github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup on Action class

Browse Source
This commit is contained in:
Felipe Zimmerle 2019-03-15 01:56:40 -03:00
parent df51dd06ef
commit 8d0017919f
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
115 changed files with 786 additions and 793 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
headers/modsecurity/actions/action.h
View File

@ -39,35 +39,27 @@ namespace actions {
class Action {
public:
explicit Action(const std::string& _action)
: m_isNone(false),
temporaryAction(false),
action_kind(2),
: m_actionKind(2),
m_name(nullptr),
m_parser_payload("") {
set_name_and_payload(_action);
}
Action(const std::string& _action, int kind)
: m_isNone(false),
temporaryAction(false),
action_kind(kind),
: m_actionKind(kind),
m_name(nullptr),
m_parser_payload("") {
set_name_and_payload(_action);
}
Action(const Action &a)
: m_isNone(a.m_isNone),
temporaryAction(a.temporaryAction),
action_kind(a.action_kind),
: m_actionKind(a.m_actionKind),
m_name(a.m_name),
m_parser_payload(a.m_parser_payload) { }
Action &operator=(const Action& a) {
m_isNone = a.m_isNone;
temporaryAction = a.temporaryAction;
action_kind = a.action_kind;
m_actionKind = a.m_actionKind;
m_name = a.m_name;
m_parser_payload = a.m_parser_payload;
return *this;
@ -75,52 +67,24 @@ class Action {
virtual ~Action() { }
virtual bool init(std::string *error) { return true; }
virtual std::string execute(const std::string &exp,
Transaction *transaction);
virtual bool execute(RuleWithActions *rule, Transaction *transaction);
virtual bool execute(RuleWithActions *rule,
Transaction *transaction);
/**
* This method is meant to be used by transformations a particular
* type of action.
*
*/
virtual void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
};
virtual bool init(std::string *error) { return true; }
virtual bool isDisruptive() { return false; }
void set_name_and_payload(const std::string& data) {
size_t pos = data.find(":");
std::string t = "t:";
if (data.compare(0, t.length(), t) == 0) {
pos = data.find(":", 2);
}
if (pos == std::string::npos) {
m_name = std::shared_ptr<std::string>(new std::string(data));
return;
}
m_name = std::shared_ptr<std::string>(new std::string(data, 0, pos));
m_parser_payload = std::string(data, pos + 1, data.length());
if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) {
m_parser_payload.erase(0, 1);
m_parser_payload.pop_back();
}
}
bool m_isNone;
bool temporaryAction;
int action_kind;
std::shared_ptr<std::string> m_name;
std::string m_parser_payload;
/**
*
* Define the action kind regarding to the execution time.
@ -152,7 +116,35 @@ class Action {
*/
RunTimeOnlyIfMatchKind,
};
};
int m_actionKind;
std::shared_ptr<std::string> m_name;
std::string m_parser_payload;
private:
void set_name_and_payload(const std::string& data) {
size_t pos = data.find(":");
std::string t = "t:";
if (data.compare(0, t.length(), t) == 0) {
pos = data.find(":", 2);
}
if (pos == std::string::npos) {
m_name = std::shared_ptr<std::string>(new std::string(data));
return;
}
m_name = std::shared_ptr<std::string>(new std::string(data, 0, pos));
m_parser_payload = std::string(data, pos + 1, data.length());
if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) {
m_parser_payload.erase(0, 1);
m_parser_payload.pop_back();
}
}
};
} // namespace actions

6
headers/modsecurity/modsecurity.h
View File

@ -89,6 +89,12 @@
typedef struct ModSecurity_t modsecurity;
#else
namespace modsecurity {
/**
* Further that will be changed to be a stack-based string,
* for the benefit of performance.
*/
using ModSecString = std::string;
/**
*
* The Phases enumerator consists in mapping the different stages of a

