diff --git a/src/actions/accuracy.cc b/src/actions/accuracy.cc index c9fbf7af..da23705b 100644 --- a/src/actions/accuracy.cc +++ b/src/actions/accuracy.cc @@ -27,14 +27,16 @@ namespace modsecurity { namespace actions { -Accuracy::Accuracy(std::string action) - : Action(action, ConfigurationKind), - m_accuracy_str(action) { - if (m_accuracy_str.at(0) == '\'') { - m_accuracy_str.erase(0, 1); - m_accuracy_str.pop_back(); + +bool Accuracy::init(std::string *error) { + try { + m_accuracy = std::stoi(m_parser_payload); + } catch (...) { + error->assign("Accuracy: The input \"" + m_parser_payload + "\" is " \ + "not a number."); + return false; } - m_accuracy = std::stoi(m_accuracy_str); + return true; } @@ -43,5 +45,6 @@ bool Accuracy::evaluate(Rule *rule, Transaction *transaction) { return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/accuracy.h b/src/actions/accuracy.h index 8a1b697d..bfd704f8 100644 --- a/src/actions/accuracy.h +++ b/src/actions/accuracy.h @@ -29,12 +29,14 @@ namespace actions { class Accuracy : public Action { public: - explicit Accuracy(std::string action); + explicit Accuracy(std::string action) + : Action(action, ConfigurationKind), + m_accuracy(0) { } bool evaluate(Rule *rule, Transaction *transaction) override; + bool init(std::string *error) override; private: - std::string m_accuracy_str; int m_accuracy; }; diff --git a/src/actions/action.cc b/src/actions/action.cc index 81911654..07124e45 100644 --- a/src/actions/action.cc +++ b/src/actions/action.cc @@ -52,7 +52,7 @@ bool Action::evaluate(Rule *rule, Transaction *transaction) { } -void Action::fill_intervention(ModSecurityIntervention *i) { +void Action::fillIntervention(ModSecurityIntervention *i) { } Action *Action::instantiate(const std::string& name) { diff --git a/src/actions/action.h b/src/actions/action.h index 5703a0bf..f9846518 100644 --- a/src/actions/action.h +++ b/src/actions/action.h @@ -35,21 +35,43 @@ class Action { public: explicit Action(const std::string& _action) : action_kind(2), - action(_action), - name(_action), + m_name(""), + m_parser_payload(""), m_isNone(false), temporaryAction(false) { - name.erase(0, 2); + set_name_and_payload(_action); } explicit Action(const std::string& _action, int kind) : action_kind(kind), - action(_action), - name(_action), + m_name(""), + m_parser_payload(""), m_isNone(false), temporaryAction(false) { - name.erase(0, 2); + set_name_and_payload(_action); } + void set_name_and_payload(const std::string& data) { + size_t pos = data.find(":"); + std::string t = "t:"; + + if (data.compare(0, t.length(), t) == 0) { + pos = data.find(":", 2); + } + + if (pos == std::string::npos) { + m_name = data; + return; + } + + m_name = std::string(data, 0, pos); + m_parser_payload = std::string(data, pos + 1, data.length()); + + if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) { + m_parser_payload.erase(0, 1); + m_parser_payload.pop_back(); + } + } + virtual ~Action() { } /** * @@ -83,9 +105,6 @@ class Action { RunTimeOnlyIfMatchKind, }; - std::string action; - int action_kind; - std::string name; virtual std::string evaluate(std::string exp, Transaction *transaction); @@ -94,14 +113,20 @@ class Action { RuleMessage *ruleMessage) { return evaluate(rule, transaction); } + virtual bool init(std::string *error) { return true; } + virtual bool isDisruptive() { return false; } + virtual void fillIntervention(ModSecurityIntervention *intervention); + static Action *instantiate(const std::string& name); - virtual void fill_intervention(ModSecurityIntervention *intervention); bool temporaryAction; + std::string m_name; + std::string m_parser_payload; bool m_isNone; + int action_kind; }; diff --git a/src/actions/audit_log.cc b/src/actions/audit_log.cc index 1fc8253d..da7fee4a 100644 --- a/src/actions/audit_log.cc +++ b/src/actions/audit_log.cc @@ -23,10 +23,12 @@ namespace modsecurity { namespace actions { + bool AuditLog::evaluate(Rule *rule, Transaction *transaction) { transaction->m_toBeSavedInAuditlogs = true; return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/audit_log.h b/src/actions/audit_log.h index 43c94227..4c2ae9a8 100644 --- a/src/actions/audit_log.h +++ b/src/actions/audit_log.h @@ -37,6 +37,7 @@ class AuditLog : public Action { bool evaluate(Rule *rule, Transaction *transaction) override; }; + } // namespace actions } // namespace modsecurity #endif diff --git a/src/actions/block.cc b/src/actions/block.cc index eec0d37b..8ed148f4 100644 --- a/src/actions/block.cc +++ b/src/actions/block.cc @@ -25,12 +25,6 @@ namespace modsecurity { namespace actions { -Block::Block(std::string action) - : Action(action) { - this->action = action; - this->action_kind = 2; -} - bool Block::evaluate(Rule *rule, Transaction *transaction) { #ifndef NO_LOGS @@ -44,9 +38,11 @@ bool Block::evaluate(Rule *rule, Transaction *transaction) { return true; } -void Block::fill_intervention(ModSecurityIntervention *i) { + +void Block::fillIntervention(ModSecurityIntervention *i) { i->disruptive = true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/block.h b/src/actions/block.h index b1cbbc51..36362893 100644 --- a/src/actions/block.h +++ b/src/actions/block.h @@ -31,13 +31,14 @@ namespace actions { class Block : public Action { public: - explicit Block(std::string action); + explicit Block(std::string action) : Action(action) { } bool evaluate(Rule *rule, Transaction *transaction) override; - void fill_intervention(ModSecurityIntervention *i) override; + void fillIntervention(ModSecurityIntervention *i) override; bool isDisruptive() override { return true; } }; + } // namespace actions } // namespace modsecurity #endif diff --git a/src/actions/capture.cc b/src/actions/capture.cc index 613654f0..c6747fa6 100644 --- a/src/actions/capture.cc +++ b/src/actions/capture.cc @@ -31,6 +31,7 @@ namespace modsecurity { namespace actions { + bool Capture::evaluate(Rule *rule, Transaction *transaction) { if (transaction->m_matched.empty()) { return false; @@ -46,5 +47,6 @@ bool Capture::evaluate(Rule *rule, Transaction *transaction) { return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/chain.cc b/src/actions/chain.cc index 0f021160..86b54dcc 100644 --- a/src/actions/chain.cc +++ b/src/actions/chain.cc @@ -25,11 +25,11 @@ namespace modsecurity { namespace actions { - bool Chain::evaluate(Rule *rule, Transaction *transaction) { rule->chained = true; return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/ctl_audit_log_parts.cc b/src/actions/ctl_audit_log_parts.cc index 43e1cfe5..b9127dfe 100644 --- a/src/actions/ctl_audit_log_parts.cc +++ b/src/actions/ctl_audit_log_parts.cc @@ -23,11 +23,9 @@ namespace modsecurity { namespace actions { -CtlAuditLogParts::CtlAuditLogParts(std::string action) - : Action(action, RunTimeOnlyIfMatchKind), - mPartsAction(0) { - std::string what(action, 18, 1); - mParts = std::string(action, 19, action.length()-19); +bool CtlAuditLogParts::init(std::string *error) { + std::string what(m_parser_payload, 14, 1); + mParts = std::string(m_parser_payload, 15, m_parser_payload.length()-15); if (what == "+") { mPartsAction = 0; } else { diff --git a/src/actions/ctl_audit_log_parts.h b/src/actions/ctl_audit_log_parts.h index 2736c95d..44d92027 100644 --- a/src/actions/ctl_audit_log_parts.h +++ b/src/actions/ctl_audit_log_parts.h @@ -27,9 +27,15 @@ namespace actions { class CtlAuditLogParts : public Action { public: - explicit CtlAuditLogParts(std::string action); + explicit CtlAuditLogParts(std::string action) + : Action(action, RunTimeOnlyIfMatchKind), + mPartsAction(0), + mParts("") { } bool evaluate(Rule *rule, Transaction *transaction) override; + bool init(std::string *error) override; + + protected: int mPartsAction; std::string mParts; }; diff --git a/src/actions/deny.cc b/src/actions/deny.cc index 26434a33..00b193fd 100644 --- a/src/actions/deny.cc +++ b/src/actions/deny.cc @@ -23,12 +23,6 @@ namespace modsecurity { namespace actions { -Deny::Deny(std::string action) - : Action(action) { - this->action = action; - this->action_kind = 2; -} - bool Deny::evaluate(Rule *rule, Transaction *transaction) { #ifndef NO_LOGS @@ -38,7 +32,8 @@ bool Deny::evaluate(Rule *rule, Transaction *transaction) { return true; } -void Deny::fill_intervention(ModSecurityIntervention *i) { + +void Deny::fillIntervention(ModSecurityIntervention *i) { if (i->status == 200) { i->status = 403; } @@ -46,5 +41,6 @@ void Deny::fill_intervention(ModSecurityIntervention *i) { i->disruptive = true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/deny.h b/src/actions/deny.h index 0d19df6f..f326a72a 100644 --- a/src/actions/deny.h +++ b/src/actions/deny.h @@ -27,10 +27,10 @@ namespace actions { class Deny : public Action { public: - explicit Deny(std::string action); + explicit Deny(std::string action) : Action(action) { } bool evaluate(Rule *rule, Transaction *transaction) override; - void fill_intervention(ModSecurityIntervention *i) override; + void fillIntervention(ModSecurityIntervention *i) override; bool isDisruptive() override { return true; } }; diff --git a/src/actions/init_col.cc b/src/actions/init_col.cc index bebcb885..69d19efc 100644 --- a/src/actions/init_col.cc +++ b/src/actions/init_col.cc @@ -27,24 +27,19 @@ namespace modsecurity { namespace actions { -InitCol::InitCol(std::string action) - : Action(action, RunTimeOnlyIfMatchKind) { -} - bool InitCol::init(std::string *error) { - int posEquals = action.find("="); - int posInit = strlen("initcol:"); + int posEquals = m_parser_payload.find("="); - if (action.size() < 8) { + if (m_parser_payload.size() < 8) { return false; } if (posEquals == std::string::npos) { return false; } - m_collection_key = std::string(action, posInit, posEquals - posInit); - m_collection_value = std::string(action, posEquals + 1); + m_collection_key = std::string(m_parser_payload, 0, posEquals); + m_collection_value = std::string(m_parser_payload, posEquals + 1); if (m_collection_key != "ip" && m_collection_key != "global") { return false; diff --git a/src/actions/init_col.h b/src/actions/init_col.h index 4a0ed22a..2469ef5d 100644 --- a/src/actions/init_col.h +++ b/src/actions/init_col.h @@ -29,7 +29,7 @@ namespace actions { class InitCol : public Action { public: - explicit InitCol(std::string action); + explicit InitCol(std::string action) : Action(action) { } bool evaluate(Rule *rule, Transaction *transaction) override; bool init(std::string *error) override; diff --git a/src/actions/log.cc b/src/actions/log.cc index 11eb3076..897c7836 100644 --- a/src/actions/log.cc +++ b/src/actions/log.cc @@ -23,6 +23,7 @@ namespace modsecurity { namespace actions { + bool Log::evaluate(Rule *rule, Transaction *transaction) { transaction->m_toBeSavedInAuditlogs = true; /* FIXME: transaction->serverLog("Something...."); */ @@ -30,5 +31,6 @@ bool Log::evaluate(Rule *rule, Transaction *transaction) { return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/log_data.cc b/src/actions/log_data.cc index 6fb12276..fef327d6 100644 --- a/src/actions/log_data.cc +++ b/src/actions/log_data.cc @@ -27,16 +27,9 @@ namespace modsecurity { namespace actions { -LogData::LogData(std::string action) - : Action(action, RunTimeOnlyIfMatchKind), - m_data(action) { - m_data.erase(0, 1); - m_data.pop_back(); -} - bool LogData::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { - std::string data = MacroExpansion::expand(m_data, transaction); + std::string data = MacroExpansion::expand(m_parser_payload, transaction); rm->m_data = data; diff --git a/src/actions/log_data.h b/src/actions/log_data.h index 326dca05..e502f197 100644 --- a/src/actions/log_data.h +++ b/src/actions/log_data.h @@ -29,13 +29,11 @@ namespace actions { class LogData : public Action { public: - explicit LogData(std::string action); + explicit LogData(std::string action) + : Action(action, RunTimeOnlyIfMatchKind) { } bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) override; - - private: - std::string m_data; }; diff --git a/src/actions/maturity.cc b/src/actions/maturity.cc index be5a43a5..f33404f9 100644 --- a/src/actions/maturity.cc +++ b/src/actions/maturity.cc @@ -27,14 +27,16 @@ namespace modsecurity { namespace actions { -Maturity::Maturity(std::string action) - : Action(action, ConfigurationKind), - m_maturity_str(action) { - if (m_maturity_str.at(0) == '\'') { - m_maturity_str.erase(0, 1); - m_maturity_str.pop_back(); + +bool Maturity::init(std::string *error) { + try { + m_maturity = std::stoi(m_parser_payload); + } catch (...) { + error->assign("Maturity: The input \"" + m_parser_payload + "\" is " \ + "not a number."); + return false; } - m_maturity = std::stoi(m_maturity_str); + return true; } @@ -43,5 +45,6 @@ bool Maturity::evaluate(Rule *rule, Transaction *transaction) { return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/maturity.h b/src/actions/maturity.h index 5fb1c266..98e0ba2a 100644 --- a/src/actions/maturity.h +++ b/src/actions/maturity.h @@ -29,12 +29,14 @@ namespace actions { class Maturity : public Action { public: - explicit Maturity(std::string action); + explicit Maturity(std::string action) + : Action(action, ConfigurationKind), + m_maturity(0) { } bool evaluate(Rule *rule, Transaction *transaction) override; + bool init(std::string *error) override; private: - std::string m_maturity_str; int m_maturity; }; diff --git a/src/actions/msg.cc b/src/actions/msg.cc index 309e923e..c8088bdc 100644 --- a/src/actions/msg.cc +++ b/src/actions/msg.cc @@ -45,16 +45,9 @@ namespace modsecurity { namespace actions { -Msg::Msg(std::string action) - : Action(action, RunTimeOnlyIfMatchKind), - m_msg(action) { - m_msg.erase(0, 1); - m_msg.pop_back(); -} - bool Msg::evaluate(Rule *rule, Transaction *transaction) { - std::string msg = MacroExpansion::expand(m_msg, transaction); + std::string msg = MacroExpansion::expand(m_parser_payload, transaction); #ifndef NO_LOGS transaction->debug(9, "Saving msg: " + msg); diff --git a/src/actions/msg.h b/src/actions/msg.h index 8d0cc58c..b8690223 100644 --- a/src/actions/msg.h +++ b/src/actions/msg.h @@ -29,12 +29,10 @@ namespace actions { class Msg : public Action { public: - explicit Msg(std::string action); + explicit Msg(std::string action) + : Action(action, RunTimeOnlyIfMatchKind) { } bool evaluate(Rule *rule, Transaction *transaction) override; - - private: - std::string m_msg; }; diff --git a/src/actions/no_audit_log.cc b/src/actions/no_audit_log.cc index 90189c50..2de9170a 100644 --- a/src/actions/no_audit_log.cc +++ b/src/actions/no_audit_log.cc @@ -23,10 +23,12 @@ namespace modsecurity { namespace actions { + bool