github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring: Splits Rule into Rule and RuleWithActions

Browse Source
This commit is contained in:
Felipe Zimmerle 2019-02-19 10:15:01 -03:00
parent 43f8aee6b6
commit 8eb7b8fe6c
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
93 changed files with 360 additions and 382 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
headers/modsecurity/actions/action.h
View File

@ -32,6 +32,7 @@
namespace modsecurity { namespace modsecurity {
class Transaction; class Transaction;
class Rule; class Rule;
class RuleWithActions;
namespace actions { namespace actions {
@ -59,8 +60,8 @@ class Action {
virtual std::string evaluate(const std::string &exp, virtual std::string evaluate(const std::string &exp,
Transaction *transaction); Transaction *transaction);
virtual bool evaluate(Rule *rule, Transaction *transaction); virtual bool evaluate(RuleWithActions *rule, Transaction *transaction);
virtual bool evaluate(Rule *rule, Transaction *transaction, virtual bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> ruleMessage) { std::shared_ptr<RuleMessage> ruleMessage) {
return evaluate(rule, transaction); return evaluate(rule, transaction);
} }

130
headers/modsecurity/rule.h
View File

@ -60,6 +60,8 @@ using TransformationResults = std::list<TransformationResult>;
using Transformation = actions::transformations::Transformation; using Transformation = actions::transformations::Transformation;
using Transformations = std::vector<Transformation *>; using Transformations = std::vector<Transformation *>;
using Actions = std::vector<actions::Action *>;
using Tags = std::vector<actions::Tag *>; using Tags = std::vector<actions::Tag *>;
using SetVars = std::vector<actions::SetVar *>; using SetVars = std::vector<actions::SetVar *>;
using MatchActions = std::vector<actions::Action *>; using MatchActions = std::vector<actions::Action *>;
@ -137,49 +139,21 @@ class RuleMarker : public RuleBase {
}; };
class Rule : public RuleBase { class RuleWithActions : public RuleBase {
public: public:
Rule(operators::Operator *op, RuleWithActions(
variables::Variables *variables, Actions *a,
std::vector<actions::Action *> *actions, Transformations *t,
Transformations *transformations, std::unique_ptr<std::string> fileName,
std::unique_ptr<std::string> fileName, int lineNumber);
int lineNumber);
explicit Rule(const std::string &marker,
std::unique_ptr<std::string> fileName,
int lineNumber);
virtual ~Rule();
virtual bool evaluate(Transaction *transaction, ~RuleWithActions();
std::shared_ptr<RuleMessage> rm) override;
void organizeActions(std::vector<actions::Action *> *actions);
void cleanUpActions();
void executeAction(Transaction *trans, void executeAction(Transaction *trans,
bool containsBlock, std::shared_ptr<RuleMessage> ruleMessage, bool containsBlock,
actions::Action *a, bool context); std::shared_ptr<RuleMessage> ruleMessage,
actions::Action *a,
bool context);
void getVariablesExceptions(Transaction *t,
variables::Variables *exclusion, variables::Variables *addition);
inline void getFinalVars(variables::Variables *vars,
variables::Variables *eclusion, Transaction *trans);
void executeActionsAfterFullMatch(Transaction *trasn,
bool containsDisruptive, std::shared_ptr<RuleMessage> ruleMessage);
bool executeOperatorAt(Transaction *trasn, const std::string &key,
std::string value, std::shared_ptr<RuleMessage> rm);
void executeActionsIndependentOfChainedRuleResult(Transaction *trasn,
bool *b, std::shared_ptr<RuleMessage> ruleMessage);
static inline void updateMatchedVars(Transaction *trasn, const std::string &key,
const std::string &value);
static inline void cleanMatchedVars(Transaction *trasn);
std::vector<actions::Action *> getActionsByName(const std::string& name,
Transaction *t);
bool containsTag(const std::string& name, Transaction *t);
bool containsMsg(const std::string& name, Transaction *t);
void executeTransformations( void executeTransformations(
Transaction *trasn, const std::string &value, TransformationResults &ret); Transaction *trasn, const std::string &value, TransformationResults &ret);
@ -191,15 +165,22 @@ class Rule : public RuleBase {
std::string *path, std::string *path,
int *nth) const; int *nth) const;
void executeActionsIndependentOfChainedRuleResult(Transaction *trasn,
bool *b, std::shared_ptr<RuleMessage> ruleMessage);
void executeActionsAfterFullMatch(Transaction *trasn,
bool containsDisruptive, std::shared_ptr<RuleMessage> ruleMessage);
std::vector<actions::Action *> getActionsByName(const std::string& name,
inline bool isUnconditional() const { return m_operator == NULL; } Transaction *t);
bool containsTag(const std::string& name, Transaction *t);
bool containsMsg(const std::string& name, Transaction *t);
inline bool isChained() const { return m_isChained == true; } inline bool isChained() const { return m_isChained == true; }
inline bool hasCaptureAction() const { return m_containsCaptureAction == true; } inline bool hasCaptureAction() const { return m_containsCaptureAction == true; }
inline void setChained(bool b) { m_isChained = b; } inline void setChained(bool b) { m_isChained = b; }
inline bool hasDisruptiveAction() const { return m_disruptiveAction != NULL; } inline bool hasDisruptiveAction() const { return m_disruptiveAction != NULL; }
inline bool hasBlockAction() const { return m_containsStaticBlockAction == true; }
inline bool hasMultimatch() const { return m_containsMultiMatchAction == true; }
inline bool hasLogData() const { return m_logData != NULL; } inline bool hasLogData() const { return m_logData != NULL; }
std::string logData(Transaction *t); std::string logData(Transaction *t);
@ -208,27 +189,14 @@ class Rule : public RuleBase {
inline bool hasSeverity() const { return m_severity != NULL; } inline bool hasSeverity() const { return m_severity != NULL; }
int severity() const; int severity() const;
std::string getOperatorName() const;
int64_t m_ruleId;
virtual std::string getReference() override {
return std::to_string(m_ruleId);
}
std::unique_ptr<Rule> m_chainedRuleChild;
Rule *m_chainedRuleParent;
std::string m_marker;
std::string m_rev; std::string m_rev;
std::string m_ver; std::string m_ver;
int m_accuracy; int m_accuracy;
int m_maturity; int m_maturity;
private: int64_t m_ruleId;
modsecurity::variables::Variables *m_variables;
operators::Operator *m_operator;
private:
/* actions */ /* actions */
actions::Action *m_disruptiveAction; actions::Action *m_disruptiveAction;
actions::LogData *m_logData; actions::LogData *m_logData;
@ -245,11 +213,51 @@ class Rule : public RuleBase {
bool m_containsMultiMatchAction:1; bool m_containsMultiMatchAction:1;
bool m_containsStaticBlockAction:1; bool m_containsStaticBlockAction:1;
bool m_isChained:1; bool m_isChained:1;
bool m_isSecMarker:1; };
class Rule : public RuleWithActions {
public:
Rule(operators::Operator *op,
variables::Variables *variables,
std::vector<actions::Action *> *actions,
Transformations *transformations,
std::unique_ptr<std::string> fileName,
int lineNumber);
virtual ~Rule();
bool evaluate(Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
void getVariablesExceptions(Transaction *t,
variables::Variables *exclusion, variables::Variables *addition);
inline void getFinalVars(variables::Variables *vars,
variables::Variables *eclusion, Transaction *trans);
bool executeOperatorAt(Transaction *trasn, const std::string &key,
std::string value, std::shared_ptr<RuleMessage> rm);
static void updateMatchedVars(Transaction *trasn, const std::string &key,
const std::string &value);
static void cleanMatchedVars(Transaction *trasn);
inline bool isUnconditional() const { return m_operator == NULL; }
std::string getOperatorName() const;
virtual std::string getReference() override {
return std::to_string(m_ruleId);
}
std::unique_ptr<Rule> m_chainedRuleChild;
Rule *m_chainedRuleParent;
private:
modsecurity::variables::Variables *m_variables;
operators::Operator *m_operator;
bool m_unconditional:1; bool m_unconditional:1;
}; };
} // namespace modsecurity } // namespace modsecurity

