github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-20 02:57:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Actions refactoring: now there is a clear definiation on the action name

Browse Source
This commit is contained in:
Felipe Zimmerle
2016-05-17 14:36:59 -03:00
parent 1b88947d9b
commit 8c714af8e1
62 changed files with 431 additions and 359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/actions/accuracy.cc
View File

@@ -27,14 +27,16 @@
namespace modsecurity {
namespace actions {
Accuracy::Accuracy(std::string action)
: Action(action, ConfigurationKind),
m_accuracy_str(action) {
if (m_accuracy_str.at(0) == '\'') {
m_accuracy_str.erase(0, 1);
m_accuracy_str.pop_back();
bool Accuracy::init(std::string *error) {
try {
m_accuracy = std::stoi(m_parser_payload);
} catch (...) {
error->assign("Accuracy: The input \"" + m_parser_payload + "\" is " \
"not a number.");
return false;
}
m_accuracy = std::stoi(m_accuracy_str);
return true;
}
@@ -43,5 +45,6 @@ bool Accuracy::evaluate(Rule *rule, Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

6
src/actions/accuracy.h
View File

@@ -29,12 +29,14 @@ namespace actions {
class Accuracy : public Action {
public:
explicit Accuracy(std::string action);
explicit Accuracy(std::string action)
: Action(action, ConfigurationKind),
m_accuracy(0) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
std::string m_accuracy_str;
int m_accuracy;
};

2
src/actions/action.cc
View File

@@ -52,7 +52,7 @@ bool Action::evaluate(Rule *rule, Transaction *transaction) {
}
void Action::fill_intervention(ModSecurityIntervention *i) {
void Action::fillIntervention(ModSecurityIntervention *i) {
}
Action *Action::instantiate(const std::string& name) {

45
src/actions/action.h
View File

@@ -35,21 +35,43 @@ class Action {
public:
explicit Action(const std::string& _action)
: action_kind(2),
action(_action),
name(_action),
m_name(""),
m_parser_payload(""),
m_isNone(false),
temporaryAction(false) {
name.erase(0, 2);
set_name_and_payload(_action);
}
explicit Action(const std::string& _action, int kind)
: action_kind(kind),
action(_action),
name(_action),
m_name(""),
m_parser_payload(""),
m_isNone(false),
temporaryAction(false) {
name.erase(0, 2);
set_name_and_payload(_action);
}
void set_name_and_payload(const std::string& data) {
size_t pos = data.find(":");
std::string t = "t:";
if (data.compare(0, t.length(), t) == 0) {
pos = data.find(":", 2);
}
if (pos == std::string::npos) {
m_name = data;
return;
}
m_name = std::string(data, 0, pos);
m_parser_payload = std::string(data, pos + 1, data.length());
if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) {
m_parser_payload.erase(0, 1);
m_parser_payload.pop_back();
}
}
virtual ~Action() { }
/**
*
@@ -83,9 +105,6 @@ class Action {
RunTimeOnlyIfMatchKind,
};
std::string action;
int action_kind;
std::string name;
virtual std::string evaluate(std::string exp,
Transaction *transaction);
@@ -94,14 +113,20 @@ class Action {
RuleMessage *ruleMessage) {
return evaluate(rule, transaction);
}
virtual bool init(std::string *error) { return true; }
virtual bool isDisruptive() { return false; }
virtual void fillIntervention(ModSecurityIntervention *intervention);
static Action *instantiate(const std::string& name);
virtual void fill_intervention(ModSecurityIntervention *intervention);
bool temporaryAction;
std::string m_name;
std::string m_parser_payload;
bool m_isNone;
int action_kind;
};

2
src/actions/audit_log.cc
View File

@@ -23,10 +23,12 @@
namespace modsecurity {
namespace actions {
bool AuditLog::evaluate(Rule *rule, Transaction *transaction) {
transaction->m_toBeSavedInAuditlogs = true;
return true;
}
} // namespace actions
} // namespace modsecurity

