diff --git a/src/actions/transformations/remove_comments.cc b/src/actions/transformations/remove_comments.cc index f892ac2f..8d6afcac 100644 --- a/src/actions/transformations/remove_comments.cc +++ b/src/actions/transformations/remove_comments.cc @@ -30,25 +30,87 @@ namespace modsecurity { namespace actions { namespace transformations { -RemoveComments::RemoveComments(std::string action) - : Transformation(action) { - this->action_kind = 1; -} std::string RemoveComments::evaluate(std::string value, Transaction *transaction) { - /** - * @todo Implement the transformation RemoveComments - */ - if (transaction) { -#ifndef NO_LOGS - transaction->debug(4, "Transformation RemoveComments is not " \ - "implemented yet."); -#endif + std::string ret; + unsigned char *input = NULL; + + input = reinterpret_cast + (malloc(sizeof(char) * value.length()+1)); + + if (input == NULL) { + return ""; } - return value; + + memcpy(input, value.c_str(), value.length()+1); + + u_int64_t input_len = value.size(); + u_int64_t i, j, incomment; + int changed = 0; + + i = j = incomment = 0; + while (i < input_len) { + if (incomment == 0) { + if ((input[i] == '/') && (i + 1 < input_len) + && (input[i + 1] == '*')) { + changed = 1; + incomment = 1; + i += 2; + } else if ((input[i] == '<') && (i + 1 < input_len) + && (input[i + 1] == '!') && (i + 2 < input_len) + && (input[i+2] == '-') && (i + 3 < input_len) + && (input[i + 3] == '-') && (incomment == 0)) { + incomment = 1; + changed = 1; + i += 4; + } else if ((input[i] == '-') && (i + 1 < input_len) + && (input[i + 1] == '-') && (incomment == 0)) { + changed = 1; + input[i] = ' '; + break; + } else if (input[i] == '#' && (incomment == 0)) { + changed = 1; + input[i] = ' '; + break; + } else { + input[j] = input[i]; + i++; + j++; + } + } else { + if ((input[i] == '*') && (i + 1 < input_len) + && (input[i + 1] == '/')) { + incomment = 0; + i += 2; + input[j] = input[i]; + i++; + j++; + } else if ((input[i] == '-') && (i + 1 < input_len) + && (input[i + 1] == '-') && (i + 2 < input_len) + && (input[i+2] == '>')) { + incomment = 0; + i += 3; + input[j] = input[i]; + i++; + j++; + } else { + i++; + } + } + } + + if (incomment) { + input[j++] = ' '; + } + + ret.assign(reinterpret_cast(input), j); + free(input); + + return ret; } + } // namespace transformations } // namespace actions } // namespace modsecurity diff --git a/src/actions/transformations/remove_comments.h b/src/actions/transformations/remove_comments.h index 4a3f5acc..e8f526dd 100644 --- a/src/actions/transformations/remove_comments.h +++ b/src/actions/transformations/remove_comments.h @@ -28,13 +28,16 @@ class Transaction; namespace actions { namespace transformations { + class RemoveComments : public Transformation { public: - explicit RemoveComments(std::string action); + explicit RemoveComments(std::string action) : Transformation(action) { } + std::string evaluate(std::string exp, Transaction *transaction) override; }; + } // namespace transformations } // namespace actions } // namespace modsecurity diff --git a/src/actions/transformations/transformation.cc b/src/actions/transformations/transformation.cc index 06839397..67602b91 100644 --- a/src/actions/transformations/transformation.cc +++ b/src/actions/transformations/transformation.cc @@ -98,7 +98,7 @@ Transformation* Transformation::instantiate(std::string a) { IF_MATCH(parity_odd_7bit) { return new ParityOdd7bit(a); } IF_MATCH(parity_zero_7bit) { return new ParityZero7bit(a); } IF_MATCH(removeCommentsChar) { return new RemoveCommentsChar(a); } - IF_MATCH(remove_comments) { return new RemoveComments(a); } + IF_MATCH(removeComments) { return new RemoveComments(a); } IF_MATCH(removeNulls) { return new RemoveNulls(a); } IF_MATCH(removeWhitespace) { return new RemoveWhitespace(a); } IF_MATCH(compressWhitespace) { return new CompressWhitespace(a); }