11
headers/modsecurity/rule_with_actions.h
View File

@ -64,18 +64,17 @@ using MatchActionsPtr = std::vector<actions::Action *>;
using XmlNSs = std::vector<std::shared_ptr<actions::XmlNS> >;
using XmlNSsPtr = std::vector<actions::XmlNS *>;
using ModSecStackString = std::basic_string<char, std::char_traits<char>, std::allocator<char> >;
class TransformationResult {
public:
TransformationResult(
ModSecStackString *after,
ModSecString *after,
std::string *transformation)
: m_after(*after),
m_transformation(transformation) { };
explicit TransformationResult(
ModSecStackString *after)
ModSecString *after)
: m_after(*after),
m_transformation(nullptr) { };
@ -84,7 +83,7 @@ class TransformationResult {
m_transformation(t2.m_transformation) { };
ModSecStackString *getAfter() {
ModSecString *getAfter() {
return &m_after;
}
@ -95,7 +94,7 @@ class TransformationResult {
private:
ModSecStackString m_after;
ModSecString m_after;
std::string *m_transformation;
};
@ -224,7 +223,7 @@ class RuleWithActions : public Rule {
static void executeTransformation(
Transaction *transaction,
ModSecStackString in,
ModSecString in,
TransformationsResults *ret,
Transformation *transformation);

48
headers/modsecurity/rules.h
View File

@ -40,52 +40,20 @@ namespace modsecurity {
class Rules {
public:
void dump() const {
for (int j = 0; j < m_rules.size(); j++) {
std::cout << " Rule ID: " << m_rules.at(j)->getReference();
std::cout << "--" << m_rules.at(j) << std::endl;
}
}
void dump() const;
int append(Rules *from, const std::vector<int64_t> &ids, std::ostringstream *err) {
size_t j = 0;
for (; j < from->size(); j++) {
RuleWithOperator *rule = dynamic_cast<RuleWithOperator *>(from->at(j).get());
if (rule && std::binary_search(ids.begin(), ids.end(), rule->getId())) {
if (err != NULL) {
*err << "Rule id: " << std::to_string(rule->getId()) \
<< " is duplicated" << std::endl;
}
return -1;
}
}
m_rules.insert(m_rules.end(), from->m_rules.begin(), from->m_rules.end());
return j;
}
int append(Rules *from, const std::vector<int64_t> &ids, std::ostringstream *err);
bool insert(const std::shared_ptr<Rule> &rule) {
return insert(rule, nullptr, nullptr);
}
bool insert(const std::shared_ptr<Rule> &rule);
bool insert(std::shared_ptr<Rule> rule, const std::vector<int64_t> *ids, std::ostringstream *err) {
RuleWithOperator *r = dynamic_cast<RuleWithOperator *>(rule.get());
if (r && ids != nullptr && std::binary_search(ids->begin(), ids->end(), r->getId())) {
if (err != nullptr) {
*err << "Rule id: " << std::to_string(r->getId()) \
<< " is duplicated" << std::endl;
}
return false;
}
m_rules.push_back(rule);
return true;
}
bool insert(std::shared_ptr<Rule> rule, const std::vector<int64_t> *ids, std::ostringstream *err);
size_t size() const;
std::shared_ptr<Rule> operator[](int index) const;
std::shared_ptr<Rule> at(int index) const;
void fixDefaultActions();
size_t size() const { return m_rules.size(); }
std::shared_ptr<Rule> operator[](int index) const { return m_rules[index]; }
std::shared_ptr<Rule> at(int index) const { return m_rules[index]; }
std::vector<std::shared_ptr<actions::Action> > m_defaultActions;
std::vector<std::shared_ptr<actions::transformations::Transformation> > m_defaultTransformations;

1
headers/modsecurity/transaction.h
View File

@ -49,7 +49,6 @@ typedef struct Rules_t RulesSet;
#include "modsecurity/collection/collection.h"
#include "modsecurity/variable_origin.h"
#ifndef NO_LOGS
#define ms_dbg(b, c) \
do { \

