mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-30 03:34:29 +03:00
Refactor regex code
This commit fixes quite a few odd things in regex code: * Lack of encapsulation. * Non-method functions for matching without retrieving all groups. * Regex class being copyable without proper copy-constructor (potential UAF and double free due to pointer members m_pc and m_pce). * Redundant SMatch::m_length, which always equals to match.size() anyway. * Weird SMatch::size_ member which is initialized only by one of the three matching functions, and equals to the return value of that function anyways. * Several places in code having std::string value instead of reference.
This commit is contained in:
@@ -62,8 +62,7 @@ void json2bin(std::string *str) {
|
||||
modsecurity::Utils::Regex re2("\\\\u([a-z0-9A-Z]{4})");
|
||||
modsecurity::Utils::SMatch match;
|
||||
|
||||
while (modsecurity::Utils::regex_search(*str, &match, re)
|
||||
&& match.size() > 0) {
|
||||
while (modsecurity::Utils::regex_search(*str, &match, re)) {
|
||||
unsigned int p;
|
||||
std::string toBeReplaced = match.str();
|
||||
toBeReplaced.erase(0, 2);
|
||||
@@ -71,8 +70,7 @@ void json2bin(std::string *str) {
|
||||
replaceAll(str, match.str(), p);
|
||||
}
|
||||
|
||||
while (modsecurity::Utils::regex_search(*str, &match, re2)
|
||||
&& match.size() > 0) {
|
||||
while (modsecurity::Utils::regex_search(*str, &match, re2)) {
|
||||
unsigned int p;
|
||||
std::string toBeReplaced = match.str();
|
||||
toBeReplaced.erase(0, 2);
|
||||
|
Reference in New Issue
Block a user