mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 19:24:29 +03:00
Renames class Assay to Transaction
This commit is contained in:
Felipe Zimmerle
@@ -24,10 +24,10 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
|
||||
bool BeginsWith::evaluate(Assay *assay, const std::string &str) {
|
||||
bool BeginsWith::evaluate(Transaction *transaction, const std::string &str) {
|
||||
bool ret = false;
|
||||
|
||||
std::string p = MacroExpansion::expand(param, assay);
|
||||
std::string p = MacroExpansion::expand(param, transaction);
|
||||
|
||||
if (str.size() < p.size()) {
|
||||
ret = false;
|
||||
|
||||
@@ -30,7 +30,7 @@ class BeginsWith : public Operator {
|
||||
BeginsWith(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -22,8 +22,8 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool Contains::evaluate(Assay *assay, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, assay);
|
||||
bool Contains::evaluate(Transaction *transaction, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, transaction);
|
||||
bool contains = input.find(p) != std::string::npos;
|
||||
|
||||
if (contains) {
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
#include <string>
|
||||
#include <list>
|
||||
|
||||
#include "modsecurity/assay.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "operators/operator.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
@@ -31,7 +31,7 @@ class Contains : public Operator {
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
Contains(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
bool evaluate(Assay *assay, const std::string &exp) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &exp) override;
|
||||
|
||||
std::list<std::string> matched;
|
||||
};
|
||||
|
||||
@@ -36,9 +36,9 @@ bool ContainsWord::acceptableChar(const std::string& a, size_t pos) {
|
||||
return true;
|
||||
}
|
||||
|
||||
bool ContainsWord::evaluate(Assay *assay,
|
||||
bool ContainsWord::evaluate(Transaction *transaction,
|
||||
const std::string& input) {
|
||||
std::string paramTarget = MacroExpansion::expand(param, assay);
|
||||
std::string paramTarget = MacroExpansion::expand(param, transaction);
|
||||
|
||||
if (paramTarget.empty()) {
|
||||
return true;
|
||||
|
||||
@@ -30,7 +30,7 @@ class ContainsWord : public Operator {
|
||||
ContainsWord(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &str);
|
||||
bool evaluate(Transaction *transaction, const std::string &str);
|
||||
|
||||
bool acceptableChar(const std::string& a, size_t pos);
|
||||
};
|
||||
|
||||
@@ -25,7 +25,7 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
|
||||
bool DetectSQLi::evaluate(Assay *assay, const std::string &input) {
|
||||
bool DetectSQLi::evaluate(Transaction *transaction, const std::string &input) {
|
||||
char fingerprint[8];
|
||||
int issqli;
|
||||
|
||||
@@ -33,18 +33,18 @@ bool DetectSQLi::evaluate(Assay *assay, const std::string &input) {
|
||||
|
||||
if (issqli) {
|
||||
matched.push_back(fingerprint);
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(4, "detected SQLi using libinjection with " \
|
||||
transaction->debug(4, "detected SQLi using libinjection with " \
|
||||
"fingerprint '" + std::string(fingerprint) + "' at: '" +
|
||||
input + "'");
|
||||
#endif
|
||||
}
|
||||
} else {
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(9, "detected SQLi: not able to find an inject on '" +
|
||||
input + "'");
|
||||
transaction->debug(9, "detected SQLi: not able to find an " \
|
||||
"inject on '" + input + "'");
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
@@ -30,7 +30,7 @@ class DetectSQLi : public Operator {
|
||||
DetectSQLi(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input);
|
||||
bool evaluate(Transaction *transaction, const std::string &input);
|
||||
|
||||
std::list<std::string> matched;
|
||||
};
|
||||
|
||||
@@ -25,17 +25,17 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
|
||||
bool DetectXSS::evaluate(Assay *assay, const std::string &input) {
|
||||
bool DetectXSS::evaluate(Transaction *transaction, const std::string &input) {
|
||||
int is_xss;
|
||||
|
||||
is_xss = libinjection_xss(input.c_str(), input.length());
|
||||
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
if (is_xss) {
|