1
src/actions/audit_log.h
View File

@@ -37,6 +37,7 @@ class AuditLog : public Action {
bool evaluate(Rule *rule, Transaction *transaction) override;
};
} // namespace actions
} // namespace modsecurity
#endif

10
src/actions/block.cc
View File

@@ -25,12 +25,6 @@
namespace modsecurity {
namespace actions {
Block::Block(std::string action)
: Action(action) {
this->action = action;
this->action_kind = 2;
}
bool Block::evaluate(Rule *rule, Transaction *transaction) {
#ifndef NO_LOGS
@@ -44,9 +38,11 @@ bool Block::evaluate(Rule *rule, Transaction *transaction) {
return true;
}
void Block::fill_intervention(ModSecurityIntervention *i) {
void Block::fillIntervention(ModSecurityIntervention *i) {
i->disruptive = true;
}
} // namespace actions
} // namespace modsecurity

5
src/actions/block.h
View File

@@ -31,13 +31,14 @@ namespace actions {
class Block : public Action {
public:
explicit Block(std::string action);
explicit Block(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
void fill_intervention(ModSecurityIntervention *i) override;
void fillIntervention(ModSecurityIntervention *i) override;
bool isDisruptive() override { return true; }
};
} // namespace actions
} // namespace modsecurity
#endif

2
src/actions/capture.cc
View File

@@ -31,6 +31,7 @@
namespace modsecurity {
namespace actions {
bool Capture::evaluate(Rule *rule, Transaction *transaction) {
if (transaction->m_matched.empty()) {
return false;
@@ -46,5 +47,6 @@ bool Capture::evaluate(Rule *rule, Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

2
src/actions/chain.cc
View File

@@ -25,11 +25,11 @@ namespace modsecurity {
namespace actions {
bool Chain::evaluate(Rule *rule, Transaction *transaction) {
rule->chained = true;
return true;
}
} // namespace actions
} // namespace modsecurity

8
src/actions/ctl_audit_log_parts.cc
View File

@@ -23,11 +23,9 @@
namespace modsecurity {
namespace actions {
CtlAuditLogParts::CtlAuditLogParts(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
mPartsAction(0) {
std::string what(action, 18, 1);
mParts = std::string(action, 19, action.length()-19);
bool CtlAuditLogParts::init(std::string *error) {
std::string what(m_parser_payload, 14, 1);
mParts = std::string(m_parser_payload, 15, m_parser_payload.length()-15);
if (what == "+") {
mPartsAction = 0;
} else {

8
src/actions/ctl_audit_log_parts.h
View File

@@ -27,9 +27,15 @@ namespace actions {
class CtlAuditLogParts : public Action {
public:
explicit CtlAuditLogParts(std::string action);
explicit CtlAuditLogParts(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
mPartsAction(0),
mParts("") { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
protected:
int mPartsAction;
std::string mParts;
};

10
src/actions/deny.cc
View File

@@ -23,12 +23,6 @@
namespace modsecurity {
namespace actions {
Deny::Deny(std::string action)
: Action(action) {
this->action = action;
this->action_kind = 2;
}
bool Deny::evaluate(Rule *rule, Transaction *transaction) {
#ifndef NO_LOGS
@@ -38,7 +32,8 @@ bool Deny::evaluate(Rule *rule, Transaction *transaction) {
return true;
}
void Deny::fill_intervention(ModSecurityIntervention *i) {
void Deny::fillIntervention(ModSecurityIntervention *i) {
if (i->status == 200) {
i->status = 403;
}
@@ -46,5 +41,6 @@ void Deny::fill_intervention(ModSecurityIntervention *i) {
i->disruptive = true;
}
} // namespace actions
} // namespace modsecurity

4
src/actions/deny.h
View File

@@ -27,10 +27,10 @@ namespace actions {
class Deny : public Action {
public:
explicit Deny(std::string action);
explicit Deny(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
void fill_intervention(ModSecurityIntervention *i) override;
void fillIntervention(ModSecurityIntervention *i) override;
bool isDisruptive() override { return true; }
};

