cosmetics: Having the parser in a better shape regarding operators 1/2

2025-09-29 19:24:29 +03:00 · 2017-01-02 14:33:59 -03:00
parent 3a413080f9
commit 9cda4c0be0
12 changed files with 126 additions and 35 deletions
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -95,6 +95,45 @@ class Driver;
 #include "src/actions/transformations/remove_whitespace.h"
 #include "src/actions/transformations/css_decode.h"

+#include "src/operators/begins_with.h"
+#include "src/operators/contains.h"
+#include "src/operators/contains_word.h"
+#include "src/operators/detect_sqli.h"
+#include "src/operators/detect_xss.h"
+#include "src/operators/ends_with.h"
+#include "src/operators/eq.h"
+#include "src/operators/fuzzy_hash.h"
+#include "src/operators/ge.h"
+#include "src/operators/geo_lookup.h"
+#include "src/operators/gsblookup.h"
+#include "src/operators/gt.h"
+#include "src/operators/inspect_file.h"
+#include "src/operators/ip_match_f.h"
+#include "src/operators/ip_match_from_file.h"
+#include "src/operators/ip_match.h"
+#include "src/operators/le.h"
+#include "src/operators/lt.h"
+#include "src/operators/no_match.h"
+#include "src/operators/operator.h"
+#include "src/operators/pm_f.h"
+#include "src/operators/pm_from_file.h"
+#include "src/operators/pm.h"
+#include "src/operators/rbl.h"
+#include "src/operators/rsub.h"
+#include "src/operators/rx.h"
+#include "src/operators/str_eq.h"
+#include "src/operators/str_match.h"
+#include "src/operators/unconditional_match.h"
+#include "src/operators/validate_byte_range.h"
+#include "src/operators/validate_dtd.h"
+#include "src/operators/validate_hash.h"
+#include "src/operators/validate_schema.h"
+#include "src/operators/validate_url_encoding.h"
+#include "src/operators/validate_utf8_encoding.h"
+#include "src/operators/verify_cc.h"
+#include "src/operators/verify_cpf.h"
+#include "src/operators/verify_ssn.h"
+#include "src/operators/within.h"


 #include "modsecurity/audit_log.h"
@@ -364,6 +403,11 @@ using modsecurity::operators::Operator;
 %token <std::string> FREE_TEXT

 %token <std::string> OPERATOR
+%token <std::string> OPERATOR_UNCONDITIONAL_MATCH
+%token <std::string> OPERATOR_DETECT_SQLI
+%token <std::string> OPERATOR_DETECT_XSS
+%token <std::string> OPERATOR_VALIDATE_URL_ENCODING
+%token <std::string> OPERATOR_VALIDATE_UTF8_ENCODING
 %token <std::string> OPERATOR_GEOIP
 %token <std::string> QUOTATION_MARK
 %token <std::string> RUN_TIME_VAR_BLD
@@ -392,6 +436,7 @@ using modsecurity::operators::Operator;
 %type <std::vector<actions::Action *> *> actions

 %type <std::vector<Variable *> *> variables
+%type <Operator *> op_before_init
 %type <Operator *> op
 %type <Variable *> var

@@ -550,28 +595,47 @@ actions:
      }
    ;

-
 op:
-    OPERATOR
+    op_before_init
      {
-        Operator *op = Operator::instantiate($1);
+        $$ = $1;
        std::string error;
-        if (op->init(driver.ref.back(), &error) == false) {
+        if ($$->init(driver.ref.back(), &error) == false) {
            driver.error(@0, error);
            YYERROR;
        }
-        $$ = op;
+      }
+    ;
+
+op_before_init:
+    OPERATOR
+      {
+        $$ = Operator::instantiate($1);
+      }
+    | OPERATOR_UNCONDITIONAL_MATCH
+      {
+        $$ = new operators::UnconditionalMatch();
+      }
+    | OPERATOR_DETECT_SQLI
+      {
+        $$ = new operators::DetectSQLi();
+      }
+    | OPERATOR_DETECT_XSS
+      {
+        $$ = new operators::DetectXSS();
+      }
+    | OPERATOR_VALIDATE_URL_ENCODING
+      {
+        $$ = new operators::ValidateUrlEncoding();
+      }
+    | OPERATOR_VALIDATE_UTF8_ENCODING
+      {
+        $$ = new operators::ValidateUtf8Encoding();
      }
    | OPERATOR_GEOIP
      {
 #ifdef WITH_GEOIP
-        Operator *op = Operator::instantiate($1);
-        std::string error;
-        if (op->init(driver.ref.back(), &error) == false) {
-            driver.error(@0, error);
-            YYERROR;
-        }
-        $$ = op;
+        $$ = $$ = new operators::GeoLookup($1);
 #else
        std::stringstream ss;
            ss << "This version of ModSecurity was not compiled with GeoIP support.";
@@ -584,13 +648,7 @@ op:
        std::string text = std::string($1);
        text.pop_back();
        text.erase(0, 1);
-        Operator *op = Operator::instantiate("\"@rx " + text + "\"");
-        std::string error;
-        if (op->init(driver.ref.back(), &error) == false) {
-            driver.error(@0, error);
-            YYERROR;
-        }
-        $$ = op;
+        $$ = new operators::Rx("rx", text);
      }
    ;