||||
assay->debug(5, "detected XSS using libinjection.");
|
||||
transaction->debug(5, "detected XSS using libinjection.");
|
||||
} else {
|
||||
assay->debug(9, "libinjection was not able to " \
|
||||
transaction->debug(9, "libinjection was not able to " \
|
||||
"find any XSS in: " + input);
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -29,7 +29,7 @@ class DetectXSS : public Operator {
|
||||
DetectXSS(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input);
|
||||
bool evaluate(Transaction *transaction, const std::string &input);
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -24,9 +24,9 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
|
||||
bool EndsWith::evaluate(Assay *assay, const std::string &input) {
|
||||
bool EndsWith::evaluate(Transaction *transaction, const std::string &input) {
|
||||
bool ret = false;
|
||||
std::string p = MacroExpansion::expand(param, assay);
|
||||
std::string p = MacroExpansion::expand(param, transaction);
|
||||
|
||||
if (input.length() >= p.length()) {
|
||||
ret = (0 == input.compare(input.length() - p.length(),
|
||||
|
||||
@@ -30,7 +30,7 @@ class EndsWith : public Operator {
|
||||
EndsWith(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@@ -24,11 +24,11 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
|
||||
bool Eq::evaluate(Assay *assay, const std::string &input) {
|
||||
bool Eq::evaluate(Transaction *transaction, const std::string &input) {
|
||||
int p = 0;
|
||||
int i = 0;
|
||||
bool eq = false;
|
||||
std::string pt = MacroExpansion::expand(param, assay);
|
||||
std::string pt = MacroExpansion::expand(param, transaction);
|
||||
|
||||
try {
|
||||
p = std::stoi(pt);
|
||||
|
||||
@@ -30,7 +30,7 @@ class Eq : public Operator {
|
||||
Eq(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -23,7 +23,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool FuzzyHash::evaluate(Assay *assay, const std::string &str) {
|
||||
bool FuzzyHash::evaluate(Transaction *transaction, const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator FuzzyHash.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#fuzzyhash
|
||||
|
||||
@@ -28,7 +28,7 @@ class FuzzyHash : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
FuzzyHash(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &std) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &std) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -23,9 +23,9 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool Ge::evaluate(Assay *assay, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, assay);
|
||||
std::string i = MacroExpansion::expand(input, assay);
|
||||
bool Ge::evaluate(Transaction *transaction, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, transaction);
|
||||
std::string i = MacroExpansion::expand(input, transaction);
|
||||
|
||||
bool ge = atoll(i.c_str()) >= atoll(p.c_str());
|
||||
|
||||
|
||||
@@ -30,7 +30,7 @@ class Ge : public Operator {
|
||||
Ge(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -30,7 +30,7 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
|
||||
bool GeoLookup::evaluate(Assay *assay, const std::string &exp) {
|
||||
bool GeoLookup::evaluate(Transaction *trans, const std::string &exp) {
|
||||
using std::placeholders::_1;
|
||||
using std::placeholders::_2;
|
||||
bool ret = true;
|
||||
@@ -38,51 +38,51 @@ bool GeoLookup::evaluate(Assay *assay, const std::string &exp) {
|
||||
#ifdef WITH_GEOIP
|
||||
GeoIPRecord *gir;
|
||||
|
||||
if (assay) {
|
||||
if (trans) {
|
||||
ret = Utils::GeoLookup::getInstance().lookup(exp, &gir,
|
||||
std::bind(&GeoLookup::debug, this, assay, _1, _2));
|
||||
std::bind(&GeoLookup::debug, this, trans, _1, _2));
|
||||
} else {
|
||||
ret = Utils::GeoLookup::getInstance().lookup(exp, &gir,
|
||||
nullptr);
|
||||
}
|
||||
if (ret && gir) {
|
||||
if (gir->country_code) {
|
||||
assay->m_collections.store("GEO:COUNTRY_CODE", gir->country_code);
|
||||
trans->m_collections.store("GEO:COUNTRY_CODE", gir->country_code);
|
||||
}
|
||||
if (gir->country_code3) {
|
||||
assay->m_collections.store("GEO:COUNTRY_CODE3", gir->country_code3);
|
||||
trans->m_collections.store("GEO:COUNTRY_CODE3", gir->country_code3);
|
||||
}
|
||||
if (gir->country_name) {
|
||||
