github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds reference to filename and line number to lexer errors

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-09-30 14:35:08 -03:00
parent 900af2cd48
commit 8255ce86ca
5 changed files with 45 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/actions/phase.cc
View File

@ -68,6 +68,16 @@ Phase::Phase(std::string action)
} }
} }
bool Phase::init(std::string *error) {
if (phase >= ModSecurity::Phases::NUMBER_OF_PHASES) {
error->assign("Unknown phase: " + std::to_string(phase));
return false;
}
return true;
}
bool Phase::evaluate(Rule *rule, Assay *assay) { bool Phase::evaluate(Rule *rule, Assay *assay) {
rule->phase = this->phase; rule->phase = this->phase;
return true; return true;

1
src/actions/phase.h
View File

@ -34,6 +34,7 @@ class Phase : public Action {
public: public:
explicit Phase(std::string action); explicit Phase(std::string action);
bool init(std::string *error) override;
bool evaluate(Rule *rule, Assay *assay) override; bool evaluate(Rule *rule, Assay *assay) override;
int phase; int phase;
int m_secRulesPhase; int m_secRulesPhase;

41
src/parser/seclang-parser.yy
View File

@ -224,6 +224,7 @@ using ModSecurity::Variables::Variable;
%token <std::string> ACTION_REDIRECT %token <std::string> ACTION_REDIRECT
%token <std::string> ACTION_SKIP_AFTER %token <std::string> ACTION_SKIP_AFTER
%token <std::string> ACTION_AUDIT_LOG %token <std::string> ACTION_AUDIT_LOG
%token <std::string> ACTION_PHASE
%token <std::string> ACTION_SEVERITY %token <std::string> ACTION_SEVERITY
%token <std::string> ACTION_SETVAR %token <std::string> ACTION_SETVAR
%token <std::string> ACTION_EXPIREVAR %token <std::string> ACTION_EXPIREVAR
@ -343,7 +344,7 @@ expression:
Operator *op = Operator::instantiate($5); Operator *op = Operator::instantiate($5);
const char *error = NULL; const char *error = NULL;
if (op->init(&error) == false) { if (op->init(&error) == false) {
driver.parserError << error; driver.error(@0, error);
YYERROR; YYERROR;
} }
Rule *rule = new Rule( Rule *rule = new Rule(
@ -362,7 +363,7 @@ expression:
Operator *op = Operator::instantiate("\"@rx " + $5 + "\""); Operator *op = Operator::instantiate("\"@rx " + $5 + "\"");
const char *error = NULL; const char *error = NULL;
if (op->init(&error) == false) { if (op->init(&error) == false) {
driver.parserError << error; driver.error(@0, error);
YYERROR; YYERROR;
} }
Rule *rule = new Rule( Rule *rule = new Rule(
@ -370,7 +371,10 @@ expression:
/* variables */ $3, /* variables */ $3,
/* actions */ $8 /* actions */ $8
); );
driver.addSecRule(rule);
if (driver.addSecRule(rule) == false) {
YYERROR;
}
} }
| CONFIG_DIR_SEC_ACTION SPACE QUOTATION_MARK actions QUOTATION_MARK | CONFIG_DIR_SEC_ACTION SPACE QUOTATION_MARK actions QUOTATION_MARK
{ {
@ -405,12 +409,12 @@ expression:
a->action_kind == Action::RunTimeBeforeMatchAttemptKind) { a->action_kind == Action::RunTimeBeforeMatchAttemptKind) {
None *none = dynamic_cast<None *>(a); None *none = dynamic_cast<None *>(a);
if (none != NULL) { if (none != NULL) {
driver.parserError << "The transformation none is not suitable to be part of the SecDefaultActions"; driver.error(@0, "The transformation none is not suitable to be part of the SecDefaultActions");
YYERROR; YYERROR;
} }
checkedActions.push_back(a); checkedActions.push_back(a);
} else { } else {
driver.parserError << "The action '" << a->action << "' is not suitable to be part of the SecDefaultActions"; driver.error(@0, "The action '" + a->action + "' is not suitable to be part of the SecDefaultActions");
YYERROR; YYERROR;
} }
} }
@ -419,7 +423,11 @@ expression:
} }
if (!driver.defaultActions[definedPhase].empty()) { if (!driver.defaultActions[definedPhase].empty()) {
driver.parserError << "SecDefaultActions can only be placed once per phase and configuration context. Phase " << secRuleDefinedPhase << " was informed already."; std::stringstream ss;
ss << "SecDefaultActions can only be placed once per phase and configuration context. Phase ";
ss << secRuleDefinedPhase;
ss << " was informed already.";
driver.error(@0, ss.str());
YYERROR; YYERROR;
} }
@ -469,8 +477,10 @@ expression:
if (driver.m_debugLog != NULL) { if (driver.m_debugLog != NULL) {
driver.m_debugLog->setDebugLogLevel(atoi($1.c_str())); driver.m_debugLog->setDebugLogLevel(atoi($1.c_str()));
} else { } else {
driver.parserError << "Internal error, there is no DebugLog "; std::stringstream ss;
driver.parserError << "object associated with the driver class"; ss << "Internal error, there is no DebugLog ";
ss << "object associated with the driver class";
driver.error(@0, ss.str());
YYERROR; YYERROR;
} }
} }
@ -479,8 +489,10 @@ expression:
if (driver.m_debugLog != NULL) { if (driver.m_debugLog != NULL) {
driver.m_debugLog->setDebugLogFile($1); driver.m_debugLog->setDebugLogFile($1);
} else { } else {
driver.parserError << "Internal error, there is no DebugLog "; std::stringstream ss;
driver.parserError << "object associated with the driver class"; ss << "Internal error, there is no DebugLog ";
ss << "object associated with the driver class";
driver.error(@0, ss.str());
YYERROR; YYERROR;
} }
} }
@ -699,6 +711,15 @@ act:
YYERROR; YYERROR;
} }
} }
| ACTION_PHASE
{
std::string error;
$$ = new Phase($1);
if ($$->init(&error) == false) {
driver.error(@0, error);
YYERROR;
}
}
| ACTION_INITCOL | ACTION_INITCOL
{ {
$$ = Action::instantiate($1); $$ = Action::instantiate($1);

