github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-19 18:54:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds new method for rule merge

Browse Source 
IMPORTANT: SecDefaultAction specified on a child configuration will
overwrite the ones specified on the parent; Previously it was
concatenating.
This commit is contained in:
Felipe Zimmerle
2020-04-14 11:33:17 -03:00
parent 6c874721cf
commit b079faee97
121 changed files with 5250 additions and 5192 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/actions/accuracy.cc
View File

@@ -40,7 +40,6 @@ bool Accuracy::init(std::string *error) {
bool Accuracy::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->m_accuracy = m_accuracy;
return true;
}

1
src/actions/accuracy.h
View File

@@ -35,6 +35,7 @@ class Accuracy : public Action {
bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override;
int getAccuracy() const { return m_accuracy; }
private:
int m_accuracy;

7
src/actions/audit_log.cc
View File

@@ -28,11 +28,8 @@ namespace actions {
bool AuditLog::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
rm->m_noAuditLog = false;
ms_dbg_a(transaction, 9, "Saving transaction to logs");
rm->m_saveMessage = true;
RuleMessage &rm) {
transaction->messageSetNoAuditLog(false);
return true;
}

2
src/actions/audit_log.h
View File

@@ -36,7 +36,7 @@ class AuditLog : public Action {
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
};

10
src/actions/block.cc
View File

@@ -30,16 +30,8 @@ namespace actions {
bool Block::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
RuleMessage &rm) {
ms_dbg_a(transaction, 8, "Marking request as disruptive.");
for (auto &a : transaction->m_rules->m_rulesSetPhases[rule->getPhase()]->m_defaultActions) {
if (a->isDisruptive() == false) {
continue;
}
a->evaluate(rule, transaction, rm);
}
return true;
}

2
src/actions/block.h
View File

@@ -36,7 +36,7 @@ class Block : public Action {
explicit Block(const std::string &action) : Action(action) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
};

2
src/actions/chain.cc
View File

@@ -26,7 +26,7 @@ namespace actions {
bool Chain::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->setChained(true);
rule->setHasChainAction(true);
return true;
}

2
src/actions/data/status.cc
View File

@@ -39,7 +39,7 @@ bool Status::init(std::string *error) {
bool Status::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
RuleMessage &rm) {
transaction->m_it.status = m_status;
return true;
}

2
src/actions/data/status.h
View File

@@ -38,7 +38,7 @@ class Status : public Action {
bool init(std::string *error) override;
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
int m_status;
};

6
src/actions/disruptive/deny.cc
View File

@@ -29,7 +29,7 @@ namespace disruptive {
bool Deny::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
RuleMessage &rm) {
ms_dbg_a(transaction, 8, "Running action deny");
if (transaction->m_it.status == 200) {
@@ -38,9 +38,9 @@ bool Deny::evaluate(RuleWithActions *rule, Transaction *transaction,
transaction->m_it.disruptive = true;
intervention::freeLog(&transaction->m_it);
rm->m_isDisruptive = true;
rm.setRule(rule);
transaction->m_it.log = strdup(
rm->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
rm.log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
return true;
}

2
src/actions/disruptive/deny.h
View File

@@ -34,7 +34,7 @@ class Deny : public Action {
explicit Deny(const std::string &action) : Action(action) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
bool isDisruptive() override { return true; }
};

6
src/actions/disruptive/drop.cc
View File

@@ -33,7 +33,7 @@ namespace disruptive {
bool Drop::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
RuleMessage &rm) {
ms_dbg_a(transaction, 8, "Running action drop " \
"[executing deny instead of drop.]");
@@ -43,9 +43,9 @@ bool Drop::evaluate(RuleWithActions *rule, Transaction *transaction,
transaction->m_it.disruptive = true;
intervention::freeLog(&transaction->m_it);
rm->m_isDisruptive = true;
rm.setRule(rule);
transaction->m_it.log = strdup(
rm->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
rm.log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
return true;
}

2
src/actions/disruptive/drop.h
View File

@@ -33,7 +33,7 @@ class Drop : public Action {
explicit Drop(const std::string &action) : Action(action) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
bool isDisruptive() override { return true; }
};