assay->m_collections.store("GEO:COUNTRY_NAME", gir->country_name);
|
||||
trans->m_collections.store("GEO:COUNTRY_NAME", gir->country_name);
|
||||
}
|
||||
if (gir->continent_code) {
|
||||
assay->m_collections.store("GEO:COUNTRY_CONTINENT",
|
||||
trans->m_collections.store("GEO:COUNTRY_CONTINENT",
|
||||
gir->continent_code);
|
||||
}
|
||||
if (gir->country_code && gir->region) {
|
||||
assay->m_collections.store("GEO:REGION",
|
||||
trans->m_collections.store("GEO:REGION",
|
||||
GeoIP_region_name_by_code(gir->country_code, gir->region));
|
||||
}
|
||||
if (gir->city) {
|
||||
assay->m_collections.store("GEO:CITY", gir->city);
|
||||
trans->m_collections.store("GEO:CITY", gir->city);
|
||||
}
|
||||
if (gir->postal_code) {
|
||||
assay->m_collections.store("GEO:POSTAL_CODE", gir->postal_code);
|
||||
trans->m_collections.store("GEO:POSTAL_CODE", gir->postal_code);
|
||||
}
|
||||
if (gir->latitude) {
|
||||
assay->m_collections.store("GEO:LATITUDE",
|
||||
trans->m_collections.store("GEO:LATITUDE",
|
||||
std::to_string(gir->latitude));
|
||||
}
|
||||
if (gir->longitude) {
|
||||
assay->m_collections.store("GEO:LONGITUDE",
|
||||
trans->m_collections.store("GEO:LONGITUDE",
|
||||
std::to_string(gir->longitude));
|
||||
}
|
||||
if (gir->metro_code) {
|
||||
assay->m_collections.store("GEO:DMA_CODE",
|
||||
trans->m_collections.store("GEO:DMA_CODE",
|
||||
std::to_string(gir->metro_code));
|
||||
}
|
||||
if (gir->area_code) {
|
||||
assay->m_collections.store("GEO:AREA_CODE",
|
||||
trans->m_collections.store("GEO:AREA_CODE",
|
||||
std::to_string(gir->area_code));
|
||||
}
|
||||
|
||||
|
||||
@@ -28,7 +28,7 @@ class GeoLookup : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
GeoLookup(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &exp) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &exp) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool GsbLookup::evaluate(Assay *assay, const std::string &str) {
|
||||
bool GsbLookup::evaluate(Transaction *transaction, const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator GeoLookup.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#gsblookup
|
||||
|
||||
@@ -28,7 +28,7 @@ class GsbLookup : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
GsbLookup(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &str);
|
||||
bool evaluate(Transaction *transaction, const std::string &str);
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -23,8 +23,8 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool Gt::evaluate(Assay *assay, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, assay);
|
||||
bool Gt::evaluate(Transaction *transaction, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, transaction);
|
||||
|
||||
bool gt = atoll(input.c_str()) > atoll(p.c_str());
|
||||
|
||||
|
||||
@@ -30,7 +30,7 @@ class Gt : public Operator {
|
||||
Gt(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool InspectFile::evaluate(Assay *assay, const std::string &str) {
|
||||
bool InspectFile::evaluate(Transaction *transaction, const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator InspectFile.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#inspectfile
|
||||
|
||||
@@ -28,7 +28,7 @@ class InspectFile : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
InspectFile(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -37,7 +37,7 @@ bool IpMatch::init(const std::string &file, const char **error) {
|
||||
}
|
||||
|
||||
|
||||
bool IpMatch::evaluate(Assay *assay, const std::string &input) {
|
||||
bool IpMatch::evaluate(Transaction *transaction, const std::string &input) {
|
||||
return m_tree.contains(input);
|
||||
}
|
||||
|
||||
|
||||
@@ -31,7 +31,7 @@ class IpMatch : public Operator {
|
||||
IpMatch(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
|
||||
bool init(const std::string &file, const char **error) override;
|
||||
|
||||
|
||||
@@ -23,8 +23,8 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool Le::evaluate(Assay *assay, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, assay);
|
||||
bool Le::evaluate(Transaction *transaction, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, transaction);
|
||||
|
||||
bool le = atoll(input.c_str()) <= atoll(p.c_str());
|
