From 714df8db207614d8ae8f8593ca0c0db73aa639af Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Wed, 10 Feb 2016 13:34:41 -0300 Subject: [PATCH] Adds support to the action `accuracy' --- headers/modsecurity/rule.h | 5 ++-- src/Makefile.am | 1 + src/actions/accuracy.cc | 47 ++++++++++++++++++++++++++++++++++++ src/actions/accuracy.h | 45 ++++++++++++++++++++++++++++++++++ src/parser/seclang-parser.yy | 4 ++- src/rule.cc | 1 + 6 files changed, 100 insertions(+), 3 deletions(-) create mode 100644 src/actions/accuracy.cc create mode 100644 src/actions/accuracy.h diff --git a/headers/modsecurity/rule.h b/headers/modsecurity/rule.h index a4289064..5af5d2e2 100644 --- a/headers/modsecurity/rule.h +++ b/headers/modsecurity/rule.h @@ -80,6 +80,7 @@ class Rule { std::string m_log_message; std::string m_log_data; + int m_accuracy; private: bool m_unconditional; @@ -93,12 +94,12 @@ class RuleMessage { m_ruleLine = rule->m_lineNumber; m_ruleId = rule->rule_id; m_rev = rule->m_rev; + m_accuracy = rule->m_accuracy; m_message = std::string(""); m_data = std::string(""); m_severity = 0; m_ver = rule->m_ver; m_maturity = 0; - m_accuracy = 0; m_rule = rule; }; RuleMessage(Rule *rule, std::string message) { @@ -106,12 +107,12 @@ class RuleMessage { m_ruleLine = rule->m_lineNumber; m_ruleId = rule->rule_id; m_rev = rule->m_rev; + m_accuracy = rule->m_accuracy; m_message = message; m_data = std::string(""); m_severity = 0; m_ver = rule->m_ver; m_maturity = 0; - m_accuracy = 0; m_rule = rule; }; diff --git a/src/Makefile.am b/src/Makefile.am index 717eea4f..9150417f 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -62,6 +62,7 @@ VARIABLES = \ ACTIONS = \ + actions/accuracy.cc \ actions/action.cc \ actions/audit_log.cc \ actions/block.cc \ diff --git a/src/actions/accuracy.cc b/src/actions/accuracy.cc new file mode 100644 index 00000000..c9fbf7af --- /dev/null +++ b/src/actions/accuracy.cc @@ -0,0 +1,47 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + +#include "actions/accuracy.h" + +#include +#include + +#include "actions/action.h" +#include "modsecurity/transaction.h" +#include "src/utils.h" +#include "modsecurity/rule.h" +#include "src/macro_expansion.h" + +namespace modsecurity { +namespace actions { + +Accuracy::Accuracy(std::string action) + : Action(action, ConfigurationKind), + m_accuracy_str(action) { + if (m_accuracy_str.at(0) == '\'') { + m_accuracy_str.erase(0, 1); + m_accuracy_str.pop_back(); + } + m_accuracy = std::stoi(m_accuracy_str); +} + + +bool Accuracy::evaluate(Rule *rule, Transaction *transaction) { + rule->m_accuracy = m_accuracy; + return true; +} + +} // namespace actions +} // namespace modsecurity diff --git a/src/actions/accuracy.h b/src/actions/accuracy.h new file mode 100644 index 00000000..8a1b697d --- /dev/null +++ b/src/actions/accuracy.h @@ -0,0 +1,45 @@ +/* + * ModSecurity, http://www.modsecurity.org/ + * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/) + * + * You may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * If any of the files related to licensing are missing or if you have any + * other questions related to licensing please contact Trustwave Holdings, Inc. + * directly using the email address security@modsecurity.org. + * + */ + +#include + +#include "actions/action.h" + +#ifndef SRC_ACTIONS_ACCURACY_H_ +#define SRC_ACTIONS_ACCURACY_H_ + +class Transaction; + +namespace modsecurity { +class Transaction; +namespace actions { + + +class Accuracy : public Action { + public: + explicit Accuracy(std::string action); + + bool evaluate(Rule *rule, Transaction *transaction) override; + + private: + std::string m_accuracy_str; + int m_accuracy; +}; + + +} // namespace actions +} // namespace modsecurity + +#endif // SRC_ACTIONS_ACCURACY_H_ diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy index 8349e843..57c1d505 100644 --- a/src/parser/seclang-parser.yy +++ b/src/parser/seclang-parser.yy @@ -19,6 +19,7 @@ class Driver; #include "modsecurity/modsecurity.h" +#include "actions/accuracy.h" #include "actions/action.h" #include "actions/audit_log.h" #include "actions/ctl_audit_log_parts.h" @@ -60,6 +61,7 @@ class Driver; using modsecurity::ModSecurity; +using modsecurity::actions::Accuracy; using modsecurity::actions::Action; using modsecurity::actions::CtlAuditLogParts; using modsecurity::actions::InitCol; @@ -837,7 +839,7 @@ act: } | ACTION_ACCURACY { - $$ = Action::instantiate($1); + $$ = new Accuracy($1); } | ACTION_EXEC { diff --git a/src/rule.cc b/src/rule.cc index 0183c7bf..42fb4fa3 100644 --- a/src/rule.cc +++ b/src/rule.cc @@ -79,6 +79,7 @@ Rule::Rule(std::string marker) op(NULL), rule_id(0), phase(-1), + m_accuracy(0), m_unconditional(false), m_secmarker(true), m_marker(marker),