2
src/actions/accuracy.cc
View File

@ -39,7 +39,7 @@ bool Accuracy::init(std::string *error) {
} }
bool Accuracy::evaluate(Rule *rule, Transaction *transaction) { bool Accuracy::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->m_accuracy = m_accuracy; rule->m_accuracy = m_accuracy;
return true; return true;
} }

2
src/actions/accuracy.h
View File

@ -33,7 +33,7 @@ class Accuracy : public Action {
: Action(action, ConfigurationKind), : Action(action, ConfigurationKind),
m_accuracy(0) { } m_accuracy(0) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:

2
src/actions/action.cc
View File

@ -51,7 +51,7 @@ std::string Action::evaluate(const std::string &value,
} }
bool Action::evaluate(Rule *rule, Transaction *transaction) { bool Action::evaluate(RuleWithActions *rule, Transaction *transaction) {
return true; return true;
} }

2
src/actions/audit_log.cc
View File

@ -27,7 +27,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool AuditLog::evaluate(Rule *rule, Transaction *transaction, bool AuditLog::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
rm->m_noAuditLog = false; rm->m_noAuditLog = false;
ms_dbg_a(transaction, 9, "Saving transaction to logs"); ms_dbg_a(transaction, 9, "Saving transaction to logs");

2
src/actions/audit_log.h
View File

@ -35,7 +35,7 @@ class AuditLog : public Action {
explicit AuditLog(const std::string &action) explicit AuditLog(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
}; };

2
src/actions/block.cc
View File

@ -29,7 +29,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Block::evaluate(Rule *rule, Transaction *transaction, bool Block::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
ms_dbg_a(transaction, 8, "Marking request as disruptive."); ms_dbg_a(transaction, 8, "Marking request as disruptive.");

2
src/actions/block.h
View File

@ -35,7 +35,7 @@ class Block : public Action {
public: public:
explicit Block(const std::string &action) : Action(action) { } explicit Block(const std::string &action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
}; };

2
src/actions/capture.cc
View File

@ -32,7 +32,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Capture::evaluate(Rule *rule, Transaction *transaction) { bool Capture::evaluate(RuleWithActions *rule, Transaction *transaction) {
return true; return true;
} }

2
src/actions/capture.h
View File

@ -31,7 +31,7 @@ class Capture : public Action {
explicit Capture(const std::string &action) explicit Capture(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
}; };

2
src/actions/chain.cc
View File

@ -25,7 +25,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Chain::evaluate(Rule *rule, Transaction *transaction) { bool Chain::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->setChained(true); rule->setChained(true);
return true; return true;
} }

2
src/actions/chain.h
View File

@ -35,7 +35,7 @@ class Chain : public Action {
explicit Chain(const std::string &action) explicit Chain(const std::string &action)
: Action(action, ConfigurationKind) { } : Action(action, ConfigurationKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
}; };
} // namespace actions } // namespace actions

2
src/actions/ctl/audit_log_parts.cc
View File

@ -38,7 +38,7 @@ bool AuditLogParts::init(std::string *error) {
return true; return true;
} }
bool AuditLogParts::evaluate(Rule *rule, Transaction *transaction) { bool AuditLogParts::evaluate(RuleWithActions *rule, Transaction *transaction) {
transaction->m_auditLogModifier.push_back( transaction->m_auditLogModifier.push_back(
std::make_pair(mPartsAction, mParts)); std::make_pair(mPartsAction, mParts));
return true; return true;

2
src/actions/ctl/audit_log_parts.h
View File

@ -33,7 +33,7 @@ class AuditLogParts : public Action {
mPartsAction(0), mPartsAction(0),
mParts("") { } mParts("") { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
protected: protected:

2
src/actions/ctl/request_body_access.cc
View File

@ -42,7 +42,7 @@ bool RequestBodyAccess::init(std::string *error) {
return true; return true;
} }
bool RequestBodyAccess::evaluate(Rule *rule, Transaction *transaction) { bool RequestBodyAccess::evaluate(RuleWithActions *rule, Transaction *transaction) {
if (m_request_body_access) { if (m_request_body_access) {
transaction->m_requestBodyAccess = RulesSetProperties::TrueConfigBoolean; transaction->m_requestBodyAccess = RulesSetProperties::TrueConfigBoolean;
} else { } else {

2
src/actions/ctl/request_body_access.h
View File

@ -34,7 +34,7 @@ class RequestBodyAccess : public Action {
m_request_body_access(false) { } m_request_body_access(false) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool m_request_body_access; bool m_request_body_access;
}; };

2
src/actions/ctl/request_body_processor_json.cc
View File

@ -25,7 +25,7 @@ namespace actions {
namespace ctl { namespace ctl {
bool RequestBodyProcessorJSON::evaluate(Rule *rule, bool RequestBodyProcessorJSON::evaluate(RuleWithActions *rule,
Transaction *transaction) { Transaction *transaction) {
transaction->m_requestBodyProcessor = Transaction::JSONRequestBody; transaction->m_requestBodyProcessor = Transaction::JSONRequestBody;
transaction->m_variableReqbodyProcessor.set("JSON", transaction->m_variableReqbodyProcessor.set("JSON",

2
src/actions/ctl/request_body_processor_json.h
View File

@ -31,7 +31,7 @@ class RequestBodyProcessorJSON : public Action {
explicit RequestBodyProcessorJSON(const std::string &action) explicit RequestBodyProcessorJSON(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
}; };

2
src/actions/ctl/request_body_processor_urlencoded.cc
View File

@ -25,7 +25,7 @@ namespace actions {
namespace ctl { namespace ctl {
bool RequestBodyProcessorURLENCODED::evaluate(Rule *rule, bool RequestBodyProcessorURLENCODED::evaluate(RuleWithActions *rule,
Transaction *transaction) { Transaction *transaction) {
transaction->m_requestBodyType = Transaction::WWWFormUrlEncoded; transaction->m_requestBodyType = Transaction::WWWFormUrlEncoded;
transaction->m_variableReqbodyProcessor.set("URLENCODED", transaction->m_variableReqbodyProcessor.set("URLENCODED",

2
src/actions/ctl/request_body_processor_urlencoded.h
View File

@ -31,7 +31,7 @@ class RequestBodyProcessorURLENCODED : public Action {
explicit RequestBodyProcessorURLENCODED(const std::string &action) explicit RequestBodyProcessorURLENCODED(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
}; };

2
src/actions/ctl/request_body_processor_xml.cc
View File

@ -25,7 +25,7 @@ namespace actions {
namespace ctl { namespace ctl {
bool RequestBodyProcessorXML::evaluate(Rule *rule, bool RequestBodyProcessorXML::evaluate(RuleWithActions *rule,
Transaction *transaction) { Transaction *transaction) {
transaction->m_requestBodyProcessor = Transaction::XMLRequestBody; transaction->m_requestBodyProcessor = Transaction::XMLRequestBody;
transaction->m_variableReqbodyProcessor.set("XML", transaction->m_variableReqbodyProcessor.set("XML",