5
src/Makefile.am
View File

@ -42,10 +42,6 @@ pkginclude_HEADERS = \
../headers/modsecurity/intervention.h \
../headers/modsecurity/modsecurity.h \
../headers/modsecurity/rule.h \
../headers/modsecurity/rule_marker.h \
../headers/modsecurity/rule_unconditional.h \
../headers/modsecurity/rule_with_actions.h \
../headers/modsecurity/rule_with_operator.h \
../headers/modsecurity/rules.h \
../headers/modsecurity/rule_message.h \
../headers/modsecurity/rules_set.h \
@ -288,6 +284,7 @@ libmodsecurity_la_SOURCES = \
debug_log/debug_log_writer.cc \
run_time_string.cc \
rule.cc \
rules.cc \
rule_unconditional.cc \
rule_with_actions.cc \
rule_with_operator.cc \

2
src/actions/accuracy.cc
View File

@ -21,7 +21,7 @@
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {

1
src/actions/block.cc
View File

@ -24,6 +24,7 @@
#include "modsecurity/rule.h"
#include "modsecurity/intervention.h"
#include "src/actions/data/status.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {

2
src/actions/chain.cc
View File

@ -20,6 +20,8 @@
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {

2
src/actions/maturity.cc
View File

@ -21,7 +21,7 @@
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {

1
src/actions/phase.cc
View File

@ -22,6 +22,7 @@
#include "modsecurity/rule.h"
#include "modsecurity/modsecurity.h"
#include "src/utils/string.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {

1
src/actions/rev.cc
View File

@ -21,6 +21,7 @@
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {

2
src/actions/rule_id.cc
View File

@ -20,6 +20,8 @@
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {

2
src/actions/set_env.cc
View File

@ -21,6 +21,8 @@
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "src/utils/string.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace actions {

1
src/actions/set_var.cc
View File

@ -30,6 +30,7 @@
#include "src/variables/tx.h"
#include "src/variables/user.h"
#include "src/variables/variable.h"
#include "modsecurity/rule_with_operator.h"
namespace modsecurity {
namespace actions {

4
src/actions/transformations/base64_decode.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void Base64Decode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
std::string value(in.c_str(), in.size());
std::string ret = Utils::Base64::decode(value);
out.assign(ret.c_str(), ret.size());

4
src/actions/transformations/base64_decode.h
View File

@ -34,8 +34,8 @@ class Base64Decode : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/base64_decode_ext.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void Base64DecodeExt::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
std::string ret = Utils::Base64::decode_forgiven(in.c_str());
out.assign(ret.c_str(), ret.size());
}

4
src/actions/transformations/base64_decode_ext.h
View File

@ -34,8 +34,8 @@ class Base64DecodeExt : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/base64_encode.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void Base64Encode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
std::string ret = Utils::Base64::encode(
std::string(in.c_str(), in.size()));
out.assign(ret.c_str(), ret.size());

4
src/actions/transformations/base64_encode.h
View File

@ -34,8 +34,8 @@ class Base64Encode : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/cmd_line.cc
View File

@ -32,8 +32,8 @@ namespace transformations {
void CmdLine::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
int space = 0;
for (auto& a : in) {

4
src/actions/transformations/cmd_line.h
View File

@ -34,8 +34,8 @@ class CmdLine : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/compress_whitespace.cc
View File

@ -32,8 +32,8 @@ namespace transformations {
void CompressWhitespace::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
int inWhiteSpace = 0;
size_t i = 0;
out.reserve(in.size());

4
src/actions/transformations/compress_whitespace.h
View File

@ -34,8 +34,8 @@ class CompressWhitespace : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