13
src/actions/init_col.cc
View File

@@ -27,24 +27,19 @@
namespace modsecurity {
namespace actions {
InitCol::InitCol(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) {
}
bool InitCol::init(std::string *error) {
int posEquals = action.find("=");
int posInit = strlen("initcol:");
int posEquals = m_parser_payload.find("=");
if (action.size() < 8) {
if (m_parser_payload.size() < 8) {
return false;
}
if (posEquals == std::string::npos) {
return false;
}
m_collection_key = std::string(action, posInit, posEquals - posInit);
m_collection_value = std::string(action, posEquals + 1);
m_collection_key = std::string(m_parser_payload, 0, posEquals);
m_collection_value = std::string(m_parser_payload, posEquals + 1);
if (m_collection_key != "ip" && m_collection_key != "global") {
return false;

2
src/actions/init_col.h
View File

@@ -29,7 +29,7 @@ namespace actions {
class InitCol : public Action {
public:
explicit InitCol(std::string action);
explicit InitCol(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;

2
src/actions/log.cc
View File

@@ -23,6 +23,7 @@
namespace modsecurity {
namespace actions {
bool Log::evaluate(Rule *rule, Transaction *transaction) {
transaction->m_toBeSavedInAuditlogs = true;
/* FIXME: transaction->serverLog("Something...."); */
@@ -30,5 +31,6 @@ bool Log::evaluate(Rule *rule, Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

9
src/actions/log_data.cc
View File

@@ -27,16 +27,9 @@
namespace modsecurity {
namespace actions {
LogData::LogData(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
m_data(action) {
m_data.erase(0, 1);
m_data.pop_back();
}
bool LogData::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
std::string data = MacroExpansion::expand(m_data, transaction);
std::string data = MacroExpansion::expand(m_parser_payload, transaction);
rm->m_data = data;

6
src/actions/log_data.h
View File

@@ -29,13 +29,11 @@ namespace actions {
class LogData : public Action {
public:
explicit LogData(std::string action);
explicit LogData(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *rm) override;
private:
std::string m_data;
};

17
src/actions/maturity.cc
View File

@@ -27,14 +27,16 @@
namespace modsecurity {
namespace actions {
Maturity::Maturity(std::string action)
: Action(action, ConfigurationKind),
m_maturity_str(action) {
if (m_maturity_str.at(0) == '\'') {
m_maturity_str.erase(0, 1);
m_maturity_str.pop_back();
bool Maturity::init(std::string *error) {
try {
m_maturity = std::stoi(m_parser_payload);
} catch (...) {
error->assign("Maturity: The input \"" + m_parser_payload + "\" is " \
"not a number.");
return false;
}
m_maturity = std::stoi(m_maturity_str);
return true;
}
@@ -43,5 +45,6 @@ bool Maturity::evaluate(Rule *rule, Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

6
src/actions/maturity.h
View File

@@ -29,12 +29,14 @@ namespace actions {
class Maturity : public Action {
public:
explicit Maturity(std::string action);
explicit Maturity(std::string action)
: Action(action, ConfigurationKind),
m_maturity(0) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
std::string m_maturity_str;
int m_maturity;
};

9
src/actions/msg.cc
View File

@@ -45,16 +45,9 @@
namespace modsecurity {
namespace actions {
Msg::Msg(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
m_msg(action) {
m_msg.erase(0, 1);
m_msg.pop_back();
}
bool Msg::evaluate(Rule *rule, Transaction *transaction) {
std::string msg = MacroExpansion::expand(m_msg, transaction);
std::string msg = MacroExpansion::expand(m_parser_payload, transaction);
#ifndef NO_LOGS
transaction->debug(9, "Saving msg: " + msg);

6
src/actions/msg.h
View File

@@ -29,12 +29,10 @@ namespace actions {
class Msg : public Action {
public:
explicit Msg(std::string action);
explicit Msg(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
private:
std::string m_msg;
};

2
src/actions/no_audit_log.cc
View File

@@ -23,10 +23,12 @@
namespace modsecurity {
namespace actions {
bool NoAuditLog::evaluate(Rule *rule, Transaction *transaction) {
transaction->m_toNotBeSavedInAuditLogs = true;
return true;
}
} // namespace actions
} // namespace modsecurity

