Cleanup on Action class

2025-11-16 01:22:18 +03:00 · 2019-03-15 01:56:40 -03:00
parent 7da4c9a007
commit 7bbc5c3441
112 changed files with 299 additions and 308 deletions
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -42,10 +42,6 @@ pkginclude_HEADERS = \
 	../headers/modsecurity/intervention.h \
 	../headers/modsecurity/modsecurity.h \
 	../headers/modsecurity/rule.h \
-	../headers/modsecurity/rule_marker.h \
-	../headers/modsecurity/rule_unconditional.h \
-	../headers/modsecurity/rule_with_actions.h \
-	../headers/modsecurity/rule_with_operator.h \
 	../headers/modsecurity/rules.h \
 	../headers/modsecurity/rule_message.h \
 	../headers/modsecurity/rules_set.h \
@@ -287,6 +283,7 @@ libmodsecurity_la_SOURCES = \
 	debug_log/debug_log_writer.cc \
 	run_time_string.cc \
 	rule.cc \
+	rules.cc \
 	rule_unconditional.cc \
 	rule_with_actions.cc \
 	rule_with_operator.cc \
--- a/src/actions/accuracy.cc
+++ b/src/actions/accuracy.cc
@@ -21,7 +21,7 @@
 #include "modsecurity/actions/action.h"
 #include "modsecurity/transaction.h"
 #include "modsecurity/rule.h"
-
+#include "modsecurity/rule_with_actions.h"

 namespace modsecurity {
 namespace actions {
--- a/src/actions/block.cc
+++ b/src/actions/block.cc
@@ -24,6 +24,7 @@
 #include "modsecurity/rule.h"
 #include "modsecurity/intervention.h"
 #include "src/actions/data/status.h"
+#include "modsecurity/rule_with_actions.h"

 namespace modsecurity {
 namespace actions {
--- a/src/actions/chain.cc
+++ b/src/actions/chain.cc
@@ -20,6 +20,8 @@

 #include "modsecurity/transaction.h"
 #include "modsecurity/rule.h"
+#include "modsecurity/rule_with_actions.h"
+

 namespace modsecurity {
 namespace actions {
--- a/src/actions/maturity.cc
+++ b/src/actions/maturity.cc
@@ -21,7 +21,7 @@
 #include "modsecurity/actions/action.h"
 #include "modsecurity/transaction.h"
 #include "modsecurity/rule.h"
-
+#include "modsecurity/rule_with_actions.h"

 namespace modsecurity {
 namespace actions {
--- a/src/actions/phase.cc
+++ b/src/actions/phase.cc
@@ -22,6 +22,7 @@
 #include "modsecurity/rule.h"
 #include "modsecurity/modsecurity.h"
 #include "src/utils/string.h"
+#include "modsecurity/rule_with_actions.h"


 namespace modsecurity {
--- a/src/actions/rev.cc
+++ b/src/actions/rev.cc
@@ -21,6 +21,7 @@
 #include "modsecurity/actions/action.h"
 #include "modsecurity/transaction.h"
 #include "modsecurity/rule.h"
+#include "modsecurity/rule_with_actions.h"


 namespace modsecurity {
--- a/src/actions/rule_id.cc
+++ b/src/actions/rule_id.cc
@@ -20,6 +20,8 @@

 #include "modsecurity/transaction.h"
 #include "modsecurity/rule.h"
+#include "modsecurity/rule_with_actions.h"
+

 namespace modsecurity {
 namespace actions {
--- a/src/actions/set_env.cc
+++ b/src/actions/set_env.cc
@@ -21,6 +21,8 @@
 #include "modsecurity/transaction.h"
 #include "modsecurity/rule.h"
 #include "src/utils/string.h"
+#include "modsecurity/rule_with_actions.h"
+

 namespace modsecurity {
 namespace actions {
--- a/src/actions/set_var.cc
+++ b/src/actions/set_var.cc
@@ -30,6 +30,7 @@
 #include "src/variables/tx.h"
 #include "src/variables/user.h"
 #include "src/variables/variable.h"
+#include "modsecurity/rule_with_operator.h"

