github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 03:34:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds verbose message when a resource is not found.

Browse Source 
Fix #1309
This commit is contained in:
Felipe Zimmerle
2017-05-02 13:38:41 -03:00
parent 77a658c7cd
commit c97db2f361
10 changed files with 906 additions and 831 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/operators/pm_from_file.cc
View File

@@ -38,11 +38,12 @@ bool PmFromFile::init(const std::string &config, std::string *error) {
}
iss = new std::stringstream(client.content);
} else {
std::string resource = utils::find_resource(m_param, config);
std::string err;
std::string resource = utils::find_resource(m_param, config, &err);
iss = new std::ifstream(resource, std::ios::in);
if (((std::ifstream *)iss)->is_open() == false) {
error->assign("Failed to open file: " + m_param);
error->assign("Failed to open file: " + m_param + ". " + err);
delete iss;
return false;
}

5
src/operators/validate_dtd.cc
View File

@@ -26,9 +26,10 @@ namespace operators {
bool ValidateDTD::init(const std::string &file, std::string *error) {
m_resource = utils::find_resource(m_param, file);
std::string err;
m_resource = utils::find_resource(m_param, file, &err);
if (m_resource == "") {
error->assign("XML: File not found: " + m_param + ".");
error->assign("XML: File not found: " + m_param + ". " + err);
return false;
}

5
src/operators/validate_schema.cc
View File

@@ -26,9 +26,10 @@ namespace modsecurity {
namespace operators {
bool ValidateSchema::init(const std::string &file, std::string *error) {
m_resource = utils::find_resource(m_param, file);
std::string err;
m_resource = utils::find_resource(m_param, file, &err);
if (m_resource == "") {
error->assign("XML: File not found: " + m_param + ".");
error->assign("XML: File not found: " + m_param + ". " + err);
return false;
}

1596
src/parser/seclang-parser.cc
View File

File diff suppressed because it is too large Load Diff

10
src/parser/seclang-parser.yy
View File

@@ -1204,8 +1204,16 @@ expression:
| CONFIG_DIR_GEO_DB
{
#ifdef WITH_GEOIP
std::string err;
std::string file = modsecurity::utils::find_resource($1,
driver.ref.back());
driver.ref.back(), &err);
if (file.empty()) {
std::stringstream ss;
ss << "Failed to load locate the GeoDB file from: " << $1 << " ";
ss << err;
driver.error(@0, ss.str());
YYERROR;
}
if (GeoLookup::getInstance().setDataBase(file) == false) {
std::stringstream ss;
ss << "Failed to load the GeoDB from: ";

31
src/parser/seclang-scanner.cc
View File

@@ -3903,7 +3903,7 @@ static const flex_int16_t yy_rule_linenum[404] =
814, 815, 817, 818, 823, 828, 829, 830, 831, 836,
840, 844, 845, 846, 850, 851, 852, 857, 859, 860,
885, 909, 936
885, 911, 939
} ;
/* The intent behind this definition is that it'll catch
@@ -6490,21 +6490,23 @@ case 401:
YY_RULE_SETUP
#line 885 "seclang-scanner.ll"
{
std::string err;
const char *file = strchr(yytext, ' ') + 1;
std::string fi = modsecurity::utils::find_resource(file, driver.ref.back());
std::string fi = modsecurity::utils::find_resource(file, driver.ref.back(), &err);
if (fi.empty() == true) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", file + std::string(": Not able to open file."));
driver.error (*driver.loc.back(), "", file + std::string(": Not able to open file. ") + err);
throw p::syntax_error(*driver.loc.back(), "");
}
std::list<std::string> files = modsecurity::utils::expandEnv(fi, 0);
files.reverse();
for (auto& s: files) {
std::string f = modsecurity::utils::find_resource(s, driver.ref.back());
std::string err;
std::string f = modsecurity::utils::find_resource(s, driver.ref.back(), &err);
yyin = fopen(f.c_str(), "r" );
if (!yyin) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file."));
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file. ") + err);
throw p::syntax_error(*driver.loc.back(), "");
}
driver.ref.push_back(f);
@@ -6515,25 +6517,26 @@ YY_RULE_SETUP
YY_BREAK
case 402:
YY_RULE_SETUP
#line 909 "seclang-scanner.ll"
#line 911 "seclang-scanner.ll"
{
std::string err;
const char *file = strchr(yytext, ' ') + 1;
char *f = strdup(file + 1);
f[strlen(f)-1] = '\0';
std::string fi = modsecurity::utils::find_resource(f, driver.ref.back());
std::string fi = modsecurity::utils::find_resource(f, driver.ref.back(), &err);
if (fi.empty() == true) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", file + std::string(": Not able to open file."));
driver.error (*driver.loc.back(), "", file + std::string(": Not able to open file. ") + err);
throw p::syntax_error(*driver.loc.back(), "");
}
std::list<std::string> files = modsecurity::utils::expandEnv(fi, 0);
files.reverse();
for (auto& s: files) {
std::string f = modsecurity::utils::find_resource(s, driver.ref.back());
std::string f = modsecurity::utils::find_resource(s, driver.ref.back(), &err);
yyin = fopen(f.c_str(), "r" );
if (!yyin) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file."));
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file. ") + err);
throw p::syntax_error(*driver.loc.back(), "");
}
driver.ref.push_back(f.c_str());
@@ -6546,7 +6549,7 @@ YY_RULE_SETUP
case 403:
/* rule 403 can match eol */
YY_RULE_SETUP
#line 936 "seclang-scanner.ll"
#line 939 "seclang-scanner.ll"
{
HttpsClient c;
std::string key;
@@ -6580,10 +6583,10 @@ YY_RULE_SETUP
YY_BREAK
case 404:
YY_RULE_SETUP
#line 968 "seclang-scanner.ll"
#line 971 "seclang-scanner.ll"
ECHO;
YY_BREAK
#line 6586 "seclang-scanner.cc"
#line 6589 "seclang-scanner.cc"
case YY_END_OF_BUFFER:
{
@@ -7684,7 +7687,7 @@ void yyfree (void * ptr )
/* %ok-for-header */
#line 968 "seclang-scanner.ll"
#line 971 "seclang-scanner.ll"
namespace modsecurity {

