github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-15 17:12:14 +03:00
Code Issues Packages Projects Releases Wiki Activity

Better error handling when loading configurations

Browse Source
This commit is contained in:
Felipe Zimmerle
2019-03-21 09:45:04 -03:00
parent 942de22069
commit 78d9575dd2
11 changed files with 160 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
headers/modsecurity/modsecurity.h
View File

@@ -78,6 +78,7 @@
#include <iostream>
#include <string>
#include <memory>
#include <vector>
#endif
@@ -95,6 +96,10 @@ namespace modsecurity {
*/
using ModSecString = std::string;
using RulesErrors = std::vector<std::unique_ptr<std::string>>;
using RulesWarnings = std::vector<std::unique_ptr<std::string>>;
using RuleId = int64_t;
/**

22
headers/modsecurity/rules.h
View File

@@ -40,33 +40,35 @@ class Transformation;
}
}
class Rules {
public:
void dump() const;
using container=std::vector<std::shared_ptr<Rule>>;
using iterator=typename container::iterator;
using const_iterator=typename container::const_iterator;
int append(Rules *from,
const std::vector<RuleId> &ids,
std::ostringstream *err);
int append(Rules *from);
bool insert(const std::shared_ptr<Rule> &rule);
bool insert(std::shared_ptr<Rule> rule,
const std::vector<RuleId> *ids,
std::ostringstream *err);
size_t size() const;
std::shared_ptr<Rule> operator[](int index) const;
std::shared_ptr<Rule> at(int index) const;
void fixDefaultActions();
void fixDefaultActions(RulesWarnings *warnings, RulesErrors *errors);
std::vector<std::shared_ptr<actions::Action> > m_defaultActions;
std::vector<std::shared_ptr<actions::transformations::Transformation> > m_defaultTransformations;
std::vector<std::shared_ptr<Rule> > m_rules;
void dump();
inline iterator begin() noexcept { return m_rules.begin(); }
inline const_iterator cbegin() const noexcept { return m_rules.cbegin(); }
inline iterator end() noexcept { return m_rules.end(); }
inline const_iterator cend() const noexcept { return m_rules.cend(); }
private:
container m_rules;
};

7
headers/modsecurity/rules_set.h
View File

@@ -22,6 +22,7 @@
#include <string>
#include <vector>
#include <list>
#include <memory>
#endif
@@ -42,8 +43,6 @@ namespace Parser {
class Driver;
}
/** @ingroup ModSecurity_CPP_API */
class RulesSet : public RulesSetProperties {
public:
@@ -68,12 +67,13 @@ class RulesSet : public RulesSetProperties {
int load(const char *rules);
int load(const char *rules, const std::string &ref);
void dump() const;
void dump();
int merge(Parser::Driver *driver);
int merge(RulesSet *rules);
int evaluate(int phase, Transaction *transaction);
std::string getParserError();
void debug(int level, const std::string &id, const std::string &uri,
@@ -81,6 +81,7 @@ class RulesSet : public RulesSetProperties {
RulesSetPhases m_rulesSetPhases;
private:
bool containsDuplicatedIds(RulesWarnings *warnings, RulesErrors *errors);
#ifndef NO_LOGS
uint8_t m_secmarker_skipped;
#endif

24
headers/modsecurity/rules_set_phases.h
View File

@@ -23,6 +23,7 @@
#include <string>
#include <vector>
#include <list>
#include <array>
#endif
@@ -42,18 +43,33 @@ class Driver;
/** @ingroup ModSecurity_CPP_API */
class RulesSetPhases {
public:
using container = std::array<Rules, modsecurity::Phases::NUMBER_OF_PHASES>;
using iterator = typename container::iterator;
using const_iterator = typename container::const_iterator;
bool insert(std::shared_ptr<Rule> rule);
void insert(std::shared_ptr<Rule> rule);
void append(RulesSetPhases *from);
int append(RulesSetPhases *from, std::ostringstream *err);
void dump() const;
void dump();
Rules *operator[](int index);
Rules *at(int index);
static size_t size() { return modsecurity::Phases::NUMBER_OF_PHASES; }
void fixDefaultActions(RulesWarnings *warnings, RulesErrors *errors) {
for (auto &phase : m_rulesAtPhase) {
phase.fixDefaultActions(warnings, errors);
}
}
inline iterator begin() noexcept { return m_rulesAtPhase.begin(); }
inline const_iterator cbegin() const noexcept { return m_rulesAtPhase.cbegin(); }
inline iterator end() noexcept { return m_rulesAtPhase.end(); }
inline const_iterator cend() const noexcept { return m_rulesAtPhase.cend(); }
private:
Rules m_rulesAtPhase[8];
container m_rulesAtPhase;
};

20
headers/modsecurity/rules_set_properties.h
View File

@@ -330,7 +330,9 @@ class RulesSetProperties {
static int mergeProperties(RulesSetProperties *from,
RulesSetProperties *to, std::ostringstream *err) {
RulesSetProperties *to,
RulesWarnings *warning,
RulesErrors *error) {
merge_ruleengine_value(to->m_secRuleEngine, from->m_secRuleEngine,
PropertyNotSetRuleEngine);
@@ -401,10 +403,10 @@ class RulesSetProperties {
}
if (to->m_auditLog) {
std::string error;
to->m_auditLog->merge(from->m_auditLog, &error);
if (error.size() > 0) {
*err << error;
std::string error_;
to->m_auditLog->merge(from->m_auditLog, &error_);
if (error_.size() > 0) {
error->push_back(std::unique_ptr<std::string>(new std::string(error_)));
return -1;
}
}
@@ -412,12 +414,12 @@ class RulesSetProperties {
if (from->m_debugLog && to->m_debugLog &&
from->m_debugLog->isLogFileSet()) {
if (to->m_debugLog->isLogFileSet() == false) {
std::string error;
std::string error_;
to->m_debugLog->setDebugLogFile(
from->m_debugLog->getDebugLogFile(),
&error);
if (error.size() > 0) {
*err << error;
&error_);
if (error_.size() > 0) {
error->push_back(std::unique_ptr<std::string>(new std::string(error_)));
return -1;
}
}