github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 03:34:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Creates RuleUnconditional

Browse Source 
Makes RuleScript child of RuleWithActions instead of Operator
This commit is contained in:
Felipe Zimmerle
2019-02-19 21:31:35 -03:00
parent f63bd1a45d
commit 7a48245aed
94 changed files with 1315 additions and 1167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/rules_set.cc
View File

@@ -135,13 +135,13 @@ int RulesSet::evaluate(int phase, Transaction *t) {
for (int i = 0; i < rules->size(); i++) {
// FIXME: This is not meant to be here. At the end of this refactoring,
// the shared pointer won't be used.
std::shared_ptr<Rule> rule = rules->at(i);
auto rule = rules->at(i);
if (t->isInsideAMarker() && !rule->isMarker()) {
ms_dbg_a(t, 9, "Skipped rule id '" + rule->getReference() \
+ "' due to a SecMarker: " + *t->getCurrentMarker());
} else if (rule->isMarker()) {
rule->evaluate(t, NULL);
rule->evaluate(t);
} else if (t->m_skip_next > 0) {
t->m_skip_next--;
ms_dbg_a(t, 9, "Skipped rule id '" + rule->getReference() \
@@ -153,18 +153,19 @@ int RulesSet::evaluate(int phase, Transaction *t) {
+ "' as request trough the utilization of an `allow' action.");
} else {
Rule *base = rule.get();
RuleWithOperator *ruleWithOperator = dynamic_cast<RuleWithOperator *>(base);
if (m_exceptions.contains(ruleWithOperator->m_ruleId)) {
RuleWithActions *ruleWithActions = dynamic_cast<RuleWithActions *>(base);
// FIXME: Those should be treated inside the rule itself
if (ruleWithActions && m_exceptions.contains(ruleWithActions->m_ruleId)) {
ms_dbg_a(t, 9, "Skipped rule id '" + rule->getReference() \
+ "'. Removed by an SecRuleRemove directive.");
continue;
}
bool remove_rule = false;
if (m_exceptions.m_remove_rule_by_msg.empty() == false) {
if (ruleWithActions && m_exceptions.m_remove_rule_by_msg.empty() == false) {
for (auto &z : m_exceptions.m_remove_rule_by_msg) {
if (ruleWithOperator->containsMsg(z, t) == true) {
if (ruleWithActions->containsMsg(z, t) == true) {
ms_dbg_a(t, 9, "Skipped rule id '" \
+ ruleWithOperator->getReference() \
+ ruleWithActions->getReference() \
+ "'. Removed by a SecRuleRemoveByMsg directive.");
remove_rule = true;
break;
@@ -175,11 +176,11 @@ int RulesSet::evaluate(int phase, Transaction *t) {
}
}
if (m_exceptions.m_remove_rule_by_tag.empty() == false) {
if (ruleWithActions && m_exceptions.m_remove_rule_by_tag.empty() == false) {
for (auto &z : m_exceptions.m_remove_rule_by_tag) {
if (ruleWithOperator->containsTag(z, t) == true) {
if (ruleWithActions->containsTag(z, t) == true) {
ms_dbg_a(t, 9, "Skipped rule id '" \
+ ruleWithOperator->getReference() \
+ ruleWithActions->getReference() \
+ "'. Removed by a SecRuleRemoveByTag directive.");
remove_rule = true;
break;
@@ -190,11 +191,12 @@ int RulesSet::evaluate(int phase, Transaction *t) {
}
}
if (t->m_ruleRemoveByTag.empty() == false) {
if (ruleWithActions) {
for (auto &z : t->m_ruleRemoveByTag) {
if (ruleWithOperator->containsTag(z, t) == true) {
if (ruleWithActions->containsTag(z, t) == true) {
ms_dbg_a(t, 9, "Skipped rule id '" \
+ ruleWithOperator->getReference() \
+ ruleWithActions->getReference() \
+ "'. Skipped due to a ruleRemoveByTag action.");
remove_rule = true;
break;
@@ -205,8 +207,9 @@ int RulesSet::evaluate(int phase, Transaction *t) {
}
}
rule->evaluate(t, NULL);
rule->evaluate(t);
if (t->m_it.disruptive > 0) {
ms_dbg_a(t, 8, "Skipping this phase as this " \
"request was already intercepted.");
break;