 namespace modsecurity {
 namespace actions {
--- a/src/actions/transformations/base64_decode.cc
+++ b/src/actions/transformations/base64_decode.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void Base64Decode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    std::string value(in.c_str(), in.size());
    std::string ret = Utils::Base64::decode(value);
    out.assign(ret.c_str(), ret.size());
--- a/src/actions/transformations/base64_decode.h
+++ b/src/actions/transformations/base64_decode.h
@@ -34,8 +34,8 @@ class Base64Decode : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/base64_decode_ext.cc
+++ b/src/actions/transformations/base64_decode_ext.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void Base64DecodeExt::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    std::string ret = Utils::Base64::decode_forgiven(in.c_str());
    out.assign(ret.c_str(), ret.size());
 }
--- a/src/actions/transformations/base64_decode_ext.h
+++ b/src/actions/transformations/base64_decode_ext.h
@@ -34,8 +34,8 @@ class Base64DecodeExt : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/base64_encode.cc
+++ b/src/actions/transformations/base64_encode.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void Base64Encode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    std::string ret = Utils::Base64::encode(
        std::string(in.c_str(), in.size()));
    out.assign(ret.c_str(), ret.size());
--- a/src/actions/transformations/base64_encode.h
+++ b/src/actions/transformations/base64_encode.h
@@ -34,8 +34,8 @@ class Base64Encode : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/cmd_line.cc
+++ b/src/actions/transformations/cmd_line.cc
@@ -32,8 +32,8 @@ namespace transformations {


 void CmdLine::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    int space = 0;

    for (auto& a : in) {
--- a/src/actions/transformations/cmd_line.h
+++ b/src/actions/transformations/cmd_line.h
@@ -34,8 +34,8 @@ class CmdLine : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/compress_whitespace.cc
+++ b/src/actions/transformations/compress_whitespace.cc
@@ -32,8 +32,8 @@ namespace transformations {


 void CompressWhitespace::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    int inWhiteSpace = 0;
    size_t i = 0;
    out.reserve(in.size());
--- a/src/actions/transformations/compress_whitespace.h
+++ b/src/actions/transformations/compress_whitespace.h
@@ -34,8 +34,8 @@ class CompressWhitespace : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/css_decode.cc
+++ b/src/actions/transformations/css_decode.cc
@@ -35,17 +35,19 @@ namespace transformations {


 void CssDecode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
+    size_t s = in.size();
+
    char *tmp = reinterpret_cast<char *>(
-        malloc(sizeof(char) * in.size() + 1));
-    memcpy(tmp, in.c_str(), in.size() + 1);
-    tmp[in.size()] = '\0';
+        malloc(sizeof(char) * s + 1));
+    memcpy(tmp, in.c_str(), s + 1);
+    tmp[s] = '\0';

-    CssDecode::css_decode_inplace(reinterpret_cast<unsigned char *>(tmp),
-        in.size());
+    size_t r = CssDecode::css_decode_inplace(reinterpret_cast<unsigned char *>(tmp),
+        s);

-    out.assign(tmp, 0, in.size());
+    out.assign(tmp, r);
    free(tmp);
 }

--- a/src/actions/transformations/css_decode.h
+++ b/src/actions/transformations/css_decode.h
@@ -35,8 +35,8 @@ class CssDecode : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static int css_decode_inplace(unsigned char *input, int64_t input_len);
 };
--- a/src/actions/transformations/escape_seq_decode.cc
+++ b/src/actions/transformations/escape_seq_decode.cc
@@ -136,8 +136,8 @@ int EscapeSeqDecode::ansi_c_sequences_decode_inplace(unsigned char *input,


 void EscapeSeqDecode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *tmp = (unsigned char *) malloc(sizeof(char)
        * in.size() + 1);
    memcpy(tmp, in.c_str(), in.size() + 1);
--- a/src/actions/transformations/escape_seq_decode.h
+++ b/src/actions/transformations/escape_seq_decode.h
@@ -34,8 +34,8 @@ class EscapeSeqDecode : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len);
 };
--- a/src/actions/transformations/hex_decode.cc
+++ b/src/actions/transformations/hex_decode.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void HexDecode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *input;
    int size = 0;

--- a/src/actions/transformations/hex_decode.h
+++ b/src/actions/transformations/hex_decode.h
@@ -34,8 +34,8 @@ class HexDecode : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static int inplace(unsigned char *data, int len);
 };
--- a/src/actions/transformations/hex_encode.cc
+++ b/src/actions/transformations/hex_encode.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void HexEncode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    std::stringstream result;
    for (std::size_t i=0; i < in.length(); i++) {
        int ii = reinterpret_cast<char>(in[i]);
--- a/src/actions/transformations/hex_encode.h
+++ b/src/actions/transformations/hex_encode.h
@@ -34,8 +34,8 @@ class HexEncode : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

