Adds support to the @pm operator

2025-09-29 19:24:29 +03:00 · 2015-08-04 01:08:39 -03:00
parent 774d897351
commit 95efb99a8c
5 changed files with 716 additions and 12 deletions
--- a/src/operators/pm.cc
+++ b/src/operators/pm.cc
@@ -16,26 +16,80 @@
 #include "operators/pm.h"

 #include <string>
+#include <algorithm>
+#include <iterator>
+#include <sstream>
+#include <vector>

 #include "operators/operator.h"

 namespace ModSecurity {
 namespace operators {

-bool Pm::evaluate(Assay *assay) {
-    /**
-     * @todo Implement the operator Pm.
-     *       Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#pm
-     */
-    return true;
+Pm::~Pm() {
+    postOrderTraversal(m_p->root_node->btree);
+
+    free(m_p->root_node);
+    m_p->root_node = NULL;
+    if (m_p) {
+        free(m_p);
+        m_p = NULL;
+    }
 }


-Pm::Pm(std::string op, std::string param, bool negation)
-    : Operator() {
-    this->op = op;
-    this->param = param;
+void Pm::postOrderTraversal(acmp_btree_node_t *node) {
+    if (node == NULL) {
+        return;
+    }
+
+    postOrderTraversal(node->left);
+    postOrderTraversal(node->right);
+
+    if (node->node->text) {
+        free(node->node->text);
+        node->node->text = NULL;
+    }
+
+    free(node->node);
+    node->node = NULL;
+    free(node);
+    node = NULL;
 }

+
+bool Pm::evaluate(Assay *assay, const std::string &input) {
+    int rc = 0;
+    ACMPT pt;
+    pt.parser = m_p;
+    pt.ptr = NULL;
+    const char *match = NULL;
+
+    rc = acmp_process_quick(&pt, &match, input.c_str(), input.length());
+    if (rc == 1) {
+        // save into tx, etc...
+    }
+
+    return rc == 1;
+}
+
+
+bool Pm::init(const char **error) {
+    std::vector<std::string> vec;
+
+    std::istringstream iss(param);
+    std::copy(std::istream_iterator<std::string>(iss),
+        std::istream_iterator<std::string>(),
+        back_inserter(vec));
+
+    for (auto &a : vec) {
+        acmp_add_pattern(m_p, a.c_str(), NULL, NULL, a.length());
+    }
+
+
+    acmp_prepare(m_p);
+}
+
+
 }  // namespace operators
 }  // namespace ModSecurity
--- a/src/operators/pm.h
+++ b/src/operators/pm.h
@@ -19,18 +19,32 @@
 #include <string>

 #include "operators/operator.h"
+#include "utils/acmp.h"

 #ifdef __cplusplus
 namespace ModSecurity {
 namespace operators {

+
 class Pm : public Operator {
 public:
    /** @ingroup ModSecurity_Operator */
-    Pm(std::string o, std::string p, bool i);
-    bool evaluate(Assay *assay);
+    Pm(std::string op, std::string param, bool negation)
+        : Operator(op, param, negation) {
+        m_p = acmp_create(0);
+    }
+    ~Pm();
+
+    bool evaluate(Assay *assay, const std::string &input);
+
+    virtual bool init(const char **error);
+    void postOrderTraversal(acmp_btree_node_t *node);
+
+ protected:
+    ACMP *m_p;
 };

+
 }  // namespace operators
 }  // namespace ModSecurity
 #endif