github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Correction remove_by_tag and remove_by_msg

Browse Source
This commit is contained in:
Minasu 2017-12-20 15:02:35 +01:00 committed by Felipe Zimmerle
parent 5e8062cf72
commit a0bea7356d
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/rules.cc
View File

@ -152,6 +152,8 @@ std::string Rules::getParserError() {
int Rules::evaluate(int phase, Transaction *transaction) { int Rules::evaluate(int phase, Transaction *transaction) {
bool remove_rule;
if (phase > modsecurity::Phases::NUMBER_OF_PHASES) { if (phase > modsecurity::Phases::NUMBER_OF_PHASES) {
return 0; return 0;
} }
@ -178,6 +180,7 @@ int Rules::evaluate(int phase, Transaction *transaction) {
} }
for (int i = 0; i < rules.size(); i++) { for (int i = 0; i < rules.size(); i++) {
remove_rule = false;
Rule *rule = rules[i]; Rule *rule = rules[i];
if (transaction->m_marker.empty() == false) { if (transaction->m_marker.empty() == false) {
debug(9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \ debug(9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \
@ -209,9 +212,13 @@ int Rules::evaluate(int phase, Transaction *transaction) {
debug(9, "Skipped rule id '" \ debug(9, "Skipped rule id '" \
+ std::to_string(rule->m_ruleId) \ + std::to_string(rule->m_ruleId) \
+ "'. Removed by a SecRuleRemoveByMsg directive."); + "'. Removed by a SecRuleRemoveByMsg directive.");
return 1; remove_rule = true;
break;
} }
} }
if(remove_rule) {
continue;
}
} }
if (m_exceptions.m_remove_rule_by_tag.empty() == false) { if (m_exceptions.m_remove_rule_by_tag.empty() == false) {
@ -220,9 +227,13 @@ int Rules::evaluate(int phase, Transaction *transaction) {
debug(9, "Skipped rule id '" \ debug(9, "Skipped rule id '" \
+ std::to_string(rule->m_ruleId) \ + std::to_string(rule->m_ruleId) \
+ "'. Removed by a SecRuleRemoveByTag directive."); + "'. Removed by a SecRuleRemoveByTag directive.");
return 1; remove_rule = true;
break;
} }
} }
if(remove_rule) {
continue;
}
} }
rule->evaluate(transaction, NULL); rule->evaluate(transaction, NULL);