> m_var;
std::string m_string;
};
class RunTimeString {
public:
RunTimeString() {
};
void appendText(std::string &text);
void appendVar(std::unique_ptr<modsecurity::Variables::Variable> var);
std::string evaluate(Transaction *t);
protected:
std::list<std::unique_ptr<RunTimeElementHolder>> m_elements;
};
} // namespace modsecurity
#endif // SRC_RUN_TIME_STRING_H_