From 923620fbd015d3f450a9dc82f4e27135c889b564 Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <fcosta@trustwave.com>
Date: Tue, 12 Jan 2016 10:42:36 -0300
Subject: [PATCH] Adds support to the action `allow' in the sec parser

---
 src/parser/seclang-parser.yy  | 19 +++++++++++++++++++
 src/parser/seclang-scanner.ll |  4 ++++
 2 files changed, 23 insertions(+)

diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy
index 8f56a71b..785b331c 100644
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -227,6 +227,7 @@ using modsecurity::Variables::Tx;
 %token <std::string> FREE_TEXT
 %token <std::string> ACTION
 %token <std::string> ACTION_ACCURACY
+%token <std::string> ACTION_ALLOW
 %token <std::string> ACTION_REDIRECT
 %token <std::string> ACTION_SKIP_AFTER
 %token <std::string> ACTION_SKIP
@@ -826,6 +827,24 @@ act:
       {
         $$ = Action::instantiate($1);
       }
+    | ACTION_ALLOW
+      {
+        /*
+
+        TODO: allow is not implemented yet.
+
+        std::string error;
+        Allow *allow = new Allow($1);
+
+        if (allow->init(&error) == false) {
+            driver.parserError << error;
+            YYERROR;
+        }
+
+        $$ = allow;
+        */
+        $$ = Action::instantiate($1);
+      }
     | ACTION_REDIRECT
       {
         $$ =  new Redirect($1);
diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll
index 76e2c652..24ce035e 100755
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@@ -24,6 +24,7 @@ using modsecurity::split;
 %option noyywrap nounput batch debug noinput
 
 ACTION          (?i:accuracy|append|block|capture|chain|deny|deprecatevar|drop|exec|expirevar|id:[0-9]+|id:'[0-9]+'|log|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setrsc|setenv|status:[0-9]+|xmlns)
+ACTION_ALLOW    (?i:allow)
 ACTION_INITCOL  (?i:initcol)
 
 ACTION_ACCURACY (?i:accuracy)
@@ -370,6 +371,9 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
 
 {LOG_DATA}:'{FREE_TEXT_QUOTE}'         { return yy::seclang_parser::make_LOG_DATA(strchr(yytext, ':') + 1, *driver.loc.back()); }
 {ACTION_MSG}:'{FREE_TEXT_QUOTE}'      { return yy::seclang_parser::make_ACTION_MSG(strchr(yytext, ':') + 1, *driver.loc.back()); }
+{ACTION_ALLOW}:'{FREE_TEXT_QUOTE}'      { return yy::seclang_parser::make_ACTION_ALLOW(strchr(yytext, ':') + 1, *driver.loc.back()); }
+{ACTION_ALLOW}:{FREE_TEXT_QUOTE_COMMA}  { return yy::seclang_parser::make_ACTION_ALLOW(strchr(yytext, ':') + 1, *driver.loc.back()); }
+{ACTION_ALLOW}                          { return yy::seclang_parser::make_ACTION_ALLOW("", *driver.loc.back()); }
 {ACTION_REDIRECT}:{FREE_TEXT} { return yy::seclang_parser::make_ACTION_REDIRECT(strchr(yytext, ':') + 1, *driver.loc.back()); }
 {ACTION_TAG}:'{FREE_TEXT_QUOTE}'      { return yy::seclang_parser::make_ACTION_TAG(strchr(yytext, ':') + 1, *driver.loc.back()); }
 {ACTION_REV}:'{FREE_TEXT_QUOTE_COMMA}'      { return yy::seclang_parser::make_ACTION_REV(strchr(yytext, ':') + 1, *driver.loc.back()); }