Fix: lmdb regex match on non-null-terminated string

2025-09-29 19:24:29 +03:00 · 2023-09-18 08:27:41 -07:00
parent 375519d5f2
commit af45ccd53f
3 changed files with 17 additions and 14 deletions
--- a/test/test-cases/regression/collection-regular_expression_selection.json
+++ b/test/test-cases/regression/collection-regular_expression_selection.json
@@ -25,7 +25,7 @@
        "Pragma":"no-cache",
        "Cache-Control":"no-cache"
      },
-      "uri":"\/test.pl?id_a=   test   &id_b=test2&nah=nops",
+      "uri":"\/test.pl?id_a=test&nah=nops",
      "method":"GET",
      "http_version":1.1,
      "body":""
@@ -48,12 +48,15 @@
    },
    "expected":{  
      "audit_log":"",
-      "debug_log":"T \\(0\\) t:lowercase: \"test2\"",
-      "error_log":""
+      "debug_log":"Saving variable: IP:nah with value: nops",
+      "error_log":"",
+      "http_code":200
    },
    "rules":[  
      "SecRuleEngine On",
-      "SecRule ARGS:/^id_/ \"@contains nops\" \"id:1,t:lowercase,block,status:404\""
+      "SecRule ARGS:/^id_/ \"@contains test\" \"id:1,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"",
+      "SecRule ARGS:/^id_/ \"@contains test\" \"id:2,phase:2,t:lowercase,setvar:IP.nah=nops\"",
+      "SecRule IP:/id_a$/ \"rx .\" \"id:3,phase:2,deny,status:403\""
    ]
  },
  {
@@ -82,7 +85,7 @@
        "Pragma":"no-cache",
        "Cache-Control":"no-cache"
      },
-      "uri":"\/test.pl?id_a=   test   &id_b=test2&nah=nops",
+      "uri":"\/test.pl?id_a=test&nah=nops",
      "method":"GET",
      "http_version":1.1,
      "body":""
@@ -105,15 +108,14 @@
    },
    "expected":{  
      "audit_log":"",
-      "debug_log":"Saving variable: IP:nah with value: nops",
-      "error_log":""
+      "debug_log":"Saving variable: IP:id_a with value: nops",
+      "http_code":403
    },
    "rules":[  
      "SecRuleEngine On",
-      "SecRule ARGS:/^id_/ \"@contains test\" \"id:1,t:lowercase,initcol:ip=%{REMOTE_ADDR},setvar:IP.id_a=test\"",
-      "SecRule ARGS:/^id_/ \"@contains test\" \"id:3,t:lowercase,setvar:IP.nah=nops\"",
-      "SecRule IP:/^id_/ \"@contains test\" \"id:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"",
-      "SecRule IP:/^id_/ \"@contains nops\" \"id:4,t:lowercase,block,status:404\""
+      "SecRule ARGS:/^id_/ \"@contains test\" \"id:11,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"",
+      "SecRule ARGS:/^id_/ \"@contains test\" \"id:12,phase:2,t:lowercase,setvar:IP.id_a=nops\"",
+      "SecRule IP:/id_a$/ \"@contains nops\" \"id:13,phase:2,deny,status:403\""
    ]
  }
 ]