github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Parse fix: accepting variables in between quotes

Browse Source
This commit is contained in:
Felipe Zimmerle 2017-03-29 19:56:19 -03:00
parent c7053e572f
commit b3c8e97ff7
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
5 changed files with 4432 additions and 4327 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2477
src/parser/seclang-parser.cc
View File

File diff suppressed because it is too large Load Diff

39
src/parser/seclang-parser.hh
View File

@ -770,7 +770,7 @@ namespace yy {
// "OPERATOR_RBL" // "OPERATOR_RBL"
// "OPERATOR_RSUB" // "OPERATOR_RSUB"
// "OPERATOR_RX" // "OPERATOR_RX"
// "Operator Rx" // "Operator RX (content only)"
// "OPERATOR_STR_EQ" // "OPERATOR_STR_EQ"
// "OPERATOR_STR_MATCH" // "OPERATOR_STR_MATCH"
// "OPERATOR_UNCONDITIONAL_MATCH" // "OPERATOR_UNCONDITIONAL_MATCH"
@ -815,6 +815,7 @@ namespace yy {
char dummy4[sizeof(std::unique_ptr<actions::Action>)]; char dummy4[sizeof(std::unique_ptr<actions::Action>)];
// variables // variables
// variables_may_be_quoted
char dummy5[sizeof(std::unique_ptr<std::vector<std::unique_ptr<Variable> > > )]; char dummy5[sizeof(std::unique_ptr<std::vector<std::unique_ptr<Variable> > > )];
// actions // actions
@ -2583,9 +2584,9 @@ namespace yy {
enum enum
{ {
yyeof_ = 0, yyeof_ = 0,
yylast_ = 764, ///< Last index in yytable_. yylast_ = 898, ///< Last index in yytable_.
yynnts_ = 12, ///< Number of nonterminal symbols. yynnts_ = 13, ///< Number of nonterminal symbols.
yyfinal_ = 260, ///< Termination state number. yyfinal_ = 262, ///< Termination state number.
yyterror_ = 1, yyterror_ = 1,
yyerrcode_ = 256, yyerrcode_ = 256,
yyntokens_ = 286 ///< Number of tokens. yyntokens_ = 286 ///< Number of tokens.
@ -2855,7 +2856,7 @@ namespace yy {
case 251: // "OPERATOR_RBL" case 251: // "OPERATOR_RBL"
case 252: // "OPERATOR_RSUB" case 252: // "OPERATOR_RSUB"
case 253: // "OPERATOR_RX" case 253: // "OPERATOR_RX"
case 254: // "Operator Rx" case 254: // "Operator RX (content only)"
case 255: // "OPERATOR_STR_EQ" case 255: // "OPERATOR_STR_EQ"
case 256: // "OPERATOR_STR_MATCH" case 256: // "OPERATOR_STR_MATCH"
case 257: // "OPERATOR_UNCONDITIONAL_MATCH" case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
@ -2895,15 +2896,16 @@ namespace yy {
value.copy< std::unique_ptr<Operator> > (other.value); value.copy< std::unique_ptr<Operator> > (other.value);
break; break;
case 296: // var case 297: // var
value.copy< std::unique_ptr<Variable> > (other.value); value.copy< std::unique_ptr<Variable> > (other.value);
break; break;
case 297: // act case 298: // act
value.copy< std::unique_ptr<actions::Action> > (other.value); value.copy< std::unique_ptr<actions::Action> > (other.value);
break; break;
case 295: // variables case 295: // variables
case 296: // variables_may_be_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (other.value); value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (other.value);
break; break;
@ -3090,7 +3092,7 @@ namespace yy {
case 251: // "OPERATOR_RBL" case 251: // "OPERATOR_RBL"
case 252: // "OPERATOR_RSUB" case 252: // "OPERATOR_RSUB"
case 253: // "OPERATOR_RX" case 253: // "OPERATOR_RX"
case 254: // "Operator Rx" case 254: // "Operator RX (content only)"
case 255: // "OPERATOR_STR_EQ" case 255: // "OPERATOR_STR_EQ"
case 256: // "OPERATOR_STR_MATCH" case 256: // "OPERATOR_STR_MATCH"