2
src/actions/ctl/request_body_processor_xml.h
View File

@ -31,7 +31,7 @@ class RequestBodyProcessorXML : public Action {
explicit RequestBodyProcessorXML(const std::string &action) explicit RequestBodyProcessorXML(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
}; };

2
src/actions/ctl/rule_engine.cc
View File

@ -45,7 +45,7 @@ bool RuleEngine::init(std::string *error) {
return true; return true;
} }
bool RuleEngine::evaluate(Rule *rule, Transaction *transaction) { bool RuleEngine::evaluate(RuleWithActions *rule, Transaction *transaction) {
std::stringstream a; std::stringstream a;
a << "Setting SecRuleEngine to "; a << "Setting SecRuleEngine to ";
a << modsecurity::RulesSetProperties::ruleEngineStateString(m_ruleEngine); a << modsecurity::RulesSetProperties::ruleEngineStateString(m_ruleEngine);

2
src/actions/ctl/rule_engine.h
View File

@ -35,7 +35,7 @@ class RuleEngine : public Action {
m_ruleEngine(RulesSetProperties::PropertyNotSetRuleEngine) { } m_ruleEngine(RulesSetProperties::PropertyNotSetRuleEngine) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
RulesSetProperties::RuleEngine m_ruleEngine; RulesSetProperties::RuleEngine m_ruleEngine;
}; };

2
src/actions/ctl/rule_remove_by_id.cc
View File

@ -83,7 +83,7 @@ bool RuleRemoveById::init(std::string *error) {
return false; return false;
} }
bool RuleRemoveById::evaluate(Rule *rule, Transaction *transaction) { bool RuleRemoveById::evaluate(RuleWithActions *rule, Transaction *transaction) {
for (auto &i : m_ids) { for (auto &i : m_ids) {
transaction->m_ruleRemoveById.push_back(i); transaction->m_ruleRemoveById.push_back(i);
} }

2
src/actions/ctl/rule_remove_by_id.h
View File

@ -33,7 +33,7 @@ class RuleRemoveById : public Action {
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
std::list<std::pair<int, int> > m_ranges; std::list<std::pair<int, int> > m_ranges;
std::list<int> m_ids; std::list<int> m_ids;

2
src/actions/ctl/rule_remove_by_tag.cc
View File

@ -32,7 +32,7 @@ bool RuleRemoveByTag::init(std::string *error) {
return true; return true;
} }
bool RuleRemoveByTag::evaluate(Rule *rule, Transaction *transaction) { bool RuleRemoveByTag::evaluate(RuleWithActions *rule, Transaction *transaction) {
transaction->m_ruleRemoveByTag.push_back(m_tag); transaction->m_ruleRemoveByTag.push_back(m_tag);
return true; return true;
} }

2
src/actions/ctl/rule_remove_by_tag.h
View File

@ -34,7 +34,7 @@ class RuleRemoveByTag : public Action {
m_tag("") { } m_tag("") { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
std::string m_tag; std::string m_tag;
}; };

2
src/actions/ctl/rule_remove_target_by_id.cc
View File

@ -51,7 +51,7 @@ bool RuleRemoveTargetById::init(std::string *error) {
return true; return true;
} }
bool RuleRemoveTargetById::evaluate(Rule *rule, Transaction *transaction) { bool RuleRemoveTargetById::evaluate(RuleWithActions *rule, Transaction *transaction) {
transaction->m_ruleRemoveTargetById.push_back( transaction->m_ruleRemoveTargetById.push_back(
std::make_pair(m_id, m_target)); std::make_pair(m_id, m_target));
return true; return true;

2
src/actions/ctl/rule_remove_target_by_id.h
View File

@ -35,7 +35,7 @@ class RuleRemoveTargetById : public Action {
m_target("") { } m_target("") { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
int m_id; int m_id;
std::string m_target; std::string m_target;

2
src/actions/ctl/rule_remove_target_by_tag.cc
View File

@ -44,7 +44,7 @@ bool RuleRemoveTargetByTag::init(std::string *error) {
return true; return true;
} }
bool RuleRemoveTargetByTag::evaluate(Rule *rule, Transaction *transaction) { bool RuleRemoveTargetByTag::evaluate(RuleWithActions *rule, Transaction *transaction) {
transaction->m_ruleRemoveTargetByTag.push_back( transaction->m_ruleRemoveTargetByTag.push_back(
std::make_pair(m_tag, m_target)); std::make_pair(m_tag, m_target));
return true; return true;

2
src/actions/ctl/rule_remove_target_by_tag.h
View File

@ -33,7 +33,7 @@ class RuleRemoveTargetByTag : public Action {
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
std::string m_tag; std::string m_tag;
std::string m_target; std::string m_target;

2
src/actions/data/status.cc
View File

@ -38,7 +38,7 @@ bool Status::init(std::string *error) {
} }
bool Status::evaluate(Rule *rule, Transaction *transaction, bool Status::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
transaction->m_it.status = m_status; transaction->m_it.status = m_status;
return true; return true;

2
src/actions/data/status.h
View File

@ -37,7 +37,7 @@ class Status : public Action {
m_status(0) { } m_status(0) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
int m_status; int m_status;

2
src/actions/disruptive/allow.cc
View File

@ -49,7 +49,7 @@ bool Allow::init(std::string *error) {
} }
bool Allow::evaluate(Rule *rule, Transaction *transaction) { bool Allow::evaluate(RuleWithActions *rule, Transaction *transaction) {
ms_dbg_a(transaction, 4, "Dropping the evaluation of upcoming rules " \ ms_dbg_a(transaction, 4, "Dropping the evaluation of upcoming rules " \
"in favor of an `allow' action of type: " \ "in favor of an `allow' action of type: " \
+ allowTypeToName(m_allowType)); + allowTypeToName(m_allowType));

2
src/actions/disruptive/allow.h
View File

@ -59,7 +59,7 @@ class Allow : public Action {
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
AllowType m_allowType; AllowType m_allowType;

2
src/actions/disruptive/deny.cc
View File

@ -28,7 +28,7 @@ namespace actions {
namespace disruptive { namespace disruptive {
bool Deny::evaluate(Rule *rule, Transaction *transaction, bool Deny::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
ms_dbg_a(transaction, 8, "Running action deny"); ms_dbg_a(transaction, 8, "Running action deny");

2
src/actions/disruptive/deny.h
View File

@ -33,7 +33,7 @@ class Deny : public Action {
public: public:
explicit Deny(const std::string &action) : Action(action) { } explicit Deny(const std::string &action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
}; };

2
src/actions/disruptive/drop.cc
View File

@ -32,7 +32,7 @@ namespace actions {
namespace disruptive { namespace disruptive {
bool Drop::evaluate(Rule *rule, Transaction *transaction, bool Drop::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
ms_dbg_a(transaction, 8, "Running action drop " \ ms_dbg_a(transaction, 8, "Running action drop " \
"[executing deny instead of drop.]"); "[executing deny instead of drop.]");

2
src/actions/disruptive/drop.h
View File

@ -32,7 +32,7 @@ class Drop : public Action {
public: public:
explicit Drop(const std::string &action) : Action(action) { } explicit Drop(const std::string &action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
}; };

2
src/actions/disruptive/pass.cc
View File

@ -29,7 +29,7 @@ namespace actions {
namespace disruptive { namespace disruptive {
bool Pass::evaluate(Rule *rule, Transaction *transaction, bool Pass::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
intervention::free(&transaction->m_it); intervention::free(&transaction->m_it);
intervention::reset(&transaction->m_it); intervention::reset(&transaction->m_it);

