Merge branch 'v3/master' into v3/sonarmemleakfix

test/benchmark/basic_rules.conf

@@ -1,5 +1,3 @@
 
 Include "../../modsecurity.conf-recommended"
 
-Include "owasp-v3/crs-setup.conf.example"
-Include "owasp-v3/rules/*.conf"

test/benchmark/download-owasp-v2-rules.sh

@@ -1,53 +0,0 @@
-#!/bin/bash
-#
-#
-
-git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git owasp-v2
-
-echo 'Include "owasp-v2/base_rules/*.conf"' >> basic_rules.conf
-echo 'Include "owasp-v2/optional_rules/*.conf"' >> basic_rules.conf
-echo 'Include "owasp-v2/experimental_rules/*.conf"' >> basic_rules.conf
-echo 'Include "owasp-v2/slr_rules/modsecurity_crs_46_slr_et_xss_attacks.conf"' >> basic_rules.conf
-echo 'Include "owasp-v2/slr_rules/modsecurity_crs_46_slr_et_sqli_attacks.conf"' >> basic_rules.conf
-echo 'Include "owasp-v2/slr_rules/modsecurity_crs_46_slr_et_rfi_attacks.conf"' >> basic_rules.conf
-
-
-# Content injection not support in modsec v3
-rm owasp-v2/optional_rules/modsecurity_crs_43_csrf_protection.conf
-
-
-# Slow dos is not yet supported
-rm owasp-v2/experimental_rules/modsecurity_crs_11_slow_dos_protection.conf
-
-
-# WEBSERVER_ERROR_LOG is not supported in v3.
-cat owasp-v2/base_rules/modsecurity_crs_20_protocol_violations.conf | sed 's/SecRule WEBSERVER_ERROR_LOG/#SecRule WEBSERVER_ERROR_LOG/g' > owasp-v2/base_rules/modsecurity_crs_20_protocol_violations.conf.tmp
-mv owasp-v2/base_rules/modsecurity_crs_20_protocol_violations.conf.tmp owasp-v2/base_rules/modsecurity_crs_20_protocol_violations.conf
-
-
-# Apache specific configuration.
-cat owasp-v2/optional_rules/modsecurity_crs_49_header_tagging.conf | sed 's/RequestHeader/#RequestHeader/g' > owasp-v2/optional_rules/modsecurity_crs_49_header_tagging.conf.tmp
-mv owasp-v2/optional_rules/modsecurity_crs_49_header_tagging.conf.tmp owasp-v2/optional_rules/modsecurity_crs_49_header_tagging.conf
-
-cat owasp-v2/optional_rules/modsecurity_crs_55_application_defects.conf | sed 's/Header edit/#Header edit/g' > owasp-v2/optional_rules/modsecurity_crs_55_application_defects.conf.tmp
-mv owasp-v2/optional_rules/modsecurity_crs_55_application_defects.conf.tmp owasp-v2/optional_rules/modsecurity_crs_55_application_defects.conf
-
-cat owasp-v2/experimental_rules/modsecurity_crs_42_csp_enforcement.conf | sed 's/Header set/#Header set/g' > owasp-v2/experimental_rules/modsecurity_crs_42_csp_enforcement.conf.tmp
-mv owasp-v2/experimental_rules/modsecurity_crs_42_csp_enforcement.conf.tmp owasp-v2/experimental_rules/modsecurity_crs_42_csp_enforcement.conf
-
-
-# Disables SecGeoLookupDb
-cat owasp-v2/experimental_rules/modsecurity_crs_61_ip_forensics.conf | sed 's/SecGeoLookupDb/#SecGeoLookupDb/g' > owasp-v2/experimental_rules/modsecurity_crs_61_ip_forensics.conf.tmp
-mv owasp-v2/experimental_rules/modsecurity_crs_61_ip_forensics.conf.tmp owasp-v2/experimental_rules/modsecurity_crs_61_ip_forensics.conf
-
-cat owasp-v2/experimental_rules/modsecurity_crs_11_proxy_abuse.conf | sed 's/SecGeoLookupDb/#SecGeoLookupDb/g' > owasp-v2/experimental_rules/modsecurity_crs_11_proxy_abuse.conf.tmp
-mv owasp-v2/experimental_rules/modsecurity_crs_11_proxy_abuse.conf.tmp owasp-v2/experimental_rules/modsecurity_crs_11_proxy_abuse.conf
-
-
-# STREAM_OUTPUT_BODY is not supported
-cat owasp-v2/experimental_rules/modsecurity_crs_40_appsensor_detection_point_2.9_honeytrap.conf | sed 's/SecRule STREAM_OUTPUT_BODY/#SecRule STREAM_OUTPUT_BODY/g' > owasp-v2/experimental_rules/modsecurity_crs_40_appsensor_detection_point_2.9_honeytrap.conf.tmp
-mv owasp-v2/experimental_rules/modsecurity_crs_40_appsensor_detection_point_2.9_honeytrap.conf.tmp owasp-v2/experimental_rules/modsecurity_crs_40_appsensor_detection_point_2.9_honeytrap.conf
-
-
-echo "Done."
-