6
src/actions/pass.cc
View File

@@ -24,12 +24,6 @@
namespace modsecurity {
namespace actions {
Pass::Pass(std::string action)
: Action(action) {
this->action = action;
this->action_kind = 2;
}
bool Pass::evaluate(Rule *rule, Transaction *transaction) {
transaction->m_actions.clear();

2
src/actions/pass.h
View File

@@ -27,7 +27,7 @@ namespace actions {
class Pass : public Action {
public:
explicit Pass(std::string action);
explicit Pass(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool isDisruptive() override { return true; }

46
src/actions/phase.cc
View File

@@ -26,51 +26,39 @@
namespace modsecurity {
namespace actions {
Phase::Phase(std::string action)
: Action(action),
m_secRulesPhase(0),
phase(0) {
this->action_kind = ConfigurationKind;
std::string a = action;
a.erase(0, 6);
if (a.at(0) == '\'') {
a.erase(0, 1);
a.pop_back();
}
bool Phase::init(std::string *error) {
std::string a = tolower(m_parser_payload);
try {
this->phase = std::stoi(a);
m_phase = std::stoi(m_parser_payload);
} catch (...) {
this->phase = 0;
if (tolower(a) == "request") {
this->phase = ModSecurity::Phases::RequestHeadersPhase;
m_phase = 0;
if (a == "request") {
m_phase = ModSecurity::Phases::RequestHeadersPhase;
m_secRulesPhase = 2;
}
if (tolower(a) == "response") {
this->phase = ModSecurity::Phases::ResponseBodyPhase;
if (a == "response") {
m_phase = ModSecurity::Phases::ResponseBodyPhase;
m_secRulesPhase = 4;
}
if (tolower(a) == "logging") {
this->phase = ModSecurity::Phases::LoggingPhase;
if (a == "logging") {
m_phase = ModSecurity::Phases::LoggingPhase;
m_secRulesPhase = 5;
}
}
if (this->phase == 0) {
if (m_phase == 0) {
/* Phase 0 is something new, we want to use as ConnectionPhase */
this->phase = ModSecurity::Phases::ConnectionPhase;
m_phase = ModSecurity::Phases::ConnectionPhase;
m_secRulesPhase = 1;
} else {
/* Otherwise we want to shift the rule to the correct phase */
m_secRulesPhase = phase;
this->phase = phase + 1;
m_secRulesPhase = m_phase;
m_phase = m_phase + 1;
}
}
bool Phase::init(std::string *error) {
if (phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
error->assign("Unknown phase: " + std::to_string(phase));
if (m_phase > ModSecurity::Phases::NUMBER_OF_PHASES) {
error->assign("Unknown phase: " + std::to_string(m_phase));
return false;
}
return true;
@@ -78,7 +66,7 @@ bool Phase::init(std::string *error) {
bool Phase::evaluate(Rule *rule, Transaction *transaction) {
rule->phase = this->phase;
rule->phase = m_phase;
return true;
}

7
src/actions/phase.h
View File

@@ -32,11 +32,14 @@ namespace actions {
class Phase : public Action {
public:
explicit Phase(std::string action);
explicit Phase(std::string action) : Action(action, ConfigurationKind),
m_secRulesPhase(0),
m_phase(0) { }
bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override;
int phase;
int m_phase;
int m_secRulesPhase;
};

19
src/actions/redirect.cc
View File

@@ -24,20 +24,11 @@
namespace modsecurity {
namespace actions {
Redirect::~Redirect() {
}
Redirect::Redirect(const std::string& action)
: Action(action, RunTimeOnlyIfMatchKind),
m_url(action) {
// m_url = m_url.erase(0, 9);
if (m_url.at(0) == '\'') {
m_url.erase(0, 1);
if (m_url.size() > 0) {
m_url.pop_back();
}
}
bool Redirect::init(std::string *error) {
m_url = m_parser_payload;
m_status = 302;
return true;
}
@@ -47,7 +38,8 @@ bool Redirect::evaluate(Rule *rule, Transaction *transaction) {
return true;
}
void Redirect::fill_intervention(ModSecurityIntervention *i) {
void Redirect::fillIntervention(ModSecurityIntervention *i) {
/* if it was changed before, lets keep it. */
if (i->status == 200) {
i->status = m_status;
@@ -57,5 +49,6 @@ void Redirect::fill_intervention(ModSecurityIntervention *i) {
i->disruptive = true;
}
} // namespace actions
} // namespace modsecurity