2
src/actions/disruptive/pass.h
View File

@ -31,7 +31,7 @@ class Pass : public Action {
public: public:
explicit Pass(const std::string &action) : Action(action) { } explicit Pass(const std::string &action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }
}; };

2
src/actions/disruptive/redirect.cc
View File

@ -34,7 +34,7 @@ bool Redirect::init(std::string *error) {
} }
bool Redirect::evaluate(Rule *rule, Transaction *transaction, bool Redirect::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
std::string m_urlExpanded(m_string->evaluate(transaction)); std::string m_urlExpanded(m_string->evaluate(transaction));
/* if it was changed before, lets keep it. */ /* if it was changed before, lets keep it. */

2
src/actions/disruptive/redirect.h
View File

@ -46,7 +46,7 @@ class Redirect : public Action {
m_status(0), m_status(0),
m_string(std::move(z)) { } m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
bool init(std::string *error) override; bool init(std::string *error) override;
bool isDisruptive() override { return true; } bool isDisruptive() override { return true; }

2
src/actions/exec.cc
View File

@ -49,7 +49,7 @@ bool Exec::init(std::string *error) {
} }
bool Exec::evaluate(Rule *rule, Transaction *t) { bool Exec::evaluate(RuleWithActions *rule, Transaction *t) {
ms_dbg_a(t, 8, "Running script... " + m_script); ms_dbg_a(t, 8, "Running script... " + m_script);
m_lua.run(t); m_lua.run(t);
return true; return true;

2
src/actions/exec.h
View File

@ -36,7 +36,7 @@ class Exec : public Action {
~Exec() { } ~Exec() { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:

2
src/actions/init_col.cc
View File

@ -54,7 +54,7 @@ bool InitCol::init(std::string *error) {
} }
bool InitCol::evaluate(Rule *rule, Transaction *t) { bool InitCol::evaluate(RuleWithActions *rule, Transaction *t) {
std::string collectionName(m_string->evaluate(t)); std::string collectionName(m_string->evaluate(t));
if (m_collection_key == "ip") { if (m_collection_key == "ip") {

2
src/actions/init_col.h
View File

@ -38,7 +38,7 @@ class InitCol : public Action {
: Action(action, RunTimeOnlyIfMatchKind), : Action(action, RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { } m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:
std::string m_collection_key; std::string m_collection_key;

2
src/actions/log.cc
View File

@ -28,7 +28,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Log::evaluate(Rule *rule, Transaction *transaction, bool Log::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
ms_dbg_a(transaction, 9, "Saving transaction to logs"); ms_dbg_a(transaction, 9, "Saving transaction to logs");
rm->m_saveMessage = true; rm->m_saveMessage = true;

2
src/actions/log.h
View File

@ -33,7 +33,7 @@ class Log : public Action {
explicit Log(const std::string &action) explicit Log(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
}; };

2
src/actions/log_data.cc
View File

@ -29,7 +29,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool LogData::evaluate(Rule *rule, Transaction *transaction, bool LogData::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
rm->m_data = data(transaction); rm->m_data = data(transaction);

2
src/actions/log_data.h
View File

@ -39,7 +39,7 @@ class LogData : public Action {
: Action("logdata", RunTimeOnlyIfMatchKind), : Action("logdata", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { } m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
std::string data(Transaction *Transaction); std::string data(Transaction *Transaction);

2
src/actions/maturity.cc
View File

@ -39,7 +39,7 @@ bool Maturity::init(std::string *error) {
} }
bool Maturity::evaluate(Rule *rule, Transaction *transaction) { bool Maturity::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->m_maturity = m_maturity; rule->m_maturity = m_maturity;
return true; return true;
} }

2
src/actions/maturity.h
View File

@ -33,7 +33,7 @@ class Maturity : public Action {
: Action(action, ConfigurationKind), : Action(action, ConfigurationKind),
m_maturity(0) { } m_maturity(0) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:

2
src/actions/msg.cc
View File

@ -46,7 +46,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Msg::evaluate(Rule *rule, Transaction *transaction, bool Msg::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
std::string msg = data(transaction); std::string msg = data(transaction);
rm->m_message = msg; rm->m_message = msg;

2
src/actions/msg.h
View File

@ -40,7 +40,7 @@ class Msg : public Action {
: Action("msg", RunTimeOnlyIfMatchKind), : Action("msg", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { } m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
std::string data(Transaction *Transaction); std::string data(Transaction *Transaction);

2
src/actions/multi_match.cc
View File

@ -25,7 +25,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool MultiMatch::evaluate(Rule *rule, Transaction *transaction) { bool MultiMatch::evaluate(RuleWithActions *rule, Transaction *transaction) {
return true; return true;
} }

2
src/actions/multi_match.h
View File

@ -35,7 +35,7 @@ class MultiMatch : public Action {
explicit MultiMatch(const std::string &action) explicit MultiMatch(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
}; };
} // namespace actions } // namespace actions

2
src/actions/no_audit_log.cc
View File

@ -26,7 +26,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool NoAuditLog::evaluate(Rule *rule, Transaction *transaction, bool NoAuditLog::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
rm->m_noAuditLog = true; rm->m_noAuditLog = true;
rm->m_saveMessage = false; rm->m_saveMessage = false;

2
src/actions/no_audit_log.h
View File

@ -35,7 +35,7 @@ class NoAuditLog : public Action {
explicit NoAuditLog(const std::string &action) explicit NoAuditLog(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
}; };

2
src/actions/no_log.cc
View File

@ -29,7 +29,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool NoLog::evaluate(Rule *rule, Transaction *transaction, bool NoLog::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
rm->m_saveMessage = false; rm->m_saveMessage = false;
return true; return true;

2
src/actions/no_log.h
View File

@ -33,7 +33,7 @@ class NoLog : public Action {
explicit NoLog(const std::string &action) explicit NoLog(const std::string &action)
: Action(action, RunTimeOnlyIfMatchKind) { } : Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
}; };

2
src/actions/phase.cc
View File

@ -72,7 +72,7 @@ bool Phase::init(std::string *error) {
} }
bool Phase::evaluate(Rule *rule, Transaction *transaction) { bool Phase::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->setPhase(m_phase); rule->setPhase(m_phase);
return true; return true;
} }

2
src/actions/phase.h
View File

@ -37,7 +37,7 @@ class Phase : public Action {
m_secRulesPhase(0) { } m_secRulesPhase(0) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
int m_phase; int m_phase;
int m_secRulesPhase; int m_secRulesPhase;

2
src/actions/rev.cc
View File

@ -33,7 +33,7 @@ bool Rev::init(std::string *error) {
} }
bool Rev::evaluate(Rule *rule, Transaction *transaction) { bool Rev::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->m_rev = m_rev; rule->m_rev = m_rev;
return true; return true;
} }

2
src/actions/rev.h
View File

@ -31,7 +31,7 @@ class Rev : public Action {
public: public:
explicit Rev(const std::string &action) : Action(action, ConfigurationKind) { } explicit Rev(const std::string &action) : Action(action, ConfigurationKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:

2
src/actions/rule_id.cc
View File

@ -48,7 +48,7 @@ bool RuleId::init(std::string *error) {
} }
bool RuleId::evaluate(Rule *rule, Transaction *transaction) { bool RuleId::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->m_ruleId = m_ruleId; rule->m_ruleId = m_ruleId;
return true; return true;
} }

2
src/actions/rule_id.h
View File

@ -37,7 +37,7 @@ class RuleId : public Action {
m_ruleId(0) { } m_ruleId(0) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
private: private:
double m_ruleId; double m_ruleId;