--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@@ -183,7 +183,12 @@ FREE_TEXT_SPACE                         [^ \t]+
 FREE_TEXT_SPACE_COMMA                   [^, \t]+
 FREE_TEXT_SPACE_COMMA_QUOTE             [^, \t\"\n\r]+
 NEW_LINE_FREE_TEXT                      [^, \t\"\n\r]+
-OPERATORNOARG                           (?i:@unconditionalMatch|@detectSQLi|@detectXSS|@validateUrlEncoding|@validateUtf8Encoding)
+OPERATOR_UNCONDITIONAL_MATCH            (?i:@unconditionalMatch)
+OPERATOR_DETECT_SQLI                    (?i:@detectSQLi)
+OPERATOR_DETECT_XSS                     (?i:@detectXSS)
+OPERATOR_VALIDATE_URL_ENCODING          (?i:@validateUrlEncoding)
+OPERATOR_VALIDATE_UTF8_ENCODING         (?i:@validateUtf8Encoding)
+
 OPERATOR                                (?i:(?:@inspectFile|@fuzzyHash|@validateByteRange|@validateDTD|@validateHash|@validateSchema|@verifyCC|@verifyCPF|@verifySSN|@gsbLookup|@rsub)|(?:\!{0,1})(?:@within|@containsWord|@contains|@endsWith|@eq|@ge|@gt|@ipMatchF|@ipMatch|@ipMatchFromFile|@le|@lt|@pmf|@pm|@pmFromFile|@rbl|@rx|@streq|@strmatch|@beginsWith))
 OPERATOR_GEOIP                          (?i:@geoLookup)
 REMOVE_RULE_BY                          [0-9A-Za-z_\/\.\-\*\:\;\]\[]+
@@ -450,7 +455,11 @@ VAR_FREE_TEXT_SPACE_COMMA               [^, \t\"]+

 <EXPECTING_OPERATOR>{
 ["]{OPERATOR}[ ]{FREE_TEXT}["]                                          { BEGIN(INITIAL); return p::make_OPERATOR(yytext, *driver.loc.back()); }
-["]{OPERATORNOARG}[\t ]*["]                                             { BEGIN(INITIAL); return p::make_OPERATOR(yytext, *driver.loc.back()); }
+["]{OPERATOR_UNCONDITIONAL_MATCH}[\t ]*["]                              { BEGIN(INITIAL); return p::make_OPERATOR_UNCONDITIONAL_MATCH(yytext, *driver.loc.back()); }
+["]{OPERATOR_DETECT_SQLI}[\t ]*["]                                      { BEGIN(INITIAL); return p::make_OPERATOR_DETECT_SQLI(yytext, *driver.loc.back()); }
+["]{OPERATOR_DETECT_XSS}[\t ]*["]                                       { BEGIN(INITIAL); return p::make_OPERATOR_DETECT_XSS(yytext, *driver.loc.back()); }
+["]{OPERATOR_VALIDATE_URL_ENCODING}[\t ]*["]                            { BEGIN(INITIAL); return p::make_OPERATOR_VALIDATE_URL_ENCODING(yytext, *driver.loc.back()); }
+["]{OPERATOR_VALIDATE_UTF8_ENCODING}[\t ]*["]                           { BEGIN(INITIAL); return p::make_OPERATOR_VALIDATE_UTF8_ENCODING(yytext, *driver.loc.back()); }
 ["]{OPERATOR_GEOIP}[\t ]*["]                                            { BEGIN(INITIAL); return p::make_OPERATOR_GEOIP(yytext, *driver.loc.back()); }
 {SOMETHING}                                                             { BEGIN(INITIAL); return p::make_FREE_TEXT(yytext, *driver.loc.back()); }
 }