github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 03:34:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Improvements on gsblookup

Browse Source
This commit is contained in:
brenosilva
2011-04-26 02:57:24 +00:00
parent cf97731cc0
commit ab8c7e6f48
1 changed files with 158 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
apache2/re_operators.c
View File

@@ -981,6 +981,64 @@ static int msre_op_pm_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
/* gsbLookup */
/*
* \brief Reduce doble dot to single dot
*
* \param msr Pointer to the modsec resource
* \param domain Input data
*
* \retval domain On Failure
* \retval reduced On Success
*/
const char *gsb_reduce_char(modsec_rec *msr, const char *domain) {
char *ptr = apr_pstrdup(msr->mp, domain);
char *data = NULL;
char *reduced = NULL;
int skip = 0, len = 0;
if(ptr == NULL)
return domain;
data = apr_pcalloc(msr->mp, strlen(ptr));
if(data == NULL)
return domain;
reduced = data;
while(*ptr != '\0') {
switch(*ptr) {
case '.':
ptr++;
if(*ptr == '.')
skip = 1;
ptr--;
break;
}
if(skip == 0) {
*data = *ptr;
data++;
}
ptr++;
skip = 0;
}
*data = '\0'; --data;
if(*data == '.')
*data = '\0';
else
++data;
return reduced;
}
/*
* \brief Verify function to gsbLookup operator
*
@@ -1116,6 +1174,8 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
match = remove_escape(msr->mp, match, strlen(match));
match = gsb_reduce_char(msr, match);
match_length = strlen(match);
if((strstr(match,"http") == NULL) && (match_length > 0) && (strchr(match,'.'))) {
@@ -1187,6 +1247,10 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
if (canon != NULL) {
char *domain = NULL;
int domain_len = 0;
char *p = canon, *dot = NULL;
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "GSB: Canonicalize url #2: %s", canon);
}
@@ -1202,6 +1266,51 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
}
return 1;
}
while (*p != '\0') {
switch(*p) {
case '.':
domain++;
domain_len = strlen(domain);
if(domain_len < 2)
break;
if(*domain != '/') {
if(domain[domain_len-1] == '.')
domain[domain_len-1] = '\0';
if(domain[domain_len-1] == '/' && domain[domain_len-2] == '.') {
domain[domain_len-2] = '/';
domain[domain_len-1] = '\0';
}
dot = strchr(domain,'.');
if(dot != NULL) {
canon_length = strlen(domain);
ret = verify_gsb(gsb, msr, domain, canon_length);
if(ret > 0) {
set_match_to_tx(msr, capture, domain, 0);
if (! *error_msg) {
*error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.",
log_escape_nq(msr->mp, domain));
}
return 1;
}
}
}
break;
}
domain = p;
domain++;
p++;
}
}
}