 };

--- a/src/actions/transformations/html_entity_decode.cc
+++ b/src/actions/transformations/html_entity_decode.cc
@@ -34,8 +34,8 @@ namespace transformations {


 void HtmlEntityDecode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *input;

    input = reinterpret_cast<unsigned char *>
--- a/src/actions/transformations/html_entity_decode.h
+++ b/src/actions/transformations/html_entity_decode.h
@@ -37,8 +37,8 @@ class HtmlEntityDecode : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static int inplace(unsigned char *input, uint64_t input_len);
 };
--- a/src/actions/transformations/js_decode.cc
+++ b/src/actions/transformations/js_decode.cc
@@ -35,8 +35,8 @@ namespace transformations {


 void JsDecode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *input;

    input = reinterpret_cast<unsigned char *>
--- a/src/actions/transformations/js_decode.h
+++ b/src/actions/transformations/js_decode.h
@@ -34,8 +34,8 @@ class JsDecode : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static int inplace(unsigned char *input, uint64_t input_len);
 };
--- a/src/actions/transformations/length.cc
+++ b/src/actions/transformations/length.cc
@@ -32,8 +32,8 @@ namespace transformations {


 void Length::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    out.assign(std::to_string(in.size()).c_str());
 }

--- a/src/actions/transformations/length.h
+++ b/src/actions/transformations/length.h
@@ -34,8 +34,8 @@ class Length : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/lower_case.cc
+++ b/src/actions/transformations/lower_case.cc
@@ -28,8 +28,8 @@ namespace transformations {


 void LowerCase::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    std::locale loc;
    out.resize(in.size());
    for (std::string::size_type i=0; i < in.size(); ++i) {
--- a/src/actions/transformations/lower_case.h
+++ b/src/actions/transformations/lower_case.h
@@ -36,8 +36,8 @@ class LowerCase : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/md5.cc
+++ b/src/actions/transformations/md5.cc
@@ -32,8 +32,8 @@ namespace transformations {


 void Md5::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    std::string ret = Utils::Md5::digest(std::string(in.c_str(), in.size()));

    out.assign(ret.c_str(), ret.size());
--- a/src/actions/transformations/md5.h
+++ b/src/actions/transformations/md5.h
@@ -34,8 +34,8 @@ class Md5 : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/none.cc
+++ b/src/actions/transformations/none.cc
@@ -32,8 +32,8 @@ namespace transformations {


 void None::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) { }
+    ModSecString &in,
+    ModSecString &out) { }


 }  // namespace transformations
--- a/src/actions/transformations/none.h
+++ b/src/actions/transformations/none.h
@@ -32,11 +32,15 @@ class None : public Transformation {
 public:
    explicit None(const std::string &action) 
        : Transformation(action)
-        { m_isNone = true; }
+        {  }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
+
+    bool isNone() override {
+        return true;
+    }
 };

 }  // namespace transformations
--- a/src/actions/transformations/normalise_path.cc
+++ b/src/actions/transformations/normalise_path.cc
@@ -34,8 +34,8 @@ namespace transformations {


 void NormalisePath::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    int changed = 0;

    char *tmp = reinterpret_cast<char *>(
--- a/src/actions/transformations/normalise_path.h
+++ b/src/actions/transformations/normalise_path.h
@@ -34,8 +34,8 @@ class NormalisePath : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static int normalize_path_inplace(unsigned char *input, int input_len,
        int win, int *changed);
--- a/src/actions/transformations/normalise_path_win.cc
+++ b/src/actions/transformations/normalise_path_win.cc
@@ -35,8 +35,8 @@ namespace transformations {


 void NormalisePathWin::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    int changed;

    char *tmp = reinterpret_cast<char *>(
--- a/src/actions/transformations/normalise_path_win.h
+++ b/src/actions/transformations/normalise_path_win.h
@@ -34,8 +34,8 @@ class NormalisePathWin : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/parity_even_7bit.cc
+++ b/src/actions/transformations/parity_even_7bit.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void ParityEven7bit::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *input;