test/benchmark/download-owasp-v3-rules.sh

@@ -1,10 +1,6 @@
 #!/bin/bash
 
-
-git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git owasp-v3
-cd owasp-v3
-git checkout v3.0.2 -b tag3.0.2
-cd -
+git clone -c advice.detachedHead=false --depth 1 --branch v3.0.2 https://github.com/coreruleset/coreruleset.git owasp-v3
 
 echo 'Include "owasp-v3/crs-setup.conf.example"' >> basic_rules.conf
 echo 'Include "owasp-v3/rules/*.conf"' >> basic_rules.conf

test/benchmark/download-owasp-v4-rules.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+git clone -c advice.detachedHead=false --depth 1 --branch v4.3.0 https://github.com/coreruleset/coreruleset.git owasp-v4
+
+echo 'Include "owasp-v4/crs-setup.conf.example"' >> basic_rules.conf
+echo 'Include "owasp-v4/rules/*.conf"' >> basic_rules.conf
+
+echo "Done."
+

test/common/modsecurity_test.cc

@@ -46,7 +46,7 @@ std::string ModSecurityTest<T>::header() {
 }
 
 template <class T>
-bool ModSecurityTest<T>::load_test_json(std::string file) {
+bool ModSecurityTest<T>::load_test_json(const std::string &file) {
     char errbuf[1024];
     yajl_val node;
 
@@ -76,13 +76,12 @@ bool ModSecurityTest<T>::load_test_json(std::string file) {
         u->filename = file;
 
         if (this->count(u->filename + ":" + u->name) == 0) {
-            std::vector<T *> *vector = new std::vector<T *>;
-            vector->push_back(u);
+            auto vec = new std::vector<T *>;
+            vec->push_back(u);
             std::string filename(u->filename + ":" + u->name);
-            std::pair<std::string, std::vector<T*>*> a(filename, vector);
-            this->insert(a);
+            this->insert({filename, vec});
         } else {
-            std::vector<T *> *vec = this->at(u->filename + ":" + u->name);
+            auto vec = this->at(u->filename + ":" + u->name);
             vec->push_back(u);
         }
     }
@@ -95,7 +94,7 @@ bool ModSecurityTest<T>::load_test_json(std::string file) {
 
 template <class T>
 std::pair<std::string, std::vector<T *>>*
-ModSecurityTest<T>::load_tests(std::string path) {
+ModSecurityTest<T>::load_tests(const std::string &path) {
     DIR *dir;
     struct dirent *ent;
     struct stat buffer;

test/common/modsecurity_test.h

@@ -39,8 +39,8 @@ template <class T> class ModSecurityTest :
     std::string header();
     void cmd_options(int, char **);
     std::pair<std::string, std::vector<T *>>* load_tests();
-    std::pair<std::string, std::vector<T *>>* load_tests(std::string path);
-    bool load_test_json(std::string);
+    std::pair<std::string, std::vector<T *>>* load_tests(const std::string &path);
+    bool load_test_json(const std::string &file);
 
     std::string target;
     bool verbose = false;

test/cppcheck_suppressions.txt

@@ -1,22 +1,12 @@
 //
 // Ignore libinjection related stuff.
 //
-*:others/libinjection/src/libinjection_html5.c
-*:others/libinjection/src/libinjection_sqli.c
-*:others/libinjection/src/libinjection_xss.c
-*:others/libinjection/src/reader.c
-*:others/libinjection/src/sqli_cli.c
-*:others/libinjection/src/testdriver.c
-*:others/libinjection/src/test_speed_sqli.c
-*:others/libinjection/src/test_speed_xss.c
-
+*:others/libinjection/src/*
 
 //
 // Lets ignore mbedtls.
 //
-*:others/mbedtls/base64.c
-*:others/mbedtls/md5.c
-*:others/mbedtls/sha1.c
+*:others/mbedtls/*
 
 
 //
@@ -25,48 +15,11 @@
 shiftNegative:src/utils/msc_tree.cc
 *:src/utils/acmp.cc
 *:src/utils/msc_tree.cc
-invalidScanfArgType_int:src/rules_set_properties.cc:101
-invalidScanfArgType_int:src/rules_set_properties.cc:102
 