2
src/actions/set_env.cc
View File

@ -31,7 +31,7 @@ bool SetENV::init(std::string *error) {
} }
bool SetENV::evaluate(Rule *rule, Transaction *t) { bool SetENV::evaluate(RuleWithActions *rule, Transaction *t) {
std::string colNameExpanded(m_string->evaluate(t)); std::string colNameExpanded(m_string->evaluate(t));
ms_dbg_a(t, 8, "Setting envoriment variable: " ms_dbg_a(t, 8, "Setting envoriment variable: "

2
src/actions/set_env.h
View File

@ -39,7 +39,7 @@ class SetENV : public Action {
: Action("setenv", RunTimeOnlyIfMatchKind), : Action("setenv", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { } m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:

2
src/actions/set_rsc.cc
View File

@ -31,7 +31,7 @@ bool SetRSC::init(std::string *error) {
} }
bool SetRSC::evaluate(Rule *rule, Transaction *t) { bool SetRSC::evaluate(RuleWithActions *rule, Transaction *t) {
std::string colNameExpanded(m_string->evaluate(t)); std::string colNameExpanded(m_string->evaluate(t));
ms_dbg_a(t, 8, "RESOURCE initiated with value: \'" ms_dbg_a(t, 8, "RESOURCE initiated with value: \'"
+ colNameExpanded + "\'."); + colNameExpanded + "\'.");

2
src/actions/set_rsc.h
View File

@ -39,7 +39,7 @@ class SetRSC : public Action {
: Action("setsrc", RunTimeOnlyIfMatchKind), : Action("setsrc", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { } m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:

2
src/actions/set_sid.cc
View File

@ -31,7 +31,7 @@ bool SetSID::init(std::string *error) {
} }
bool SetSID::evaluate(Rule *rule, Transaction *t) { bool SetSID::evaluate(RuleWithActions *rule, Transaction *t) {
std::string colNameExpanded(m_string->evaluate(t)); std::string colNameExpanded(m_string->evaluate(t));
ms_dbg_a(t, 8, "Session ID initiated with value: \'" ms_dbg_a(t, 8, "Session ID initiated with value: \'"
+ colNameExpanded + "\'."); + colNameExpanded + "\'.");

2
src/actions/set_sid.h
View File

@ -39,7 +39,7 @@ class SetSID : public Action {
: Action("setsid", RunTimeOnlyIfMatchKind), : Action("setsid", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { } m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:

2
src/actions/set_uid.cc
View File

@ -31,7 +31,7 @@ bool SetUID::init(std::string *error) {
} }
bool SetUID::evaluate(Rule *rule, Transaction *t) { bool SetUID::evaluate(RuleWithActions *rule, Transaction *t) {
std::string colNameExpanded(m_string->evaluate(t)); std::string colNameExpanded(m_string->evaluate(t));
ms_dbg_a(t, 8, "User collection initiated with value: \'" ms_dbg_a(t, 8, "User collection initiated with value: \'"
+ colNameExpanded + "\'."); + colNameExpanded + "\'.");

2
src/actions/set_uid.h
View File

@ -39,7 +39,7 @@ class SetUID : public Action {
: Action("setuid", RunTimeOnlyIfMatchKind), : Action("setuid", RunTimeOnlyIfMatchKind),
m_string(std::move(z)) { } m_string(std::move(z)) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:

5
src/actions/set_var.cc
View File

@ -40,7 +40,7 @@ bool SetVar::init(std::string *error) {
} }
bool SetVar::evaluate(Rule *rule, Transaction *t) { bool SetVar::evaluate(RuleWithActions *rule, Transaction *t) {
std::string targetValue; std::string targetValue;
std::string resolvedPre; std::string resolvedPre;
@ -112,7 +112,8 @@ bool SetVar::evaluate(Rule *rule, Transaction *t) {
try { try {
std::vector<const VariableValue *> l; std::vector<const VariableValue *> l;
m_variable->evaluate(t, rule, &l); Rule *rr = dynamic_cast<Rule *>(rule);
m_variable->evaluate(t, rr, &l);
if (l.size() == 0) { if (l.size() == 0) {
value = 0; value = 0;
} else { } else {

2
src/actions/set_var.h
View File

@ -58,7 +58,7 @@ class SetVar : public Action {
m_operation(operation), m_operation(operation),
m_variable(std::move(variable)) { } m_variable(std::move(variable)) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override; bool init(std::string *error) override;
private: private:

2
src/actions/severity.cc
View File

@ -71,7 +71,7 @@ bool Severity::init(std::string *error) {
} }
bool Severity::evaluate(Rule *rule, Transaction *transaction, bool Severity::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
ms_dbg_a(transaction, 9, "This rule severity is: " + \ ms_dbg_a(transaction, 9, "This rule severity is: " + \
std::to_string(this->m_severity) + " current transaction is: " + \ std::to_string(this->m_severity) + " current transaction is: " + \

2
src/actions/severity.h
View File

@ -35,7 +35,7 @@ class Severity : public Action {
: Action(action), : Action(action),
m_severity(0) { } m_severity(0) { }
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
bool init(std::string *error) override; bool init(std::string *error) override;

2
src/actions/skip.cc
View File

@ -38,7 +38,7 @@ bool Skip::init(std::string *error) {
} }
bool Skip::evaluate(Rule *rule, Transaction *transaction) { bool Skip::evaluate(RuleWithActions *rule, Transaction *transaction) {
ms_dbg_a(transaction, 5, "Skipping the next " + \ ms_dbg_a(transaction, 5, "Skipping the next " + \
std::to_string(m_skip_next) + " rules."); std::to_string(m_skip_next) + " rules.");

2
src/actions/skip.h
View File

@ -34,7 +34,7 @@ class Skip : public Action {
m_skip_next(0) { } m_skip_next(0) { }
bool init(std::string *error) override; bool init(std::string *error) override;
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
int m_skip_next; int m_skip_next;
}; };

2
src/actions/skip_after.cc
View File

@ -27,7 +27,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool SkipAfter::evaluate(Rule *rule, Transaction *transaction) { bool SkipAfter::evaluate(RuleWithActions *rule, Transaction *transaction) {
ms_dbg_a(transaction, 5, "Setting skipAfter for: " + *m_skipName); ms_dbg_a(transaction, 5, "Setting skipAfter for: " + *m_skipName);
transaction->addMarker(m_skipName); transaction->addMarker(m_skipName);
return true; return true;

2
src/actions/skip_after.h
View File

@ -34,7 +34,7 @@ class SkipAfter : public Action {
: Action(action, RunTimeOnlyIfMatchKind), : Action(action, RunTimeOnlyIfMatchKind),
m_skipName(std::make_shared<std::string>(m_parser_payload)) { } m_skipName(std::make_shared<std::string>(m_parser_payload)) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
private: private:
std::shared_ptr<std::string> m_skipName; std::shared_ptr<std::string> m_skipName;
}; };

2
src/actions/tag.cc
View File

@ -56,7 +56,7 @@ std::string Tag::getName(Transaction *transaction) {
} }
bool Tag::evaluate(Rule *rule, Transaction *transaction, bool Tag::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) { std::shared_ptr<RuleMessage> rm) {
std::string tag = getName(transaction); std::string tag = getName(transaction);
ms_dbg_a(transaction, 9, "Rule tag: " + tag); ms_dbg_a(transaction, 9, "Rule tag: " + tag);