    input = reinterpret_cast<unsigned char *>
--- a/src/actions/transformations/parity_even_7bit.h
+++ b/src/actions/transformations/parity_even_7bit.h
@@ -34,8 +34,8 @@ class ParityEven7bit : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static bool inplace(unsigned char *input, uint64_t input_len);
 };
--- a/src/actions/transformations/parity_odd_7bit.cc
+++ b/src/actions/transformations/parity_odd_7bit.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void ParityOdd7bit::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *input;

    input = reinterpret_cast<unsigned char *>
--- a/src/actions/transformations/parity_odd_7bit.h
+++ b/src/actions/transformations/parity_odd_7bit.h
@@ -34,8 +34,8 @@ class ParityOdd7bit : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static bool inplace(unsigned char *input, uint64_t input_len);
 };
--- a/src/actions/transformations/parity_zero_7bit.cc
+++ b/src/actions/transformations/parity_zero_7bit.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void ParityZero7bit::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *input;

    input = reinterpret_cast<unsigned char *>
--- a/src/actions/transformations/parity_zero_7bit.h
+++ b/src/actions/transformations/parity_zero_7bit.h
@@ -34,8 +34,8 @@ class ParityZero7bit : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static bool inplace(unsigned char *input, uint64_t input_len);
 };
--- a/src/actions/transformations/remove_comments.cc
+++ b/src/actions/transformations/remove_comments.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void RemoveComments::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *input;

    input = reinterpret_cast<unsigned char *>
--- a/src/actions/transformations/remove_comments.h
+++ b/src/actions/transformations/remove_comments.h
@@ -35,8 +35,8 @@ class RemoveComments : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;;
+        ModSecString &in,
+        ModSecString &out) override;;
 };


--- a/src/actions/transformations/remove_comments_char.cc
+++ b/src/actions/transformations/remove_comments_char.cc
@@ -32,8 +32,8 @@ namespace transformations {


 void RemoveCommentsChar::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    int64_t i;
    out = in;

--- a/src/actions/transformations/remove_comments_char.h
+++ b/src/actions/transformations/remove_comments_char.h
@@ -34,8 +34,8 @@ class RemoveCommentsChar : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/remove_nulls.cc
+++ b/src/actions/transformations/remove_nulls.cc
@@ -34,8 +34,8 @@ namespace transformations {


 void RemoveNulls::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    int64_t i;
    out = in;

--- a/src/actions/transformations/remove_nulls.h
+++ b/src/actions/transformations/remove_nulls.h
@@ -34,8 +34,8 @@ class RemoveNulls : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/remove_whitespace.cc
+++ b/src/actions/transformations/remove_whitespace.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void RemoveWhitespace::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    out = in;
    int64_t i = 0;

--- a/src/actions/transformations/remove_whitespace.h
+++ b/src/actions/transformations/remove_whitespace.h
@@ -34,8 +34,8 @@ class RemoveWhitespace : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/replace_comments.cc
+++ b/src/actions/transformations/replace_comments.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void ReplaceComments::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    uint64_t i, j, incomment;

    char *input = reinterpret_cast<char *>(
--- a/src/actions/transformations/replace_comments.h
+++ b/src/actions/transformations/replace_comments.h
@@ -34,8 +34,8 @@ class ReplaceComments : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/replace_nulls.cc
+++ b/src/actions/transformations/replace_nulls.cc
@@ -32,8 +32,8 @@ namespace transformations {


 void ReplaceNulls::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    int64_t i;
    out = in;

--- a/src/actions/transformations/replace_nulls.h
+++ b/src/actions/transformations/replace_nulls.h
@@ -34,8 +34,8 @@ class ReplaceNulls : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/sha1.cc
+++ b/src/actions/transformations/sha1.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void Sha1::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {

    auto a = Utils::Sha1::digest(
            std::string(in.c_str(), in.size())
--- a/src/actions/transformations/sha1.h
+++ b/src/actions/transformations/sha1.h
@@ -34,8 +34,8 @@ class Sha1 : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/sql_hex_decode.cc
+++ b/src/actions/transformations/sql_hex_decode.cc
@@ -42,8 +42,8 @@ namespace transformations {
 #endif

 void SqlHexDecode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *input;
    int size = 0;

--- a/src/actions/transformations/sql_hex_decode.h
+++ b/src/actions/transformations/sql_hex_decode.h
@@ -34,8 +34,8 @@ class SqlHexDecode : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static int inplace(unsigned char *data, int len);