case 257: // "OPERATOR_UNCONDITIONAL_MATCH" case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
@ -3130,15 +3132,16 @@ namespace yy {
value.copy< std::unique_ptr<Operator> > (v); value.copy< std::unique_ptr<Operator> > (v);
break; break;
case 296: // var case 297: // var
value.copy< std::unique_ptr<Variable> > (v); value.copy< std::unique_ptr<Variable> > (v);
break; break;
case 297: // act case 298: // act
value.copy< std::unique_ptr<actions::Action> > (v); value.copy< std::unique_ptr<actions::Action> > (v);
break; break;
case 295: // variables case 295: // variables
case 296: // variables_may_be_quoted
value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (v); value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (v);
break; break;
@ -3391,7 +3394,7 @@ namespace yy {
case 251: // "OPERATOR_RBL" case 251: // "OPERATOR_RBL"
case 252: // "OPERATOR_RSUB" case 252: // "OPERATOR_RSUB"
case 253: // "OPERATOR_RX" case 253: // "OPERATOR_RX"
case 254: // "Operator Rx" case 254: // "Operator RX (content only)"
case 255: // "OPERATOR_STR_EQ" case 255: // "OPERATOR_STR_EQ"
case 256: // "OPERATOR_STR_MATCH" case 256: // "OPERATOR_STR_MATCH"
case 257: // "OPERATOR_UNCONDITIONAL_MATCH" case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
@ -3431,15 +3434,16 @@ namespace yy {
value.template destroy< std::unique_ptr<Operator> > (); value.template destroy< std::unique_ptr<Operator> > ();
break; break;
case 296: // var case 297: // var
value.template destroy< std::unique_ptr<Variable> > (); value.template destroy< std::unique_ptr<Variable> > ();
break; break;
case 297: // act case 298: // act
value.template destroy< std::unique_ptr<actions::Action> > (); value.template destroy< std::unique_ptr<actions::Action> > ();
break; break;
case 295: // variables case 295: // variables
case 296: // variables_may_be_quoted
value.template destroy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (); value.template destroy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > ();
break; break;
@ -3632,7 +3636,7 @@ namespace yy {
case 251: // "OPERATOR_RBL" case 251: // "OPERATOR_RBL"
case 252: // "OPERATOR_RSUB" case 252: // "OPERATOR_RSUB"
case 253: // "OPERATOR_RX" case 253: // "OPERATOR_RX"
case 254: // "Operator Rx" case 254: // "Operator RX (content only)"
case 255: // "OPERATOR_STR_EQ" case 255: // "OPERATOR_STR_EQ"
case 256: // "OPERATOR_STR_MATCH" case 256: // "OPERATOR_STR_MATCH"
case 257: // "OPERATOR_UNCONDITIONAL_MATCH" case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
@ -3672,15 +3676,16 @@ namespace yy {
value.move< std::unique_ptr<Operator> > (s.value); value.move< std::unique_ptr<Operator> > (s.value);
break; break;
case 296: // var case 297: // var
value.move< std::unique_ptr<Variable> > (s.value); value.move< std::unique_ptr<Variable> > (s.value);
break; break;
case 297: // act case 298: // act
value.move< std::unique_ptr<actions::Action> > (s.value); value.move< std::unique_ptr<actions::Action> > (s.value);
break; break;
case 295: // variables case 295: // variables
case 296: // variables_may_be_quoted
value.move< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (s.value); value.move< std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > (s.value);
break; break;
@ -5484,7 +5489,7 @@ namespace yy {
} // yy } // yy
#line 5488 "seclang-parser.hh" // lalr1.cc:377 #line 5493 "seclang-parser.hh" // lalr1.cc:377