||||
|
||||
|
||||
@@ -30,7 +30,7 @@ class Le : public Operator {
|
||||
Le(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@@ -23,8 +23,8 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool Lt::evaluate(Assay *assay, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, assay);
|
||||
bool Lt::evaluate(Transaction *transaction, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, transaction);
|
||||
|
||||
bool lt = atoll(input.c_str()) < atoll(p.c_str());
|
||||
|
||||
|
||||
@@ -30,7 +30,7 @@ class Lt : public Operator {
|
||||
Lt(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool NoMatch::evaluate(Assay *assay, const std::string &str) {
|
||||
bool NoMatch::evaluate(Transaction *transaction, const std::string &str) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/assay.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "operators/operator.h"
|
||||
|
||||
|
||||
@@ -32,7 +32,7 @@ class NoMatch : public Operator {
|
||||
NoMatch(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/assay.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#include "operators/begins_with.h"
|
||||
#include "operators/contains.h"
|
||||
@@ -66,18 +66,18 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
|
||||
bool Operator::debug(Assay *assay, int x, std::string a) {
|
||||
bool Operator::debug(Transaction *transaction, int x, std::string a) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(x, a);
|
||||
transaction->debug(x, a);
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
bool Operator::evaluate(Assay *assay, const std::string& a) {
|
||||
bool Operator::evaluate(Transaction *transaction, const std::string& a) {
|
||||
#ifndef NO_LOGS
|
||||
if (assay) {
|
||||
assay->debug(2, "Operator: " + this->op + \
|
||||
if (transaction) {
|
||||
transaction->debug(2, "Operator: " + this->op + \
|
||||
" is not implemented or malfunctioning.");
|
||||
} else {
|
||||
std::cerr << "Operator: " + this->op + \
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
#ifndef SRC_OPERATORS_OPERATOR_H__
|
||||
#define SRC_OPERATORS_OPERATOR_H__
|
||||
|
||||
#include "modsecurity/assay.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
namespace modsecurity {
|
||||
@@ -44,10 +44,10 @@ class Operator {
|
||||
return true;
|
||||
}
|
||||
|
||||
virtual bool evaluate(Assay *assay, const std::string &str);
|
||||
virtual bool evaluate(Transaction *transaction, const std::string &str);
|
||||
static Operator *instantiate(std::string op);
|
||||
protected:
|
||||
bool debug(Assay *assay, int x, std::string a);
|
||||
bool debug(Transaction *transaction, int x, std::string a);
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -69,7 +69,7 @@ void Pm::replaceAll(std::string str, const std::string& from,
|
||||
}
|
||||
}
|
||||
|
||||
bool Pm::evaluate(Assay *assay, const std::string &input) {
|
||||
bool Pm::evaluate(Transaction *transaction, const std::string &input) {
|
||||
int rc = 0;
|
||||
ACMPT pt;
|
||||
pt.parser = m_p;
|
||||
|
||||
@@ -37,7 +37,7 @@ class Pm : public Operator {
|
||||
~Pm();
|
||||
void replaceAll(std::string str, const std::string& from,
|
||||
const std::string& to);
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
|
||||
bool init(const std::string &file, const char **error) override;
|
||||
void postOrderTraversal(acmp_btree_node_t *node);
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool Rbl::evaluate(Assay *assay, const std::string &str) {
|
||||
bool Rbl::evaluate(Transaction *transaction, const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator Rbl.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#rbl
|
||||
|
||||
@@ -29,7 +29,7 @@ class Rbl : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
Rbl(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool Rsub::evaluate(Assay *assay, const std::string &str) {
|
||||
bool Rsub::evaluate(Transaction *transaction, const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator Rsub.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#rsub
|
||||
|
||||
@@ -28,7 +28,7 @@ class Rsub : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
Rsub(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
} // namespace operators
|
||||
} // namespace modsecurity
|
||||
|