2
src/actions/tag.h
View File

@ -38,7 +38,7 @@ class Tag : public Action {
std::string getName(Transaction *transaction); std::string getName(Transaction *transaction);
bool evaluate(Rule *rule, Transaction *transaction, bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override; std::shared_ptr<RuleMessage> rm) override;
protected: protected:

2
src/actions/ver.cc
View File

@ -27,7 +27,7 @@ namespace modsecurity {
namespace actions { namespace actions {
bool Ver::evaluate(Rule *rule, Transaction *transaction) { bool Ver::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->m_ver = m_parser_payload; rule->m_ver = m_parser_payload;
return true; return true;
} }

2
src/actions/ver.h
View File

@ -31,7 +31,7 @@ class Ver : public Action {
public: public:
explicit Ver(const std::string &action) : Action(action, ConfigurationKind) { } explicit Ver(const std::string &action) : Action(action, ConfigurationKind) { }
bool evaluate(Rule *rule, Transaction *transaction) override; bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
private: private:
std::string m_ver; std::string m_ver;

2
src/actions/xmlns.h
View File

@ -31,7 +31,7 @@ class XmlNS : public Action {
public: public:
explicit XmlNS(const std::string &action) : Action(action) { } explicit XmlNS(const std::string &action) : Action(action) { }
bool evaluate(Rule *rule, Transaction *transaction) override { bool evaluate(RuleWithActions *rule, Transaction *transaction) override {
return true; return true;
} }