 
 // 
 // ModSecurity v3 code...
 // 
-unmatchedSuppression:src/utils/geo_lookup.cc:82
-useInitializationList:src/utils/shared_files.h:87
-unmatchedSuppression:src/utils/msc_tree.cc
-functionStatic:headers/modsecurity/transaction.h:408
-duplicateBranch:src/audit_log/audit_log.cc:226
-unreadVariable:src/request_body_processor/multipart.cc:435
-stlcstrParam:src/audit_log/writer/parallel.cc:145
-functionStatic:src/engine/lua.h:70
-functionStatic:src/engine/lua.h:71
-functionConst:src/utils/geo_lookup.h:49
-useInitializationList:src/operators/rbl.h:69
-constStatement:test/common/modsecurity_test.cc:82
-danglingTemporaryLifetime:src/modsecurity.cc:206
-functionStatic:src/operators/geo_lookup.h:35
-duplicateBreak:src/operators/validate_utf8_encoding.cc
-syntaxError:src/transaction.cc:62
-noConstructor:src/variables/variable.h:152
-danglingTempReference:src/modsecurity.cc:206
-knownConditionTrueFalse:src/operators/validate_url_encoding.cc:77
-knownConditionTrueFalse:src/operators/verify_svnr.cc:87
-rethrowNoCurrentException:headers/modsecurity/transaction.h:313
-rethrowNoCurrentException:src/rule_with_actions.cc:127
-ctunullpointer:src/rule_with_actions.cc:244
-ctunullpointer:src/rule_with_operator.cc:135
-ctunullpointer:src/rule_with_operator.cc:95
-passedByValue:test/common/modsecurity_test.cc:49
-passedByValue:test/common/modsecurity_test.cc:98
-unreadVariable:src/rule_with_operator.cc:219
-
-uninitvar:src/operators/verify_cpf.cc:77
-uninitvar:src/operators/verify_svnr.cc:67
-
-functionConst:src/collection/backend/lmdb.h:86
-unusedLabel:src/collection/backend/lmdb.cc:297
-
 variableScope:src/operators/rx.cc
 variableScope:src/operators/rx_global.cc
 
@@ -101,5 +54,4 @@ stlcstrStream
 uselessCallsSubstr
 
 // Examples
-memleak:examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h:147
 memleak:examples/using_bodies_in_chunks/simple_request.cc

test/custom-test-driver

@@ -42,9 +42,9 @@ print_usage ()
 {
   cat <<END
 Usage:
-  test-driver --test-name=NAME --log-file=PATH --trs-file=PATH
-              [--expect-failure={yes|no}] [--color-tests={yes|no}]
-              [--enable-hard-errors={yes|no}] [--]
+  test-driver --test-name NAME --log-file PATH --trs-file PATH
+              [--expect-failure {yes|no}] [--color-tests {yes|no}]
+              [--enable-hard-errors {yes|no}] [--]
               TEST-SCRIPT [TEST-SCRIPT-ARGUMENTS]
 The '--test-name', '--log-file' and '--trs-file' options are mandatory.
 END

test/fuzzer/afl_fuzzer.cc

@@ -114,7 +114,11 @@ using namespace modsecurity;
 
 #include <stdio.h>
 #include <stdlib.h>
+#ifndef WIN32
 #include <unistd.h>
+#else
+#include <io.h>
+#endif
 #include <signal.h>
 #include <string.h>
 

test/regression/regression.cc

@@ -15,7 +15,11 @@
 
 #include <string.h>
 
+#ifndef WIN32
 #include <unistd.h>
+#else
+#include <io.h>
+#endif
 
 #include <ctime>
 #include <iostream>
@@ -60,13 +64,11 @@ bool contains(const std::string &s, const std::string &pattern) {
 
 void clearAuditLog(const std::string &filename) {
     if (!filename.empty()) {
-        std::ifstream file;
-        file.open(filename.c_str(), std::ifstream::out | std::ifstream::trunc);
+        std::ofstream file{filename.c_str(), std::ofstream::out | std::ofstream::trunc};
         if (!file.is_open() || file.fail()) {
             std::cout << std::endl << "Failed to clear previous contents of audit log: " \
                 << filename << std::endl;
         }
-        file.close();
     }
 }
 std::string getAuditLogContent(const std::string &filename) {
@@ -307,6 +309,10 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
         modsec_transaction->processConnection(t->clientIp.c_str(),
             t->clientPort, t->serverIp.c_str(), t->serverPort);
 
+        if (t->hostname != "") {
+            modsec_transaction->setRequestHostName(t->hostname);
+        }
+
         actions(&r, modsec_transaction, &serverLog);
 #if 0
         if (r.status != 200) {
@@ -484,15 +490,12 @@ int main(int argc, char **argv) {
 #if defined(WITH_GEOIP) or defined(WITH_MAXMIND)
     resources.push_back("geoip-or-maxmind");
 #endif
-
 #if defined(WITH_MAXMIND)
     resources.push_back("maxmind");
 #endif
-
 #if defined(WITH_GEOIP)
     resources.push_back("geoip");
 #endif
-
 #ifdef WITH_CURL
     resources.push_back("curl");
 #endif
@@ -502,10 +505,14 @@ int main(int argc, char **argv) {
 #ifdef WITH_LUA
     resources.push_back("lua");
 #endif
+#ifdef WITH_LIBXML2
+    resources.push_back("libxml2");
+#endif
 
 #ifdef NO_LOGS
     std::cout << "Test utility cannot work without logging support." \
         << std::endl;
+    return 0;
 #else
     test.cmd_options(argc, argv);
     if (!test.m_automake_output && !test.m_count_all) {
@@ -605,7 +612,6 @@ int main(int argc, char **argv) {
         delete vec;
     }
 