||||
@@ -26,7 +26,7 @@ namespace operators {
|
||||
|
||||
|
||||
|
||||
bool Rx::evaluate(Assay *assay, const std::string& input) {
|
||||
bool Rx::evaluate(Transaction *transaction, const std::string& input) {
|
||||
SMatch match;
|
||||
|
||||
if (regex_search(input, &match, *m_re) && match.size() >= 1) {
|
||||
|
||||
@@ -40,7 +40,7 @@ class Rx : public Operator {
|
||||
m_re = new Regex(param);
|
||||
}
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input);
|
||||
bool evaluate(Transaction *transaction, const std::string &input);
|
||||
|
||||
std::list<std::string> matched;
|
||||
private:
|
||||
|
||||
@@ -21,8 +21,8 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool StrEq::evaluate(Assay *assay, const std::string &str) {
|
||||
std::string p = MacroExpansion::expand(param, assay);
|
||||
bool StrEq::evaluate(Transaction *transaction, const std::string &str) {
|
||||
std::string p = MacroExpansion::expand(param, transaction);
|
||||
bool eq = !p.compare(str);
|
||||
|
||||
if (negation) {
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "modsecurity/assay.h"
|
||||
#include "modsecurity/transaction.h"
|
||||
#include "operators/operator.h"
|
||||
|
||||
|
||||
@@ -33,7 +33,7 @@ class StrEq : public Operator {
|
||||
StrEq(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -24,8 +24,8 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
|
||||
bool StrMatch::evaluate(Assay *assay, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, assay);
|
||||
bool StrMatch::evaluate(Transaction *transaction, const std::string &input) {
|
||||
std::string p = MacroExpansion::expand(param, transaction);
|
||||
bool ret = input.find(p) != std::string::npos;
|
||||
|
||||
if (negation) {
|
||||
|
||||
@@ -30,7 +30,7 @@ class StrMatch : public Operator {
|
||||
StrMatch(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -106,7 +106,8 @@ bool ValidateByteRange::init(const std::string &file,
|
||||
}
|
||||
|
||||
|
||||
bool ValidateByteRange::evaluate(Assay *assay, const std::string &input) {
|
||||
bool ValidateByteRange::evaluate(Transaction *transaction,
|
||||
const std::string &input) {
|
||||
bool ret = true;
|
||||
|
||||
size_t count = 0;
|
||||
|
||||
@@ -36,7 +36,7 @@ class ValidateByteRange : public Operator {
|
||||
|
||||
~ValidateByteRange() override { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
bool getRange(const std::string &rangeRepresentation, const char **error);
|
||||
bool init(const std::string& file, const char **error) override;
|
||||
private:
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool ValidateDTD::evaluate(Assay *assay, const std::string &str) {
|
||||
bool ValidateDTD::evaluate(Transaction *transaction, const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator ValidateDTD.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#validateDTD
|
||||
|
||||
@@ -28,7 +28,7 @@ class ValidateDTD : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
ValidateDTD(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool ValidateHash::evaluate(Assay *assay, const std::string &str) {
|
||||
bool ValidateHash::evaluate(Transaction *transaction, const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator ValidateHash.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#validateHash
|
||||
|
||||
@@ -28,7 +28,7 @@ class ValidateHash : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
ValidateHash(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -22,7 +22,8 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool ValidateSchema::evaluate(Assay *assay, const std::string &str) {
|
||||
bool ValidateSchema::evaluate(Transaction *transaction,
|
||||
const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator ValidateSchema.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#validateSchema
|
||||
@@ -31,7 +32,8 @@ bool ValidateSchema::evaluate(Assay *assay, const std::string &str) {
|
||||
}
|
||||
|
||||
|
||||
ValidateSchema::ValidateSchema(std::string op, std::string param, bool negation)
|
||||
ValidateSchema::ValidateSchema(std::string op, std::string param,
|
||||
bool negation)
|
||||
: Operator() {
|
||||
this->op = op;
|
||||
this->param = param;
|
||||
|
||||