420
src/rule.cc
View File

@ -51,52 +51,18 @@ using variables::Variable;
using actions::transformations::None; using actions::transformations::None;
using actions::transformations::Transformation; using actions::transformations::Transformation;
Rule::Rule(const std::string &marker,
std::unique_ptr<std::string> fileName,
int lineNumber)
: RuleBase(std::move(fileName), lineNumber),
m_ruleId(0),
m_chainedRuleChild(nullptr),
m_chainedRuleParent(NULL),
m_marker(marker),
m_rev(""),
m_ver(""),
m_accuracy(0),
m_maturity(0),
m_variables(NULL),
m_operator(NULL),
m_disruptiveAction(nullptr),
m_logData(nullptr),
m_msg(nullptr),
m_severity(nullptr),
m_actionsRuntimePos(),
m_actionsSetVar(),
m_actionsTag(),
m_transformations(),
m_containsCaptureAction(false),
m_containsMultiMatchAction(false),
m_containsStaticBlockAction(false),
m_isChained(false),
m_isSecMarker(true),
m_unconditional(false) { }
Rule::Rule(Operator *op, RuleWithActions::RuleWithActions(
variables::Variables *variables, Actions *actions,
std::vector<Action *> *actions,
Transformations *transformations, Transformations *transformations,
std::unique_ptr<std::string> fileName, std::unique_ptr<std::string> fileName,
int lineNumber) int lineNumber)
: RuleBase(std::move(fileName), lineNumber), : RuleBase(std::move(fileName), lineNumber),
m_ruleId(0),
m_chainedRuleChild(nullptr),
m_chainedRuleParent(NULL),
m_marker(""),
m_rev(""), m_rev(""),
m_ver(""), m_ver(""),
m_accuracy(0), m_accuracy(0),
m_maturity(0), m_maturity(0),
m_variables(variables), m_ruleId(0),
m_operator(op),
m_disruptiveAction(nullptr), m_disruptiveAction(nullptr),
m_logData(nullptr), m_logData(nullptr),
m_msg(nullptr), m_msg(nullptr),
@ -108,83 +74,55 @@ Rule::Rule(Operator *op,
m_containsCaptureAction(false), m_containsCaptureAction(false),
m_containsMultiMatchAction(false), m_containsMultiMatchAction(false),
m_containsStaticBlockAction(false), m_containsStaticBlockAction(false),
m_isChained(false), m_isChained(false) {
m_isSecMarker(false), if (actions) {
m_unconditional(false) { for (Action *a : *actions) {
if (a->action_kind == Action::ConfigurationKind) {
organizeActions(actions); a->evaluate(this, NULL);
delete actions;
}
Rule::~Rule() {
if (m_operator != NULL) {
delete m_operator;
}
cleanUpActions();
while (m_variables != NULL && m_variables->empty() == false) {
auto *a = m_variables->back();
m_variables->pop_back();
delete a;
}
if (m_variables != NULL) {
delete m_variables;
}
}
void Rule::organizeActions(std::vector<Action *> *actions) {
if (!actions) {
return;
}
for (Action *a : *actions) {
if (a->action_kind == Action::ConfigurationKind) {
a->evaluate(this, NULL);
delete a;
} else if (a->action_kind == Action::RunTimeOnlyIfMatchKind) {
if (dynamic_cast<actions::Capture *>(a)) {
m_containsCaptureAction = true;
delete a; delete a;
} else if (dynamic_cast<actions::MultiMatch *>(a)) {
m_containsMultiMatchAction = true; } else if (a->action_kind == Action::RunTimeOnlyIfMatchKind) {
delete a; if (dynamic_cast<actions::Capture *>(a)) {
} else if (dynamic_cast<actions::Severity *>(a)) { m_containsCaptureAction = true;
m_severity = dynamic_cast<actions::Severity *>(a); delete a;
} else if (dynamic_cast<actions::LogData *>(a)) { } else if (dynamic_cast<actions::MultiMatch *>(a)) {
m_logData = dynamic_cast<actions::LogData*>(a); m_containsMultiMatchAction = true;
} else if (dynamic_cast<actions::Msg *>(a)) { delete a;
m_msg = dynamic_cast<actions::Msg*>(a); } else if (dynamic_cast<actions::Severity *>(a)) {
} else if (dynamic_cast<actions::SetVar *>(a)) { m_severity = dynamic_cast<actions::Severity *>(a);
m_actionsSetVar.push_back( } else if (dynamic_cast<actions::LogData *>(a)) {
dynamic_cast<actions::SetVar *>(a)); m_logData = dynamic_cast<actions::LogData*>(a);
} else if (dynamic_cast<actions::Tag *>(a)) { } else if (dynamic_cast<actions::Msg *>(a)) {
m_actionsTag.push_back(dynamic_cast<actions::Tag *>(a)); m_msg = dynamic_cast<actions::Msg*>(a);
} else if (dynamic_cast<actions::Block *>(a)) { } else if (dynamic_cast<actions::SetVar *>(a)) {
m_actionsRuntimePos.push_back(a); m_actionsSetVar.push_back(
m_containsStaticBlockAction = true; dynamic_cast<actions::SetVar *>(a));
} else if (a->isDisruptive() == true) { } else if (dynamic_cast<actions::Tag *>(a)) {
if (m_disruptiveAction != nullptr) { m_actionsTag.push_back(dynamic_cast<actions::Tag *>(a));
delete m_disruptiveAction; } else if (dynamic_cast<actions::Block *>(a)) {
m_disruptiveAction = nullptr; m_actionsRuntimePos.push_back(a);
m_containsStaticBlockAction = true;
} else if (a->isDisruptive() == true) {
if (m_disruptiveAction != nullptr) {
delete m_disruptiveAction;
m_disruptiveAction = nullptr;
}
m_disruptiveAction = a;
} else {
m_actionsRuntimePos.push_back(a);
} }
m_disruptiveAction = a;
} else { } else {
m_actionsRuntimePos.push_back(a); delete a;
std::cout << "General failure, action: " << a->m_name;
std::cout << " has an unknown type." << std::endl;
throw;
} }
} else {
std::cout << "General failure, action: " << a->m_name;
std::cout << " has an unknown type." << std::endl;
delete a;
} }
delete actions;
} }
} }
RuleWithActions::~RuleWithActions() {
void Rule::cleanUpActions() {
if (m_severity) { if (m_severity) {
delete m_severity; delete m_severity;
m_severity = nullptr; m_severity = nullptr;
@ -223,28 +161,7 @@ void Rule::cleanUpActions() {
} }
} }
void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *trans,
inline void Rule::updateMatchedVars(Transaction *trans, const std::string &key,
const std::string &value) {
ms_dbg_a(trans, 9, "Matched vars updated.");
trans->m_variableMatchedVar.set(value, trans->m_variableOffset);
trans->m_variableMatchedVarName.set(key, trans->m_variableOffset);
trans->m_variableMatchedVars.set(key, value, trans->m_variableOffset);
trans->m_variableMatchedVarsNames.set(key, key, trans->m_variableOffset);
}
inline void Rule::cleanMatchedVars(Transaction *trans) {
ms_dbg_a(trans, 9, "Matched vars cleaned.");
trans->m_variableMatchedVar.unset();
trans->m_variableMatchedVars.unset();
trans->m_variableMatchedVarName.unset();
trans->m_variableMatchedVarsNames.unset();
}
void Rule::executeActionsIndependentOfChainedRuleResult(Transaction *trans,
bool *containsBlock, std::shared_ptr<RuleMessage> ruleMessage) { bool *containsBlock, std::shared_ptr<RuleMessage> ruleMessage) {
for (actions::SetVar *a : m_actionsSetVar) { for (actions::SetVar *a : m_actionsSetVar) {
@ -284,36 +201,7 @@ void Rule::executeActionsIndependentOfChainedRuleResult(Transaction *trans,
} }
bool Rule::executeOperatorAt(Transaction *trans, const std::string &key, inline void RuleWithActions::executeTransformation(
std::string value, std::shared_ptr<RuleMessage> ruleMessage) {
#if MSC_EXEC_CLOCK_ENABLED
clock_t begin = clock();
clock_t end;
double elapsed_s = 0;
#endif
bool ret;
ms_dbg_a(trans, 9, "Target value: \"" + utils::string::limitTo(80,
utils::string::toHexIfNeeded(value)) \
+ "\" (Variable: " + key + ")");
ret = this->m_operator->evaluateInternal(trans, this, value, ruleMessage);
if (ret == false) {
return false;
}
#if MSC_EXEC_CLOCK_ENABLED
end = clock();
elapsed_s = static_cast<double>(end - begin) / CLOCKS_PER_SEC;
ms_dbg_a(trans, 5, "Operator completed in " + \
std::to_string(elapsed_s) + " seconds");
#endif
return ret;
}
inline void Rule::executeTransformation(
actions::transformations::Transformation *a, actions::transformations::Transformation *a,
std::shared_ptr<std::string> *value, std::shared_ptr<std::string> *value,
Transaction *trans, Transaction *trans,
@ -345,8 +233,7 @@ inline void Rule::executeTransformation(
utils::string::limitTo(80, newValue) +"\""); utils::string::limitTo(80, newValue) +"\"");
} }
void RuleWithActions::executeTransformations(
void Rule::executeTransformations(
Transaction *trans, const std::string &in, TransformationResults &ret) { Transaction *trans, const std::string &in, TransformationResults &ret) {
int none = 0; int none = 0;
int transformations = 0; int transformations = 0;
@ -437,6 +324,146 @@ void Rule::executeTransformations(
} }
} }
void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans,
bool containsBlock, std::shared_ptr<RuleMessage> ruleMessage) {
bool disruptiveAlreadyExecuted = false;
for (auto &a : trans->m_rules->m_defaultActions[getPhase()]) {
if (a.get()->action_kind != actions::Action::RunTimeOnlyIfMatchKind) {
continue;
}
if (!a.get()->isDisruptive()) {
executeAction(trans, containsBlock, ruleMessage, a.get(), true);
}
}
for (actions::Tag *a : this->m_actionsTag) {
ms_dbg_a(trans, 4, "Running (non-disruptive) action: " \
+ *a->m_name.get());
a->evaluate(this, trans, ruleMessage);
}
for (auto &b :
trans->m_rules->m_exceptions.m_action_pos_update_target_by_id) {
if (m_ruleId != b.first) {
continue;
}
actions::Action *a = dynamic_cast<actions::Action*>(b.second.get());
executeAction(trans, containsBlock, ruleMessage, a, false);
disruptiveAlreadyExecuted = true;
}
for (Action *a : this->m_actionsRuntimePos) {
if (!a->isDisruptive()
&& !(disruptiveAlreadyExecuted
&& dynamic_cast<actions::Block *>(a))) {
executeAction(trans, containsBlock, ruleMessage, a, false);
}
}
if (!disruptiveAlreadyExecuted && m_disruptiveAction != nullptr) {
executeAction(trans, containsBlock, ruleMessage,
m_disruptiveAction, false);
}
}
bool RuleWithActions::containsTag(const std::string& name, Transaction *t) {
for (auto &tag : m_actionsTag) {
if (tag != NULL && tag->getName(t) == name) {
return true;
}
}
return false;
}
bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) {
return m_msg && m_msg->data(t) == name;
}
std::string RuleWithActions::logData(Transaction *t) { return m_logData->data(t); }
std::string RuleWithActions::msg(Transaction *t) { return m_msg->data(t); }
int RuleWithActions::severity() const { return m_severity->m_severity; }
Rule::Rule(Operator *op,
variables::Variables *_variables,
std::vector<Action *> *actions,
Transformations *transformations,
std::unique_ptr<std::string> fileName,
int lineNumber)
: RuleWithActions(actions, transformations, std::move(fileName), lineNumber),
m_chainedRuleChild(nullptr),
m_chainedRuleParent(NULL),
m_operator(op),
m_variables(_variables),
m_unconditional(false) { /* */ }
Rule::~Rule() {
if (m_operator != NULL) {
delete m_operator;
}
while (m_variables != NULL && m_variables->empty() == false) {
auto *a = m_variables->back();
m_variables->pop_back();
delete a;
}
if (m_variables != NULL) {
delete m_variables;
}
}
void Rule::updateMatchedVars(Transaction *trans, const std::string &key,
const std::string &value) {
ms_dbg_a(trans, 9, "Matched vars updated.");
trans->m_variableMatchedVar.set(value, trans->m_variableOffset);
trans->m_variableMatchedVarName.set(key, trans->m_variableOffset);
trans->m_variableMatchedVars.set(key, value, trans->m_variableOffset);
trans->m_variableMatchedVarsNames.set(key, key, trans->m_variableOffset);
}
void Rule::cleanMatchedVars(Transaction *trans) {
ms_dbg_a(trans, 9, "Matched vars cleaned.");
trans->m_variableMatchedVar.unset();
trans->m_variableMatchedVars.unset();
trans->m_variableMatchedVarName.unset();
trans->m_variableMatchedVarsNames.unset();
}
bool Rule::executeOperatorAt(Transaction *trans, const std::string &key,
std::string value, std::shared_ptr<RuleMessage> ruleMessage) {
#if MSC_EXEC_CLOCK_ENABLED
clock_t begin = clock();
clock_t end;
double elapsed_s = 0;
#endif
bool ret;
ms_dbg_a(trans, 9, "Target value: \"" + utils::string::limitTo(80,
utils::string::toHexIfNeeded(value)) \
+ "\" (Variable: " + key + ")");
ret = this->m_operator->evaluateInternal(trans, this, value, ruleMessage);
if (ret == false) {
return false;
}
#if MSC_EXEC_CLOCK_ENABLED
end = clock();
elapsed_s = static_cast<double>(end - begin) / CLOCKS_PER_SEC;
ms_dbg_a(trans, 5, "Operator completed in " + \
std::to_string(elapsed_s) + " seconds");
#endif
return ret;
}
void Rule::getVariablesExceptions(Transaction *t, void Rule::getVariablesExceptions(Transaction *t,
variables::Variables *exclusion, variables::Variables *addition) { variables::Variables *exclusion, variables::Variables *addition) {
@ -523,7 +550,7 @@ inline void Rule::getFinalVars(variables::Variables *vars,
void Rule::executeAction(Transaction *trans, void RuleWithActions::executeAction(Transaction *trans,
bool containsBlock, std::shared_ptr<RuleMessage> ruleMessage, bool containsBlock, std::shared_ptr<RuleMessage> ruleMessage,
Action *a, bool defaultContext) { Action *a, bool defaultContext) {
if (a->isDisruptive() == false && *a->m_name.get() != "block") { if (a->isDisruptive() == false && *a->m_name.get() != "block") {
@ -551,55 +578,12 @@ void Rule::executeAction(Transaction *trans,
} }
void Rule::executeActionsAfterFullMatch(Transaction *trans,
bool containsBlock, std::shared_ptr<RuleMessage> ruleMessage) {
bool disruptiveAlreadyExecuted = false;
for (auto &a : trans->m_rules->m_defaultActions[getPhase()]) {
if (a.get()->action_kind != actions::Action::RunTimeOnlyIfMatchKind) {
continue;
}
if (!a.get()->isDisruptive()) {
executeAction(trans, containsBlock, ruleMessage, a.get(), true);
}
}
for (actions::Tag *a : this->m_actionsTag) {
ms_dbg_a(trans, 4, "Running (non-disruptive) action: " \
+ *a->m_name.get());
a->evaluate(this, trans, ruleMessage);
}
for (auto &b :
trans->m_rules->m_exceptions.m_action_pos_update_target_by_id) {
if (m_ruleId != b.first) {
continue;
}
actions::Action *a = dynamic_cast<actions::Action*>(b.second.get());
executeAction(trans, containsBlock, ruleMessage, a, false);
disruptiveAlreadyExecuted = true;
}
for (Action *a : this->m_actionsRuntimePos) {
if (!a->isDisruptive()
&& !(disruptiveAlreadyExecuted
&& dynamic_cast<actions::Block *>(a))) {
executeAction(trans, containsBlock, ruleMessage, a, false);
}
}
if (!disruptiveAlreadyExecuted && m_disruptiveAction != nullptr) {
executeAction(trans, containsBlock, ruleMessage,
m_disruptiveAction, false);
}
}
bool Rule::evaluate(Transaction *trans, bool Rule::evaluate(Transaction *trans,
std::shared_ptr<RuleMessage> ruleMessage) { std::shared_ptr<RuleMessage> ruleMessage) {
bool globalRet = false; bool globalRet = false;
variables::Variables *variables = this->m_variables; variables::Variables *variables = this->m_variables;
bool recursiveGlobalRet; bool recursiveGlobalRet;
bool containsBlock = m_containsStaticBlockAction; bool containsBlock = hasBlockAction();
std::string eparam; std::string eparam;
variables::Variables vars; variables::Variables vars;
vars.reserve(4); vars.reserve(4);
@ -721,7 +705,7 @@ bool Rule::evaluate(Transaction *trans,
&containsBlock, ruleMessage); &containsBlock, ruleMessage);
bool isItToBeLogged = ruleMessage->m_saveMessage; bool isItToBeLogged = ruleMessage->m_saveMessage;
if (m_containsMultiMatchAction && isItToBeLogged) { if (hasMultimatch() && isItToBeLogged) {
/* warn */ /* warn */
trans->m_rulesMessages.push_back(*ruleMessage); trans->m_rulesMessages.push_back(*ruleMessage);
@ -778,21 +762,20 @@ end_exec:
/* last rule in the chain. */ /* last rule in the chain. */
bool isItToBeLogged = (ruleMessage->m_saveMessage && (m_chainedRuleParent == nullptr)); bool isItToBeLogged = (ruleMessage->m_saveMessage && (m_chainedRuleParent == nullptr));
if (isItToBeLogged && !m_containsMultiMatchAction) { if (isItToBeLogged && !hasMultimatch()) {
/* warn */ /* warn */
trans->m_rulesMessages.push_back(*ruleMessage); trans->m_rulesMessages.push_back(*ruleMessage);
/* error */ /* error */
if (!ruleMessage->m_isDisruptive) { if (!ruleMessage->m_isDisruptive) {
trans->serverLog(ruleMessage); trans->serverLog(ruleMessage);
}
} }
}
return true; return true;
} }
std::vector<actions::Action *> Rule::getActionsByName(const std::string& name, std::vector<actions::Action *> RuleWithActions::getActionsByName(const std::string& name,
Transaction *trans) { Transaction *trans) {
std::vector<actions::Action *> ret; std::vector<actions::Action *> ret;
for (auto &z : m_actionsRuntimePos) { for (auto &z : m_actionsRuntimePos) {
@ -829,23 +812,6 @@ std::vector<actions::Action *> Rule::getActionsByName(const std::string& name,
} }
bool Rule::containsTag(const std::string& name, Transaction *t) {
for (auto &tag : m_actionsTag) {
if (tag != NULL && tag->getName(t) == name) {
return true;
}
}
return false;
}
bool Rule::containsMsg(const std::string& name, Transaction *t) {
return m_msg && m_msg->data(t) == name;
}
std::string Rule::getOperatorName() const { return m_operator->m_op; } std::string Rule::getOperatorName() const { return m_operator->m_op; }
std::string Rule::logData(Transaction *t) { return m_logData->data(t); }
std::string Rule::msg(Transaction *t) { return m_msg->data(t); }
int Rule::severity() const { return m_severity->m_severity; }
} // namespace modsecurity } // namespace modsecurity

