Adds support to SecResponseBodyMimeTypesClear

2025-09-30 03:34:29 +03:00 · 2017-08-16 20:52:05 -03:00
parent 48f1470269
commit b4051246b1
8 changed files with 5855 additions and 5749 deletions
--- a/src/parser/seclang-parser.cc
+++ b/src/parser/seclang-parser.cc
--- a/src/parser/seclang-parser.hh
+++ b/src/parser/seclang-parser.hh
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -353,6 +353,7 @@ using modsecurity::operators::Operator;
  END  0  "end of file"
  COMMA    ","
  CONFIG_CONTENT_INJECTION                     "CONFIG_CONTENT_INJECTION"
+  CONGIG_DIR_RESPONSE_BODY_MP_CLEAR            "CONGIG_DIR_RESPONSE_BODY_MP_CLEAR"
  PIPE
  NEW_LINE
  VAR_COUNT
@@ -1362,12 +1363,19 @@ expression:
        std::istringstream buf($1);
        std::istream_iterator<std::string> beg(buf), end;
        std::set<std::string> tokens(beg, end);
+        driver.m_responseBodyTypeToBeInspected.m_set = true;
        for (std::set<std::string>::iterator it=tokens.begin();
            it!=tokens.end(); ++it)
        {
-            driver.m_responseBodyTypeToBeInspected.insert(*it);
+            driver.m_responseBodyTypeToBeInspected.m_value.insert(*it);
        }
      }
+    | CONGIG_DIR_RESPONSE_BODY_MP_CLEAR
+      {
+        driver.m_responseBodyTypeToBeInspected.m_set = true;
+        driver.m_responseBodyTypeToBeInspected.m_clear = true;
+        driver.m_responseBodyTypeToBeInspected.m_value.clear();
+      }
    | CONFIG_XML_EXTERNAL_ENTITY CONFIG_VALUE_OFF
      {
        driver.m_secXMLExternalEntity = modsecurity::RulesProperties::FalseConfigBoolean;
--- a/src/parser/seclang-scanner.cc
+++ b/src/parser/seclang-scanner.cc
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@@ -316,6 +316,7 @@ CONFIG_VALUE_SERIAL                     (?i:Serial)
 CONFIG_VALUE_WARN                       (?i:Warn)
 CONFIG_XML_EXTERNAL_ENTITY              (?i:SecXmlExternalEntity)
 CONGIG_DIR_RESPONSE_BODY_MP             (?i:SecResponseBodyMimeType)
+CONGIG_DIR_RESPONSE_BODY_MP_CLEAR       (?i:SecResponseBodyMimeTypesClear)
 CONGIG_DIR_SEC_ARG_SEP                  (?i:SecArgumentSeparator)
 CONGIG_DIR_SEC_COOKIE_FORMAT            (?i:SecCookieFormat)
 CONGIG_DIR_SEC_DATA_DIR                 (?i:SecDataDir)
@@ -632,6 +633,7 @@ EQUALS_MINUS                            (?i:=\-)
 {CONFIG_VALUE_WARN}                                                     { return p::make_CONFIG_VALUE_WARN(yytext, *driver.loc.back()); }
 {CONFIG_XML_EXTERNAL_ENTITY}                                            { return p::make_CONFIG_XML_EXTERNAL_ENTITY(yytext, *driver.loc.back()); }
 {CONGIG_DIR_RESPONSE_BODY_MP}[ ]{FREE_TEXT_NEW_LINE}                    { return p::make_CONGIG_DIR_RESPONSE_BODY_MP(strchr(yytext, ' ') + 1, *driver.loc.back()); }
+{CONGIG_DIR_RESPONSE_BODY_MP_CLEAR}                                     { return p::make_CONGIG_DIR_RESPONSE_BODY_MP_CLEAR(*driver.loc.back()); }
 {CONGIG_DIR_SEC_ARG_SEP}[ ]{FREE_TEXT_NEW_LINE}                         { return p::make_CONGIG_DIR_SEC_ARG_SEP(yytext, *driver.loc.back()); }
 {CONGIG_DIR_SEC_COOKIE_FORMAT}[ ]{CONFIG_VALUE_NUMBER}                  { return p::make_CONGIG_DIR_SEC_COOKIE_FORMAT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
 {CONGIG_DIR_SEC_DATA_DIR}[ \t]+{CONFIG_VALUE_PATH}                      { return p::make_CONGIG_DIR_SEC_DATA_DIR(parserSanitizer(strchr(yytext, ' ') + 1), *driver.loc.back()); }
--- a/src/transaction.cc
+++ b/src/transaction.cc
@@ -1069,9 +1069,9 @@ int Transaction::processResponseBody() {
        return true;
    }

-    std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
+    std::set<std::string> &bi = m_rules->m_responseBodyTypeToBeInspected.m_value;
    auto t = bi.find(m_variableResponseContentType.m_value);
-    if (t == bi.end() && bi.empty() == false) {
+    if (t == bi.end() && m_rules->m_responseBodyTypeToBeInspected.m_set == true) {
 #ifndef NO_LOGS
        debug(5, "Response Content-Type is " \
            + m_variableResponseContentType.m_value \
@@ -1094,7 +1094,7 @@ int Transaction::processResponseBody() {
    m_variableResponseContentLength.set(std::to_string(
        m_responseBody.str().size()), m_variableOffset);

-    this->m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
+    m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
    return true;
 }

@@ -1120,7 +1120,7 @@ int Transaction::processResponseBody() {
 int Transaction::appendResponseBody(const unsigned char *buf, size_t len) {
    int current_size = this->m_responseBody.tellp();

-    std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
+    std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected.m_value;
    auto t = bi.find(m_variableResponseContentType.m_value);
    if (t == bi.end() && bi.empty() == false) {
 #ifndef NO_LOGS