From a0bea7356d353b65dd474d08469e5aba8f50dce1 Mon Sep 17 00:00:00 2001 From: Minasu Date: Wed, 20 Dec 2017 15:02:35 +0100 Subject: [PATCH] Correction remove_by_tag and remove_by_msg --- src/rules.cc | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/src/rules.cc b/src/rules.cc index 66ae57f7..31f33a55 100644 --- a/src/rules.cc +++ b/src/rules.cc @@ -152,6 +152,8 @@ std::string Rules::getParserError() { int Rules::evaluate(int phase, Transaction *transaction) { + bool remove_rule; + if (phase > modsecurity::Phases::NUMBER_OF_PHASES) { return 0; } @@ -178,6 +180,7 @@ int Rules::evaluate(int phase, Transaction *transaction) { } for (int i = 0; i < rules.size(); i++) { + remove_rule = false; Rule *rule = rules[i]; if (transaction->m_marker.empty() == false) { debug(9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \ @@ -209,9 +212,13 @@ int Rules::evaluate(int phase, Transaction *transaction) { debug(9, "Skipped rule id '" \ + std::to_string(rule->m_ruleId) \ + "'. Removed by a SecRuleRemoveByMsg directive."); - return 1; + remove_rule = true; + break; } } + if(remove_rule) { + continue; + } } if (m_exceptions.m_remove_rule_by_tag.empty() == false) { @@ -220,9 +227,13 @@ int Rules::evaluate(int phase, Transaction *transaction) { debug(9, "Skipped rule id '" \ + std::to_string(rule->m_ruleId) \ + "'. Removed by a SecRuleRemoveByTag directive."); - return 1; + remove_rule = true; + break; } } + if(remove_rule) { + continue; + } } rule->evaluate(transaction, NULL);