18
src/actions/transformations/css_decode.cc
View File

@ -35,17 +35,19 @@ namespace transformations {
void CssDecode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
size_t s = in.size();
char *tmp = reinterpret_cast<char *>(
malloc(sizeof(char) * in.size() + 1));
memcpy(tmp, in.c_str(), in.size() + 1);
tmp[in.size()] = '\0';
malloc(sizeof(char) * s + 1));
memcpy(tmp, in.c_str(), s + 1);
tmp[s] = '\0';
CssDecode::css_decode_inplace(reinterpret_cast<unsigned char *>(tmp),
in.size());
size_t r = CssDecode::css_decode_inplace(reinterpret_cast<unsigned char *>(tmp),
s);
out.assign(tmp, 0, in.size());
out.assign(tmp, r);
free(tmp);
}

4
src/actions/transformations/css_decode.h
View File

@ -35,8 +35,8 @@ class CssDecode : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static int css_decode_inplace(unsigned char *input, int64_t input_len);
};

4
src/actions/transformations/escape_seq_decode.cc
View File

@ -136,8 +136,8 @@ int EscapeSeqDecode::ansi_c_sequences_decode_inplace(unsigned char *input,
void EscapeSeqDecode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *tmp = (unsigned char *) malloc(sizeof(char)
* in.size() + 1);
memcpy(tmp, in.c_str(), in.size() + 1);

4
src/actions/transformations/escape_seq_decode.h
View File

@ -34,8 +34,8 @@ class EscapeSeqDecode : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len);
};

4
src/actions/transformations/hex_decode.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void HexDecode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
int size = 0;

4
src/actions/transformations/hex_decode.h
View File

@ -34,8 +34,8 @@ class HexDecode : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static int inplace(unsigned char *data, int len);
};

4
src/actions/transformations/hex_encode.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void HexEncode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
std::stringstream result;
for (std::size_t i=0; i < in.length(); i++) {
int ii = reinterpret_cast<char>(in[i]);

4
src/actions/transformations/hex_encode.h
View File

@ -34,8 +34,8 @@ class HexEncode : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};

4
src/actions/transformations/html_entity_decode.cc
View File

@ -34,8 +34,8 @@ namespace transformations {
void HtmlEntityDecode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
input = reinterpret_cast<unsigned char *>

4
src/actions/transformations/html_entity_decode.h
View File

@ -37,8 +37,8 @@ class HtmlEntityDecode : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static int inplace(unsigned char *input, uint64_t input_len);
};

4
src/actions/transformations/js_decode.cc
View File

@ -35,8 +35,8 @@ namespace transformations {
void JsDecode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
input = reinterpret_cast<unsigned char *>

4
src/actions/transformations/js_decode.h
View File

@ -34,8 +34,8 @@ class JsDecode : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static int inplace(unsigned char *input, uint64_t input_len);
};

4
src/actions/transformations/length.cc
View File

@ -32,8 +32,8 @@ namespace transformations {
void Length::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
out.assign(std::to_string(in.size()).c_str());
}

4
src/actions/transformations/length.h
View File

@ -34,8 +34,8 @@ class Length : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/lower_case.cc
View File

@ -28,8 +28,8 @@ namespace transformations {
void LowerCase::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
std::locale loc;
out.resize(in.size());
for (std::string::size_type i=0; i < in.size(); ++i) {

4
src/actions/transformations/lower_case.h
View File

@ -36,8 +36,8 @@ class LowerCase : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/md5.cc
View File

@ -32,8 +32,8 @@ namespace transformations {
void Md5::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
std::string ret = Utils::Md5::digest(std::string(in.c_str(), in.size()));
out.assign(ret.c_str(), ret.size());

4
src/actions/transformations/md5.h
View File

@ -34,8 +34,8 @@ class Md5 : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/none.cc
View File

@ -32,8 +32,8 @@ namespace transformations {
void None::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) { }
ModSecString &in,
ModSecString &out) { }
} // namespace transformations

10
src/actions/transformations/none.h
View File

@ -32,11 +32,15 @@ class None : public Transformation {
public:
explicit None(const std::string &action)
: Transformation(action)
{ m_isNone = true; }
{ }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
bool isNone() override {
return true;
}
};
} // namespace transformations