8
src/actions/redirect.h
View File

@@ -30,12 +30,14 @@ namespace actions {
class Redirect : public Action {
public:
explicit Redirect(const std::string &action);
~Redirect() override;
explicit Redirect(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
void fill_intervention(ModSecurityIntervention *i) override;
bool init(std::string *error) override;
void fillIntervention(ModSecurityIntervention *i) override;
bool isDisruptive() override { return true; }
private:
int m_status;
std::string m_urlExpanded;

12
src/actions/rev.cc
View File

@@ -27,13 +27,10 @@
namespace modsecurity {
namespace actions {
Rev::Rev(std::string action)
: Action(action, ConfigurationKind),
m_rev(action) {
if (m_rev.at(0) == '\'') {
m_rev.erase(0, 1);
m_rev.pop_back();
}
bool Rev::init(std::string *error) {
m_rev = m_parser_payload;
return true;
}
@@ -42,5 +39,6 @@ bool Rev::evaluate(Rule *rule, Transaction *transaction) {
return true;
}
} // namespace actions
} // namespace modsecurity

3
src/actions/rev.h
View File

@@ -29,9 +29,10 @@ namespace actions {
class Rev : public Action {
public:
explicit Rev(std::string action);
explicit Rev(std::string action) : Action(action, ConfigurationKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
std::string m_rev;

10
src/actions/rule_id.cc
View File

@@ -24,15 +24,11 @@
namespace modsecurity {
namespace actions {
bool RuleId::init(std::string *error) {
std::string a = action;
std::string a = m_parser_payload;
try {
a.erase(0, 3);
if (a.at(0) == '\'') {
a.erase(0, 1);
a.pop_back();
}
m_ruleId = std::stod(a);
} catch (...) {
m_ruleId = 0;
@@ -51,10 +47,12 @@ bool RuleId::init(std::string *error) {
return true;
}
bool RuleId::evaluate(Rule *rule, Transaction *transaction) {
rule->rule_id = m_ruleId;
return true;
}
} // namespace actions
} // namespace modsecurity

4
src/actions/set_sid.cc
View File

@@ -28,9 +28,11 @@ namespace actions {
bool SetSID::init(std::string *error) {
m_collection_key = std::string(action, 0, action.length());
m_collection_key = std::string(m_parser_payload, 0,
m_parser_payload.length());
if (m_collection_key.empty()) {
error->assign("Missing collection key");
return false;
}

1
src/actions/set_sid.h
View File

@@ -34,6 +34,7 @@ class SetSID : public Action {
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
std::string m_collection_key;
};

4
src/actions/set_uid.cc
View File

@@ -28,9 +28,11 @@ namespace actions {
bool SetUID::init(std::string *error) {
m_collection_key = std::string(action, 0, action.length());
m_collection_key = std::string(m_parser_payload, 0,
m_parser_payload.length());
if (m_collection_key.empty()) {
error->assign("Missing collection key");
return false;
}

1
src/actions/set_uid.h
View File

@@ -34,6 +34,7 @@ class SetUID : public Action {
bool evaluate(Rule *rule, Transaction *transaction) override;
bool init(std::string *error) override;
private:
std::string m_collection_key;
};