--- a/src/actions/transformations/transformation.cc
+++ b/src/actions/transformations/transformation.cc
@@ -114,6 +114,7 @@ Transformation* Transformation::instantiate(std::string a) {
    return new Transformation(a);
 }

+
 }  // namespace transformations
 }  // namespace actions
 }  // namespace modsecurity
--- a/src/actions/transformations/transformation.h
+++ b/src/actions/transformations/transformation.h
@@ -32,12 +32,7 @@ class Transformation : public Action {
    explicit Transformation(const std::string& _action)
        : Action(_action, RunTimeBeforeMatchAttemptKind) { }

-    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override {
-            // FIXME: this should be remove as soon as #1974 got fixed.
-            out.assign(in.c_str(), in.length());
-    }
+    virtual bool isNone() { return false; }

    static Transformation* instantiate(std::string a);
 };
--- a/src/actions/transformations/trim.cc
+++ b/src/actions/transformations/trim.cc
@@ -31,27 +31,27 @@ namespace actions {
 namespace transformations {


-void Trim::ltrim(ModSecStackString *s) {
+void Trim::ltrim(ModSecString *s) {
    s->erase(s->begin(), std::find_if(s->begin(), s->end(),
        std::not1(std::ptr_fun<int, int>(std::isspace))));
 }


-void Trim::rtrim(ModSecStackString *s) {
+void Trim::rtrim(ModSecString *s) {
    s->erase(std::find_if(s->rbegin(), s->rend(),
        std::not1(std::ptr_fun<int, int>(std::isspace))).base(), s->end());
 }


-void Trim::trim(ModSecStackString *s) {
+void Trim::trim(ModSecString *s) {
    rtrim(s);
    ltrim(s);
 }


 void Trim::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    out = in;
    trim(&out);
 };
--- a/src/actions/transformations/trim.h
+++ b/src/actions/transformations/trim.h
@@ -34,12 +34,12 @@ class Trim : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

-    void ltrim(ModSecStackString *s);
-    void rtrim(ModSecStackString *s);
-    void trim(ModSecStackString *s);
+    void ltrim(ModSecString *s);
+    void rtrim(ModSecString *s);
+    void trim(ModSecString *s);
 };

 }  // namespace transformations
--- a/src/actions/transformations/trim_left.cc
+++ b/src/actions/transformations/trim_left.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void TrimLeft::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    out = in;
    ltrim(&out);
 };
--- a/src/actions/transformations/trim_left.h
+++ b/src/actions/transformations/trim_left.h
@@ -35,8 +35,8 @@ class TrimLeft : public Trim {
        : Trim(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/trim_right.cc
+++ b/src/actions/transformations/trim_right.cc
@@ -32,8 +32,8 @@ namespace transformations {


 void TrimRight::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    out = in;
    rtrim(&out);
 };
--- a/src/actions/transformations/trim_right.h
+++ b/src/actions/transformations/trim_right.h
@@ -35,8 +35,8 @@ class TrimRight : public Trim {
        : Trim(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/upper_case.cc
+++ b/src/actions/transformations/upper_case.cc
@@ -28,8 +28,8 @@ namespace transformations {


 void UpperCase::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    std::locale loc;
    out.reserve(in.size());
    for (std::string::size_type i=0; i < in.size(); ++i) {
--- a/src/actions/transformations/upper_case.h
+++ b/src/actions/transformations/upper_case.h
@@ -36,8 +36,8 @@ class UpperCase : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/url_decode.cc
+++ b/src/actions/transformations/url_decode.cc
@@ -33,8 +33,8 @@ namespace transformations {


 void UrlDecode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *val(NULL);
    int invalid_count = 0;
    int changed;
--- a/src/actions/transformations/url_decode.h
+++ b/src/actions/transformations/url_decode.h
@@ -36,8 +36,8 @@ class UrlDecode : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;
 };

 }  // namespace transformations
--- a/src/actions/transformations/url_decode_uni.cc
+++ b/src/actions/transformations/url_decode_uni.cc
@@ -39,8 +39,8 @@ namespace transformations {


 void UrlDecodeUni::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    unsigned char *input;

    input = reinterpret_cast<unsigned char *>
--- a/src/actions/transformations/url_decode_uni.h
+++ b/src/actions/transformations/url_decode_uni.h
@@ -35,8 +35,8 @@ class UrlDecodeUni : public Transformation {
        : Transformation(action) { }