2
src/actions/disruptive/pass.cc
View File

@@ -30,7 +30,7 @@ namespace disruptive {
bool Pass::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
RuleMessage &rm) {
intervention::free(&transaction->m_it);
intervention::reset(&transaction->m_it);

2
src/actions/disruptive/pass.h
View File

@@ -32,7 +32,7 @@ class Pass : public Action {
explicit Pass(const std::string &action) : Action(action) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
bool isDisruptive() override { return true; }
};

6
src/actions/disruptive/redirect.cc
View File

@@ -35,7 +35,7 @@ bool Redirect::init(std::string *error) {
bool Redirect::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
RuleMessage &rm) {
std::string m_urlExpanded(m_string->evaluate(transaction));
/* if it was changed before, lets keep it. */
if (transaction->m_it.status == 200
@@ -47,9 +47,9 @@ bool Redirect::evaluate(RuleWithActions *rule, Transaction *transaction,
transaction->m_it.url = strdup(m_urlExpanded.c_str());
transaction->m_it.disruptive = true;
intervention::freeLog(&transaction->m_it);
rm->m_isDisruptive = true;
rm.setRule(rule);
transaction->m_it.log = strdup(
rm->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
rm.log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
return true;
}

2
src/actions/disruptive/redirect.h
View File

@@ -47,7 +47,7 @@ class Redirect : public Action {
m_string(std::move(z)) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
bool init(std::string *error) override;
bool isDisruptive() override { return true; }

2
src/actions/init_col.h
View File

@@ -42,7 +42,7 @@ class InitCol : public Action {
bool init(std::string *error) override;
private:
std::string m_collection_key;
std::unique_ptr<RunTimeString> m_string;
std::shared_ptr<RunTimeString> m_string;
};

4
src/actions/log.cc
View File

@@ -29,9 +29,7 @@ namespace actions {
bool Log::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
ms_dbg_a(transaction, 9, "Saving transaction to logs");
rm->m_saveMessage = true;
RuleMessage &rm) {
return true;
}

2
src/actions/log.h
View File

@@ -34,7 +34,7 @@ class Log : public Action {
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
};
} // namespace actions

4
src/actions/log_data.cc
View File

@@ -30,8 +30,8 @@ namespace actions {
bool LogData::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
rm->m_data = data(transaction);
RuleMessage &rm) {
rm.m_data = data(transaction);
return true;
}

4
src/actions/log_data.h
View File

@@ -40,11 +40,11 @@ class LogData : public Action {
m_string(std::move(z)) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
std::string data(Transaction *Transaction);
std::unique_ptr<RunTimeString> m_string;
std::shared_ptr<RunTimeString> m_string;
};

1
src/actions/maturity.cc
View File

@@ -40,7 +40,6 @@ bool Maturity::init(std::string *error) {
bool Maturity::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->m_maturity = m_maturity;
return true;
}

1
src/actions/maturity.h
View File

@@ -35,6 +35,7 @@ class Maturity : public Action {
bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override;
int getMaturity() const { return m_maturity; }
private:
int m_maturity;

4
src/actions/msg.cc
View File

@@ -47,9 +47,9 @@ namespace actions {
bool Msg::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
RuleMessage &rm) {
std::string msg = data(transaction);
rm->m_message = msg;
rm.m_message = msg;
ms_dbg_a(transaction, 9, "Saving msg: " + msg);
return true;

4
src/actions/msg.h
View File

@@ -41,10 +41,10 @@ class Msg : public Action {
m_string(std::move(z)) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
std::string data(Transaction *Transaction);
std::unique_ptr<RunTimeString> m_string;
std::shared_ptr<RunTimeString> m_string;
};

6
src/actions/no_audit_log.cc
View File

@@ -27,10 +27,8 @@ namespace actions {
bool NoAuditLog::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
rm->m_noAuditLog = true;
rm->m_saveMessage = false;
RuleMessage &rm) {
transaction->messageSetNoAuditLog(true);
return true;
}