85
src/actions/set_var.cc
View File

@@ -26,65 +26,60 @@
namespace modsecurity {
namespace actions {
SetVar::SetVar(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) {
}
bool SetVar::init(std::string *error) {
size_t pos;
if (action.at(0) == '\'' && action.size() > 3) {
action.erase(0, 1);
action.pop_back();
}
// Resolv operation
operation = setToOne;
pos = action.find("=");
m_operation = setToOne;
pos = m_parser_payload.find("=");
if (pos != std::string::npos) {
operation = setOperation;
m_operation = setOperation;
}
pos = action.find("=+");
pos = m_parser_payload.find("=+");
if (pos != std::string::npos) {
operation = sumAndSetOperation;
m_operation = sumAndSetOperation;
}
pos = action.find("=-");
pos = m_parser_payload.find("=-");
if (pos != std::string::npos) {
operation = substractAndSetOperation;
m_operation = substractAndSetOperation;
}
// Collection name
pos = action.find(".");
pos = m_parser_payload.find(".");
if (pos != std::string::npos) {
collectionName = std::string(action, 0, pos);
collectionName = toupper(collectionName);
m_collectionName = std::string(m_parser_payload, 0, pos);
m_collectionName = toupper(m_collectionName);
} else {
error->assign("Missing the collection and/or variable name");
return false;
}
// Variable name
if (operation == setToOne) {
variableName = std::string(action, pos + 1, action.length()
if (m_operation == setToOne) {
m_variableName = std::string(m_parser_payload, pos + 1,
m_parser_payload.length()
- (pos + 1));
} else {
size_t pos2 = action.find("=");
variableName = std::string(action, pos + 1, pos2 - (pos + 1));
if (pos2 + 2 > action.length()) {
size_t pos2 = m_parser_payload.find("=");
m_variableName = std::string(m_parser_payload, pos + 1,
pos2 - (pos + 1));
if (pos2 + 2 > m_parser_payload.length()) {
error->assign("Something wrong with the input format");
return false;
}
if (operation == setOperation) {
predicate = std::string(action, pos2 + 1, action.length() - (pos2));
if (m_operation == setOperation) {
m_predicate = std::string(m_parser_payload, pos2 + 1,
m_parser_payload.length() - (pos2));
} else {
predicate = std::string(action, pos2 + 2, action.length()
m_predicate = std::string(m_parser_payload, pos2 + 2,
m_parser_payload.length()
- (pos2 + 1));
}
}
if (collectionName.empty() || variableName.empty()) {
if (m_collectionName.empty() || m_variableName.empty()) {
error->assign("Something wrong with the input format");
return false;
}
@@ -92,22 +87,17 @@ bool SetVar::init(std::string *error) {
return true;
}
void SetVar::dump() {
std::cout << " Operation: " << std::to_string(operation) << std::endl;
std::cout << "Collection: " << collectionName << std::endl;
std::cout << " Variable: " << variableName << std::endl;
std::cout << " Predicate: " << predicate << std::endl;
}
bool SetVar::evaluate(Rule *rule, Transaction *transaction) {
bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) {
std::string targetValue;
std::string variableNameExpanded = MacroExpansion::expand(variableName,
transaction);
std::string resolvedPre = MacroExpansion::expand(predicate, transaction);
std::string m_variableNameExpanded = MacroExpansion::expand(m_variableName,
transm_parser_payload);
std::string resolvedPre = MacroExpansion::expand(m_predicate,
transm_parser_payload);
if (operation == setOperation) {
if (m_operation == setOperation) {
targetValue = resolvedPre;
} else if (operation == setToOne) {
} else if (m_operation == setToOne) {
targetValue = std::string("1");
} else {
int pre = 0;
@@ -121,8 +111,9 @@ bool SetVar::evaluate(Rule *rule, Transaction *transaction) {
try {
std::string *resolvedValue =
transaction->m_collections.resolveFirst(collectionName,
variableNameExpanded);
transm_parser_payload->m_collections.resolveFirst(
m_collectionName,
m_variableNameExpanded);
if (resolvedValue == NULL) {
value = 0;
} else {
@@ -132,7 +123,7 @@ bool SetVar::evaluate(Rule *rule, Transaction *transaction) {
value = 0;
}
switch (operation) {
switch (m_operation) {
case sumAndSetOperation:
targetValue = std::to_string(value + pre);
break;
@@ -143,11 +134,11 @@ bool SetVar::evaluate(Rule *rule, Transaction *transaction) {
}
#ifndef NO_LOGS
transaction->debug(8, "Saving variable: " + collectionName + ":" + \
variableNameExpanded + " with value: " + targetValue);
transm_parser_payload->debug(8, "Saving variable: " + m_collectionName \
+ ":" + m_variableNameExpanded + " with value: " + targetValue);
#endif
transaction->m_collections.storeOrUpdateFirst(collectionName,
variableNameExpanded, targetValue);
transm_parser_payload->m_collections.storeOrUpdateFirst(m_collectionName,
m_variableNameExpanded, targetValue);
return true;
}