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static int inplace(unsigned char *input, uint64_t input_len,
        Transaction *transaction);
--- a/src/actions/transformations/url_encode.cc
+++ b/src/actions/transformations/url_encode.cc
@@ -82,8 +82,8 @@ std::string UrlEncode::url_enc(const char *input,


 void UrlEncode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {
    int changed;

    std::string ret = url_enc(in.c_str(), in.size(), &changed);
--- a/src/actions/transformations/url_encode.h
+++ b/src/actions/transformations/url_encode.h
@@ -34,8 +34,8 @@ class UrlEncode : public Transformation {
        : Transformation(action) { };

    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static std::string url_enc(const char *input,
        unsigned int input_len, int *changed);
--- a/src/actions/transformations/utf8_to_unicode.cc
+++ b/src/actions/transformations/utf8_to_unicode.cc
@@ -34,8 +34,8 @@ namespace transformations {


 void Utf8ToUnicode::execute(Transaction *t,
-    ModSecStackString &in,
-    ModSecStackString &out) {
+    ModSecString &in,
+    ModSecString &out) {

    unsigned char *input;
    int changed = 0;
--- a/src/actions/transformations/utf8_to_unicode.h
+++ b/src/actions/transformations/utf8_to_unicode.h
@@ -40,8 +40,8 @@ class Utf8ToUnicode : public Transformation {


    void execute(Transaction *t,
-        ModSecStackString &in,
-        ModSecStackString &out) override;
+        ModSecString &in,
+        ModSecString &out) override;

    static char *inplace(unsigned char *input, uint64_t input_len,
        int *changed);
--- a/src/actions/ver.cc
+++ b/src/actions/ver.cc
@@ -21,6 +21,7 @@
 #include "modsecurity/actions/action.h"
 #include "modsecurity/transaction.h"
 #include "modsecurity/rule.h"
+#include "modsecurity/rule_with_actions.h"


 namespace modsecurity {
--- a/src/engine/lua.cc
+++ b/src/engine/lua.cc
@@ -439,8 +439,8 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t,
                    "t:" + std::string(name));
            // FIXME: transformation is not yet returning null.
            if (tfn) {
-                ModSecStackString in;
-                ModSecStackString out;
+                ModSecString in;
+                ModSecString out;
                in.assign(newVar.c_str(), newVar.size());
                tfn->execute(t, in, out);
                newVar.assign(out.c_str(), out.size());
@@ -465,8 +465,8 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t,

        // FIXME: transformation is not yet returning null.
        if (tfn) {
-            ModSecStackString in;
-            ModSecStackString out;
+            ModSecString in;
+            ModSecString out;
            in.assign(newVar.c_str(), newVar.size());
            tfn->execute(t, in, out);
            newVar.assign(out.c_str(), out.size());
--- a/src/modsecurity.cc
+++ b/src/modsecurity.cc
@@ -305,8 +305,8 @@ int ModSecurity::processContentOffset(const char *content, size_t len,

    while (!trans.empty()) {
        modsecurity::actions::transformations::Transformation *t;
-        ModSecStackString in;
-        ModSecStackString out;
+        ModSecString in;
+        ModSecString out;

        yajl_gen_map_open(g);
        yajl_gen_string(g,
--- a/src/operators/detect_sqli.cc
+++ b/src/operators/detect_sqli.cc
@@ -20,6 +20,8 @@

 #include "src/operators/operator.h"
 #include "others/libinjection/src/libinjection.h"
+#include "modsecurity/rule_with_actions.h"
+

 namespace modsecurity {
 namespace operators {
--- a/src/operators/detect_xss.cc
+++ b/src/operators/detect_xss.cc
@@ -19,6 +19,7 @@

 #include "src/operators/operator.h"
 #include "others/libinjection/src/libinjection.h"
+#include "modsecurity/rule_with_actions.h"


 namespace modsecurity {
--- a/src/operators/pm.cc
+++ b/src/operators/pm.cc
@@ -28,6 +28,8 @@
 #include "src/operators/operator.h"
 #include "src/utils/acmp.h"
 #include "src/utils/string.h"
+#include "modsecurity/rule_with_actions.h"
+

 namespace modsecurity {
 namespace operators {
--- a/src/operators/rbl.cc
+++ b/src/operators/rbl.cc
@@ -25,6 +25,8 @@

