Adds support to setrsc action

2025-08-13 13:26:01 +03:00 · 2017-06-09 10:47:24 -03:00 · 2017-06-09 10:47:24 -03:00 · 9cb3f23b50
commit 9cb3f23b50
parent 616a95bfe0
10 changed files with 4568 additions and 4279 deletions
--- a/Makefile.am
+++ b/Makefile.am
@ -126,6 +126,7 @@ TESTS+=test/test-cases/regression/issue-960.json
 TESTS+=test/test-cases/regression/request-body-parser-xml-validade-dtd.json
 TESTS+=test/test-cases/regression/variable-TIME_MIN.json
 TESTS+=test/test-cases/regression/action-setuid.json
+TESTS+=test/test-cases/regression/action-setrsc.json
 TESTS+=test/test-cases/regression/issue-1152.json
 TESTS+=test/test-cases/regression/config-calling_phases_by_name.json
 TESTS+=test/test-cases/regression/variable-USERID.json
--- a/src/Makefile.am
+++ b/src/Makefile.am
@ -128,6 +128,7 @@ ACTIONS = \
 	actions/rev.cc \
 	actions/rule_id.cc \
 	actions/severity.cc \
+	actions/set_rsc.cc \
 	actions/set_sid.cc \
 	actions/set_uid.cc \
 	actions/set_var.cc \
--- a/src/actions/set_rsc.cc
+++ b/src/actions/set_rsc.cc
@ -0,0 +1,58 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "src/actions/set_rsc.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/transaction.h"
+#include "modsecurity/rule.h"
+#include "src/macro_expansion.h"
+
+
+namespace modsecurity {
+namespace actions {
+
+
+bool SetRSC::init(std::string *error) {
+    m_collection_key = std::string(m_parser_payload, 0,
+        m_parser_payload.length());
+
+    if (m_collection_key.empty()) {
+        error->assign("Missing collection key");
+        return false;
+    }
+
+    return true;
+}
+
+
+bool SetRSC::evaluate(Rule *rule, Transaction *t) {
+    std::string colNameExpanded = MacroExpansion::expand(m_collection_key, t);
+
+#ifndef NO_LOGS
+    t->debug(8, "RESOURCE initiated with value: \'"
+        + colNameExpanded + "\'.");
+#endif
+
+    t->m_collections.m_resource_collection_key = colNameExpanded;
+    t->m_variableResource.set(colNameExpanded, t->m_variableOffset);
+
+    return true;
+}
+
+}  // namespace actions
+}  // namespace modsecurity
--- a/src/actions/set_rsc.h
+++ b/src/actions/set_rsc.h
@ -0,0 +1,46 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "modsecurity/actions/action.h"
+
+#ifndef SRC_ACTIONS_SET_RSC_H_
+#define SRC_ACTIONS_SET_RSC_H_
+
+class Transaction;
+
+namespace modsecurity {
+class Transaction;
+namespace actions {
+
+
+class SetRSC : public Action {
+ public:
+    explicit SetRSC(std::string _action)
+        : Action(_action) { }
+
+    bool evaluate(Rule *rule, Transaction *transaction) override;
+    bool init(std::string *error) override;
+
+ private:
+    std::string m_collection_key;
+};
+
+
+}  // namespace actions
+}  // namespace modsecurity
+
+#endif  // SRC_ACTIONS_SET_RSC_H_
--- a/src/parser/seclang-parser.cc
+++ b/src/parser/seclang-parser.cc
--- a/src/parser/seclang-parser.hh
+++ b/src/parser/seclang-parser.hh
@ -80,6 +80,7 @@ class Driver;
 #include "src/actions/phase.h"
 #include "src/actions/rev.h"
 #include "src/actions/rule_id.h"
+#include "src/actions/set_rsc.h"
 #include "src/actions/set_sid.h"
 #include "src/actions/set_uid.h"
 #include "src/actions/set_var.h"
@ -366,7 +367,7 @@ using modsecurity::operators::Operator;



