Adds PoC about 1-time variable resolution and draft for offset

There is no need for the variable purely associated with the transaction (transient) be part of collection that demands lookups. Also, those variables will held the concept of offset: The offset from the first byte of the request till the start of the variable.
2025-08-13 13:26:01 +03:00 · 2017-01-12 15:27:42 -03:00 · 2017-01-12 15:27:42 -03:00 · 703da3c4f0
commit 703da3c4f0
parent 6abbb7e91e
7 changed files with 2389 additions and 2301 deletions
--- a/headers/modsecurity/transaction.h
+++ b/headers/modsecurity/transaction.h
@ -86,8 +86,51 @@ class Operator;
 }


+class AnchoredVariable {
+ public:
+    AnchoredVariable(Transaction *t, std::string name)
+        : m_offset(0),
+        m_name(name),
+        m_transaction(t),
+        m_value("") { }
+    size_t m_offset;
+    std::string m_value;
+    Transaction *m_transaction;
+    std::string m_name;
+
+    void set(const std::string &a, size_t offset) {
+        m_value = a;
+        m_offset = offset;
+    }
+
+    void append(const std::string &a, size_t offset,
+        bool spaceSeparator = false) {
+        if (spaceSeparator && !m_value.empty()) {
+            m_value.append(" " + a);
+        } else {
+            m_value.append(a);
+        }
+        m_offset = offset;
+    }
+
+    void evaluate(std::vector<const collection::Variable *> *l) {
+        l->push_back(new collection::Variable(&m_name,
+            &m_value));
+    }
+};
+
+
+class TransactionAnchoredVariables {
+ public:
+    TransactionAnchoredVariables(Transaction *t)
+        : m_variableArgsNames(t, "ARG_NAMES") { }
+
+    AnchoredVariable m_variableArgsNames;
+};
+
+
 /** @ingroup ModSecurity_CPP_API */
-class Transaction {
+class Transaction : public TransactionAnchoredVariables {
 public:
    Transaction(ModSecurity *transaction, Rules *rules, void *logCbData);
    ~Transaction();
@ -376,7 +419,6 @@ class Transaction {

 private:
    std::string *m_ARGScombinedSizeStr;
-    std::string *m_namesArgs;
    std::string *m_namesArgsGet;
    std::string *m_namesArgsPost;
    std::string *m_requestHeadersNames;
--- a/src/Makefile.am
+++ b/src/Makefile.am
@ -66,6 +66,7 @@ noinst_HEADERS = \


 VARIABLES = \
+	variables/args_names.cc \
 	variables/duration.cc \
 	variables/env.cc \
 	variables/highest_severity.cc \
--- a/src/parser/seclang-parser.cc
+++ b/src/parser/seclang-parser.cc
--- a/src/parser/seclang-parser.hh
+++ b/src/parser/seclang-parser.hh
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@ -144,6 +144,7 @@ class Driver;
 #include "src/utils/geo_lookup.h"
 #include "src/utils/string.h"
 #include "src/utils/system.h"
+#include "src/variables/args_names.h"
 #include "src/variables/xml.h"
 #include "src/variables/duration.h"
 #include "src/variables/env.h"
@ -257,6 +258,7 @@ using modsecurity::operators::Operator;
  COMMA    ","
  PIPE
  NEW_LINE
+  VARIABLE_ARGS_NAMES   "Variable ARGS_NAMES"
 ;

 %token <std::string>
@ -1135,7 +1137,12 @@ variables:
    ;

 var:
-    VARIABLE
+    VARIABLE_ARGS_NAMES
+      {
+        std::unique_ptr<Variable> c(new Variables::ArgsNames());
+        $$ = std::move(c);
+      }
+    | VARIABLE
      {
        std::string name($1);
        char z = name.at(0);
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@ -244,7 +244,8 @@ RUN_TIME_VAR_TIME_WDAY                  (?i:TIME_WDAY)
 RUN_TIME_VAR_TIME_YEAR                  (?i:TIME_YEAR)
 RUN_TIME_VAR_XML                        (?i:XML)
 VARIABLENOCOLON                         (?i:URLENCODED_ERROR|REQBODY_PROCESSOR_ERROR_MSG|REQBODY_PROCESSOR_ERROR|REQBODY_PROCESSOR|REQBODY_ERROR_MSG|REQBODY_ERROR|MULTIPART_FILE_LIMIT_EXCEEDED|MULTIPART_INVALID_QUOTING|MULTIPART_HEADER_FOLDING|MULTIPART_INVALID_HEADER_FOLDING|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
-VARIABLE                                (?i:(SERVER_NAME|MULTIPART_DATA_AFTER|RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_TMPNAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|USERID|SESSIONID))
+VARIABLE                                (?i:(SERVER_NAME|MULTIPART_DATA_AFTER|RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_TMPNAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|USERID|SESSIONID))
+VARIABLE_ARGS_NAMES                     (?i:ARGS_NAMES)
 VARIABLE_COL                            (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|REQUEST_COOKIES_NAMES))
 VARIABLE_STATUS                         (?i:(STATUS[^:]))
 VARIABLE_TX                             (?i:TX)
@ -487,6 +488,8 @@ NEW_LINE                                [\n\r]+


 <EXPECTING_VARIABLE>{
+{VARIABLE_ARGS_NAMES}   { return p::make_VARIABLE_ARGS_NAMES(*driver.loc.back()); }
+
 [!&]?{RUN_TIME_VAR_BLD}                                                 { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
 [!&]?{RUN_TIME_VAR_DUR}                                                 { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
 [!&]?{RUN_TIME_VAR_ENV}(\:[\']{FREE_TEXT_QUOTE}[\'])?                   { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
--- a/src/transaction.cc
+++ b/src/transaction.cc
@ -111,7 +111,6 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
    m_highestSeverityAction(255),
    m_ARGScombinedSize(0),
    m_ARGScombinedSizeStr(NULL),
-    m_namesArgs(NULL),
    m_namesArgsPost(NULL),
    m_namesArgsGet(NULL),
    m_requestBodyType(UnknownFormat),
@ -130,15 +129,14 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
        ms->m_session_collection, ms->m_user_collection,
        ms->m_resource_collection),
    m_json(new RequestBodyProcessor::JSON(this)),
-    m_xml(new RequestBodyProcessor::XML(this)) {
+    m_xml(new RequestBodyProcessor::XML(this)),
+    TransactionAnchoredVariables(this) {
    m_id = std::to_string(this->m_timeStamp) + \
        std::to_string(modsecurity::utils::generate_transaction_unique_id());
    m_rules->incrementReferenceCount();

    m_collections.store("ARGS_COMBINED_SIZE", std::string("0"));
    m_ARGScombinedSizeStr = m_collections.resolveFirst("ARGS_COMBINED_SIZE");
-    m_collections.store("ARGS_NAMES", std::string(""));
-    this->m_namesArgs = m_collections.resolveFirst("ARGS_NAMES");
    m_collections.store("ARGS_POST_NAMES", std::string(""));
    this->m_namesArgsPost = m_collections.resolveFirst("ARGS_POST_NAMES");
    m_collections.store("ARGS_GET_NAMES", std::string(""));
@ -328,11 +326,8 @@ bool Transaction::addArgument(const std::string& orig, const std::string& key,
        }
    }

-    if (m_namesArgs->empty()) {
-        m_namesArgs->assign(key);
-    } else {
-        m_namesArgs->assign(*m_namesArgs + " " + key);
-    }
+    m_variableArgsNames.append(key, 0, true);
+

    this->m_ARGScombinedSize = this->m_ARGScombinedSize + \
        key.length() + value.length();