github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support to MATCHED_VAR variable

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-07-21 11:31:47 -03:00
parent 4f20f5bf74
commit 9d69501961
4 changed files with 107 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
headers/modsecurity/assay.h
View File

@ -169,6 +169,7 @@ class Assay {
std::string* resolve_variable_first(std::string); std::string* resolve_variable_first(std::string);
void store_variable(std::string, const std::string &value); void store_variable(std::string, const std::string &value);
bool update_variable_first(std::string var, const std::string &value);
ModSecurityStringVariables m_variables_strings; ModSecurityStringVariables m_variables_strings;

11
src/assay.cc
View File

@ -1128,6 +1128,17 @@ void Assay::store_variable(std::string key, const std::string &value) {
this->m_variables_strings.emplace(key, value); this->m_variables_strings.emplace(key, value);
} }
bool Assay::update_variable_first(std::string var, const std::string &value) {
auto range = m_variables_strings.equal_range(var);
for (auto it = range.first; it != range.second; ++it) {
it->second = value;
return true;
}
return false;
}
std::list<std::pair<std::string, std::string>> std::list<std::pair<std::string, std::string>>
Assay::resolve_variable(std::string var) { Assay::resolve_variable(std::string var) {

6
src/rule.cc
View File

@ -115,7 +115,13 @@ bool Rule::evaluate(Assay *assay) {
} }
if (this->chained && this->chainedRule != NULL) { if (this->chained && this->chainedRule != NULL) {
assay->debug(4, "Executing chained rule.");
if (assay->update_variable_first("MATCHED_VAR",
value) == false) {
assay->store_variable("MATCHED_VAR", value);
}
this->chainedRule->evaluate(assay); this->chainedRule->evaluate(assay);
assay->update_variable_first("MATCHED_VAR", "");
} }
} else { } else {
assay->debug(4, "Rule returned 0."); assay->debug(4, "Rule returned 0.");

89
test/test-cases/regression/variable-MATCHED_VAR.json Normal file
View File

@ -0,0 +1,89 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: MATCHED_VAR (1/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule ARGS:key \"@contains other_value\" \"chain,id:28\"",
"SecRule MATCHED_VAR \"@eq asdf\" \"pass\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: MATCHED_VAR (2/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"\" \\(Variable: MATCHED_VAR\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule ARGS:key \"@contains other_value\" \"chain,id:28\"",
"SecRule MATCHED_VAR \"@eq Aasdf\" \"pass\"",
"SecRule MATCHED_VAR \"@contains other_value\" \"id:29,pass\"",
"SecRule MATCHED_VAR \"@contains other_value\" \"id:30,pass\""
]
}
]