-#line 370 "seclang-parser.hh" // lalr1.cc:377
+#line 371 "seclang-parser.hh" // lalr1.cc:377

 # include <cassert>
 # include <cstdlib> // std::abort
@ -443,7 +444,7 @@ using modsecurity::operators::Operator;


 namespace yy {
-#line 447 "seclang-parser.hh" // lalr1.cc:377
+#line 448 "seclang-parser.hh" // lalr1.cc:377



@ -654,7 +655,7 @@ namespace yy {
      // "SanatiseRequestHeader"
      // "SanatiseResponseHeader"
      // "SetEnv"
-      // "SetSrc"
+      // "SetRsc"
      // "SetSid"
      // "SetUID"
      // "Severity"
@ -2752,7 +2753,7 @@ namespace yy {
      case 134: // "SanatiseRequestHeader"
      case 135: // "SanatiseResponseHeader"
      case 136: // "SetEnv"
-      case 137: // "SetSrc"
+      case 137: // "SetRsc"
      case 138: // "SetSid"
      case 139: // "SetUID"
      case 140: // "Severity"
@ -2990,7 +2991,7 @@ namespace yy {
      case 134: // "SanatiseRequestHeader"
      case 135: // "SanatiseResponseHeader"
      case 136: // "SetEnv"
-      case 137: // "SetSrc"
+      case 137: // "SetRsc"
      case 138: // "SetSid"
      case 139: // "SetUID"
      case 140: // "Severity"
@ -3294,7 +3295,7 @@ namespace yy {
      case 134: // "SanatiseRequestHeader"
      case 135: // "SanatiseResponseHeader"
      case 136: // "SetEnv"
-      case 137: // "SetSrc"
+      case 137: // "SetRsc"
      case 138: // "SetSid"
      case 139: // "SetUID"
      case 140: // "Severity"
@ -3538,7 +3539,7 @@ namespace yy {
      case 134: // "SanatiseRequestHeader"
      case 135: // "SanatiseResponseHeader"
      case 136: // "SetEnv"
-      case 137: // "SetSrc"
+      case 137: // "SetRsc"
      case 138: // "SetSid"
      case 139: // "SetUID"
      case 140: // "Severity"
@ -5522,7 +5523,7 @@ namespace yy {


 } // yy
-#line 5526 "seclang-parser.hh" // lalr1.cc:377
+#line 5527 "seclang-parser.hh" // lalr1.cc:377