+    return failed;
 #endif
-
-    return 0;
 }

test/regression/regression_test.cc

@@ -134,6 +134,9 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) {
                 if (strcmp(key2, "port") == 0) {
                     u->serverPort = YAJL_GET_INTEGER(val2);
                 }
+                if (strcmp(key2, "hostname") == 0) {
+                    u->hostname = YAJL_GET_STRING(val2);
+                }
             }
         }
         if (strcmp(key, "request") == 0) {

test/regression/regression_test.h

@@ -61,6 +61,7 @@ class RegressionTest {
     std::string serverIp;
     int clientPort;
     int serverPort;
+    std::string hostname;
 
     std::string method;
     std::string httpVersion;

test/test-cases/regression/action-ctl_request_body_processor.json

@@ -2,6 +2,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing CtlRequestBodyProcessor=XML (1)",
     "expected":{
       "debug_log": "Registered XML namespace href \"http://schemas.xmlsoap.org/soap/envelope/\" prefix \"soap\""
@@ -71,6 +72,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing CtlRequestBodyProcessor=XML (2)",
     "expected":{
       "debug_log": "Rule returned 0"
@@ -139,6 +141,7 @@
    {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing CtlRequestBodyProcessor=XML (3)",
     "expected":{
       "debug_log": "XML: Failed parsing document."

test/test-cases/regression/action-xmlns.json

@@ -38,6 +38,7 @@
     {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser (validate ok)",
     "expected":{
       "debug_log": "Target value: \"39.95\" \\(Variable: XML:\/bookstore\/book\/price\\[text\\(\\)\\]\\)"

test/test-cases/regression/config-body_limits.json

@@ -578,6 +578,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"SecRequestBodyNoFilesLimit - xml, limit exceeded",
     "client":{
       "ip":"200.249.12.31",
@@ -626,6 +627,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"SecRequestBodyNoFilesLimit - xml, limit not exceeded",
     "client":{
       "ip":"200.249.12.31",

test/test-cases/regression/config-xml_external_entity.json

@@ -2,6 +2,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing SecXMLExternalEntity/XXE 1",
     "expected":{
       "debug_log": "Target value: \" jo smith\""
@@ -47,6 +48,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing SecXMLExternalEntity/XXE 2",
     "expected":{
       "debug_log": "XML: Failed to load DTD: test-cases/data/SoapEnvelope.dtd",
@@ -94,6 +96,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing SecXMLExternalEntity/XXE 3",
     "expected":{
       "debug_log": "XML Error: No declaration for element bookstore",

test/test-cases/regression/fn-setHostname.json

@@ -0,0 +1,41 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing function :: setRequestHostName",
+    "client": {
+      "ip":"200.249.12.31"
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80,
+      "hostname":"modsecurity.org"
+    },
+    "request": {
+      "headers": {
+        "Host":"www.modsecurity.org"
+      },
+      "uri":"/foo?q=attack",
+      "http_version": 1.1
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/plain"
+      },
+      "body":[
+        "denystring"
+      ]
+    },
+    "expected":{
+      "http_code": 200,
+      "debug_log": "[hostname: \"modsecurity.org\"]"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecResponseBodyAccess On",
+      "SecRule ARGS_GET \"@contains attack\" \"id:1,phase:2,deny\""
+    ]
+  }
+]

test/test-cases/regression/offset-variable.json

@@ -215,7 +215,6 @@
       ]
     },
     "expected":{
-      // should not match
     },
     "rules":[
       "SecRequestBodyAccess On",
@@ -248,7 +247,6 @@
       ]
     },
     "expected":{
-      // should not match
     },
     "rules":[
       "SecRequestBodyAccess On",

test/test-cases/regression/request-body-parser-xml-validade-dtd.json

@@ -2,6 +2,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser - validateDTD (validate ok)",
     "expected":{
       "debug_log": "XML: Successfully validated payload against DTD: test-cases/data/SoapEnvelope.dtd"
@@ -47,6 +48,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser - validateDTD (validation failed)",
     "expected":{
       "debug_log": "XML Error: No declaration for element xBody",
@@ -93,6 +95,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser - validateDTD (bad XML)",
     "expected":{
       "debug_log": "XML: DTD validation failed because content is not well formed",
@@ -139,6 +142,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser - validateDTD (bad DTD)",
     "expected":{
       "debug_log": "Failed to load DTD: test-cases/data/SoapEnvelope-bad.dtd",

test/test-cases/regression/request-body-parser-xml.json

@@ -2,6 +2,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser (validate ok)",
     "expected":{
       "debug_log": "XML: Successfully validated payload against Schema:"
@@ -51,6 +52,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser (validate attribute value failed)",
     "expected":{
       "debug_log": "'badval' is not a valid value of the local atomic type",
@@ -101,6 +103,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser (validate failed)",
     "expected":{
       "debug_log": "This element is not expected. Expected is one of",
@@ -151,6 +154,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser (bad XML)",
     "expected":{
       "debug_log": "XML Error: Element '{http://schemas.xmlsoap.org/soap/envelope/}xBody'",
@@ -201,6 +205,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XML request body parser (bad schema)",
     "expected":{
       "debug_log": "XML: Failed to load Schema: test-cases/data/SoapEnvelope-bad.xsd. XML Error: Failed to parse the XML resource 'test-cases/data/SoapEnvelope-bad.xsd",