4
src/parser/seclang-scanner.ll
View File

@ -272,7 +272,7 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
} }
{ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); } {ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); }
{ACTION_PHASE} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); } {ACTION_PHASE} { return yy::seclang_parser::make_ACTION_PHASE(yytext, *driver.loc.back()); }
{ACTION_SKIP_AFTER}:{FREE_TEXT} { return yy::seclang_parser::make_ACTION_SKIP_AFTER(strchr(yytext, ':') + 1, *driver.loc.back()); } {ACTION_SKIP_AFTER}:{FREE_TEXT} { return yy::seclang_parser::make_ACTION_SKIP_AFTER(strchr(yytext, ':') + 1, *driver.loc.back()); }
{ACTION_AUDIT_LOG} { return yy::seclang_parser::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); } {ACTION_AUDIT_LOG} { return yy::seclang_parser::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); }
@ -398,7 +398,7 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file.")); driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file."));
throw yy::seclang_parser::syntax_error(*driver.loc.back(), ""); throw yy::seclang_parser::syntax_error(*driver.loc.back(), "");
} }
driver.ref.push_back(file); driver.ref.push_back(s.c_str());
driver.loc.push_back(new yy::location()); driver.loc.push_back(new yy::location());
yypush_buffer_state(yy_create_buffer( yyin, YY_BUF_SIZE )); yypush_buffer_state(yy_create_buffer( yyin, YY_BUF_SIZE ));

1
test/benchmark/basic_rules.conf
View File

@ -1,2 +1,3 @@
include "owasp-modsecurity-crs-orig/modsecurity_crs_10_setup.conf" include "owasp-modsecurity-crs-orig/modsecurity_crs_10_setup.conf"
include "owasp-modsecurity-crs-orig/rules/*.conf"