github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

BeanShell support

Browse Source
This commit is contained in:
Mihai Pitu 2013-09-18 17:41:18 +01:00 committed by Felipe Zimmerle
parent 29f4bd15ea
commit 90856f42b6
1 changed files with 27 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
apache2/re_actions.c
View File

@ -1,4 +1,4 @@
/* /*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/ * ModSecurity for Apache 2.x, http://www.modsecurity.org/
* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/) * Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
* *
@ -2197,31 +2197,34 @@ static char *msre_action_exec_validate(msre_engine *engine, apr_pool_t *mp, msre
static apr_status_t msre_action_exec_execute(modsec_rec *msr, apr_pool_t *mptmp, static apr_status_t msre_action_exec_execute(modsec_rec *msr, apr_pool_t *mptmp,
msre_rule *rule, msre_action *action) msre_rule *rule, msre_action *action)
{ {
//#ifdef WITH_BEANSHELL //#ifdef WITH_BEANSHELL
if (action->param != NULL) { int bsh = 0;
int lenparam = strlen(action->param); int lenparam = action->param != NULL ? strlen(action->param) : -1;
if (lenparam > 0)
if ((action->param[lenparam - 4] == '.' && if ((action->param[lenparam - 4] == '.' &&
action->param[lenparam - 3] == 'b' && action->param[lenparam - 3] == 'b' &&
action->param[lenparam - 2] == 's' && action->param[lenparam - 2] == 's' &&
action->param[lenparam - 1] == 'h')) { action->param[lenparam - 1] == 'h'))
//beanshell_execute(action->param, msr, mptmp, rule); bsh = 1;
char *script_output = NULL;
int rc;
const char *start = "java -classpath bsh*.jar bsh.Interpreter ";
char *command = (char*) apr_palloc(mptmp, strlen(start) + lenparam + 1); if (bsh) {
msr_log(msr, 1, "Executing: %s", action->param); //beanshell_execute(action->param, msr, mptmp, rule);
strcpy(command, start); char *script_output = NULL;
strcat(command, action->param); int rc;
command[strlen(start) + lenparam] = '\0'; const char *start = "java -classpath bsh*.jar bsh.Interpreter ";
rc = apache2_exec(msr, command, NULL, &script_output);
if (rc != 1) { char *command = (char*) apr_palloc(mptmp, strlen(start) + lenparam + 1);
msr_log(msr, 1, "Failed to execute: %s", action->param); msr_log(msr, 1, "beanshell ftw");
return 0; strcpy(command, start);
} strcat(command, action->param);
command[strlen(start) + lenparam] = '\0';
rc = apache2_exec(msr, command, NULL, &script_output);
if (rc != 1) {
msr_log(msr, 1, "Failed to execute: %s", action->param);
return 0;
} }
} } else
//#endif //#endif
#if defined(WITH_LUA) #if defined(WITH_LUA)
if (action->param_data != NULL) { /* Lua */ if (action->param_data != NULL) { /* Lua */
msc_script *script = (msc_script *)action->param_data; msc_script *script = (msc_script *)action->param_data;
@ -2982,4 +2985,4 @@ void msre_engine_register_default_actions(msre_engine *engine) {
NULL, NULL,
msre_action_append_execute msre_action_append_execute
); );
} }