github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 03:34:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Detect and prevent multipart evasion.

Browse Source
This commit is contained in:
ivanr
2007-08-09 10:50:53 +00:00
parent cb0cb93752
commit c520886e10
3 changed files with 187 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

146
apache2/re_variables.c
View File

@@ -1224,6 +1224,86 @@ static int var_modsec_build_generate(modsec_rec *msr, msre_var *var, msre_rule *
return var_simple_generate(var, vartab, mptmp, modsec_build(mptmp));
}
/* MULTIPART_BOUNDARY_QUOTED */
static int var_multipart_boundary_quoted_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
if ((msr->mpd != NULL)&&(msr->mpd->flag_boundary_quoted != 0)) {
return var_simple_generate(var, vartab, mptmp, "1");
} else {
return var_simple_generate(var, vartab, mptmp, "0");
}
}
/* MULTIPART_DATA_AFTER */
static int var_multipart_data_after_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
if ((msr->mpd != NULL)&&(msr->mpd->flag_data_after != 0)) {
return var_simple_generate(var, vartab, mptmp, "1");
} else {
return var_simple_generate(var, vartab, mptmp, "0");
}
}
/* MULTIPART_DATA_BEFORE */
static int var_multipart_data_before_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
if ((msr->mpd != NULL)&&(msr->mpd->flag_data_before != 0)) {
return var_simple_generate(var, vartab, mptmp, "1");
} else {
return var_simple_generate(var, vartab, mptmp, "0");
}
}
/* MULTIPART_HEADER_FOLDING */
static int var_multipart_header_folding_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
if ((msr->mpd != NULL)&&(msr->mpd->flag_header_folding != 0)) {
return var_simple_generate(var, vartab, mptmp, "1");
} else {
return var_simple_generate(var, vartab, mptmp, "0");
}
}
/* MULTIPART_LF_LINE */
static int var_multipart_lf_line_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
if ((msr->mpd != NULL)&&(msr->mpd->flag_lf_line != 0)) {
return var_simple_generate(var, vartab, mptmp, "1");
} else {
return var_simple_generate(var, vartab, mptmp, "0");
}
}
/* MULTIPART_STRICT_ERROR */
static int var_multipart_strict_error_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
if (msr->mpd != NULL) {
/* Respond positive if at least one of the multipart flags is raised. */
if ( (msr->mpd->flag_boundary_quoted != 0)
||(msr->mpd->flag_data_before != 0)
||(msr->mpd->flag_data_after != 0)
||(msr->mpd->flag_header_folding != 0)
||(msr->mpd->flag_lf_line != 0)
) {
return var_simple_generate(var, vartab, mptmp, "1");
}
}
return var_simple_generate(var, vartab, mptmp, "0");
}
/* TIME */
static int var_time_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
@@ -2145,6 +2225,72 @@ void msre_engine_register_default_variables(msre_engine *engine) {
PHASE_REQUEST_HEADERS
);
/* MULTIPART_BOUNDARY_QUOTED */
msre_engine_variable_register(engine,
"MULTIPART_BOUNDARY_QUOTED",
VAR_SIMPLE,
0, 0,
NULL,
var_multipart_boundary_quoted_generate,
VAR_CACHE,
PHASE_REQUEST_BODY
);
/* MULTIPART_DATA_AFTER */
msre_engine_variable_register(engine,
"MULTIPART_DATA_AFTER",
VAR_SIMPLE,
0, 0,
NULL,
var_multipart_data_after_generate,
VAR_CACHE,
PHASE_REQUEST_BODY
);
/* MULTIPART_DATA_BEFORE */
msre_engine_variable_register(engine,
"MULTIPART_DATA_BEFORE",
VAR_SIMPLE,
0, 0,
NULL,
var_multipart_data_before_generate,
VAR_CACHE,
PHASE_REQUEST_BODY
);
/* MULTIPART_HEADER_FOLDING */
msre_engine_variable_register(engine,
"MULTIPART_HEADER_FOLDING",
VAR_SIMPLE,
0, 0,
NULL,
var_multipart_header_folding_generate,
VAR_CACHE,
PHASE_REQUEST_BODY
);
/* MULTIPART_LF_LINE */
msre_engine_variable_register(engine,
"MULTIPART_LF_LINE",
VAR_SIMPLE,
0, 0,
NULL,
var_multipart_lf_line_generate,
VAR_CACHE,
PHASE_REQUEST_BODY
);
/* MULTIPART_STRICT_ERROR */
msre_engine_variable_register(engine,
"MULTIPART_STRICT_ERROR",
VAR_SIMPLE,
0, 0,
NULL,
var_multipart_strict_error_generate,
VAR_CACHE,
PHASE_REQUEST_BODY
);
/* PATH_INFO */
msre_engine_variable_register(engine,
"PATH_INFO",