NoAuditLog::evaluate(Rule *rule, Transaction *transaction) { transaction->m_toNotBeSavedInAuditLogs = true; return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/pass.cc b/src/actions/pass.cc index fb63d242..135e06c9 100644 --- a/src/actions/pass.cc +++ b/src/actions/pass.cc @@ -24,12 +24,6 @@ namespace modsecurity { namespace actions { -Pass::Pass(std::string action) - : Action(action) { - this->action = action; - this->action_kind = 2; -} - bool Pass::evaluate(Rule *rule, Transaction *transaction) { transaction->m_actions.clear(); diff --git a/src/actions/pass.h b/src/actions/pass.h index b2a5f392..96595e0c 100644 --- a/src/actions/pass.h +++ b/src/actions/pass.h @@ -27,7 +27,7 @@ namespace actions { class Pass : public Action { public: - explicit Pass(std::string action); + explicit Pass(std::string action) : Action(action) { } bool evaluate(Rule *rule, Transaction *transaction) override; bool isDisruptive() override { return true; } diff --git a/src/actions/phase.cc b/src/actions/phase.cc index 647661e8..11faccf2 100644 --- a/src/actions/phase.cc +++ b/src/actions/phase.cc @@ -26,51 +26,39 @@ namespace modsecurity { namespace actions { -Phase::Phase(std::string action) - : Action(action), - m_secRulesPhase(0), - phase(0) { - this->action_kind = ConfigurationKind; - std::string a = action; - a.erase(0, 6); - if (a.at(0) == '\'') { - a.erase(0, 1); - a.pop_back(); - } +bool Phase::init(std::string *error) { + std::string a = tolower(m_parser_payload); try { - this->phase = std::stoi(a); + m_phase = std::stoi(m_parser_payload); } catch (...) { - this->phase = 0; - if (tolower(a) == "request") { - this->phase = ModSecurity::Phases::RequestHeadersPhase; + m_phase = 0; + if (a == "request") { + m_phase = ModSecurity::Phases::RequestHeadersPhase; m_secRulesPhase = 2; } - if (tolower(a) == "response") { - this->phase = ModSecurity::Phases::ResponseBodyPhase; + if (a == "response") { + m_phase = ModSecurity::Phases::ResponseBodyPhase; m_secRulesPhase = 4; } - if (tolower(a) == "logging") { - this->phase = ModSecurity::Phases::LoggingPhase; + if (a == "logging") { + m_phase = ModSecurity::Phases::LoggingPhase; m_secRulesPhase = 5; } } - if (this->phase == 0) { + if (m_phase == 0) { /* Phase 0 is something new, we want to use as ConnectionPhase */ - this->phase = ModSecurity::Phases::ConnectionPhase; + m_phase = ModSecurity::Phases::ConnectionPhase; m_secRulesPhase = 1; } else { /* Otherwise we want to shift the rule to the correct phase */ - m_secRulesPhase = phase; - this->phase = phase + 1; + m_secRulesPhase = m_phase; + m_phase = m_phase + 1; } -} - -bool Phase::init(std::string *error) { - if (phase > ModSecurity::Phases::NUMBER_OF_PHASES) { - error->assign("Unknown phase: " + std::to_string(phase)); + if (m_phase > ModSecurity::Phases::NUMBER_OF_PHASES) { + error->assign("Unknown phase: " + std::to_string(m_phase)); return false; } return true; @@ -78,7 +66,7 @@ bool Phase::init(std::string *error) { bool Phase::evaluate(Rule *rule, Transaction *transaction) { - rule->phase = this->phase; + rule->phase = m_phase; return true; } diff --git a/src/actions/phase.h b/src/actions/phase.h index 7b4d9e65..cfdda664 100644 --- a/src/actions/phase.h +++ b/src/actions/phase.h @@ -32,11 +32,14 @@ namespace actions { class Phase : public Action { public: - explicit Phase(std::string action); + explicit Phase(std::string action) : Action(action, ConfigurationKind), + m_secRulesPhase(0), + m_phase(0) { } bool init(std::string *error) override; bool evaluate(Rule *rule, Transaction *transaction) override; - int phase; + + int m_phase; int m_secRulesPhase; }; diff --git a/src/actions/redirect.cc b/src/actions/redirect.cc index 7fd082a7..ec73e7b0 100644 --- a/src/actions/redirect.cc +++ b/src/actions/redirect.cc @@ -24,20 +24,11 @@ namespace modsecurity { namespace actions { -Redirect::~Redirect() { -} -Redirect::Redirect(const std::string& action) - : Action(action, RunTimeOnlyIfMatchKind), - m_url(action) { - // m_url = m_url.erase(0, 9); - if (m_url.at(0) == '\'') { - m_url.erase(0, 1); - if (m_url.size() > 0) { - m_url.pop_back(); - } - } +bool Redirect::init(std::string *error) { + m_url = m_parser_payload; m_status = 302; + return true; } @@ -47,7 +38,8 @@ bool Redirect::evaluate(Rule *rule, Transaction *transaction) { return true; } -void Redirect::fill_intervention(ModSecurityIntervention *i) { + +void Redirect::fillIntervention(ModSecurityIntervention *i) { /* if it was changed before, lets keep it. */ if (i->status == 200) { i->status = m_status; @@ -57,5 +49,6 @@ void Redirect::fill_intervention(ModSecurityIntervention *i) { i->disruptive = true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/redirect.h b/src/actions/redirect.h index ed30dbe4..e0a133bd 100644 --- a/src/actions/redirect.h +++ b/src/actions/redirect.h @@ -30,12 +30,14 @@ namespace actions { class Redirect : public Action { public: - explicit Redirect(const std::string &action); - ~Redirect() override; + explicit Redirect(const std::string &action) + : Action(action, RunTimeOnlyIfMatchKind) { } bool evaluate(Rule *rule, Transaction *transaction) override; - void fill_intervention(ModSecurityIntervention *i) override; + bool init(std::string *error) override; + void fillIntervention(ModSecurityIntervention *i) override; bool isDisruptive() override { return true; } + private: int m_status; std::string m_urlExpanded; diff --git a/src/actions/rev.cc b/src/actions/rev.cc index aff6e314..e8e2c204 100644 --- a/src/actions/rev.cc +++ b/src/actions/rev.cc @@ -27,13 +27,10 @@ namespace modsecurity { namespace actions { -Rev::Rev(std::string action) - : Action(action, ConfigurationKind), - m_rev(action) { - if (m_rev.at(0) == '\'') { - m_rev.erase(0, 1); - m_rev.pop_back(); - } + +bool Rev::init(std::string *error) { + m_rev = m_parser_payload; + return true; } @@ -42,5 +39,6 @@ bool Rev::evaluate(Rule *rule, Transaction *transaction) { return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/rev.h b/src/actions/rev.h index 6a28af54..7eaec02d 100644 --- a/src/actions/rev.h +++ b/src/actions/rev.h @@ -29,9 +29,10 @@ namespace actions { class Rev : public Action { public: - explicit Rev(std::string action); + explicit Rev(std::string action) : Action(action, ConfigurationKind) { } bool evaluate(Rule *rule, Transaction *transaction) override; + bool init(std::string *error) override; private: std::string m_rev; diff --git a/src/actions/rule_id.cc b/src/actions/rule_id.cc index 9d47414e..557dee10 100644 --- a/src/actions/rule_id.cc +++ b/src/actions/rule_id.cc @@ -24,15 +24,11 @@ namespace modsecurity { namespace actions { + bool RuleId::init(std::string *error) { - std::string a = action; + std::string a = m_parser_payload; try { - a.erase(0, 3); - if (a.at(0) == '\'') { - a.erase(0, 1); - a.pop_back(); - } m_ruleId = std::stod(a); } catch (...) { m_ruleId = 0; @@ -51,10 +47,12 @@ bool RuleId::init(std::string *error) { return true; } + bool RuleId::evaluate(Rule *rule, Transaction *transaction) { rule->rule_id = m_ruleId; return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/set_sid.cc b/src/actions/set_sid.cc index 017b4fe9..9cc21fc9 100644 --- a/src/actions/set_sid.cc +++ b/src/actions/set_sid.cc @@ -28,9 +28,11 @@ namespace actions { bool SetSID::init(std::string *error) { - m_collection_key = std::string(action, 0, action.length()); + m_collection_key = std::string(m_parser_payload, 0, + m_parser_payload.length()); if (m_collection_key.empty()) { + error->assign("Missing collection key"); return false; } diff --git a/src/actions/set_sid.h b/src/actions/set_sid.h index fa6c2b38..d552aeb3 100644 --- a/src/actions/set_sid.h +++ b/src/actions/set_sid.h @@ -34,6 +34,7 @@ class SetSID : public Action { bool evaluate(Rule *rule, Transaction *transaction) override; bool init(std::string *error) override; + private: std::string m_collection_key; }; diff --git a/src/actions/set_uid.cc b/src/actions/set_uid.cc index b3380df3..0c1f0a1a 100644 --- a/src/actions/set_uid.cc +++ b/src/actions/set_uid.cc @@ -28,9 +28,11 @@ namespace actions { bool SetUID::init(std::string *error) { - m_collection_key = std::string(action, 0, action.length()); + m_collection_key = std::string(m_parser_payload, 0, + m_parser_payload.length()); if (m_collection_key.empty()) { + error->assign("Missing collection key"); return false; } diff --git a/src/actions/set_uid.h b/src/actions/set_uid.h index 6cbd5418..7b11f0c8 100644 --- a/src/actions/set_uid.h +++ b/src/actions/set_uid.h @@ -34,6 +34,7 @@ class SetUID : public Action { bool evaluate(Rule *rule, Transaction *transaction) override; bool init(std::string *error) override; + private: std::string m_collection_key; }; diff --git a/src/actions/set_var.cc b/src/actions/set_var.cc index f5092348..ce2ccfa3 100644 --- a/src/actions/set_var.cc +++ b/src/actions/set_var.cc @@ -26,65 +26,60 @@ namespace modsecurity { namespace actions { -SetVar::SetVar(std::string action) - : Action(action, RunTimeOnlyIfMatchKind) { -} - bool SetVar::init(std::string *error) { size_t pos; - if (action.at(0) == '\'' && action.size() > 3) { - action.erase(0, 1); - action.pop_back(); - } - // Resolv operation - operation = setToOne; - pos = action.find("="); + m_operation = setToOne; + pos = m_parser_payload.find("="); if (pos != std::string::npos) { - operation = setOperation; + m_operation = setOperation; } - pos = action.find("=+"); + pos = m_parser_payload.find("=+"); if (pos != std::string::npos) { - operation = sumAndSetOperation; + m_operation = sumAndSetOperation; } - pos = action.find("=-"); + pos = m_parser_payload.find("=-"); if (pos != std::string::npos) { - operation = substractAndSetOperation; + m_operation = substractAndSetOperation; } // Collection name - pos = action.find("."); + pos = m_parser_payload.find("."); if (pos != std::string::npos) { - collectionName = std::string(action, 0, pos); - collectionName = toupper(collectionName); + m_collectionName = std::string(m_parser_payload, 0, pos); + m_collectionName = toupper(m_collectionName); } else { error->assign("Missing the collection and/or variable name"); return false; } // Variable name - if (operation == setToOne) { - variableName = std::string(action, pos + 1, action.length() + if (m_operation == setToOne) { + m_variableName = std::string(m_parser_payload, pos + 1, + m_parser_payload.length() - (pos + 1)); } else { - size_t pos2 = action.find("="); - variableName = std::string(action, pos + 1, pos2 - (pos + 1)); - if (pos2 + 2 > action.length()) { + size_t pos2 = m_parser_payload.find("="); + m_variableName = std::string(m_parser_payload, pos + 1, + pos2 - (pos + 1)); + if (pos2 + 2 > m_parser_payload.length()) { error->assign("Something wrong with the input format"); return false; } - if (operation == setOperation) { - predicate = std::string(action, pos2 + 1, action.length() - (pos2)); + if (m_operation == setOperation) { + m_predicate = std::string(m_parser_payload, pos2 + 1, + m_parser_payload.length() - (pos2)); } else { - predicate = std::string(action, pos2 + 2, action.length() + m_predicate = std::string(m_parser_payload, pos2 + 2, + m_parser_payload.length() - (pos2 + 1)); } } - if (collectionName.empty() || variableName.empty()) { + if (m_collectionName.empty() || m_variableName.empty()) { error->assign("Something wrong with the input format"); return false; } @@ -92,22 +87,17 @@ bool SetVar::init(std::string *error) { return true; } -void SetVar::dump() { - std::cout << " Operation: " << std::to_string(operation) << std::endl; - std::cout << "Collection: " << collectionName << std::endl; - std::cout << " Variable: " << variableName << std::endl; - std::cout << " Predicate: " << predicate << std::endl; -} -bool SetVar::evaluate(Rule *rule, Transaction *transaction) { +bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) { std::string targetValue; - std::string variableNameExpanded = MacroExpansion::expand(variableName, - transaction); - std::string resolvedPre = MacroExpansion::expand(predicate, transaction); + std::string m_variableNameExpanded = MacroExpansion::expand(m_variableName, + transm_parser_payload); + std::string resolvedPre = MacroExpansion::expand(m_predicate, + transm_parser_payload); - if (operation == setOperation) { + if (m_operation == setOperation) { targetValue = resolvedPre; - } else if (operation == setToOne) { + } else if (m_operation == setToOne) { targetValue = std::string("1"); } else { int pre = 0; @@ -121,8 +111,9 @@ bool SetVar::evaluate(Rule *rule, Transaction *transaction) { try { std::string *resolvedValue = - transaction->m_collections.resolveFirst(collectionName, - variableNameExpanded); + transm_parser_payload->m_collections.resolveFirst( + m_collectionName, + m_variableNameExpanded); if (resolvedValue == NULL) { value = 0; } else { @@ -132,7 +123,7 @@ bool SetVar::evaluate(Rule *rule, Transaction *transaction) { value = 0; } - switch (operation) { + switch (m_operation) { case sumAndSetOperation: targetValue = std::to_string(value + pre); break; @@ -143,11 +134,11 @@ bool SetVar::evaluate(Rule *rule, Transaction *transaction) { } #ifndef NO_LOGS - transaction->debug(8, "Saving variable: " + collectionName + ":" + \ - variableNameExpanded + " with value: " + targetValue); + transm_parser_payload->debug(8, "Saving variable: " + m_collectionName \ + + ":" + m_variableNameExpanded + " with value: " + targetValue); #endif - transaction->m_collections.storeOrUpdateFirst(collectionName, - variableNameExpanded, targetValue); + transm_parser_payload->m_collections.storeOrUpdateFirst(m_collectionName, + m_variableNameExpanded, targetValue); return true; } diff --git a/src/actions/set_var.h b/src/actions/set_var.h index ebbce707..44cb4064 100644 --- a/src/actions/set_var.h +++ b/src/actions/set_var.h @@ -29,16 +29,11 @@ namespace actions { class SetVar : public Action { public: - explicit SetVar(std::string action); + explicit SetVar(std::string action) : Action(action) { } bool evaluate(Rule *rule, Transaction *transaction) override; - void dump(); bool init(std::string *error) override; - std::string collectionName; - std::string variableName; - std::string predicate; - enum SetVarOperation { /* Set variable to something */ setOperation, @@ -50,7 +45,11 @@ class SetVar : public Action { setToOne }; - SetVarOperation operation; + private: + SetVarOperation m_operation; + std::string m_collectionName; + std::string m_variableName; + std::string m_predicate; }; } // namespace actions diff --git a/src/actions/severity.cc b/src/actions/severity.cc index 600d27b4..0e823bde 100644 --- a/src/actions/severity.cc +++ b/src/actions/severity.cc @@ -26,28 +26,44 @@ namespace modsecurity { namespace actions { -Severity::Severity(std::string action) - : Action(action, RunTimeOnlyIfMatchKind) { - std::string a = action; - if (tolower(a) == "emergency") { - this->m_severity = 0; - } else if (tolower(a) == "alert") { - this->m_severity = 1; - } else if (tolower(a) == "critical") { - this->m_severity = 2; - } else if (tolower(a) == "error") { - this->m_severity = 3; - } else if (tolower(a) == "warning") { - this->m_severity = 4; - } else if (tolower(a) == "notice") { - this->m_severity = 5; - } else if (tolower(a) == "info") { - this->m_severity = 6; - } else if (tolower(a) == "debug") { - this->m_severity = 7; + +bool Severity::init(std::string *error) { + std::string a = tolower(m_parser_payload); + if (a == "emergency") { + m_severity = 0; + return true; + } else if (a == "alert") { + m_severity = 1; + return true; + } else if (a == "critical") { + m_severity = 2; + return true; + } else if (a == "error") { + m_severity = 3; + return true; + } else if (a == "warning") { + m_severity = 4; + return true; + } else if (a == "notice") { + m_severity = 5; + return true; + } else if (a == "info") { + m_severity = 6; + return true; + } else if (a == "debug") { + m_severity = 7; + return true; } else { - this->m_severity = std::stod(a); + try { + m_severity = std::stoi(a); + return true; + } catch (...) { + error->assign("Severity: The input \"" + a + "\" is " \ + "not a number."); + } } + + return false; } @@ -67,5 +83,6 @@ bool Severity::evaluate(Rule *rule, Transaction *transaction, return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/severity.h b/src/actions/severity.h index 9943eb1b..5190be12 100644 --- a/src/actions/severity.h +++ b/src/actions/severity.h @@ -21,7 +21,6 @@ #define SRC_ACTIONS_SEVERITY_H_ #ifdef __cplusplus -class Transaction; namespace modsecurity { class Transaction; @@ -31,15 +30,19 @@ namespace actions { class Severity : public Action { public: - explicit Severity(std::string action); + explicit Severity(std::string action) + : Action(action), + m_severity(0) { } bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) override; + bool init(std::string *error); private: int m_severity; }; + } // namespace actions } // namespace modsecurity #endif diff --git a/src/actions/skip_after.cc b/src/actions/skip_after.cc index 67f1ea2d..4286d1c4 100644 --- a/src/actions/skip_after.cc +++ b/src/actions/skip_after.cc @@ -25,19 +25,15 @@ namespace modsecurity { namespace actions { -SkipAfter::SkipAfter(std::string action) - : Action(action, RunTimeOnlyIfMatchKind), - m_marker(action) { -} - bool SkipAfter::evaluate(Rule *rule, Transaction *transaction) { #ifndef NO_LOGS - transaction->debug(5, "Setting skipAfter for: " + m_marker); + transaction->debug(5, "Setting skipAfter for: " + m_parser_payload); #endif - transaction->m_marker = m_marker; + transaction->m_marker = m_parser_payload; return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/skip_after.h b/src/actions/skip_after.h index 3b7c1042..36b690b6 100644 --- a/src/actions/skip_after.h +++ b/src/actions/skip_after.h @@ -29,12 +29,10 @@ namespace actions { class SkipAfter : public Action { public: - explicit SkipAfter(std::string action); + explicit SkipAfter(std::string action) + : Action(action, RunTimeOnlyIfMatchKind) { } bool evaluate(Rule *rule, Transaction *transaction) override; - - private: - std::string m_marker; }; diff --git a/src/actions/status.cc b/src/actions/status.cc index 77bb2d8f..bd8b5427 100644 --- a/src/actions/status.cc +++ b/src/actions/status.cc @@ -23,13 +23,16 @@ namespace modsecurity { namespace actions { -Status::Status(std::string action) - : Action(action) { - std::string a = action; - a.erase(0, 7); - this->action = action; - this->action_kind = 2; - this->status = stoi(a); + +bool Status::init(std::string *error) { + try { + m_status = std::stoi(m_parser_payload); + } catch (...) { + error->assign("Not a valid number: " + m_parser_payload); + return false; + } + + return true; } @@ -39,10 +42,11 @@ bool Status::evaluate(Rule *rule, Transaction *transaction) { } -void Status::fill_intervention(ModSecurityIntervention *i) { - i->status = this->status; +void Status::fillIntervention(ModSecurityIntervention *i) { + i->status = m_status; i->log = "Status"; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/status.h b/src/actions/status.h index fc444c20..f1db8146 100644 --- a/src/actions/status.h +++ b/src/actions/status.h @@ -29,11 +29,14 @@ namespace actions { class Status : public Action { public: - explicit Status(std::string actions); + explicit Status(std::string action) : Action(action, 2) { } + bool init(std::string *error); bool evaluate(Rule *rule, Transaction *transaction) override; - void fill_intervention(ModSecurityIntervention *i) override; - int status; + void fillIntervention(ModSecurityIntervention *i) override; + + protected: + int m_status; }; } // namespace actions diff --git a/src/actions/tag.cc b/src/actions/tag.cc index 0cb9e819..3bb99cce 100644 --- a/src/actions/tag.cc +++ b/src/actions/tag.cc @@ -49,16 +49,9 @@ namespace modsecurity { namespace actions { -Tag::Tag(std::string action) - : Action(action, RunTimeOnlyIfMatchKind), - m_tag(action) { - m_tag.erase(0, 1); - m_tag.pop_back(); -} - bool Tag::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { - std::string tag = MacroExpansion::expand(m_tag, transaction); + std::string tag = MacroExpansion::expand(m_parser_payload, transaction); #ifndef NO_LOGS transaction->debug(9, "Rule tag: " + tag); @@ -69,5 +62,6 @@ bool Tag::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/tag.h b/src/actions/tag.h index ffbe5f59..9086f89a 100644 --- a/src/actions/tag.h +++ b/src/actions/tag.h @@ -29,13 +29,11 @@ namespace actions { class Tag : public Action { public: - explicit Tag(std::string action); + explicit Tag(std::string action) + : Action(action, RunTimeOnlyIfMatchKind) { } bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) override; - - private: - std::string m_tag; }; diff --git a/src/actions/ver.cc b/src/actions/ver.cc index 9e396eaf..19c7a256 100644 --- a/src/actions/ver.cc +++ b/src/actions/ver.cc @@ -27,20 +27,12 @@ namespace modsecurity { namespace actions { -Ver::Ver(std::string action) - : Action(action, ConfigurationKind), - m_ver(action) { - if (m_ver.at(0) == '\'') { - m_ver.erase(0, 1); - m_ver.pop_back(); - } -} - bool Ver::evaluate(Rule *rule, Transaction *transaction) { - rule->m_ver = m_ver; + rule->m_ver = m_parser_payload; return true; } + } // namespace actions } // namespace modsecurity diff --git a/src/actions/ver.h b/src/actions/ver.h index f79bc875..88b62df9 100644 --- a/src/actions/ver.h +++ b/src/actions/ver.h @@ -29,7 +29,7 @@ namespace actions { class Ver : public Action { public: - explicit Ver(std::string action); + explicit Ver(std::string action) : Action(action, ConfigurationKind) { } bool evaluate(Rule *rule, Transaction *transaction) override; diff --git a/src/actions/xmlns.cc b/src/actions/xmlns.cc index fa21c7b6..b05b966d 100644 --- a/src/actions/xmlns.cc +++ b/src/actions/xmlns.cc @@ -30,15 +30,15 @@ bool XmlNS::init(std::string *error) { size_t pos; std::string http = "http://"; - pos = action.find("="); + pos = m_parser_payload.find("="); if (pos == std::string::npos) { error->assign("XMLS: Bad format, missing equals sign."); return false; } - m_name = std::string(action, 0, pos); - m_value = std::string(action, pos+1, action.size()); + m_name = std::string(m_parser_payload, 0, pos); + m_value = std::string(m_parser_payload, pos+1, m_parser_payload.size()); - if (m_value.empty() or m_name.empty()) { + if (m_value.empty() || m_name.empty()) { error->assign("XMLS: XMLNS is invalid. Expecting a " \ "name=value format."); return false; diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy index 8b55a5cc..1706be2d 100644 --- a/src/parser/seclang-parser.yy +++ b/src/parser/seclang-parser.yy @@ -481,7 +481,7 @@ expression: for (Action *a : *actions) { Phase *phase = dynamic_cast(a); if (phase != NULL) { - definedPhase = phase->phase; + definedPhase = phase->m_phase; secRuleDefinedPhase = phase->m_secRulesPhase; delete phase; } else if (a->action_kind == Action::RunTimeOnlyIfMatchKind || @@ -493,7 +493,7 @@ expression: } checkedActions.push_back(a); } else { - driver.error(@0, "The action '" + a->action + "' is not suitable to be part of the SecDefaultActions"); + driver.error(@0, "The action '" + a->m_name + "' is not suitable to be part of the SecDefaultActions"); YYERROR; } } @@ -863,11 +863,21 @@ act: } | TRANSFORMATION { + std::string error; $$ = Transformation::instantiate($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_ACCURACY { + std::string error; $$ = new Accuracy($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_EXEC { @@ -907,15 +917,30 @@ act: } | ACTION_REDIRECT { + std::string error; $$ = new Redirect($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_SEVERITY { + std::string error; $$ = new Severity($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_EXPIREVAR { + std::string error; $$ = Action::instantiate($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_SETENV { @@ -973,6 +998,7 @@ act: } | ACTION_SKIP { + std::string error; /* TODO: skip is not implemented yet. @@ -980,38 +1006,82 @@ act: $$ = new modsecurity::actions::SkipAfter($1); */ $$ = Action::instantiate($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_SKIP_AFTER { + std::string error; $$ = new modsecurity::actions::SkipAfter($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_AUDIT_LOG { + std::string error; $$ = new modsecurity::actions::AuditLog($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | LOG_DATA { + std::string error; $$ = new LogData($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_MSG { + std::string error; $$ = new Msg($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_TAG { + std::string error; $$ = new Tag($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_REV { + std::string error; $$ = new Rev($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_VER { + std::string error; $$ = new Ver($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_MATURITY { + std::string error; $$ = new Maturity($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_XMLNS { @@ -1034,7 +1104,12 @@ act: } | ACTION_CTL_AUDIT_LOG_PARTS { + std::string error; $$ = new CtlAuditLogParts($1); + if ($$->init(&error) == false) { + driver.error(@0, error); + YYERROR; + } } | ACTION_CTL_FORCE_REQ_BODY_VAR CONFIG_VALUE_ON { diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll index 342f3c48..d4fe383c 100755 --- a/src/parser/seclang-scanner.ll +++ b/src/parser/seclang-scanner.ll @@ -320,89 +320,89 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile) {ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); } {ACTION_PHASE} { return yy::seclang_parser::make_ACTION_PHASE(yytext, *driver.loc.back()); } -{ACTION_SKIP}:{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_ACTION_SKIP(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_SKIP_AFTER(strchr(yytext, ':') + 1, *driver.loc.back()); } +{ACTION_SKIP}:{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_ACTION_SKIP(yytext, *driver.loc.back()); } +{ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_SKIP_AFTER(yytext, *driver.loc.back()); } {ACTION_AUDIT_LOG} { return yy::seclang_parser::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); } -{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return yy::seclang_parser::make_ACTION_SEVERITY(yytext + 9, *driver.loc.back()); } -{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return yy::seclang_parser::make_ACTION_SEVERITY(std::string(yytext, 10, yyleng - 11), *driver.loc.back()); } +{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return yy::seclang_parser::make_ACTION_SEVERITY(yytext, *driver.loc.back()); } +{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return yy::seclang_parser::make_ACTION_SEVERITY(yytext, *driver.loc.back()); } {ACTION_EXEC}:'{VAR_FREE_TEXT_QUOTE}' { - return yy::seclang_parser::make_ACTION_EXEC(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_EXEC(yytext, *driver.loc.back()); } {ACTION_EXEC}:{VAR_FREE_TEXT_SPACE_COMMA} { - return yy::seclang_parser::make_ACTION_EXEC(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_EXEC(yytext, *driver.loc.back()); } {ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { - return yy::seclang_parser::make_ACTION_EXPIREVAR(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back()); } {ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}' { - return yy::seclang_parser::make_ACTION_EXPIREVAR(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back()); } {ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { - return yy::seclang_parser::make_ACTION_EXPIREVAR(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back()); } {ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE_COMMA} { - return yy::seclang_parser::make_ACTION_EXPIREVAR(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back()); } {ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { - return yy::seclang_parser::make_ACTION_SETENV(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back()); } {ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}' { - return yy::seclang_parser::make_ACTION_SETENV(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back()); } {ACTION_SETENV}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { - return yy::seclang_parser::make_ACTION_SETENV(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back()); } {ACTION_SETENV}:{VAR_FREE_TEXT_SPACE_COMMA} { - return yy::seclang_parser::make_ACTION_SETENV(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back()); } {ACTION_SETSID}:{VAR_FREE_TEXT_SPACE_COMMA} { - return yy::seclang_parser::make_ACTION_SETSID(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETSID(yytext, *driver.loc.back()); } {ACTION_SETSID}:'{VAR_FREE_TEXT_QUOTE}' { - return yy::seclang_parser::make_ACTION_SETSID(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETSID(yytext, *driver.loc.back()); } {ACTION_SETUID}:{VAR_FREE_TEXT_SPACE_COMMA} { - return yy::seclang_parser::make_ACTION_SETUID(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETUID(yytext, *driver.loc.back()); } {ACTION_SETUID}:'{VAR_FREE_TEXT_QUOTE}' { - return yy::seclang_parser::make_ACTION_SETUID(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETUID(yytext, *driver.loc.back()); } {ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { - return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back()); } {ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}' { - return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back()); } {ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { - return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back()); } {ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA} { - return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back()); + return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back()); } -{ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_XMLNS(strchr(yytext, ':') + 1, *driver.loc.back()); } +{ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_XMLNS(yytext, *driver.loc.back()); } -{LOG_DATA}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_LOG_DATA(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_MSG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MSG(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_ALLOW}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_ALLOW(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_ALLOW}:{FREE_TEXT_QUOTE_COMMA} { return yy::seclang_parser::make_ACTION_ALLOW(strchr(yytext, ':') + 1, *driver.loc.back()); } +{LOG_DATA}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_LOG_DATA(yytext, *driver.loc.back()); } +{ACTION_MSG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MSG(yytext, *driver.loc.back()); } +{ACTION_ALLOW}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_ALLOW(yytext, *driver.loc.back()); } +{ACTION_ALLOW}:{FREE_TEXT_QUOTE_COMMA} { return yy::seclang_parser::make_ACTION_ALLOW(yytext, *driver.loc.back()); } {ACTION_ALLOW} { return yy::seclang_parser::make_ACTION_ALLOW("", *driver.loc.back()); } -{ACTION_REDIRECT}:{FREE_TEXT} { return yy::seclang_parser::make_ACTION_REDIRECT(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_TAG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_TAG(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_REV}:'{FREE_TEXT_QUOTE_COMMA}' { return yy::seclang_parser::make_ACTION_REV(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_REV}:{FREE_TEXT_QUOTE_COMMA} { return yy::seclang_parser::make_ACTION_REV(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_VER}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_VER(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_MATURITY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MATURITY(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_MATURITY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_MATURITY(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_ACCURACY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_ACCURACY(strchr(yytext, ':') + 1, *driver.loc.back()); } -{ACTION_ACCURACY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_ACCURACY(strchr(yytext, ':') + 1, *driver.loc.back()); } +{ACTION_REDIRECT}:{FREE_TEXT} { return yy::seclang_parser::make_ACTION_REDIRECT(yytext, *driver.loc.back()); } +{ACTION_TAG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_TAG(yytext, *driver.loc.back()); } +{ACTION_REV}:'{FREE_TEXT_QUOTE_COMMA}' { return yy::seclang_parser::make_ACTION_REV(yytext, *driver.loc.back()); } +{ACTION_REV}:{FREE_TEXT_QUOTE_COMMA} { return yy::seclang_parser::make_ACTION_REV(yytext, *driver.loc.back()); } +{ACTION_VER}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_VER(yytext, *driver.loc.back()); } +{ACTION_MATURITY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MATURITY(yytext, *driver.loc.back()); } +{ACTION_MATURITY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_MATURITY(yytext, *driver.loc.back()); } +{ACTION_ACCURACY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_ACCURACY(yytext, *driver.loc.back()); } +{ACTION_ACCURACY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_ACCURACY(yytext, *driver.loc.back()); } {ACTION_CTL_BDY_XML} { return yy::seclang_parser::make_ACTION_CTL_BDY_XML(yytext, *driver.loc.back()); } {ACTION_CTL_BDY_JSON} { return yy::seclang_parser::make_ACTION_CTL_BDY_JSON(yytext, *driver.loc.back()); } {ACTION_INITCOL}:{COL_NAME}={COL_FREE_TEXT_SPACE_COMMA} { return yy::seclang_parser::make_ACTION_INITCOL(yytext, *driver.loc.back()); } diff --git a/src/rule.cc b/src/rule.cc index 94ab9d5b..2dfb35a8 100644 --- a/src/rule.cc +++ b/src/rule.cc @@ -116,7 +116,7 @@ Rule::Rule(Operator *_op, } else if (a->action_kind == Action::RunTimeOnlyIfMatchKind) { actions_runtime_pos.push_back(a); } else { - std::cout << "General failure, action: " << a->name; + std::cout << "General failure, action: " << a->m_name; std::cout << " has an unknown type." << std::endl; delete a; } @@ -141,13 +141,13 @@ Rule::Rule(Operator *_op, std::vector Rule::getActionNames() { std::vector a; for (auto &z : this->actions_runtime_pos) { - a.push_back(z->action); + a.push_back(z->m_name); } for (auto &z : this->actions_runtime_pre) { - a.push_back(z->action); + a.push_back(z->m_name); } for (auto &z : this->actions_conf) { - a.push_back(z->action); + a.push_back(z->m_name); } return a; @@ -201,7 +201,7 @@ bool Rule::evaluateActions(Transaction *trasn) { if (a->isDisruptive() == false) { #ifndef NO_LOGS trasn->debug(4, "Running (_non_ disruptive) action: " + - a->action); + a->m_name); #endif a->evaluate(this, trasn); } else { @@ -215,7 +215,7 @@ bool Rule::evaluateActions(Transaction *trasn) { if (containsDisruptive) { #ifndef NO_LOGS trasn->debug(4, "(SecDefaultAction) " \ - "_ignoring_ action: " + a->action + \ + "_ignoring_ action: " + a->m_name + \ " (rule contains a disruptive action)"); #endif } else { @@ -223,7 +223,7 @@ bool Rule::evaluateActions(Transaction *trasn) { == Rules::EnabledRuleEngine) { #ifndef NO_LOGS trasn->debug(4, "(SecDefaultAction) " \ - "Running action: " + a->action + \ + "Running action: " + a->m_name + \ " (rule _does not_ contains a " \ "disruptive action)"); #endif @@ -231,7 +231,7 @@ bool Rule::evaluateActions(Transaction *trasn) { } else { #ifndef NO_LOGS trasn->debug(4, "(SecDefaultAction) " \ - "_Not_ running action: " + a->action + \ + "_Not_ running action: " + a->m_name + \ ". Rule _does not_ contains a " \ "disruptive action, but SecRuleEngine is not On."); #endif @@ -240,7 +240,7 @@ bool Rule::evaluateActions(Transaction *trasn) { } else { #ifndef NO_LOGS trasn->debug(4, "(SecDefaultAction) Running action: " + \ - a->action); + a->m_name); a->evaluate(this, trasn); #endif } @@ -252,13 +252,13 @@ bool Rule::evaluateActions(Transaction *trasn) { && trasn->m_rules->secRuleEngine == Rules::EnabledRuleEngine) { #ifndef NO_LOGS - trasn->debug(4, "Running (disruptive) action: " + a->action); + trasn->debug(4, "Running (disruptive) action: " + a->m_name); #endif a->evaluate(this, trasn); } else if (a->isDisruptive()) { #ifndef NO_LOGS trasn->debug(4, "Not running disruptive action: " + \ - a->action + ". SecRuleEngine is not On"); + a->m_name + ". SecRuleEngine is not On"); #endif } } @@ -353,7 +353,7 @@ bool Rule::evaluate(Transaction *trasn) { #ifndef NO_LOGS trasn->debug(9, "(SecDefaultAction) T (" + \ std::to_string(transformations) + ") " + \ - a->name + ": \"" + value +"\""); + a->m_name + ": \"" + value +"\""); #endif transformations++; } @@ -366,7 +366,7 @@ bool Rule::evaluate(Transaction *trasn) { #ifndef NO_LOGS trasn->debug(9, " T (" + \ std::to_string(transformations) + ") " + \ - a->name + ": \"" + value +"\""); + a->m_name + ": \"" + value +"\""); #endif transformations++; } @@ -439,7 +439,7 @@ bool Rule::evaluate(Transaction *trasn) { #ifndef NO_LOGS trasn->debug(4, "(SecDefaultAction) _ignoring_ " \ - "action: " + a->action + \ + "action: " + a->m_name + \ " (rule contains a disruptive action)"); #endif } else { @@ -447,7 +447,7 @@ bool Rule::evaluate(Transaction *trasn) { == Rules::EnabledRuleEngine) { #ifndef NO_LOGS trasn->debug(4, "(SecDefaultAction) " \ - "Running action: " + a->action + \ + "Running action: " + a->m_name + \ " (rule _does not_ contains a " \ "disruptive action)"); #endif @@ -456,7 +456,7 @@ bool Rule::evaluate(Transaction *trasn) { #ifndef NO_LOGS trasn->debug(4, "(SecDefaultAction) " \ "_Not_ running action: " \ - + a->action + ". Rule _does not_" \ + + a->m_name + ". Rule _does not_" \ + " contains a disruptive action,"\ + " but SecRuleEngine is not On."); #endif @@ -465,7 +465,7 @@ bool Rule::evaluate(Transaction *trasn) { } else { #ifndef NO_LOGS trasn->debug(4, "(SecDefaultAction) Running " \ - "action: " + a->action + "!!" \ + "action: " + a->m_name + "!!" \ + std::to_string(a->isDisruptive())); #endif a->evaluate(this, trasn); @@ -479,19 +479,20 @@ bool Rule::evaluate(Transaction *trasn) { == Rules::EnabledRuleEngine) { #ifndef NO_LOGS trasn->debug(4, "Running (disruptive) " \ - "action: " + a->action); + "action: " + a->m_name); #endif a->evaluate(this, trasn); } else if (a->isDisruptive()) { #ifndef NO_LOGS trasn->debug(4, "Not running disruptive action: " + \ - a->action + ". SecRuleEngine is not On"); + a->m_name + ". SecRuleEngine " + \ + "is not On"); #endif } else if (!a->isDisruptive()) { #ifndef NO_LOGS trasn->debug(4, "Running (_non_ disruptive) " \ - "action: " + a->action); + "action: " + a->m_name); #endif a->evaluate(this, trasn, ruleMessage); } diff --git a/src/transaction.cc b/src/transaction.cc index 9ef3871d..3535b908 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -1268,7 +1268,7 @@ bool Transaction::intervention(ModSecurityIntervention *it) { if (m_actions.size() > 0) { for (Action *a : m_actions) { if (a->action_kind == Action::Kind::RunTimeOnlyIfMatchKind) { - a->fill_intervention(it); + a->fillIntervention(it); } if (a->temporaryAction) { delete a; diff --git a/test/test-cases/regression/action-id.json b/test/test-cases/regression/action-id.json index 46ad559e..58b1aa1f 100644 --- a/test/test-cases/regression/action-id.json +++ b/test/test-cases/regression/action-id.json @@ -128,7 +128,7 @@ ] }, "expected":{ - "debug_log": " trim: \"value2\"" + "debug_log": " t:trim: \"value2\"" }, "rules":[ "SecRuleEngine On", @@ -174,7 +174,7 @@ ] }, "expected":{ - "debug_log": " trim: \"value2\"" + "debug_log": " t:trim: \"value2\"" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/actions.json b/test/test-cases/regression/actions.json index fc7355fd..7fbcd3cc 100644 --- a/test/test-cases/regression/actions.json +++ b/test/test-cases/regression/actions.json @@ -49,7 +49,7 @@ }, "expected": { "audit_log": "", - "debug_log": "\\[9\\] T \\(0\\) trim: \"test", + "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", "error_log": "", "http_code": 403 }, @@ -110,7 +110,7 @@ }, "expected": { "audit_log": "", - "debug_log": "\\[9\\] T \\(0\\) trim: \"test", + "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", "error_log": "", "http_code": 302, "redirect_url": "http://www.google.com" @@ -172,7 +172,7 @@ }, "expected": { "audit_log": "", - "debug_log": "\\[9\\] T \\(0\\) trim: \"test", + "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", "error_log": "", "http_code": 500, "redirect_url": "http://www.google.com" @@ -234,7 +234,7 @@ }, "expected": { "audit_log": "", - "debug_log": "\\[9\\] T \\(0\\) trim: \"test", + "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", "error_log": "", "http_code": 500 }, @@ -295,7 +295,7 @@ }, "expected": { "audit_log": "", - "debug_log": "\\[9\\] T \\(0\\) trim: \"test", + "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", "error_log": "", "http_code": 500 }, @@ -356,7 +356,7 @@ }, "expected": { "audit_log": "", - "debug_log": "\\[9\\] T \\(0\\) trim: \"test", + "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", "error_log": "", "http_code": 500 }, diff --git a/test/test-cases/regression/auditlog.json b/test/test-cases/regression/auditlog.json index 19d391e1..30d3f0d5 100644 --- a/test/test-cases/regression/auditlog.json +++ b/test/test-cases/regression/auditlog.json @@ -40,7 +40,7 @@ }, "expected": { "audit_log": "", - "debug_log": "\\[9\\] T \\(0\\) trim: \"test", + "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", "error_log": "", "http_code": 403 }, @@ -99,7 +99,7 @@ }, "expected": { "audit_log": "", - "debug_log": "\\[9\\] T \\(0\\) trim: \"test", + "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", "error_log": "", "http_code": 403 }, @@ -159,7 +159,7 @@ }, "expected": { "audit_log": "", - "debug_log": "\\[9\\] T \\(0\\) trim: \"test", + "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", "error_log": "", "http_code": 403 }, diff --git a/test/test-cases/regression/config-response_type.json b/test/test-cases/regression/config-response_type.json index ba54eed3..f368ff52 100644 --- a/test/test-cases/regression/config-response_type.json +++ b/test/test-cases/regression/config-response_type.json @@ -31,7 +31,7 @@ ] }, "expected":{ - "debug_log":"T \\(0\\) trim: \"no need.\"" + "debug_log":"T \\(0\\) t:trim: \"no need.\"" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/config-secdefaultaction.json b/test/test-cases/regression/config-secdefaultaction.json index 0abbf63e..48c2075c 100644 --- a/test/test-cases/regression/config-secdefaultaction.json +++ b/test/test-cases/regression/config-secdefaultaction.json @@ -205,7 +205,7 @@ "version_max":0, "title":"Testing action :: SecDefaultAction: action not suitable", "expected":{ - "parser_error":"The action 'id:1' is not suitable to be part of the SecDefaultActions" + "parser_error":"The action 'id' is not suitable to be part of the SecDefaultActions" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/transformations.json b/test/test-cases/regression/transformations.json index 49f17ad1..90d88a91 100644 --- a/test/test-cases/regression/transformations.json +++ b/test/test-cases/regression/transformations.json @@ -49,7 +49,7 @@ }, "expected": { "audit_log": "", - "debug_log": " trim: \"test\"", + "debug_log": " t:trim: \"test\"", "error_log": "" }, "rules": [ diff --git a/test/test-cases/regression/variable-FILES.json b/test/test-cases/regression/variable-FILES.json index 4a22e37d..dc296ea7 100644 --- a/test/test-cases/regression/variable-FILES.json +++ b/test/test-cases/regression/variable-FILES.json @@ -51,7 +51,7 @@ ] }, "expected":{ - "debug_log":"T \\(1\\) trim: \"small_text_file" + "debug_log":"T \\(1\\) t:trim: \"small_text_file" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/variable-FILES_NAMES.json b/test/test-cases/regression/variable-FILES_NAMES.json index 896598c3..9df56616 100644 --- a/test/test-cases/regression/variable-FILES_NAMES.json +++ b/test/test-cases/regression/variable-FILES_NAMES.json @@ -51,7 +51,7 @@ ] }, "expected":{ - "debug_log":"T \\(1\\) trim: \"filedata" + "debug_log":"T \\(1\\) t:trim: \"filedata" }, "rules":[ "SecRuleEngine On",