test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json

@@ -2,6 +2,7 @@
   {  
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing Variables :: REQBODY_PROCESSOR_ERROR_MSG (1/2)",
     "client":{  
       "ip":"200.249.12.31",

test/test-cases/regression/variable-XML.json

@@ -2,6 +2,7 @@
   {
     "enabled":1,
     "version_min":300000,
+    "resource":"libxml2",
     "title":"Testing XPath expression with equals sign",
     "expected":{
       "http_code": 403

test/test-suite.in

@@ -0,0 +1,255 @@
+# for i in `find test/test-cases -iname *.json`; do echo TESTS+=$i; done
+TESTS+=test/test-cases/regression/action-allow.json
+TESTS+=test/test-cases/regression/action-block.json
+TESTS+=test/test-cases/regression/action-ctl_request_body_access.json
+TESTS+=test/test-cases/regression/action-ctl_request_body_processor.json
+TESTS+=test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json
+TESTS+=test/test-cases/regression/action-ctl_rule_engine.json
+TESTS+=test/test-cases/regression/action-ctl_audit_engine.json
+TESTS+=test/test-cases/regression/action-ctl_rule_remove_by_id.json
+TESTS+=test/test-cases/regression/action-ctl_rule_remove_by_tag.json
+TESTS+=test/test-cases/regression/action-ctl_rule_remove_target_by_id.json
+TESTS+=test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json
+TESTS+=test/test-cases/regression/action-disruptive.json
+TESTS+=test/test-cases/regression/action-exec.json
+TESTS+=test/test-cases/regression/action-expirevar.json
+TESTS+=test/test-cases/regression/action-id.json
+TESTS+=test/test-cases/regression/action-initcol.json
+TESTS+=test/test-cases/regression/action-msg.json
+TESTS+=test/test-cases/regression/action-setenv.json
+TESTS+=test/test-cases/regression/action-setrsc.json
+TESTS+=test/test-cases/regression/action-setsid.json
+TESTS+=test/test-cases/regression/action-setuid.json
+TESTS+=test/test-cases/regression/actions.json
+TESTS+=test/test-cases/regression/action-skip.json
+TESTS+=test/test-cases/regression/action-tag.json
+TESTS+=test/test-cases/regression/action-tnf-base64.json
+TESTS+=test/test-cases/regression/action-xmlns.json
+TESTS+=test/test-cases/regression/auditlog.json
+TESTS+=test/test-cases/regression/collection-case-insensitive.json
+TESTS+=test/test-cases/regression/collection-lua.json
+TESTS+=test/test-cases/regression/collection-regular_expression_selection.json
+TESTS+=test/test-cases/regression/collection-resource.json
+TESTS+=test/test-cases/regression/collection-tx.json
+TESTS+=test/test-cases/regression/collection-tx-with-macro.json
+TESTS+=test/test-cases/regression/config-body_limits.json
+TESTS+=test/test-cases/regression/config-calling_phases_by_name.json
+TESTS+=test/test-cases/regression/config-include-bad.json
+TESTS+=test/test-cases/regression/config-include.json
+TESTS+=test/test-cases/regression/config-remove_by_id.json
+TESTS+=test/test-cases/regression/config-remove_by_msg.json
+TESTS+=test/test-cases/regression/config-remove_by_tag.json
+TESTS+=test/test-cases/regression/config-response_type.json
+TESTS+=test/test-cases/regression/config-secdefaultaction.json
+TESTS+=test/test-cases/regression/config-secremoterules.json
+TESTS+=test/test-cases/regression/config-update-action-by-id.json
+TESTS+=test/test-cases/regression/config-update-target-by-id.json
+TESTS+=test/test-cases/regression/config-update-target-by-msg.json
+TESTS+=test/test-cases/regression/config-update-target-by-tag.json
+TESTS+=test/test-cases/regression/config-xml_external_entity.json
+TESTS+=test/test-cases/regression/debug_log.json
+TESTS+=test/test-cases/regression/directive-sec_rule_script.json
+TESTS+=test/test-cases/regression/issue-1152.json
+TESTS+=test/test-cases/regression/issue-1528.json
+TESTS+=test/test-cases/regression/issue-1565.json
+TESTS+=test/test-cases/regression/issue-1576.json
+TESTS+=test/test-cases/regression/issue-1591.json
+TESTS+=test/test-cases/regression/issue-1725.json
+TESTS+=test/test-cases/regression/issue-1743.json
+TESTS+=test/test-cases/regression/issue-1785.json
+TESTS+=test/test-cases/regression/issue-1812.json
+TESTS+=test/test-cases/regression/issue-1831.json
+TESTS+=test/test-cases/regression/issue-1844.json
+TESTS+=test/test-cases/regression/issue-1850.json
+TESTS+=test/test-cases/regression/issue-1941.json
+TESTS+=test/test-cases/regression/issue-1943.json
+TESTS+=test/test-cases/regression/issue-1956.json
+TESTS+=test/test-cases/regression/issue-1960.json
+TESTS+=test/test-cases/regression/issue-2099.json
+TESTS+=test/test-cases/regression/issue-2000.json
+TESTS+=test/test-cases/regression/issue-2111.json
+TESTS+=test/test-cases/regression/issue-2196.json
+TESTS+=test/test-cases/regression/issue-2423-msg-in-chain.json
+TESTS+=test/test-cases/regression/issue-2427.json
+TESTS+=test/test-cases/regression/issue-2296.json
+TESTS+=test/test-cases/regression/issue-394.json
+TESTS+=test/test-cases/regression/issue-849.json
+TESTS+=test/test-cases/regression/issue-960.json
+TESTS+=test/test-cases/regression/misc.json
+TESTS+=test/test-cases/regression/misc-variable-under-quotes.json
+TESTS+=test/test-cases/regression/offset-variable.json
+TESTS+=test/test-cases/regression/operator-detectsqli.json
+TESTS+=test/test-cases/regression/operator-detectxss.json
+TESTS+=test/test-cases/regression/operator-fuzzyhash.json
+TESTS+=test/test-cases/regression/operator-inpectFile.json
+TESTS+=test/test-cases/regression/operator-ipMatchFromFile.json
+TESTS+=test/test-cases/regression/operator-pm.json
