cosmetics: Having the parser in a better shape regarding operators 1/2

src/operators/detect_sqli.h

@@ -31,6 +31,10 @@ class DetectSQLi : public Operator {
         : Operator(op, param, negation) {
             m_match_message.assign("detected SQLi using libinjection.");
         }
+    DetectSQLi()
+        : Operator("DetectSQLi") {
+            m_match_message.assign("detected SQLi using libinjection.");
+        }
 
     bool evaluate(Transaction *transaction, const std::string &input);
 };

src/operators/detect_xss.h

@@ -30,6 +30,10 @@ class DetectXSS : public Operator {
         : Operator(op, param, negation) {
             m_match_message.assign("detected XSS using libinjection.");
         }
+    DetectXSS()
+        : Operator("DetectXSS") {
+            m_match_message.assign("detected XSS using libinjection.");
+        }
 
     bool evaluate(Transaction *transaction, const std::string &input);
 };

src/operators/geo_lookup.cc

@@ -93,12 +93,6 @@ bool GeoLookup::evaluate(Transaction *trans, const std::string &exp) {
     return ret;
 }
 
-GeoLookup::GeoLookup(std::string op, std::string param,
-bool negation)
-    : Operator() {
-    this->m_op = op;
-    this->m_param = param;
-}
 
 }  // namespace operators
 }  // namespace modsecurity

src/operators/geo_lookup.h

@@ -27,7 +27,10 @@ namespace operators {
 class GeoLookup : public Operator {
  public:
     /** @ingroup ModSecurity_Operator */
-    GeoLookup(std::string o, std::string p, bool i);
+    GeoLookup(std::string op, std::string param, bool negation)
+        : Operator(op, param, negation) { }
+    GeoLookup(std::string param)
+        : Operator("GeoLookup", param) { }
     bool evaluate(Transaction *transaction, const std::string &exp) override;
 };
 

src/operators/operator.h

@@ -35,12 +35,25 @@ class Operator {
         m_negation(false),
         m_op(""),
         m_param("") { }
-    Operator(std::string op, std::string param, bool negation)
+
+    Operator(std::string opName, std::string param, bool negation)
         : m_match_message(""),
         m_negation(negation),
-        m_op(op),
+        m_op(opName),
         m_param(param) { }
 
+    Operator(std::string opName, std::string param)
+        : m_match_message(""),
+        m_negation(false),
+        m_op(opName),
+        m_param(param) { }
+
+    Operator(std::string opName)
+        : m_match_message(""),
+        m_negation(false),
+        m_op(opName),
+        m_param() { }
+
     virtual ~Operator() { }
     static Operator *instantiate(std::string opName);
 

src/operators/rx.h

@@ -38,6 +38,10 @@ class Rx : public Operator {
         : Operator(op, param, negation) {
         m_re = new Regex(param);
         }
+    Rx(std::string name, std::string param)
+        : Operator(name, param) {
+        m_re = new Regex(param);
+    }
 
     ~Rx() {
         delete m_re;

src/operators/unconditional_match.cc

@@ -20,9 +20,7 @@ namespace operators {
 
 bool UnconditionalMatch::evaluate(Transaction *transaction,
     const std::string &input) {
-    bool contains = true;
-
-    return contains;
+    return true;
 }
 
 }  // namespace operators

src/operators/unconditional_match.h

@@ -22,7 +22,6 @@
 #include "modsecurity/transaction.h"
 #include "src/operators/operator.h"
 
-#ifdef __cplusplus
 namespace modsecurity {
 namespace operators {
 
@@ -31,13 +30,14 @@ class UnconditionalMatch : public Operator {
     /** @ingroup ModSecurity_Operator */
     UnconditionalMatch(std::string op, std::string param, bool negation)
         : Operator(op, param, negation) { }
+    UnconditionalMatch()
+        : Operator("UnconditionalMatch") { }
 
     bool evaluate(Transaction *transaction, const std::string &exp) override;
 };
 
 }  // namespace operators
 }  // namespace modsecurity
-#endif
 
 
 #endif  // SRC_OPERATORS_UNCONDITIONAL_MATCH_H_

src/operators/validate_url_encoding.h

@@ -29,6 +29,8 @@ class ValidateUrlEncoding : public Operator {
     /** @ingroup ModSecurity_Operator */
     ValidateUrlEncoding(std::string op, std::string param, bool negation)
         : Operator(op, param, negation) { }
+    ValidateUrlEncoding()
+        : Operator("ValidateUrlEncoding") { }
 
     bool evaluate(Transaction *transaction, const std::string &input) override;
     int validate_url_encoding(const char *input, uint64_t input_length);

src/operators/validate_utf8_encoding.h

@@ -36,6 +36,8 @@ class ValidateUtf8Encoding : public Operator {
     /** @ingroup ModSecurity_Operator */
     ValidateUtf8Encoding(std::string op, std::string param, bool negation)
         : Operator(op, param, negation) { }
+    ValidateUtf8Encoding()
+        : Operator("ValidateUtf8Encoding") { }
 
     bool evaluate(Transaction *transaction, const std::string &input) override;
 

src/parser/seclang-parser.yy

@@ -95,6 +95,45 @@ class Driver;
 #include "src/actions/transformations/remove_whitespace.h"
 #include "src/actions/transformations/css_decode.h"
 
