github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring: Rule class

Browse Source
This commit is contained in:
Felipe Zimmerle 2016-11-28 10:07:19 -03:00
parent a776cce6d7
commit 9bd37ccb63
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
9 changed files with 14 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
headers/modsecurity/rule_message.h
View File

@ -49,22 +49,6 @@ class RuleMessage {
m_match(std::string("")) m_match(std::string(""))
{ } { }
RuleMessage(Rule *rule, std::string message) :
m_ruleFile(rule->m_fileName),
m_ruleLine(rule->m_lineNumber),
m_ruleId(rule->rule_id),
m_rev(rule->m_rev),
m_accuracy(rule->m_accuracy),
m_message(message),
m_data(std::string("")),
m_severity(0),
m_ver(rule->m_ver),
m_maturity(rule->m_maturity),
m_rule(rule),
m_saveMessage(false),
m_match(std::string(""))
{ }
std::string errorLog(Transaction *trans); std::string errorLog(Transaction *trans);
@ -81,6 +65,8 @@ class RuleMessage {
int m_accuracy; int m_accuracy;
std::list<std::string> m_tags; std::list<std::string> m_tags;
std::vector<actions::Action *> m_tmp_actions;
std::list<std::string> m_server_logs;
Rule *m_rule; Rule *m_rule;
bool m_saveMessage; bool m_saveMessage;

1
src/actions/log_data.cc
View File

@ -32,6 +32,7 @@ namespace actions {
bool LogData::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { bool LogData::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
rm->m_data = data(transaction); rm->m_data = data(transaction);
transaction->m_collections.storeOrUpdateFirst("RULE:logdata", rm->m_data);
return true; return true;
} }

5
src/rule.cc
View File

@ -586,8 +586,9 @@ bool Rule::evaluate(Transaction *trasn) {
&containsDisruptive, &ruleMessage); &containsDisruptive, &ruleMessage);
std::string msg2save = ruleMessage.errorLog(trasn); std::string msg2save = ruleMessage.errorLog(trasn);
if (ruleMessage.m_message.empty() == false) { if (ruleMessage.m_message.empty() == false) {
trasn->debug(4, "Scheduled to be saved on the server " + trasn->debug(4,
"log: " + msg2save + ""); "Scheduled to be saved on the server log: " \
+ msg2save + "");
ruleMessage.m_server_logs.push_back(msg2save); ruleMessage.m_server_logs.push_back(msg2save);
} }
globalRet = true; globalRet = true;

2
test/test-cases/regression/action-disruptive.json
View File

@ -5,7 +5,7 @@
"title":"Testing Disruptive actions (1/n)", "title":"Testing Disruptive actions (1/n)",
"expected":{ "expected":{
"debug_log": " Running action: deny", "debug_log": " Running action: deny",
"http_code":404 "http_code":403
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",

2
test/test-cases/regression/secaction.json
View File

@ -49,7 +49,7 @@
}, },
"expected": { "expected": {
"audit_log": "", "audit_log": "",
"debug_log": "Running unconditional rule.", "debug_log": "Executing unconditional rule",
"error_log": "" "error_log": ""
}, },
"rules": [ "rules": [

4
test/test-cases/regression/secruleengine.json
View File

@ -5,7 +5,7 @@
"title":"Testing Disruptive actions (1/n)", "title":"Testing Disruptive actions (1/n)",
"expected":{ "expected":{
"debug_log": " Running action: deny", "debug_log": " Running action: deny",
"http_code":404 "http_code":403
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",
@ -34,7 +34,7 @@
"version_min":300000, "version_min":300000,
"title":"Testing Disruptive actions (3/n)", "title":"Testing Disruptive actions (3/n)",
"expected":{ "expected":{
"debug_log": "Not running disruptive action: block. SecRuleEngine is not On", "debug_log": "_Not_ running action: deny. Rule _does not_contains a disruptive action, but SecRuleEngine is not On.",
"http_code":200 "http_code":200
}, },
"rules":[ "rules":[

2
test/test-cases/regression/variable-FILES.json
View File

@ -51,7 +51,7 @@
] ]
}, },
"expected":{ "expected":{
"debug_log":"T \\(1\\) t:trim: \"small_text_file" "debug_log":"T \\(0\\) t:trim: \"small_text_file"
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",

2
test/test-cases/regression/variable-FILES_NAMES.json
View File

@ -51,7 +51,7 @@
] ]
}, },
"expected":{ "expected":{
"debug_log":"T \\(1\\) t:trim: \"filedata" "debug_log":"T \\(0\\) t:trim: \"filedata"
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",

4
test/test-cases/regression/variable-RULE.json
View File

@ -256,7 +256,7 @@
] ]
}, },
"expected":{ "expected":{
"debug_log":" Target value: \"message123\" \\(Variable: RULE:msg\\)" "debug_log":" Target value: \"message123\" \\(Variable: rule:msg\\)"
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",
@ -304,7 +304,7 @@
}, },
"rules":[ "rules":[
"SecRuleEngine On", "SecRuleEngine On",
"SecRule rule:msg \"@contains message\" \"id:1,setvar:'ip.block_reason=%{RULE.msg}%',msg:'message123',phase:3,pass,t:trim\"" "SecRule rule:msg \"@contains message\" \"id:1,msg:'message123',setvar:'ip.block_reason=%{RULE.msg}%',phase:3,pass,t:trim\""
] ]
} }
] ]