+TESTS+=test/test-cases/regression/operator-rx.json
+TESTS+=test/test-cases/regression/operator-rxGlobal.json
+TESTS+=test/test-cases/regression/operator-UnconditionalMatch.json
+TESTS+=test/test-cases/regression/operator-validate-byte-range.json
+TESTS+=test/test-cases/regression/operator-verifycc.json
+TESTS+=test/test-cases/regression/operator-verifycpf.json
+TESTS+=test/test-cases/regression/operator-verifyssn.json
+TESTS+=test/test-cases/regression/operator-verifysvnr.json
+TESTS+=test/test-cases/regression/request-body-parser-json.json
+TESTS+=test/test-cases/regression/request-body-parser-multipart-crlf.json
+TESTS+=test/test-cases/regression/request-body-parser-multipart.json
+TESTS+=test/test-cases/regression/request-body-parser-xml.json
+TESTS+=test/test-cases/regression/request-body-parser-xml-validade-dtd.json
+TESTS+=test/test-cases/regression/rule-920120.json
+TESTS+=test/test-cases/regression/rule-920200.json
+TESTS+=test/test-cases/regression/rule-920274.json
+TESTS+=test/test-cases/regression/secaction.json
+TESTS+=test/test-cases/regression/secargumentslimit.json
+TESTS+=test/test-cases/regression/sec_component_signature.json
+TESTS+=test/test-cases/regression/secmarker.json
+TESTS+=test/test-cases/regression/secruleengine.json
+TESTS+=test/test-cases/regression/transformation-none.json
+TESTS+=test/test-cases/regression/transformations.json
+TESTS+=test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json
+TESTS+=test/test-cases/regression/variable-ARGS_GET.json
+TESTS+=test/test-cases/regression/variable-ARGS_GET_NAMES.json
+TESTS+=test/test-cases/regression/variable-ARGS.json
+TESTS+=test/test-cases/regression/variable-ARGS_NAMES.json
+TESTS+=test/test-cases/regression/variable-ARGS_POST.json
+TESTS+=test/test-cases/regression/variable-ARGS_POST_NAMES.json
+TESTS+=test/test-cases/regression/variable-AUTH_TYPE.json
+TESTS+=test/test-cases/regression/variable-DURATION.json
+TESTS+=test/test-cases/regression/variable-ENV.json
+TESTS+=test/test-cases/regression/variable-FILES_COMBINED_SIZE.json
+TESTS+=test/test-cases/regression/variable-FILES.json
+TESTS+=test/test-cases/regression/variable-FILES_NAMES.json
+TESTS+=test/test-cases/regression/variable-FILES_SIZES.json
+TESTS+=test/test-cases/regression/variable-FULL_REQUEST.json
+TESTS+=test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json
+TESTS+=test/test-cases/regression/variable-GEO.json
+TESTS+=test/test-cases/regression/variable-HIGHEST_SEVERITY.json
+TESTS+=test/test-cases/regression/variable-INBOUND_DATA_ERROR.json
+TESTS+=test/test-cases/regression/variable-MATCHED_VAR.json
+TESTS+=test/test-cases/regression/variable-MATCHED_VAR_NAME.json
+TESTS+=test/test-cases/regression/variable-MATCHED_VARS.json
+TESTS+=test/test-cases/regression/variable-MATCHED_VARS_NAMES.json
+TESTS+=test/test-cases/regression/variable-MODSEC_BUILD.json
+TESTS+=test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json
+TESTS+=test/test-cases/regression/variable-MULTIPART_FILENAME.json
+TESTS+=test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json
+TESTS+=test/test-cases/regression/variable-MULTIPART_NAME.json
+TESTS+=test/test-cases/regression/variable-MULTIPART_PART_HEADERS.json
+TESTS+=test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json
+TESTS+=test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json
+TESTS+=test/test-cases/regression/variable-OUTBOUND_DATA_ERROR.json
+TESTS+=test/test-cases/regression/variable-PATH_INFO.json
+TESTS+=test/test-cases/regression/variable-QUERY_STRING.json
+TESTS+=test/test-cases/regression/variable-REMOTE_ADDR.json
+TESTS+=test/test-cases/regression/variable-REMOTE_HOST.json
+TESTS+=test/test-cases/regression/variable-REMOTE_PORT.json
+TESTS+=test/test-cases/regression/variable-REMOTE_USER.json
+TESTS+=test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json
+TESTS+=test/test-cases/regression/variable-REQBODY_PROCESSOR.json
+TESTS+=test/test-cases/regression/variable-REQUEST_BASENAME.json
+TESTS+=test/test-cases/regression/variable-REQUEST_BODY.json
+TESTS+=test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json
+TESTS+=test/test-cases/regression/variable-REQUEST_COOKIES.json
+TESTS+=test/test-cases/regression/variable-REQUEST_COOKIES_NAMES.json
+TESTS+=test/test-cases/regression/variable-REQUEST_FILENAME.json
+TESTS+=test/test-cases/regression/variable-REQUEST_HEADERS.json
+TESTS+=test/test-cases/regression/variable-REQUEST_HEADERS_NAMES.json
+TESTS+=test/test-cases/regression/variable-REQUEST_LINE.json
+TESTS+=test/test-cases/regression/variable-REQUEST_METHOD.json
+TESTS+=test/test-cases/regression/variable-REQUEST_PROTOCOL.json
+TESTS+=test/test-cases/regression/variable-REQUEST_URI.json
+TESTS+=test/test-cases/regression/variable-REQUEST_URI_RAW.json
+TESTS+=test/test-cases/regression/variable-RESPONSE_BODY.json
+TESTS+=test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json
+TESTS+=test/test-cases/regression/variable-RESPONSE_CONTENT_TYPE.json
+TESTS+=test/test-cases/regression/variable-RESPONSE_HEADERS.json
+TESTS+=test/test-cases/regression/variable-RESPONSE_HEADERS_NAMES.json
+TESTS+=test/test-cases/regression/variable-RESPONSE_PROTOCOL.json
+TESTS+=test/test-cases/regression/variable-RULE.json
+TESTS+=test/test-cases/regression/variable-SERVER_ADDR.json
+TESTS+=test/test-cases/regression/variable-SERVER_NAME.json
+TESTS+=test/test-cases/regression/variable-SERVER_PORT.json
+TESTS+=test/test-cases/regression/variable-SESSIONID.json