+#include "src/operators/begins_with.h"
+#include "src/operators/contains.h"
+#include "src/operators/contains_word.h"
+#include "src/operators/detect_sqli.h"
+#include "src/operators/detect_xss.h"
+#include "src/operators/ends_with.h"
+#include "src/operators/eq.h"
+#include "src/operators/fuzzy_hash.h"
+#include "src/operators/ge.h"
+#include "src/operators/geo_lookup.h"
+#include "src/operators/gsblookup.h"
+#include "src/operators/gt.h"
+#include "src/operators/inspect_file.h"
+#include "src/operators/ip_match_f.h"
+#include "src/operators/ip_match_from_file.h"
+#include "src/operators/ip_match.h"
+#include "src/operators/le.h"
+#include "src/operators/lt.h"
+#include "src/operators/no_match.h"
+#include "src/operators/operator.h"
+#include "src/operators/pm_f.h"
+#include "src/operators/pm_from_file.h"
+#include "src/operators/pm.h"
+#include "src/operators/rbl.h"
+#include "src/operators/rsub.h"
+#include "src/operators/rx.h"
+#include "src/operators/str_eq.h"
+#include "src/operators/str_match.h"
+#include "src/operators/unconditional_match.h"
+#include "src/operators/validate_byte_range.h"
+#include "src/operators/validate_dtd.h"
+#include "src/operators/validate_hash.h"
+#include "src/operators/validate_schema.h"
+#include "src/operators/validate_url_encoding.h"
+#include "src/operators/validate_utf8_encoding.h"
+#include "src/operators/verify_cc.h"
+#include "src/operators/verify_cpf.h"
+#include "src/operators/verify_ssn.h"
+#include "src/operators/within.h"
 
 
 #include "modsecurity/audit_log.h"
@@ -364,6 +403,11 @@ using modsecurity::operators::Operator;
 %token <std::string> FREE_TEXT
 
 %token <std::string> OPERATOR
+%token <std::string> OPERATOR_UNCONDITIONAL_MATCH
+%token <std::string> OPERATOR_DETECT_SQLI
+%token <std::string> OPERATOR_DETECT_XSS
+%token <std::string> OPERATOR_VALIDATE_URL_ENCODING
+%token <std::string> OPERATOR_VALIDATE_UTF8_ENCODING
 %token <std::string> OPERATOR_GEOIP
 %token <std::string> QUOTATION_MARK
 %token <std::string> RUN_TIME_VAR_BLD
@@ -392,6 +436,7 @@ using modsecurity::operators::Operator;
 %type <std::vector<actions::Action *> *> actions
 
 %type <std::vector<Variable *> *> variables
+%type <Operator *> op_before_init
 %type <Operator *> op
 %type <Variable *> var
 
@@ -550,28 +595,47 @@ actions:
       }
     ;
 
-
 op:
-    OPERATOR
+    op_before_init
       {
-        Operator *op = Operator::instantiate($1);
+        $$ = $1;
         std::string error;
-        if (op->init(driver.ref.back(), &error) == false) {
+        if ($$->init(driver.ref.back(), &error) == false) {
             driver.error(@0, error);
             YYERROR;
         }
-        $$ = op;
+      }
+    ;
+
+op_before_init:
+    OPERATOR
+      {
+        $$ = Operator::instantiate($1);
+      }
+    | OPERATOR_UNCONDITIONAL_MATCH
+      {
+        $$ = new operators::UnconditionalMatch();
+      }
+    | OPERATOR_DETECT_SQLI
+      {
+        $$ = new operators::DetectSQLi();
+      }
+    | OPERATOR_DETECT_XSS
+      {
+        $$ = new operators::DetectXSS();
+      }
+    | OPERATOR_VALIDATE_URL_ENCODING
+      {
+        $$ = new operators::ValidateUrlEncoding();
+      }
+    | OPERATOR_VALIDATE_UTF8_ENCODING
+      {
+        $$ = new operators::ValidateUtf8Encoding();
       }
     | OPERATOR_GEOIP
       {
 #ifdef WITH_GEOIP
-        Operator *op = Operator::instantiate($1);
-        std::string error;
-        if (op->init(driver.ref.back(), &error) == false) {
-            driver.error(@0, error);
-            YYERROR;
-        }
-        $$ = op;
+        $$ = $$ = new operators::GeoLookup($1);
 #else
         std::stringstream ss;
             ss << "This version of ModSecurity was not compiled with GeoIP support.";
@@ -584,13 +648,7 @@ op:
         std::string text = std::string($1);
         text.pop_back();
         text.erase(0, 1);
-        Operator *op = Operator::instantiate("\"@rx " + text + "\"");
-        std::string error;
-        if (op->init(driver.ref.back(), &error) == false) {
-            driver.error(@0, error);
-            YYERROR;
-        }
-        $$ = op;
+        $$ = new operators::Rx("rx", text);
       }
     ;
 