6
src/run_time_string.cc
View File

@ -51,14 +51,16 @@ std::string RunTimeString::evaluate(Transaction *t) {
} }
std::string RunTimeString::evaluate(Transaction *t, Rule *r) { std::string RunTimeString::evaluate(Transaction *t, RuleBase *r) {
std::string s; std::string s;
for (auto &z : m_elements) { for (auto &z : m_elements) {
if (z->m_string.size() > 0) { if (z->m_string.size() > 0) {
s.append(z->m_string); s.append(z->m_string);
} else if (z->m_var != NULL && t != NULL) { } else if (z->m_var != NULL && t != NULL) {
std::vector<const VariableValue *> l; std::vector<const VariableValue *> l;
z->m_var->evaluate(t, r, &l); // FIXME: This cast should be removed.
Rule *rr = dynamic_cast<Rule *>(r);
z->m_var->evaluate(t, rr, &l);
if (l.size() > 0) { if (l.size() > 0) {
s.append(l[0]->getValue()); s.append(l[0]->getValue());
} }

2
src/run_time_string.h
View File

@ -49,7 +49,7 @@ class RunTimeString {
void appendText(const std::string &text); void appendText(const std::string &text);
void appendVar(std::unique_ptr<modsecurity::variables::Variable> var); void appendVar(std::unique_ptr<modsecurity::variables::Variable> var);
std::string evaluate(Transaction *t); std::string evaluate(Transaction *t);
std::string evaluate(Transaction *t, Rule *r); std::string evaluate(Transaction *t, RuleBase *r);
std::string evaluate() { std::string evaluate() {
return evaluate(NULL); return evaluate(NULL);
} }