20
src/parser/seclang-parser.yy
View File

@ -603,7 +603,7 @@ using modsecurity::operators::Operator;
OPERATOR_RBL "OPERATOR_RBL" OPERATOR_RBL "OPERATOR_RBL"
OPERATOR_RSUB "OPERATOR_RSUB" OPERATOR_RSUB "OPERATOR_RSUB"
OPERATOR_RX "OPERATOR_RX" OPERATOR_RX "OPERATOR_RX"
OPERATOR_RX_CONTENT_ONLY "Operator Rx" OPERATOR_RX_CONTENT_ONLY "Operator RX (content only)"
OPERATOR_STR_EQ "OPERATOR_STR_EQ" OPERATOR_STR_EQ "OPERATOR_STR_EQ"
OPERATOR_STR_MATCH "OPERATOR_STR_MATCH" OPERATOR_STR_MATCH "OPERATOR_STR_MATCH"
OPERATOR_UNCONDITIONAL_MATCH "OPERATOR_UNCONDITIONAL_MATCH" OPERATOR_UNCONDITIONAL_MATCH "OPERATOR_UNCONDITIONAL_MATCH"
@ -649,6 +649,7 @@ using modsecurity::operators::Operator;
op op
; ;
%type <std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > variables_may_be_quoted
%type <std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > variables %type <std::unique_ptr<std::vector<std::unique_ptr<Variable> > > > variables
%type <std::unique_ptr<Variable>> var %type <std::unique_ptr<Variable>> var
@ -1297,18 +1298,29 @@ expression:
; ;
variables: variables:
variables PIPE var variables_may_be_quoted
{
$$ = std::move($1);
}
| QUOTATION_MARK variables_may_be_quoted QUOTATION_MARK
{
$$ = std::move($2);
}
;
variables_may_be_quoted:
variables_may_be_quoted PIPE var
{ {
$1->push_back(std::move($3)); $1->push_back(std::move($3));
$$ = std::move($1); $$ = std::move($1);
} }
| variables PIPE VAR_EXCLUSION var | variables_may_be_quoted PIPE VAR_EXCLUSION var
{ {
std::unique_ptr<Variable> c(new VariableModificatorExclusion(std::move($4))); std::unique_ptr<Variable> c(new VariableModificatorExclusion(std::move($4)));
$1->push_back(std::move(c)); $1->push_back(std::move(c));
$$ = std::move($1); $$ = std::move($1);
} }
| variables PIPE VAR_COUNT var | variables_may_be_quoted PIPE VAR_COUNT var
{ {
std::unique_ptr<Variable> c(new VariableModificatorCount(std::move($4))); std::unique_ptr<Variable> c(new VariableModificatorCount(std::move($4)));
$1->push_back(std::move(c)); $1->push_back(std::move(c));

6217
src/parser/seclang-scanner.cc
View File

File diff suppressed because it is too large Load Diff

6
src/parser/seclang-scanner.ll
View File

@ -309,8 +309,8 @@ CONGIG_DIR_SEC_COOKIE_FORMAT (?i:SecCookieFormat)
CONGIG_DIR_SEC_DATA_DIR (?i:SecDataDir) CONGIG_DIR_SEC_DATA_DIR (?i:SecDataDir)
CONGIG_DIR_SEC_STATUS_ENGINE (?i:SecStatusEngine) CONGIG_DIR_SEC_STATUS_ENGINE (?i:SecStatusEngine)
CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir) CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir)
DICT_ELEMENT [^ \t|]+ DICT_ELEMENT ([^\"| \t]|([^\\]\\\"))+
DICT_ELEMENT_WITH_PIPE [^ \t]+ DICT_ELEMENT_WITH_PIPE [^ \t"]+
DICT_ELEMENT_TWO [^\"\=]+ DICT_ELEMENT_TWO [^\"\=]+
@ -757,6 +757,7 @@ EQUALS_MINUS (?i:=\-)
{VAR_EXCLUSION} { return p::make_VAR_EXCLUSION(*driver.loc.back()); } {VAR_EXCLUSION} { return p::make_VAR_EXCLUSION(*driver.loc.back()); }
{VAR_COUNT} { return p::make_VAR_COUNT(*driver.loc.back()); } {VAR_COUNT} { return p::make_VAR_COUNT(*driver.loc.back()); }
["] { return p::make_QUOTATION_MARK(yytext, *driver.loc.back()); }
} }
@ -766,6 +767,7 @@ EQUALS_MINUS (?i:=\-)
['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['] { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); } ['][\/]{DICT_ELEMENT_WITH_PIPE}[\/]['] { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 2, yyleng-4), *driver.loc.back()); }
{DICT_ELEMENT} { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT(yytext, *driver.loc.back()); } {DICT_ELEMENT} { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT(yytext, *driver.loc.back()); }
. { BEGIN(LEXING_ERROR_ACTION); yyless(0); } . { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
["] { return p::make_QUOTATION_MARK(yytext, *driver.loc.back()); }
} }
<EXPECTING_VARIABLE,TRANSACTION_FROM_VARIABLE_TO_OPERATOR>{ <EXPECTING_VARIABLE,TRANSACTION_FROM_VARIABLE_TO_OPERATOR>{