src/parser/seclang-scanner.ll

@@ -183,7 +183,12 @@ FREE_TEXT_SPACE                         [^ \t]+
 FREE_TEXT_SPACE_COMMA                   [^, \t]+
 FREE_TEXT_SPACE_COMMA_QUOTE             [^, \t\"\n\r]+
 NEW_LINE_FREE_TEXT                      [^, \t\"\n\r]+
-OPERATORNOARG                           (?i:@unconditionalMatch|@detectSQLi|@detectXSS|@validateUrlEncoding|@validateUtf8Encoding)
+OPERATOR_UNCONDITIONAL_MATCH            (?i:@unconditionalMatch)
+OPERATOR_DETECT_SQLI                    (?i:@detectSQLi)
+OPERATOR_DETECT_XSS                     (?i:@detectXSS)
+OPERATOR_VALIDATE_URL_ENCODING          (?i:@validateUrlEncoding)
+OPERATOR_VALIDATE_UTF8_ENCODING         (?i:@validateUtf8Encoding)
+
 OPERATOR                                (?i:(?:@inspectFile|@fuzzyHash|@validateByteRange|@validateDTD|@validateHash|@validateSchema|@verifyCC|@verifyCPF|@verifySSN|@gsbLookup|@rsub)|(?:\!{0,1})(?:@within|@containsWord|@contains|@endsWith|@eq|@ge|@gt|@ipMatchF|@ipMatch|@ipMatchFromFile|@le|@lt|@pmf|@pm|@pmFromFile|@rbl|@rx|@streq|@strmatch|@beginsWith))
 OPERATOR_GEOIP                          (?i:@geoLookup)
 REMOVE_RULE_BY                          [0-9A-Za-z_\/\.\-\*\:\;\]\[]+
@@ -450,7 +455,11 @@ VAR_FREE_TEXT_SPACE_COMMA               [^, \t\"]+
 
 <EXPECTING_OPERATOR>{
 ["]{OPERATOR}[ ]{FREE_TEXT}["]                                          { BEGIN(INITIAL); return p::make_OPERATOR(yytext, *driver.loc.back()); }
-["]{OPERATORNOARG}[\t ]*["]                                             { BEGIN(INITIAL); return p::make_OPERATOR(yytext, *driver.loc.back()); }
+["]{OPERATOR_UNCONDITIONAL_MATCH}[\t ]*["]                              { BEGIN(INITIAL); return p::make_OPERATOR_UNCONDITIONAL_MATCH(yytext, *driver.loc.back()); }
+["]{OPERATOR_DETECT_SQLI}[\t ]*["]                                      { BEGIN(INITIAL); return p::make_OPERATOR_DETECT_SQLI(yytext, *driver.loc.back()); }
+["]{OPERATOR_DETECT_XSS}[\t ]*["]                                       { BEGIN(INITIAL); return p::make_OPERATOR_DETECT_XSS(yytext, *driver.loc.back()); }
+["]{OPERATOR_VALIDATE_URL_ENCODING}[\t ]*["]                            { BEGIN(INITIAL); return p::make_OPERATOR_VALIDATE_URL_ENCODING(yytext, *driver.loc.back()); }
+["]{OPERATOR_VALIDATE_UTF8_ENCODING}[\t ]*["]                           { BEGIN(INITIAL); return p::make_OPERATOR_VALIDATE_UTF8_ENCODING(yytext, *driver.loc.back()); }
 ["]{OPERATOR_GEOIP}[\t ]*["]                                            { BEGIN(INITIAL); return p::make_OPERATOR_GEOIP(yytext, *driver.loc.back()); }
 {SOMETHING}                                                             { BEGIN(INITIAL); return p::make_FREE_TEXT(yytext, *driver.loc.back()); }
 }