github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix argument uri decode order

Browse Source 
The uri decode happens after the string is splitted, not before.
This commit is contained in:
Felipe Zimmerle 2016-06-17 15:34:06 -03:00
parent dbaf79fb8e
commit c5262d54f2
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
2 changed files with 49 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/transaction.cc
View File

@ -254,6 +254,8 @@ bool Transaction::extractArguments(const std::string &orig,
i++; i++;
} }
key = uri_decode(key);
value = uri_decode(value);
addArgument(orig, key, value); addArgument(orig, key, value);
} }
} }
@ -391,16 +393,8 @@ int Transaction::processURI(const char *uri, const char *method,
m_collections.store("REQUEST_URI_RAW", uri); m_collections.store("REQUEST_URI_RAW", uri);
if (pos != std::string::npos && (m_uri_decoded.length() - pos) > 2) { if (pos != std::string::npos && (m_uri_decoded.length() - pos) > 2) {
/** extractArguments("GET", std::string(uri_s, pos_raw + 1,
* FIXME: uri_s.length() - (pos_raw + 1)));
*
* This is configurable by secrules, we should respect whatever
* the secrules said about it.
*
*/
std::string sets(m_uri_decoded, pos + 1, m_uri_decoded.length() -
(pos + 1));
extractArguments("GET", sets);
} }
return true; return true;
} }
@ -648,11 +642,7 @@ int Transaction::processRequestBody() {
m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0"); m_collections.storeOrUpdateFirst("REQBODY_PROCESSOR_ERROR", "0");
} }
} else if (m_requestBodyType == WWWFormUrlEncoded) { } else if (m_requestBodyType == WWWFormUrlEncoded) {
std::string content = uri_decode(m_requestBody.str()); extractArguments("POST", m_requestBody.str());
if (content.empty() == false) {
content.pop_back();
}
extractArguments("POST", content);
} else { } else {
std::string *a = m_collections.resolveFirst( std::string *a = m_collections.resolveFirst(
"REQUEST_HEADERS:Content-Type"); "REQUEST_HEADERS:Content-Type");

45
test/test-cases/regression/variable-ARGS_GET.json
View File

@ -2,7 +2,7 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Variables :: ARGS_GET (1/2)", "title":"Testing Variables :: ARGS_GET (1/3)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -43,7 +43,7 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Testing Variables :: ARGS_GET (2/2)", "title":"Testing Variables :: ARGS_GET (2/3)",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -80,6 +80,47 @@
"SecDebugLogLevel 9", "SecDebugLogLevel 9",
"SecRule ARGS_GET \"@contains test \" \"id:1,pass,t:trim\"" "SecRule ARGS_GET \"@contains test \" \"id:1,pass,t:trim\""
] ]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: ARGS_GET (3/3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value%26withsomestuff=tootherstuff",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"other_value&withsomestuff=tootherstuff\""
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule ARGS_GET \"@contains test \" \"id:1,pass,t:trim\""
]
} }
] ]