 #include "modsecurity/rules_set.h"
 #include "src/operators/operator.h"
+#include "modsecurity/rule_with_actions.h"
+

 namespace modsecurity {
 namespace operators {
--- a/src/operators/rx.cc
+++ b/src/operators/rx.cc
@@ -22,6 +22,8 @@
 #include "src/operators/operator.h"
 #include "modsecurity/rule.h"
 #include "modsecurity/rule_message.h"
+#include "modsecurity/rule_with_actions.h"
+

 namespace modsecurity {
 namespace operators {
--- a/src/operators/verify_cc.cc
+++ b/src/operators/verify_cc.cc
@@ -21,6 +21,8 @@
 #include <vector>

 #include "src/operators/operator.h"
+#include "modsecurity/rule_with_actions.h"
+

 #if PCRE_HAVE_JIT
 #define pcre_study_opt PCRE_STUDY_JIT_COMPILE
--- a/src/operators/verify_cpf.cc
+++ b/src/operators/verify_cpf.cc
@@ -19,6 +19,8 @@
 #include <list>

 #include "src/operators/operator.h"
+#include "modsecurity/rule_with_actions.h"
+

 namespace modsecurity {
 namespace operators {
--- a/src/operators/verify_ssn.cc
+++ b/src/operators/verify_ssn.cc
@@ -20,6 +20,8 @@
 #include <list>

 #include "src/operators/operator.h"
+#include "modsecurity/rule_with_actions.h"
+

 namespace modsecurity {
 namespace operators {
--- a/src/operators/verify_svnr.cc
+++ b/src/operators/verify_svnr.cc
@@ -9,6 +9,7 @@
 #include "modsecurity/rule_message.h"
 #include "modsecurity/rules_set_properties.h"

+#include "modsecurity/rule_with_actions.h"

 namespace modsecurity {
 namespace operators {
--- a/src/parser/seclang-parser.cc
+++ b/src/parser/seclang-parser.cc
@@ -2416,8 +2416,8 @@ namespace yy {
                definedPhase = phase->m_phase;
                secRuleDefinedPhase = phase->m_secRulesPhase;
                delete phase;
-            } else if (a->action_kind == actions::Action::RunTimeOnlyIfMatchKind ||
-                a->action_kind == actions::Action::RunTimeBeforeMatchAttemptKind) {
+            } else if (a->m_actionKind == actions::Action::RunTimeOnlyIfMatchKind ||
+                a->m_actionKind == actions::Action::RunTimeBeforeMatchAttemptKind) {
                                actions::transformations::None *none = dynamic_cast<actions::transformations::None *>(a);
                if (none != NULL) {
                    driver.error(yystack_[2].location, "The transformation none is not suitable to be part of the SecDefaultActions");
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -18,6 +18,8 @@ class Driver;
 }

 #include "modsecurity/rule_unconditional.h"
+#include "modsecurity/rule_with_operator.h"
+#include "modsecurity/rule_with_actions.h"
 #include "src/rule_script.h"

 #include "src/actions/accuracy.h"
@@ -1191,8 +1193,8 @@ expression:
                definedPhase = phase->m_phase;
                secRuleDefinedPhase = phase->m_secRulesPhase;
                delete phase;
-            } else if (a->action_kind == actions::Action::RunTimeOnlyIfMatchKind ||
-                a->action_kind == actions::Action::RunTimeBeforeMatchAttemptKind) {
+            } else if (a->m_actionKind == actions::Action::RunTimeOnlyIfMatchKind ||
+                a->m_actionKind == actions::Action::RunTimeBeforeMatchAttemptKind) {
                                actions::transformations::None *none = dynamic_cast<actions::transformations::None *>(a);
                if (none != NULL) {
                    driver.error(@0, "The transformation none is not suitable to be part of the SecDefaultActions");
--- a/src/rule_script.h
+++ b/src/rule_script.h
@@ -32,6 +32,8 @@
 #include "src/actions/log_data.h"
 #include "src/actions/severity.h"
 #include "src/variables/variable.h"
+#include "modsecurity/rule_with_actions.h"
+