@@ -28,7 +28,7 @@ class ValidateSchema : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
ValidateSchema(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -65,7 +65,8 @@ int ValidateUrlEncoding::validate_url_encoding(const char *input,
|
||||
}
|
||||
|
||||
|
||||
bool ValidateUrlEncoding::evaluate(Assay *assay, const std::string &input) {
|
||||
bool ValidateUrlEncoding::evaluate(Transaction *transaction,
|
||||
const std::string &input) {
|
||||
bool res = false;
|
||||
|
||||
if (input.empty() == true) {
|
||||
@@ -76,37 +77,38 @@ bool ValidateUrlEncoding::evaluate(Assay *assay, const std::string &input) {
|
||||
switch (rc) {
|
||||
case 1 :
|
||||
/* Encoding is valid */
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(7, "Valid URL Encoding at '" +input + "'");
|
||||
transaction->debug(7, "Valid URL Encoding at '" +input + "'");
|
||||
#endif
|
||||
}
|
||||
res = false;
|
||||
break;
|
||||
case -2 :
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(7, "Invalid URL Encoding: Non-hexadecimal "
|
||||
transaction->debug(7, "Invalid URL Encoding: Non-hexadecimal "
|
||||
"digits used at '" + input + "'");
|
||||
#endif
|
||||
}
|
||||
res = true; /* Invalid match. */
|
||||
break;
|
||||
case -3 :
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(7, "Invalid URL Encoding: Not enough characters "
|
||||
"at the end of input at '" + input + "'");
|
||||
transaction->debug(7, "Invalid URL Encoding: Not enough " \
|
||||
"characters at the end of input at '" + input + "'");
|
||||
#endif
|
||||
}
|
||||
res = true; /* Invalid match. */
|
||||
break;
|
||||
case -1 :
|
||||
default :
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(7, "Invalid URL Encoding: Internal Error (rc = " +
|
||||
std::to_string(rc) + ") at '" + input + "'");
|
||||
transaction->debug(7, "Invalid URL Encoding: Internal " \
|
||||
"Error (rc = " + std::to_string(rc) + ") at '" +
|
||||
input + "'");
|
||||
#endif
|
||||
}
|
||||
res = true;
|
||||
|
||||
@@ -30,7 +30,7 @@ class ValidateUrlEncoding : public Operator {
|
||||
ValidateUrlEncoding(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
int validate_url_encoding(const char *input, uint64_t input_length);
|
||||
};
|
||||
|
||||
|
||||
@@ -113,7 +113,8 @@ int ValidateUtf8Encoding::detect_utf8_character(
|
||||
return unicode_len;
|
||||
}
|
||||
|
||||
bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) {
|
||||
bool ValidateUtf8Encoding::evaluate(Transaction *transaction,
|
||||
const std::string &str) {
|
||||
unsigned int i, bytes_left;
|
||||
|
||||
const char *str_c = str.c_str();
|
||||
@@ -124,9 +125,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) {
|
||||
|
||||
switch (rc) {
|
||||
case UNICODE_ERROR_CHARACTERS_MISSING :
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(8, "Invalid UTF-8 encoding: "
|
||||
transaction->debug(8, "Invalid UTF-8 encoding: "
|
||||
"not enough bytes in character "
|
||||
"at " + str + ". [offset \"" +
|
||||
std::to_string(i) + "\"]");
|
||||
@@ -135,9 +136,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) {
|
||||
return true;
|
||||
break;
|
||||
case UNICODE_ERROR_INVALID_ENCODING :
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(8, "Invalid UTF-8 encoding: "
|
||||
transaction->debug(8, "Invalid UTF-8 encoding: "
|
||||
"invalid byte value in character "
|
||||
"at " + str + ". [offset \"" +
|
||||
std::to_string(i) + "\"]");
|
||||
@@ -146,9 +147,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) {
|
||||
return true;
|
||||
break;
|
||||
case UNICODE_ERROR_OVERLONG_CHARACTER :
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(8, "Invalid UTF-8 encoding: "
|
||||
transaction->debug(8, "Invalid UTF-8 encoding: "
|
||||
"overlong character detected "
|
||||
"at " + str + ". [offset \"" +
|
||||
std::to_string(i) + "\"]");
|
||||
@@ -157,9 +158,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) {
|
||||
return true;
|
||||
break;
|
||||
case UNICODE_ERROR_RESTRICTED_CHARACTER :
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(8, "Invalid UTF-8 encoding: "
|
||||
transaction->debug(8, "Invalid UTF-8 encoding: "
|
||||
"use of restricted character "
|
||||
"at " + str + ". [offset \"" +
|
||||
std::to_string(i) + "\"]");
|
||||
@@ -168,9 +169,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) {