4
src/actions/transformations/normalise_path.cc
View File

@ -34,8 +34,8 @@ namespace transformations {
void NormalisePath::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
int changed = 0;
char *tmp = reinterpret_cast<char *>(

4
src/actions/transformations/normalise_path.h
View File

@ -34,8 +34,8 @@ class NormalisePath : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static int normalize_path_inplace(unsigned char *input, int input_len,
int win, int *changed);

4
src/actions/transformations/normalise_path_win.cc
View File

@ -35,8 +35,8 @@ namespace transformations {
void NormalisePathWin::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
int changed;
char *tmp = reinterpret_cast<char *>(

4
src/actions/transformations/normalise_path_win.h
View File

@ -34,8 +34,8 @@ class NormalisePathWin : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/parity_even_7bit.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void ParityEven7bit::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
input = reinterpret_cast<unsigned char *>

4
src/actions/transformations/parity_even_7bit.h
View File

@ -34,8 +34,8 @@ class ParityEven7bit : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static bool inplace(unsigned char *input, uint64_t input_len);
};

4
src/actions/transformations/parity_odd_7bit.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void ParityOdd7bit::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
input = reinterpret_cast<unsigned char *>

4
src/actions/transformations/parity_odd_7bit.h
View File

@ -34,8 +34,8 @@ class ParityOdd7bit : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static bool inplace(unsigned char *input, uint64_t input_len);
};

4
src/actions/transformations/parity_zero_7bit.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void ParityZero7bit::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
input = reinterpret_cast<unsigned char *>

4
src/actions/transformations/parity_zero_7bit.h
View File

@ -34,8 +34,8 @@ class ParityZero7bit : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static bool inplace(unsigned char *input, uint64_t input_len);
};

4
src/actions/transformations/php_args_names.cc
View File

@ -34,8 +34,8 @@ PhpArgsNames::PhpArgsNames(const std::string &a)
void PhpArgsNames::execute(Transaction *t,
ModSecStackString &val,
ModSecStackString &out) {
ModSecString &val,
ModSecString &out) {
//Took the logic from php src code:
//https://github.com/php/php-src/blob/master/main/php_variables.c
//Function call PHPAPI void php_register_variable_ex(const char *var_name, zval *val, zval *track_vars_array)

4
src/actions/transformations/php_args_names.h
View File

@ -35,8 +35,8 @@ class PhpArgsNames : public Transformation {
explicit PhpArgsNames(const std::string &action);
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/remove_comments.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void RemoveComments::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
input = reinterpret_cast<unsigned char *>

4
src/actions/transformations/remove_comments.h
View File

@ -35,8 +35,8 @@ class RemoveComments : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;;
ModSecString &in,
ModSecString &out) override;;
};

4
src/actions/transformations/remove_comments_char.cc
View File

@ -32,8 +32,8 @@ namespace transformations {
void RemoveCommentsChar::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
int64_t i;
out = in;

4
src/actions/transformations/remove_comments_char.h
View File

@ -34,8 +34,8 @@ class RemoveCommentsChar : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/remove_nulls.cc
View File

@ -34,8 +34,8 @@ namespace transformations {
void RemoveNulls::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
int64_t i;
out = in;

4
src/actions/transformations/remove_nulls.h
View File

@ -34,8 +34,8 @@ class RemoveNulls : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/remove_whitespace.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void RemoveWhitespace::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
out = in;
int64_t i = 0;

4
src/actions/transformations/remove_whitespace.h
View File

@ -34,8 +34,8 @@ class RemoveWhitespace : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/replace_comments.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void ReplaceComments::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
uint64_t i, j, incomment;
char *input = reinterpret_cast<char *>(

4
src/actions/transformations/replace_comments.h
View File

@ -34,8 +34,8 @@ class ReplaceComments : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/replace_nulls.cc
View File

@ -32,8 +32,8 @@ namespace transformations {
void ReplaceNulls::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
int64_t i;
out = in;