--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@ -46,6 +46,7 @@ class Driver;
 #include "src/actions/phase.h"
 #include "src/actions/rev.h"
 #include "src/actions/rule_id.h"
+#include "src/actions/set_rsc.h"
 #include "src/actions/set_sid.h"
 #include "src/actions/set_uid.h"
 #include "src/actions/set_var.h"
@ -487,7 +488,7 @@ using modsecurity::operators::Operator;
  ACTION_SANATISE_REQUEST_HEADER               "SanatiseRequestHeader"
  ACTION_SANATISE_RESPONSE_HEADER              "SanatiseResponseHeader"
  ACTION_SETENV                                "SetEnv"
-  ACTION_SETRSC                                "SetSrc"
+  ACTION_SETRSC                                "SetRsc"
  ACTION_SETSID                                "SetSid"
  ACTION_SETUID                                "SetUID"
  ACTION_SEVERITY                              "Severity"
@ -2182,7 +2183,7 @@ act:
      }
    | ACTION_SETRSC
      {
-        ACTION_NOT_SUPPORTED("SetRSC", @0);
+        ACTION_CONTAINER($$, new actions::SetRSC($1));
      }
    | ACTION_SETSID
      {
--- a/src/parser/seclang-scanner.cc
+++ b/src/parser/seclang-scanner.cc
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@ -398,7 +398,10 @@ EQUALS_MINUS                            (?i:=\-)
 {ACTION_SANATISE_MATCHED_BYTES}                                         { return p::make_ACTION_SANATISE_MATCHED_BYTES(yytext, *driver.loc.back()); }
 {ACTION_SANATISE_REQUEST_HEADER}                                        { return p::make_ACTION_SANATISE_REQUEST_HEADER(yytext, *driver.loc.back()); }
 {ACTION_SANATISE_RESPONSE_HEADER}                                       { return p::make_ACTION_SANATISE_RESPONSE_HEADER(yytext, *driver.loc.back()); }
-{ACTION_SETRSC}                                                         { return p::make_ACTION_SETRSC(yytext, *driver.loc.back()); }
+{ACTION_SETRSC}:{VAR_FREE_TEXT_SPACE_COMMA}                             { return p::make_ACTION_SETRSC(yytext, *driver.loc.back()); }
+{ACTION_SETRSC}:'{VAR_FREE_TEXT_QUOTE}'                                 { return p::make_ACTION_SETRSC(yytext, *driver.loc.back()); }
+{ACTION_SETRSC}:{VAR_FREE_TEXT_SPACE_COMMA}                             { return p::make_ACTION_SETRSC(yytext, *driver.loc.back()); }
+
 {ACTION_STATUS}                                                         { return p::make_ACTION_STATUS(yytext, *driver.loc.back()); }
 {ACTION_ACCURACY}:'{FREE_TEXT_QUOTE}'                                   { return p::make_ACTION_ACCURACY(yytext, *driver.loc.back()); }
 {ACTION_ACCURACY}:{FREE_TEXT_QUOTE}                                     { return p::make_ACTION_ACCURACY(yytext, *driver.loc.back()); }
@ -509,6 +512,10 @@ EQUALS_MINUS                            (?i:=\-)
 {VARIABLE_SESSION}(\:{DICT_ELEMENT_TWO})?                          { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
 {VARIABLE_SESSION}(\.[\']{DICT_ELEMENT_TWO}[\'])?                  { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
 {VARIABLE_SESSION}(\.{DICT_ELEMENT_TWO})?                          { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
+{VARIABLE_RESOURCE}(\:[\']{DICT_ELEMENT_TWO}[\'])?                 { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
+{VARIABLE_RESOURCE}(\:{DICT_ELEMENT_TWO})?                         { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
+{VARIABLE_RESOURCE}(\.[\']{DICT_ELEMENT_TWO}[\'])?                 { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
+{VARIABLE_RESOURCE}(\.{DICT_ELEMENT_TWO})?                         { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
 {VARIABLE_IP}(\:[\']{DICT_ELEMENT_TWO}[\'])?                       { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
 {VARIABLE_IP}(\:{DICT_ELEMENT_TWO})?                               { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
 {VARIABLE_IP}(\.[\']{DICT_ELEMENT_TWO}[\'])?                       { BEGIN(SETVAR_ACTION_WAITING_OPERATION); return p::make_VARIABLE(yytext, *driver.loc.back()); }
--- a/test/test-cases/regression/action-setrsc.json
+++ b/test/test-cases/regression/action-setrsc.json
@ -0,0 +1,36 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing setrsc action",
+    "expected":{
+      "debug_log": "Saving variable: RESOURCE:score with value: "
+    },
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "User-Agent":"My sweet little browser",
+        "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
+      },
+      "uri":"/?key=value&key=other_value",
+      "method":"GET"
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setrsc:'test',nolog,pass\"",
+      "SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:RESOURCE.score=+10\"",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900068',phase:1,t:none,t:sha1,t:hexEncode,setrsc:%{REQUEST_COOKIES:PHPSESSID}2,nolog,pass\"",
+      "SecRule REQUEST_HEADERS \".*\" \"id:'900022',phase:1,setvar:RESOURCE.score=+5\""
+    ]
+  }
+]