Adds support to action `exec' to sec lang parser

2025-08-14 05:45:59 +03:00 · 2016-01-12 10:57:06 -03:00 · 2016-01-12 10:57:06 -03:00 · 702551ed42
commit 702551ed42
parent 331df90bab
2 changed files with 28 additions and 1 deletions
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@ -227,6 +227,7 @@ using modsecurity::Variables::Tx;
 %token <std::string> FREE_TEXT
 %token <std::string> ACTION
 %token <std::string> ACTION_ACCURACY
+%token <std::string> ACTION_EXEC
 %token <std::string> ACTION_ALLOW
 %token <std::string> ACTION_REDIRECT
 %token <std::string> ACTION_SKIP_AFTER
@ -827,6 +828,24 @@ act:
      {
        $$ = Action::instantiate($1);
      }
+    | ACTION_EXEC
+      {
+        /*
+
+        TODO: exec is not implemented yet.
+
+        std::string error;
+        Allow *exec = new Exec($1);
+
+        if (exec->init(&error) == false) {
+            driver.parserError << error;
+            YYERROR;
+        }
+
+        $$ = exec;
+        */
+        $$ = Action::instantiate($1);
+      }
    | ACTION_ALLOW
      {
        /*
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@ -23,7 +23,7 @@ using modsecurity::split;
 %}
 %option noyywrap nounput batch debug noinput

-ACTION          (?i:accuracy|append|block|capture|chain|deny|deprecatevar|drop|exec|expirevar|id:[0-9]+|id:'[0-9]+'|log|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setrsc|setenv|status:[0-9]+|xmlns)
+ACTION          (?i:accuracy|append|block|capture|chain|deny|deprecatevar|drop|expirevar|id:[0-9]+|id:'[0-9]+'|log|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setrsc|setenv|status:[0-9]+|xmlns)
 ACTION_ALLOW    (?i:allow)
 ACTION_INITCOL  (?i:initcol)

@ -33,6 +33,7 @@ ACTION_SKIP (?i:skip)
 ACTION_SKIP_AFTER (?i:skipAfter)
 ACTION_PHASE    ((?i:phase:(?i:REQUEST|RESPONSE|LOGGING|[0-9]+))|(?i:phase:'(?i:REQUEST|RESPONSE|LOGGING|[0-9]+)'))
 ACTION_AUDIT_LOG (?i:auditlog)
+ACTION_EXEC     (?i:exec)
 ACTION_SEVERITY (?i:severity)
 ACTION_SEVERITY_VALUE (?i:(EMERGENCY|ALERT|CRITICAL|ERROR|WARNING|NOTICE|INFO|DEBUG)|[0-9]+)
 ACTION_SETVAR   (?i:setvar)
@ -315,6 +316,13 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
 {ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE}       { return yy::seclang_parser::make_ACTION_SEVERITY(yytext + 9, *driver.loc.back()); }
 {ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}'     { return yy::seclang_parser::make_ACTION_SEVERITY(std::string(yytext, 10, yyleng - 11), *driver.loc.back()); }

+{ACTION_EXEC}:'{VAR_FREE_TEXT_QUOTE}'              {
+                                    return yy::seclang_parser::make_ACTION_EXEC(strchr(yytext, ':') + 1, *driver.loc.back());
+                                         }
+
+{ACTION_EXEC}:{VAR_FREE_TEXT_SPACE_COMMA}  {
+                                    return yy::seclang_parser::make_ACTION_EXEC(strchr(yytext, ':') + 1, *driver.loc.back());
+                                         }

 {ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}'  {
                                    return yy::seclang_parser::make_ACTION_EXPIREVAR(strchr(yytext, ':') + 1, *driver.loc.back());