github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Gsb matched urls set into tx variable

Browse Source
This commit is contained in:
brenosilva
2011-03-16 15:04:17 +00:00
parent a13887065e
commit 7bd27c4000
3 changed files with 45 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
apache2/msc_util.c
View File

@@ -174,6 +174,46 @@ int convert_to_int(const char c)
return n; return n;
} }
/* \brief Set a match to tx.0
*
* \param msr
* \param capture
* \param match
*
* \retval 0 On Sucess|Fail
*/
int set_match_to_tx(modsec_rec *msr, int capture, const char *match) {
if (capture) {
int i;
msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string));
if (s == NULL) return -1;
s->name = "0";
s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, match);
if (s->value == NULL) return -1;
s->value_len = strlen(s->value);
apr_table_setn(msr->tx_vars, s->name, (void *)s);
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Added phrase match to TX.0: %s",
log_escape_nq_ex(msr->mp, s->value, s->value_len));
}
/* Unset the remaining ones (from previous invocations). */
for(i = 1; i <= 9; i++) {
char buf[2];
apr_snprintf(buf, sizeof(buf), "%d", i);
apr_table_unset(msr->tx_vars, buf);
}
}
return 0;
}
/** /**
* Parses a string that contains a name-value pair in the form "name=value". * Parses a string that contains a name-value pair in the form "name=value".
* IMP1 It does not check for whitespace between tokens. * IMP1 It does not check for whitespace between tokens.

2
apache2/msc_util.h
View File

@@ -94,6 +94,8 @@ int DSOLOCAL decode_base64_ext(char *plain_text, const char *input, int input_le
int DSOLOCAL convert_to_int(const char c); int DSOLOCAL convert_to_int(const char c);
int DSOLOCAL set_match_to_tx(modsec_rec *msr, int capture, const char *match);
int DSOLOCAL js_decode_nonstrict_inplace(unsigned char *input, long int input_len); int DSOLOCAL js_decode_nonstrict_inplace(unsigned char *input, long int input_len);
int DSOLOCAL urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_length, int * changed); int DSOLOCAL urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_length, int * changed);

37
apache2/re_operators.c
View File

@@ -1005,37 +1005,6 @@ static int msre_op_pm_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
/* gsbLookup */ /* gsbLookup */
static int set_gsb_to_tx(modsec_rec *msr, int capture, const char *match) {
if (capture) {
int i;
msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string));
if (s == NULL) return -1;
s->name = "0";
s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, match);
if (s->value == NULL) return -1;
s->value_len = strlen(s->value);
apr_table_setn(msr->tx_vars, s->name, (void *)s);
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Added phrase match to TX.0: %s",
log_escape_nq_ex(msr->mp, s->value, s->value_len));
}
/* Unset the remaining ones (from previous invocations). */
for(i = 1; i <= 9; i++) {
char buf[2];
apr_snprintf(buf, sizeof(buf), "%d", i);
apr_table_unset(msr->tx_vars, buf);
}
}
return 0;
}
static int verify_gsb(gsb_db *gsb, msre_rule *rule, const char *match, unsigned int match_length) { static int verify_gsb(gsb_db *gsb, msre_rule *rule, const char *match, unsigned int match_length) {
apr_md5_ctx_t ctx; apr_md5_ctx_t ctx;
apr_status_t rc; apr_status_t rc;
@@ -1157,7 +1126,7 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
ret = verify_gsb(gsb, rule, match, match_length); ret = verify_gsb(gsb, rule, match, match_length);
if(ret > 0) { if(ret > 0) {
set_gsb_to_tx(msr, capture, match); set_match_to_tx(msr, capture, match);
return 1; return 1;
} }
@@ -1175,7 +1144,7 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
ret = verify_gsb(gsb, rule, canon, canon_length); ret = verify_gsb(gsb, rule, canon, canon_length);
if(ret > 0) { if(ret > 0) {
set_gsb_to_tx(msr, capture, canon); set_match_to_tx(msr, capture, canon);
return 1; return 1;
} }
} }
@@ -1202,7 +1171,7 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
ret = verify_gsb(gsb, rule, canon, canon_length); ret = verify_gsb(gsb, rule, canon, canon_length);
if(ret > 0) { if(ret > 0) {
set_gsb_to_tx(msr, capture, canon); set_match_to_tx(msr, capture, canon);
return 1; return 1;
} }
} }