4
src/actions/transformations/replace_nulls.h
View File

@ -34,8 +34,8 @@ class ReplaceNulls : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/sha1.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void Sha1::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
auto a = Utils::Sha1::digest(
std::string(in.c_str(), in.size())

4
src/actions/transformations/sha1.h
View File

@ -34,8 +34,8 @@ class Sha1 : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/sql_hex_decode.cc
View File

@ -42,8 +42,8 @@ namespace transformations {
#endif
void SqlHexDecode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
int size = 0;

4
src/actions/transformations/sql_hex_decode.h
View File

@ -34,8 +34,8 @@ class SqlHexDecode : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static int inplace(unsigned char *data, int len);

1
src/actions/transformations/transformation.cc
View File

@ -116,6 +116,7 @@ Transformation* Transformation::instantiate(std::string a) {
return new Transformation(a);
}
} // namespace transformations
} // namespace actions
} // namespace modsecurity

7
src/actions/transformations/transformation.h
View File

@ -32,12 +32,7 @@ class Transformation : public Action {
explicit Transformation(const std::string& _action)
: Action(_action, RunTimeBeforeMatchAttemptKind) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override {
// FIXME: this should be remove as soon as #1974 got fixed.
out.assign(in.c_str(), in.length());
}
virtual bool isNone() { return false; }
static Transformation* instantiate(std::string a);
};

10
src/actions/transformations/trim.cc
View File

@ -31,27 +31,27 @@ namespace actions {
namespace transformations {
void Trim::ltrim(ModSecStackString *s) {
void Trim::ltrim(ModSecString *s) {
s->erase(s->begin(), std::find_if(s->begin(), s->end(),
std::not1(std::ptr_fun<int, int>(std::isspace))));
}
void Trim::rtrim(ModSecStackString *s) {
void Trim::rtrim(ModSecString *s) {
s->erase(std::find_if(s->rbegin(), s->rend(),
std::not1(std::ptr_fun<int, int>(std::isspace))).base(), s->end());
}
void Trim::trim(ModSecStackString *s) {
void Trim::trim(ModSecString *s) {
rtrim(s);
ltrim(s);
}
void Trim::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
out = in;
trim(&out);
};

10
src/actions/transformations/trim.h
View File

@ -34,12 +34,12 @@ class Trim : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
void ltrim(ModSecStackString *s);
void rtrim(ModSecStackString *s);
void trim(ModSecStackString *s);
void ltrim(ModSecString *s);
void rtrim(ModSecString *s);
void trim(ModSecString *s);
};
} // namespace transformations

4
src/actions/transformations/trim_left.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void TrimLeft::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
out = in;
ltrim(&out);
};

4
src/actions/transformations/trim_left.h
View File

@ -35,8 +35,8 @@ class TrimLeft : public Trim {
: Trim(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/trim_right.cc
View File

@ -32,8 +32,8 @@ namespace transformations {
void TrimRight::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
out = in;
rtrim(&out);
};

4
src/actions/transformations/trim_right.h
View File

@ -35,8 +35,8 @@ class TrimRight : public Trim {
: Trim(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/upper_case.cc
View File

@ -28,8 +28,8 @@ namespace transformations {
void UpperCase::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
std::locale loc;
out.reserve(in.size());
for (std::string::size_type i=0; i < in.size(); ++i) {

4
src/actions/transformations/upper_case.h
View File

@ -36,8 +36,8 @@ class UpperCase : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/url_decode.cc
View File

@ -33,8 +33,8 @@ namespace transformations {
void UrlDecode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *val(NULL);
int invalid_count = 0;
int changed;

4
src/actions/transformations/url_decode.h
View File

@ -36,8 +36,8 @@ class UrlDecode : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
};
} // namespace transformations

4
src/actions/transformations/url_decode_uni.cc
View File

@ -39,8 +39,8 @@ namespace transformations {
void UrlDecodeUni::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
input = reinterpret_cast<unsigned char *>