+TESTS+=test/test-cases/regression/variable-STATUS.json
+TESTS+=test/test-cases/regression/variable-TIME_DAY.json
+TESTS+=test/test-cases/regression/variable-TIME_EPOCH.json
+TESTS+=test/test-cases/regression/variable-TIME_HOUR.json
+TESTS+=test/test-cases/regression/variable-TIME.json
+TESTS+=test/test-cases/regression/variable-TIME_MIN.json
+TESTS+=test/test-cases/regression/variable-TIME_MON.json
+TESTS+=test/test-cases/regression/variable-TIME_SEC.json
+TESTS+=test/test-cases/regression/variable-TIME_WDAY.json
+TESTS+=test/test-cases/regression/variable-TIME_YEAR.json
+TESTS+=test/test-cases/regression/variable-TX.json
+TESTS+=test/test-cases/regression/variable-UNIQUE_ID.json
+TESTS+=test/test-cases/regression/variable-URLENCODED_ERROR.json
+TESTS+=test/test-cases/regression/variable-USERID.json
+TESTS+=test/test-cases/regression/variable-variation-count.json
+TESTS+=test/test-cases/regression/variable-variation-exclusion.json
+TESTS+=test/test-cases/regression/variable-WEBAPPID.json
+TESTS+=test/test-cases/regression/variable-WEBSERVER_ERROR_LOG.json
+TESTS+=test/test-cases/regression/variable-XML.json
+TESTS+=test/test-cases/secrules-language-tests/operators/beginsWith.json
+TESTS+=test/test-cases/secrules-language-tests/operators/contains.json
+TESTS+=test/test-cases/secrules-language-tests/operators/containsWord.json
+TESTS+=test/test-cases/secrules-language-tests/operators/detectSQLi.json
+TESTS+=test/test-cases/secrules-language-tests/operators/detectXSS.json
+TESTS+=test/test-cases/secrules-language-tests/operators/endsWith.json
+TESTS+=test/test-cases/secrules-language-tests/operators/eq.json
+TESTS+=test/test-cases/secrules-language-tests/operators/ge.json
+TESTS+=test/test-cases/secrules-language-tests/operators/geoLookup.json
+TESTS+=test/test-cases/secrules-language-tests/operators/gt.json
+TESTS+=test/test-cases/secrules-language-tests/operators/ipMatch.json
+TESTS+=test/test-cases/secrules-language-tests/operators/le.json
+TESTS+=test/test-cases/secrules-language-tests/operators/lt.json
+TESTS+=test/test-cases/secrules-language-tests/operators/noMatch.json
+TESTS+=test/test-cases/secrules-language-tests/operators/pmFromFile.json
+TESTS+=test/test-cases/secrules-language-tests/operators/pm.json
+TESTS+=test/test-cases/secrules-language-tests/operators/rx.json
+TESTS+=test/test-cases/secrules-language-tests/operators/rxGlobal.json
+TESTS+=test/test-cases/secrules-language-tests/operators/streq.json
+TESTS+=test/test-cases/secrules-language-tests/operators/strmatch.json
+TESTS+=test/test-cases/secrules-language-tests/operators/unconditionalMatch.json
+TESTS+=test/test-cases/secrules-language-tests/operators/validateByteRange.json
+TESTS+=test/test-cases/secrules-language-tests/operators/validateUrlEncoding.json
+TESTS+=test/test-cases/secrules-language-tests/operators/validateUtf8Encoding.json
+TESTS+=test/test-cases/secrules-language-tests/operators/verifyCC.json
+TESTS+=test/test-cases/secrules-language-tests/operators/verifycpf.json
+TESTS+=test/test-cases/secrules-language-tests/operators/verifyssn.json
+TESTS+=test/test-cases/secrules-language-tests/operators/verifysvnr.json
+TESTS+=test/test-cases/secrules-language-tests/operators/within.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/base64DecodeExt.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/base64Decode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/base64Encode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/cmdLine.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/compressWhitespace.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/cssDecode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/escapeSeqDecode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/hexDecode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/hexEncode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/htmlEntityDecode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/jsDecode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/length.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/lowercase.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/md5.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/normalisePath.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/normalisePathWin.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/parityEven7bit.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/parityOdd7bit.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/parityZero7bit.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/removeCommentsChar.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/removeComments.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/removeNulls.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/removeWhitespace.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/replaceComments.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/replaceNulls.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/sha1.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/sqlHexDecode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/trim.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/trimLeft.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/trimRight.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/urlDecode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/urlDecodeUni.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/urlEncode.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/utf8toUnicode.json