 #ifndef SRC_RULE_SCRIPT_H_
 #define SRC_RULE_SCRIPT_H_
--- a/src/rule_with_actions.cc
+++ b/src/rule_with_actions.cc
@@ -104,12 +104,7 @@ RuleWithActions::RuleWithActions(
 }

 void RuleWithActions::addDefaultAction(std::shared_ptr<actions::Action> a) {
-    if (a->action_kind == Action::ConfigurationKind) {
-        a->execute(this, NULL);
-        return;
-    }
-
-    if (a->action_kind == Action::ConfigurationKind) {
+    if (a->m_actionKind == Action::ConfigurationKind) {
        if (dynamic_cast<actions::Accuracy *>(a.get())) {
            actions::Accuracy *accuracy = dynamic_cast<actions::Accuracy *>(a.get());
            m_defaultAccuracy = accuracy->getAccuracy();
@@ -122,7 +117,7 @@ void RuleWithActions::addDefaultAction(std::shared_ptr<actions::Action> a) {
        return;
    }

-    if (a->action_kind == Action::RunTimeOnlyIfMatchKind) {
+    if (a->m_actionKind == Action::RunTimeOnlyIfMatchKind) {
        if (dynamic_cast<actions::Capture *>(a.get())) {
            m_defaultContainsCaptureAction = true;
        } else if (dynamic_cast<actions::MultiMatch *>(a.get())) {
@@ -163,7 +158,7 @@ void RuleWithActions::addDefaultAction(std::shared_ptr<actions::Action> a) {
 }

 void RuleWithActions::addAction(actions::Action *a) {
-    if (a->action_kind == Action::ConfigurationKind) {
+    if (a->m_actionKind == Action::ConfigurationKind) {
        if (dynamic_cast<actions::Accuracy *>(a)) {
            actions::Accuracy *accuracy = dynamic_cast<actions::Accuracy *>(a);
            m_accuracy = accuracy->getAccuracy();
@@ -177,7 +172,7 @@ void RuleWithActions::addAction(actions::Action *a) {
        return;
    }

-    if (a->action_kind == Action::RunTimeOnlyIfMatchKind) {
+    if (a->m_actionKind == Action::RunTimeOnlyIfMatchKind) {
        if (dynamic_cast<actions::Capture *>(a)) {
            m_containsCaptureAction = true;
            delete a;
@@ -269,7 +264,7 @@ void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans) {

 #if 0
    for (auto &a : trans->m_rules->m_defaultActions[getPhase()]) {
-        if (a.get()->action_kind != actions::Action::RunTimeOnlyIfMatchKind) {
+        if (a.get()->m_actionKind != actions::Action::RunTimeOnlyIfMatchKind) {
            continue;
        }
        if (!a.get()->isDisruptive()) {
@@ -364,7 +359,7 @@ void RuleWithActions::executeTransformations(
    TransformationsResults &results) {
    int none = 0;

-    ModSecStackString ssin;
+    ModSecString ssin;
    ssin.assign(in.c_str());

    TransformationResult a = TransformationResult(&ssin);
@@ -375,9 +370,8 @@ void RuleWithActions::executeTransformations(
    std::shared_ptr<std::string> value =
        std::shared_ptr<std::string>(new std::string(in));

-
-    for (Action *action : getTransformationPtr()) {
-        if (action->m_isNone) {
+    for (Transformation *action : getTransformationPtr()) {
+        if (action->isNone()) {
            none++;
        }
    }
@@ -386,7 +380,7 @@ void RuleWithActions::executeTransformations(
        if (none == 0) {
            executeTransformation(trans, &results, t);
        }
-        if (t->m_isNone) {
+        if (t->isNone()) {
            none--;
        }
    }
@@ -399,7 +393,7 @@ void RuleWithActions::executeTransformations(
            continue;
        }
        Transformation *t = dynamic_cast<Transformation*>(b.second.get());
-        if (t->m_isNone) {
+        if (t->isNone()) {
            none++;
        }
    }
@@ -413,7 +407,7 @@ void RuleWithActions::executeTransformations(
        if (none == 0) {
            executeTransformation(trans, &results, t);
        }
-        if (t->m_isNone) {
+        if (t->isNone()) {
            none--;
        }
    }
@@ -447,11 +441,11 @@ void RuleWithActions::executeTransformation(

 void RuleWithActions::executeTransformation(
    Transaction *transaction,
-    ModSecStackString in,
+    ModSecString in,
    TransformationsResults *ret,
    Transformation *transformation) {

-    ModSecStackString out;
+    ModSecString out;
    transformation->execute(transaction, in, out);

    ms_dbg_a(transaction, 9, " T (" + std::to_string(ret->size() - 1) + ") " + \
--- a/Show More
+++ b/Show More