Adds operation unset to setVar action

2025-08-13 21:36:00 +03:00 · 2017-01-17 15:04:41 -03:00 · 2017-01-17 15:04:41 -03:00 · b516cc6de1
commit b516cc6de1
parent e95555132e
3 changed files with 17 additions and 6 deletions
--- a/src/actions/set_var.cc
+++ b/src/actions/set_var.cc
@ -46,7 +46,7 @@ bool SetVar::init(std::string *error) {
    }

    // Resolv operation
-    m_operation = setToOne;
+    m_operation = setToOneOperation;
    pos = m_parser_payload.find("=");
    if (pos != std::string::npos) {
        m_operation = setOperation;
@ -71,7 +71,7 @@ bool SetVar::init(std::string *error) {
    }

    // Variable name
-    if (m_operation == setToOne) {
+    if (m_operation == setToOneOperation) {
        m_variableName = std::string(m_parser_payload, pos + 1,
            m_parser_payload.length()
            - (pos + 1));
@ -111,8 +111,12 @@ bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) {

    if (m_operation == setOperation) {
        targetValue = resolvedPre;
-    } else if (m_operation == setToOne) {
+    } else if (m_operation == setToOneOperation) {
        targetValue = std::string("1");
+    } else if (m_operation == unsetOperation) {
+        transm_parser_payload->m_collections.del(m_collectionName + ":" +
+            m_variableNameExpanded);
+        goto end;
    } else {
        int pre = 0;
        int value = 0;
@ -151,6 +155,7 @@ bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) {
    transm_parser_payload->m_collections.storeOrUpdateFirst(m_collectionName,
        m_variableNameExpanded, targetValue);

+end:
    return true;
 }

--- a/src/actions/set_var.h
+++ b/src/actions/set_var.h
@ -34,7 +34,9 @@ enum SetVarOperation {
    /* read variable, substract predicate and set */
    substractAndSetOperation,
    /* set variable to 1 */
-    setToOne
+    setToOneOperation,
+    /* unset operation */
+    unsetOperation,
 };

 class SetVar : public Action {
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@ -374,6 +374,7 @@ using modsecurity::operators::Operator;
  SETVAR_OPERATION_EQUALS
  SETVAR_OPERATION_EQUALS_PLUS
  SETVAR_OPERATION_EQUALS_MINUS
+  NOT                                          "NOT"
  ;

 %token <std::string>
@ -515,7 +516,6 @@ using modsecurity::operators::Operator;
  DIRECTIVE                                    "DIRECTIVE"
  DIRECTIVE_SECRULESCRIPT                      "DIRECTIVE_SECRULESCRIPT"
  FREE_TEXT                                    "FREE_TEXT"
-  NOT                                          "NOT"
  OPERATOR                                     "OPERATOR"
  OPERATOR_BEGINS_WITH                         "OPERATOR_BEGINS_WITH"
  OPERATOR_CONTAINS                            "OPERATOR_CONTAINS"
@ -2063,9 +2063,13 @@ act:
      {
        ACTION_CONTAINER($$, new actions::SetUID($1));
      }
+    | ACTION_SETVAR NOT VARIABLE
+      {
+        ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::unsetOperation, $3));
+      }
    | ACTION_SETVAR VARIABLE
      {
-        ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setToOne, $2));
+        ACTION_CONTAINER($$, new actions::SetVar(actions::SetVarOperation::setToOneOperation, $2));
      }
    | ACTION_SETVAR VARIABLE SETVAR_OPERATION_EQUALS FREE_TEXT
      {