Changed compared variables of range id intervall in ruleRemoveById ctl action. #2111

* changed the variables in clause * added test case (@theMiddle) * fixes #2111
2025-08-13 13:26:01 +03:00 · 2019-06-04 10:41:57 +00:00 · 2019-06-04 10:41:57 +00:00 · c0142cf326
commit c0142cf326
parent 9ebebfc838
3 changed files with 35 additions and 1 deletions
--- a/Makefile.am
+++ b/Makefile.am
@ -151,6 +151,7 @@ TESTS+=test/test-cases/regression/issue-1941.json
 TESTS+=test/test-cases/regression/issue-1943.json
 TESTS+=test/test-cases/regression/issue-1956.json
 TESTS+=test/test-cases/regression/issue-2099.json
+TESTS+=test/test-cases/regression/issue-2111.json
 TESTS+=test/test-cases/regression/issue-394.json
 TESTS+=test/test-cases/regression/issue-849.json
 TESTS+=test/test-cases/regression/issue-960.json
--- a/src/actions/ctl/rule_remove_by_id.cc
+++ b/src/actions/ctl/rule_remove_by_id.cc
@ -57,7 +57,7 @@ bool RuleRemoveById::init(std::string *error) {
                return false;
            }

-            if (n1s > n2s) {
+            if (n1n > n2n) {
                error->assign("Invalid range: " + b);
                return false;
            }
--- a/test/test-cases/regression/issue-2111.json
+++ b/test/test-cases/regression/issue-2111.json
@ -0,0 +1,33 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing ctl:ruleRemoveById with range - issue 1444",
+    "expected":{
+      "http_code":200
+    },
+    "client":{
+      "ip":"127.0.0.1",
+      "port":123
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*"
+      },
+      "uri":"index.php?foo=bar&z=xxx",
+      "method":"GET",
+      "body": ""
+    },
+    "server":{
+      "ip":"127.0.0.1",
+      "port":80
+    },
+    "rules":[
+        "SecRuleEngine On",
+        "SecRule ARGS:foo \"@rx ^bar$\" \"id:100,phase:1,ctl:ruleRemoveById=200-1999\"",
+        "SecRule ARGS:z \"@rx ^xxx$\" \"id:1010,phase:1,deny,status:403\""
+    ]
+  }
+]