19
src/parser/seclang-scanner.ll
View File

@@ -882,21 +882,23 @@ EQUALS_MINUS (?i:=\-)
{CONFIG_INCLUDE}[ ]{CONFIG_VALUE_PATH} {
std::string err;
const char *file = strchr(yytext, ' ') + 1;
std::string fi = modsecurity::utils::find_resource(file, driver.ref.back());
std::string fi = modsecurity::utils::find_resource(file, driver.ref.back(), &err);
if (fi.empty() == true) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", file + std::string(": Not able to open file."));
driver.error (*driver.loc.back(), "", file + std::string(": Not able to open file. ") + err);
throw p::syntax_error(*driver.loc.back(), "");
}
std::list<std::string> files = modsecurity::utils::expandEnv(fi, 0);
files.reverse();
for (auto& s: files) {
std::string f = modsecurity::utils::find_resource(s, driver.ref.back());
std::string err;
std::string f = modsecurity::utils::find_resource(s, driver.ref.back(), &err);
yyin = fopen(f.c_str(), "r" );
if (!yyin) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file."));
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file. ") + err);
throw p::syntax_error(*driver.loc.back(), "");
}
driver.ref.push_back(f);
@@ -906,23 +908,24 @@ EQUALS_MINUS (?i:=\-)
}
{CONFIG_INCLUDE}[ ]["]{CONFIG_VALUE_PATH}["] {
std::string err;
const char *file = strchr(yytext, ' ') + 1;
char *f = strdup(file + 1);
f[strlen(f)-1] = '\0';
std::string fi = modsecurity::utils::find_resource(f, driver.ref.back());
std::string fi = modsecurity::utils::find_resource(f, driver.ref.back(), &err);
if (fi.empty() == true) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", file + std::string(": Not able to open file."));
driver.error (*driver.loc.back(), "", file + std::string(": Not able to open file. ") + err);
throw p::syntax_error(*driver.loc.back(), "");
}
std::list<std::string> files = modsecurity::utils::expandEnv(fi, 0);
files.reverse();
for (auto& s: files) {
std::string f = modsecurity::utils::find_resource(s, driver.ref.back());
std::string f = modsecurity::utils::find_resource(s, driver.ref.back(), &err);
yyin = fopen(f.c_str(), "r" );
if (!yyin) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file."));
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file. ") + err);
throw p::syntax_error(*driver.loc.back(), "");
}
driver.ref.push_back(f.c_str());

11
src/utils/system.cc
View File

@@ -59,21 +59,26 @@ double cpu_seconds(void) {
std::string find_resource(const std::string& resource,
const std::string& config) {
const std::string& config, std::string *err) {
std::ifstream *iss;
err->assign("Looking at: ");
// Trying absolute or relative to the current dir.
iss = new std::ifstream(resource, std::ios::in);
if (iss->is_open()) {
iss->close();
delete iss;
return resource;
} else {
err->append("'" + resource + "', ");
}
delete iss;
// What about `*' ?
if (utils::expandEnv(resource, 0).size() > 1) {
return resource;
} else {
err->append("'" + resource + "', ");
}
// Trying the same path of the configuration file.
@@ -83,12 +88,16 @@ std::string find_resource(const std::string& resource,
iss->close();
delete iss;
return f;
} else {
err->append("'" + f + "', ");
}
delete iss;
// What about `*' ?
if (utils::expandEnv(f, 0).size() > 1) {
return f;
} else {
err->append("'" + f + "'.");
}
return std::string("");

3
src/utils/system.h
View File

@@ -29,7 +29,8 @@ namespace utils {
double cpu_seconds(void);
std::string find_resource(const std::string& file, const std::string& param);
std::string find_resource(const std::string& file, const std::string& param,
std::string *err);
std::string get_path(const std::string& file);
std::list<std::string> expandEnv(const std::string& var, int flags);
bool createDir(std::string dir, int mode, std::string *error);