4
src/actions/transformations/url_decode_uni.h
View File

@ -35,8 +35,8 @@ class UrlDecodeUni : public Transformation {
: Transformation(action) { }
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static int inplace(unsigned char *input, uint64_t input_len,
Transaction *transaction);

4
src/actions/transformations/url_encode.cc
View File

@ -82,8 +82,8 @@ std::string UrlEncode::url_enc(const char *input,
void UrlEncode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
int changed;
std::string ret = url_enc(in.c_str(), in.size(), &changed);

4
src/actions/transformations/url_encode.h
View File

@ -34,8 +34,8 @@ class UrlEncode : public Transformation {
: Transformation(action) { };
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static std::string url_enc(const char *input,
unsigned int input_len, int *changed);

4
src/actions/transformations/utf8_to_unicode.cc
View File

@ -34,8 +34,8 @@ namespace transformations {
void Utf8ToUnicode::execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) {
ModSecString &in,
ModSecString &out) {
unsigned char *input;
int changed = 0;

4
src/actions/transformations/utf8_to_unicode.h
View File

@ -40,8 +40,8 @@ class Utf8ToUnicode : public Transformation {
void execute(Transaction *t,
ModSecStackString &in,
ModSecStackString &out) override;
ModSecString &in,
ModSecString &out) override;
static char *inplace(unsigned char *input, uint64_t input_len,
int *changed);

1
src/actions/ver.cc
View File

@ -21,6 +21,7 @@
#include "modsecurity/actions/action.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {

8
src/engine/lua.cc
View File

@ -439,8 +439,8 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t,
"t:" + std::string(name));
// FIXME: transformation is not yet returning null.
if (tfn) {
ModSecStackString in;
ModSecStackString out;
ModSecString in;
ModSecString out;
in.assign(newVar.c_str(), newVar.size());
tfn->execute(t, in, out);
newVar.assign(out.c_str(), out.size());
@ -465,8 +465,8 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t,
// FIXME: transformation is not yet returning null.
if (tfn) {
ModSecStackString in;
ModSecStackString out;
ModSecString in;
ModSecString out;
in.assign(newVar.c_str(), newVar.size());
tfn->execute(t, in, out);
newVar.assign(out.c_str(), out.size());

4
src/modsecurity.cc
View File

@ -305,8 +305,8 @@ int ModSecurity::processContentOffset(const char *content, size_t len,
while (!trans.empty()) {
modsecurity::actions::transformations::Transformation *t;
ModSecStackString in;
ModSecStackString out;
ModSecString in;
ModSecString out;
yajl_gen_map_open(g);
yajl_gen_string(g,

2
src/operators/detect_sqli.cc
View File

@ -20,6 +20,8 @@
#include "src/operators/operator.h"
#include "others/libinjection/src/libinjection.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace operators {

1
src/operators/detect_xss.cc
View File

@ -19,6 +19,7 @@
#include "src/operators/operator.h"
#include "others/libinjection/src/libinjection.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {

2
src/operators/pm.cc
View File

@ -28,6 +28,8 @@
#include "src/operators/operator.h"
#include "src/utils/acmp.h"
#include "src/utils/string.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace operators {

2
src/operators/rbl.cc
View File

@ -25,6 +25,8 @@
#include "modsecurity/rules_set.h"
#include "src/operators/operator.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace operators {

2
src/operators/rx.cc
View File

@ -22,6 +22,8 @@
#include "src/operators/operator.h"
#include "modsecurity/rule.h"
#include "modsecurity/rule_message.h"
#include "modsecurity/rule_with_actions.h"
namespace modsecurity {
namespace operators {

2
src/operators/verify_cc.cc
View File

@ -21,6 +21,8 @@
#include <vector>
#include "src/operators/operator.h"
#include "modsecurity/rule_with_actions.h"
#if PCRE_HAVE_JIT
#define pcre_study_opt PCRE_STUDY_JIT_COMPILE

Some files were not shown because too many files have changed in this diff Show More