test/test-suite.sh

@@ -13,7 +13,7 @@ then
     AMOUNT=$(./regression_tests countall ../$FILE)
     RET=$?
     if [ $RET -ne 0 ]; then
-        echo ":test-result: SKIP: json is not enabled. (regression/$RET) ../$FILE:$i"
+        echo ":test-result: SKIP: json is not enabled. (regression/$RET) ../$FILE"
         exit 0
     fi
 
@@ -30,10 +30,10 @@ else
       RET=$?
       if [ $RET -eq 127 ]
       then
-          echo ":test-result: SKIP: json is not enabled. (unit/$RET) ../$FILE:$i"
+          echo ":test-result: SKIP: json is not enabled. (unit/$RET) ../$FILE"
       elif [ $RET -ne 0 ]
       then
-          echo ":test-result: FAIL possible segfault: (unit/$RET) ../$FILE:$i"
+          echo ":test-result: FAIL possible segfault: (unit/$RET) ../$FILE"
       fi
 fi
 

test/unit/unit.cc

@@ -195,6 +195,10 @@ int main(int argc, char **argv) {
         std::cout << t->print() << std::endl;
     }
 
+    const int skp = std::count_if(results.cbegin(), results.cend(), [](const auto &i)
+                                    { return i->skipped; });
+    const int failed = results.size() - skp;
+
     if (!test.m_automake_output) {
         std::cout << std::endl;
 
@@ -202,13 +206,7 @@ int main(int argc, char **argv) {
         if (results.size() == 0) {
             std::cout << KGRN << "All tests passed" << RESET << std::endl;
         } else {
-            int skp = 0;
-            for (const auto &i : results) {
-                if (i->skipped == true) {
-                    skp++;
-                }
-            }
-            std::cout << KRED << results.size()-skp << " failed.";
+            std::cout << KRED << failed << " failed.";
             std::cout << RESET << std::endl;
             if (skp > 0) {
                 std::cout << " " << std::to_string(skp) << " ";
@@ -217,13 +215,12 @@ int main(int argc, char **argv) {
         }
     }
 
-    for (std::pair<std::string, std::vector<UnitTest *> *> a : test) {
-        std::vector<UnitTest *> *vec = a.second;
-        for (int i = 0; i < vec->size(); i++) {
-            delete vec->at(i);
-        }
+    for (auto a : test) {
+        auto *vec = a.second;
+        for(auto *t : *vec)
+            delete t;
         delete vec;
     }
+
+    return failed;
 }
-
-