13
src/actions/set_var.h
View File

@@ -29,16 +29,11 @@ namespace actions {
class SetVar : public Action {
public:
explicit SetVar(std::string action);
explicit SetVar(std::string action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
void dump();
bool init(std::string *error) override;
std::string collectionName;
std::string variableName;
std::string predicate;
enum SetVarOperation {
/* Set variable to something */
setOperation,
@@ -50,7 +45,11 @@ class SetVar : public Action {
setToOne
};
SetVarOperation operation;
private:
SetVarOperation m_operation;
std::string m_collectionName;
std::string m_variableName;
std::string m_predicate;
};
} // namespace actions

57
src/actions/severity.cc
View File

@@ -26,28 +26,44 @@
namespace modsecurity {
namespace actions {
Severity::Severity(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) {
std::string a = action;
if (tolower(a) == "emergency") {
this->m_severity = 0;
} else if (tolower(a) == "alert") {
this->m_severity = 1;
} else if (tolower(a) == "critical") {
this->m_severity = 2;
} else if (tolower(a) == "error") {
this->m_severity = 3;
} else if (tolower(a) == "warning") {
this->m_severity = 4;
} else if (tolower(a) == "notice") {
this->m_severity = 5;
} else if (tolower(a) == "info") {
this->m_severity = 6;
} else if (tolower(a) == "debug") {
this->m_severity = 7;
bool Severity::init(std::string *error) {
std::string a = tolower(m_parser_payload);
if (a == "emergency") {
m_severity = 0;
return true;
} else if (a == "alert") {
m_severity = 1;
return true;
} else if (a == "critical") {
m_severity = 2;
return true;
} else if (a == "error") {
m_severity = 3;
return true;
} else if (a == "warning") {
m_severity = 4;
return true;
} else if (a == "notice") {
m_severity = 5;
return true;
} else if (a == "info") {
m_severity = 6;
return true;
} else if (a == "debug") {
m_severity = 7;
return true;
} else {
this->m_severity = std::stod(a);
try {
m_severity = std::stoi(a);
return true;
} catch (...) {
error->assign("Severity: The input \"" + a + "\" is " \
"not a number.");
}
}
return false;
}
@@ -67,5 +83,6 @@ bool Severity::evaluate(Rule *rule, Transaction *transaction,
return true;
}
} // namespace actions
} // namespace modsecurity

7
src/actions/severity.h
View File

@@ -21,7 +21,6 @@
#define SRC_ACTIONS_SEVERITY_H_
#ifdef __cplusplus
class Transaction;
namespace modsecurity {
class Transaction;
@@ -31,15 +30,19 @@ namespace actions {
class Severity : public Action {
public:
explicit Severity(std::string action);
explicit Severity(std::string action)
: Action(action),
m_severity(0) { }
bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *rm) override;
bool init(std::string *error);
private:
int m_severity;
};
} // namespace actions
} // namespace modsecurity
#endif

10
src/actions/skip_after.cc
View File

@@ -25,19 +25,15 @@
namespace modsecurity {
namespace actions {
SkipAfter::SkipAfter(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
m_marker(action) {
}
bool SkipAfter::evaluate(Rule *rule, Transaction *transaction) {
#ifndef NO_LOGS
transaction->debug(5, "Setting skipAfter for: " + m_marker);
transaction->debug(5, "Setting skipAfter for: " + m_parser_payload);
#endif
transaction->m_marker = m_marker;
transaction->m_marker = m_parser_payload;
return true;
}
} // namespace actions
} // namespace modsecurity

