github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Check for disruptive action on SecDefaultAction

Browse Source
This commit is contained in:
Felipe Zimmerle
2018-02-28 13:57:41 -03:00
parent 6842d4bba8
commit c8666fae31
5 changed files with 774 additions and 680 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1365
src/parser/seclang-parser.cc
View File

File diff suppressed because it is too large Load Diff

13
src/parser/seclang-parser.yy
View File

@@ -1145,6 +1145,7 @@ expression:
}
| CONFIG_DIR_SEC_DEFAULT_ACTION actions
{
bool hasDisruptive = false;
std::vector<actions::Action *> *actions = new std::vector<actions::Action *>();
for (auto &i : *$2.get()) {
actions->push_back(i.release());
@@ -1154,6 +1155,9 @@ expression:
int secRuleDefinedPhase = -1;
for (actions::Action *a : *actions) {
actions::Phase *phase = dynamic_cast<actions::Phase *>(a);
if (a->isDisruptive() == true && dynamic_cast<actions::disruptive::Block *>(a) == NULL) {
hasDisruptive = true;
}
if (phase != NULL) {
definedPhase = phase->m_phase;
secRuleDefinedPhase = phase->m_secRulesPhase;
@@ -1175,6 +1179,11 @@ expression:
definedPhase = modsecurity::Phases::RequestHeadersPhase;
}
if (hasDisruptive == false) {
driver.error(@0, "SecDefaultAction must specify a disruptive action.");
YYERROR;
}
if (!driver.m_defaultActions[definedPhase].empty()) {
std::stringstream ss;
ss << "SecDefaultActions can only be placed once per phase and configuration context. Phase ";
@@ -1184,6 +1193,10 @@ expression:
YYERROR;
}
for (actions::Action *a : checkedActions) {
}
for (actions::Action *a : checkedActions) {
driver.m_defaultActions[definedPhase].push_back(a);
}