|
||||
return true;
|
||||
break;
|
||||
case UNICODE_ERROR_DECODING_ERROR :
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(8, "Error validating UTF-8 decoding "
|
||||
transaction->debug(8, "Error validating UTF-8 decoding "
|
||||
"at " + str + ". [offset \"" +
|
||||
std::to_string(i) + "\"]");
|
||||
#endif
|
||||
@@ -180,9 +181,9 @@ bool ValidateUtf8Encoding::evaluate(Assay *assay, const std::string &str) {
|
||||
}
|
||||
|
||||
if (rc <= 0) {
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(8, "Internal error during UTF-8 validation "
|
||||
transaction->debug(8, "Internal error during UTF-8 validation "
|
||||
"at " + str + ". [offset \"" +
|
||||
std::to_string(i) + "\"]");
|
||||
#endif
|
||||
|
||||
@@ -37,7 +37,7 @@ class ValidateUtf8Encoding : public Operator {
|
||||
ValidateUtf8Encoding(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
|
||||
int detect_utf8_character(const unsigned char *p_read,
|
||||
unsigned int length);
|
||||
|
||||
@@ -86,7 +86,7 @@ bool VerifyCC::init(const std::string ¶m2, const char **error) {
|
||||
}
|
||||
|
||||
|
||||
bool VerifyCC::evaluate(Assay *assay, const std::string &i) {
|
||||
bool VerifyCC::evaluate(Transaction *transaction, const std::string &i) {
|
||||
int offset = 0;
|
||||
bool is_cc = false;
|
||||
int target_length = i.length();
|
||||
@@ -110,9 +110,9 @@ bool VerifyCC::evaluate(Assay *assay, const std::string &i) {
|
||||
match = std::string(i, ovector[0], ovector[1] - ovector[0]);
|
||||
is_cc = luhnVerify(match.c_str(), match.size());
|
||||
if (is_cc) {
|
||||
if (assay) {
|
||||
if (transaction) {
|
||||
#ifndef NO_LOGS
|
||||
assay->debug(9, "CC# match \"" + param +
|
||||
transaction->debug(9, "CC# match \"" + param +
|
||||
"\" at " + i + ". [offset " +
|
||||
std::to_string(offset) + "]");
|
||||
#endif
|
||||
|
||||
@@ -33,7 +33,7 @@ class VerifyCC : public Operator {
|
||||
m_pce(NULL) { }
|
||||
|
||||
int luhnVerify(const char *ccnumber, int len);
|
||||
bool evaluate(Assay *assay, const std::string &input) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &input) override;
|
||||
bool init(const std::string ¶m, const char **error) override;
|
||||
private:
|
||||
pcre *m_pc;
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool VerifyCPF::evaluate(Assay *assay, const std::string &str) {
|
||||
bool VerifyCPF::evaluate(Transaction *transaction, const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator VerifyCPF.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#verifyCPF
|
||||
|
||||
@@ -28,7 +28,7 @@ class VerifyCPF : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
VerifyCPF(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
bool VerifySSN::evaluate(Assay *assay, const std::string &str) {
|
||||
bool VerifySSN::evaluate(Transaction *transaction, const std::string &str) {
|
||||
/**
|
||||
* @todo Implement the operator VerifySSN.
|
||||
* Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#verifySSN
|
||||
|
||||
@@ -29,7 +29,7 @@ class VerifySSN : public Operator {
|
||||
public:
|
||||
/** @ingroup ModSecurity_Operator */
|
||||
VerifySSN(std::string o, std::string p, bool i);
|
||||
bool evaluate(Assay *assay, const std::string &str) override;
|
||||
bool evaluate(Transaction *transaction, const std::string &str) override;
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
@@ -24,9 +24,9 @@ namespace modsecurity {
|
||||
namespace operators {
|
||||
|
||||
|
||||
bool Within::evaluate(Assay *assay, const std::string &str) {
|
||||
bool Within::evaluate(Transaction *transaction, const std::string &str) {
|
||||
bool res = false;
|
||||
std::string paramTarget = MacroExpansion::expand(param, assay);
|
||||
std::string paramTarget = MacroExpansion::expand(param, transaction);
|
||||
|
||||
if (str.empty()) {
|
||||
return true;
|
||||
|
||||
@@ -30,7 +30,7 @@ class Within : public Operator {
|
||||
Within(std::string op, std::string param, bool negation)
|
||||
: Operator(op, param, negation) { }
|
||||
|
||||
bool evaluate(Assay *assay, const std::string &str);
|
||||
bool evaluate(Transaction *transaction, const std::string &str);
|
||||
};
|
||||
|
||||
} // namespace operators
|
||||
|
||||
Reference in New Issue
Block a user