6
src/actions/skip_after.h
View File

@@ -29,12 +29,10 @@ namespace actions {
class SkipAfter : public Action {
public:
explicit SkipAfter(std::string action);
explicit SkipAfter(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override;
private:
std::string m_marker;
};

22
src/actions/status.cc
View File

@@ -23,13 +23,16 @@
namespace modsecurity {
namespace actions {
Status::Status(std::string action)
: Action(action) {
std::string a = action;
a.erase(0, 7);
this->action = action;
this->action_kind = 2;
this->status = stoi(a);
bool Status::init(std::string *error) {
try {
m_status = std::stoi(m_parser_payload);
} catch (...) {
error->assign("Not a valid number: " + m_parser_payload);
return false;
}
return true;
}
@@ -39,10 +42,11 @@ bool Status::evaluate(Rule *rule, Transaction *transaction) {
}
void Status::fill_intervention(ModSecurityIntervention *i) {
i->status = this->status;
void Status::fillIntervention(ModSecurityIntervention *i) {
i->status = m_status;
i->log = "Status";
}
} // namespace actions
} // namespace modsecurity

9
src/actions/status.h
View File

@@ -29,11 +29,14 @@ namespace actions {
class Status : public Action {
public:
explicit Status(std::string actions);
explicit Status(std::string action) : Action(action, 2) { }
bool init(std::string *error);
bool evaluate(Rule *rule, Transaction *transaction) override;
void fill_intervention(ModSecurityIntervention *i) override;
int status;
void fillIntervention(ModSecurityIntervention *i) override;
protected:
int m_status;
};
} // namespace actions

10
src/actions/tag.cc
View File

@@ -49,16 +49,9 @@
namespace modsecurity {
namespace actions {
Tag::Tag(std::string action)
: Action(action, RunTimeOnlyIfMatchKind),
m_tag(action) {
m_tag.erase(0, 1);
m_tag.pop_back();
}
bool Tag::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
std::string tag = MacroExpansion::expand(m_tag, transaction);
std::string tag = MacroExpansion::expand(m_parser_payload, transaction);
#ifndef NO_LOGS
transaction->debug(9, "Rule tag: " + tag);
@@ -69,5 +62,6 @@ bool Tag::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
return true;
}
} // namespace actions
} // namespace modsecurity

6
src/actions/tag.h
View File

@@ -29,13 +29,11 @@ namespace actions {
class Tag : public Action {
public:
explicit Tag(std::string action);
explicit Tag(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *rm) override;
private:
std::string m_tag;
};

12
src/actions/ver.cc
View File

@@ -27,20 +27,12 @@
namespace modsecurity {
namespace actions {
Ver::Ver(std::string action)
: Action(action, ConfigurationKind),
m_ver(action) {
if (m_ver.at(0) == '\'') {
m_ver.erase(0, 1);
m_ver.pop_back();
}
}
bool Ver::evaluate(Rule *rule, Transaction *transaction) {
rule->m_ver = m_ver;
rule->m_ver = m_parser_payload;
return true;
}
} // namespace actions
} // namespace modsecurity

2
src/actions/ver.h
View File

@@ -29,7 +29,7 @@ namespace actions {
class Ver : public Action {
public:
explicit Ver(std::string action);
explicit Ver(std::string action) : Action(action, ConfigurationKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override;

8
src/actions/xmlns.cc
View File

@@ -30,15 +30,15 @@ bool XmlNS::init(std::string *error) {
size_t pos;
std::string http = "http://";
pos = action.find("=");
pos = m_parser_payload.find("=");
if (pos == std::string::npos) {
error->assign("XMLS: Bad format, missing equals sign.");
return false;
}
m_name = std::string(action, 0, pos);
m_value = std::string(action, pos+1, action.size());
m_name = std::string(m_parser_payload, 0, pos);
m_value = std::string(m_parser_payload, pos+1, m_parser_payload.size());
if (m_value.empty() or m_name.empty()) {
if (m_value.empty() || m_name.empty()) {
error->assign("XMLS: XMLNS is invalid. Expecting a " \
"name=value format.");
return false;