2
src/actions/no_audit_log.h
View File

@@ -36,7 +36,7 @@ class NoAuditLog : public Action {
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
};
} // namespace actions

3
src/actions/no_log.cc
View File

@@ -30,8 +30,7 @@ namespace actions {
bool NoLog::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
rm->m_saveMessage = false;
RuleMessage &rm) {
return true;
}

2
src/actions/no_log.h
View File

@@ -34,7 +34,7 @@ class NoLog : public Action {
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
};
} // namespace actions

1
src/actions/rev.cc
View File

@@ -34,7 +34,6 @@ bool Rev::init(std::string *error) {
bool Rev::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->m_rev = m_rev;
return true;
}

3
src/actions/rev.h
View File

@@ -33,9 +33,10 @@ class Rev : public Action {
bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
bool init(std::string *error) override;
std::string getRevision() const { return m_rev; }
private:
std::string m_rev;
std::string m_rev;
};

2
src/actions/set_env.h
View File

@@ -43,7 +43,7 @@ class SetENV : public Action {
bool init(std::string *error) override;
private:
std::unique_ptr<RunTimeString> m_string;
std::shared_ptr<RunTimeString> m_string;
};

2
src/actions/set_rsc.h
View File

@@ -43,7 +43,7 @@ class SetRSC : public Action {
bool init(std::string *error) override;
private:
std::unique_ptr<RunTimeString> m_string;
std::shared_ptr<RunTimeString> m_string;
};

2
src/actions/set_sid.h
View File

@@ -43,7 +43,7 @@ class SetSID : public Action {
bool init(std::string *error) override;
private:
std::unique_ptr<RunTimeString> m_string;
std::shared_ptr<RunTimeString> m_string;
};

2
src/actions/set_uid.h
View File

@@ -43,7 +43,7 @@ class SetUID : public Action {
bool init(std::string *error) override;
private:
std::unique_ptr<RunTimeString> m_string;
std::shared_ptr<RunTimeString> m_string;
};

4
src/actions/set_var.h
View File

@@ -63,8 +63,8 @@ class SetVar : public Action {
private:
SetVarOperation m_operation;
std::unique_ptr<modsecurity::variables::Variable> m_variable;
std::unique_ptr<RunTimeString> m_string;
std::shared_ptr<modsecurity::variables::Variable> m_variable;
std::shared_ptr<RunTimeString> m_string;
};
} // namespace actions

12
src/actions/severity.cc
View File

@@ -72,17 +72,7 @@ bool Severity::init(std::string *error) {
bool Severity::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
ms_dbg_a(transaction, 9, "This rule severity is: " + \
std::to_string(this->m_severity) + " current transaction is: " + \
std::to_string(transaction->m_highestSeverityAction));
rm->m_severity = m_severity;
if (transaction->m_highestSeverityAction > this->m_severity) {
transaction->m_highestSeverityAction = this->m_severity;
}
RuleMessage &rm) {
return true;
}

2
src/actions/severity.h
View File

@@ -36,7 +36,7 @@ class Severity : public Action {
m_severity(0) { }
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
bool init(std::string *error) override;
int m_severity;

4
src/actions/tag.cc
View File

@@ -58,11 +58,11 @@ std::string Tag::getName(Transaction *transaction) {
bool Tag::evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) {
RuleMessage &rm) {
std::string tag = getName(transaction);
ms_dbg_a(transaction, 9, "Rule tag: " + tag);
rm->m_tags.push_back(tag);
rm.m_tags.push_back(tag);
return true;
}

4
src/actions/tag.h
View File

@@ -39,10 +39,10 @@ class Tag : public Action {
std::string getName(Transaction *transaction);
bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> rm) override;
RuleMessage &rm) override;
protected:
std::unique_ptr<RunTimeString> m_string;
std::shared_ptr<RunTimeString> m_string;
};

1
src/actions/ver.cc
View File

@@ -28,7 +28,6 @@ namespace actions {
bool Ver::evaluate(RuleWithActions *rule, Transaction *transaction) {
rule->m_ver = m_parser_payload;
return true;
}